LYNX-391: Update Error Handling for generateCustomerToken Mutation (#227)

eliseacornejo · glo74186 · commit 67ba6dd465b8 · 2024-05-07T14:32:34.000+05:30
diff --git a/app/code/Magento/Customer/Model/AccountManagement/Authenticate.php b/app/code/Magento/Customer/Model/AccountManagement/Authenticate.php
@@ -92,17 +92,18 @@ public function execute(string $email, string $password): CustomerInterface
         if ($this->authentication->isLocked($customerId)) {
             throw new UserLockedException(__('The account is locked.'));
         }
-        try {
-            $this->authentication->authenticate($customerId, $password);
-        } catch (InvalidEmailOrPasswordException $exception) {
-            throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
-        }
 
         if ($customer->getConfirmation()
             && ($this->isConfirmationRequired($customer) || $this->isEmailChangedConfirmationRequired($customer))) {
             throw new EmailNotConfirmedException(__('This account isn\'t confirmed. Verify and try again.'));
         }
 
+        try {
+            $this->authentication->authenticate($customerId, $password);
+        } catch (InvalidEmailOrPasswordException $exception) {
+            throw new InvalidEmailOrPasswordException(__('Invalid login or password.'));
+        }
+
         $customerModel = $this->customerFactory->create()->updateData($customer);
         $this->eventManager->dispatch(
             'customer_customer_authenticated',
diff --git a/app/code/Magento/CustomerGraphQl/Model/Resolver/GenerateCustomerToken.php b/app/code/Magento/CustomerGraphQl/Model/Resolver/GenerateCustomerToken.php
@@ -8,6 +8,7 @@
 namespace Magento\CustomerGraphQl\Model\Resolver;
 
 use Magento\Framework\Exception\AuthenticationException;
+use Magento\Framework\Exception\EmailNotConfirmedException;
 use Magento\Framework\GraphQl\Config\Element\Field;
 use Magento\Framework\GraphQl\Exception\GraphQlAuthenticationException;
 use Magento\Framework\GraphQl\Exception\GraphQlInputException;
@@ -55,8 +56,8 @@ public function resolve(
         try {
             $token = $this->customerTokenService->createCustomerAccessToken($args['email'], $args['password']);
             return ['token' => $token];
-        } catch (AuthenticationException $e) {
-            throw new GraphQlAuthenticationException(__($e->getMessage()), $e);
+        } catch (EmailNotConfirmedException|AuthenticationException $e) {
+            throw new GraphQlAuthenticationException(__($e->getRawMessage()), $e);
         }
     }
 }
diff --git a/app/code/Magento/Integration/Api/CustomerTokenServiceInterface.php b/app/code/Magento/Integration/Api/CustomerTokenServiceInterface.php
@@ -21,6 +21,7 @@ interface CustomerTokenServiceInterface
      * @param string $password
      * @return string Token created
      * @throws \Magento\Framework\Exception\AuthenticationException
+     * @throws \Magento\Framework\Exception\EmailNotConfirmedException
      */
     public function createCustomerAccessToken($username, $password);
 
