Return a single OAuth2 credentials JSON

This commit is contained in:
Chris Eager 2023-08-18 12:35:18 -05:00 committed by Chris Eager
parent 360e101660
commit eeea97e2fe
5 changed files with 5 additions and 28 deletions

View File

@ -45,10 +45,6 @@ adminEventLoggingConfiguration:
{ {
"key": "value" "key": "value"
} }
secondaryCredentials: |
{
"key": "value"
}
projectId: some-project-id projectId: some-project-id
logName: some-log-name logName: some-log-name
@ -235,7 +231,6 @@ unidentifiedDelivery:
recaptcha: recaptcha:
projectPath: projects/example projectPath: projects/example
credentialConfigurationJson: "{ }" # service account configuration for backend authentication credentialConfigurationJson: "{ }" # service account configuration for backend authentication
secondaryCredentialConfigurationJson: "{ }" # service account configuration for backend authentication
hCaptcha: hCaptcha:
apiKey: secret://hCaptcha.apiKey apiKey: secret://hCaptcha.apiKey
@ -400,10 +395,6 @@ registrationService:
{ {
"example": "example" "example": "example"
} }
secondaryCredentialConfigurationJson: |
{
"example": "example"
}
identityTokenAudience: https://registration.example.com identityTokenAudience: https://registration.example.com
registrationCaCertificate: | # Registration service TLS certificate trust root registrationCaCertificate: | # Registration service TLS certificate trust root
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----

View File

@ -39,7 +39,6 @@ import java.time.Duration;
import java.util.Collections; import java.util.Collections;
import java.util.EnumSet; import java.util.EnumSet;
import java.util.List; import java.util.List;
import java.util.Optional;
import java.util.ServiceLoader; import java.util.ServiceLoader;
import java.util.concurrent.ArrayBlockingQueue; import java.util.concurrent.ArrayBlockingQueue;
import java.util.concurrent.BlockingQueue; import java.util.concurrent.BlockingQueue;
@ -116,7 +115,6 @@ import org.whispersystems.textsecuregcm.controllers.VerificationController;
import org.whispersystems.textsecuregcm.currency.CoinMarketCapClient; import org.whispersystems.textsecuregcm.currency.CoinMarketCapClient;
import org.whispersystems.textsecuregcm.currency.CurrencyConversionManager; import org.whispersystems.textsecuregcm.currency.CurrencyConversionManager;
import org.whispersystems.textsecuregcm.currency.FixerClient; import org.whispersystems.textsecuregcm.currency.FixerClient;
import org.whispersystems.textsecuregcm.grpc.ProfileGrpcService;
import org.whispersystems.textsecuregcm.experiment.ExperimentEnrollmentManager; import org.whispersystems.textsecuregcm.experiment.ExperimentEnrollmentManager;
import org.whispersystems.textsecuregcm.filters.RemoteDeprecationFilter; import org.whispersystems.textsecuregcm.filters.RemoteDeprecationFilter;
import org.whispersystems.textsecuregcm.filters.RequestStatisticsFilter; import org.whispersystems.textsecuregcm.filters.RequestStatisticsFilter;
@ -124,6 +122,7 @@ import org.whispersystems.textsecuregcm.filters.TimestampResponseFilter;
import org.whispersystems.textsecuregcm.grpc.GrpcServerManagedWrapper; import org.whispersystems.textsecuregcm.grpc.GrpcServerManagedWrapper;
import org.whispersystems.textsecuregcm.grpc.KeysAnonymousGrpcService; import org.whispersystems.textsecuregcm.grpc.KeysAnonymousGrpcService;
import org.whispersystems.textsecuregcm.grpc.KeysGrpcService; import org.whispersystems.textsecuregcm.grpc.KeysGrpcService;
import org.whispersystems.textsecuregcm.grpc.ProfileGrpcService;
import org.whispersystems.textsecuregcm.grpc.UserAgentInterceptor; import org.whispersystems.textsecuregcm.grpc.UserAgentInterceptor;
import org.whispersystems.textsecuregcm.limits.CardinalityEstimator; import org.whispersystems.textsecuregcm.limits.CardinalityEstimator;
import org.whispersystems.textsecuregcm.limits.PushChallengeManager; import org.whispersystems.textsecuregcm.limits.PushChallengeManager;
@ -283,10 +282,6 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
MetricsUtil.configureRegistries(config, environment); MetricsUtil.configureRegistries(config, environment);
final boolean useSecondaryCredentialsJson = Optional.ofNullable(
System.getenv("SIGNAL_USE_SECONDARY_CREDENTIALS_JSON"))
.isPresent();
HeaderControlledResourceBundleLookup headerControlledResourceBundleLookup = HeaderControlledResourceBundleLookup headerControlledResourceBundleLookup =
new HeaderControlledResourceBundleLookup(); new HeaderControlledResourceBundleLookup();
ConfiguredProfileBadgeConverter profileBadgeConverter = new ConfiguredProfileBadgeConverter( ConfiguredProfileBadgeConverter profileBadgeConverter = new ConfiguredProfileBadgeConverter(
@ -448,9 +443,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
final AdminEventLogger adminEventLogger = new GoogleCloudAdminEventLogger( final AdminEventLogger adminEventLogger = new GoogleCloudAdminEventLogger(
LoggingOptions.newBuilder().setProjectId(config.getAdminEventLoggingConfiguration().projectId()) LoggingOptions.newBuilder().setProjectId(config.getAdminEventLoggingConfiguration().projectId())
.setCredentials(GoogleCredentials.fromStream(new ByteArrayInputStream( .setCredentials(GoogleCredentials.fromStream(new ByteArrayInputStream(
useSecondaryCredentialsJson config.getAdminEventLoggingConfiguration().credentials().getBytes(StandardCharsets.UTF_8))))
? config.getAdminEventLoggingConfiguration().secondaryCredentials().getBytes(StandardCharsets.UTF_8)
: config.getAdminEventLoggingConfiguration().credentials().getBytes(StandardCharsets.UTF_8))))
.build().getService(), .build().getService(),
config.getAdminEventLoggingConfiguration().projectId(), config.getAdminEventLoggingConfiguration().projectId(),
config.getAdminEventLoggingConfiguration().logName()); config.getAdminEventLoggingConfiguration().logName());
@ -489,9 +482,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
RegistrationServiceClient registrationServiceClient = new RegistrationServiceClient( RegistrationServiceClient registrationServiceClient = new RegistrationServiceClient(
config.getRegistrationServiceConfiguration().host(), config.getRegistrationServiceConfiguration().host(),
config.getRegistrationServiceConfiguration().port(), config.getRegistrationServiceConfiguration().port(),
useSecondaryCredentialsJson config.getRegistrationServiceConfiguration().credentialConfigurationJson(),
? config.getRegistrationServiceConfiguration().secondaryCredentialConfigurationJson()
: config.getRegistrationServiceConfiguration().credentialConfigurationJson(),
config.getRegistrationServiceConfiguration().identityTokenAudience(), config.getRegistrationServiceConfiguration().identityTokenAudience(),
config.getRegistrationServiceConfiguration().registrationCaCertificate(), config.getRegistrationServiceConfiguration().registrationCaCertificate(),
registrationCallbackExecutor); registrationCallbackExecutor);
@ -574,9 +565,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
RecaptchaClient recaptchaClient = new RecaptchaClient( RecaptchaClient recaptchaClient = new RecaptchaClient(
config.getRecaptchaConfiguration().projectPath(), config.getRecaptchaConfiguration().projectPath(),
useSecondaryCredentialsJson config.getRecaptchaConfiguration().credentialConfigurationJson(),
? config.getRecaptchaConfiguration().secondaryCredentialConfigurationJson()
: config.getRecaptchaConfiguration().credentialConfigurationJson(),
dynamicConfigurationManager); dynamicConfigurationManager);
HttpClient hcaptchaHttpClient = HttpClient.newBuilder().version(HttpClient.Version.HTTP_2) HttpClient hcaptchaHttpClient = HttpClient.newBuilder().version(HttpClient.Version.HTTP_2)
.connectTimeout(Duration.ofSeconds(10)).build(); .connectTimeout(Duration.ofSeconds(10)).build();

