Return a single OAuth2 credentials JSON
This commit is contained in:
parent
360e101660
commit
eeea97e2fe
|
@ -45,10 +45,6 @@ adminEventLoggingConfiguration:
|
||||||
{
|
{
|
||||||
"key": "value"
|
"key": "value"
|
||||||
}
|
}
|
||||||
secondaryCredentials: |
|
|
||||||
{
|
|
||||||
"key": "value"
|
|
||||||
}
|
|
||||||
projectId: some-project-id
|
projectId: some-project-id
|
||||||
logName: some-log-name
|
logName: some-log-name
|
||||||
|
|
||||||
|
@ -235,7 +231,6 @@ unidentifiedDelivery:
|
||||||
recaptcha:
|
recaptcha:
|
||||||
projectPath: projects/example
|
projectPath: projects/example
|
||||||
credentialConfigurationJson: "{ }" # service account configuration for backend authentication
|
credentialConfigurationJson: "{ }" # service account configuration for backend authentication
|
||||||
secondaryCredentialConfigurationJson: "{ }" # service account configuration for backend authentication
|
|
||||||
|
|
||||||
hCaptcha:
|
hCaptcha:
|
||||||
apiKey: secret://hCaptcha.apiKey
|
apiKey: secret://hCaptcha.apiKey
|
||||||
|
@ -400,10 +395,6 @@ registrationService:
|
||||||
{
|
{
|
||||||
"example": "example"
|
"example": "example"
|
||||||
}
|
}
|
||||||
secondaryCredentialConfigurationJson: |
|
|
||||||
{
|
|
||||||
"example": "example"
|
|
||||||
}
|
|
||||||
identityTokenAudience: https://registration.example.com
|
identityTokenAudience: https://registration.example.com
|
||||||
registrationCaCertificate: | # Registration service TLS certificate trust root
|
registrationCaCertificate: | # Registration service TLS certificate trust root
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
|
|
|
@ -39,7 +39,6 @@ import java.time.Duration;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.EnumSet;
|
import java.util.EnumSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Optional;
|
|
||||||
import java.util.ServiceLoader;
|
import java.util.ServiceLoader;
|
||||||
import java.util.concurrent.ArrayBlockingQueue;
|
import java.util.concurrent.ArrayBlockingQueue;
|
||||||
import java.util.concurrent.BlockingQueue;
|
import java.util.concurrent.BlockingQueue;
|
||||||
|
@ -116,7 +115,6 @@ import org.whispersystems.textsecuregcm.controllers.VerificationController;
|
||||||
import org.whispersystems.textsecuregcm.currency.CoinMarketCapClient;
|
import org.whispersystems.textsecuregcm.currency.CoinMarketCapClient;
|
||||||
import org.whispersystems.textsecuregcm.currency.CurrencyConversionManager;
|
import org.whispersystems.textsecuregcm.currency.CurrencyConversionManager;
|
||||||
import org.whispersystems.textsecuregcm.currency.FixerClient;
|
import org.whispersystems.textsecuregcm.currency.FixerClient;
|
||||||
import org.whispersystems.textsecuregcm.grpc.ProfileGrpcService;
|
|
||||||
import org.whispersystems.textsecuregcm.experiment.ExperimentEnrollmentManager;
|
import org.whispersystems.textsecuregcm.experiment.ExperimentEnrollmentManager;
|
||||||
import org.whispersystems.textsecuregcm.filters.RemoteDeprecationFilter;
|
import org.whispersystems.textsecuregcm.filters.RemoteDeprecationFilter;
|
||||||
import org.whispersystems.textsecuregcm.filters.RequestStatisticsFilter;
|
import org.whispersystems.textsecuregcm.filters.RequestStatisticsFilter;
|
||||||
|
@ -124,6 +122,7 @@ import org.whispersystems.textsecuregcm.filters.TimestampResponseFilter;
|
||||||
import org.whispersystems.textsecuregcm.grpc.GrpcServerManagedWrapper;
|
