feat: [SIW-1971,SIW-2255,SIW-2258] Remote presentation error handling (#6917)

> [!WARNING]
> Depends on [this
PR](pagopa/io-react-native-wallet#223)

## Short description
This PR adds handling for certain potential errors in the remote
presentation flow.

## List of changes proposed in this pull request
- Implemented an error screen that allows users to retry the remote
presentation if a communication error occurs during the auth/response
step.
- Implemented an error screen to inform the user when the RP fails to
verify the Authorization Response. This screen will provide some useful
details about the encountered error.
- Implemented an error screen shown when the RP returns a non-compliant
Request Object.

## Demo
<details><summary>Auth Response Errors</summary>
<p>

| Communication Error | Verification Error|
|--------|--------|
|<video
src="https://github.com/user-attachments/assets/ad045d7c-3cde-47ac-9654-1497ce21aded"></video>|
<video
src="https://github.com/user-attachments/assets/c6fa7a53-da0a-446b-830b-9b305888eb47"></video>|

</p>
</details> 

<details><summary>Non-Compliant Request Object</summary>
<p>

| Invalid Req Obj | Invalid Dcql Query |
|--------|--------|
|<video
src="https://github.com/user-attachments/assets/d33fffb4-438d-4c2f-95ef-8163c1d5b7b9"></video>|
<video
src="https://github.com/user-attachments/assets/c6295b97-2af8-49c5-afb1-124b75e7ff1f"></video>|

</p>
</details> 

## How to test
### Auth Response Error
Using a proxy tool (I used Proxyman), intercept the POST request to
`auth/response` to simulate a communication error (such as a 500 status
code) or a validation error returned by the RP (status code 400 or 403),
in order to display the two error screens shown in the demo.
### Non-Compliant Request Object
- **Invalid Request Object:**
- From the
`node_modules/@pagopa/io-react-native-wallet/src/credential/presentation/05-verify-request-object.ts`
file, make the `verifyRequestObject` function throw an
`InvalidRequestObjectError`.
- **Invalid Dcql Query:** 
- In the `ts/features/itwallet/presentation/remote/machine/actors.ts`
file, modify the `requestObject.dcql_query` value before calling
`evaluateDcqlQuery`.

> [!NOTE]
> The tests shown in the demo were performed using the test RP

---------

Co-authored-by: Gianluca Spada <[email protected]>
Co-authored-by: RiccardoMolinari95 <[email protected]>

Author: 3 people

locales/en/index.json

@@ -4743,6 +4743,25 @@
             "primaryAction": "Inizia",
             "secondaryAction": "Annulla"
           },
+          "relyingParty": {
+            "genericError": {
+              "title": "Comunicazione interrotta",
+              "subtitle": "Si è verificato un problema che ha impedito la comunicazione con l’ente.\n\nGenera un nuovo QR Code e riprova.",
+              "primaryAction": "Riprova",
+              "secondaryAction": "Chiudi"
+            },
+            "invalidAuthResponse": {
+              "title": "Non è possibile continuare",
+              "subtitle": "Verifica di essere in possesso dei requisiti necessari per accedere ai servizi.",
+              "primaryAction": "Ho capito",
+              "secondaryAction": "Maggiori dettagli"
+            },
+            "invalidRequestObject": {
+              "title": "Non puoi continuare con la richiesta",
+              "subtitle": "L’ente che richiede la verifica non sta comunicando i dati necessari per continuare. Riprova più tardi.",
+              "primaryAction": "Ho capito"
+            }
+          },
           "untrustedRpScreen": {
             "title": "Questo ente non è verificato",
             "subtitle": "Per la tua sicurezza, IO permette di condividere le tue informazioni solo con enti verificati e certificati.",

locales/it/index.json

@@ -4743,6 +4743,25 @@
             "primaryAction": "Inizia",
             "secondaryAction": "Annulla"
           },
+          "relyingParty": {
+            "genericError": {
+              "title": "Comunicazione interrotta",
+              "subtitle": "Si è verificato un problema che ha impedito la comunicazione con l’ente.\n\nGenera un nuovo QR Code e riprova.",
+              "primaryAction": "Riprova",
+              "secondaryAction": "Chiudi"
+            },
+            "invalidAuthResponse": {
+              "title": "Non è possibile continuare",
+              "subtitle": "Verifica di essere in possesso dei requisiti necessari per accedere ai servizi.",
+              "primaryAction": "Ho capito",
+              "secondaryAction": "Maggiori dettagli"
+            },
+            "invalidRequestObject": {
+              "title": "Non puoi continuare con la richiesta",
+              "subtitle": "L’ente che richiede la verifica non sta comunicando i dati necessari per continuare. Riprova più tardi.",
+              "primaryAction": "Ho capito"
+            }
+          },
           "untrustedRpScreen": {
             "title": "Questo ente non è verificato",
             "subtitle": "Per la tua sicurezza, IO permette di condividere le tue informazioni solo con enti verificati e certificati.",

