Merge pull request #156 from wordpress-mobile/woo/issue-13321-magic-link-suspicious-emails

Use Magic Link for WordPress.com suspicious emails

Author: hichamboushaba

WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginAnalyticsListener.kt

@@ -59,6 +59,7 @@ interface LoginAnalyticsListener {
     fun trackSubmitClicked()
     fun trackRequestMagicLinkClick()
     fun trackLoginWithPasswordClick()
+    fun trackLoginWithWpComUsernamePasswordClick()
     fun trackShowHelpClick()
     fun trackDismissDialog()
     fun trackSelectEmailField()

WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginBaseFormFragment.java

@@ -243,6 +243,11 @@ protected void startProgress(boolean cancellable) {
             mBottomButton.setEnabled(false);
         }
 
+        if (mProgressDialog != null) {
+            mProgressDialog.setOnCancelListener(null);
+            mProgressDialog.cancel();
+        }
+
         mProgressDialog =
                 ProgressDialog.show(getActivity(), "", getActivity().getString(getProgressBarText()), true, cancellable,
                         new DialogInterface.OnCancelListener() {

WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginEmailFragment.java

@@ -1,5 +1,7 @@
 package org.wordpress.android.login;
 
+import static android.app.Activity.RESULT_OK;
+
 import android.app.PendingIntent;
 import android.content.ActivityNotFoundException;
 import android.content.Context;
@@ -53,15 +55,11 @@
 import org.wordpress.android.util.EditTextUtils;
 import org.wordpress.android.util.HtmlUtils;
 import org.wordpress.android.util.NetworkUtils;
-import org.wordpress.android.util.ToastUtils;
-import org.wordpress.android.util.ToastUtils.Duration;
 
 import java.util.ArrayList;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
-import static android.app.Activity.RESULT_OK;
-
 import dagger.android.support.AndroidSupportInjection;
 
 public class LoginEmailFragment extends LoginBaseFormFragment<LoginListener> implements TextWatcher,
@@ -572,12 +570,9 @@ public void onAuthOptionsFetched(OnAuthOptionsFetched event) {
                     // Will be true if in the Woo app and currently in the WPcom login
                     // flow. We need to check this to know if we should display the
                     // 'No WPcom account found' error screen.
-                    boolean isWooWPcomLoginFlow = false;
-                    if (mLoginListener != null
-                        && mLoginListener.getLoginMode() == LoginMode.WOO_LOGIN_MODE
-                        && !mOptionalSiteCredsLayout) {
-                        isWooWPcomLoginFlow = true;
-                    }
+                    boolean isWooWPcomLoginFlow = mLoginListener != null
+                                                  && mLoginListener.getLoginMode() == LoginMode.WOO_LOGIN_MODE
+                                                  && !mOptionalSiteCredsLayout;
 
                     if (mIsSignupFromLoginEnabled || isWooWPcomLoginFlow) {
                         if (mLoginListener != null) {
@@ -589,11 +584,14 @@ public void onAuthOptionsFetched(OnAuthOptionsFetched event) {
                     }
                     break;
                 case EMAIL_LOGIN_NOT_ALLOWED:
-                    // As a security measure, this user needs to log in using an username and password
+                    // As a security measure, this user can't sign in using their email/password
+                    // combination. Ask them to use Magic Link instead.
                     mAnalyticsListener.trackFailure("Login with username required");
-                    ToastUtils.showToast(getContext(), R.string.error_user_username_instead_of_email, Duration.LONG);
                     if (mLoginListener != null) {
-                        mLoginListener.loginViaWpcomUsernameInstead();
+                        mLoginListener.useMagicLinkInstead(email,
+                                false,
+                                false,
+                                MagicLinkFallbackButton.UsernameAndPassword);
                     }
                     break;
                 case GENERIC_ERROR:

WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginEmailPasswordFragment.java

@@ -193,12 +193,11 @@ public void onClick(View v) {
 
         final Button magicLinkButton = rootView.findViewById(R.id.login_get_email_link);
         magicLinkButton.setVisibility(mAllowMagicLink ? View.VISIBLE : View.GONE);
-        magicLinkButton.setOnClickListener(new OnClickListener() {
-            @Override public void onClick(View v) {
-                if (mLoginListener != null) {
-                    mAnalyticsListener.trackRequestMagicLinkClick();
-                    mLoginListener.useMagicLinkInstead(mEmailAddress, mVerifyMagicLinkEmail);
-                }
+        magicLinkButton.setOnClickListener(v -> {
+            if (mLoginListener != null) {
+                mAnalyticsListener.trackRequestMagicLinkClick();
+                mLoginListener.useMagicLinkInstead(mEmailAddress, mVerifyMagicLinkEmail,
+                        true, MagicLinkFallbackButton.None);
             }
         });
 

WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginListener.java

@@ -37,7 +37,7 @@ void gotUnregisteredSocialAccount(String email, String displayName, String idTok
     void onTermsOfServiceClicked();
 
     // Login Request Magic Link callbacks
-    void showMagicLinkSentScreen(String email, boolean allowPassword);
+    void showMagicLinkSentScreen(String email, MagicLinkFallbackButton fallbackButton);
     void usePasswordInstead(String email);
     void helpMagicLinkRequest(String email);
 
@@ -47,7 +47,8 @@ void gotUnregisteredSocialAccount(String email, String displayName, String idTok
 
     // Login email password callbacks
     void forgotPassword(String url);
-    void useMagicLinkInstead(String email, boolean verifyEmail);
+    void useMagicLinkInstead(String email, boolean verifyEmail,
+                             boolean requestAtStart, MagicLinkFallbackButton fallbackButton);
     void needs2fa(String email, String password);
     void needs2fa(String email, String password, String userId, String webauthnNonce,
                   String nonceAuthenticator, String nonceBackup, String noncePush,

WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginMagicLinkRequestFragment.java

@@ -52,7 +52,7 @@ public class LoginMagicLinkRequestFragment extends Fragment {
     private static final String ARG_IS_JETPACK_CONNECT = "ARG_IS_JETPACK_CONNECT";
     private static final String ARG_JETPACK_CONNECT_SOURCE = "ARG_JETPACK_CONNECT_SOURCE";
     private static final String ARG_VERIFY_MAGIC_LINK_EMAIL = "ARG_VERIFY_MAGIC_LINK_EMAIL";
-    private static final String ARG_ALLOW_PASSWORD = "ARG_ALLOW_PASSWORD";
+    private static final String ARG_FALLBACK_BUTTON = "ARG_FALLBACK_BUTTON";
     private static final String ARG_FORCE_REQUEST_AT_START = "ARG_FORCE_REQUEST_AT_START";
 
     private static final String ERROR_KEY = "error";
@@ -70,7 +70,7 @@ public class LoginMagicLinkRequestFragment extends Fragment {
     private boolean mInProgress;
     private boolean mIsJetpackConnect;
     private boolean mVerifyMagicLinkEmail;
-    private boolean mAllowPassword;
+    private MagicLinkFallbackButton mFallbackButton;
     private boolean mForceRequestAtStart;
 
     @Inject protected Dispatcher mDispatcher;
@@ -80,12 +80,13 @@ public class LoginMagicLinkRequestFragment extends Fragment {
     public static LoginMagicLinkRequestFragment newInstance(String email, AuthEmailPayloadScheme scheme,
                                                             boolean isJetpackConnect, String jetpackConnectSource,
                                                             boolean verifyEmail) {
-        return newInstance(email, scheme, isJetpackConnect, jetpackConnectSource, verifyEmail, true, false);
+        return newInstance(email, scheme, isJetpackConnect, jetpackConnectSource,
+                verifyEmail, MagicLinkFallbackButton.Password, false);
     }
 
