From 6b6f9b2405e2e102e7ccc34baa14f77097a88570 Mon Sep 17 00:00:00 2001
From: Jon Chambers <jon@signal.org>
Date: Mon, 25 Jul 2022 12:36:09 -0400
Subject: [PATCH] Add PNI to `GroupCredentials` responses that contain
 `AuthCredentialWithPni` instances

---
 .../controllers/CertificateController.java    |  4 +-
 .../entities/GroupCredentials.java            | 39 ++-----------------
 .../CertificateControllerTest.java            | 32 ++++++++-------
 3 files changed, 23 insertions(+), 52 deletions(-)

diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java
index 4ee21ae04..7a4d308e5 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java
@@ -114,7 +114,7 @@ public class CertificateController {
           i));
     }
 
-    return new GroupCredentials(credentials);
+    return new GroupCredentials(credentials, null);
   }
 
   @Timed
@@ -153,6 +153,6 @@ public class CertificateController {
       redemption = redemption.plus(Duration.ofDays(1));
     }
 
-    return new GroupCredentials(credentials);
+    return new GroupCredentials(credentials, pni);
   }
 }
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/entities/GroupCredentials.java b/service/src/main/java/org/whispersystems/textsecuregcm/entities/GroupCredentials.java
index 0bb71bece..fee963061 100644
--- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/GroupCredentials.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/GroupCredentials.java
@@ -5,43 +5,12 @@
 
 package org.whispersystems.textsecuregcm.entities;
 
-import com.fasterxml.jackson.annotation.JsonCreator;
-import com.fasterxml.jackson.annotation.JsonProperty;
 import java.util.List;
+import java.util.UUID;
+import javax.annotation.Nullable;
 
-public class GroupCredentials {
+public record GroupCredentials(List<GroupCredential> credentials, @Nullable UUID pni) {
 
-  private final List<GroupCredential> credentials;
-
-  @JsonCreator
-  public GroupCredentials(
-      @JsonProperty("credentials") List<GroupCredential> credentials) {
-    this.credentials = credentials;
-  }
-
-  public List<GroupCredential> getCredentials() {
-    return credentials;
-  }
-
-  public static class GroupCredential {
-
-    private final byte[] credential;
-    private final int redemptionTime;
-
-    @JsonCreator
-    public GroupCredential(
-        @JsonProperty("credential") byte[] credential,
-        @JsonProperty("redemptionTime") int redemptionTime) {
-      this.credential = credential;
-      this.redemptionTime = redemptionTime;
-    }
-
-    public byte[] getCredential() {
-      return credential;
-    }
-
-    public int getRedemptionTime() {
-      return redemptionTime;
-    }
+  public record GroupCredential(byte[] credential, int redemptionTime) {
   }
 }
diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CertificateControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CertificateControllerTest.java
index c4b83b787..5a8319d06 100644
--- a/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CertificateControllerTest.java
+++ b/service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/CertificateControllerTest.java
@@ -217,13 +217,13 @@ class CertificateControllerTest {
                                             .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
                                             .get(GroupCredentials.class);
 
-    assertThat(credentials.getCredentials().size()).isEqualTo(1);
-    assertThat(credentials.getCredentials().get(0).getRedemptionTime()).isEqualTo(Util.currentDaysSinceEpoch());
+    assertThat(credentials.credentials().size()).isEqualTo(1);
+    assertThat(credentials.credentials().get(0).redemptionTime()).isEqualTo(Util.currentDaysSinceEpoch());
 
     ClientZkAuthOperations clientZkAuthOperations = new ClientZkAuthOperations(serverSecretParams.getPublicParams());
 
     assertThatCode(() ->
-        clientZkAuthOperations.receiveAuthCredential(AuthHelper.VALID_UUID, Util.currentDaysSinceEpoch(), new AuthCredentialResponse(credentials.getCredentials().get(0).getCredential())))
+        clientZkAuthOperations.receiveAuthCredential(AuthHelper.VALID_UUID, Util.currentDaysSinceEpoch(), new AuthCredentialResponse(credentials.credentials().get(0).credential())))
         .doesNotThrowAnyException();
   }
 
@@ -236,14 +236,14 @@ class CertificateControllerTest {
         .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
         .get(GroupCredentials.class);
 
-    assertThat(credentials.getCredentials().size()).isEqualTo(1);
-    assertThat(credentials.getCredentials().get(0).getRedemptionTime()).isEqualTo(Util.currentDaysSinceEpoch());
+    assertThat(credentials.credentials().size()).isEqualTo(1);
+    assertThat(credentials.credentials().get(0).redemptionTime()).isEqualTo(Util.currentDaysSinceEpoch());
 
