Check error code instead of http code 501

itsmeichigo · itsmeichigo · commit 58d8adb46080 · 2025-08-29T18:17:40.000+07:00
diff --git a/Modules/Sources/NetworkingCore/ApplicationPassword/RequestProcessor.swift b/Modules/Sources/NetworkingCore/ApplicationPassword/RequestProcessor.swift
@@ -107,12 +107,16 @@ private extension RequestProcessor {
             } catch {
                 return false
             }
-        case NetworkError.unacceptableStatusCode(let statusCode, let response) where statusCode == 501:
-            fallthrough // treat this the same as 404 code
         case NetworkError.notFound:
             /// Site doesn't support application password
             delegate?.didFailToAuthenticateRequestWithApplicationPassword(siteID: currentSiteID)
             return false
+        case let networkError as NetworkError:
+            if let code = networkError.errorCode,
+               Constants.disabledCodes.contains(code) {
+                delegate?.didFailToAuthenticateRequestWithApplicationPassword(siteID: currentSiteID)
+            }
+            return false
         default:
             return false
         }
@@ -138,6 +142,15 @@ private extension RequestProcessor {
     }
 }
 
+private extension RequestProcessor {
+    enum Constants {
+        static let disabledCodes = [
+            "application_passwords_disabled",
+            "application_passwords_disabled_for_user"
+        ]
+    }
+}
+
 // MARK: - Application Password Notifications
 //
 public extension NSNotification.Name {
diff --git a/Modules/Sources/NetworkingCore/Network/NetworkError.swift b/Modules/Sources/NetworkingCore/Network/NetworkError.swift
@@ -49,6 +49,16 @@ public enum NetworkError: Error, Equatable {
             return nil
         }
     }
+
+    /// Content of the `code` field in the response if available
+    var errorCode: String? {
+        guard let response else { return nil }
+        let decoder = JSONDecoder()
+        guard let decodedResponse = try? decoder.decode(NetworkErrorResponse.self, from: response) else {
+            return nil
+        }
+        return decodedResponse.code
+    }
 }
 
 
@@ -121,3 +131,28 @@ extension NetworkError: CustomStringConvertible {
         }
     }
 }
+
+struct NetworkErrorResponse: Decodable {
+    let code: String?
+    let message: String?
+
+    init(from decoder: Decoder) throws {
+        let container = try decoder.container(keyedBy: CodingKeys.self)
+        self.code = try {
+            let errorValue = try container.decodeIfPresent(String.self, forKey: .error)
+            if let errorValue {
+                return errorValue
+            }
+            return try container.decodeIfPresent(String.self, forKey: .code)
+        }()
+        self.message = try container.decodeIfPresent(String.self, forKey: .message)
+    }
+
+    /// Coding Keys
+    ///
+    private enum CodingKeys: String, CodingKey {
+        case error
+        case code
+        case message
+    }
+}
diff --git a/Modules/Tests/NetworkingTests/ApplicationPassword/RequestProcessorTests.swift b/Modules/Tests/NetworkingTests/ApplicationPassword/RequestProcessorTests.swift
@@ -326,7 +326,7 @@ final class RequestProcessorTests: XCTestCase {
         }
     }
 
-    func test_delegate_called_when_501_error_occurs_with_wpcom_authentication() throws {
+    func test_delegate_called_when_application_password_disabled() throws {
         // Given
         let session = Alamofire.Session(configuration: URLSessionConfiguration.default)
         let request = try mockRequest()
@@ -338,7 +338,41 @@ final class RequestProcessorTests: XCTestCase {
         sut.updateAuthenticator(mockRequestAuthenticator)
         sut.delegate = mockDelegate
 
-        let notSupportedError = NetworkError.unacceptableStatusCode(statusCode: 501, response: nil)
+        let response = ["error": "application_passwords_disabled"]
+        let data = try JSONEncoder().encode(response)
+        let notSupportedError = NetworkError.unacceptableStatusCode(statusCode: 501, response: data)
+        mockRequestAuthenticator.mockErrorWhileGeneratingPassword = notSupportedError
+
+        // When
+        let error = RequestAuthenticatorError.applicationPasswordNotAvailable
+        let shouldRetry = waitFor { promise in
+            self.sut.retry(request, for: session, dueTo: error) { shouldRetry in
+                promise(shouldRetry)
+            }
+        }
+
+        // Then
+        XCTAssertFalse(shouldRetry.retryRequired)
+        waitUntil {
+            mockDelegate.didFailToAuthenticateRequestForSiteID == 123
+        }
+    }
+
+    func test_delegate_called_when_application_password_disabled_for_user() throws {
+        // Given
+        let session = Alamofire.Session(configuration: URLSessionConfiguration.default)
+        let request = try mockRequest()
+        let wpcomCredentials = Networking.Credentials.wpcom(username: "test", authToken: "token", siteAddress: "test.com")
+        let mockDelegate = MockRequestProcessorDelegate()
+
+        mockRequestAuthenticator.credentials = wpcomCredentials
+        mockRequestAuthenticator.jetpackSiteID = 123
+        sut.updateAuthenticator(mockRequestAuthenticator)
+        sut.delegate = mockDelegate
+
+        let response = ["error": "application_passwords_disabled_for_user"]
+        let data = try JSONEncoder().encode(response)
+        let notSupportedError = NetworkError.unacceptableStatusCode(statusCode: 501, response: data)
         mockRequestAuthenticator.mockErrorWhileGeneratingPassword = notSupportedError
 
         // When
