Return invalid username error instead of unknown error (#2020)

If the username is empty or malformed then a InvalidUsername error is returned instead of UnknownError

Corresponding PR in common repo:
AzureAD/microsoft-authentication-library-common-for-android#2297

msal/src/main/java/com/microsoft/identity/nativeauth/NativeAuthPublicClientApplication.kt

@@ -296,6 +296,14 @@ class NativeAuthPublicClientApplication(
 
             verifyNoUserIsSignedIn()
 
+            if (username.isBlank()) {
+                return@withContext SignInError(
+                    errorType = ErrorTypes.INVALID_USERNAME,
+                    errorMessage = "Empty or blank username",
+                    correlationId = "UNSET"
+                )
+            }
+
             val hasPassword = password?.isNotEmpty() == true
 
             val params =
@@ -357,6 +365,15 @@ class NativeAuthPublicClientApplication(
                             channel = result.challengeChannel
                         )
                     }
+                    is INativeAuthCommandResult.InvalidUsername -> {
+                        SignInError(
+                            errorType = ErrorTypes.INVALID_USERNAME,
+                            errorMessage = result.errorDescription,
+                            error = result.error,
+                            correlationId = result.correlationId,
+                            errorCodes = result.errorCodes
+                        )
+                    }
                     is SignInCommandResult.PasswordRequired -> {
                         if (hasPassword) {
                             Logger.warn(
@@ -491,6 +508,14 @@ class NativeAuthPublicClientApplication(
                 )
             }
 
+            if (username.isBlank()) {
+                return@withContext SignUpError(
+                    errorType = ErrorTypes.INVALID_USERNAME,
+                    errorMessage = "Empty or blank username",
+                    correlationId = "UNSET"
+                )
+            }
+
             val parameters =
                 CommandParametersAdapter.createSignUpStartCommandParameters(
                     nativeAuthConfig,
@@ -604,9 +629,9 @@ class NativeAuthPublicClientApplication(
                         )
                     }
 
-                    is SignUpCommandResult.InvalidEmail -> {
+                    is INativeAuthCommandResult.InvalidUsername -> {
                         SignUpError(
-                            errorType = SignUpErrorTypes.INVALID_USERNAME,
+                            errorType = ErrorTypes.INVALID_USERNAME,
                             error = result.error,
                             errorMessage = result.errorDescription,
                             correlationId = result.correlationId
@@ -687,6 +712,14 @@ class NativeAuthPublicClientApplication(
                 )
             }
 
+            if (username.isBlank()) {
+                return@withContext ResetPasswordError(
+                    errorType = ErrorTypes.INVALID_USERNAME,
+                    errorMessage = "Empty or blank username",
+                    correlationId = "UNSET"
+                )
+            }
+
             val parameters = CommandParametersAdapter.createResetPasswordStartCommandParameters(
                 nativeAuthConfig,
                 nativeAuthConfig.oAuth2TokenCache,
@@ -724,6 +757,16 @@ class NativeAuthPublicClientApplication(
                     )
                 }
 
+                is INativeAuthCommandResult.InvalidUsername -> {
+                    ResetPasswordError(
+                        errorType = ErrorTypes.INVALID_USERNAME,
+                        errorMessage = result.errorDescription,
+                        error = result.error,
+                        correlationId = result.correlationId,
+                        errorCodes = result.errorCodes
+                    )
+                }
+
                 is INativeAuthCommandResult.UnknownError -> {
                     ResetPasswordError(
                         error = result.error,

msal/src/main/java/com/microsoft/identity/nativeauth/statemachine/errors/Error.kt

@@ -65,6 +65,12 @@ internal class ErrorTypes () {
          * The password should be re-submitted.
          */
         const val INVALID_PASSWORD = "invalid_password"
+
+        /*
+         * The INVALID_USERNAME value indicates the username provided by the user is not acceptable to the server.
+         * If this occurs, the flow should be restarted.
+         */
+        const val INVALID_USERNAME = "invalid_username"
     }
 }
 

msal/src/main/java/com/microsoft/identity/nativeauth/statemachine/errors/ResetPasswordErrors.kt

@@ -60,6 +60,8 @@ class ResetPasswordError(
     override var exception: Exception? = null
 ): ResetPasswordResult, ResetPasswordStartResult, BrowserRequiredError, Error(errorType = errorType, error = error, errorMessage= errorMessage, correlationId = correlationId, errorCodes = errorCodes, exception = exception) {
     fun isUserNotFound() : Boolean = this.errorType == ErrorTypes.USER_NOT_FOUND
+
+    fun isInvalidUsername(): Boolean = this.errorType == ErrorTypes.INVALID_USERNAME
 }
 