View File

@ -10,7 +10,6 @@ import javax.validation.constraints.NotEmpty;
public record AdminEventLoggingConfiguration( public record AdminEventLoggingConfiguration(
@NotBlank String credentials, @NotBlank String credentials,
@NotBlank String secondaryCredentials,
@NotEmpty String projectId, @NotEmpty String projectId,
@NotEmpty String logName) { @NotEmpty String logName) {
} }

View File

@ -7,7 +7,6 @@ package org.whispersystems.textsecuregcm.configuration;
import javax.validation.constraints.NotEmpty; import javax.validation.constraints.NotEmpty;
public record RecaptchaConfiguration(@NotEmpty String projectPath, @NotEmpty String credentialConfigurationJson, public record RecaptchaConfiguration(@NotEmpty String projectPath, @NotEmpty String credentialConfigurationJson) {
@NotEmpty String secondaryCredentialConfigurationJson) {
} }

View File

@ -5,7 +5,6 @@ import javax.validation.constraints.NotBlank;
public record RegistrationServiceConfiguration(@NotBlank String host, public record RegistrationServiceConfiguration(@NotBlank String host,
int port, int port,
@NotBlank String credentialConfigurationJson, @NotBlank String credentialConfigurationJson,
@NotBlank String secondaryCredentialConfigurationJson,
@NotBlank String identityTokenAudience, @NotBlank String identityTokenAudience,
@NotBlank String registrationCaCertificate) { @NotBlank String registrationCaCertificate) {
} }