From 00e08b84028449ead27a8d5fb7a5af8919ce7d55 Mon Sep 17 00:00:00 2001 From: Jon Chambers Date: Mon, 30 Jan 2023 11:15:22 -0500 Subject: [PATCH] Simplify parsing/validation of spam report tokens --- .../textsecuregcm/controllers/MessageController.java | 11 +---------- .../textsecuregcm/entities/SpamReport.java | 7 ++++++- .../controllers/MessageControllerTest.java | 6 ++---- 3 files changed, 9 insertions(+), 15 deletions(-) diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java index fac8a2204..f1d19d6fc 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java @@ -643,16 +643,7 @@ public class MessageController { UUID spamReporterUuid = auth.getAccount().getUuid(); // spam report token is optional, but if provided ensure it is valid base64. - byte[] spamReportToken = null; - if (spamReport != null) { - try { - spamReportToken = Base64.getDecoder().decode(spamReport.token()); - Metrics.counter(REPORT_SPAM_TOKENS_RECEIVED_COUNTER_NAME).increment(); - } catch (IllegalArgumentException e) { - logger.error("Invalid report spam token provided", e); - throw new WebApplicationException(Response.status(400).build()); - } - } + @Nullable final byte[] spamReportToken = spamReport != null ? spamReport.token() : null; // fire-and-forget: we don't want to block the response on this action. CompletableFuture ignored = diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/entities/SpamReport.java b/service/src/main/java/org/whispersystems/textsecuregcm/entities/SpamReport.java index a035ce2bc..7dec41ef8 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/SpamReport.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/SpamReport.java @@ -1,7 +1,12 @@ package org.whispersystems.textsecuregcm.entities; import com.fasterxml.jackson.annotation.JsonProperty; +import com.fasterxml.jackson.databind.annotation.JsonDeserialize; +import com.fasterxml.jackson.databind.annotation.JsonSerialize; +import org.whispersystems.textsecuregcm.util.ByteArrayAdapter; import javax.validation.Valid; import javax.validation.constraints.NotEmpty; -public record SpamReport(@JsonProperty("token") @NotEmpty String token) {} +public record SpamReport(@JsonSerialize(using = ByteArrayAdapter.Serializing.class) + @JsonDeserialize(using = ByteArrayAdapter.Deserializing.class) + @NotEmpty byte[] token) {} diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java index 9b70eb4ac..36abcb6a1 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java @@ -722,8 +722,7 @@ class MessageControllerTest { ArgumentCaptor captor = ArgumentCaptor.forClass(byte[].class); - String token = Base64.getEncoder().encodeToString(new byte[3]); - Entity entity = Entity.entity(new SpamReport(token), "application/json"); + Entity entity = Entity.entity(new SpamReport(new byte[3]), "application/json"); Response response = resources.getJerseyTest() .target(String.format("/v1/messages/report/%s/%s", senderAci, messageGuid)) @@ -744,8 +743,7 @@ class MessageControllerTest { messageGuid = UUID.randomUUID(); - token = Base64.getEncoder().encodeToString(new byte[5]); - entity = Entity.entity(new SpamReport(token), "application/json"); + entity = Entity.entity(new SpamReport(new byte[5]), "application/json"); response = resources.getJerseyTest() .target(String.format("/v1/messages/report/%s/%s", senderAci, messageGuid))