Use compromised password body so default case is invalid account

Instead of checking for something different to "invalid account", check directly for "compromised password" body string so if we get something different it goes to the default case.
Simperium · Aug 11, 2021 · 186b036 · 186b036
1 parent bc04236
commit 186b036
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/Simperium/src/main/java/com/simperium/client/AuthException.java b/Simperium/src/main/java/com/simperium/client/AuthException.java
@@ -9,7 +9,7 @@ public class AuthException extends SimperiumException {
     static public final String GENERIC_FAILURE_MESSAGE = "Invalid username or password";
     static public final String EXISTING_USER_FAILURE_MESSAGE = "Account already exists";
     static public final String COMPROMISED_PASSWORD_MESSAGE = "Password has been compromised";
-    static public final String INVALID_LOGIN_BODY = "invalid login";
+    static public final String COMPROMISED_PASSWORD_BODY = "compromised password";
 
     static public final int ERROR_STATUS_CODE = -1;
 
@@ -44,7 +44,7 @@ public static AuthException exceptionForStatusCode(int statusCode, Throwable cau
             case 401:
                 // Code 401 can be obtain because credentials are wrong or the user's password has been compromised
                 // To differentiate both responses, we check the response's body
-                if (cause != null && !Objects.equals(cause.getMessage(), INVALID_LOGIN_BODY)) {
+                if (cause != null && Objects.equals(cause.getMessage(), COMPROMISED_PASSWORD_BODY)) {
                     return new AuthException(FailureType.COMPROMISED_PASSWORD, COMPROMISED_PASSWORD_MESSAGE, cause);
                 }
             default: