MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Produce verification tokens instead of stored verification codes for linking devices

This commit is contained in:
Jon Chambers 2023-08-03 17:58:32 -04:00 committed by Jon Chambers
parent 43d91e5bd6
commit c873f62025
2 changed files with 70 additions and 99 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
service/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java
View File

@ -18,7 +18,6 @@ import java.security.InvalidKeyException;
import java.security.Key; import java.security.Key;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException; import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.time.Clock; import java.time.Clock;
import java.time.Duration; import java.time.Duration;
import java.time.Instant; import java.time.Instant;
@ -52,7 +51,6 @@ import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount;
import org.whispersystems.textsecuregcm.auth.BasicAuthorizationHeader; import org.whispersystems.textsecuregcm.auth.BasicAuthorizationHeader;
import org.whispersystems.textsecuregcm.auth.ChangesDeviceEnabledState; import org.whispersystems.textsecuregcm.auth.ChangesDeviceEnabledState;
import org.whispersystems.textsecuregcm.auth.SaltedTokenHash; import org.whispersystems.textsecuregcm.auth.SaltedTokenHash;
import org.whispersystems.textsecuregcm.auth.StoredVerificationCode;
import org.whispersystems.textsecuregcm.entities.AccountAttributes; import org.whispersystems.textsecuregcm.entities.AccountAttributes;
import org.whispersystems.textsecuregcm.entities.DeviceActivationRequest; import org.whispersystems.textsecuregcm.entities.DeviceActivationRequest;
import org.whispersystems.textsecuregcm.entities.DeviceInfo; import org.whispersystems.textsecuregcm.entities.DeviceInfo;
@ -184,13 +182,7 @@ public class DeviceController {
throw new WebApplicationException(Response.Status.UNAUTHORIZED); throw new WebApplicationException(Response.Status.UNAUTHORIZED);
} }
VerificationCode verificationCode = generateVerificationCode(); return new VerificationCode(generateVerificationToken(account.getUuid()));
StoredVerificationCode storedVerificationCode =
new StoredVerificationCode(verificationCode.verificationCode(), System.currentTimeMillis(), null, null);
pendingDevices.store(account.getNumber(), storedVerificationCode);
return verificationCode;
} }
/** /**
@ -277,13 +269,6 @@ public class DeviceController {
accounts.updateDevice(auth.getAccount(), deviceId, d -> d.setCapabilities(capabilities)); accounts.updateDevice(auth.getAccount(), deviceId, d -> d.setCapabilities(capabilities));
} }
@VisibleForTesting
VerificationCode generateVerificationCode() {
SecureRandom random = new SecureRandom();
int randomInt = 100000 + random.nextInt(900000);
return new VerificationCode(String.valueOf(randomInt));
}
private Mac getInitializedMac() { private Mac getInitializedMac() {
try { try {
final Mac mac = Mac.getInstance(VERIFICATION_TOKEN_ALGORITHM); final Mac mac = Mac.getInstance(VERIFICATION_TOKEN_ALGORITHM);

152
service/src/test/java/org/whispersystems/textsecuregcm/controllers/DeviceControllerTest.java
View File

@ -32,7 +32,6 @@ import org.whispersystems.textsecuregcm.limits.RateLimiter;
import org.whispersystems.textsecuregcm.limits.RateLimiters; import org.whispersystems.textsecuregcm.limits.RateLimiters;
import org.whispersystems.textsecuregcm.mappers.DeviceLimitExceededExceptionMapper; import org.whispersystems.textsecuregcm.mappers.DeviceLimitExceededExceptionMapper;
import org.whispersystems.textsecuregcm.push.ClientPresenceManager; import org.whispersystems.textsecuregcm.push.ClientPresenceManager;
import org.whispersystems.textsecuregcm.redis.FaultTolerantRedisCluster;
import org.whispersystems.textsecuregcm.storage.*; import org.whispersystems.textsecuregcm.storage.*;
import org.whispersystems.textsecuregcm.storage.Device.DeviceCapabilities; import org.whispersystems.textsecuregcm.storage.Device.DeviceCapabilities;
import org.whispersystems.textsecuregcm.tests.util.AccountsHelper; import org.whispersystems.textsecuregcm.tests.util.AccountsHelper;
