Create lockout message for mobile users

app/assets/locales/android_translatable_strings.txt

@@ -511,6 +511,9 @@ refresh.build.settings.error=No refresh occurred. In order to use this utility,
 login.attempt.fail.auth.title=Invalid Username or Password
 login.attempt.fail.auth.detail=Your username or password was not recognized, please type them again and retry.
 
+login.attempts.exceeded.auth.title=Maximum password attempts exceeded
+login.attempts.exceeded.auth.detail=Your user account has been locked due to too many attempts. Please contact your supervisor or CommCare Support.
+
 login.attempt.fail.empty.url.title=Url not set
 login.attempt.fail.empty.url.detail=Sync url is empty. Please contact CommCare Support.
 

app/src/org/commcare/engine/references/JavaHttpReference.java

@@ -78,7 +78,7 @@ public InputStream getStream(Map<String, String> params) throws IOException {
             return response.body().byteStream();
         } else {
             if (response.code() == 406) {
-                throw new IOException(HttpUtils.parseUserVisibleError(response));
+                throw new IOException(HttpUtils.parseUserVisibleError(response, true));
             } else if (response.code() == 503) {
                 throw new RateLimitedException();
             }

app/src/org/commcare/network/HttpCalloutTask.java

@@ -1,7 +1,12 @@
 package org.commcare.network;
 
+import static org.commcare.network.HttpCalloutTask.ResponseBodyErrorMessages.retrieveErrorMessageValue;
+import static org.commcare.network.HttpUtils.parseUserVisibleError;
+
 import android.content.Context;
 
+import okhttp3.ResponseBody;
+
 import org.commcare.core.network.AuthenticationInterceptor;
 import org.commcare.core.network.CaptivePortalRedirectException;
 import org.commcare.core.network.ModernHttpRequester;
@@ -18,16 +23,15 @@
 import org.javarosa.xml.util.UnfullfilledRequirementsException;
 import org.xmlpull.v1.XmlPullParserException;
 
+import retrofit2.Response;
+
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.OutputStream;
 import java.net.UnknownHostException;
 
 import javax.net.ssl.SSLException;
 
-import okhttp3.ResponseBody;
-import retrofit2.Response;
-
 /**
  * @author ctsims
  */
@@ -43,9 +47,29 @@ public enum HttpCalloutOutcomes {
         NetworkFailureBadPassword,
         IncorrectPin,
         AuthOverHttp,
+        LockedOutUser,
         CaptivePortal
     }
 
+    // Stores HTTP response body error messages associated with 401s
+    public enum ResponseBodyErrorMessages {
+        Max_Login_Attempts_Exceeded("maximum password attempts exceeded"),
+        No_Error_Message("");
+        private final String errorMessage;
+
+        ResponseBodyErrorMessages(String errorMessage) {
+            this.errorMessage = errorMessage;
+        }
+        public static ResponseBodyErrorMessages retrieveErrorMessageValue(String errorMessage){
+            for (ResponseBodyErrorMessages msgs : ResponseBodyErrorMessages.values()){
+                if (msgs.errorMessage.equals(errorMessage)){
+                    return msgs;
+                }
+            }
+            throw new IllegalArgumentException("HTTP Response body error message not recognized: "+ errorMessage);
+        }
+    }
+
     private final Context c;
 
     public HttpCalloutTask(Context c) {
@@ -179,7 +203,13 @@ protected void beginResponseHandling(Response response) {
     }
 
     protected HttpCalloutOutcomes doResponseAuthFailed(Response response) {
-        return HttpCalloutOutcomes.AuthFailed;
+        switch (retrieveErrorMessageValue(parseUserVisibleError(response, false))){
+            case Max_Login_Attempts_Exceeded:
+                return HttpCalloutOutcomes.LockedOutUser;
+            default:
+                return HttpCalloutOutcomes.AuthFailed;
+        }
+
     }
 
     protected abstract HttpCalloutOutcomes doResponseOther(Response response);

app/src/org/commcare/network/HttpUtils.java

@@ -26,6 +26,10 @@
  */
 public class HttpUtils {
 
+
+    private static final String ERROR_BODY_DEFAULT_RESPONSE_KEY = "default_response";
+    private static final String ERROR_BODY_ERROR_MESSAGE_KEY = "error";
+
     public static String getCredential(AuthInfo authInfo) {
         if (authInfo instanceof AuthInfo.ProvidedAuth) {
             return getCredential(buildDomainUser(authInfo.username), authInfo.password);
@@ -73,15 +77,19 @@ private static String getCredential(String username, String password) {
         }
     }
 
