On same email login also complete the login flow

franco-zalamena-iterable · franco-zalamena-iterable · commit db3f49f7ab4e · 2026-03-13T19:09:37.000Z
diff --git a/iterableapi/src/main/java/com/iterable/iterableapi/IterableApi.java b/iterableapi/src/main/java/com/iterable/iterableapi/IterableApi.java
@@ -1076,6 +1076,9 @@ public void setEmail(@Nullable String email, @Nullable String authToken, @Nullab
 
         if (_email != null && _email.equals(email)) {
             checkAndUpdateAuthToken(authToken);
+            _setUserSuccessCallbackHandler = successHandler;
+            _setUserFailureCallbackHandler = failureHandler;
+            onLogin(authToken, email, true, merge, replay, false, failureHandler);
             return;
         }
 
@@ -1146,6 +1149,9 @@ public void setUserId(@Nullable String userId, @Nullable String authToken, @Null
 
         if (_userId != null && _userId.equals(userId)) {
             checkAndUpdateAuthToken(authToken);
+            _setUserSuccessCallbackHandler = successHandler;
+            _setUserFailureCallbackHandler = failureHandler;
+            onLogin(authToken, userId, false, merge, replay, isUnknown, failureHandler);
             return;
         }
 
diff --git a/iterableapi/src/test/java/com/iterable/iterableapi/IterableApiAuthSecurityTests.java b/iterableapi/src/test/java/com/iterable/iterableapi/IterableApiAuthSecurityTests.java
@@ -141,6 +141,53 @@ public void testCompleteUserLogin_WithJWTAuth_WithToken_ExecutesSensitiveOps() t
         verify(mockEmbeddedManager).syncMessages();
     }
 
+    /**
+     * Regression test: calling setEmail with the same email that's already set (e.g. after app
+     * restart where email is restored from keychain) should still trigger the full login flow
+     * (request auth token, syncInApp, syncMessages).
+     *
+     * Previously, the same-email path called checkAndUpdateAuthToken(null) which did nothing,
+     * so no login side effects occurred.
+     */
+    @Test
+    public void testSetEmail_SameEmail_StillTriggersLogin() throws Exception {
+        initIterableWithAuth();
+
+        dispatcher.enqueueResponse("/users/update", new MockResponse().setResponseCode(200).setBody("{}"));
+        doReturn(validJWT).when(authHandler).onAuthTokenRequested();
+
+        IterableApi api = spy(IterableApi.getInstance());
+        IterableApi.sharedInstance = api;
+
+        IterableInAppManager mockInAppManager = mock(IterableInAppManager.class);
+        IterableEmbeddedManager mockEmbeddedManager = mock(IterableEmbeddedManager.class);
+        when(api.getInAppManager()).thenReturn(mockInAppManager);
+        when(api.getEmbeddedManager()).thenReturn(mockEmbeddedManager);
+
+        // First login — triggers full flow
+        api.setEmail("user@example.com");
+        server.takeRequest(1, TimeUnit.SECONDS);
+        shadowOf(getMainLooper()).idle();
+
+        verify(mockInAppManager).syncInApp();
+        verify(mockEmbeddedManager).syncMessages();
+
+        // Clear invocations so we can verify the second call independently
+        org.mockito.Mockito.clearInvocations(mockInAppManager, mockEmbeddedManager);
+
+        // Enqueue another response for the second login's /users/update call
+        dispatcher.enqueueResponse("/users/update", new MockResponse().setResponseCode(200).setBody("{}"));
+
+        // Second login with SAME email — simulates app restart where email is in keychain
+        api.setEmail("user@example.com");
+        server.takeRequest(1, TimeUnit.SECONDS);
+        shadowOf(getMainLooper()).idle();
+
+        // This SHOULD still trigger login side effects
+        verify(mockInAppManager).syncInApp();
+        verify(mockEmbeddedManager).syncMessages();
+    }
+
     /**
      * Test that completeUserLogin executes sensitive operations when JWT auth is NOT enabled,
      * even without an authToken.
diff --git a/iterableapi/src/test/java/com/iterable/iterableapi/IterableApiAuthTests.java b/iterableapi/src/test/java/com/iterable/iterableapi/IterableApiAuthTests.java
@@ -1,5 +1,7 @@
 package com.iterable.iterableapi;
 
+import android.content.Context;
+
 import com.iterable.iterableapi.unit.PathBasedQueueDispatcher;
 
 import org.junit.After;
@@ -46,6 +48,7 @@ public class IterableApiAuthTests extends BaseTest {
 
     @Before
     public void setUp() {
+        getContext().getSharedPreferences(IterableConstants.SHARED_PREFS_FILE, Context.MODE_PRIVATE).edit().clear().apply();
 
         server = new MockWebServer();
         dispatcher = new PathBasedQueueDispatcher();
@@ -521,6 +524,8 @@ public void testTokenRefreshDoesNotTriggerPushRegistration() throws Exception {
 
         try {
             // Initialize with auth and auto push registration enabled
+            // Clear keychain data from setUp so retrieveEmailAndUserId starts fresh
+            getContext().getSharedPreferences(IterableConstants.SHARED_PREFS_FILE, Context.MODE_PRIVATE).edit().clear().apply();
             IterableApi.sharedInstance = new IterableApi();
             authHandler = mock(IterableAuthHandler.class);
             IterableApi.initialize(getContext(), "apiKey",