@ -42,13 +41,11 @@ import org.whispersystems.textsecuregcm.tests.util.RedisClusterHelper;
import org.whispersystems.textsecuregcm.util.TestClock; import org.whispersystems.textsecuregcm.util.TestClock;
import org.whispersystems.textsecuregcm.util.VerificationCode; import org.whispersystems.textsecuregcm.util.VerificationCode;
import javax.ws.rs.Path;
import javax.ws.rs.client.Entity; import javax.ws.rs.client.Entity;
import javax.ws.rs.core.MediaType; import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import java.security.SecureRandom; import java.security.SecureRandom;
import java.time.Clock;
import java.time.Instant; import java.time.Instant;
import java.util.*; import java.util.*;
import java.util.concurrent.CompletableFuture; import java.util.concurrent.CompletableFuture;
@ -64,28 +61,6 @@ import static org.mockito.Mockito.*;
@ExtendWith(DropwizardExtensionsSupport.class) @ExtendWith(DropwizardExtensionsSupport.class)
class DeviceControllerTest { class DeviceControllerTest {
@Path("/v1/devices")
static class DumbVerificationDeviceController extends DeviceController {
public DumbVerificationDeviceController(StoredVerificationCodeManager pendingDevices,
byte[] linkDeviceSecret,
AccountsManager accounts,
MessagesManager messages,
KeysManager keys,
RateLimiters rateLimiters,
FaultTolerantRedisCluster usedTokenCluster,
Map<String, Integer> deviceConfiguration,
Clock clock) {
super(pendingDevices, linkDeviceSecret, accounts, messages, keys, rateLimiters, usedTokenCluster, deviceConfiguration, clock);
}
@Override
protected VerificationCode generateVerificationCode() {
return new VerificationCode("5678901");
}
}
private static StoredVerificationCodeManager pendingDevicesManager = mock(StoredVerificationCodeManager.class); private static StoredVerificationCodeManager pendingDevicesManager = mock(StoredVerificationCodeManager.class);
private static AccountsManager accountsManager = mock(AccountsManager.class); private static AccountsManager accountsManager = mock(AccountsManager.class);
private static MessagesManager messagesManager = mock(MessagesManager.class); private static MessagesManager messagesManager = mock(MessagesManager.class);
@ -100,7 +75,7 @@ class DeviceControllerTest {
private static Map<String, Integer> deviceConfiguration = new HashMap<>(); private static Map<String, Integer> deviceConfiguration = new HashMap<>();
private static TestClock testClock = TestClock.now(); private static TestClock testClock = TestClock.now();
private static DeviceController deviceController = new DumbVerificationDeviceController(pendingDevicesManager, private static DeviceController deviceController = new DeviceController(pendingDevicesManager,
generateLinkDeviceSecret(), generateLinkDeviceSecret(),
accountsManager, accountsManager,
messagesManager, messagesManager,
@ -150,9 +125,8 @@ class DeviceControllerTest {
when(account.isGiftBadgesSupported()).thenReturn(true); when(account.isGiftBadgesSupported()).thenReturn(true);
when(account.isPaymentActivationSupported()).thenReturn(false); when(account.isPaymentActivationSupported()).thenReturn(false);
when(pendingDevicesManager.getCodeForNumber(AuthHelper.VALID_NUMBER)).thenReturn( when(pendingDevicesManager.getCodeForNumber(any())).thenReturn(Optional.empty());
Optional.of(new StoredVerificationCode("5678901", System.currentTimeMillis(), null, null))); when(accountsManager.getByAccountIdentifier(AuthHelper.VALID_UUID)).thenReturn(Optional.of(account));
when(pendingDevicesManager.getCodeForNumber(AuthHelper.VALID_NUMBER_TWO)).thenReturn(Optional.empty());
when(accountsManager.getByE164(AuthHelper.VALID_NUMBER)).thenReturn(Optional.of(account)); when(accountsManager.getByE164(AuthHelper.VALID_NUMBER)).thenReturn(Optional.of(account));
when(accountsManager.getByE164(AuthHelper.VALID_NUMBER_TWO)).thenReturn(Optional.of(maxedAccount)); when(accountsManager.getByE164(AuthHelper.VALID_NUMBER_TWO)).thenReturn(Optional.of(maxedAccount));
@ -183,10 +157,9 @@ class DeviceControllerTest {
@Test @Test
void validDeviceRegisterTest() { void validDeviceRegisterTest() {
when(accountsManager.getByAccountIdentifier(AuthHelper.VALID_UUID)).thenReturn(Optional.of(AuthHelper.VALID_ACCOUNT));
