Cancel sign in when user is disabled (#1760)

Author: samtstern

auth/src/main/java/com/firebase/ui/auth/ui/email/WelcomeBackPasswordPrompt.java

@@ -28,11 +28,13 @@
 
 import com.firebase.ui.auth.ErrorCodes;
 import com.firebase.ui.auth.FirebaseAuthAnonymousUpgradeException;
+import com.firebase.ui.auth.FirebaseUiException;
 import com.firebase.ui.auth.IdpResponse;
 import com.firebase.ui.auth.R;
 import com.firebase.ui.auth.data.model.FlowParameters;
 import com.firebase.ui.auth.ui.AppCompatBase;
 import com.firebase.ui.auth.util.ExtraConstants;
+import com.firebase.ui.auth.util.FirebaseAuthError;
 import com.firebase.ui.auth.util.data.PrivacyDisclosureUtils;
 import com.firebase.ui.auth.util.data.ProviderUtils;
 import com.firebase.ui.auth.util.ui.ImeHelper;
@@ -41,7 +43,10 @@
 import com.firebase.ui.auth.viewmodel.email.WelcomeBackPasswordHandler;
 import com.google.android.material.textfield.TextInputLayout;
 import com.google.firebase.auth.AuthCredential;
+import com.google.firebase.auth.FirebaseAuth;
+import com.google.firebase.auth.FirebaseAuthException;
 import com.google.firebase.auth.FirebaseAuthInvalidCredentialsException;
+import com.google.firebase.auth.FirebaseAuthInvalidUserException;
 
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;
@@ -120,9 +125,21 @@ protected void onFailure(@NonNull Exception e) {
                 if (e instanceof FirebaseAuthAnonymousUpgradeException) {
                     IdpResponse response = ((FirebaseAuthAnonymousUpgradeException) e).getResponse();
                     finish(ErrorCodes.ANONYMOUS_UPGRADE_MERGE_CONFLICT, response.toIntent());
-                } else {
-                    mPasswordLayout.setError(getString(getErrorMessage(e)));
+                    return;
                 }
+
+                if (e instanceof FirebaseAuthException) {
+                    FirebaseAuthException authEx = (FirebaseAuthException) e;
+                    FirebaseAuthError error = FirebaseAuthError.fromException(authEx);
+                    if (error == FirebaseAuthError.ERROR_USER_DISABLED) {
+                        IdpResponse resp = IdpResponse.from(
+                                new FirebaseUiException(ErrorCodes.ERROR_USER_DISABLED));
+                        finish(RESULT_CANCELED, resp.toIntent());
+                        return;
+                    }
+                }
+
+                mPasswordLayout.setError(getString(getErrorMessage(e)));
             }
         });
 

auth/src/main/java/com/firebase/ui/auth/ui/idp/AuthMethodPickerActivity.java

@@ -163,12 +163,19 @@ protected void onSuccess(@NonNull IdpResponse response) {
 
             @Override
             protected void onFailure(@NonNull Exception e) {
+                if (e instanceof UserCancellationException) {
+                    // User pressed back, there is no error.
+                    return;
+                }
+
                 if (e instanceof FirebaseAuthAnonymousUpgradeException) {
                     finish(ErrorCodes.ANONYMOUS_UPGRADE_MERGE_CONFLICT,
                             ((FirebaseAuthAnonymousUpgradeException) e).getResponse().toIntent());
-                } else if ((!(e instanceof UserCancellationException))) {
-                    String text = e instanceof FirebaseUiException ? e.getMessage() :
-                            getString(R.string.fui_error_unknown);
+                } else if (e instanceof FirebaseUiException) {
+                    FirebaseUiException fue = (FirebaseUiException) e;
+                    finish(RESULT_CANCELED, IdpResponse.from(fue).toIntent());
+                } else {
+                    String text = getString(R.string.fui_error_unknown);
                     Toast.makeText(AuthMethodPickerActivity.this,
                             text,
                             Toast.LENGTH_SHORT).show();

auth/src/main/java/com/firebase/ui/auth/ui/phone/PhoneActivity.java

@@ -21,6 +21,7 @@
 
 import com.firebase.ui.auth.ErrorCodes;
 import com.firebase.ui.auth.FirebaseAuthAnonymousUpgradeException;
+import com.firebase.ui.auth.FirebaseUiException;
 import com.firebase.ui.auth.IdpResponse;
 import com.firebase.ui.auth.R;
 import com.firebase.ui.auth.data.model.FlowParameters;
@@ -33,6 +34,7 @@
 import com.firebase.ui.auth.viewmodel.ResourceObserver;
 import com.firebase.ui.auth.viewmodel.phone.PhoneProviderResponseHandler;
 import com.google.android.material.textfield.TextInputLayout;
+import com.google.firebase.auth.FirebaseAuth;
 import com.google.firebase.auth.FirebaseAuthException;
 import com.google.firebase.auth.PhoneAuthProvider;
 