 /**
@@ -87,4 +89,6 @@ class ResetPasswordSubmitPasswordError(
     fun isInvalidPassword() : Boolean = this.errorType == ErrorTypes.INVALID_PASSWORD
 
     fun isPasswordResetFailed() : Boolean = this.errorType == ResetPasswordErrorTypes.PASSWORD_RESET_FAILED
+
+    fun isInvalidUsername() : Boolean = this.errorType == ErrorTypes.INVALID_USERNAME
 }

msal/src/main/java/com/microsoft/identity/nativeauth/statemachine/errors/SignInErrors.kt

@@ -39,6 +39,8 @@ open class SignInError(
     fun isUserNotFound(): Boolean = this.errorType == ErrorTypes.USER_NOT_FOUND
 
     fun isInvalidCredentials(): Boolean = this.errorType == SignInErrorTypes.INVALID_CREDENTIALS
+
+    fun isInvalidUsername(): Boolean = this.errorType == ErrorTypes.INVALID_USERNAME
 }
 
 /**

msal/src/main/java/com/microsoft/identity/nativeauth/statemachine/errors/SignUpErrors.kt

@@ -38,11 +38,6 @@ internal class SignUpErrorTypes {
          */
         const val USER_ALREADY_EXISTS = "user_already_exists"
 
-        /* The INVALID_USERNAME value indicates the username provided by the user is not acceptable to the server.
-         * If this occurs, the flow should be restarted.
-         */
-        const val INVALID_USERNAME = "invalid_username"
-
         /*
          * The INVALID_ATTRIBUTES value indicates one or more attributes that were sent failed input validation.
          * The attributes should be resubmitted.
@@ -80,7 +75,7 @@ open class SignUpError (
 
     fun isUserAlreadyExists(): Boolean = this.errorType == SignUpErrorTypes.USER_ALREADY_EXISTS
 
-    fun isInvalidUsername(): Boolean = this.errorType == SignUpErrorTypes.INVALID_USERNAME
+    fun isInvalidUsername(): Boolean = this.errorType == ErrorTypes.INVALID_USERNAME
 
     fun isInvalidAttributes(): Boolean = this.errorType == SignUpErrorTypes.INVALID_ATTRIBUTES
 

msal/src/main/java/com/microsoft/identity/nativeauth/statemachine/results/ResetPasswordResult.kt

@@ -23,6 +23,7 @@
 
 package com.microsoft.identity.nativeauth.statemachine.results
 
+import com.microsoft.identity.nativeauth.statemachine.errors.ErrorTypes
 import com.microsoft.identity.nativeauth.statemachine.states.ResetPasswordCodeRequiredState
 import com.microsoft.identity.nativeauth.statemachine.states.ResetPasswordPasswordRequiredState
 import com.microsoft.identity.nativeauth.statemachine.states.SignInContinuationState

msal/src/main/java/com/microsoft/identity/nativeauth/statemachine/states/SignUpStates.kt

@@ -29,7 +29,6 @@ import com.microsoft.identity.nativeauth.NativeAuthPublicClientApplicationConfig
 import com.microsoft.identity.nativeauth.UserAttributes
 import com.microsoft.identity.client.exception.MsalException
 import com.microsoft.identity.client.internal.CommandParametersAdapter
-import com.microsoft.identity.nativeauth.statemachine.results.SignInResult
 import com.microsoft.identity.nativeauth.statemachine.results.SignUpResendCodeResult
 import com.microsoft.identity.nativeauth.statemachine.results.SignUpResult
 import com.microsoft.identity.nativeauth.statemachine.results.SignUpSubmitAttributesResult
@@ -438,7 +437,7 @@ class SignUpPasswordRequiredState internal constructor(
                     }
 
                     // This should be caught earlier in the flow, so throwing UnexpectedError
-                    is SignUpCommandResult.InvalidEmail -> {
+                    is INativeAuthCommandResult.InvalidUsername -> {
                         Logger.warn(
                             TAG,
                             "Submit password received unexpected result: $result"

msal/src/test/java/com/microsoft/identity/nativeauth/NativeAuthPublicClientApplicationJavaTest.java

@@ -1117,10 +1117,6 @@ public void onError(@NonNull BaseException exception) {
     /**
      * Check that we don't get a type casting exception thrown when we get it,
      * should get error result instead.
-     *
-     * @throws ExecutionException
-     * @throws InterruptedException
-     * @throws TimeoutException
      */
     @Test
     public void testSignInEmptyUsernameNoException() throws ExecutionException, InterruptedException, TimeoutException {
@@ -1159,6 +1155,7 @@ public void onError(@NonNull BaseException exception) {
 
         SignInError error = (SignInError)result;
 
