Jetpack sign in - Step 1: Fetch Jetpack e-mail address for flowing through Magic Links

[anitaa1990]

Partially fixes #1482. This PR completes the first step of the Jetpack sign in with self credentials as defined in the master thread.

Changes

• Revert existing logic of validating site url from FETCH_CONNECT_SITE_INFO endpoint and use the FETCH_WPCOM_SITE_BY_URL endpoint and initiate the discovery process. Since using the discovery endpoint to validate the site would interfere with the existing logic of logging in using wp.com credentials, I've moved the discovery process to initiate only when the user enters their username + password in the LoginUsernamePasswordFragment.
• Added a new button to LoginEmailFragment: Login via site credentials.
• Design changes:
  • Added label to the top of the LoginUsernamePasswordFragment.
  • Change hint text of username in LoginUsernamePasswordFragment.
• When site credentials are clicked:
  • Initialise the discovery process which will let us know if the XMLRPC endpoint is supported by the site. Note that the error handling during the discovery process will take place in another PR.
  • If jetpack is installed/active/connected: call the wp.getOptions endpoint to fetch the jetpack_user_email and store in SiteModel and redirect to the request magic link screen.
  • If jetpack NOT installed/active/connected: Redirect to a new fragment called LoginNoJetpackFragment.

Notes:

• This PR handles only the redirection to the magic link login. The design changes required in the magic link login will take place in another PR.
• Since this PR adds logic to initiate the discovery process, there are new error messages and error scenarios that need to be incorporated. This will likely take place in another PR.
• Since this PR removes the logic to validate site address using the FETCH_CONNECT_SITE_INFO endpoint, there are some events that will likely be invalidated once this feature is merged.
  • LOGIN_CONNECTED_SITE_INFO_FAILED
  • LOGIN_CONNECTED_SITE_INFO_SUCCEEDED
• The are TODO's added to the PR to add events to the button clicks. This will take place in another PR.
• Note that this PR is to be merged to a feature branch.

Deviations from design:

• The username hint in LoginUsernamePasswordFragment is set to just Username rather than just Username or Email because there is no option to pass email address via the API, just the username.

Behaviour

(LEFT: Login with self hosted site with Jetpack . RIGHT: Login with self hosted site without Jetpack)
.

Entering a non existent site:

Testing

• Verify that existing flow works as expected.
• Enter a non existent site and verify that an error message is displayed.
• Enter a non jetpack site and verify that Jetpack required screen is displayed.
  • Click on Sign in at the bottom of the screen.
  • Verify that the Email screen is displayed. Click on Login with site credentials.
  • Enter username + password and click on Next.
  • Verify that you are redirected to Jetpack needed screen.
  • Install, activate and connect Jetpack on your test site while in the app.
  • Click on Refresh the app link. Notice that you are redirected to the Site credentials screen.
  • Click on Next and verify that you are redirected to the Magic link sign in screen.
• Enter a jetpack site and verify that you are redirect to the email screen.
  • Click on Login with site credentials.
  • Enter username + password and click on Next and verify that you are redirected to the Magic link sign in screen.

Update release notes:

• I have considered if this change warrants user-facing release notes and have added them to RELEASE-NOTES.txt if necessary.

[peril-woocommerce]

	Fails
🚫	Danger failed to run /app/danger-0.4moim58yi9k.ts.
🚫	Danger failed to run /app/danger-0.ezuc6com3fn.ts.

	Warnings
⚠️	PR has more than 500 lines of code changing. Consider splitting into smaller PRs if possible.

Messages

📖

This PR contains changes in the subtree libs/login/. It is your responsibility to ensure these changes are merged back into wordpress-mobile/WordPress-Login-Flow-Android. Follow these handy steps! WARNING: Make sure your git version is 2.19.x or lower - there is currently a bug in later versions that will corrupt the subtree history! cd woocommerce-android git checkout anitaa/sign-in-with-self-hosted-credentials git subtree push --prefix=libs/login/ https://github.com/wordpress-mobile/WordPress-Login-Flow-Android.git merge/woocommerce-android/1483 Browse to https://github.com/wordpress-mobile/WordPress-Login-Flow-Android/pull/new/merge/woocommerce-android/1483 and open a new PR.

