diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java index 64c071d20..13525f48c 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java @@ -182,10 +182,8 @@ import org.whispersystems.textsecuregcm.s3.PostPolicyGenerator; import org.whispersystems.textsecuregcm.securestorage.SecureStorageClient; import org.whispersystems.textsecuregcm.securevaluerecovery.SecureValueRecovery2Client; import org.whispersystems.textsecuregcm.spam.ChallengeConstraintChecker; -import org.whispersystems.textsecuregcm.spam.FilterSpam; +import org.whispersystems.textsecuregcm.spam.RegistrationFraudChecker; import org.whispersystems.textsecuregcm.spam.ReportSpamTokenProvider; -import org.whispersystems.textsecuregcm.spam.ScoreThresholdProvider; -import org.whispersystems.textsecuregcm.spam.SenderOverrideProvider; import org.whispersystems.textsecuregcm.spam.SpamChecker; import org.whispersystems.textsecuregcm.spam.SpamFilter; import org.whispersystems.textsecuregcm.storage.AccountLockManager; @@ -862,7 +860,6 @@ public class WhisperServerService extends Application spamFilters = ServiceLoader.load(SpamFilter.class) .stream() .map(ServiceLoader.Provider::get) - .filter(s -> s.getClass().isAnnotationPresent(FilterSpam.class)) .flatMap(filter -> { try { filter.configure(config.getSpamFilterConfiguration().getEnvironment()); @@ -898,6 +895,14 @@ public class WhisperServerService extends Application { + log.warn("No registration-fraud-checkers found; using default (no-op) provider as a default"); + return RegistrationFraudChecker.noop(); + }); + + spamFilter.map(SpamFilter::getReportedMessageListener).ifPresent(reportMessageManager::addListener); final RateLimitChallengeManager rateLimitChallengeManager = new RateLimitChallengeManager(pushChallengeManager, @@ -956,7 +961,7 @@ public class WhisperServerService extends Application webSocketEnvironment, - WebSocketEnvironment provisioningEnvironment) { - List.of( - ScoreThresholdProvider.ScoreThresholdFeature.class, - SenderOverrideProvider.SenderOverrideFeature.class) - .forEach(feature -> { - environment.jersey().register(feature); - webSocketEnvironment.jersey().register(feature); - provisioningEnvironment.jersey().register(feature); - }); - } - private void registerExceptionMappers(Environment environment, WebSocketEnvironment webSocketEnvironment, WebSocketEnvironment provisioningEnvironment) { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java index ee62b1c1d..62ff51653 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java @@ -113,7 +113,6 @@ import org.whispersystems.textsecuregcm.push.MessageSender; import org.whispersystems.textsecuregcm.push.NotPushRegisteredException; import org.whispersystems.textsecuregcm.push.PushNotificationManager; import org.whispersystems.textsecuregcm.push.ReceiptSender; -import org.whispersystems.textsecuregcm.spam.FilterSpam; import org.whispersystems.textsecuregcm.spam.ReportSpamTokenProvider; import org.whispersystems.textsecuregcm.spam.SpamChecker; import org.whispersystems.textsecuregcm.storage.Account; diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/VerificationController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/VerificationController.java index 2ec24943d..c767a272f 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/VerificationController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/VerificationController.java @@ -80,10 +80,8 @@ import org.whispersystems.textsecuregcm.registration.RegistrationServiceExceptio import org.whispersystems.textsecuregcm.registration.RegistrationServiceSenderException; import org.whispersystems.textsecuregcm.registration.TransportNotAllowedException; import org.whispersystems.textsecuregcm.registration.VerificationSession; -import org.whispersystems.textsecuregcm.spam.Extract; -import org.whispersystems.textsecuregcm.spam.FilterSpam; -import org.whispersystems.textsecuregcm.spam.ScoreThreshold; -import org.whispersystems.textsecuregcm.spam.SenderOverride; +import org.whispersystems.textsecuregcm.spam.RegistrationFraudChecker; +import org.whispersystems.textsecuregcm.spam.RegistrationFraudChecker.VerificationCheck; import org.whispersystems.textsecuregcm.storage.AccountsManager; import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager; import