+        assertTrue(error.isInvalidUsername());
         assertFalse(error.isBrowserRequired());
         assertFalse(error.isUserNotFound());
         assertFalse(error.isInvalidCredentials());
@@ -1710,8 +1707,7 @@ public void testSSPREmptyUsernameNoException() throws ExecutionException, Interr
         ResetPasswordStartResult resetPasswordResult = resetPasswordStartTestCallback.get();
 
         assertTrue(resetPasswordResult instanceof ResetPasswordError);
-        assertFalse(((ResetPasswordError) resetPasswordResult).isBrowserRequired());
-        assertFalse(((ResetPasswordError) resetPasswordResult).isUserNotFound());
+        assertTrue(((ResetPasswordError) resetPasswordResult).isInvalidUsername());
     }
 
     // Helper methods
@@ -2650,9 +2646,9 @@ public void testSignUpEmptyUsernameNoException() throws ExecutionException, Inte
         SignUpResult signUpResult = signUpTestCallback.get();
 
         assertTrue(signUpResult instanceof SignUpError);
+        assertTrue(((SignUpError) signUpResult).isInvalidUsername());
         assertFalse(((SignUpError) signUpResult).isBrowserRequired());
         assertFalse(((SignUpError) signUpResult).isInvalidPassword());
-        assertFalse(((SignUpError) signUpResult).isInvalidUsername());
         assertFalse(((SignUpError) signUpResult).isInvalidAttributes());
         assertFalse(((SignUpError) signUpResult).isUserAlreadyExists());
     }

msal/src/test/java/com/microsoft/identity/nativeauth/NativeAuthPublicClientApplicationKotlinTest.kt

@@ -58,6 +58,7 @@ import com.microsoft.identity.common.java.interfaces.IPlatformComponents
 import com.microsoft.identity.common.java.nativeauth.BuildValues
 import com.microsoft.identity.common.java.util.ResultFuture
 import com.microsoft.identity.internal.testutils.TestUtils
+import com.microsoft.identity.nativeauth.statemachine.errors.ErrorTypes
 import com.microsoft.identity.nativeauth.statemachine.states.SignInContinuationState
 import com.microsoft.identity.nativeauth.statemachine.errors.SignInContinuationError
 import kotlinx.coroutines.ExperimentalCoroutinesApi
@@ -1261,10 +1262,6 @@ class NativeAuthPublicClientApplicationKotlinTest : PublicClientApplicationAbstr
     /**
      * Check that we don't get a type casting exception thrown when we get it,
      * should get error result instead.
-     *
-     * @throws ExecutionException
-     * @throws InterruptedException
-     * @throws TimeoutException
      */
     @Test
     fun testSignInEmptyUsernameNoException() = runTest {
@@ -1276,7 +1273,7 @@ class NativeAuthPublicClientApplicationKotlinTest : PublicClientApplicationAbstr
 
         val result = application.signIn(emptyString, password)
         assertTrue(result is SignInError)
-        assertTrue((result as SignInError).errorType == null)
+        assertTrue((result as SignInError).errorType == ErrorTypes.INVALID_USERNAME)
     }
 
     // Helper methods
@@ -2067,10 +2064,6 @@ class NativeAuthPublicClientApplicationKotlinTest : PublicClientApplicationAbstr
     /**
      * Check that we don't get a type casting exception thrown when we get it,
      * should get error result instead.
-     *
-     * @throws ExecutionException
-     * @throws InterruptedException
-     * @throws TimeoutException
      */
     @Test
     fun testSignUpNullUsernameNoException() = runTest {
@@ -2082,10 +2075,30 @@ class NativeAuthPublicClientApplicationKotlinTest : PublicClientApplicationAbstr
             responseType = MockApiResponseType.CHALLENGE_TYPE_REDIRECT
         )
 
-        // 1b. Call SDK interface
+        //Call SDK interface
         val result = application.signUp(emptyString)
         assertTrue(result is SignUpError)
-        assertTrue((result as SignUpError).errorType == null)
+        assertTrue((result as SignUpError).errorType == ErrorTypes.INVALID_USERNAME)
+    }
+
+    /**
+     * Check that we don't get a type casting exception thrown when we get it,
+     * should get error result instead.
+     */
+    @Test
+    fun testResetPasswordNullUsernameNoException() = runTest {
+        val correlationId = UUID.randomUUID().toString()
+
+        configureMockApi(
+            endpointType = MockApiEndpoint.SSPRStart,
+            correlationId = correlationId,
+            responseType = MockApiResponseType.CHALLENGE_TYPE_REDIRECT
+        )
+
+        // 1b. Call SDK interface
+        val result = application.resetPassword(emptyString)
+        assertTrue(result is ResetPasswordError)
+        assertTrue((result as ResetPasswordError).errorType == ErrorTypes.INVALID_USERNAME)
     }
 
     @Test