import org.whispersystems.textsecuregcm.grpc.GrpcServerManagedWrapper;
|
||||||
import org.whispersystems.textsecuregcm.grpc.KeysAnonymousGrpcService;
|
import org.whispersystems.textsecuregcm.grpc.KeysAnonymousGrpcService;
|
||||||
import org.whispersystems.textsecuregcm.grpc.KeysGrpcService;
|
import org.whispersystems.textsecuregcm.grpc.KeysGrpcService;
|
||||||
|
import org.whispersystems.textsecuregcm.grpc.ProfileGrpcService;
|
||||||
import org.whispersystems.textsecuregcm.grpc.UserAgentInterceptor;
|
import org.whispersystems.textsecuregcm.grpc.UserAgentInterceptor;
|
||||||
import org.whispersystems.textsecuregcm.limits.CardinalityEstimator;
|
import org.whispersystems.textsecuregcm.limits.CardinalityEstimator;
|
||||||
import org.whispersystems.textsecuregcm.limits.PushChallengeManager;
|
import org.whispersystems.textsecuregcm.limits.PushChallengeManager;
|
||||||
|
@ -283,10 +282,6 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
|
||||||
|
|
||||||
MetricsUtil.configureRegistries(config, environment);
|
MetricsUtil.configureRegistries(config, environment);
|
||||||
|
|
||||||
final boolean useSecondaryCredentialsJson = Optional.ofNullable(
|
|
||||||
System.getenv("SIGNAL_USE_SECONDARY_CREDENTIALS_JSON"))
|
|
||||||
.isPresent();
|
|
||||||
|
|
||||||
HeaderControlledResourceBundleLookup headerControlledResourceBundleLookup =
|
HeaderControlledResourceBundleLookup headerControlledResourceBundleLookup =
|
||||||
new HeaderControlledResourceBundleLookup();
|
new HeaderControlledResourceBundleLookup();
|
||||||
ConfiguredProfileBadgeConverter profileBadgeConverter = new ConfiguredProfileBadgeConverter(
|
ConfiguredProfileBadgeConverter profileBadgeConverter = new ConfiguredProfileBadgeConverter(
|
||||||
|
@ -448,9 +443,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
|
||||||
final AdminEventLogger adminEventLogger = new GoogleCloudAdminEventLogger(
|
final AdminEventLogger adminEventLogger = new GoogleCloudAdminEventLogger(
|
||||||
LoggingOptions.newBuilder().setProjectId(config.getAdminEventLoggingConfiguration().projectId())
|
LoggingOptions.newBuilder().setProjectId(config.getAdminEventLoggingConfiguration().projectId())
|
||||||
.setCredentials(GoogleCredentials.fromStream(new ByteArrayInputStream(
|
.setCredentials(GoogleCredentials.fromStream(new ByteArrayInputStream(
|
||||||
useSecondaryCredentialsJson
|
config.getAdminEventLoggingConfiguration().credentials().getBytes(StandardCharsets.UTF_8))))
|
||||||
? config.getAdminEventLoggingConfiguration().secondaryCredentials().getBytes(StandardCharsets.UTF_8)
|
|
||||||
: config.getAdminEventLoggingConfiguration().credentials().getBytes(StandardCharsets.UTF_8))))
|
|
||||||
.build().getService(),
|
.build().getService(),
|
||||||
config.getAdminEventLoggingConfiguration().projectId(),
|
config.getAdminEventLoggingConfiguration().projectId(),
|
||||||
config.getAdminEventLoggingConfiguration().logName());
|
config.getAdminEventLoggingConfiguration().logName());
|
||||||
|
@ -489,9 +482,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
|
||||||
RegistrationServiceClient registrationServiceClient = new RegistrationServiceClient(
|
RegistrationServiceClient registrationServiceClient = new RegistrationServiceClient(
|
||||||
config.getRegistrationServiceConfiguration().host(),
|
config.getRegistrationServiceConfiguration().host(),
|
||||||
config.getRegistrationServiceConfiguration().port(),