package.json

@@ -67,7 +67,7 @@
     "@pagopa/io-react-native-jwt": "^2.1.0",
     "@pagopa/io-react-native-login-utils": "^1.0.8",
     "@pagopa/io-react-native-secure-storage": "^0.2.0",
-    "@pagopa/io-react-native-wallet": "^0.29.0",
+    "@pagopa/io-react-native-wallet": "^0.30.0",
     "@pagopa/io-react-native-zendesk": "^0.3.30",
     "@pagopa/react-native-cie": "^1.4.2",
     "@pagopa/ts-commons": "^10.15.0",

ts/features/itwallet/common/hooks/useItwFailureSupportModal.tsx

@@ -36,6 +36,7 @@ import { clipboardSetStringWithFeedback } from "../../../../utils/clipboard";
 import { IssuanceFailure } from "../../machine/eid/failure";
 import { CredentialIssuanceFailure } from "../../machine/credential/failure";
 import { ItwFailure } from "../utils/ItwFailureTypes.ts";
+import { RemoteFailure } from "../../presentation/remote/machine/failure.ts";
 
 const { isWalletProviderResponseError, isIssuerResponseError } = Errors;
 
@@ -91,7 +92,11 @@ const extractErrorCode = (failure: Props["failure"]) => {
 const isDefined = <T,>(x: T | undefined | null | ""): x is T => Boolean(x);
 
 type Props = {
-  failure: IssuanceFailure | CredentialIssuanceFailure | ItwFailure;
+  failure:
+    | IssuanceFailure
+    | CredentialIssuanceFailure
+    | ItwFailure
+    | RemoteFailure;
   credentialType?: string;
   supportChatEnabled: boolean;
   zendeskSubcategory: ZendeskSubcategoryValue;

ts/features/itwallet/presentation/remote/machine/actions.ts

@@ -1,6 +1,7 @@
 import { useIONavigation } from "../../../../../navigation/params/AppParamsList.ts";
 import { ITW_REMOTE_ROUTES } from "../navigation/routes.ts";
 import { ITW_ROUTES } from "../../../navigation/routes.ts";
+import ROUTES from "../../../../../navigation/routes.ts";
 
 export const createRemoteActionsImplementation = (
   navigation: ReturnType<typeof useIONavigation>
@@ -24,6 +25,10 @@ export const createRemoteActionsImplementation = (
     });
   },
 
+  navigateToBarcodeScanScreen: () => {
+    navigation.navigate(ROUTES.BARCODE_SCAN);
+  },
+
   navigateToAuthResponseScreen: () => {
     navigation.navigate(ITW_REMOTE_ROUTES.MAIN, {
       screen: ITW_REMOTE_ROUTES.AUTH_RESPONSE

ts/features/itwallet/presentation/remote/machine/events.ts

@@ -13,6 +13,10 @@ export type GoToIdentificationMode = {
   type: "go-to-identification-mode";
 };
 
+export type GoToBarcodeScan = {
+  type: "go-to-barcode-scan";
+};
+
 export type Back = {
   type: "back";
 };
@@ -34,6 +38,7 @@ export type RemoteEvents =
   | Start
   | GoToWalletActivation
   | GoToIdentificationMode
+  | GoToBarcodeScan
   | Consent
   | ToggleCredential
   | Back

ts/features/itwallet/presentation/remote/machine/failure.ts

@@ -1,4 +1,4 @@
-import { Credential } from "@pagopa/io-react-native-wallet";
+import { Credential, Errors } from "@pagopa/io-react-native-wallet";
 import { isDefined } from "../../../../../utils/guards.ts";
 import { RemoteEvents } from "./events.ts";
 
@@ -8,9 +8,30 @@ export enum RemoteFailureType {
   WALLET_INACTIVE = "WALLET_INACTIVE",
   MISSING_CREDENTIALS = "MISSING_CREDENTIALS",
   EID_EXPIRED = "EID_EXPIRED",
+  RELYING_PARTY_GENERIC = "RELYING_PARTY_GENERIC",
+  RELYING_PARTY_INVALID_AUTH_RESPONSE = "RELYING_PARTY_INVALID_AUTH_RESPONSE",
+  INVALID_REQUEST_OBJECT = "INVALID_REQUEST_OBJECT",
   UNTRUSTED_RP = "UNTRUSTED_RP",
   UNEXPECTED = "UNEXPECTED"
 }
+const { isRelyingPartyResponseError, RelyingPartyResponseErrorCodes: Codes } =
+  Errors;
+
+/**
+ * Type that contains the possible error types thrown when the requested Request Object is invalid.
+ */
+type InvalidRequestObjectError =
+  | Credential.Presentation.Errors.InvalidRequestObjectError
+  | Credential.Presentation.Errors.DcqlError;
+
+/**
+ * Guard used to check if the error is of type `InvalidRequestObjectError`
+ */
+const isRequestObjectInvalidError = (
+  error: unknown
+): error is InvalidRequestObjectError =>
+  error instanceof Credential.Presentation.Errors.InvalidRequestObjectError ||
+  error instanceof Credential.Presentation.Errors.DcqlError;
 
 /**
  * Type that maps known reasons with the corresponding failure, in order to avoid unknowns as much as possible.
@@ -21,6 +42,9 @@ export type ReasonTypeByFailure = {
     missingCredentials: Array<string>;
   };
   [RemoteFailureType.EID_EXPIRED]: string;
+  [RemoteFailureType.RELYING_PARTY_GENERIC]: Errors.RelyingPartyResponseError;
+  [RemoteFailureType.RELYING_PARTY_INVALID_AUTH_RESPONSE]: Errors.RelyingPartyResponseError;
+  [RemoteFailureType.INVALID_REQUEST_OBJECT]: InvalidRequestObjectError;
   [RemoteFailureType.UNTRUSTED_RP]: string;
   [RemoteFailureType.UNEXPECTED]: unknown;
 };
@@ -29,7 +53,7 @@ type TypedRemoteFailures = {
   [K in RemoteFailureType]: { type: K; reason: ReasonTypeByFailure[K] };
 };
 
-/*
+/**
  * Union type of failures with the reason properly typed.
  */
 export type RemoteFailure = TypedRemoteFailures[keyof TypedRemoteFailures];
@@ -62,6 +86,24 @@ export const mapEventToFailure = (event: RemoteEvents): RemoteFailure => {
     };
   }
 
+  if (isRelyingPartyResponseError(error, Codes.InvalidAuthorizationResponse)) {
+    return {
+      type: RemoteFailureType.RELYING_PARTY_INVALID_AUTH_RESPONSE,
+      reason: error
+    };
+  }
+  if (isRelyingPartyResponseError(error, Codes.RelyingPartyGenericError)) {
+    return {
+      type: RemoteFailureType.RELYING_PARTY_GENERIC,
+      reason: error
+    };
+  }
+  if (isRequestObjectInvalidError(error)) {
+    return {
+      type: RemoteFailureType.INVALID_REQUEST_OBJECT,
+      reason: error
+    };
+  }
   return {
     type: RemoteFailureType.UNEXPECTED,
     reason: String(error)

ts/features/itwallet/presentation/remote/machine/machine.ts

@@ -28,6 +28,7 @@ export const itwRemoteMachine = setup({
     navigateToClaimsDisclosureScreen: notImplemented,
     navigateToIdentificationModeScreen: notImplemented,
     navigateToAuthResponseScreen: notImplemented,
+    navigateToBarcodeScanScreen: notImplemented,
     closePresentation: notImplemented
   },
   actors: {
@@ -209,6 +210,9 @@ export const itwRemoteMachine = setup({
         "go-to-identification-mode": {
           actions: "navigateToIdentificationModeScreen"
         },
+        "go-to-barcode-scan": {
+          actions: "navigateToBarcodeScanScreen"
+        },
         close: {
           actions: "closePresentation"
         }

ts/features/itwallet/presentation/remote/screens/ItwRemoteFailureScreen.tsx

@@ -17,6 +17,14 @@ import { useIONavigation } from "../../../../../navigation/params/AppParamsList.
 import { ITW_ROUTES } from "../../../navigation/routes.ts";
 import { useItwRemoteUntrustedRPBottomSheet } from "../hooks/useItwRemoteUntrustedRPBottomSheet.tsx";
 import { useItwDismissalDialog } from "../../../common/hooks/useItwDismissalDialog.tsx";
+import {
+  useItwFailureSupportModal,
+  ZendeskSubcategoryValue
+} from "../../../common/hooks/useItwFailureSupportModal.tsx";
+
+const zendeskAssistanceErrors = [
+  RemoteFailureType.RELYING_PARTY_INVALID_AUTH_RESPONSE
+];
 
 export const ItwRemoteFailureScreen = () => {
   const failureOption =
@@ -48,6 +56,12 @@ const ContentView = ({ failure }: ContentViewProps) => {
     customBodyMessage: I18n.t(`${i18nNs}.walletInactiveScreen.alert.body`)
   });
 
