Update to dynamodb-lock-client 1.2.0

pom.xml

@@ -38,7 +38,6 @@
   </modules>
 
   <properties>
-    <aws.sdk.version>1.12.376</aws.sdk.version>
     <aws.sdk2.version>2.19.8</aws.sdk2.version>
     <braintree.version>3.19.0</braintree.version>
     <commons-csv.version>1.9.0</commons-csv.version>
@@ -109,13 +108,6 @@
         <type>pom</type>
         <scope>import</scope>
       </dependency>
-      <dependency>
-        <groupId>com.amazonaws</groupId>
-        <artifactId>aws-java-sdk-bom</artifactId>
-        <version>${aws.sdk.version}</version>
-        <type>pom</type>
-        <scope>import</scope>
-      </dependency>
       <dependency>
         <groupId>software.amazon.awssdk</groupId>
         <artifactId>bom</artifactId>

service/pom.xml

@@ -306,18 +306,10 @@
       <groupId>software.amazon.awssdk</groupId>
       <artifactId>appconfigdata</artifactId>
     </dependency>
-    <dependency>
-      <groupId>com.amazonaws</groupId>
-      <artifactId>aws-java-sdk-core</artifactId>
-    </dependency>
-    <dependency>
-      <groupId>com.amazonaws</groupId>
-      <artifactId>aws-java-sdk-sts</artifactId>
-    </dependency>
     <dependency>
       <groupId>com.amazonaws</groupId>
       <artifactId>dynamodb-lock-client</artifactId>
-      <version>1.1.0</version>
+      <version>1.2.0</version>
       <exclusions>
         <exclusion>
           <groupId>commons-logging</groupId>

service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java

@@ -7,10 +7,6 @@ package org.whispersystems.textsecuregcm;
 import static com.codahale.metrics.MetricRegistry.name;
 import static java.util.Objects.requireNonNull;
 
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.auth.AWSCredentialsProviderChain;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDB;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder;
 import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
 import com.google.api.client.http.apache.v2.ApacheHttpTransport;
 import com.google.api.client.json.gson.GsonFactory;
@@ -235,12 +231,6 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
           InstanceProfileCredentialsProvider.create(),
           WebIdentityTokenFileCredentialsProvider.create());
 
-  public static final AWSCredentialsProviderChain AWSSDK_V1_CREDENTIALS_PROVIDER_CHAIN = new AWSCredentialsProviderChain(
-      com.amazonaws.auth.InstanceProfileCredentialsProvider.getInstance(),
-      com.amazonaws.auth.WebIdentityTokenCredentialsProvider.create()
-  );
-
-
   @Override
   public void initialize(final Bootstrap<WhisperServerConfiguration> bootstrap) {
     // `SecretStore` needs to be initialized before Dropwizard reads the main application config file.
@@ -297,15 +287,6 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
     DynamoDbClient dynamoDbClient = DynamoDbFromConfig.client(config.getDynamoDbClientConfiguration(),
         AWSSDK_CREDENTIALS_PROVIDER);
 
-    AmazonDynamoDB deletedAccountsLockDynamoDbClient = AmazonDynamoDBClientBuilder.standard()
-        .withRegion(config.getDynamoDbClientConfiguration().getRegion())
-        .withClientConfiguration(new ClientConfiguration().withClientExecutionTimeout(
-                ((int) config.getDynamoDbClientConfiguration().getClientExecutionTimeout().toMillis()))
-            .withRequestTimeout(
-                (int) config.getDynamoDbClientConfiguration().getClientRequestTimeout().toMillis()))
-        .withCredentials(AWSSDK_V1_CREDENTIALS_PROVIDER_CHAIN)
-        .build();
-
     DeletedAccounts deletedAccounts = new DeletedAccounts(dynamoDbClient,
         config.getDynamoDbTables().getDeletedAccounts().getTableName());
 