Error TypeError

Cannot read property 'added' of null
TypeError: Cannot read property 'added' of null
    at Object.exports.default (/app/danger-0.4moim58yi9k.ts:16:44)
    at process._tickCallback (internal/process/next_tick.js:68:7)

Dangerfile

11|         warn("The PlayStoreStrings.po file must be updated any time changes are made to release notes");
12|     }
13| 
14|     // If changes were made to the strings, make sure they follow our guidelines
15|     const modifiedStrings = modifiedFiles.filter((path: string) => path.endsWith('values/strings.xml'))
----------------------------------------------^
16| 
17|     for (let file of modifiedStrings) {        
18|         const stringDiffs = await danger.git.diffForFile(file)
19| 

Error TypeError

Cannot read property 'diff' of null
TypeError: Cannot read property 'diff' of null
    at checkCommitDiffs (/app/danger-0.ezuc6com3fn.ts:43:49)
    at process._tickCallback (internal/process/next_tick.js:68:7)

Dangerfile

38|         if (git === undefined) {
39|             console.log("About to crash due to an error")
40|             console.log("File:", thisFile)
41|             console.log("Danger Object: ", danger)
42| 
---------------------------------------------------^
43|             if (danger !== undefined) {
44|                 console.log("Danger is no longer defined")
45|             }
46|             else {

Generated by 🚫 dangerJS

[peril-woocommerce]

You can test the changes on this Pull Request by downloading the APK here.

[AmandaRiu]

@anitaa1990 Just a few review notes from tonight that are not related to our conversation around the discovery process that will change a bunch of this PR:

• Keyboard stays visible when navigating to the “Magic Link” screen as well as the new LoginNoJetpackFragment, but there are no text fields in these views.

• The new LoginNoJetpackFragment was a bit confusing since we already have a screen almost identical to this one. Is this necessary because technically the user isn’t logged into WPcom when they view it? It would be helpful if the layout file was populated with values similar to what the LoginNoJetpackFragment would populate it with so it’s easier to visualize since it’s only used by this fragment. It would also be helpful to remove anything that isn’t used by this fragment like the user_info_group and renaming the root from site_picker_root as it leads to a lot of confusion when trying to read the code.
• Also regarding the LoginNoJetpackFragment:

Where would I find this screen in the designs? The refresh the app to continue and Try again buttons do the same thing. The Log out in the username message looks like it should do something but it does not. I wonder if it would make more sense to have it follow the same layout as the current similar screen:

...except we change the primary button to LOGOUT (instead of having it at the top of the screen), and then set the secondary button to VIEW SETUP INSTRUCTIONS. Just some ideas if there is no official design yet. Looking forward to the next round!

[anitaa1990]

Thanks for the review @AmandaRiu!

As discussed, I've reverted to logic to validate the site using the discovery API in e601f9b. The discovery process will now be initiated only when the user clicks on the Login with site credentials and enters their username + password. Since there is no way to complete the jetpack sign in flow implemented in this PR, without calling the discovery API, I've moved this logic to a separate class called LoginBaseDiscoveryFragment. This only applies to Woo at the moment. I have not modified the existing implementation used by wp-android in LoginSiteAddressFragment.

Keyboard stays visible when navigating to the “Magic Link” screen as well as the new LoginNoJetpackFragment, but there are no text fields in these views.

I was not able to replicate this but I added code to close the keypad before redirecting to the "Magic link" or LoginNoJetpackFragment in aa28af6.

The new LoginNoJetpackFragment was a bit confusing since we already have a screen almost identical to this one. Is this necessary because technically the user isn’t logged into WPcom when they view it?