final Device existingDevice = mock(Device.class); final Device existingDevice = mock(Device.class);
when(existingDevice.getId()).thenReturn(Device.MASTER_ID); when(existingDevice.getId()).thenReturn(Device.MASTER_ID);
when(existingDevice.isEnabled()).thenReturn(true);
when(AuthHelper.VALID_ACCOUNT.getDevices()).thenReturn(List.of(existingDevice)); when(AuthHelper.VALID_ACCOUNT.getDevices()).thenReturn(List.of(existingDevice));
VerificationCode deviceCode = resources.getJerseyTest() VerificationCode deviceCode = resources.getJerseyTest()
@ -195,10 +168,8 @@ class DeviceControllerTest {
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(VerificationCode.class); .get(VerificationCode.class);
assertThat(deviceCode).isEqualTo(new VerificationCode("5678901"));
DeviceResponse response = resources.getJerseyTest() DeviceResponse response = resources.getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + deviceCode.verificationCode())
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1")) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1"))
.put(Entity.entity(new AccountAttributes(false, 1234, null, .put(Entity.entity(new AccountAttributes(false, 1234, null,
@ -210,22 +181,22 @@ class DeviceControllerTest {
verify(pendingDevicesManager).remove(AuthHelper.VALID_NUMBER); verify(pendingDevicesManager).remove(AuthHelper.VALID_NUMBER);
verify(messagesManager).clear(eq(AuthHelper.VALID_UUID), eq(42L)); verify(messagesManager).clear(eq(AuthHelper.VALID_UUID), eq(42L));
verify(clientPresenceManager).disconnectPresence(AuthHelper.VALID_UUID, Device.MASTER_ID); verify(commands).set(anyString(), anyString(), any());
verify(commands, never()).set(anyString(), anyString(), any());
} }
@Test @Test
void validDeviceRegisterTestSignedToken() { void validDeviceRegisterTestStoredCode() {
when(accountsManager.getByAccountIdentifier(AuthHelper.VALID_UUID)).thenReturn(Optional.of(account));
final Device existingDevice = mock(Device.class); final Device existingDevice = mock(Device.class);
when(existingDevice.getId()).thenReturn(Device.MASTER_ID); when(existingDevice.getId()).thenReturn(Device.MASTER_ID);
when(AuthHelper.VALID_ACCOUNT.getDevices()).thenReturn(List.of(existingDevice)); when(account.getDevices()).thenReturn(List.of(existingDevice));
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID); final String storedCode = "5678901";
when(pendingDevicesManager.getCodeForNumber(AuthHelper.VALID_NUMBER)).thenReturn(
Optional.of(new StoredVerificationCode(storedCode, System.currentTimeMillis(), null, null)));
final DeviceResponse response = resources.getJerseyTest() final DeviceResponse response = resources.getJerseyTest()
.target("/v1/devices/" + verificationToken) .target("/v1/devices/" + storedCode)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1")) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1"))
.put(Entity.entity(new AccountAttributes(false, 1234, null, .put(Entity.entity(new AccountAttributes(false, 1234, null,
@ -235,7 +206,7 @@ class DeviceControllerTest {
assertThat(response.getDeviceId()).isEqualTo(42L); assertThat(response.getDeviceId()).isEqualTo(42L);
verify(commands).set(anyString(), anyString(), any()); verify(commands, never()).set(anyString(), anyString(), any());
} }
@Test @Test
@ -275,10 +246,8 @@ class DeviceControllerTest {
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(VerificationCode.class); .get(VerificationCode.class);
assertThat(deviceCode).isEqualTo(new VerificationCode("5678901"));
final Response response = resources.getJerseyTest() final Response response = resources.getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + deviceCode.verificationCode())
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1")) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1"))
.put(Entity.json("")); .put(Entity.json(""));
@ -288,8 +257,10 @@ class DeviceControllerTest {
@Test @Test
void verifyDeviceTokenBadCredentials() { void verifyDeviceTokenBadCredentials() {
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
