fix(auth-fido): Improved FIDO2 error messages.

auth-fido/domain/src/main/kotlin/me/proton/core/auth/fido/domain/usecase/PerformTwoFaWithSecurityKey.kt

@@ -73,17 +73,29 @@ public interface PerformTwoFaWithSecurityKey<T: Any, A : Any> {
      */
     @Suppress("MagicNumber")
     public enum class ErrorCode(public val code: Int?) {
+        /** The operation is not supported. */
         NOT_SUPPORTED_ERR(9),
+        /** The object is in an invalid state. */
         INVALID_STATE_ERR(11),
+        /** The operation is insecure. */
         SECURITY_ERR(18),
+        /** A network error occurred. */
         NETWORK_ERR(19),
+        /** The operation was aborted. */
         ABORT_ERR(20),
+        /** The operation timed out. */
         TIMEOUT_ERR(23),
+        /** The encoding operation (either encoded or decoding) failed. */
         ENCODING_ERR(27),
+        /** The operation failed for an unknown transient reason. */
         UNKNOWN_ERR(28),
+        /** A mutation operation in a transaction failed because a constraint was not satisfied. */
         CONSTRAINT_ERR(29),
+        /** Provided data is inadequate. */
         DATA_ERR(30),
+        /** The request is not allowed by the user agent or the platform in the current context, possibly because the user denied permission. */
         NOT_ALLOWED_ERR(35),
+        /** The authenticator violates the privacy requirements of the AttestationStatementType it is using. */
         ATTESTATION_NOT_PRIVATE_ERR(36);
     }
 

auth/presentation/src/main/kotlin/me/proton/core/auth/presentation/ui/Utils.kt

@@ -133,14 +133,33 @@ internal inline fun <reified E> Flow<Any>.onLongState(crossinline action: () ->
 
 fun PerformTwoFaWithSecurityKey.ErrorData.getMessage(context: Context): String = when (this.code) {
     PerformTwoFaWithSecurityKey.ErrorCode.NOT_SUPPORTED_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.NOT_ALLOWED_ERR,
     PerformTwoFaWithSecurityKey.ErrorCode.DATA_ERR -> context.getString(R.string.auth_2fa_error_key_invalid_or_not_supported)
 
+    PerformTwoFaWithSecurityKey.ErrorCode.SECURITY_ERR -> context.getString(R.string.auth_2fa_error_key_security_error, message)
+    PerformTwoFaWithSecurityKey.ErrorCode.ABORT_ERR -> context.getString(R.string.auth_2fa_error_key_abort_error)
     PerformTwoFaWithSecurityKey.ErrorCode.TIMEOUT_ERR,
     PerformTwoFaWithSecurityKey.ErrorCode.NETWORK_ERR -> context.getString(R.string.auth_2fa_error_key_network_error)
 
     else -> context.getString(R.string.auth_login_general_error)
 }
 
+fun PerformTwoFaWithSecurityKey.ErrorData.needsReport(): Boolean = when (this.code) {
+    PerformTwoFaWithSecurityKey.ErrorCode.NOT_SUPPORTED_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.INVALID_STATE_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.ENCODING_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.UNKNOWN_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.CONSTRAINT_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.DATA_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.ATTESTATION_NOT_PRIVATE_ERR -> true
+
+    PerformTwoFaWithSecurityKey.ErrorCode.NOT_ALLOWED_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.SECURITY_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.ABORT_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.TIMEOUT_ERR,
+    PerformTwoFaWithSecurityKey.ErrorCode.NETWORK_ERR -> false
+}
+
 fun PerformTwoFaWithSecurityKey.Result.handle(
     context: Context,
     view: View,
@@ -155,10 +174,9 @@ fun PerformTwoFaWithSecurityKey.Result.handle(
 
         is PerformTwoFaWithSecurityKey.Result.Error -> {
             view.errorSnack(error.getMessage(context))
-            CoreLogger.e(
-                LogTag.FLOW_ERROR_2FA,
-                "PerformTwoFaWithSecurityKey.Result.Error $this"
-            )
+            if (error.needsReport()) {
+                CoreLogger.e(LogTag.FLOW_ERROR_2FA, "PerformTwoFaWithSecurityKey.Result.Error $this")
+            }
         }
 
         is PerformTwoFaWithSecurityKey.Result.UnknownResult,

auth/presentation/src/main/res/values/strings.xml

@@ -70,6 +70,9 @@
     <string name="auth_2fa_use_2fa_code">Use two-factor code</string>
     <string name="auth_2fa_error_empty_code">Enter the 6-digit code.</string>
 
+    <string name="auth_2fa_error_key_security_error">A security error has occurred: %1$s</string>
+    <string name="auth_2fa_error_key_abort_error">The operation was aborted.</string>
+
     <string name="auth_2fa_error_key_invalid_or_not_supported">An error has occurred. Please check your key.</string>
     <string name="auth_2fa_error_key_network_error">A network error has occurred. Please try again.</string>