2be2b4ff23
Authenticate with the registration service using OIDC identity tokens in addition to shared API keys
2023-05-10 14:59:07 -04:00
a83fd1d3fe
Include request method as a request counter dimension
2023-05-09 15:17:46 -05:00
cb72e4f426
Simplify request counter
2023-05-09 15:17:46 -05:00
3214852a41
Fix `401` on `/v1/keepalive`
2023-05-09 15:08:03 -05:00
1057bd7e1f
Resolve warnings/suggestions throughout `ProfileControllerTest`
2023-05-09 10:32:32 -04:00
33903553ab
reinstate per-{path,status,platform,is-websocket} request counters
2023-05-09 09:49:20 -04:00
c309afc04b
Displace client presence when existing account reregisters
2023-05-05 11:31:18 -07:00
7ba86b40aa
Create call link credential endpoint
2023-05-04 14:33:45 -07:00
b2b0aee4b7
Call link auth credential
2023-05-04 14:17:01 -07:00
919cc7e5eb
Update libsignal to 0.23
2023-05-04 14:10:51 -07:00
e38911b2c5
Always check prekey signatures when new prekeys are uploaded
2023-05-04 11:31:45 -07:00
bc68b67cdf
account crawler: remove obsolete accelerated mode
2023-05-04 11:27:16 -05:00
42a9f1b3e4
account crawler: remove `set*Dynamo` methods
2023-05-04 11:27:16 -05:00
08333d5989
Implement /v2/backup/auth/check
2023-05-04 11:23:33 -05:00
0e0c0c5dfe
return 400 instead of 503 for bad verification session-id
2023-05-04 09:22:51 -07:00
59ebe65643
Add counter to /v2/attachments
2023-05-04 09:22:18 -07:00
57b6c10dd1
Remove obsolete dynamic configuration
2023-05-03 13:20:44 -05:00
3ee5ac4514
Fix a late-breaking merge conflict
2023-05-02 16:12:26 -04:00
be176f98ad
metric for take-prekey yielding an empty result
2023-05-02 13:03:49 -07:00
12b58a31a1
Retire integration with legacy contact discovery system
2023-05-02 15:57:03 -04:00
8d468d17e3
Add a temporary counter for profile key credential types
2023-05-02 15:56:19 -04:00
e135d50d82
Add counter for `ContactDiscoverWriter` updates
2023-05-01 13:42:14 -05:00
487b5edc75
Handle potentially null payment method when canceling subscription
2023-05-01 13:42:05 -05:00
47ad5779ad
new /v2/accounts endpoint to distribute PNI key material without changing phone number
2023-04-21 12:20:57 -07:00
4fb89360ce
Allow registration via recovery password for reglock enabled accounts
2023-04-20 09:21:04 -07:00
6dfdbeb7bb
Check for no-op APNs token changes
2023-04-19 17:01:01 -04:00
d0ccbd5526
Simplify a check for no-op FCM token changes
2023-04-19 17:01:01 -04:00
031ee57371
Convert "set push token" request objects to records
2023-04-19 17:01:01 -04:00
2043678739
Remove the `removeSignalingKey` API endpoint
2023-04-19 17:00:47 -04:00
dd27e3b0c8
Convert attachment descriptors to records
2023-04-19 17:00:34 -04:00
1083d8bde0
Remove the legacy group credential endpoint
2023-04-19 17:00:14 -04:00
d1eb247d8c
Clarify the purpose of an `addListener` method
2023-04-18 12:04:54 -04:00
fd5e9ea016
Drop the old (and now unused!) `redis-dispatch` module
2023-04-18 12:04:54 -04:00
11829d1f9f
Refactor provisioning plumbing to use Lettuce
2023-04-18 12:04:54 -04:00
c485d317fb
Mock apnPushNotificationScheduler
2023-04-17 10:55:15 -07:00
350682b83a
Lock account and send notification when someone passes phone verification but fails reglock
2023-04-17 10:30:36 -07:00
0fe6485038
Add a configuration to make rate limiters fail open
2023-04-14 13:08:14 -05:00
a553093046
integration tests initial setup
2023-04-13 11:12:34 -07:00
61af1ba029
Clean up prohibited username references
2023-04-10 15:21:02 -07:00
8847cb92ac
Don't block when scheduling background apns pushes
2023-04-10 13:51:36 -05:00
33a6577b6e
Decrease message delivery executor thread count to 20
2023-04-07 10:56:23 -05:00
23d5006f70
Add prefix to executor metric names
2023-04-05 09:51:53 -05:00
2697872bdd
Use Apache StringUtils#join
2023-04-05 09:51:30 -05:00
7b331edcde
Separate username and signature truncation fields
2023-04-05 09:51:00 -05:00
e4da59c236
Generic credential auth endpoint for call links
2023-04-04 10:28:35 -07:00
48ebafa4e0
DynamoDBExtension refactor and helpers for our schema ( #1327 )
...
There's a lot of boilerplate involved in setting up a DynamoDBExtension, and some tests were creating several extensions
rather than one with several tables, which is probably slower than it has to be.
This change adds a new DynamoDbExtensionSchema class in which we can define the Dynamo schema for tests, and refactors
DynamoDbExtension to make it easy to instantiate a single extension with all the tables one wants (and no more, both to
minimize test startup time and to ensure we explicitly test our dependencies and lack thereof).
Tests requiring a DynamoDbExtension with a table schema that's not part of the normal Signal schema can instantiate a
DynamoDbExtension.RawSchema instead.
Test timings are unaffected, at least on my machine. Before:
```[INFO] service ............................................ SUCCESS [01:18 min]```
After:
```[INFO] service ............................................ SUCCESS [01:18 min]```
Co-authored-by: Jonathan Klabunde Tomer <jkt@viola.signal.org>
2023-04-03 13:08:43 -07:00
391b070cff
KeysController: return correct number of unsigned prekeys
...
When GET /v2/keys was orignally added in b263f47d4d9403
2023-04-03 14:32:45 -04:00
781cd0ca3f
Truncate SVR2 IDs to 16 bytes rather than 10.
2023-03-30 17:19:18 -06:00
3ccfeb490b
Add retry after exceptions during a cluster topology change event callback
2023-03-29 11:41:19 -05:00
0cc84131de
Add `enabled` to SVR2 configuration
2023-03-29 11:40:21 -05:00
4fa08fb189
Add secure value recovery 2 to `AccountsManager#delete()`
2023-03-29 11:40:21 -05:00
2a551d1d41
Add `SecureValueRecovery2Client`
2023-03-29 11:40:21 -05:00
391aa9c518
Wrap runtime exceptions during WebSocket auth into AuthenticationException
2023-03-29 10:08:55 -05:00
f5c62a3d85
Migrate from bounded elastic to dedicated executor for message delivery
2023-03-22 12:57:44 -05:00
6075d5137b
Add `/v2/accounts/data_report`
2023-03-22 12:57:21 -05:00
890293e429
change v1/challenge response for invalid captcha
2023-03-21 17:38:30 -05:00
05b43a878b
Register unlink device command
2023-03-21 17:35:57 -05:00
fe9c3982a1
Remove prepended username from `/v2/backup/auth` response
2023-03-21 17:35:42 -05:00
ee53260d72
Add filter-provided captcha score thresholds
2023-03-21 17:34:58 -05:00
a8eb27940d
Add per-action captcha site-key configuration
...
- reject captcha requests without valid actions
- require specific site keys for each action
2023-03-21 17:34:58 -05:00
a3a7d7108b
Change reglock expiration check to be > 0 instead of >= 0
2023-03-21 12:46:35 -07:00
35606a9afd
Send "account already exists" flag when creating registration sessions
2023-03-20 15:18:55 -04:00
2052e62c01
Use a purpose-specific method when checking verification codes via the legacy registration API
2023-03-20 15:18:38 -04:00
292f69256e
Refactor WebSocket message sending error and completion to subscriber from “doOn…”
2023-03-17 12:42:57 -05:00
fbdcb942e8
Add unlink user command
2023-03-16 11:17:36 -05:00
c14ef7e6cf
migrate token bucket redis record format from json to hash: phase 2
2023-03-16 09:15:22 -07:00
a04fe133b6
Fix a typo in a method name
2023-03-15 16:01:14 -07:00
483e444174
migrate token bucket redis record format from json to hash: phase 1
2023-03-15 16:01:06 -07:00
ebf8aa7b15
fixing embedded redis based tests
2023-03-15 13:56:40 -07:00
7c52be2ac1
Bump old registration default ratelimiter to match Bravo
2023-03-15 09:44:02 -07:00
2683f1c6e7
Encode username hash to base64 string without padding
2023-03-13 15:35:27 -07:00
4c85e7ba66
Moving RateLimiter logic to Redis Lua and adding async API
2023-03-13 14:50:26 -07:00
46fef4082c
Add metrics for registration lock flow
2023-03-09 09:07:21 -08:00
c06313dd2e
Drop tagging for legacy user agents
2023-03-09 10:43:45 -06:00
59bc2c5535
Add by-action captcha score config
...