     public static LoginMagicLinkRequestFragment newInstance(String email, AuthEmailPayloadScheme scheme,
                                                             boolean isJetpackConnect, String jetpackConnectSource,
-                                                            boolean verifyEmail, boolean allowPassword,
+                                                            boolean verifyEmail, MagicLinkFallbackButton fallbackButton,
                                                             boolean forceRequestAtStart) {
         LoginMagicLinkRequestFragment fragment = new LoginMagicLinkRequestFragment();
         Bundle args = new Bundle();
@@ -94,7 +95,7 @@ public static LoginMagicLinkRequestFragment newInstance(String email, AuthEmailP
         args.putBoolean(ARG_IS_JETPACK_CONNECT, isJetpackConnect);
         args.putString(ARG_JETPACK_CONNECT_SOURCE, jetpackConnectSource);
         args.putBoolean(ARG_VERIFY_MAGIC_LINK_EMAIL, verifyEmail);
-        args.putBoolean(ARG_ALLOW_PASSWORD, allowPassword);
+        args.putSerializable(ARG_FALLBACK_BUTTON, fallbackButton);
         args.putBoolean(ARG_FORCE_REQUEST_AT_START, forceRequestAtStart);
         fragment.setArguments(args);
         return fragment;
@@ -121,7 +122,7 @@ public void onCreate(Bundle savedInstanceState) {
             mIsJetpackConnect = getArguments().getBoolean(ARG_IS_JETPACK_CONNECT);
             mJetpackConnectSource = getArguments().getString(ARG_JETPACK_CONNECT_SOURCE);
             mVerifyMagicLinkEmail = getArguments().getBoolean(ARG_VERIFY_MAGIC_LINK_EMAIL);
-            mAllowPassword = getArguments().getBoolean(ARG_ALLOW_PASSWORD);
+            mFallbackButton = (MagicLinkFallbackButton) getArguments().getSerializable(ARG_FALLBACK_BUTTON);
             mForceRequestAtStart = getArguments().getBoolean(ARG_FORCE_REQUEST_AT_START);
         }
 
@@ -132,23 +133,33 @@ public void onCreate(Bundle savedInstanceState) {
     public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) {
         View view = inflater.inflate(R.layout.login_magic_link_request_screen, container, false);
         mRequestMagicLinkButton = view.findViewById(R.id.login_request_magic_link);
-        mRequestMagicLinkButton.setOnClickListener(new View.OnClickListener() {
-            @Override
-            public void onClick(View v) {
-                mAnalyticsListener.trackRequestMagicLinkClick();
-                dispatchMagicLinkRequest();
-            }
+        mRequestMagicLinkButton.setOnClickListener(v -> {
+            mAnalyticsListener.trackRequestMagicLinkClick();
+            dispatchMagicLinkRequest();
         });
 
-        final Button passwordButton = view.findViewById(R.id.login_enter_password);
-        passwordButton.setVisibility(mAllowPassword ? View.VISIBLE : View.GONE);
-        passwordButton.setOnClickListener(new View.OnClickListener() {
-            @Override
-            public void onClick(View v) {
-                mAnalyticsListener.trackLoginWithPasswordClick();
-                if (mLoginListener != null) {
-                    mLoginListener.usePasswordInstead(mEmail);
-                }
+        final Button fallbackButtonView = view.findViewById(R.id.login_magic_link_fallback_button);
+        fallbackButtonView.setVisibility(mFallbackButton == MagicLinkFallbackButton.None ? View.GONE : View.VISIBLE);
+        fallbackButtonView.setText(mFallbackButton == MagicLinkFallbackButton.UsernameAndPassword
+                ? R.string.login_use_wpcom_username_instead
+                : R.string.or_type_your_password);
+
+        fallbackButtonView.setOnClickListener(v -> {
+            switch (mFallbackButton) {
+                case Password:
+                    mAnalyticsListener.trackLoginWithPasswordClick();
+                    if (mLoginListener != null) {
+                        mLoginListener.usePasswordInstead(mEmail);
+                    }
+                    break;
+                case UsernameAndPassword:
+                    mAnalyticsListener.trackLoginWithWpComUsernamePasswordClick();
+                    if (mLoginListener != null) {
+                        mLoginListener.loginViaWpcomUsernameInstead();
+                    }
+                    break;
+                case None:
+                    throw new IllegalStateException("Button should not be visible");
             }
         });
 
@@ -365,7 +376,7 @@ public void onAuthEmailSent(OnAuthEmailSent event) {
                     fragmentManager.popBackStack();
                 }
             }
-            mLoginListener.showMagicLinkSentScreen(mEmail, mAllowPassword);
+            mLoginListener.showMagicLinkSentScreen(mEmail, mFallbackButton);
         }
     }
 }

WordPressLoginFlow/src/main/java/org/wordpress/android/login/LoginMagicLinkSentFragment.java

@@ -29,24 +29,24 @@ public class LoginMagicLinkSentFragment extends Fragment {
     public static final String TAG = "login_magic_link_sent_fragment_tag";
 
     private static final String ARG_EMAIL_ADDRESS = "ARG_EMAIL_ADDRESS";
-    private static final String ARG_ALLOW_PASSWORD = "ARG_ALLOW_PASSWORD";
+    private static final String ARG_FALLBACK_BUTTON = "ARG_FALLBACK_BUTTON";
 
     private LoginListener mLoginListener;
 
     private String mEmail;
-    private boolean mAllowPassword;
+    private MagicLinkFallbackButton mFallbackButton;
 