+  const failureSupportModal = useItwFailureSupportModal({
+    failure,
+    supportChatEnabled: zendeskAssistanceErrors.includes(failure.type),
+    zendeskSubcategory: ZendeskSubcategoryValue.IT_WALLET_PRESENTAZIONE_REMOTA
+  });
+
   const getOperationResultScreenContentProps =
     (): OperationResultScreenContentProps => {
       switch (failure.type) {
@@ -139,6 +153,69 @@ const ContentView = ({ failure }: ContentViewProps) => {
             }
           };
         }
+        case RemoteFailureType.RELYING_PARTY_INVALID_AUTH_RESPONSE: {
+          return {
+            title: I18n.t(
+              "features.itWallet.presentation.remote.relyingParty.invalidAuthResponse.title"
+            ),
+            subtitle: I18n.t(
+              "features.itWallet.presentation.remote.relyingParty.invalidAuthResponse.subtitle"
+            ),
+            pictogram: "stopSecurity",
+            action: {
+              label: I18n.t(
+                "features.itWallet.presentation.remote.relyingParty.invalidAuthResponse.primaryAction"
+              ),
+              onPress: () => machineRef.send({ type: "close" })
+            },
+            secondaryAction: {
+              label: I18n.t(
+                "features.itWallet.presentation.remote.relyingParty.invalidAuthResponse.secondaryAction"
+              ),
+              onPress: failureSupportModal.present
+            }
+          };
+        }
+        case RemoteFailureType.RELYING_PARTY_GENERIC: {
+          return {
+            title: I18n.t(
+              "features.itWallet.presentation.remote.relyingParty.genericError.title"
+            ),
+            subtitle: I18n.t(
+              "features.itWallet.presentation.remote.relyingParty.genericError.subtitle"
+            ),
+            pictogram: "umbrella",
+            action: {
+              label: I18n.t(
+                "features.itWallet.presentation.remote.relyingParty.genericError.primaryAction"
+              ),
+              onPress: () => machineRef.send({ type: "go-to-barcode-scan" })
+            },
+            secondaryAction: {
+              label: I18n.t(
+                "features.itWallet.presentation.remote.relyingParty.genericError.secondaryAction"
+              ),
+              onPress: () => machineRef.send({ type: "close" })
+            }
+          };
+        }
+        case RemoteFailureType.INVALID_REQUEST_OBJECT: {
+          return {
+            title: I18n.t(
+              "features.itWallet.presentation.remote.relyingParty.invalidRequestObject.title"
+            ),
+            subtitle: I18n.t(
+              "features.itWallet.presentation.remote.relyingParty.invalidRequestObject.subtitle"
+            ),
+            pictogram: "umbrella",
+            action: {
+              label: I18n.t(
+                "features.itWallet.presentation.remote.relyingParty.invalidRequestObject.primaryAction"
+              ),
+              onPress: () => machineRef.send({ type: "close" })
+            }
+          };
+        }
         case RemoteFailureType.UNTRUSTED_RP: {
           return {
             title: I18n.t(
@@ -174,6 +251,7 @@ const ContentView = ({ failure }: ContentViewProps) => {
         subtitleProps={{ textBreakStrategy: "simple" }}
       />
       {bottomSheet}
+      {failureSupportModal.bottomSheet}
     </>
   );
 };

yarn.lock

@@ -3873,9 +3873,9 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@pagopa/io-react-native-wallet@npm:^0.29.0":
-  version: 0.29.0
-  resolution: "@pagopa/io-react-native-wallet@npm:0.29.0"
+"@pagopa/io-react-native-wallet@npm:^0.30.0":
+  version: 0.30.0
+  resolution: "@pagopa/io-react-native-wallet@npm:0.30.0"
   dependencies:
     dcql: ^0.2.21
     js-base64: ^3.7.7
@@ -3891,7 +3891,7 @@ __metadata:
     "@pagopa/io-react-native-jwt": "*"
     react: "*"
     react-native: "*"
-  checksum: daebb39e3bb29d82a984abec5661ec03347209ee74638178849b1d5a4c0c0c7e947ed82cd0d002929c18a82a3511e4e0c2307f97997e36aada73e421d8e1873d
+  checksum: 4ffbb017900c41267ea896d4a6ac754452a2e81bde52c35b096a283908198606ad18843e11201a51e9699c7f6e02297f5a6c67869e93888038c20b0e4c17c075
   languageName: node
   linkType: hard
 
@@ -13675,7 +13675,7 @@ __metadata:
     "@pagopa/io-react-native-jwt": ^2.1.0
     "@pagopa/io-react-native-login-utils": ^1.0.8
     "@pagopa/io-react-native-secure-storage": ^0.2.0
-    "@pagopa/io-react-native-wallet": ^0.29.0
+    "@pagopa/io-react-native-wallet": ^0.30.0
     "@pagopa/io-react-native-zendesk": ^0.3.30
     "@pagopa/openapi-codegen-ts": ^14.0.0
     "@pagopa/react-native-cie": ^1.4.2