fix: more specific error message

[highesttt]

No description provided.

[indent]

PR Summary

Improves the LINE login UX by surfacing a more specific instruction when LINE rejects credentials (pointing users at the email configured under LINE Settings → Account → Email Address), and incidentally fixes a latent encoding bug in the RSA password payload where the length prefix was UTF-8 encoded via fmt.Sprintf("%c", n) and would silently expand to multiple bytes whenever any field (sessionKey/email/password) reached 128+ bytes.

• pkg/connector/connector.go: extract loginErrorInstructions(message) helper; trims input, handles empty, case-insensitively special-cases Account ID or password is invalid with tailored guidance, otherwise wraps as Could not log in to LINE: <reason>.
• pkg/line/password/password.go: rewrite createPayload to return ([]byte, error) and assemble the payload with bytes.Buffer.WriteByte(byte(len(field))) + WriteString(field); reject any field longer than 255 bytes; plumb the new error through EncryptPassword and pass the byte slice directly to rsa.EncryptPKCS1v15.

Issues

2 potential issues found:

• Special-cased credential-error string is matched exactly, so any rewording or localization by LINE will silently fall back to the generic "Could not log in to LINE: …" message and the new guidance never reaches users — consider keying off a substring (e.g. password is invalid) or a structured error code instead. → Autofix
• The new field is too long: %d bytes error in createPayload doesn't say which field tripped the limit, so an oversize sessionKey, email, or password all surface as the same opaque message — include the field name to make it actionable. → Autofix

CI Checks

Waiting for CI checks...

---

[linear-code]

PLAT-37557

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ba753096-f57f-4dfa-a3c8-dead6a71ba8e

📥 Commits

Reviewing files that changed from the base of the PR and between 710e9e4 and f603f2f.

📒 Files selected for processing (2)

• pkg/connector/connector.go
• pkg/line/password/password.go

📜 Recent review details

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (4)

• GitHub Check: Lint with 1.25
• GitHub Check: build-docker
• GitHub Check: Lint with 1.25
• GitHub Check: build-docker

🧰 Additional context used

📓 Path-based instructions (3)

**/*.go

📄 CodeRabbit inference engine (AGENTS.md)

**/*.go: Use go fmt for code formatting across all Go files
Use goimports with -local "github.com/highesttt/matrix-line-messenger" flag to group project-local imports correctly
Use zerolog for logging throughout the codebase
Do not use Msgf in logging; use Msg with structured fields instead
Use Stringer interface where applicable in Go code

Files:

• pkg/connector/connector.go
• pkg/line/password/password.go

**/!(ltsm)/**/*.go

📄 CodeRabbit inference engine (AGENTS.md)

**/!(ltsm)/**/*.go: Run staticcheck on all Go files excluding pkg/ltsm package (transpiled WASM code)
Run go vet on all Go files excluding pkg/ltsm package (transpiled WASM code)

Files:

• pkg/connector/connector.go
• pkg/line/password/password.go

pkg/connector/connector.go

📄 CodeRabbit inference engine (AGENTS.md)

Implement bridgev2.NetworkConnector and bridgev2.NetworkAPI interfaces in the connector package for bridge logic

Files:

• pkg/connector/connector.go

🔇 Additional comments (2)

pkg/line/password/password.go (1)

4-4: LGTM!

Also applies to: 15-18, 27-27, 37-47

pkg/connector/connector.go (1)

210-210: LGTM!

Also applies to: 228-237

---

📝 Walkthrough

Summary by CodeRabbit

• Bug Fixes
  • Refined login error messages to provide clearer, more actionable guidance when authentication fails
  • Improved error mapping to deliver specific feedback for common authentication issues
  • Added enhanced fallback messaging for improved user experience during login failures
• Improvements
  • Strengthened password validation with stricter field-length enforcement during the authentication process

Walkthrough

Two changes to the LINE email login path: pkg/line/password/password.go rewrites createPayload from string formatting to a binary length-prefixed bytes.Buffer with a 255-byte field guard and error propagation. pkg/connector/connector.go adds loginErrorInstructions to normalize server error messages before displaying them to the user.

Changes

LINE Login Hardening

Layer / File(s)	Summary
Binary password payload construction pkg/line/password/password.go	createPayload is rewritten from fmt.Sprintf to a bytes.Buffer writing [len|value] binary fields, with a 255-byte length guard that returns an error for oversized fields. EncryptPassword now receives (payload, err) from createPayload, wraps construction failures, and passes the byte slice directly to the RSA call.
Login error message normalization pkg/connector/connector.go	Adds loginErrorInstructions(message) which trims input, returns a generic "check your email and password" message for empty strings, maps the case-insensitive server error "Account ID or password is invalid" to a specific user-facing guidance string, and otherwise formats a "Could not log in to LINE: ..." fallback. loginErrorStep is updated to call this helper.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (1 warning, 1 inconclusive)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.
Description check	❓ Inconclusive	No pull request description was provided by the author, making it impossible to assess whether the intended context aligns with the changeset.	Add a pull request description explaining the rationale for the error message improvements and payload validation changes.

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title references error message improvements, which aligns with the loginErrorInstructions helper that provides more specific error handling in pkg/connector/connector.go, but only partially describes the broader changes including payload validation in password.go.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch highest/plat-37557

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[indent]

Brittle exact-string match: strings.EqualFold against the literal Account ID or password is invalid only fires when LINE returns that exact phrase. The data.reason field extracted by loginErrorReason is user-facing text from LINE and has historically changed wording across locales/versions; the moment it does (e.g. Invalid account ID or password, or a localized variant), this branch is skipped and users get the generic copy that this PR is specifically trying to avoid. Consider matching on a substring (strings.Contains(strings.ToLower(message), "password is invalid")) or — better — keying off the structured LINE error code if one is available upstream of loginErrorReason.

[indent]

Identify the offending field: when this fires the user / log reader has no way to tell whether the server-supplied sessionKey, their email, or their password was over 255 bytes. Swap the anonymous loop for named iterations so the error can name the field, e.g.:

for _, f := range []struct{ name, value string }{
    {"sessionKey", sessionKey},
    {"email", email},
    {"password", password},
} {
    if len(f.value) > 255 {
        return nil, fmt.Errorf("%s is too long: %d bytes (max 255)", f.name, len(f.value))
    }
    payload.WriteByte(byte(len(f.value)))
    payload.WriteString(f.value)
}

(Make sure not to log the field value — only the name and length.)