MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix a UUID transposition when requesting profile key credentials

This commit is contained in:
Jon Chambers 2021-12-03 15:48:52 -05:00 committed by Jon Chambers
parent d0ad580c7d
commit d78d7c726e
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java
View File

@ -265,10 +265,10 @@ public class ProfileController {
Optional<Account> accountProfile = accountsManager.getByAccountIdentifier(uuid); Optional<Account> accountProfile = accountsManager.getByAccountIdentifier(uuid);
OptionalAccess.verify(requestAccount, accessKey, accountProfile); OptionalAccess.verify(requestAccount, accessKey, accountProfile);
assert(accountProfile.isPresent()); assert accountProfile.isPresent();
Optional<String> username = accountProfile.flatMap(Account::getUsername); Optional<String> username = accountProfile.flatMap(Account::getUsername);
Optional<VersionedProfile> profile = profilesManager.get(uuid, version); Optional<VersionedProfile> profile = profilesManager.get(uuid, version);
String name = profile.map(VersionedProfile::getName).orElse(accountProfile.get().getProfileName()); String name = profile.map(VersionedProfile::getName).orElse(accountProfile.get().getProfileName());
String about = profile.map(VersionedProfile::getAbout).orElse(null); String about = profile.map(VersionedProfile::getAbout).orElse(null);
@ -286,7 +286,7 @@ public class ProfileController {
final ProfileKeyCredentialResponse profileKeyCredentialResponse; final ProfileKeyCredentialResponse profileKeyCredentialResponse;
final PniCredentialResponse pniCredentialResponse; final PniCredentialResponse pniCredentialResponse;
if (credentialRequest.isPresent() && credentialType.isPresent() && profile.isPresent() && requestAccount.isPresent()) { if (credentialRequest.isPresent() && credentialType.isPresent() && profile.isPresent()) {
if (PNI_CREDENTIAL_TYPE.equals(credentialType.get())) { if (PNI_CREDENTIAL_TYPE.equals(credentialType.get())) {
if (!isSelf) { if (!isSelf) {
throw new ForbiddenException(); throw new ForbiddenException();
@ -300,7 +300,7 @@ public class ProfileController {
} else if (PROFILE_KEY_CREDENTIAL_TYPE.equals(credentialType.get())) { } else if (PROFILE_KEY_CREDENTIAL_TYPE.equals(credentialType.get())) {
profileKeyCredentialResponse = getProfileCredential(credentialRequest.get(), profileKeyCredentialResponse = getProfileCredential(credentialRequest.get(),
profile.get(), profile.get(),
requestAccount.get().getUuid()); uuid);
pniCredentialResponse = null; pniCredentialResponse = null;
} else { } else {