diff --git a/app/code/Magento/Integration/Api/TokenManager.php b/app/code/Magento/Integration/Api/TokenManager.php
@@ -0,0 +1,97 @@
+<?php
+/************************************************************************
+ *
+ * Copyright 2024 Adobe
+ * All Rights Reserved.
+ *
+ * NOTICE: All information contained herein is, and remains
+ * the property of Adobe and its suppliers, if any. The intellectual
+ * and technical concepts contained herein are proprietary to Adobe
+ * and its suppliers and are protected by all applicable intellectual
+ * property laws, including trade secret and copyright laws.
+ * Dissemination of this information or reproduction of this material
+ * is strictly forbidden unless prior written permission is obtained
+ * from Adobe.
+ * ************************************************************************
+ */
+
+declare(strict_types=1);
+
+namespace Magento\Integration\Api;
+
+use Magento\Authorization\Model\UserContextInterface;
+use Magento\Framework\App\ObjectManager;
+use Magento\Integration\Api\Data\UserTokenParametersInterface;
+use Magento\Integration\Model\UserToken\UserTokenParameters;
+use Magento\Integration\Model\UserToken\UserTokenParametersFactory;
+
+/**
+ * Issues tokens used to authenticate users.
+ */
+class TokenManager
+{
+    /**
+     * @var UserTokenParametersFactory
+     */
+    private $tokenParametersFactory;
+
+    /**
+     * @var UserTokenIssuerInterface
+     */
+    private $tokenIssuer;
+
+    /**
+     * @var UserTokenRevokerInterface
+     */
+    private $tokenRevoker;
+
+    /**
+     * @param UserTokenParametersFactory|null $tokenParamsFactory
+     * @param UserTokenIssuerInterface|null $tokenIssuer
+     * @param UserTokenRevokerInterface|null $tokenRevoker
+     */
+    public function __construct(
+        ?UserTokenParametersFactory $tokenParamsFactory = null,
+        ?UserTokenIssuerInterface $tokenIssuer = null,
+        ?UserTokenRevokerInterface $tokenRevoker = null
+    ) {
+        $this->tokenParametersFactory = $tokenParamsFactory
+            ?? ObjectManager::getInstance()->get(UserTokenParametersFactory::class);
+        $this->tokenIssuer = $tokenIssuer ?? ObjectManager::getInstance()->get(UserTokenIssuerInterface::class);
+        $this->tokenRevoker = $tokenRevoker ?? ObjectManager::getInstance()->get(UserTokenRevokerInterface::class);
+    }
+
+    /**
+     * Create class instance with specified parameters
+     *
+     * @param array $data
+     * @return UserTokenParameters
+     */
+    public function createUserTokenParameters(array $data = []): UserTokenParameters
+    {
+        return $this->tokenParametersFactory->create($data);
+    }
+
+    /**
+     * Create token for a user.
+     *
+     * @param UserContextInterface $userContext
+     * @param UserTokenParametersInterface $params
+     * @return string
+     */
+    public function create(UserContextInterface $userContext, UserTokenParametersInterface $params): string
+    {
+        return $this->tokenIssuer->create($userContext, $params);
+    }
+
+    /**
+     * Revoke all previously issued tokens for given user.
+     *
+     * @param UserContextInterface $userContext
+     * @return void
+     */
+    public function revokeFor(UserContextInterface $userContext): void
+    {
+        $this->tokenRevoker->revokeFor($userContext);
+    }
+}
diff --git a/app/code/Magento/Integration/Model/CustomerTokenService.php b/app/code/Magento/Integration/Model/CustomerTokenService.php
@@ -8,13 +8,10 @@
 
 use Magento\Customer\Api\AccountManagementInterface;
 use Magento\Framework\App\ObjectManager;
+use Magento\Framework\Exception\EmailNotConfirmedException;
 use Magento\Framework\Exception\LocalizedException;
-use Magento\Integration\Model\UserToken\UserTokenParametersFactory;
+use Magento\Integration\Api\TokenManager;
 use Magento\Integration\Api\Exception\UserTokenException;
-use Magento\Integration\Api\UserTokenIssuerInterface;
-use Magento\Integration\Api\UserTokenRevokerInterface;
-use Magento\Integration\Model\Oauth\TokenFactory as TokenModelFactory;
-use Magento\Integration\Model\ResourceModel\Oauth\Token\CollectionFactory as TokenCollectionFactory;
 use Magento\Integration\Model\Oauth\Token\RequestThrottler;
 use Magento\Framework\Exception\AuthenticationException;
 use Magento\Framework\Event\ManagerInterface;
@@ -30,67 +27,26 @@ class CustomerTokenService implements CustomerTokenServiceInterface
      */
     private $eventManager;
 
-    /**
-     * Customer Account Service
-     *
-     * @var AccountManagementInterface
-     */
-    private $accountManagement;
-
-    /**
-     * @var CredentialsValidator
-     */
-    private $validatorHelper;
-
     /**
      * @var RequestThrottler
      */
     private $requestThrottler;
 