     ClientZkAuthOperations clientZkAuthOperations = new ClientZkAuthOperations(serverSecretParams.getPublicParams());
 
     assertThatExceptionOfType(VerificationFailedException.class)
         .isThrownBy(() ->
-            clientZkAuthOperations.receiveAuthCredential(AuthHelper.VALID_UUID, Util.currentDaysSinceEpoch(), new AuthCredentialResponse(credentials.getCredentials().get(0).getCredential())));
+            clientZkAuthOperations.receiveAuthCredential(AuthHelper.VALID_UUID, Util.currentDaysSinceEpoch(), new AuthCredentialResponse(credentials.credentials().get(0).credential())));
   }
 
   @Test
@@ -254,17 +254,17 @@ class CertificateControllerTest {
                                             .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
                                             .get(GroupCredentials.class);
 
-    assertThat(credentials.getCredentials().size()).isEqualTo(8);
+    assertThat(credentials.credentials().size()).isEqualTo(8);
 
     for (int i=0;i<=7;i++) {
-      assertThat(credentials.getCredentials().get(i).getRedemptionTime()).isEqualTo(Util.currentDaysSinceEpoch() + i);
+      assertThat(credentials.credentials().get(i).redemptionTime()).isEqualTo(Util.currentDaysSinceEpoch() + i);
 
       ClientZkAuthOperations clientZkAuthOperations = new ClientZkAuthOperations(serverSecretParams.getPublicParams());
 
       final int time = i;
 
       assertThatCode(() ->
-          clientZkAuthOperations.receiveAuthCredential(AuthHelper.VALID_UUID, Util.currentDaysSinceEpoch() + time , new AuthCredentialResponse(credentials.getCredentials().get(time).getCredential())))
+          clientZkAuthOperations.receiveAuthCredential(AuthHelper.VALID_UUID, Util.currentDaysSinceEpoch() + time , new AuthCredentialResponse(credentials.credentials().get(time).credential())))
           .doesNotThrowAnyException();
     }
   }
@@ -314,8 +314,9 @@ class CertificateControllerTest {
         .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
         .get(GroupCredentials.class);
 
-    assertEquals(1, credentials.getCredentials().size());
-    assertEquals(startOfDay.getEpochSecond(), credentials.getCredentials().get(0).getRedemptionTime());
+    assertEquals(1, credentials.credentials().size());
+    assertEquals(AuthHelper.VALID_PNI, credentials.pni());
+    assertEquals(startOfDay.getEpochSecond(), credentials.credentials().get(0).redemptionTime());
 
     final ClientZkAuthOperations clientZkAuthOperations =
         new ClientZkAuthOperations(serverSecretParams.getPublicParams());
@@ -325,7 +326,7 @@ class CertificateControllerTest {
           AuthHelper.VALID_UUID,
           AuthHelper.VALID_PNI,
           (int) startOfDay.getEpochSecond(),
-          new AuthCredentialWithPniResponse(credentials.getCredentials().get(0).getCredential()));
+          new AuthCredentialWithPniResponse(credentials.credentials().get(0).credential()));
     });
   }
 
@@ -341,14 +342,15 @@ class CertificateControllerTest {
         .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
         .get(GroupCredentials.class);
 
-    assertEquals(8, credentials.getCredentials().size());
+    assertEquals(AuthHelper.VALID_PNI, credentials.pni());
+    assertEquals(8, credentials.credentials().size());
 
     final ClientZkAuthOperations clientZkAuthOperations =
         new ClientZkAuthOperations(serverSecretParams.getPublicParams());
 
     for (int i = 0; i < 8; i++) {
       final Instant redemptionTime = startOfDay.plus(Duration.ofDays(i));
-      assertEquals(redemptionTime.getEpochSecond(), credentials.getCredentials().get(i).getRedemptionTime());
+      assertEquals(redemptionTime.getEpochSecond(), credentials.credentials().get(i).redemptionTime());
 
       final int index = i;
 
@@ -357,7 +359,7 @@ class CertificateControllerTest {
             AuthHelper.VALID_UUID,
             AuthHelper.VALID_PNI,
             redemptionTime.getEpochSecond(),
-            new AuthCredentialWithPniResponse(credentials.getCredentials().get(index).getCredential()));
+            new AuthCredentialWithPniResponse(credentials.credentials().get(index).credential()));
       });
     }
   }