org.whispersystems.textsecuregcm.storage.RegistrationRecoveryPasswordsManager; @@ -121,7 +119,7 @@ public class VerificationController { private final RegistrationRecoveryPasswordsManager registrationRecoveryPasswordsManager; private final RateLimiters rateLimiters; private final AccountsManager accountsManager; - + private final RegistrationFraudChecker registrationFraudChecker; private final DynamicConfigurationManager dynamicConfigurationManager; private final Clock clock; @@ -132,6 +130,7 @@ public class VerificationController { final RegistrationRecoveryPasswordsManager registrationRecoveryPasswordsManager, final RateLimiters rateLimiters, final AccountsManager accountsManager, + final RegistrationFraudChecker registrationFraudChecker, final DynamicConfigurationManager dynamicConfigurationManager, final Clock clock) { this.registrationServiceClient = registrationServiceClient; @@ -141,6 +140,7 @@ public class VerificationController { this.registrationRecoveryPasswordsManager = registrationRecoveryPasswordsManager; this.rateLimiters = rateLimiters; this.accountsManager = accountsManager; + this.registrationFraudChecker = registrationFraudChecker; this.dynamicConfigurationManager = dynamicConfigurationManager; this.clock = clock; } @@ -195,17 +195,16 @@ public class VerificationController { return buildResponse(registrationServiceSession, verificationSession); } - @FilterSpam @PATCH @Path("/session/{sessionId}") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public VerificationSessionResponse updateSession(@PathParam("sessionId") final String encodedSessionId, + public VerificationSessionResponse updateSession( + @PathParam("sessionId") final String encodedSessionId, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent, @Context ContainerRequestContext requestContext, @NotNull @Valid final UpdateVerificationSessionRequest updateVerificationSessionRequest, - @NotNull @Extract final ScoreThreshold scoreThreshold, - @NotNull @Extract final SenderOverride senderOverride) { + @Context ContainerRequestContext context) { final String sourceHost = (String) requestContext.getProperty(RemoteAddressFilter.REMOTE_ADDRESS_ATTRIBUTE_NAME); @@ -215,10 +214,16 @@ public class VerificationController { final RegistrationServiceSession registrationServiceSession = retrieveRegistrationServiceSession(encodedSessionId); VerificationSession verificationSession = retrieveVerificationSession(registrationServiceSession); + final VerificationCheck verificationCheck = registrationFraudChecker.checkVerificationAttempt( + context, + verificationSession, + registrationServiceSession.number(), + updateVerificationSessionRequest); + try { // these handle* methods ordered from least likely to fail to most, so take care when considering a change - verificationSession = handleSenderOverrides(verificationSession, senderOverride); + verificationSession = verificationCheck.updatedSession().orElse(verificationSession); verificationSession = handlePushToken(pushTokenAndType, verificationSession); @@ -226,7 +231,7 @@ public class VerificationController { verificationSession); verificationSession = handleCaptcha(sourceHost, updateVerificationSessionRequest, registrationServiceSession, - verificationSession, userAgent, scoreThreshold.getScoreThreshold()); + verificationSession, userAgent, verificationCheck.scoreThreshold()); } catch (final RateLimitExceededException e) { final Response response = buildResponseForRateLimitExceeded(verificationSession, registrationServiceSession, @@ -424,31 +429,6 @@ public class VerificationController { return verificationSession; } - /** - * Update the verification session with explicit sender overrides if present. When the session is used to send - * verification codes, these overrides will be used. - * - * @param verificationSession the session to update - * @param senderOverride configured sender overrides - * @return An updated {@link VerificationSession} - */ - private VerificationSession handleSenderOverrides( - VerificationSession verificationSession, - SenderOverride senderOverride) { - return new VerificationSession( - verificationSession.pushChallenge(), - verificationSession.requestedInformation(), - verificationSession.submittedInformation(), - Optional.ofNullable(verificationSession.smsSenderOverride()) - .or(senderOverride::getSmsSenderOverride).orElse(null), - Optional.ofNullable(verificationSession.voiceSenderOverride()) - .or(senderOverride::getVoiceSenderOverride) - .orElse(null), verificationSession.allowedToRequestCode(), - verificationSession.createdTimestamp(), - clock.millis(), - verificationSession.remoteExpirationSeconds()); - } - @GET @Path("/session/{sessionId}") @Produces(MediaType.APPLICATION_JSON) diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/Extract.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/Extract.java deleted file mode 100644 index aa0a407c4..000000000 --- a/service/src/main/java/org/whispersystems/textsecuregcm/spam/Extract.java +++ /dev/null @@ -1,20 +0,0 @@ -/* - * Copyright 2023 Signal Messenger, LLC - * SPDX-License-Identifier: AGPL-3.0-only - */ - -package org.whispersystems.textsecuregcm.spam; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * Indicates that a parameter should be parsed from a {@link org.glassfish.jersey.server.ContainerRequest} - */ -@Target({ElementType.PARAMETER, ElementType.FIELD}) -@Retention(RetentionPolicy.RUNTIME) -public @interface Extract { - -} diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/FilterSpam.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/FilterSpam.java deleted file mode 100644 index 9a771acfd..000000000 --- a/service/src/main/java/org/whispersystems/textsecuregcm/spam/FilterSpam.java +++ /dev/null @@ -1,21 +0,0 @@ -/* - * Copyright 2013-2021 Signal Messenger, LLC - * SPDX-License-Identifier: AGPL-3.0-only - */ - -package org.whispersystems.textsecuregcm.spam; - -import javax.ws.rs.NameBinding; -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -/** - * A name-binding annotation that associates {@link SpamFilter}s with resource methods. - */ -@NameBinding -@Retention(RetentionPolicy.RUNTIME) -@Target({ElementType.TYPE, ElementType.METHOD}) -public @interface FilterSpam { -} diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/RegistrationFraudChecker.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/RegistrationFraudChecker.java new file mode 100644 index 000000000..1018e8a15 --- /dev/null +++ b/service/src/main/java/org/whispersystems/textsecuregcm/spam/RegistrationFraudChecker.java @@ -0,0 +1,37 @@ +/* + * Copyright 2024 Signal Messenger, LLC + * SPDX-License-Identifier: AGPL-3.0-only + */ +package org.whispersystems.textsecuregcm.spam; + +import java.util.Optional; +import javax.ws.rs.container.ContainerRequestContext; +import org.whispersystems.textsecuregcm.entities.UpdateVerificationSessionRequest; +import org.whispersystems.textsecuregcm.registration.VerificationSession; + +public interface RegistrationFraudChecker { + + record VerificationCheck(Optional updatedSession, Optional scoreThreshold) {} + + /** + * Determine if a registration attempt is suspicious + * + * @param requestContext The request context for an update verification session attempt + * @param verificationSession The target verification session + * @param e164 The target phone number + * @param request The information to add to the verification session + * @return A SessionUpdate including updates to the verification session that should be persisted to the caller along + * with other constraints to enforce when evaluating the UpdateVerificationSessionRequest. + */ + VerificationCheck checkVerificationAttempt( + final ContainerRequestContext requestContext, + final VerificationSession verificationSession, + final String e164, + final UpdateVerificationSessionRequest request); + + static RegistrationFraudChecker noop() { + return (ignoredContext, ignoredSession, ignoredE164, ignoredRequest) -> new VerificationCheck( + Optional.empty(), + Optional.empty()); + } +} diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/ScoreThreshold.