From 2a68d9095d969e1fbf5084a8a2ec701e625a8069 Mon Sep 17 00:00:00 2001
From: Chris Eager <chris@signal.org>
Date: Thu, 3 Mar 2022 17:40:15 -0800
Subject: [PATCH] Remove transitional and legacy client

---
 service/config/sample.yml                     |  3 -
 .../WhisperServerConfiguration.java           | 10 ---
 .../textsecuregcm/WhisperServerService.java   |  9 +--
 .../configuration/RecaptchaConfiguration.java | 21 ------
 .../recaptcha/EnterpriseRecaptchaClient.java  |  5 +-
 .../recaptcha/LegacyRecaptchaClient.java      | 70 -----------------
 .../TransitionalRecaptchaClient.java          | 36 ---------
 .../EnterpriseRecaptchaClientTest.java        | 17 +++++
 .../TransitionalRecaptchaClientTest.java      | 75 -------------------
 9 files changed, 23 insertions(+), 223 deletions(-)
 delete mode 100644 service/src/main/java/org/whispersystems/textsecuregcm/configuration/RecaptchaConfiguration.java
 delete mode 100644 service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/LegacyRecaptchaClient.java
 delete mode 100644 service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClient.java
 delete mode 100644 service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClientTest.java

diff --git a/service/config/sample.yml b/service/config/sample.yml
index 911478a0b..d865c29af 100644
--- a/service/config/sample.yml
+++ b/service/config/sample.yml
@@ -242,9 +242,6 @@ voiceVerification:
   locales:
     - en
 
-recaptcha:
-  secret: unset
-
 recaptchaV2:
   projectPath: projects/example
   credentialConfigurationJson: "{ }" # service account configuration for backend authentication
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java
index 70897c446..2d4266037 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java
@@ -35,7 +35,6 @@ import org.whispersystems.textsecuregcm.configuration.MessageCacheConfiguration;
 import org.whispersystems.textsecuregcm.configuration.PaymentsServiceConfiguration;
 import org.whispersystems.textsecuregcm.configuration.PushConfiguration;
 import org.whispersystems.textsecuregcm.configuration.RateLimitsConfiguration;
-import org.whispersystems.textsecuregcm.configuration.RecaptchaConfiguration;
 import org.whispersystems.textsecuregcm.configuration.RecaptchaV2Configuration;
 import org.whispersystems.textsecuregcm.configuration.RedisClusterConfiguration;
 import org.whispersystems.textsecuregcm.configuration.RedisConfiguration;
@@ -206,11 +205,6 @@ public class WhisperServerConfiguration extends Configuration {
   @JsonProperty
   private VoiceVerificationConfiguration voiceVerification;
 
-  @Valid
-  @NotNull
-  @JsonProperty
-  private RecaptchaConfiguration recaptcha;
-
   @Valid
   @NotNull
   @JsonProperty
@@ -289,10 +283,6 @@ public class WhisperServerConfiguration extends Configuration {
     return dynamoDbTables;
   }
 
-  public RecaptchaConfiguration getRecaptchaConfiguration() {
-    return recaptcha;
-  }
-
   public RecaptchaV2Configuration getRecaptchaV2Configuration() {
     return recaptchaV2;
   }
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
index ac27c85f5..85c359f88 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
@@ -151,8 +151,6 @@ import org.whispersystems.textsecuregcm.push.MessageSender;
 import org.whispersystems.textsecuregcm.push.ProvisioningManager;
 import org.whispersystems.textsecuregcm.push.ReceiptSender;
 import org.whispersystems.textsecuregcm.recaptcha.EnterpriseRecaptchaClient;
-import org.whispersystems.textsecuregcm.recaptcha.LegacyRecaptchaClient;
-import org.whispersystems.textsecuregcm.recaptcha.TransitionalRecaptchaClient;
 import org.whispersystems.textsecuregcm.redis.ConnectionEventLogger;
 import org.whispersystems.textsecuregcm.redis.FaultTolerantRedisCluster;
 import org.whispersystems.textsecuregcm.redis.ReplicatedJedisPool;
@@ -474,16 +472,13 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
     MessageSender            messageSender      = new MessageSender(apnFallbackManager, clientPresenceManager, messagesManager, gcmSender, apnSender, pushLatencyManager);
     ReceiptSender            receiptSender      = new ReceiptSender(accountsManager, messageSender);
     TurnTokenGenerator       turnTokenGenerator = new TurnTokenGenerator(config.getTurnConfiguration());
-    LegacyRecaptchaClient legacyRecaptchaClient = new LegacyRecaptchaClient(config.getRecaptchaConfiguration().getSecret());
     EnterpriseRecaptchaClient enterpriseRecaptchaClient = new EnterpriseRecaptchaClient(
         config.getRecaptchaV2Configuration().getProjectPath(),
         config.getRecaptchaV2Configuration().getCredentialConfigurationJson(),
         dynamicConfigurationManager);
-    TransitionalRecaptchaClient transitionalRecaptchaClient = new TransitionalRecaptchaClient(legacyRecaptchaClient,
-        enterpriseRecaptchaClient);
     PushChallengeManager pushChallengeManager = new PushChallengeManager(apnSender, gcmSender, pushChallengeDynamoDb);
     RateLimitChallengeManager rateLimitChallengeManager = new RateLimitChallengeManager(pushChallengeManager,
-        transitionalRecaptchaClient, dynamicRateLimiters);
+        enterpriseRecaptchaClient, dynamicRateLimiters);
     RateLimitChallengeOptionManager rateLimitChallengeOptionManager =
         new RateLimitChallengeOptionManager(dynamicRateLimiters, dynamicConfigurationManager);
 