final Response response = resources.getJerseyTest() final Response response = resources.getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", "This is not a valid authorization header") .header("Authorization", "This is not a valid authorization header")
.put(Entity.entity(new AccountAttributes(false, 1234, null, .put(Entity.entity(new AccountAttributes(false, 1234, null,
@ -309,8 +280,6 @@ class DeviceControllerTest {
final Optional<String> expectedApnsVoipToken, final Optional<String> expectedApnsVoipToken,
final Optional<String> expectedGcmToken) { final Optional<String> expectedGcmToken) {
when(accountsManager.getByAccountIdentifier(AuthHelper.VALID_UUID)).thenReturn(Optional.of(AuthHelper.VALID_ACCOUNT));
final Device existingDevice = mock(Device.class); final Device existingDevice = mock(Device.class);
when(existingDevice.getId()).thenReturn(Device.MASTER_ID); when(existingDevice.getId()).thenReturn(Device.MASTER_ID);
when(AuthHelper.VALID_ACCOUNT.getDevices()).thenReturn(List.of(existingDevice)); when(AuthHelper.VALID_ACCOUNT.getDevices()).thenReturn(List.of(existingDevice));
@ -321,8 +290,6 @@ class DeviceControllerTest {
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(VerificationCode.class); .get(VerificationCode.class);
assertThat(deviceCode).isEqualTo(new VerificationCode("5678901"));
final Optional<ECSignedPreKey> aciSignedPreKey; final Optional<ECSignedPreKey> aciSignedPreKey;
final Optional<ECSignedPreKey> pniSignedPreKey; final Optional<ECSignedPreKey> pniSignedPreKey;
final Optional<KEMSignedPreKey> aciPqLastResortPreKey; final Optional<KEMSignedPreKey> aciPqLastResortPreKey;
@ -342,7 +309,7 @@ class DeviceControllerTest {
when(keysManager.storeEcSignedPreKeys(any(), any())).thenReturn(CompletableFuture.completedFuture(null)); when(keysManager.storeEcSignedPreKeys(any(), any())).thenReturn(CompletableFuture.completedFuture(null));
when(keysManager.storePqLastResort(any(), any())).thenReturn(CompletableFuture.completedFuture(null)); when(keysManager.storePqLastResort(any(), any())).thenReturn(CompletableFuture.completedFuture(null));
final LinkDeviceRequest request = new LinkDeviceRequest("5678901", final LinkDeviceRequest request = new LinkDeviceRequest(deviceCode.verificationCode(),
new AccountAttributes(fetchesMessages, 1234, null, null, true, null), new AccountAttributes(fetchesMessages, 1234, null, null, true, null),
new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, apnRegistrationId, gcmRegistrationId)); new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, apnRegistrationId, gcmRegistrationId));
@ -374,19 +341,18 @@ class DeviceControllerTest {
verify(pendingDevicesManager).remove(AuthHelper.VALID_NUMBER); verify(pendingDevicesManager).remove(AuthHelper.VALID_NUMBER);
verify(messagesManager).clear(eq(AuthHelper.VALID_UUID), eq(42L)); verify(messagesManager).clear(eq(AuthHelper.VALID_UUID), eq(42L));
verify(clientPresenceManager).disconnectPresence(AuthHelper.VALID_UUID, Device.MASTER_ID);
verify(keysManager).storeEcSignedPreKeys(AuthHelper.VALID_UUID, Map.of(response.getDeviceId(), aciSignedPreKey.get())); verify(keysManager).storeEcSignedPreKeys(AuthHelper.VALID_UUID, Map.of(response.getDeviceId(), aciSignedPreKey.get()));
verify(keysManager).storeEcSignedPreKeys(AuthHelper.VALID_PNI, Map.of(response.getDeviceId(), pniSignedPreKey.get())); verify(keysManager).storeEcSignedPreKeys(AuthHelper.VALID_PNI, Map.of(response.getDeviceId(), pniSignedPreKey.get()));
verify(keysManager).storePqLastResort(AuthHelper.VALID_UUID, Map.of(response.getDeviceId(), aciPqLastResortPreKey.get())); verify(keysManager).storePqLastResort(AuthHelper.VALID_UUID, Map.of(response.getDeviceId(), aciPqLastResortPreKey.get()));
verify(keysManager).storePqLastResort(AuthHelper.VALID_PNI, Map.of(response.getDeviceId(), pniPqLastResortPreKey.get())); verify(keysManager).storePqLastResort(AuthHelper.VALID_PNI, Map.of(response.getDeviceId(), pniPqLastResortPreKey.get()));
verify(commands, never()).set(anyString(), anyString(), any()); verify(commands).set(anyString(), anyString(), any());
} }
@ParameterizedTest @ParameterizedTest
@MethodSource("linkDeviceAtomic") @MethodSource("linkDeviceAtomic")
