From 80688313eddf2111fbdbd2b897bc2159d699a6d1 Mon Sep 17 00:00:00 2001
From: Jesse Luehrs <doy@tozt.net>
Date: Sat, 18 Apr 2020 18:20:46 -0400
Subject: better error messages for incorrect passwords

---
 src/actions.rs |  7 +++++--
 src/api.rs     | 39 ++++++++++++++++++++++++++++++++-------
 src/error.rs   |  3 +++
 3 files changed, 40 insertions(+), 9 deletions(-)

(limited to 'src')

diff --git a/src/actions.rs b/src/actions.rs
index 0fea7df..4dbe4ca 100644
--- a/src/actions.rs
+++ b/src/actions.rs
@@ -38,9 +38,12 @@ pub async fn unlock(
 
     let protected_key =
         crate::cipherstring::CipherString::new(protected_key)?;
-    let master_keys = protected_key.decrypt_locked(&identity.keys)?;
 
-    Ok(crate::locked::Keys::new(master_keys))
+    match protected_key.decrypt_locked(&identity.keys) {
+        Ok(master_keys) => Ok(crate::locked::Keys::new(master_keys)),
+        Err(Error::InvalidMac) => Err(Error::IncorrectPassword),
+        Err(e) => Err(e),
+    }
 }
 
 pub async fn sync(
diff --git a/src/api.rs b/src/api.rs
index 5cf5485..5fc9058 100644
--- a/src/api.rs
+++ b/src/api.rs
@@ -47,6 +47,18 @@ struct ConnectPasswordRes {
     key: String,
 }
 
+#[derive(serde::Deserialize, Debug)]
+struct ConnectErrorRes {
+    #[serde(rename = "ErrorModel")]
+    error_model: ConnectErrorResErrorModel,
+}
+
+#[derive(serde::Deserialize, Debug)]
+struct ConnectErrorResErrorModel {
+    #[serde(rename = "Message")]
+    message: String,
+}
+
 #[derive(serde::Deserialize, Debug)]
 struct ConnectRefreshTokenRes {
     access_token: String,
@@ -246,13 +258,26 @@ impl Client {
             .send()
             .await
             .context(crate::error::Reqwest)?;
-        let connect_res: ConnectPasswordRes =
-            res.json().await.context(crate::error::Reqwest)?;
-        Ok((
-            connect_res.access_token,
-            connect_res.refresh_token,
-            connect_res.key,
-        ))
+        if let reqwest::StatusCode::OK = res.status() {
+            let connect_res: ConnectPasswordRes =
+                res.json().await.context(crate::error::Reqwest)?;
+            Ok((
+                connect_res.access_token,
+                connect_res.refresh_token,
+                connect_res.key,
+            ))
+        } else {
+            let code = res.status().as_u16();
+            let error_res: ConnectErrorRes =
+                res.json().await.context(crate::error::Reqwest)?;
+            if error_res.error_model.message
+                == "Username or password is incorrect. Try again"
+            {
+                Err(Error::IncorrectPassword)
+            } else {
+                Err(Error::RequestFailed { status: code })
+            }
+        }
     }
 
     pub async fn sync(
diff --git a/src/error.rs b/src/error.rs
index 806d85c..b1ce2b6 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -34,6 +34,9 @@ pub enum Error {
     #[snafu(display("failed to create hkdf"))]
     HkdfFromPrk,
 
+    #[snafu(display("username or password incorrect"))]
+    IncorrectPassword,
+
     #[snafu(display("invalid base64: {}", source))]
     InvalidBase64 { source: base64::DecodeError },
 
-- 
cgit v1.2.3-54-g00ecf