     @Inject protected LoginAnalyticsListener mAnalyticsListener;
 
     public static LoginMagicLinkSentFragment newInstance(String email) {
-        return newInstance(email, true);
+        return newInstance(email, MagicLinkFallbackButton.Password);
     }
 
-    public static LoginMagicLinkSentFragment newInstance(String email, boolean allowPassword) {
+    public static LoginMagicLinkSentFragment newInstance(String email, MagicLinkFallbackButton fallbackButton) {
         LoginMagicLinkSentFragment fragment = new LoginMagicLinkSentFragment();
         Bundle args = new Bundle();
         args.putString(ARG_EMAIL_ADDRESS, email);
-        args.putBoolean(ARG_ALLOW_PASSWORD, allowPassword);
+        args.putSerializable(ARG_FALLBACK_BUTTON, fallbackButton);
         fragment.setArguments(args);
         return fragment;
     }
@@ -56,7 +56,7 @@ public void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         if (getArguments() != null) {
             mEmail = getArguments().getString(ARG_EMAIL_ADDRESS);
-            mAllowPassword = getArguments().getBoolean(ARG_ALLOW_PASSWORD);
+            mFallbackButton = (MagicLinkFallbackButton) getArguments().getSerializable(ARG_FALLBACK_BUTTON);
         }
 
         setHasOptionsMenu(true);
@@ -75,15 +75,28 @@ public void onClick(View v) {
             }
         });
 
-        final Button passwordButton = view.findViewById(R.id.login_enter_password);
-        passwordButton.setVisibility(mAllowPassword ? View.VISIBLE : View.GONE);
-        passwordButton.setOnClickListener(new View.OnClickListener() {
-            @Override
-            public void onClick(View v) {
-                mAnalyticsListener.trackLoginWithPasswordClick();
-                if (mLoginListener != null) {
-                    mLoginListener.usePasswordInstead(mEmail);
-                }
+        final Button fallbackButtonView = view.findViewById(R.id.login_magic_link_fallback_button);
+        fallbackButtonView.setVisibility(mFallbackButton == MagicLinkFallbackButton.None ? View.GONE : View.VISIBLE);
+        fallbackButtonView.setText(mFallbackButton == MagicLinkFallbackButton.UsernameAndPassword
+                ? R.string.login_use_wpcom_username_instead
+                : R.string.or_type_your_password);
+
+        fallbackButtonView.setOnClickListener(v -> {
+            switch (mFallbackButton) {
+                case Password:
+                    mAnalyticsListener.trackLoginWithPasswordClick();
+                    if (mLoginListener != null) {
+                        mLoginListener.usePasswordInstead(mEmail);
+                    }
+                    break;
+                case UsernameAndPassword:
+                    mAnalyticsListener.trackLoginWithWpComUsernamePasswordClick();
+                    if (mLoginListener != null) {
+                        mLoginListener.loginViaWpcomUsernameInstead();
+                    }
+                    break;
+                case None:
+                    throw new IllegalStateException("Button should not be visible");
             }
         });
 

WordPressLoginFlow/src/main/java/org/wordpress/android/login/MagicLinkFallbackButton.kt

@@ -0,0 +1,7 @@
+package org.wordpress.android.login
+
+enum class MagicLinkFallbackButton {
+    None,
+    Password,
+    UsernameAndPassword
+}

WordPressLoginFlow/src/main/res/layout/login_magic_link_request_screen.xml

@@ -33,7 +33,7 @@
                 android:text="@string/login_magic_links_label" />
 
             <com.google.android.material.button.MaterialButton
-                android:id="@+id/login_enter_password"
+                android:id="@+id/login_magic_link_fallback_button"
                 style="@style/Widget.LoginFlow.Button.Tertiary"
                 android:layout_width="wrap_content"
                 android:layout_height="wrap_content"

WordPressLoginFlow/src/main/res/layout/login_magic_link_sent_screen.xml

@@ -40,7 +40,7 @@
                 android:text="@string/magic_link_not_seeing_email_message" />
 
             <com.google.android.material.button.MaterialButton
-                android:id="@+id/login_enter_password"
+                android:id="@+id/login_magic_link_fallback_button"
                 style="@style/Widget.LoginFlow.Button.Tertiary"
                 android:layout_width="wrap_content"
                 android:layout_height="wrap_content"