@SuppressWarnings("OptionalUsedAsFieldOrParameterType") @SuppressWarnings("OptionalUsedAsFieldOrParameterType")
void linkDeviceAtomicWithVerificationToken(final boolean fetchesMessages, void linkDeviceAtomicWithStoredCode(final boolean fetchesMessages,
final Optional<ApnRegistrationId> apnRegistrationId, final Optional<ApnRegistrationId> apnRegistrationId,
final Optional<GcmRegistrationId> gcmRegistrationId, final Optional<GcmRegistrationId> gcmRegistrationId,
final Optional<String> expectedApnsToken, final Optional<String> expectedApnsToken,
@ -418,7 +384,12 @@ class DeviceControllerTest {
when(keysManager.storeEcSignedPreKeys(any(), any())).thenReturn(CompletableFuture.completedFuture(null)); when(keysManager.storeEcSignedPreKeys(any(), any())).thenReturn(CompletableFuture.completedFuture(null));
when(keysManager.storePqLastResort(any(), any())).thenReturn(CompletableFuture.completedFuture(null)); when(keysManager.storePqLastResort(any(), any())).thenReturn(CompletableFuture.completedFuture(null));
final LinkDeviceRequest request = new LinkDeviceRequest(deviceController.generateVerificationToken(AuthHelper.VALID_UUID), final String storedCode = "5678901";
when(pendingDevicesManager.getCodeForNumber(AuthHelper.VALID_NUMBER)).thenReturn(
Optional.of(new StoredVerificationCode(storedCode, System.currentTimeMillis(), null, null)));
final LinkDeviceRequest request = new LinkDeviceRequest(storedCode,
new AccountAttributes(fetchesMessages, 1234, null, null, true, null), new AccountAttributes(fetchesMessages, 1234, null, null, true, null),
new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, apnRegistrationId, gcmRegistrationId)); new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, apnRegistrationId, gcmRegistrationId));
@ -430,7 +401,7 @@ class DeviceControllerTest {
assertThat(response.getDeviceId()).isEqualTo(42L); assertThat(response.getDeviceId()).isEqualTo(42L);
verify(commands).set(anyString(), anyString(), any()); verify(commands, never()).set(anyString(), anyString(), any());
} }
private static Stream<Arguments> linkDeviceAtomic() { private static Stream<Arguments> linkDeviceAtomic() {
@ -508,8 +479,6 @@ class DeviceControllerTest {
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(VerificationCode.class); .get(VerificationCode.class);
assertThat(deviceCode).isEqualTo(new VerificationCode("5678901"));
final Optional<ECSignedPreKey> aciSignedPreKey; final Optional<ECSignedPreKey> aciSignedPreKey;
final Optional<ECSignedPreKey> pniSignedPreKey; final Optional<ECSignedPreKey> pniSignedPreKey;
final Optional<KEMSignedPreKey> aciPqLastResortPreKey; final Optional<KEMSignedPreKey> aciPqLastResortPreKey;
@ -526,7 +495,7 @@ class DeviceControllerTest {
when(account.getIdentityKey()).thenReturn(new IdentityKey(aciIdentityKeyPair.getPublicKey())); when(account.getIdentityKey()).thenReturn(new IdentityKey(aciIdentityKeyPair.getPublicKey()));
when(account.getPhoneNumberIdentityKey()).thenReturn(new IdentityKey(pniIdentityKeyPair.getPublicKey())); when(account.getPhoneNumberIdentityKey()).thenReturn(new IdentityKey(pniIdentityKeyPair.getPublicKey()));
final LinkDeviceRequest request = new LinkDeviceRequest("5678901", final LinkDeviceRequest request = new LinkDeviceRequest(deviceCode.verificationCode(),
new AccountAttributes(fetchesMessages, 1234, null, null, true, null), new AccountAttributes(fetchesMessages, 1234, null, null, true, null),
new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, apnRegistrationId, gcmRegistrationId)); new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, apnRegistrationId, gcmRegistrationId));
@ -571,12 +540,10 @@ class DeviceControllerTest {
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(VerificationCode.class); .get(VerificationCode.class);
assertThat(deviceCode).isEqualTo(new VerificationCode("5678901"));
when(account.getIdentityKey()).thenReturn(aciIdentityKey); when(account.getIdentityKey()).thenReturn(aciIdentityKey);
when(account.getPhoneNumberIdentityKey()).thenReturn(pniIdentityKey); when(account.getPhoneNumberIdentityKey()).thenReturn(pniIdentityKey);
final LinkDeviceRequest request = new LinkDeviceRequest("5678901", final LinkDeviceRequest request = new LinkDeviceRequest(deviceCode.verificationCode(),