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/ScoreThreshold.java deleted file mode 100644 index d4b79c333..000000000 --- a/service/src/main/java/org/whispersystems/textsecuregcm/spam/ScoreThreshold.java +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright 2023 Signal Messenger, LLC - * SPDX-License-Identifier: AGPL-3.0-only - */ - -package org.whispersystems.textsecuregcm.spam; - -import org.glassfish.jersey.server.ContainerRequest; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import java.util.Optional; - -/** - * A ScoreThreshold may be provided by an upstream request filter. If request contains a property for - * {@link #PROPERTY_NAME} it can be forwarded to a downstream filter to indicate it can use a more or less strict - * score threshold when evaluating whether a request should be allowed to continue. - */ -public class ScoreThreshold { - - private static final Logger logger = LoggerFactory.getLogger(ScoreThreshold.class); - - public static final String PROPERTY_NAME = "scoreThreshold"; - - /** - * A score threshold in the range [0, 1.0] - */ - private final Optional scoreThreshold; - - /** - * Extract an optional score threshold parameter provided by an upstream request filter - */ - public ScoreThreshold(final ContainerRequest containerRequest) { - this.scoreThreshold = Optional - .ofNullable(containerRequest.getProperty(PROPERTY_NAME)) - .flatMap(obj -> { - if (obj instanceof Float f) { - return Optional.of(f); - } - logger.warn("invalid format for filter provided score threshold {}", obj); - return Optional.empty(); - }); - } - - public Optional getScoreThreshold() { - return this.scoreThreshold; - } -} diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/ScoreThresholdProvider.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/ScoreThresholdProvider.java deleted file mode 100644 index 69b525472..000000000 --- a/service/src/main/java/org/whispersystems/textsecuregcm/spam/ScoreThresholdProvider.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright 2023 Signal Messenger, LLC - * SPDX-License-Identifier: AGPL-3.0-only - */ -package org.whispersystems.textsecuregcm.spam; - -import java.util.function.Function; -import javax.inject.Singleton; -import javax.ws.rs.core.Feature; -import javax.ws.rs.core.FeatureContext; -import org.glassfish.jersey.internal.inject.AbstractBinder; -import org.glassfish.jersey.server.ContainerRequest; -import org.glassfish.jersey.server.model.Parameter; -import org.glassfish.jersey.server.spi.internal.ValueParamProvider; - -/** - * Parses a {@link ScoreThreshold} out of a {@link ContainerRequest} to provide to jersey resources. - *

- * A request filter may enrich a ContainerRequest with a scoreThreshold by providing a float property with the name - * {@link ScoreThreshold#PROPERTY_NAME}. This indicates the desired scoreThreshold to use when evaluating whether a - * request should proceed. - *

- * A resource can consume a ScoreThreshold with by annotating a ScoreThreshold parameter with {@link Extract} - */ -public class ScoreThresholdProvider implements ValueParamProvider { - - /** - * Configures the ScoreThresholdProvider - */ - public static class ScoreThresholdFeature implements Feature { - - @Override - public boolean configure(FeatureContext context) { - context.register(new AbstractBinder() { - @Override - protected void configure() { - bind(ScoreThresholdProvider.class) - .to(ValueParamProvider.class) - .in(Singleton.class); - } - }); - return true; - } - } - - @Override - public Function getValueProvider(final Parameter parameter) { - if (parameter.getRawType().equals(ScoreThreshold.class) - && parameter.isAnnotationPresent(Extract.class)) { - return ScoreThreshold::new; - } - return null; - - } - - @Override - public PriorityType getPriority() { - return Priority.HIGH; - } -} diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/SenderOverride.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/SenderOverride.java deleted file mode 100644 index 0cfa77122..000000000 --- a/service/src/main/java/org/whispersystems/textsecuregcm/spam/SenderOverride.java +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright 2024 Signal Messenger, LLC - * SPDX-License-Identifier: AGPL-3.0-only - */ - -package org.whispersystems.textsecuregcm.spam; - -import org.glassfish.jersey.server.ContainerRequest; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import java.util.Optional; - -/** - * A SenderOverride may be provided by an upstream request filter. If request contains a property for - * {@link #SMS_SENDER_OVERRIDE_PROPERTY_NAME} or {@link #VOICE_SENDER_OVERRIDE_PROPERTY_NAME} it can be - * forwarded to a downstream