@@ -503,7 +484,8 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
         config.getReportMessageConfiguration().getCounterTtl());
     MessagesManager messagesManager = new MessagesManager(messagesDynamoDb, messagesCache, reportMessageManager,
         messageDeletionAsyncExecutor);
-    AccountLockManager accountLockManager = new AccountLockManager(deletedAccountsLockDynamoDbClient, config.getDynamoDbTables().getDeletedAccountsLock().getTableName());
+    AccountLockManager accountLockManager = new AccountLockManager(dynamoDbClient,
+        config.getDynamoDbTables().getDeletedAccountsLock().getTableName());
     AccountsManager accountsManager = new AccountsManager(accounts, phoneNumberIdentifiers, cacheCluster,
         accountLockManager, deletedAccounts, keys, messagesManager, profilesManager,
         pendingAccountsManager, secureStorageClient, secureBackupClient, secureValueRecovery2Client,

service/src/main/java/org/whispersystems/textsecuregcm/s3/PolicySigner.java

@@ -5,15 +5,14 @@
 
 package org.whispersystems.textsecuregcm.s3;
 
-import com.amazonaws.util.Base16Lower;
-
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
 import java.io.UnsupportedEncodingException;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.time.ZonedDateTime;
 import java.time.format.DateTimeFormatter;
+import java.util.HexFormat;
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
 
 public class PolicySigner {
 
@@ -43,7 +42,7 @@ public class PolicySigner {
 
       mac.init(new SecretKeySpec(signingKey, "HmacSHA256"));
 
-      return Base16Lower.encodeAsString(mac.doFinal(policy.getBytes("UTF-8")));
+      return HexFormat.of().formatHex(mac.doFinal(policy.getBytes("UTF-8")));
     } catch (NoSuchAlgorithmException | InvalidKeyException | UnsupportedEncodingException e) {
       throw new AssertionError(e);
     }

service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountLockManager.java

@@ -1,7 +1,6 @@
 package org.whispersystems.textsecuregcm.storage;
 
 import com.amazonaws.services.dynamodbv2.AcquireLockOptions;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDB;
 import com.amazonaws.services.dynamodbv2.AmazonDynamoDBLockClient;
 import com.amazonaws.services.dynamodbv2.AmazonDynamoDBLockClientOptions;
 import com.amazonaws.services.dynamodbv2.LockItem;
@@ -10,12 +9,13 @@ import com.google.common.annotations.VisibleForTesting;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
+import software.amazon.awssdk.services.dynamodb.DynamoDbClient;
 
 public class AccountLockManager {
 
   private final AmazonDynamoDBLockClient lockClient;
 
-  public AccountLockManager(final AmazonDynamoDB lockDynamoDb, final String lockTableName) {
+  public AccountLockManager(final DynamoDbClient lockDynamoDb, final String lockTableName) {
     this(new AmazonDynamoDBLockClient(
         AmazonDynamoDBLockClientOptions.builder(lockDynamoDb, lockTableName)
             .withPartitionKeyName(DeletedAccounts.KEY_ACCOUNT_E164)

service/src/main/java/org/whispersystems/textsecuregcm/workers/AssignUsernameCommand.java

@@ -7,9 +7,6 @@ package org.whispersystems.textsecuregcm.workers;
 
 import static com.codahale.metrics.MetricRegistry.name;
 
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDB;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import io.dropwizard.Application;
 import io.dropwizard.cli.EnvironmentCommand;
@@ -135,17 +132,6 @@ public class AssignUsernameCommand extends EnvironmentCommand<WhisperServerConfi
     DynamoDbClient dynamoDbClient = DynamoDbFromConfig.client(configuration.getDynamoDbClientConfiguration(),
         WhisperServerService.AWSSDK_CREDENTIALS_PROVIDER);
 