@@ -159,8 +161,14 @@ private void handleError(@Nullable Exception e) {
             IdpResponse response = ((FirebaseAuthAnonymousUpgradeException) e).getResponse();
             finish(ErrorCodes.ANONYMOUS_UPGRADE_MERGE_CONFLICT, response.toIntent());
         } else if (e instanceof FirebaseAuthException) {
-            errorView.setError(getErrorMessage(
-                    FirebaseAuthError.fromException((FirebaseAuthException) e)));
+            FirebaseAuthError error = FirebaseAuthError.fromException((FirebaseAuthException) e);
+            if (error == FirebaseAuthError.ERROR_USER_DISABLED) {
+                IdpResponse response = IdpResponse.from(
+                        new FirebaseUiException(ErrorCodes.ERROR_USER_DISABLED));
+                finish(RESULT_CANCELED, response.toIntent());
+                return;
+            }
+            errorView.setError(getErrorMessage(error));
         } else if (e != null) {
             errorView.setError(e.getLocalizedMessage());
         } else {

auth/src/main/java/com/firebase/ui/auth/viewmodel/email/WelcomeBackPasswordHandler.java

@@ -7,6 +7,7 @@
 import com.firebase.ui.auth.data.model.Resource;
 import com.firebase.ui.auth.data.model.User;
 import com.firebase.ui.auth.data.remote.ProfileMerger;
+import com.firebase.ui.auth.util.FirebaseAuthError;
 import com.firebase.ui.auth.util.data.AuthOperationManager;
 import com.firebase.ui.auth.util.data.TaskFailureLogger;
 import com.firebase.ui.auth.viewmodel.SignInViewModelBase;
@@ -19,6 +20,8 @@
 import com.google.firebase.auth.AuthCredential;
 import com.google.firebase.auth.AuthResult;
 import com.google.firebase.auth.EmailAuthProvider;
+import com.google.firebase.auth.FirebaseAuth;
+import com.google.firebase.auth.FirebaseAuthException;
 
 import androidx.annotation.NonNull;
 import androidx.annotation.Nullable;

auth/src/main/java/com/firebase/ui/auth/viewmodel/idp/SocialProviderResponseHandler.java

@@ -15,6 +15,7 @@
 import com.firebase.ui.auth.ui.email.WelcomeBackEmailLinkPrompt;
 import com.firebase.ui.auth.ui.email.WelcomeBackPasswordPrompt;
 import com.firebase.ui.auth.ui.idp.WelcomeBackIdpPrompt;
+import com.firebase.ui.auth.util.FirebaseAuthError;
 import com.firebase.ui.auth.util.data.AuthOperationManager;
 import com.firebase.ui.auth.util.data.ProviderUtils;
 import com.firebase.ui.auth.viewmodel.RequestCodes;
@@ -24,6 +25,8 @@
 import com.google.firebase.auth.AuthCredential;
 import com.google.firebase.auth.AuthResult;
 import com.google.firebase.auth.EmailAuthProvider;
+import com.google.firebase.auth.FirebaseAuth;
+import com.google.firebase.auth.FirebaseAuthException;
 import com.google.firebase.auth.FirebaseAuthInvalidUserException;
 import com.google.firebase.auth.FirebaseAuthUserCollisionException;
 import com.google.firebase.auth.PhoneAuthProvider;
@@ -78,12 +81,28 @@ public void onSuccess(AuthResult result) {
                 .addOnFailureListener(new OnFailureListener() {
                     @Override
                     public void onFailure(@NonNull Exception e) {
-                        if (e instanceof FirebaseAuthUserCollisionException) {
+                        // For some reason disabled users can hit FirebaseAuthUserCollisionException
+                        // so we have to handle this special case.
+                        boolean isDisabledUser = (e instanceof FirebaseAuthInvalidUserException);
+                        if (e instanceof FirebaseAuthException) {
+                            FirebaseAuthException authEx = (FirebaseAuthException) e;
+                            FirebaseAuthError fae = FirebaseAuthError.fromException(authEx);
+                            if (fae == FirebaseAuthError.ERROR_USER_DISABLED) {
+                               isDisabledUser = true;
+                            }
+                        }
+
+                        if (isDisabledUser) {
+                            setResult(Resource.<IdpResponse>forFailure(
+                                    new FirebaseUiException(ErrorCodes.ERROR_USER_DISABLED)
+                            ));
+                        } else if (e instanceof FirebaseAuthUserCollisionException) {
                             final String email = response.getEmail();
                             if (email == null) {
                                 setResult(Resource.<IdpResponse>forFailure(e));
                                 return;
                             }
+
                             // There can be a collision due to:
                             // CASE 1: Anon user signing in with a credential that belongs to an
                             // existing user.
@@ -119,15 +138,6 @@ public void onFailure(@NonNull Exception e) {
                                                     e));
                                         }
                                     });
-                        } else if (e instanceof FirebaseAuthInvalidUserException) {
-                            setResult(Resource.<IdpResponse>forFailure(
-                                    new FirebaseUiException(
-                                            ErrorCodes.ERROR_USER_DISABLED,
-                                            ErrorCodes.toFriendlyMessage(
-                                                    ErrorCodes.ERROR_USER_DISABLED
-                                            )
-                                    )
-                            ));
                         }
                     }
                 });

