Return a single OAuth2 credentials JSON

2023-08-18 12:35:18 -05:00 · 2023-08-18 12:35:18 -05:00 · eeea97e2fe
parent 360e101660
commit eeea97e2fe
5 changed files with 5 additions and 28 deletions
--- a/service/config/sample.yml
+++ b/service/config/sample.yml
@ -45,10 +45,6 @@ adminEventLoggingConfiguration:
    {
      "key": "value"
    }
-  secondaryCredentials: |
-    {
-      "key": "value"
-    }
  projectId: some-project-id
  logName: some-log-name

@ -235,7 +231,6 @@ unidentifiedDelivery:
 recaptcha:
  projectPath: projects/example
  credentialConfigurationJson: "{ }" # service account configuration for backend authentication
-  secondaryCredentialConfigurationJson: "{ }" # service account configuration for backend authentication

 hCaptcha:
  apiKey: secret://hCaptcha.apiKey
@ -400,10 +395,6 @@ registrationService:
    {
      "example": "example"
    }
-  secondaryCredentialConfigurationJson: |
-    {
-      "example": "example"
-    }
  identityTokenAudience: https://registration.example.com
  registrationCaCertificate: | # Registration service TLS certificate trust root
    -----BEGIN CERTIFICATE-----
--- a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
@ -39,7 +39,6 @@ import java.time.Duration;
 import java.util.Collections;
 import java.util.EnumSet;
 import java.util.List;
-import java.util.Optional;
 import java.util.ServiceLoader;
 import java.util.concurrent.ArrayBlockingQueue;
 import java.util.concurrent.BlockingQueue;
@ -116,7 +115,6 @@ import org.whispersystems.textsecuregcm.controllers.VerificationController;
 import org.whispersystems.textsecuregcm.currency.CoinMarketCapClient;
 import org.whispersystems.textsecuregcm.currency.CurrencyConversionManager;
 import org.whispersystems.textsecuregcm.currency.FixerClient;
-import org.whispersystems.textsecuregcm.grpc.ProfileGrpcService;
 import org.whispersystems.textsecuregcm.experiment.ExperimentEnrollmentManager;
 import org.whispersystems.textsecuregcm.filters.RemoteDeprecationFilter;
 import org.whispersystems.textsecuregcm.filters.RequestStatisticsFilter;
@ -124,6 +122,7 @@ import org.whispersystems.textsecuregcm.filters.TimestampResponseFilter;
 import org.whispersystems.textsecuregcm.grpc.GrpcServerManagedWrapper;
 import org.whispersystems.textsecuregcm.grpc.KeysAnonymousGrpcService;
 import org.whispersystems.textsecuregcm.grpc.KeysGrpcService;
+import org.whispersystems.textsecuregcm.grpc.ProfileGrpcService;
 import org.whispersystems.textsecuregcm.grpc.UserAgentInterceptor;
 import org.whispersystems.textsecuregcm.limits.CardinalityEstimator;
 import org.whispersystems.textsecuregcm.limits.PushChallengeManager;
@ -283,10 +282,6 @@ public class WhisperServerService extends Application<WhisperServerConfiguration

    MetricsUtil.configureRegistries(config, environment);

-    final boolean useSecondaryCredentialsJson = Optional.ofNullable(
-            System.getenv("SIGNAL_USE_SECONDARY_CREDENTIALS_JSON"))
-        .isPresent();
-
    HeaderControlledResourceBundleLookup headerControlledResourceBundleLookup =
        new HeaderControlledResourceBundleLookup();
    ConfiguredProfileBadgeConverter profileBadgeConverter = new ConfiguredProfileBadgeConverter(
@ -448,9 +443,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
    final AdminEventLogger adminEventLogger = new GoogleCloudAdminEventLogger(
        LoggingOptions.newBuilder().setProjectId(config.getAdminEventLoggingConfiguration().projectId())
            .setCredentials(GoogleCredentials.fromStream(new ByteArrayInputStream(
-                useSecondaryCredentialsJson
-                    ? config.getAdminEventLoggingConfiguration().secondaryCredentials().getBytes(StandardCharsets.UTF_8)
-                    : config.getAdminEventLoggingConfiguration().credentials().getBytes(StandardCharsets.UTF_8))))
+                config.getAdminEventLoggingConfiguration().credentials().getBytes(StandardCharsets.UTF_8))))
            .build().getService(),
        config.getAdminEventLoggingConfiguration().projectId(),
        config.getAdminEventLoggingConfiguration().logName());
@ -489,9 +482,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
    RegistrationServiceClient registrationServiceClient = new RegistrationServiceClient(
        config.getRegistrationServiceConfiguration().host(),
        config.getRegistrationServiceConfiguration().port(),
-        useSecondaryCredentialsJson
-            ? config.getRegistrationServiceConfiguration().secondaryCredentialConfigurationJson()
-            : config.getRegistrationServiceConfiguration().credentialConfigurationJson(),
+        config.getRegistrationServiceConfiguration().credentialConfigurationJson(),
        config.getRegistrationServiceConfiguration().identityTokenAudience(),
        config.getRegistrationServiceConfiguration().registrationCaCertificate(),
        registrationCallbackExecutor);
@ -574,9 +565,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration

    RecaptchaClient recaptchaClient = new RecaptchaClient(
        config.getRecaptchaConfiguration().projectPath(),
-        useSecondaryCredentialsJson
-            ? config.getRecaptchaConfiguration().secondaryCredentialConfigurationJson()
-            : config.getRecaptchaConfiguration().credentialConfigurationJson(),
+        config.getRecaptchaConfiguration().credentialConfigurationJson(),
        dynamicConfigurationManager);
    HttpClient hcaptchaHttpClient = HttpClient.newBuilder().version(HttpClient.Version.HTTP_2)
        .connectTimeout(Duration.ofSeconds(10)).build();
--- a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/AdminEventLoggingConfiguration.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/configuration/AdminEventLoggingConfiguration.java
@ -10,7 +10,6 @@ import javax.validation.constraints.NotEmpty;

 public record AdminEventLoggingConfiguration(
    @NotBlank String credentials,
-    @NotBlank String secondaryCredentials,
    @NotEmpty String projectId,
    @NotEmpty String logName) {
 }
--- a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/RecaptchaConfiguration.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/configuration/RecaptchaConfiguration.java
@ -7,7 +7,6 @@ package org.whispersystems.textsecuregcm.configuration;

 import javax.validation.constraints.NotEmpty;

-public record RecaptchaConfiguration(@NotEmpty String projectPath, @NotEmpty String credentialConfigurationJson,
-                                     @NotEmpty String secondaryCredentialConfigurationJson) {
+public record RecaptchaConfiguration(@NotEmpty String projectPath, @NotEmpty String credentialConfigurationJson) {

 }
--- a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/RegistrationServiceConfiguration.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/configuration/RegistrationServiceConfiguration.java
@ -5,7 +5,6 @@ import javax.validation.constraints.NotBlank;
 public record RegistrationServiceConfiguration(@NotBlank String host,
                                               int port,
                                               @NotBlank String credentialConfigurationJson,
-                                               @NotBlank String secondaryCredentialConfigurationJson,
                                               @NotBlank String identityTokenAudience,
                                               @NotBlank String registrationCaCertificate) {
 }