-    /**
-     * @var UserTokenParametersFactory
-     */
-    private $tokenParametersFactory;
-
-    /**
-     * @var UserTokenIssuerInterface
-     */
-    private $tokenIssuer;
-
-    /**
-     * @var UserTokenRevokerInterface
-     */
-    private $tokenRevoker;
-
     /**
      * Initialize service
      *
-     * @param TokenModelFactory $tokenModelFactory
      * @param AccountManagementInterface $accountManagement
-     * @param TokenCollectionFactory $tokenModelCollectionFactory
      * @param CredentialsValidator $validatorHelper
+     * @param TokenManager $tokenManager
      * @param ManagerInterface|null $eventManager
-     * @param UserTokenParametersFactory|null $tokenParamsFactory
-     * @param UserTokenIssuerInterface|null $tokenIssuer
-     * @param UserTokenRevokerInterface|null $tokenRevoker
      */
     public function __construct(
-        TokenModelFactory $tokenModelFactory,
-        AccountManagementInterface $accountManagement,
-        TokenCollectionFactory $tokenModelCollectionFactory,
-        CredentialsValidator $validatorHelper,
-        ManagerInterface $eventManager = null,
-        ?UserTokenParametersFactory $tokenParamsFactory = null,
-        ?UserTokenIssuerInterface $tokenIssuer = null,
-        ?UserTokenRevokerInterface $tokenRevoker = null
+        private readonly AccountManagementInterface $accountManagement,
+        private readonly CredentialsValidator $validatorHelper,
+        private readonly TokenManager $tokenManager,
+        ManagerInterface $eventManager = null
     ) {
-        $this->accountManagement = $accountManagement;
-        $this->validatorHelper = $validatorHelper;
         $this->eventManager = $eventManager ?: ObjectManager::getInstance()->get(ManagerInterface::class);
-        $this->tokenParametersFactory = $tokenParamsFactory
-            ?? ObjectManager::getInstance()->get(UserTokenParametersFactory::class);
-        $this->tokenIssuer = $tokenIssuer ?? ObjectManager::getInstance()->get(UserTokenIssuerInterface::class);
-        $this->tokenRevoker = $tokenRevoker ?? ObjectManager::getInstance()->get(UserTokenRevokerInterface::class);
     }
 
     /**
@@ -102,6 +58,9 @@ public function createCustomerAccessToken($username, $password)
         $this->getRequestThrottler()->throttle($username, RequestThrottler::USER_TYPE_CUSTOMER);
         try {
             $customerDataObject = $this->accountManagement->authenticate($username, $password);
+        } catch (EmailNotConfirmedException $exception) {
+            $this->getRequestThrottler()->logAuthenticationFailure($username, RequestThrottler::USER_TYPE_CUSTOMER);
+            throw $exception;
         } catch (\Exception $e) {
             $this->getRequestThrottler()->logAuthenticationFailure($username, RequestThrottler::USER_TYPE_CUSTOMER);
             throw new AuthenticationException(
@@ -117,9 +76,9 @@ public function createCustomerAccessToken($username, $password)
             (int)$customerDataObject->getId(),
             CustomUserContext::USER_TYPE_CUSTOMER
         );
-        $params = $this->tokenParametersFactory->create();
+        $params = $this->tokenManager->createUserTokenParameters();
 
-        return $this->tokenIssuer->create($context, $params);
+        return $this->tokenManager->create($context, $params);
     }
 
     /**
@@ -132,7 +91,9 @@ public function createCustomerAccessToken($username, $password)
     public function revokeCustomerAccessToken($customerId)
     {
         try {
-            $this->tokenRevoker->revokeFor(new CustomUserContext((int)$customerId, CustomUserContext::USER_TYPE_CUSTOMER));
+            $this->tokenManager->revokeFor(
+                new CustomUserContext((int)$customerId, CustomUserContext::USER_TYPE_CUSTOMER)
+            );
         } catch (UserTokenException $exception) {
             throw new LocalizedException(__('Failed to revoke customer\'s access tokens'), $exception);
         }
@@ -144,6 +105,7 @@ public function revokeCustomerAccessToken($customerId)
      *
      * @return RequestThrottler
      * @deprecated 100.0.4
+     * @see no alternatives
      */
     private function getRequestThrottler()
     {
diff --git a/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/GenerateCustomerTokenTest.php b/dev/tests/api-functional/testsuite/Magento/GraphQl/Customer/GenerateCustomerTokenTest.php
@@ -7,10 +7,16 @@
 
 namespace Magento\GraphQl\Customer;
 
+use Magento\Customer\Api\AccountManagementInterface;
 use Magento\Customer\Model\Log;
 use Magento\Customer\Model\Logger;
+use Magento\Customer\Test\Fixture\Customer;
 use Magento\Framework\App\ResourceConnection;
 use Magento\Framework\DB\Adapter\AdapterInterface;
+use Magento\Framework\Exception\EmailNotConfirmedException;
+use Magento\TestFramework\Fixture\Config;
+use Magento\TestFramework\Fixture\DataFixture;
+use Magento\TestFramework\Fixture\DataFixtureStorageManager;
 use Magento\TestFramework\Helper\Bootstrap;
 use Magento\TestFramework\TestCase\GraphQlAbstract;
 
@@ -66,6 +72,27 @@ public function testGenerateCustomerTokenInvalidData(string $email, string $pass
         $this->graphQlMutation($mutation);
     }
 
+    #[
+        Config('customer/create_account/confirm', 1),
+        DataFixture(
+            Customer::class,
+            [
+                'email' => 'another@example.com',
+                'confirmation' => 'account_not_confirmed'
+            ],
+            'customer'
+        )
+    ]
+    public function testGenerateCustomerEmailNotConfirmed()
+    {
+        $this->expectException(\Exception::class);
+        $customer = DataFixtureStorageManager::getStorage()->get('customer');
+
+        $mutation = $this->getQuery($customer->getEmail());
+        $this->expectExceptionMessage("This account isn't confirmed. Verify and try again.");
+        $this->graphQlMutation($mutation);
+    }
+
     /**
      * Test customer token regeneration.
      *
diff --git a/dev/tests/integration/testsuite/Magento/Integration/Model/CustomerTokenServiceTest.php b/dev/tests/integration/testsuite/Magento/Integration/Model/CustomerTokenServiceTest.php
@@ -7,8 +7,13 @@
 namespace Magento\Integration\Model;
 
 use Magento\Customer\Api\AccountManagementInterface;
+use Magento\Customer\Test\Fixture\Customer;
+use Magento\Framework\Exception\EmailNotConfirmedException;
 use Magento\Framework\Exception\InputException;
 use Magento\Integration\Model\Oauth\Token as TokenModel;
+use Magento\TestFramework\Fixture\Config;
+use Magento\TestFramework\Fixture\DataFixture;
+use Magento\TestFramework\Fixture\DataFixtureStorageManager;
 use Magento\TestFramework\Helper\Bootstrap;
 
 /**
@@ -84,6 +89,29 @@ public function testCreateCustomerAccessTokenInvalidCustomer()
         );
     }
 
+    #[
+        Config('customer/create_account/confirm', 1, 'website'),
+        DataFixture(
+            Customer::class,
+            [
+                'email' => 'another@example.com',
+                'confirmation' => 'account_not_confirmed'
+            ],
+            'customer'
+        )
+    ]
+    public function testCreateCustomerAccessTokenEmailNotConfirmed()
+    {
+        $customer = DataFixtureStorageManager::getStorage()->get('customer');
+        $this->expectException(EmailNotConfirmedException::class);
+
+        $this->tokenService->createCustomerAccessToken($customer->getEmail(), 'password');
+
+        $this->expectExceptionMessage(
+            "This account isn't confirmed. Verify and try again."
+        );
+    }
+
     /**
      * Provider to test input validation
      *

Original file line number	Diff line number	Diff line change
`@@ -8,6 +8,7 @@`
`8`	`8`	`namespace Magento\CustomerGraphQl\Model\Resolver;`
`9`	`9`
`10`	`10`	`use Magento\Framework\Exception\AuthenticationException;`
	`11`	`+use Magento\Framework\Exception\EmailNotConfirmedException;`
`11`	`12`	`use Magento\Framework\GraphQl\Config\Element\Field;`
`12`	`13`	`use Magento\Framework\GraphQl\Exception\GraphQlAuthenticationException;`
`13`	`14`	`use Magento\Framework\GraphQl\Exception\GraphQlInputException;`
`@@ -55,8 +56,8 @@ public function resolve(`
`55`	`56`	`try {`
`56`	`57`	`$token = $this->customerTokenService->createCustomerAccessToken($args['email'], $args['password']);`
`57`	`58`	`return ['token' => $token];`
`58`		`- } catch (AuthenticationException $e) {`
`59`		`- throw new GraphQlAuthenticationException(__($e->getMessage()), $e);`
	`59`	`+ } catch (EmailNotConfirmedException\|AuthenticationException $e) {`
	`60`	`+ throw new GraphQlAuthenticationException(__($e->getRawMessage()), $e);`
`60`	`61`	`}`
`61`	`62`	`}`
`62`	`63`	`}`