Added invalid credentials check for OIDC

auth0 · Sep 7, 2017 · f24d2b8 · f24d2b8
1 parent 9ceb2cc
commit f24d2b8
Show file tree

Hide file tree

Showing 8 changed files with 10 additions and 115 deletions.
diff --git a/Auth0.xcodeproj/xcshareddata/xcschemes/OAuth2.iOS.xcscheme b/Auth0.xcodeproj/xcshareddata/xcschemes/OAuth2.iOS.xcscheme
diff --git a/Auth0/AuthenticationError.swift b/Auth0/AuthenticationError.swift
@@ -121,7 +121,7 @@ public class AuthenticationError: Auth0Error, CustomStringConvertible {
 
     /// When username and/or password used for authentication are invalid
     public var isInvalidCredentials: Bool {
-        return self.code == "invalid_user_password"
+        return self.code == "invalid_user_password" || (self.code == "invalid_grant" && self.description == "Wrong email or password.")
     }
 
     /// When authenticating with web-based authentication and the resource server denied access per OAuth2 spec

diff --git a/Auth0/Identity.swift b/Auth0/Identity.swift
@@ -43,7 +43,6 @@ public class Identity: NSObject, JSONObjectPayload {
         return "<identity: \(identifier) provider: \(provider) connection: \(connection)>"
     }
 
-    // swiftlint:disable:next function_parameter_count
     public required init(identifier: String, provider: String, connection: String, social: Bool, profileData: [String: Any], accessToken: String?, expiresIn: Date?, accessTokenSecret: String?) {
         self.identifier = identifier
         self.provider = provider

diff --git a/Auth0/OAuth2Grant.swift b/Auth0/OAuth2Grant.swift
@@ -72,7 +72,6 @@ struct PKCE: OAuth2Grant {
         self.init(authentication: authentication, redirectURL: redirectURL, verifier: generator.verifier, challenge: generator.challenge, method: generator.method, responseType: reponseType, nonce: nonce)
     }
 
-    // swiftlint:disable:next function_parameter_count
     init(authentication: Authentication, redirectURL: URL, verifier: String, challenge: String, method: String, responseType: [ResponseType], nonce: String? = nil) {
         self.authentication = authentication
         self.redirectURL = redirectURL

diff --git a/Auth0/Profile.swift b/Auth0/Profile.swift
@@ -60,7 +60,6 @@ public class Profile: NSObject, JSONObjectPayload {
         return self["app_metadata"] as? [String: Any] ?? [:]
     }
 
-    // swiftlint:disable:next function_parameter_count
     required public init(id: String, name: String, nickname: String, pictureURL: URL, createdAt: Date, email: String?, emailVerified: Bool, givenName: String?, familyName: String?, attributes: [String: Any], identities: [Identity]) {
         self.id = id
         self.name = name

diff --git a/Auth0/Request.swift b/Auth0/Request.swift
@@ -48,7 +48,6 @@ public struct Request<T, E: Auth0Error>: Requestable {
     let logger: Logger?
     let telemetry: Telemetry
 
-    // swiftlint:disable:next function_parameter_count
     init(session: URLSession, url: URL, method: String, handle: @escaping (Response<E>, Callback) -> Void, payload: [String: Any] = [:], headers: [String: String] = [:], logger: Logger?, telemetry: Telemetry) {
         self.session = session
         self.url = url

diff --git a/Auth0/_ObjectiveManagementAPI.swift b/Auth0/_ObjectiveManagementAPI.swift
@@ -69,7 +69,6 @@ public class _ObjectiveManagementAPI: NSObject {
     }
 
     @objc(unlinkUserWithIdentifier:provider:fromUserId:callback:)
-    // swiftlint:disable:next function_parameter_count
     public func unlink(identifier: String, provider: String, fromUserId userId: String, callback: @escaping (NSError?, [[String: Any]]?) -> Void) {
         self.users
             .unlink(identityId: identifier, provider: provider, fromUserId:userId)

diff --git a/Auth0Tests/AuthenticationErrorSpec.swift b/Auth0Tests/AuthenticationErrorSpec.swift
@@ -169,6 +169,15 @@ class AuthenticationErrorSpec: QuickSpec {
                 expect(error.isTooManyAttempts) == true
             }
 
+            it("should detect invalid credentials") {
+                let values = [
+                    "error": "invalid_grant",
+                    "error_description": "Wrong email or password."
+                ]
+                let error = AuthenticationError(info: values, statusCode: 403)
+                expect(error.isInvalidCredentials) == true
+            }
+
         }
 
     }
@@ -205,7 +214,6 @@ class AuthenticationErrorSpecSharedExamplesConfiguration: QuickConfiguration {
                 }
             }
 
-
             it("should not match any custom error") {
                 expect(error.isRuleError).to(beFalse(), description: "should not match rule error")
                 expect(error.isPasswordNotStrongEnough).to(beFalse(), description: "should not match pwd strength")