new AccountAttributes(true, 1234, null, null, true, null), new AccountAttributes(true, 1234, null, null, true, null),
new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, Optional.empty(), Optional.empty())); new DeviceActivationRequest(aciSignedPreKey, pniSignedPreKey, aciPqLastResortPreKey, pniPqLastResortPreKey, Optional.empty(), Optional.empty()));
@ -631,12 +598,10 @@ class DeviceControllerTest {
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(VerificationCode.class); .get(VerificationCode.class);
assertThat(deviceCode).isEqualTo(new VerificationCode("5678901"));
when(account.getIdentityKey()).thenReturn(aciIdentityKey); when(account.getIdentityKey()).thenReturn(aciIdentityKey);
when(account.getPhoneNumberIdentityKey()).thenReturn(pniIdentityKey); when(account.getPhoneNumberIdentityKey()).thenReturn(pniIdentityKey);
final LinkDeviceRequest request = new LinkDeviceRequest("5678901", final LinkDeviceRequest request = new LinkDeviceRequest(deviceCode.verificationCode(),
new AccountAttributes(true, 1234, null, null, true, null), new AccountAttributes(true, 1234, null, null, true, null),
new DeviceActivationRequest(Optional.of(aciSignedPreKey), Optional.of(pniSignedPreKey), Optional.of(aciPqLastResortPreKey), Optional.of(pniPqLastResortPreKey), Optional.empty(), Optional.empty())); new DeviceActivationRequest(Optional.of(aciSignedPreKey), Optional.of(pniSignedPreKey), Optional.of(aciPqLastResortPreKey), Optional.of(pniPqLastResortPreKey), Optional.empty(), Optional.empty()));
@ -701,10 +666,8 @@ class DeviceControllerTest {
.header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_UUID, AuthHelper.VALID_PASSWORD))
.get(VerificationCode.class); .get(VerificationCode.class);
assertThat(deviceCode).isEqualTo(new VerificationCode("5678901"));
Response response = resources.getJerseyTest() Response response = resources.getJerseyTest()
.target("/v1/devices/5678902") .target("/v1/devices/" + deviceCode.verificationCode() + "-incorrect")
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1")) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1"))
.put(Entity.entity(new AccountAttributes(false, 1234, null, null, true, null), .put(Entity.entity(new AccountAttributes(false, 1234, null, null, true, null),
@ -744,8 +707,10 @@ class DeviceControllerTest {
@Test @Test
void longNameTest() { void longNameTest() {
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources.getJerseyTest() Response response = resources.getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1")) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, "password1"))
.put(Entity.entity(new AccountAttributes(false, 1234, .put(Entity.entity(new AccountAttributes(false, 1234,
@ -763,9 +728,12 @@ class DeviceControllerTest {
true, true, true, true, true); true, true, true, true, true);
AccountAttributes accountAttributes = AccountAttributes accountAttributes =
new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources Response response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30") .header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30")
@ -776,7 +744,7 @@ class DeviceControllerTest {
accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
response = resources response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30") .header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30")
@ -790,9 +758,12 @@ class DeviceControllerTest {
true, true, true, true, true); true, true, true, true, true);
AccountAttributes accountAttributes = AccountAttributes accountAttributes =
new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources Response response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30") .header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30")
@ -803,7 +774,7 @@ class DeviceControllerTest {
accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
response = resources response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30") .header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30")
@ -817,9 +788,12 @@ class DeviceControllerTest {