-    AmazonDynamoDB deletedAccountsLockDynamoDbClient = AmazonDynamoDBClientBuilder.standard()
-        .withRegion(configuration.getDynamoDbClientConfiguration().getRegion())
-        .withClientConfiguration(new ClientConfiguration().withClientExecutionTimeout(
-                ((int) configuration.getDynamoDbClientConfiguration().getClientExecutionTimeout()
-                    .toMillis()))
-            .withRequestTimeout(
-                (int) configuration.getDynamoDbClientConfiguration().getClientRequestTimeout()
-                    .toMillis()))
-        .withCredentials(WhisperServerService.AWSSDK_V1_CREDENTIALS_PROVIDER_CHAIN)
-        .build();
-
     DeletedAccounts deletedAccounts = new DeletedAccounts(dynamoDbClient,
         configuration.getDynamoDbTables().getDeletedAccounts().getTableName());
     VerificationCodeStore pendingAccounts = new VerificationCodeStore(dynamoDbClient,
@@ -206,7 +192,8 @@ public class AssignUsernameCommand extends EnvironmentCommand<WhisperServerConfi
         configuration.getReportMessageConfiguration().getCounterTtl());
     MessagesManager messagesManager = new MessagesManager(messagesDynamoDb, messagesCache,
         reportMessageManager, messageDeletionExecutor);
-    AccountLockManager accountLockManager = new AccountLockManager(deletedAccountsLockDynamoDbClient, configuration.getDynamoDbTables().getDeletedAccountsLock().getTableName());
+    AccountLockManager accountLockManager = new AccountLockManager(dynamoDbClient,
+        configuration.getDynamoDbTables().getDeletedAccountsLock().getTableName());
     StoredVerificationCodeManager pendingAccountsManager = new StoredVerificationCodeManager(pendingAccounts);
     AccountsManager accountsManager = new AccountsManager(accounts, phoneNumberIdentifiers, cacheCluster,
         accountLockManager, deletedAccounts, keys, messagesManager, profilesManager,

service/src/main/java/org/whispersystems/textsecuregcm/workers/CommandDependencies.java

@@ -7,9 +7,6 @@ package org.whispersystems.textsecuregcm.workers;
 
 import static com.codahale.metrics.MetricRegistry.name;
 
-import com.amazonaws.ClientConfiguration;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDB;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder;
 import com.fasterxml.jackson.databind.DeserializationFeature;
 import io.dropwizard.setup.Environment;
 import io.lettuce.core.resource.ClientResources;
@@ -116,17 +113,6 @@ record CommandDependencies(
     DynamoDbClient dynamoDbClient = DynamoDbFromConfig.client(
         configuration.getDynamoDbClientConfiguration(), WhisperServerService.AWSSDK_CREDENTIALS_PROVIDER);
 
-    AmazonDynamoDB deletedAccountsLockDynamoDbClient = AmazonDynamoDBClientBuilder.standard()
-        .withRegion(configuration.getDynamoDbClientConfiguration().getRegion())
-        .withClientConfiguration(new ClientConfiguration().withClientExecutionTimeout(
-                ((int) configuration.getDynamoDbClientConfiguration().getClientExecutionTimeout()
-                    .toMillis()))
-            .withRequestTimeout(
-                (int) configuration.getDynamoDbClientConfiguration().getClientRequestTimeout()
-                    .toMillis()))
-        .withCredentials(WhisperServerService.AWSSDK_V1_CREDENTIALS_PROVIDER_CHAIN)
-        .build();
-
     DeletedAccounts deletedAccounts = new DeletedAccounts(dynamoDbClient,
         configuration.getDynamoDbTables().getDeletedAccounts().getTableName());
     VerificationCodeStore pendingAccounts = new VerificationCodeStore(dynamoDbClient,
@@ -190,7 +176,8 @@ record CommandDependencies(
         configuration.getReportMessageConfiguration().getCounterTtl());
     MessagesManager messagesManager = new MessagesManager(messagesDynamoDb, messagesCache,
         reportMessageManager, messageDeletionExecutor);
-    AccountLockManager accountLockManager = new AccountLockManager(deletedAccountsLockDynamoDbClient, configuration.getDynamoDbTables().getDeletedAccountsLock().getTableName());
+    AccountLockManager accountLockManager = new AccountLockManager(dynamoDbClient,
+        configuration.getDynamoDbTables().getDeletedAccountsLock().getTableName());
     StoredVerificationCodeManager pendingAccountsManager = new StoredVerificationCodeManager(pendingAccounts);
     AccountsManager accountsManager = new AccountsManager(accounts, phoneNumberIdentifiers, cacheCluster,
         accountLockManager, deletedAccounts, keys, messagesManager, profilesManager,