|
config.getRegistrationServiceConfiguration().port(),
|
||||||
useSecondaryCredentialsJson
|
config.getRegistrationServiceConfiguration().credentialConfigurationJson(),
|
||||||
? config.getRegistrationServiceConfiguration().secondaryCredentialConfigurationJson()
|
|
||||||
: config.getRegistrationServiceConfiguration().credentialConfigurationJson(),
|
|
||||||
config.getRegistrationServiceConfiguration().identityTokenAudience(),
|
config.getRegistrationServiceConfiguration().identityTokenAudience(),
|
||||||
config.getRegistrationServiceConfiguration().registrationCaCertificate(),
|
config.getRegistrationServiceConfiguration().registrationCaCertificate(),
|
||||||
registrationCallbackExecutor);
|
registrationCallbackExecutor);
|
||||||
|
@ -574,9 +565,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
|
||||||
|
|
||||||
RecaptchaClient recaptchaClient = new RecaptchaClient(
|
RecaptchaClient recaptchaClient = new RecaptchaClient(
|
||||||
config.getRecaptchaConfiguration().projectPath(),
|
config.getRecaptchaConfiguration().projectPath(),
|
||||||
useSecondaryCredentialsJson
|
config.getRecaptchaConfiguration().credentialConfigurationJson(),
|
||||||
? config.getRecaptchaConfiguration().secondaryCredentialConfigurationJson()
|
|
||||||
: config.getRecaptchaConfiguration().credentialConfigurationJson(),
|
|
||||||
dynamicConfigurationManager);
|
dynamicConfigurationManager);
|
||||||
HttpClient hcaptchaHttpClient = HttpClient.newBuilder().version(HttpClient.Version.HTTP_2)
|
HttpClient hcaptchaHttpClient = HttpClient.newBuilder().version(HttpClient.Version.HTTP_2)
|
||||||
.connectTimeout(Duration.ofSeconds(10)).build();
|
.connectTimeout(Duration.ofSeconds(10)).build();
|
||||||
|
|
|
@ -10,7 +10,6 @@ import javax.validation.constraints.NotEmpty;
|
||||||
|
|
||||||
public record AdminEventLoggingConfiguration(
|
public record AdminEventLoggingConfiguration(
|
||||||
@NotBlank String credentials,
|
@NotBlank String credentials,
|
||||||
@NotBlank String secondaryCredentials,
|
|
||||||
@NotEmpty String projectId,
|
@NotEmpty String projectId,
|
||||||
@NotEmpty String logName) {
|
@NotEmpty String logName) {
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,6 @@ package org.whispersystems.textsecuregcm.configuration;
|
||||||
|
|
||||||
import javax.validation.constraints.NotEmpty;
|
import javax.validation.constraints.NotEmpty;
|
||||||
|
|
||||||
public record RecaptchaConfiguration(@NotEmpty String projectPath, @NotEmpty String credentialConfigurationJson,
|
public record RecaptchaConfiguration(@NotEmpty String projectPath, @NotEmpty String credentialConfigurationJson) {
|
||||||
@NotEmpty String secondaryCredentialConfigurationJson) {
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,7 +5,6 @@ import javax.validation.constraints.NotBlank;
|
||||||
public record RegistrationServiceConfiguration(@NotBlank String host,
|
public record RegistrationServiceConfiguration(@NotBlank String host,
|
||||||
int port,
|
int port,
|
||||||
@NotBlank String credentialConfigurationJson,
|
@NotBlank String credentialConfigurationJson,
|
||||||
@NotBlank String secondaryCredentialConfigurationJson,
|
|
||||||
@NotBlank String identityTokenAudience,
|
@NotBlank String identityTokenAudience,
|
||||||
@NotBlank String registrationCaCertificate) {
|
@NotBlank String registrationCaCertificate) {
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue