Handle multiple failed decryption calls better

Author: daniellevass

src/main/java/com/pusher/client/channel/PrivateEncryptedChannelEventListener.java

@@ -6,5 +6,5 @@
  */
 public interface PrivateEncryptedChannelEventListener extends PrivateChannelEventListener {
 
-    void onDecryptionFailure(Exception e);
+    void onDecryptionFailure(String event, String reason);
 }

src/main/java/com/pusher/client/channel/impl/PrivateEncryptedChannelImpl.java

@@ -129,43 +129,49 @@ public void updateState(ChannelState state) {
 
     @Override
     public PusherEvent prepareEvent(String event, String message) {
-        try {
-
-            Map receivedMessage = GSON.fromJson(message, Map.class);
-            final String decryptedMessage = decryptMessage((String) receivedMessage.get("data"));
-            receivedMessage.replace("data", decryptedMessage);
-
-            return GSON.fromJson(
-                    GSON.toJson(receivedMessage), PusherEvent.class);
 
-        } catch (AuthenticityException e1) {
-
-            // retry once only.
-            disposeSecretBoxOpener();
-            authenticate();
+        if (secretBoxOpener == null) {
+            notifyListenersOfDecryptFailure(event, "Too many failed attempts to decrypt a previous message.");
+        } else {
 
             try {
+
                 Map receivedMessage = GSON.fromJson(message, Map.class);
                 final String decryptedMessage = decryptMessage((String) receivedMessage.get("data"));
                 receivedMessage.replace("data", decryptedMessage);
 
                 return GSON.fromJson(
                         GSON.toJson(receivedMessage), PusherEvent.class);
-            } catch (AuthenticityException e2) {
+
+            } catch (AuthenticityException e1) {
+
+                // retry once only.
                 disposeSecretBoxOpener();
-                notifyListenersOfDecryptFailure(event);
+                authenticate();
+
+                try {
+                    Map receivedMessage = GSON.fromJson(message, Map.class);
+                    final String decryptedMessage = decryptMessage((String) receivedMessage.get("data"));
+                    receivedMessage.replace("data", decryptedMessage);
+
+                    return GSON.fromJson(
+                            GSON.toJson(receivedMessage), PusherEvent.class);
+                } catch (AuthenticityException e2) {
+                    disposeSecretBoxOpener();
+                    notifyListenersOfDecryptFailure(event, "Failed to decrypt message.");
+                }
             }
+
         }
-        
         return null;
     }
 
-    private void notifyListenersOfDecryptFailure(final String event) {
+    private void notifyListenersOfDecryptFailure(final String event, final String reason) {
         Set<SubscriptionEventListener> listeners = getInterestedListeners(event);
         if (listeners != null) {
             for (SubscriptionEventListener listener : listeners) {
                 ((PrivateEncryptedChannelEventListener)listener).onDecryptionFailure(
-                        new Exception("Failed to decrypt message"));
+                        event, reason);
             }
         }
     }

src/main/java/com/pusher/client/example/PrivateEncryptedChannelExampleApp.java

@@ -88,8 +88,8 @@ public void onError(String message, String code, Exception e) {
     }
 
     @Override
-    public void onDecryptionFailure(Exception e) {
+    public void onDecryptionFailure(String event, String reason) {
         System.out.println(String.format(
-                "An error was received decrypting message - exception: [%s]", e));
+                "An error was received decrypting message for event:[%s] - reason: [%s]", event, reason));
     }
 }

src/test/java/com/pusher/client/channel/impl/PrivateEncryptedChannelImplTest.java

@@ -1,14 +1,5 @@
 package com.pusher.client.channel.impl;
 
-import static org.junit.Assert.assertEquals;
-import static org.mockito.Matchers.any;
-import static org.mockito.Matchers.anyString;
-import static org.mockito.Matchers.eq;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.times;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.when;
-
 import com.pusher.client.AuthorizationFailureException;
 import com.pusher.client.Authorizer;
 import com.pusher.client.channel.ChannelEventListener;
@@ -21,12 +12,19 @@
 import org.junit.Before;
 import org.junit.Test;
 import org.junit.runner.RunWith;
-import org.mockito.ArgumentCaptor;
-import org.mockito.Captor;
 import org.mockito.Matchers;
 import org.mockito.Mock;
 import org.mockito.runners.MockitoJUnitRunner;
 
+import static org.junit.Assert.assertEquals;
+import static org.mockito.Matchers.any;
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Matchers.eq;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
 @RunWith(MockitoJUnitRunner.class)
 public class PrivateEncryptedChannelImplTest extends ChannelImplTest {
 
@@ -45,9 +43,6 @@ public class PrivateEncryptedChannelImplTest extends ChannelImplTest {
     @Mock
     SecretBoxOpenerFactory mockSecretBoxOpenerFactory;
 
-    @Captor
-    ArgumentCaptor<Exception> exceptionArgumentCaptor;
-
     @Override
     @Before
     public void setUp() {
@@ -255,7 +250,7 @@ public void onMessageRaisesExceptionWhenFailingToDecryptTwice() {
                 "\\\"ciphertext\\\": \\\"/GMESnFGlbNn01BuBjp31XYa3i9vZsGKR8fgR9EDhXKx3lzGiUD501A=\\\"" +
                 "}\"}");
 
-        verify(mockListener1).onDecryptionFailure(exceptionArgumentCaptor.capture());
+        verify(mockListener1).onDecryptionFailure(anyString(), anyString());
     }
 
     @Test
@@ -288,4 +283,43 @@ public void onMessageRetriesDecryptionOnce() {
         assertEquals("{\"message\":\"hello world\"}", argCaptor.getValue().getData());
     }
 
+    @Test
+    public void twoEventsReceivedWithIncorrectSharedSecret() {
+
+        PrivateEncryptedChannelImpl channel = new PrivateEncryptedChannelImpl(
+                mockInternalConnection,
+                getChannelName(),
+                mockAuthorizer,
+                factory,
+                mockSecretBoxOpenerFactory);
+
+        when(mockAuthorizer.authorize(Matchers.anyString(), Matchers.anyString()))
+                .thenReturn(AUTH_RESPONSE_INCORRECT_SHARED_SECRET)
+                .thenReturn(AUTH_RESPONSE_INCORRECT_SHARED_SECRET)
+                .thenReturn(AUTH_RESPONSE_INCORRECT_SHARED_SECRET);
+        when(mockSecretBoxOpenerFactory.create(any()))
+                .thenReturn(new SecretBoxOpener(Base64.decode(SHARED_SECRET_INCORRECT)))
+                .thenReturn(new SecretBoxOpener(Base64.decode(SHARED_SECRET_INCORRECT)))
+                .thenReturn(new SecretBoxOpener(Base64.decode(SHARED_SECRET_INCORRECT)));
+
+        channel.toSubscribeMessage();
+
+        PrivateEncryptedChannelEventListener mockListener1 = mock(PrivateEncryptedChannelEventListener.class);
+        channel.bind("my-event", mockListener1);
+        channel.onMessage("my-event", "{\"event\":\"event1\",\"data\":\"{" +
+                "\\\"nonce\\\": \\\"4sVYwy4j/8dCcjyxtPCWyk19GaaViaW9\\\"," +
+                "\\\"ciphertext\\\": \\\"/GMESnFGlbNn01BuBjp31XYa3i9vZsGKR8fgR9EDhXKx3lzGiUD501A=\\\"" +
+                "}\"}");
+
+        verify(mockListener1).onDecryptionFailure("my-event", "Failed to decrypt message.");
+
+        // send a second message
+        channel.onMessage("my-event", "{\"event\":\"event1\",\"data\":\"{" +
+                "\\\"nonce\\\": \\\"4sVYwy4j/8dCcjyxtPCWyk19GaaViaW9\\\"," +
+                "\\\"ciphertext\\\": \\\"/GMESnFGlbNn01BuBjp31XYa3i9vZsGKR8fgR9EDhXKx3lzGiUD501A=\\\"" +
+                "}\"}");
+
+        verify(mockListener1).onDecryptionFailure("my-event", "Too many failed attempts to decrypt a previous message.");
+    }
+
 }