c14ef7e6cf
migrate token bucket redis record format from json to hash: phase 2
2023-03-16 09:15:22 -07:00
483e444174
migrate token bucket redis record format from json to hash: phase 1
2023-03-15 16:01:06 -07:00
ebf8aa7b15
fixing embedded redis based tests
2023-03-15 13:56:40 -07:00
4c85e7ba66
Moving RateLimiter logic to Redis Lua and adding async API
2023-03-13 14:50:26 -07:00
46fef4082c
Add metrics for registration lock flow
2023-03-09 09:07:21 -08:00
c06313dd2e
Drop tagging for legacy user agents
2023-03-09 10:43:45 -06:00
59bc2c5535
Add by-action captcha score config
...
Enable setting different captcha score thresholds for different captcha
actions via configuration
2023-03-09 10:43:16 -06:00
437bc1358b
Use server timestamp for queue score
2023-03-06 11:31:11 -06:00
179f3df847
Allow `DisabledPermittedAuthenticatedAccount` at `/v1/accounts/me`
2023-03-03 13:17:17 -06:00
8a889516b0
Improve `LoggingUnhandledExceptionMapper` combination with `CompletionExceptionMapper`
2023-03-03 13:17:07 -06:00
ef2cc6620e
Add `@Produces` annotation for validation error response
2023-02-27 16:33:18 -06:00
b9b4e3fdd8
Adding a uniform configuration for all json/yaml mapper use cases: part 1
2023-02-23 16:38:48 -08:00
7529c35013
Rate limiters code refactored
2023-02-23 10:49:06 -08:00
378b32d44d
Add missing token field to OutgoingMessageEntity
2023-02-23 11:18:07 -05:00
35286f838e
Add `/v1/verification`
2023-02-22 14:27:05 -06:00
e1ea3795bb
Reuse registration sessions if possible when requesting pre-auth codes
2023-02-22 12:45:26 -05:00
95237a22a9
Relax validation to allow null reporting tokens.
2023-02-22 11:06:51 -05:00
11c93c5f53
Keep username hash during reregistration
2023-02-21 09:07:30 -08:00
b59b8621c5
Add reporter platform as a reported message dimension
2023-02-17 16:44:13 -05:00
44c61d9a58
Allow updates if the profile already has a payment address
2023-02-17 16:44:01 -05:00
c03060fe3c
Phone number discoverability update endpoint
2023-02-10 11:52:51 -08:00
c16006dc4b
Add `PUT /v2/account/number`
2023-02-10 12:09:03 -06:00
8fc465b3e8
removing redundant logic in new registration flow
2023-02-09 09:06:48 -08:00
e23386ddc7
Remove unused JUnit extension from test
2023-02-09 09:05:11 -08:00
0f17d63774
Add tests for `ProvisioningController`
2023-02-09 09:04:52 -08:00
4fc3949367
Add zkproof validation in username flow
2023-02-09 09:02:53 -08:00
7558489ad0
Registration Recovery Password support in `/v1/registration`
2023-02-08 13:20:23 -08:00
4a3880b5ae
`usernameHashes` on reserve request can't be null
2023-02-07 08:44:04 -08:00
a4a45de161
Add `/v1/registration`
2023-02-06 16:11:59 -06:00
358a286523
Use `java.util` Hex and Base64 codecs
2023-02-06 12:16:59 -06:00
8afe917a6c
Registration recovery passwords store and manager
2023-02-03 16:33:03 -08:00
24f515ccb4
Revert "Revert "Stored hashed username""
2023-02-02 11:20:44 -08:00
c98b54ff15
Revert "Stored hashed username"
2023-02-01 14:31:44 -08:00
d93d50d038
Stored hashed username
2023-02-01 12:08:25 -08:00
8d0e23bde1
AuthenticationCredentials name changed to SaltedTokenHash
2023-01-30 15:45:24 -08:00
dc8f62a4ad
`/v1/backup/auth/check` endpoint added
2023-01-30 15:39:42 -08:00
cd4a4b1dcf
Retire `VoiceVerificationController`
2023-01-30 16:28:14 -05:00
38a0737afb
Retire `ReportSpamTokenHandler` interface in favor of `ReportedMessageListener`
2023-01-30 16:27:54 -05:00
4a2768b81d
Add spam report token support to `ReportedMessageListener`
2023-01-30 16:27:54 -05:00
00e08b8402
Simplify parsing/validation of spam report tokens
2023-01-30 16:27:54 -05:00
a89e30fe75
Clarify naming around spam filtering.
2023-01-27 11:40:33 -05:00
c934405a3e
fixing config field names
2023-01-25 17:28:03 -08:00
eb499833c6
refactoring of ExternalServiceCredentialGenerator
2023-01-25 15:20:28 -08:00
dd98f7f043
Support changing just the currency of an existing subscription
2023-01-25 15:14:17 -06:00
e8978ef91c
Add tests for `SubscriptionController#setSubscriptionLevel`
2023-01-25 15:14:17 -06:00
ab26a65b6a
Introduce spam report tokens
2023-01-19 11:13:43 -05:00
f361f436d8
Support PayPal for recurring donations
2023-01-17 12:20:17 -06:00
e6ab97dc5a
Update enabled-required authenticator metrics
2023-01-13 14:05:56 -06:00
b8967b75c6
Update dropwizard to 2.0.34
2023-01-13 12:17:39 -06:00
96b753cfd0
Add an extra kb to max sticker size
2023-01-13 12:07:45 -06:00
5a89e66fc0
Convert `AccountIdentityResponse` to a record
2023-01-13 12:36:17 -05:00
b4a143b9de
Convert `RegistrationLockFailure` to a record
2023-01-13 12:36:02 -05:00
050035dd52
Convert `ExternalServiceCredentials` to a record
2023-01-13 12:36:02 -05:00
7018062606
Explicitly create registration sessions
2023-01-09 15:27:07 -05:00
9e1485de0a
Assume stored verification codes will always have a session ID instead of a verification code
2023-01-09 15:27:07 -05:00
4e358b891f
Retire `StoredVerificationCode#twilioVerificationSid`
2023-01-09 15:27:07 -05:00
b02b00818b
Remove `Subscriptions.PCI` attribute
2023-01-04 11:31:46 -06:00
010f88a2ad
Remove `Subscriptions.C` attribute
2023-01-04 11:31:46 -06:00
a60450d931
Convert `UserCapabilities` to a record
2022-12-21 16:26:07 -05:00
cb5d3840d9
Add paymentActivation capability
2022-12-20 09:20:42 -08:00
9aceaa7a4d
Introduce ArtController
2022-12-19 11:58:16 -08:00
65ad3fe623
Add hCaptcha support
2022-12-16 11:28:30 -06:00
26f5ffdde3
Enable case-sensitive usernames
2022-12-13 07:59:37 -08:00
2f21e930e2
Add `minimum` one-time donation amont to validation error map
2022-12-06 16:21:15 -06:00
9cf2635528
some accounts classes refactorings
2022-12-05 09:30:40 -08:00
2ecbb18fe5
Add support for one-time PayPal donations
2022-12-01 18:11:35 -06:00
df8fb5cab7
Move messages cache stale discard to a separate scheduler
2022-12-01 18:09:28 -06:00
99ad211c01
Enforce minimum amount by currency for one time donations
2022-11-28 11:44:59 -08:00
fb4ed20ff5
Remove groups v2 capability
...
* wip removing groups v2 capabilities
* comments
* finish removing groups v2 references
* hardcode gv1migration flag on user capability, remove other references
2022-11-21 09:31:47 -08:00
cb50b44d8f
Allow the account cleaner to operate on multiple accounts in parallel
2022-11-18 11:15:00 -05:00
2881c0fd7e
Allow the account cleaner to act on all accounts in a crawled chunk
2022-11-18 11:15:00 -05:00
483fb0968b
Use badge name in level configuration for one-time donations
2022-11-18 11:05:23 -05:00
e8ee4b50ff
Retire the legacy "abusive hosts" system in favor of newer tools
2022-11-18 10:54:25 -05:00
4f8aa2eee2
Mark flaky test `@Disabled`
2022-11-17 13:23:42 -06:00
397d3cb45a
Add consolidated subscription configuration API
2022-11-16 12:27:00 -06:00
986545a140
Set `error_if_incomplete` for subscription payment behavior
2022-11-16 12:08:21 -06:00
836307b0c7
adding a metric for ipv4/ipv6 requests count
2022-11-15 11:17:01 -08:00
c32067759c
refactoring: use constants for header names
2022-11-15 11:16:49 -08:00
f41bdf1acb
Make `MessagesController#getPendingMessages` fully async
2022-11-11 13:19:57 -06:00
77d691df59
Always use reactived message processing in `WebSocketConnection`
2022-11-11 13:14:39 -06:00
a01f96e0e4
Temporarily disable account freezing on contention
2022-11-10 18:53:58 -05:00
d3f0ab8c6d
Introduce an alternative exchange rate data provider
2022-11-10 10:25:06 -05:00
80a3a8a43c
Lock account when number owner lacks registration lock.
2022-11-09 14:03:09 -05:00
e0178fa0ea
Move additional handling of `MessagesManager#delete` to executor
2022-11-03 13:02:25 -05:00
afda5ca98f
Add a test for checking push challenge tokens
2022-11-03 11:14:59 -05:00
fbf6b9826e
tests: only call `SQLite.setLibraryPath` once
2022-11-03 11:08:43 -05:00
bd69905f2e
Remove obsolete donation endpoint
2022-11-02 11:29:03 -05:00
aa829af43b
Handle expected case of empty flux in message deletion
2022-10-31 12:29:25 -05:00
c10fda8363
Use reactive streams for WebSocket message queue
...
Initially, uses `ExperimentEnrollmentManager` to do a safe rollout.
2022-10-31 10:35:37 -05:00
74d65b37a8
Discard old Twilio machinery and rely entirely on the stand-alone registration service
2022-10-28 10:40:37 -04:00
5868d9969a
minor changes to utility classes ( #1127 )
2022-10-25 08:48:56 -07:00
90490c9c84
Clean up the TestClock code a bit more.
2022-10-21 15:27:15 -04:00
8ea794baef
Add additional handling for nullable field in recurring donation record
2022-10-21 12:56:39 -05:00
fe60cf003f
Clean up testing with clocks.
2022-10-21 12:39:47 -04:00
b711288faa
Run GitHub Action in a container
2022-10-18 16:59:35 -05:00
0120a85c39
Allow HTTP clients to trust multiple certificates to support certificate rollover
2022-10-18 11:17:47 -04:00
a41d047f58
Retire `CertificateExpirationGauge` in favor of other expiration monitoring tools
2022-10-18 11:17:47 -04:00
0a64e31625
Check verification codes for changing phone numbers against the stand-alone registration service when possible
2022-10-18 11:17:15 -04:00
a7d5d51fb4
Improve testing of MultiRecipientMessageProvider
2022-10-17 16:50:39 -04:00
378d7987a8
device capabilities: prevent `stories` downgrade
2022-10-17 15:25:13 -04:00
3e0baf82a4
Filter unknown UUIDs for /multi_recipient&story=true.
2022-10-13 15:33:51 -04:00
17a3c90286
Add "urgent" query parameter to /v1/messages/multi_recipient endpoint.
2022-10-11 11:10:11 -04:00
6341770768
Update `SubscriptionManager` to store processor+customerId in a single attribute and a map
...
- add `type` query parameter to `/v1/subscription/{subscriberId}/create_payment_method`
2022-10-07 14:26:17 -05:00
d2fa00f0c6
Add experiment to test standalone registration service
2022-10-06 15:42:53 -04:00
d6c9652a70
Fix internal server error when sending stories to unknown recipient.
2022-10-06 13:53:57 -04:00
544e4fb89a
Adjust routing for stories.
2022-10-05 12:20:42 -04:00
966c3a8f47
Add routing for stories.
2022-10-05 10:44:50 -04:00
a79d709039
Return 403 when a push challenge is incorrect
2022-09-30 12:02:47 -05:00
2e497b5834
Fix operator order in metric calculation
2022-09-15 14:04:18 -05:00
c14621a09f
Add metrics for captcha scores
2022-09-14 16:00:11 -05:00
d0a8899daf
Change discriminator seperator and default width
2022-09-14 15:53:15 -05:00
8b65c11e1e
Update batch check entities from two optional fields to a single field
2022-09-12 11:19:01 -05:00
320c5eac53
Add support for PNIs at `v1/profile/identity_check/batch`
2022-09-09 10:55:34 -05:00
abd0f9630c
Create GCP Logging implementation of AdminEventLogger
2022-09-07 19:37:26 -05:00
a4508ec84f
Add new event logging module
2022-09-07 19:37:26 -05:00
4032ddd4fd
Add reserve/confirm for usernames
2022-09-07 11:49:49 -05:00
4c677ec2da
Remove deprecated /v1/attachments
2022-09-07 11:48:16 -05:00
c05692e417
Update deprecated `CircuitBreakerConfig` usage
2022-09-07 11:47:15 -05:00
ae1edf3c5c
Remove experiment associated with auth1->auth2 rollout.
2022-08-31 12:10:46 -06:00
b17f41c3e8
Check if dashes work in dynamic configuration keys.
2022-08-29 15:51:37 -06:00
08db4ba54b
Update authentication to use HKDF_SHA256.
2022-08-29 14:20:47 -06:00
b280c768a4
Allow signup captchas to target CLDR two-letter region codes
2022-08-26 12:41:51 -04:00
616513edaf
Remove unused jdbi dependency
2022-08-25 13:40:46 -07:00
38b77bb550
Update libphonenumber to 8.12.54
2022-08-25 13:40:32 -07:00
1891622e69
Zero-pad discriminators less than initial width
2022-08-22 13:36:38 -07:00
27b749abbd
Filter expired items from Dynamo
2022-08-16 13:09:47 -07:00
27f67a077c
Add metrics for report-verification-succeeded response
2022-08-16 13:08:16 -07:00
393e15815b
Rename secondary account key namespace for usernames
2022-08-15 10:51:52 -05:00
a7f1cd25b9
Remove UAK normalization code
...
All accounts now have UAKs in top-level attributes
2022-08-15 10:47:52 -05:00
953cd2ae0c
Revert "Delete any leftover usernames in the accounts db"
...
This reverts commit a44c18e9b7
2022-08-15 10:45:38 -05:00
a84a7dbc3d
Add support for generating discriminators
...
- adds `PUT accounts/username` endpoint
- adds `GET accounts/username/{username}` to lookup aci by username
- deletes `PUT accounts/username/{username}`, `GET profile/username/{username}`
- adds randomized discriminator generation
2022-08-15 10:44:36 -05:00
24d01f1ab2
Revert "device capabilities: prevent `stories` downgrade"
...
This reverts commit 1c67233eb0
2022-08-12 14:21:27 -05:00
06eb890761
Improve e164 normalization check by re-parsing without country code
2022-08-12 10:52:55 -07:00
6d0345d327
Clean up Util
2022-08-12 10:52:55 -07:00
1c67233eb0
device capabilities: prevent `stories` downgrade
2022-08-12 10:51:16 -07:00
b4281c5a70
Send non-urgent push notifications with lower priority
2022-08-12 11:06:31 -04:00
5f6b66dad6
Add support for scheduling background push notifications
2022-08-12 10:57:59 -04:00
c2be0af9d9
Refactor `ApnPushNotificationSchedulerTest` to use a `Clock`
2022-08-12 10:57:59 -04:00
a53a85d788
Refactor scheduled APNs notifications in preparation for future development
2022-08-12 10:47:49 -04:00
a44c18e9b7
Delete any leftover usernames in the accounts db
...
The account username field should not currently be populated
2022-08-11 16:23:51 -05:00
65da844d70
Small test cleanup
2022-08-09 15:32:44 -05:00
5275c27ee1
Fix incorrect test Javadoc
2022-08-09 13:06:15 -07:00
390580a19d
Count cases when the a message’s destination UUID doesn’t match the account’s PNI
2022-08-09 13:06:15 -07:00
9e9333424f
Retire `RetryingApnsClient`
2022-08-04 09:59:18 -04:00
6f0faae4ce
Introduce common push notification interfaces/pathways
2022-08-03 10:07:53 -04:00
0a6d724f2c
Remove `GCMSender`
2022-08-02 17:31:35 -04:00
c9ae991aa3
Add an experiment to allow a phased transition from the old GCM API to the current FCM API
2022-08-02 15:34:09 -04:00
421d594507
Introduce an `FcmSender`
2022-08-02 15:34:09 -04:00
9c03f2e468
Add support for receiving, storing, and returning `urgent` flags on messages
2022-08-02 12:05:23 -04:00
55df593561
Clean up `MessageAvailabilityListener` if the websocket client is closed
2022-08-02 08:35:16 -07:00
Sergey Skrobotov