@@ -620,7 +615,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
     environment.jersey().register(
         new AccountController(pendingAccountsManager, accountsManager, abusiveHostRules, rateLimiters,
             smsSender, dynamicConfigurationManager, turnTokenGenerator, config.getTestDevices(),
-            transitionalRecaptchaClient, gcmSender, apnSender, backupCredentialsGenerator,
+            enterpriseRecaptchaClient, gcmSender, apnSender, backupCredentialsGenerator,
             verifyExperimentEnrollmentManager));
     environment.jersey().register(new KeysController(rateLimiters, keys, accountsManager));
 
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/RecaptchaConfiguration.java b/service/src/main/java/org/whispersystems/textsecuregcm/configuration/RecaptchaConfiguration.java
deleted file mode 100644
index ddcec818b..000000000
--- a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/RecaptchaConfiguration.java
+++ /dev/null
@@ -1,21 +0,0 @@
-/*
- * Copyright 2013-2020 Signal Messenger, LLC
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-package org.whispersystems.textsecuregcm.configuration;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-import javax.validation.constraints.NotEmpty;
-
-public class RecaptchaConfiguration {
-
-  @JsonProperty
-  @NotEmpty
-  private String secret;
-
-  public String getSecret() {
-    return secret;
-  }
-
-}
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClient.java b/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClient.java
index c1e351f20..0058ed56b 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClient.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClient.java
@@ -22,6 +22,7 @@ import java.nio.charset.StandardCharsets;
 import java.util.Objects;
 import javax.annotation.Nonnull;
 import javax.ws.rs.BadRequestException;
+import org.apache.commons.lang3.StringUtils;
 import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration;
 import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
 
@@ -29,6 +30,8 @@ public class EnterpriseRecaptchaClient implements RecaptchaClient {
 
   @VisibleForTesting
   static final String SEPARATOR = ".";
+  @VisibleForTesting
+  static final String V2_PREFIX = "signal-recaptcha-v2" + EnterpriseRecaptchaClient.SEPARATOR;
   private static final String ASSESSMENTS_COUNTER_NAME = name(EnterpriseRecaptchaClient.class, "assessments");
   private static final String SCORE_DISTRIBUTION_NAME = name(EnterpriseRecaptchaClient.class, "scoreDistribution");
 
@@ -61,7 +64,7 @@ public class EnterpriseRecaptchaClient implements RecaptchaClient {
    * don’t need to be strict.
    */
   static String[] parseInputToken(final String input) {
-    String[] keyActionAndToken = input.split("\\" + SEPARATOR, 3);
+    String[] keyActionAndToken = StringUtils.removeStart(input, V2_PREFIX).split("\\" + SEPARATOR, 3);
 