Enable setting different captcha score thresholds for different captcha
actions via configuration
2023-03-09 10:43:16 -06:00
437bc1358b
Use server timestamp for queue score
2023-03-06 11:31:11 -06:00
179f3df847
Allow `DisabledPermittedAuthenticatedAccount` at `/v1/accounts/me`
2023-03-03 13:17:17 -06:00
8a889516b0
Improve `LoggingUnhandledExceptionMapper` combination with `CompletionExceptionMapper`
2023-03-03 13:17:07 -06:00
7de5c0a27d
Keep counts of open websockets by client platform
2023-03-03 13:16:24 -06:00
71d234e1e4
Update default rate limiter config
2023-03-02 10:27:07 -06:00
b5fb33e21e
Remove unused metrics
2023-03-02 10:14:58 -06:00
db198237f3
Expand `try`-`finally` scope of deleted accounts reconciliation lock
2023-02-28 12:42:18 -06:00
d0ccae129a
Remove obsolete metric
2023-02-27 16:33:34 -06:00
ecbef9c6ee
Add micrometer metrics to RateLimiter
2023-02-27 16:33:27 -06:00
ef2cc6620e
Add `@Produces` annotation for validation error response
2023-02-27 16:33:18 -06:00
b8f363b187
Add documentation to challenge controller
2023-02-24 17:41:15 -06:00
c3f4956ead
OpenAPI support
2023-02-24 13:03:30 -08:00
047f4a1c00
Update metric name
2023-02-24 13:07:07 -06:00
41c0fe9ffa
Adding a uniform configuration for all json/yaml mapper use cases: part 2
2023-02-24 09:28:55 -08:00
6edb0d49e9
Adding a uniform configuration for all json/yaml mapper use cases: bugfix
2023-02-23 20:01:32 -08:00
b9b4e3fdd8
Adding a uniform configuration for all json/yaml mapper use cases: part 1
2023-02-23 16:38:48 -08:00
6ee9c6ad46
Remove deprecated registration service response fields
2023-02-23 12:41:56 -08:00
7529c35013
Rate limiters code refactored
2023-02-23 10:49:06 -08:00
378b32d44d
Add missing token field to OutgoingMessageEntity
2023-02-23 11:18:07 -05:00
e1fcd3e3f6
Remove Lettuce command latency recorder
2023-02-23 10:17:31 -06:00
d7ad8dd448
Add micrometer timer to `FaultTolerantPubSubConnection`
2023-02-23 10:17:24 -06:00
859f2302a9
Remove unused metrics
2023-02-23 10:17:24 -06:00
a6d11789e9
Add `ClosedChannelException` to expected errors
2023-02-23 10:17:16 -06:00
43f83076fa
Update to reactor 3.5.3
2023-02-23 10:16:57 -06:00
71c0fc8d4a
Improve metrics around spam report tokens.
2023-02-22 15:43:44 -05:00
1f4f926ce6
Add platform tag to subscription receipt metrics
2023-02-22 14:31:30 -06:00
35286f838e
Add `/v1/verification`
2023-02-22 14:27:05 -06:00
e1ea3795bb
Reuse registration sessions if possible when requesting pre-auth codes
2023-02-22 12:45:26 -05:00
95237a22a9
Relax validation to allow null reporting tokens.
