Generate external creds for KBS based on UUID
This commit is contained in:
parent
e4e20c2d25
commit
e399f9e851
|
@ -285,7 +285,7 @@ public class AccountController {
|
||||||
long timeRemaining = TimeUnit.DAYS.toMillis(7) - (System.currentTimeMillis() - existingAccount.get().getLastSeen());
|
long timeRemaining = TimeUnit.DAYS.toMillis(7) - (System.currentTimeMillis() - existingAccount.get().getLastSeen());
|
||||||
Optional<ExternalServiceCredentials> credentials = existingAccount.get().getRegistrationLock().isPresent() &&
|
Optional<ExternalServiceCredentials> credentials = existingAccount.get().getRegistrationLock().isPresent() &&
|
||||||
existingAccount.get().getRegistrationLockSalt().isPresent() ?
|
existingAccount.get().getRegistrationLockSalt().isPresent() ?
|
||||||
Optional.of(backupServiceCredentialGenerator.generateFor(number)) :
|
Optional.of(backupServiceCredentialGenerator.generateFor(existingAccount.get().getUuid().toString())) :
|
||||||
Optional.empty();
|
Optional.empty();
|
||||||
|
|
||||||
if (Util.isEmpty(accountAttributes.getPin()) &&
|
if (Util.isEmpty(accountAttributes.getPin()) &&
|
||||||
|
|
|
@ -26,6 +26,6 @@ public class SecureBackupController {
|
||||||
@Path("/auth")
|
@Path("/auth")
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
public ExternalServiceCredentials getAuth(@Auth Account account) {
|
public ExternalServiceCredentials getAuth(@Auth Account account) {
|
||||||
return backupServiceCredentialGenerator.generateFor(account.getNumber());
|
return backupServiceCredentialGenerator.generateFor(account.getUuid().toString());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -50,6 +50,7 @@ import java.security.SecureRandom;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.Optional;
|
import java.util.Optional;
|
||||||
|
import java.util.UUID;
|
||||||
import java.util.concurrent.TimeUnit;
|
import java.util.concurrent.TimeUnit;
|
||||||
|
|
||||||
import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider;
|
import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider;
|
||||||
|
@ -68,6 +69,8 @@ public class AccountControllerTest {
|
||||||
private static final String SENDER_PREAUTH = "+14157777777";
|
private static final String SENDER_PREAUTH = "+14157777777";
|
||||||
private static final String SENDER_REG_LOCK = "+14158888888";
|
private static final String SENDER_REG_LOCK = "+14158888888";
|
||||||
|
|
||||||
|
private static final UUID SENDER_REG_LOCK_UUID = UUID.randomUUID();
|
||||||
|
|
||||||
private static final String ABUSIVE_HOST = "192.168.1.1";
|
private static final String ABUSIVE_HOST = "192.168.1.1";
|
||||||
private static final String RESTRICTED_HOST = "192.168.1.2";
|
private static final String RESTRICTED_HOST = "192.168.1.2";
|
||||||
private static final String NICE_HOST = "127.0.0.1";
|
private static final String NICE_HOST = "127.0.0.1";
|
||||||
|
@ -150,6 +153,7 @@ public class AccountControllerTest {
|
||||||
when(senderRegLockAccount.getRegistrationLock()).thenReturn(Optional.of(registrationLockCredentials.getHashedAuthenticationToken()));
|
when(senderRegLockAccount.getRegistrationLock()).thenReturn(Optional.of(registrationLockCredentials.getHashedAuthenticationToken()));
|
||||||
when(senderRegLockAccount.getRegistrationLockSalt()).thenReturn(Optional.of(registrationLockCredentials.getSalt()));
|
when(senderRegLockAccount.getRegistrationLockSalt()).thenReturn(Optional.of(registrationLockCredentials.getSalt()));
|
||||||
when(senderRegLockAccount.getLastSeen()).thenReturn(System.currentTimeMillis());
|
when(senderRegLockAccount.getLastSeen()).thenReturn(System.currentTimeMillis());
|
||||||
|
when(senderRegLockAccount.getUuid()).thenReturn(SENDER_REG_LOCK_UUID);
|
||||||
|
|
||||||
when(pendingAccountsManager.getCodeForNumber(SENDER)).thenReturn(Optional.of(new StoredVerificationCode("1234", System.currentTimeMillis(), null)));
|
when(pendingAccountsManager.getCodeForNumber(SENDER)).thenReturn(Optional.of(new StoredVerificationCode("1234", System.currentTimeMillis(), null)));
|
||||||
when(pendingAccountsManager.getCodeForNumber(SENDER_OLD)).thenReturn(Optional.of(new StoredVerificationCode("1234", System.currentTimeMillis() - TimeUnit.MINUTES.toMillis(31), null)));
|
when(pendingAccountsManager.getCodeForNumber(SENDER_OLD)).thenReturn(Optional.of(new StoredVerificationCode("1234", System.currentTimeMillis() - TimeUnit.MINUTES.toMillis(31), null)));
|
||||||
|
@ -608,9 +612,9 @@ public class AccountControllerTest {
|
||||||
|
|
||||||
RegistrationLockFailure failure = response.readEntity(RegistrationLockFailure.class);
|
RegistrationLockFailure failure = response.readEntity(RegistrationLockFailure.class);
|
||||||
assertThat(failure.getBackupCredentials()).isNotNull();
|
assertThat(failure.getBackupCredentials()).isNotNull();
|
||||||
assertThat(failure.getBackupCredentials().getUsername()).isEqualTo(SENDER_REG_LOCK);
|
assertThat(failure.getBackupCredentials().getUsername()).isEqualTo(SENDER_REG_LOCK_UUID.toString());
|
||||||
assertThat(failure.getBackupCredentials().getPassword()).isNotEmpty();
|
assertThat(failure.getBackupCredentials().getPassword()).isNotEmpty();
|
||||||
assertThat(failure.getBackupCredentials().getPassword().startsWith(SENDER_REG_LOCK)).isTrue();
|
assertThat(failure.getBackupCredentials().getPassword().startsWith(SENDER_REG_LOCK_UUID.toString())).isTrue();
|
||||||
assertThat(failure.getTimeRemaining()).isGreaterThan(0);
|
assertThat(failure.getTimeRemaining()).isGreaterThan(0);
|
||||||
|
|
||||||
verifyNoMoreInteractions(pinLimiter);
|
verifyNoMoreInteractions(pinLimiter);
|
||||||
|
|
Loading…
Reference in New Issue