-    public static String parseUserVisibleError(Response<ResponseBody> response) {
+    public static String parseUserVisibleError(Response<ResponseBody> response, boolean isMessageLocalized) {
         String message;
         String responseStr = null;
         try {
             responseStr = response.errorBody().string();
             JSONObject errorKeyAndDefault = new JSONObject(responseStr);
-            message = Localization.getWithDefault(
-                    errorKeyAndDefault.getString("error"),
-                    errorKeyAndDefault.getString("default_response"));
+            if (isMessageLocalized) {
+                message = Localization.getWithDefault(
+                        errorKeyAndDefault.getString(ERROR_BODY_ERROR_MESSAGE_KEY),
+                        errorKeyAndDefault.getString(ERROR_BODY_DEFAULT_RESPONSE_KEY));
+            } else {
+                message = errorKeyAndDefault.getString(ERROR_BODY_ERROR_MESSAGE_KEY);
+            }
         } catch (JSONException | IOException e) {
             message = responseStr != null ? responseStr : "Unknown issue";
         }

app/src/org/commcare/tasks/DataPullTask.java

@@ -337,7 +337,7 @@ private ResultAndError<PullTaskResult> makeRequestAndHandleResponse(AndroidTrans
     }
 
     private ResultAndError<PullTaskResult> processErrorResponseWithMessage(RemoteDataPullResponse pullResponse) {
-        return new ResultAndError<>(PullTaskResult.ACTIONABLE_FAILURE, HttpUtils.parseUserVisibleError(pullResponse.getResponse()));
+        return new ResultAndError<>(PullTaskResult.ACTIONABLE_FAILURE, HttpUtils.parseUserVisibleError(pullResponse.getResponse(), true));
     }
 
     private ResultAndError<PullTaskResult> handleAuthFailed() {

app/src/org/commcare/tasks/ManageKeyRecordTask.java

@@ -207,6 +207,10 @@ protected void keysDoneOther(R receiver, HttpCalloutOutcomes outcome) {
                 Logger.log(LogTypes.TYPE_USER, "ManageKeyRecordTask error|captive portal detected");
                 receiver.raiseLoginMessage(StockMessages.Sync_CaptivePortal, true);
                 break;
+            case LockedOutUser:
+                Logger.log(LogTypes.TYPE_USER, "ManageKeyRecordTask error|maximum login attempts exceeded");
+                receiver.raiseLoginMessage(StockMessages.Auth_UserLockedOut, false);
+                break;
             default:
                 break;
         }

app/src/org/commcare/utils/FormUploadUtil.java

@@ -226,7 +226,7 @@ private static FormUploadResult submitEntity(List<MultipartBody.Part> parts, Str
     }
 
     private static FormUploadResult processActionableFaiure(Response<ResponseBody> response) {
-        String message = parseUserVisibleError(response);
+        String message = parseUserVisibleError(response, true);
         FormUploadResult result = FormUploadResult.ACTIONABLE_FAILURE;
         result.setErrorMessage(message);
         return result;

app/src/org/commcare/views/notifications/NotificationMessageFactory.java

@@ -162,7 +162,12 @@ public enum StockMessages implements MessageTag {
         /**
          * Bad SSL Certificate *
          */
-        BadSslCertificate("notification.bad.certificate");
+        BadSslCertificate("notification.bad.certificate"),
+
+        /**
+         * Exceeded the maximum number of login attempts *
+         */
+        Auth_UserLockedOut("login.attempts.exceeded.auth");
 
         StockMessages(String root) {
             this.root = root;