We need Jetpack to be installed/active/connected in order to support signing in with their site credentials. Only when Jetpack is connected, would we be able to get the jetpack_user_email connected with their username + password. And once the email is fetched, we can redirect them to the "Magic link" flow. I created a new fragment and xml file rather than reuse the existing one, because the existing one is in the SitePickerActivity which has a lot of logic in place to check if WooCommerce exists or if user is logged in etc. that is not relevant to this logic here. Since the layout is similar to what we use in the SitePickerActivity (minus the RecyclerView and some layouts specific to that screen), I just copied the layout relevant to the LoginNoJetpackFragment screen.

It would also be helpful to remove anything that isn’t used by this fragment like the user_info_group and renaming the root from site_picker_root as it leads to a lot of confusion when trying to read the code.

Done in 40b0360

The refresh the app to continue and Try again buttons do the same thing.

Agreed! I removed the Refresh the app to continue in 40b0360 since it was not in the design and since the Try Again button does the same thing.

The Log out in the username message looks like it should do something but it does not.

I forgot to add the logout click functionality before. I added it in 40b0360.

The design specs have two separate messages for when Jetpack is NOT installed and when Jetpack is installed but not connected. But since there is no way to know from the wp.getOptions API if jetpack is installed or installed but not connected, we're currently using only the LEFT side message in the app:

.

The entire design flow can be found in #1482 . PR ready for another round 👍

[AmandaRiu]

@anitaa1990 I've finished another round and really excited about the progress so far!

Testing

I ran the following tests (all passed):

Test Current Functionality

• Basic login - with Jetpack and Woo
• Basic login - without Jetpack
• Basic login - without Woo
• Basic login - site does not belong to WPcom account

Test New Functionality

• Site creds login - with Jetpack and Woo
• Site creds login - without Jetpack
• Enable jetpack from last step and refresh - should get redirected to the site creds screen.
• Site creds login - without Woo
• Site creds login - site with multiple jetpacked accounts

Other Testing

• Log in to a non-existent site
• Log in with a non-WP site
• Enter a jetpack site and verify directed to the magic link screen
• Enter a bad password for site creds
• Enter an invalid username for site creds

NoJetpackFragment Testing

• Logout functionality
• Try again functionality
• View instructions

Code Review

I also left a bunch of code comments in addition to the following:

This only applies to Woo at the moment. I have not modified the existing implementation used by wp-android in LoginSiteAddressFragment.

We should definitely port that change to the LoginSiteAddressFragment to avoid issues in the future. Since you’re adding this base class in this PR I think it makes the most sense to port that over in this PR to keep it altogether.

I created a new fragment and xml file rather than reuse the existing one, because the existing one is in the SitePickerActivity which has a lot of logic in place to check if WooCommerce exists or if user is logged in etc. that is not relevant to this logic here.

Makes sense to me! 👍

[AmandaRiu]

A lot of these constants have duplicates declared in different classes. Every String constant in Java takes up memory and there is no check for duplicate strings unless we use the .intern() method so I wonder if we should move some of these out into a single location so they are accessible to the login library as a whole? Not something you have to do, just food for thought.

[anitaa1990]

Thanks for the thorough review @AmandaRiu! I've fixed all the code changes and PR ready for another round 👍

We should definitely port that change to the LoginSiteAddressFragment to avoid issues in the future. Since you’re adding this base class in this PR I think it makes the most sense to port that over in this PR to keep it altogether.

I agree that we should definitely port the LoginBaseDiscooveryFragment changes to the LoginSiteAddressFragment. But I would like to work on this in another PR, if that's ok. This is because there is some discussion around how best to handle the error scenarios in our app:

And based on what we decide, we would be making changes to this class and it would make it easier to implement the changes first and then port things over from LoginSiteAddressFragment. What do you think? I've added a separate task for this in the master issue thread here, so it does not get missed.

[AmandaRiu]

LGTM!