     if (keyActionAndToken.length == 1) {
       throw new BadRequestException("too few parts");
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/LegacyRecaptchaClient.java b/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/LegacyRecaptchaClient.java
deleted file mode 100644
index 71dae63ca..000000000
--- a/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/LegacyRecaptchaClient.java
+++ /dev/null
@@ -1,70 +0,0 @@
-/*
- * Copyright 2013-2020 Signal Messenger, LLC
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-package org.whispersystems.textsecuregcm.recaptcha;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.jaxrs.json.JacksonJaxbJsonProvider;
-import org.glassfish.jersey.client.ClientConfig;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import javax.ws.rs.client.Client;
-import javax.ws.rs.client.ClientBuilder;
-import javax.ws.rs.client.Entity;
-import javax.ws.rs.core.MultivaluedHashMap;
-import javax.ws.rs.core.MultivaluedMap;
-
-public class LegacyRecaptchaClient implements RecaptchaClient {
-
-  private final Logger logger = LoggerFactory.getLogger(LegacyRecaptchaClient.class);
-
-  private final Client client;
-  private final String recaptchaSecret;
-
-  public LegacyRecaptchaClient(String recaptchaSecret) {
-    this.client          = ClientBuilder.newClient(new ClientConfig(new JacksonJaxbJsonProvider().configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false)));
-    this.recaptchaSecret = recaptchaSecret;
-  }
-
-  public boolean verify(String captchaToken, String ip) {
-    MultivaluedMap<String, String> formData = new MultivaluedHashMap<>();
-    formData.add("secret", recaptchaSecret);
-    formData.add("response", captchaToken);
-    formData.add("remoteip", ip);
-
-    VerifyResponse response = client.target("https://www.google.com/recaptcha/api/siteverify")
-                                    .request()
-                                    .post(Entity.form(formData), VerifyResponse.class);
-
-    if (response.success) {
-      logger.debug("Got successful captcha time: " + response.challenge_ts + ", current time: " + System.currentTimeMillis());
-    }
-
-    return response.success;
-  }
-
-  private static class VerifyResponse {
-    @JsonProperty
-    private boolean success;
-
-    @JsonProperty("error-codes")
-    private String[] errorCodes;
-
-    @JsonProperty
-    private String hostname;
-
-    @JsonProperty
-    private String challenge_ts;
-
-    @Override
-    public String toString() {
-      return "success: " + success + ", errorCodes: " + String.join(", ", errorCodes == null ? new String[0] : errorCodes) + ", hostname: " + hostname + ", challenge_ts: " + challenge_ts;
-    }
-  }
-
-}
-
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClient.java b/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClient.java
deleted file mode 100644
index 55b5a5974..000000000
--- a/service/src/main/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClient.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright 2021-2022 Signal Messenger, LLC
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-package org.whispersystems.textsecuregcm.recaptcha;
-
-import com.google.common.annotations.VisibleForTesting;
-import java.util.Objects;
-import javax.annotation.Nonnull;
-
-public class TransitionalRecaptchaClient implements RecaptchaClient {
-
-  @VisibleForTesting
-  static final String V2_PREFIX = "signal-recaptcha-v2" + EnterpriseRecaptchaClient.SEPARATOR;
-
-  private final LegacyRecaptchaClient legacyRecaptchaClient;
-  private final EnterpriseRecaptchaClient enterpriseRecaptchaClient;
-
-  public TransitionalRecaptchaClient(
-      @Nonnull final LegacyRecaptchaClient legacyRecaptchaClient,
-      @Nonnull final EnterpriseRecaptchaClient enterpriseRecaptchaClient) {
-    this.legacyRecaptchaClient = Objects.requireNonNull(legacyRecaptchaClient);
-    this.enterpriseRecaptchaClient = Objects.requireNonNull(enterpriseRecaptchaClient);
-  }
-
-  @Override
-  public boolean verify(@Nonnull final String token, @Nonnull final String ip) {
-    if (token.startsWith(V2_PREFIX)) {
-      return enterpriseRecaptchaClient.verify(token.substring(V2_PREFIX.length()), ip);
-    } else {
-      return legacyRecaptchaClient.verify(token, ip);
-    }
-  }
-
-}
diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClientTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClientTest.java
index 572aeccb1..5a40c2c9c 100644
--- a/service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClientTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/EnterpriseRecaptchaClientTest.java
@@ -19,6 +19,8 @@ import org.junit.jupiter.params.provider.MethodSource;
 
 class EnterpriseRecaptchaClientTest {
 
+  private static final String PREFIX = EnterpriseRecaptchaClient.V2_PREFIX.substring(0,
+      EnterpriseRecaptchaClient.V2_PREFIX.lastIndexOf(SEPARATOR));
   private static final String SITE_KEY = "site-key";
   private static final String TOKEN = "some-token";
 