2023-02-22 11:06:51 -05:00
11c93c5f53
Keep username hash during reregistration
2023-02-21 09:07:30 -08:00
b59b8621c5
Add reporter platform as a reported message dimension
2023-02-17 16:44:13 -05:00
44c61d9a58
Allow updates if the profile already has a payment address
2023-02-17 16:44:01 -05:00
7561622bc8
Log cases where we fall back to a no-op spam-reporting token provider
2023-02-14 12:35:56 -05:00
b041566aba
Simplify construction of spam reporting token providers
2023-02-14 12:35:56 -05:00
cb72158abc
Add the presence of spam reporting tokens as a dimension
2023-02-14 12:35:21 -05:00
5c432d094f
Fix a typo in a metric name
2023-02-14 12:34:48 -05:00
24ac48b3b1
Update counter name
2023-02-10 14:54:02 -06:00
c03060fe3c
Phone number discoverability update endpoint
2023-02-10 11:52:51 -08:00
c16006dc4b
Add `PUT /v2/account/number`
2023-02-10 12:09:03 -06:00
8fc465b3e8
removing redundant logic in new registration flow
2023-02-09 09:06:48 -08:00
ce689bdff3
Use `DisabledPermittedAuthenticatedAccount` at `DELETE /v1/accounts/me`
2023-02-09 09:05:29 -08:00
e23386ddc7
Remove unused JUnit extension from test
2023-02-09 09:05:11 -08:00
0f17d63774
Add tests for `ProvisioningController`
2023-02-09 09:04:52 -08:00
4fc3949367
Add zkproof validation in username flow
2023-02-09 09:02:53 -08:00
7c3f429c56
Update E164 constraint message
2023-02-08 13:22:00 -08:00
7558489ad0
Registration Recovery Password support in `/v1/registration`
2023-02-08 13:20:23 -08:00
4a3880b5ae
`usernameHashes` on reserve request can't be null
2023-02-07 08:44:04 -08:00
a4a45de161
Add `/v1/registration`
2023-02-06 16:11:59 -06:00
358a286523
Use `java.util` Hex and Base64 codecs
2023-02-06 12:16:59 -06:00
8afe917a6c
Registration recovery passwords store and manager
2023-02-03 16:33:03 -08:00
24f515ccb4
Revert "Revert "Stored hashed username""
2023-02-02 11:20:44 -08:00
c98b54ff15
Revert "Stored hashed username"
2023-02-01 14:31:44 -08:00
d93d50d038
Stored hashed username
2023-02-01 12:08:25 -08:00
448365c7a0
Preserve legacy registration API error handling
2023-01-31 15:45:23 -05:00
8d0e23bde1
AuthenticationCredentials name changed to SaltedTokenHash
2023-01-30 15:45:24 -08:00
dc8f62a4ad
`/v1/backup/auth/check` endpoint added
2023-01-30 15:39:42 -08:00
cd4a4b1dcf
Retire `VoiceVerificationController`
2023-01-30 16:28:14 -05:00
38a0737afb
Retire `ReportSpamTokenHandler` interface in favor of `ReportedMessageListener`
2023-01-30 16:27:54 -05:00
4a2768b81d
Add spam report token support to `ReportedMessageListener`
2023-01-30 16:27:54 -05:00
00e08b8402
Simplify parsing/validation of spam report tokens
2023-01-30 16:27:54 -05:00
a89e30fe75
Clarify naming around spam filtering.
2023-01-27 11:40:33 -05:00
a01fcdad28
Add in controller for SVR2 auth.
2023-01-27 09:15:52 -07:00
2a99529921
Remove old badge strings
2023-01-26 09:23:11 -06:00
c934405a3e
fixing config field names
2023-01-25 17:28:03 -08:00
eb499833c6
refactoring of ExternalServiceCredentialGenerator
2023-01-25 15:20:28 -08:00
dd98f7f043
Support changing just the currency of an existing subscription
2023-01-25 15:14:17 -06:00
e8978ef91c
Add tests for `SubscriptionController#setSubscriptionLevel`
2023-01-25 15:14:17 -06:00
4ce85fdb19
Treat "check code" exceptions as `false` for legacy API compatibility
2023-01-25 14:39:29 -05:00
035ddc4834
Fix a mistake where we're looking for verification codes in place that hasn't been deployed yet (but will be soon!)
2023-01-25 11:43:06 -05:00
c2f40b8503
Remove duplicate code
2023-01-25 11:09:23 -05:00
cf738a1c14
Look for registration service errors in response bodies in addition to status responses
2023-01-25 10:49:36 -05:00
52d40c2321
Add metrics for spam report tokens received.
2023-01-24 10:25:40 -05:00
ab26a65b6a
Introduce spam report tokens
2023-01-19 11:13:43 -05:00
1c1714b2c2
Clarify a counter name
2023-01-17 17:13:06 -05:00
accb017ec5
Use a longer expiration window for quantile calculation
2023-01-17 17:13:06 -05:00
Jon Chambers