filter to indicate a specific sender should be used when sending verification codes. - */ -public class SenderOverride { - - private static final Logger logger = LoggerFactory.getLogger(SenderOverride.class); - public static final String SMS_SENDER_OVERRIDE_PROPERTY_NAME = "smsSenderOverride"; - public static final String VOICE_SENDER_OVERRIDE_PROPERTY_NAME = "voiceSenderOverride"; - - /** - * The name of the sender to use to deliver a verification code via SMS - */ - private final Optional smsSenderOverride; - - /** - * The name of the sender to use to deliver a verification code via voice - */ - private final Optional voiceSenderOverride; - - public SenderOverride(final ContainerRequest containerRequest) { - this.smsSenderOverride = parse(String.class, SMS_SENDER_OVERRIDE_PROPERTY_NAME, containerRequest); - this.voiceSenderOverride = parse(String.class, VOICE_SENDER_OVERRIDE_PROPERTY_NAME, containerRequest); - } - - private static Optional parse(Class type, final String propertyName, - final ContainerRequest containerRequest) { - return Optional - .ofNullable(containerRequest.getProperty(propertyName)) - .flatMap(obj -> { - if (type.isInstance(obj)) { - return Optional.of(type.cast(obj)); - } - logger.warn("invalid format for filter provided property {}: {}", propertyName, obj); - return Optional.empty(); - }); - } - - - public Optional getSmsSenderOverride() { - return smsSenderOverride; - } - - public Optional getVoiceSenderOverride() { - return voiceSenderOverride; - } - -} diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/SenderOverrideProvider.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/SenderOverrideProvider.java deleted file mode 100644 index 801cb4ec9..000000000 --- a/service/src/main/java/org/whispersystems/textsecuregcm/spam/SenderOverrideProvider.java +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright 2024 Signal Messenger, LLC - * SPDX-License-Identifier: AGPL-3.0-only - */ - -package org.whispersystems.textsecuregcm.spam; - -import java.util.function.Function; -import javax.inject.Singleton; -import javax.ws.rs.core.Feature; -import javax.ws.rs.core.FeatureContext; -import org.glassfish.jersey.internal.inject.AbstractBinder; -import org.glassfish.jersey.server.ContainerRequest; -import org.glassfish.jersey.server.model.Parameter; -import org.glassfish.jersey.server.spi.internal.ValueParamProvider; - -/** - * Parses a {@link SenderOverride} out of a {@link ContainerRequest} to provide to jersey resources. - *

- * A request filter may enrich a ContainerRequest with senderOverrides by providing a string property names defined in - * {@link SenderOverride}. This indicates the desired senderOverride to use when sending verification codes. - *

- * A resource can consume a SenderOverride with by annotating a SenderOverride parameter with {@link Extract} - */ -public class SenderOverrideProvider implements ValueParamProvider { - - /** - * Configures the SenderOverrideProvider - */ - public static class SenderOverrideFeature implements Feature { - - @Override - public boolean configure(FeatureContext context) { - context.register(new AbstractBinder() { - @Override - protected void configure() { - bind(SenderOverrideProvider.class) - .to(ValueParamProvider.class) - .in(Singleton.class); - } - }); - return true; - } - } - - @Override - public Function getValueProvider(final Parameter parameter) { - if (parameter.getRawType().equals(SenderOverride.class) - && parameter.isAnnotationPresent(Extract.class)) { - return SenderOverride::new; - } - return null; - - } - - @Override - public PriorityType getPriority() { - return Priority.HIGH; - } -} diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/spam/SpamFilter.java b/service/src/main/java/org/whispersystems/textsecuregcm/spam/SpamFilter.java index 9ebd7d909..60a3bc2f3 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/spam/SpamFilter.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/spam/SpamFilter.java @@ -11,17 +11,14 @@ import javax.ws.rs.container.ContainerRequestFilter; import java.io.IOException; /** - * A spam filter is a {@link ContainerRequestFilter} that filters requests to endpoints to detect and respond to - * patterns of spam and fraud. + * A spam filter provides various checkers and listeners to detect and respond to patterns of spam and fraud. *