service/src/test/java/org/whispersystems/textsecuregcm/storage/AccountsManagerChangeNumberIntegrationTest.java

@@ -83,7 +83,7 @@ class AccountsManagerChangeNumberIntegrationTest {
       deletedAccounts = new DeletedAccounts(DYNAMO_DB_EXTENSION.getDynamoDbClient(),
           Tables.DELETED_ACCOUNTS.tableName());
 
-      final AccountLockManager accountLockManager = new AccountLockManager(DYNAMO_DB_EXTENSION.getLegacyDynamoClient(),
+      final AccountLockManager accountLockManager = new AccountLockManager(DYNAMO_DB_EXTENSION.getDynamoDbClient(),
           Tables.DELETED_ACCOUNTS_LOCK.tableName());
 
       final SecureStorageClient secureStorageClient = mock(SecureStorageClient.class);

service/src/test/java/org/whispersystems/textsecuregcm/storage/DynamoDbExtension.java

@@ -6,16 +6,10 @@
 package org.whispersystems.textsecuregcm.storage;
 
 import com.almworks.sqlite4java.SQLite;
-import com.amazonaws.auth.AWSStaticCredentialsProvider;
-import com.amazonaws.auth.BasicAWSCredentials;
-import com.amazonaws.client.builder.AwsClientBuilder;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDB;
-import com.amazonaws.services.dynamodbv2.AmazonDynamoDBClientBuilder;
 import com.amazonaws.services.dynamodbv2.local.main.ServerRunner;
 import com.amazonaws.services.dynamodbv2.local.server.DynamoDBProxyServer;
 import java.net.ServerSocket;
 import java.net.URI;
-import java.util.ArrayList;
 import java.util.List;
 import java.util.concurrent.atomic.AtomicBoolean;
 import org.junit.jupiter.api.extension.AfterEachCallback;
@@ -67,7 +61,6 @@ public class DynamoDbExtension implements BeforeEachCallback, AfterEachCallback
   private final List<TableSchema> schemas;
   private DynamoDbClient dynamoDB2;
   private DynamoDbAsyncClient dynamoAsyncDB2;
-  private AmazonDynamoDB legacyDynamoClient;
 
   public DynamoDbExtension(TableSchema... schemas) {
     this.schemas = List.of(schemas);
@@ -165,11 +158,6 @@ public class DynamoDbExtension implements BeforeEachCallback, AfterEachCallback
         .credentialsProvider(StaticCredentialsProvider.create(
             AwsBasicCredentials.create("accessKey", "secretKey")))
         .build();
-    legacyDynamoClient = AmazonDynamoDBClientBuilder.standard()
-        .withEndpointConfiguration(
-            new AwsClientBuilder.EndpointConfiguration("http://localhost:" + port, "local-test-region"))
-        .withCredentials(new AWSStaticCredentialsProvider(new BasicAWSCredentials("accessKey", "secretKey")))
-        .build();
   }
 
   public DynamoDbClient getDynamoDbClient() {
@@ -180,7 +168,4 @@ public class DynamoDbExtension implements BeforeEachCallback, AfterEachCallback
     return dynamoAsyncDB2;
   }
 
-  public AmazonDynamoDB getLegacyDynamoClient() {
-    return legacyDynamoClient;
-  }
 }