login: Parse and validate realm-url input more like we do in zulip-mobile

For the corresponding logic in zulip-mobile, see
src/start/RealmInputScreen.js.

Between the URL parser we use here and the one we use in
zulip-mobile, probably the set of rejected strings won't match
exactly, but it'd be a surprising bug if either one rejects
reasonable strings that we could've used.

As in zulip-mobile, we distinguish validation errors we want to
report immediately, from ones we'll wait to report until the user
presses submit. (Compare this revision's `shouldDeferFeedback` to
the first bit of zulip-mobile's `getSuggestion`.)

Also add some tests, in an improvement over zulip-mobile.

Fixes-partly: zulip#35

Author: chrisbobbe

lib/widgets/login.dart

@@ -6,6 +6,7 @@ import '../api/route/realm.dart';
 import '../api/route/users.dart';
 import '../model/store.dart';
 import 'app.dart';
+import 'dialog.dart';
 import 'store.dart';
 
 class _LoginSequenceRoute extends MaterialPageRoute<void> {
@@ -14,6 +15,85 @@ class _LoginSequenceRoute extends MaterialPageRoute<void> {
   });
 }
 
+enum ServerUrlValidationError {
+  empty,
+  invalidUrl,
+  noUseEmail,
+  unsupportedSchemeZulip,
+  unsupportedSchemeOther;
+
+  /// Whether to wait until the user presses "submit" to give error feedback.
+  ///
+  /// True for errors that will often happen when the user just hasn't finished
+  /// typing a good URL. False for errors that strongly signal a wrong path was
+  /// taken, like when we recognize the form of an email address.
+  bool shouldDeferFeedback() {
+    switch (this) {
+      case empty:
+      case invalidUrl:
+        return true;
+      case noUseEmail:
+      case unsupportedSchemeZulip:
+      case unsupportedSchemeOther:
+        return false;
+    }
+  }
+
+  String message() { // TODO(i18n)
+    switch (this) {
+      case empty:
+        return 'Please enter a URL.';
+      case invalidUrl:
+        return 'Please enter a valid URL.';
+      case noUseEmail:
+        return 'Please enter the server URL, not your email.';
+      case unsupportedSchemeZulip:
+      case unsupportedSchemeOther:
+        return 'The server URL must start with http:// or https://.';
+    }
+  }
+}
+
+class ServerUrlParseResult {
+  ServerUrlParseResult({required this.url, required this.error});
+
+  final Uri? url;
+  final ServerUrlValidationError? error;
+}
+
+class ServerUrlTextEditingController extends TextEditingController {
+  ServerUrlParseResult tryParse() {
+    final trimmedText = text.trim();
+
+    if (trimmedText.isEmpty) {
+      return ServerUrlParseResult(url: null, error: ServerUrlValidationError.empty);
+    }
+
+    Uri? url = Uri.tryParse(trimmedText);
+    if (!RegExp(r'^https?://').hasMatch(trimmedText)) {
+      if (url != null && url.hasScheme && url.scheme == 'zulip') {
+        // Someone might get the idea to try one of the "zulip://" URLs that
+        // are discussed sometimes.
+        // TODO(log): Log to Sentry? How much does this happen, if at all? Maybe
+        //   log once when the input enters this error state, but don't spam
+        //   on every keystroke/render while it's in it.
+        return ServerUrlParseResult(url: null, error: ServerUrlValidationError.unsupportedSchemeZulip);
+      } else if (url != null && url.hasScheme && !RegExp(r'^https?$').hasMatch(url.scheme)) {
+        return ServerUrlParseResult(url: null, error: ServerUrlValidationError.unsupportedSchemeOther);
+      }
+      url = Uri.tryParse('https://$trimmedText');
+    }
+
+    if (url == null || !url.isAbsolute) {
+      return ServerUrlParseResult(url: null, error: ServerUrlValidationError.invalidUrl);
+    }
+    if (url.userInfo.isNotEmpty) {
+      return ServerUrlParseResult(url: null, error: ServerUrlValidationError.noUseEmail);
+    }
+    return ServerUrlParseResult(url: url, error: null);
+  }
+}
+
 class AddAccountPage extends StatefulWidget {
   const AddAccountPage({super.key});
 
@@ -27,27 +107,39 @@ class AddAccountPage extends StatefulWidget {
 }
 
 class _AddAccountPageState extends State<AddAccountPage> {
-  final TextEditingController _controller = TextEditingController();
+  final ServerUrlTextEditingController _controller = ServerUrlTextEditingController();
+  late ServerUrlParseResult _parseResult;
+
+  _serverUrlChanged() {
+    setState(() {
+      _parseResult = _controller.tryParse();
+    });
+  }
+
+  @override
+  void initState() {
+    super.initState();
+    _parseResult = _controller.tryParse();
+    _controller.addListener(_serverUrlChanged);
+  }
 