auth/src/test/java/com/firebase/ui/auth/testhelpers/ResourceMatchers.java

@@ -1,5 +1,7 @@
 package com.firebase.ui.auth.testhelpers;
 
+import com.firebase.ui.auth.FirebaseUiException;
+import com.firebase.ui.auth.IdpResponse;
 import com.firebase.ui.auth.data.model.Resource;
 import com.firebase.ui.auth.data.model.State;
 
@@ -22,6 +24,28 @@ public static <T> ArgumentMatcher<Resource<T>> isFailure() {
         return isState(State.FAILURE);
     }
 
+    public static <T> ArgumentMatcher<Resource<T>> isFailureWithCode(final int code) {
+        return new ArgumentMatcher<Resource<T>>() {
+            @Override
+            public boolean matches(Resource<T> argument) {
+                if (argument.getState() != State.FAILURE) {
+                    return false;
+                }
+
+                if (argument.getException() == null) {
+                    return false;
+                }
+
+                if (!(argument.getException() instanceof FirebaseUiException)) {
+                    return false;
+                }
+
+                FirebaseUiException fue = (FirebaseUiException) argument.getException();
+                return fue.getErrorCode() == code;
+            }
+        };
+    }
+
     public static <T> ArgumentMatcher<Resource<T>> isSuccessWith(final T result) {
         return new ArgumentMatcher<Resource<T>>() {
             @Override

auth/src/test/java/com/firebase/ui/auth/viewmodel/SocialProviderResponseHandlerTest.java

@@ -4,6 +4,7 @@
 import android.app.Application;
 
 import com.firebase.ui.auth.AuthUI;
+import com.firebase.ui.auth.ErrorCodes;
 import com.firebase.ui.auth.FirebaseAuthAnonymousUpgradeException;
 import com.firebase.ui.auth.IdpResponse;
 import com.firebase.ui.auth.data.model.FlowParameters;
@@ -25,9 +26,9 @@
 import com.google.firebase.auth.EmailAuthProvider;
 import com.google.firebase.auth.FacebookAuthProvider;
 import com.google.firebase.auth.FirebaseAuth;
+import com.google.firebase.auth.FirebaseAuthException;
 import com.google.firebase.auth.FirebaseAuthUserCollisionException;
 import com.google.firebase.auth.FirebaseUser;
-import com.google.firebase.auth.GithubAuthProvider;
 import com.google.firebase.auth.GoogleAuthProvider;
 import com.google.firebase.auth.SignInMethodQueryResult;
 
@@ -40,7 +41,6 @@
 import org.mockito.MockitoAnnotations;
 import org.robolectric.RobolectricTestRunner;
 
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 
@@ -121,6 +121,24 @@ public void testSignInResponse_failure() {
         verify(mResultObserver).onChanged(argThat(ResourceMatchers.<IdpResponse>isFailure()));
     }
 
+    @Test
+    public void testSignInIdp_disabled() {
+        mHandler.getOperation().observeForever(mResultObserver);
+
+        when(mMockAuth.signInWithCredential(any(AuthCredential.class)))
+                .thenReturn(AutoCompleteTask.<AuthResult>forFailure(
+                        new FirebaseAuthException("ERROR_USER_DISABLED", "disabled")));
+
+        IdpResponse response = new IdpResponse.Builder(new User.Builder(
+                GoogleAuthProvider.PROVIDER_ID, TestConstants.EMAIL).build())
+                .setToken(TestConstants.TOKEN)
+                .build();
+        mHandler.startSignIn(response);
+
+        verify(mResultObserver).onChanged(
+                argThat(ResourceMatchers.<IdpResponse>isFailureWithCode(ErrorCodes.ERROR_USER_DISABLED)));
+    }
+
     @Test
     public void testSignInIdp_resolution() {
         mHandler.getOperation().observeForever(mResultObserver);