Merge pull request #114 from auth0/fix-invalid-p2-credentials

Capture invalid_credentials error for OIDC endpoints
auth0 · Oct 4, 2017 · bff4601 · bff4601
2 parents a52a2ca + 3cb8a81
commit bff4601
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/auth0/src/main/java/com/auth0/android/authentication/AuthenticationException.java b/auth0/src/main/java/com/auth0/android/authentication/AuthenticationException.java
@@ -192,7 +192,7 @@ public boolean isRuleError() {
 
     /// When username and/or password used for authentication are invalid
     public boolean isInvalidCredentials() {
-        return "invalid_user_password".equals(code);
+        return "invalid_user_password".equals(code) || "invalid_grant".equals(code) && "Wrong email or password.".equals(description);
     }
 
     /// When authenticating with web-based authentication and the resource server denied access per OAuth2 spec

diff --git a/auth0/src/test/java/com/auth0/android/authentication/AuthenticationExceptionTest.java b/auth0/src/test/java/com/auth0/android/authentication/AuthenticationExceptionTest.java
@@ -203,6 +203,14 @@ public void shouldHaveInvalidCredentials() throws Exception {
         assertThat(ex.isInvalidCredentials(), is(true));
     }
 
+    @Test
+    public void shouldHaveOIDCInvalidCredentials() throws Exception {
+        values.put(CODE_KEY, "invalid_grant");
+        values.put(ERROR_DESCRIPTION_KEY, "Wrong email or password.");
+        AuthenticationException ex = new AuthenticationException(values);
+        assertThat(ex.isInvalidCredentials(), is(true));
+    }
+
     @Test
     public void shouldHaveAccessDenied() throws Exception {
         values.put(CODE_KEY, "access_denied");