@@ -57,6 +59,21 @@ class EnterpriseRecaptchaClientTest {
             String.join(SEPARATOR, SITE_KEY, "an-action", TOKEN, "something-else"),
             TOKEN + SEPARATOR + "something-else",
             SITE_KEY,
+            "an-action"),
+        Arguments.of(
+            String.join(SEPARATOR, PREFIX, SITE_KEY, TOKEN),
+            TOKEN,
+            SITE_KEY,
+            null),
+        Arguments.of(
+            String.join(SEPARATOR, PREFIX, SITE_KEY, "an-action", TOKEN),
+            TOKEN,
+            SITE_KEY,
+            "an-action"),
+        Arguments.of(
+            String.join(SEPARATOR, PREFIX, SITE_KEY, "an-action", TOKEN, "something-else"),
+            TOKEN + SEPARATOR + "something-else",
+            SITE_KEY,
             "an-action")
     );
   }
diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClientTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClientTest.java
deleted file mode 100644
index a2735796b..000000000
--- a/service/src/test/java/org/whispersystems/textsecuregcm/recaptcha/TransitionalRecaptchaClientTest.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*
- * Copyright 2022 Signal Messenger, LLC
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-package org.whispersystems.textsecuregcm.recaptcha;
-
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.verifyNoInteractions;
-import static org.whispersystems.textsecuregcm.recaptcha.EnterpriseRecaptchaClient.SEPARATOR;
-
-import java.util.stream.Stream;
-import org.junit.jupiter.api.BeforeEach;
-import org.junit.jupiter.params.ParameterizedTest;
-import org.junit.jupiter.params.provider.Arguments;
-import org.junit.jupiter.params.provider.MethodSource;
-
-class TransitionalRecaptchaClientTest {
-
-  private TransitionalRecaptchaClient transitionalRecaptchaClient;
-  private EnterpriseRecaptchaClient enterpriseRecaptchaClient;
-  private LegacyRecaptchaClient legacyRecaptchaClient;
-
-  private static final String PREFIX = TransitionalRecaptchaClient.V2_PREFIX.substring(0,
-      TransitionalRecaptchaClient.V2_PREFIX.lastIndexOf(SEPARATOR));
-  private static final String TOKEN = "some-token";
-  private static final String IP_ADDRESS = "127.0.0.1";
-
-  @BeforeEach
-  void setup() {
-    enterpriseRecaptchaClient = mock(EnterpriseRecaptchaClient.class);
-    legacyRecaptchaClient = mock(LegacyRecaptchaClient.class);
-    transitionalRecaptchaClient = new TransitionalRecaptchaClient(legacyRecaptchaClient, enterpriseRecaptchaClient);
-  }
-
-  @ParameterizedTest
-  @MethodSource
-  void testVerify(final String inputToken, final boolean expectLegacy, final String expectedToken) {
-
-    transitionalRecaptchaClient.verify(inputToken, IP_ADDRESS);
-
-    if (expectLegacy) {
-      verifyNoInteractions(enterpriseRecaptchaClient);
-      verify(legacyRecaptchaClient).verify(expectedToken, IP_ADDRESS);
-    } else {
-      verifyNoInteractions(legacyRecaptchaClient);
-      verify(enterpriseRecaptchaClient).verify(expectedToken, IP_ADDRESS);
-    }
-
-  }
-
-  static Stream<Arguments> testVerify() {
-    return Stream.of(
-        Arguments.of(
-            TOKEN,
-            true,
-            TOKEN),
-        Arguments.of(
-            String.join(SEPARATOR, PREFIX, TOKEN),
-            false,
-            TOKEN),
-        Arguments.of(
-            String.join(SEPARATOR, PREFIX, "site-key", "an-action", TOKEN),
-            false,
-            String.join(SEPARATOR, "site-key", "an-action", TOKEN),
-            "an-action"),
-        Arguments.of(
-            String.join(SEPARATOR, PREFIX, "site-key", "an-action", TOKEN, "something-else"),
-            false,
-            "site-key" + SEPARATOR + "an-action" + SEPARATOR + TOKEN + SEPARATOR + "something-else")
-    );
-  }
-
-}