   @override
   void dispose() {
     _controller.dispose();
     super.dispose();
   }
 
-  Future<void> _onSubmitted(BuildContext context, String value) async {
-    final Uri? url = Uri.tryParse(value);
-    switch (url) {
-      case Uri(scheme: 'https' || 'http'):
-        // TODO(#35): validate realm URL further?
-        break;
-      default:
-        // TODO(#35): give feedback to user on bad realm URL
-        return;
+  Future<void> _onSubmitted(BuildContext context) async {
+    final ServerUrlParseResult(:url, :error) = _parseResult;
+    if (error != null) {
+      showErrorDialog(context: context,
+        title: 'Invalid input', message: error.message());
+      return;
     }
+    assert(url != null);
 
     // TODO(#35): show feedback that we're working, while fetching server settings
-    final serverSettings = await getServerSettings(realmUrl: url);
+    final serverSettings = await getServerSettings(realmUrl: url!);
     if (context.mounted) {} // https://github.com/dart-lang/linter/issues/4007
     else {
       return;
@@ -61,6 +153,8 @@ class _AddAccountPageState extends State<AddAccountPage> {
   @override
   Widget build(BuildContext context) {
     assert(!PerAccountStoreWidget.debugExistsOf(context));
+    final ServerUrlParseResult(:error) = _parseResult;
+
     // TODO(#35): more help to user on entering realm URL
     return Scaffold(
       appBar: AppBar(title: const Text('Add an account')),
@@ -71,12 +165,17 @@ class _AddAccountPageState extends State<AddAccountPage> {
             constraints: const BoxConstraints(maxWidth: 400),
             child: TextField(
               controller: _controller,
-              onSubmitted: (value) => _onSubmitted(context, value),
+              onSubmitted: (value) => _onSubmitted(context),
               keyboardType: TextInputType.url,
               decoration: InputDecoration(
                 labelText: 'Your Zulip server URL',
+                errorText: error == null || error.shouldDeferFeedback()
+                  ? null
+                  : error.message(),
                 suffixIcon: IconButton(
-                  onPressed: () => _onSubmitted(context, _controller.text),
+                  onPressed: error == null || error.shouldDeferFeedback()
+                    ? () => _onSubmitted(context)
+                    : null, // disabled; errorText will be present
                   icon: const Icon(Icons.arrow_forward))))))));
   }
 }

test/widgets/login_test.dart

@@ -0,0 +1,37 @@
+import 'package:checks/checks.dart';
+import 'package:flutter_test/flutter_test.dart';
+import 'package:zulip/widgets/login.dart';
+
+void main() {
+  group('ServerUrlTextEditingController.tryParse', () {
+    final controller = ServerUrlTextEditingController();
+
+    expectUrlFromText(String text, String expectedUrl) {
+      test('text "$text" gives URL "$expectedUrl"', () {
+        controller.text = text;
+        check(controller.tryParse().url.toString()).equals(expectedUrl);
+      });
+    }
+
+    expectErrorFromText(String text, ServerUrlValidationError expectedError) {
+      test('text "$text" gives error "$expectedError"', () {
+        controller.text = text;
+        check(controller.tryParse().error).equals(expectedError);
+      });
+    }
+
+    expectUrlFromText('https://chat.zulip.org',   'https://chat.zulip.org');
+    expectUrlFromText('https://chat.zulip.org/',  'https://chat.zulip.org/');
+    expectUrlFromText('http://chat.zulip.org',    'http://chat.zulip.org');
+    expectUrlFromText('chat.zulip.org',           'https://chat.zulip.org');
+    expectUrlFromText('192.168.1.21:9991',        'https://192.168.1.21:9991');
+    expectUrlFromText('http://192.168.1.21:9991', 'http://192.168.1.21:9991');
+
+    expectErrorFromText('',                  ServerUrlValidationError.empty);
+    expectErrorFromText(' ',                 ServerUrlValidationError.empty);
+    expectErrorFromText('zulip://foo',       ServerUrlValidationError.unsupportedSchemeZulip);
+    expectErrorFromText('ftp://foo',         ServerUrlValidationError.unsupportedSchemeOther);
+    expectErrorFromText('!@#*asd;l4fkj',     ServerUrlValidationError.invalidUrl);
+    expectErrorFromText('[email protected]', ServerUrlValidationError.noUseEmail);
+  });
+}