false, true, true, true, true); false, true, true, true, true);
AccountAttributes accountAttributes = AccountAttributes accountAttributes =
new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources Response response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", .header("Authorization",
AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
@ -831,7 +805,7 @@ class DeviceControllerTest {
accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
response = resources response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", .header("Authorization",
AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
@ -846,9 +820,12 @@ class DeviceControllerTest {
false, true, true, true); false, true, true, true);
AccountAttributes accountAttributes = AccountAttributes accountAttributes =
new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources Response response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30") .header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30")
@ -859,7 +836,7 @@ class DeviceControllerTest {
accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
response = resources response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", .header("Authorization",
AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
@ -874,9 +851,12 @@ class DeviceControllerTest {
true, false, true, true); true, false, true, true);
AccountAttributes accountAttributes = AccountAttributes accountAttributes =
new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources Response response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", .header("Authorization",
AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
@ -888,7 +868,7 @@ class DeviceControllerTest {
accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
response = resources response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", .header("Authorization",
AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
@ -901,9 +881,12 @@ class DeviceControllerTest {
void deviceDowngradeGiftBadgesTest() { void deviceDowngradeGiftBadgesTest() {
DeviceCapabilities deviceCapabilities = new DeviceCapabilities(true, true, true, true, true, true, true, false, true); DeviceCapabilities deviceCapabilities = new DeviceCapabilities(true, true, true, true, true, true, true, false, true);
AccountAttributes accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); AccountAttributes accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources Response response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30") .header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30")
@ -914,7 +897,7 @@ class DeviceControllerTest {
accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
response = resources response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", .header("Authorization",
AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
@ -955,9 +938,12 @@ class DeviceControllerTest {
// Update when we start returning true value of capability & restricting downgrades // Update when we start returning true value of capability & restricting downgrades
DeviceCapabilities deviceCapabilities = new DeviceCapabilities(true, true, true, true, true, true, true, true, paymentActivation); DeviceCapabilities deviceCapabilities = new DeviceCapabilities(true, true, true, true, true, true, true, true, paymentActivation);
AccountAttributes accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities); AccountAttributes accountAttributes = new AccountAttributes(false, 1234, null, null, true, deviceCapabilities);
final String verificationToken = deviceController.generateVerificationToken(AuthHelper.VALID_UUID);
Response response = resources Response response = resources
.getJerseyTest() .getJerseyTest()
.target("/v1/devices/5678901") .target("/v1/devices/" + verificationToken)
.request() .request()
.header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD)) .header("Authorization", AuthHelper.getProvisioningAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
.header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30") .header(HttpHeaders.USER_AGENT, "Signal-Android/5.42.8675309 Android/30")