diff --git a/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java b/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java index 53ee52066..339a7ed50 100644 --- a/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java +++ b/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java @@ -1,14 +1,19 @@ package org.whispersystems.textsecuregcm.controllers; import com.codahale.metrics.annotation.Timed; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.whispersystems.textsecuregcm.auth.CertificateGenerator; import org.whispersystems.textsecuregcm.entities.DeliveryCertificate; import org.whispersystems.textsecuregcm.storage.Account; +import org.whispersystems.textsecuregcm.util.Util; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.Produces; +import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.MediaType; +import javax.ws.rs.core.Response; import java.io.IOException; import java.security.InvalidKeyException; @@ -18,6 +23,8 @@ import io.dropwizard.auth.Auth; @Path("/v1/certificate") public class CertificateController { + private final Logger logger = LoggerFactory.getLogger(CertificateController.class); + private final CertificateGenerator certificateGenerator; public CertificateController(CertificateGenerator certificateGenerator) { @@ -30,6 +37,12 @@ public class CertificateController { @Path("/delivery") public DeliveryCertificate getDeliveryCertificate(@Auth Account account) throws IOException, InvalidKeyException { if (!account.getAuthenticatedDevice().isPresent()) throw new AssertionError(); + + if (Util.isEmpty(account.getIdentityKey())) { + logger.info("Requested certificate without identity key: " + account.getNumber()); + throw new WebApplicationException(Response.Status.BAD_REQUEST); + } + return new DeliveryCertificate(certificateGenerator.createFor(account, account.getAuthenticatedDevice().get())); }