* Spam filters are managed components that are generally loaded dynamically via a {@link java.util.ServiceLoader}. * Their {@link #configure(String)} method will be called prior to be adding to the server's pool of {@link Managed} * objects. *

- * Spam filters must be annotated with {@link FilterSpam}, a name binding annotation that restricts the endpoints to - * which the filter may apply. */ -public interface SpamFilter extends ContainerRequestFilter, Managed { +public interface SpamFilter extends Managed { /** * Configures this spam filter. This method will be called before the filter is added to the server's pool of managed @@ -65,6 +62,13 @@ public interface SpamFilter extends ContainerRequestFilter, Managed { */ SpamChecker getSpamChecker(); + /** + * Return a checker that will be called to check registration attempts + * + * @return a {@link RegistrationFraudChecker} controlled by the spam filter + */ + RegistrationFraudChecker getRegistrationFraudChecker(); + /** * Return a checker that will be called to determine what constraints should be applied * when a user requests or solves a challenge (captchas, push challenges, etc). diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java index ddbecb0fe..23170f988 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java @@ -78,8 +78,6 @@ import org.whispersystems.textsecuregcm.mappers.ImpossiblePhoneNumberExceptionMa import org.whispersystems.textsecuregcm.mappers.JsonMappingExceptionMapper; import org.whispersystems.textsecuregcm.mappers.NonNormalizedPhoneNumberExceptionMapper; import org.whispersystems.textsecuregcm.mappers.RateLimitExceededExceptionMapper; -import org.whispersystems.textsecuregcm.spam.ScoreThresholdProvider; -import org.whispersystems.textsecuregcm.spam.SenderOverrideProvider; import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.AccountsManager; import org.whispersystems.textsecuregcm.storage.RegistrationRecoveryPasswordsManager; @@ -151,8 +149,6 @@ class AccountControllerTest { .addProvider(new NonNormalizedPhoneNumberExceptionMapper()) .addProvider(TEST_REMOTE_ADDRESS_FILTER_PROVIDER) .addProvider(new RateLimitByIpFilter(rateLimiters)) - .addProvider(ScoreThresholdProvider.ScoreThresholdFeature.class) - .addProvider(SenderOverrideProvider.SenderOverrideFeature.class) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new AccountController( diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/VerificationControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/VerificationControllerTest.java index ba2ca2710..da2044b7e 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/VerificationControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/VerificationControllerTest.java @@ -73,8 +73,7 @@ import org.whispersystems.textsecuregcm.registration.RegistrationServiceExceptio import org.whispersystems.textsecuregcm.registration.RegistrationServiceSenderException; import org.whispersystems.textsecuregcm.registration.TransportNotAllowedException; import org.whispersystems.textsecuregcm.registration.VerificationSession; -import org.whispersystems.textsecuregcm.spam.ScoreThresholdProvider; -import org.whispersystems.textsecuregcm.spam.SenderOverrideProvider; +import org.whispersystems.textsecuregcm.spam.RegistrationFraudChecker; import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.AccountsManager; import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager; @@ -112,14 +111,12 @@ class VerificationControllerTest { .addProvider(new ImpossiblePhoneNumberExceptionMapper()) .addProvider(new NonNormalizedPhoneNumberExceptionMapper()) .addProvider(new RegistrationServiceSenderExceptionMapper()) - .addProvider(ScoreThresholdProvider.ScoreThresholdFeature.class) - .addProvider(SenderOverrideProvider.SenderOverrideFeature.class) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource( new VerificationController(registrationServiceClient, verificationSessionManager, pushNotificationManager, registrationCaptchaManager, registrationRecoveryPasswordsManager, rateLimiters, accountsManager, - dynamicConfigurationManager, clock)) + RegistrationFraudChecker.noop(), dynamicConfigurationManager, clock)) .build(); @BeforeEach