fix(aws-android-sdk-auth-userpools): Check actual password requirements in drop-in UI (#3588)

mattcreaser · web-flow · commit 54bc9b1835d1 · 2024-06-12T13:49:39.000-03:00
* Check actual password requirements in drop-in UI

* Also read password length when changing password.
diff --git a/aws-android-sdk-auth-userpools/src/main/java/com/amazonaws/mobile/auth/userpools/CognitoUserPoolsSignInProvider.java b/aws-android-sdk-auth-userpools/src/main/java/com/amazonaws/mobile/auth/userpools/CognitoUserPoolsSignInProvider.java
@@ -52,6 +52,7 @@
 import com.amazonaws.mobile.auth.core.internal.util.ViewHelper;
 
 import org.json.JSONException;
+import org.json.JSONObject;
 
 import java.util.HashSet;
 import java.util.Set;
@@ -62,6 +63,9 @@
 import static com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider.AttributeKeys.USERNAME;
 import static com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider.AttributeKeys.VERIFICATION_CODE;
 
+import androidx.annotation.NonNull;
+import androidx.annotation.Nullable;
+
 /**
  * Manages sign-in using Cognito User Pools.
  */
@@ -408,10 +412,14 @@ public void handleActivityResult(final int requestCode,
                     password = data.getStringExtra(PASSWORD);
                     verificationCode = data.getStringExtra(VERIFICATION_CODE);
 
-                    if (password.length() < PASSWORD_MIN_LENGTH) {
+                    Integer minimumPasswordLength = getMinimumPasswordLength(awsConfiguration);
+                    if (minimumPasswordLength != null && password.length() < minimumPasswordLength) {
                         ViewHelper.showDialog(activity, activity.getString(R.string.title_activity_forgot_password),
-                                    activity.getString(R.string.password_change_failed) 
-                                    + " " + activity.getString(R.string.password_length_validation_failed));
+                                activity.getString(R.string.password_change_failed)
+                                        + " " + activity.getString(
+                                        R.string.password_length_validation_failed_variable,
+                                        minimumPasswordLength
+                                ));
                         return;
                     }
 
@@ -444,7 +452,7 @@ public void handleActivityResult(final int requestCode,
 
                     if (verificationCode.length() < 1) {
                         ViewHelper.showDialog(activity, activity.getString(R.string.title_activity_mfa),
-                                    activity.getString(R.string.mfa_failed) 
+                                    activity.getString(R.string.mfa_failed)
                                     + " " + activity.getString(R.string.mfa_code_empty));
                         return;
                     }
@@ -469,7 +477,7 @@ public void handleActivityResult(final int requestCode,
 
                     if (verificationCode.length() < 1) {
                         ViewHelper.showDialog(activity, activity.getString(R.string.title_activity_sign_up_confirm),
-                                    activity.getString(R.string.sign_up_confirm_title) 
+                                    activity.getString(R.string.sign_up_confirm_title)
                                     + " " + activity.getString(R.string.sign_up_confirm_code_missing));
                         return;
                     }
@@ -697,4 +705,13 @@ static int getBackgroundColor() {
     static String getFontFamily() {
         return fontFamily;
     }
+
+    @Nullable
+    static Integer getMinimumPasswordLength(@NonNull final AWSConfiguration configuration) {
+        JSONObject auth = configuration.optJsonObject("Auth");
+        if (auth == null) return null;
+        JSONObject passwordSettings = auth.optJSONObject("passwordProtectionSettings");
+        if (passwordSettings == null) return null;
+        return passwordSettings.optInt("passwordPolicyMinLength");
+    }
 }
diff --git a/aws-android-sdk-auth-userpools/src/main/java/com/amazonaws/mobile/auth/userpools/SignUpActivity.java b/aws-android-sdk-auth-userpools/src/main/java/com/amazonaws/mobile/auth/userpools/SignUpActivity.java
@@ -38,6 +38,10 @@
 import static com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider.AttributeKeys.*;
 import static com.amazonaws.mobile.auth.userpools.CognitoUserPoolsSignInProvider.getErrorMessageFromException;
 
+import androidx.annotation.Nullable;
+
+import org.json.JSONObject;
+
 /**
  * Activity to prompt for account sign up information.
  */
@@ -47,6 +51,7 @@ public class SignUpActivity extends Activity {
 
     private SignUpView signUpView;
     private CognitoUserPool mUserPool;
+    private AWSConfiguration configuration;
 
     /**
      * Starts a {@link SignUpActivity}
@@ -67,7 +72,8 @@ protected void onCreate(final Bundle savedInstanceState) {
         signUpView = (SignUpView) findViewById(R.id.signup_view);
 
         Context appContext = getApplicationContext();
-        mUserPool = new CognitoUserPool(appContext, new AWSConfiguration(appContext));
+        configuration = new AWSConfiguration(appContext);
+        mUserPool = new CognitoUserPool(appContext, configuration);
 
         InputMethodManager imm = (InputMethodManager) getSystemService(Context.INPUT_METHOD_SERVICE);
         imm.toggleSoftInput(InputMethodManager.SHOW_FORCED, InputMethodManager.HIDE_IMPLICIT_ONLY);
@@ -94,13 +100,16 @@ public void signUp(final View view) {
         Log.d(LOG_TAG, "email = " + email);
         Log.d(LOG_TAG, "phone = " + phone);
 
+
+        final Integer minimumPasswordLength = CognitoUserPoolsSignInProvider.getMinimumPasswordLength(configuration);
+
         if (username.isEmpty()) {
             showError(getString(R.string.sign_up_username_missing));
             return;
         }
 
-        if (password.length() < 6) {
-            showError(getString(R.string.password_length_validation_failed));
+        if (minimumPasswordLength != null && password.length() < minimumPasswordLength) {
+            showError(getString(R.string.password_length_validation_failed_variable, minimumPasswordLength));
             return;
         }
 
diff --git a/aws-android-sdk-auth-userpools/src/main/res/values/strings.xml b/aws-android-sdk-auth-userpools/src/main/res/values/strings.xml
@@ -43,6 +43,7 @@
     <string name="mfa_code_empty">MFA Code is empty.</string>
     <string name="mfa_failed">MFA Failed.</string>
     <string name="password_length_validation_failed">Password should have 6 or more characters.</string>
+    <string name="password_length_validation_failed_variable">Password should have %d or more characters.</string>
     <string name="sign_up_username_missing">Missing username.</string>
     <string name="sign_up_confirm_code_missing">Sign Up Confirmation code is missing.</string>
     <string name="sign_up_in_progress">Sign up in progress</string>
