Commit Graph

2636 Commits

Author SHA1 Message Date
Chris Eager 637792c6d4 Move `RemoveExpiredLinkedDevicesCommand` error handling for more accurate metrics 2023-12-21 16:06:41 -06:00
Jon Chambers 4d1bca2d97 Dispatch client presence operations after account deletion to a dedicated executor 2023-12-21 13:40:49 -05:00
Chris Eager f33a2eba50
Add buffer + shuffle and configurable concurrency to `RemoveExpiredLinkedDevicesCommand` 2023-12-21 11:14:02 -06:00
Jon Chambers 5d6bea5ec9 Clear Redis cache entries strictly after removing accounts from DynamoDB 2023-12-21 12:08:03 -05:00
Jon Chambers 057d1f07a8 Remove bulk "set repeated-use signed pre-keys" methods because they were only ever used for single devices 2023-12-21 12:07:42 -05:00
Jon Chambers 95bb9a9780 Log signed pre-key retrieval errors and mismatches 2023-12-20 14:55:12 -05:00
Chris Eager 06c391cbf6 Add counter for failed account updates to RemoveExpiredLinkedDevicesCommand 2023-12-20 13:51:28 -06:00
Chris Eager d90dff95b1 Move MeterRegistry#close calls to after the lifecycle has fully stopped 2023-12-20 13:51:16 -06:00
Ravi Khadiwala ca47a7b663 handle new RegistrationService proto error 2023-12-19 18:19:26 -06:00
Jonathan Klabunde Tomer 9d3d4a3698
Add phone-number-sharing field to versioned profile
Co-authored-by: Katherine <katherine@signal.org>
2023-12-19 11:20:04 -08:00
Chris Eager 3b509bf820 Add command to remove expired linked devices 2023-12-19 13:11:26 -06:00
Jon Chambers 5b7f91827a
Remove signed pre-keys transactionally when removing devices 2023-12-19 14:11:05 -05:00
Chris Eager 06800043a9 Set TLS keystore password in secondary persistent services 2023-12-15 13:39:58 -06:00
Chris Eager 3090de56b8 Set TLS keystore password from secrets configuration 2023-12-15 12:47:27 -06:00
Katherine a37acd1f42
Add ttl for braintree writes to onetime donation table 2023-12-15 13:37:35 -05:00
Jonathan Klabunde Tomer e9a130f976
add versioned zkconfig secrets to sample secrets bundle 2023-12-14 17:38:49 -08:00
Jonathan Klabunde Tomer 43f17414ff
Make key-setting methods asynchronous again 2023-12-14 16:49:16 -08:00
Jon Chambers b259eea8ce
Refactor/clarify account creation/reclamation process 2023-12-14 16:48:57 -08:00
Katherine 9cfc2ba09a
Persist onetime donation payment success timestamps for Braintree transactions 2023-12-14 16:48:29 -08:00
Chris Eager bb347999ce
Propagate another subscription processor error to clients 2023-12-14 15:40:08 -05:00
Katherine 3548c3df15
Calculate onetime badge expiration from payment success timestamp 2023-12-14 15:39:46 -05:00
Jon Chambers 1167d0ac2e Make key-setting methods synchronous 2023-12-13 17:49:55 -05:00
Jon Chambers f738bc97e7 Revert "Retire the "migrate signed pre-keys" command"
This reverts commit c7cc3002d5.
2023-12-13 17:49:55 -05:00
Jon Chambers 3f9edfe597 Revert "Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys"
This reverts commit feb933b4df.
2023-12-13 17:49:55 -05:00
Jon Chambers a024949311 Revert "Retire "migrate signed pre-keys" configuration"
This reverts commit 44145073f1.
2023-12-13 17:49:55 -05:00
Jon Chambers 609c901867 Refactor key-fetching to be reactive 2023-12-13 12:46:48 -05:00
Jon Chambers 4ce060a963 Count wildcard "get keys" requests by platform 2023-12-13 12:46:48 -05:00
Jon Chambers c4ca0fee40 Synchronize access to `responseItems` when assembling a "get keys" response 2023-12-13 12:46:48 -05:00
Chris Eager 8d4acf0330 Remove `ForkJoinPool.managedBlock` in favor of async updates 2023-12-13 10:18:04 -05:00
Jon Chambers 28a981f29f Assume that all devices have signed pre-keys 2023-12-13 10:17:51 -05:00
Jon Chambers c29113d17a Reject requests with missing device capabilities 2023-12-12 11:37:44 -05:00
Katherine 951f978447
Use start of subscription period as fallback timestamp 2023-12-12 11:34:44 -05:00
Jon Chambers 07899f35bd Return `DeviceController#linkDevice` to synchronous processing 2023-12-12 11:34:23 -05:00
Katherine 3cbbf37468
Use payment success timestamp to calculate recurring donation badge expiration 2023-12-12 10:01:20 -05:00
Jon Chambers 6c7a3df5ae Retire non-atomic device-linking pathways 2023-12-12 09:53:51 -05:00
Jon Chambers 2054ab2771 Revert "Count requests with missing device capabilities"
This reverts commit 6cdf8ebd2c.
2023-12-12 09:53:51 -05:00
Jon Chambers 44145073f1 Retire "migrate signed pre-keys" configuration 2023-12-12 09:53:34 -05:00
Jon Chambers feb933b4df Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys 2023-12-11 11:39:54 -05:00
Jon Chambers c7cc3002d5 Retire the "migrate signed pre-keys" command 2023-12-11 11:07:00 -05:00
xiaolou86 049b901d63 Fix typos 2023-12-09 10:04:12 -05:00
Jon Chambers 3cf1b92dfc Do not set one-time pre-keys if the lists of new keys are empty 2023-12-08 14:03:08 -05:00
Jon Chambers 5b0fcbe854 Always expose sequential fluxes to account crawlers 2023-12-08 13:43:42 -05:00
Jon Chambers cca747a1f6 Treat transaction conflicts during transactional account updates as contested optimistic locks 2023-12-08 12:13:23 -05:00
Jon Chambers 417d99a17e Check story rate limits in parallel 2023-12-08 12:13:08 -05:00
Jon Chambers e9708b9259 Use random UUIDs throughout `MessageControllerTest` 2023-12-08 12:13:08 -05:00
Jon Chambers e5d3be16b0 Fetch destination accounts in parallel when sending multi-recipient messages 2023-12-08 12:13:08 -05:00
Jordan Rose 2ab3c97ee8
Replace MultiRecipientMessage parsing with libsignal's implementation
Co-authored-by: Jonathan Klabunde Tomer <jkt@signal.org>
2023-12-08 11:52:47 -05:00
Jon Chambers f20d3043d6
Process key migrations sequentially to better control concurrency 2023-12-07 21:42:49 -05:00
Jonathan Klabunde Tomer 4efda89358
multisend cleanup 2023-12-07 12:23:02 -08:00
Jon Chambers 1fb88271e5 Invalidate cache entries for accounts after successfully adding devices 2023-12-07 13:27:26 -05:00
Jon Chambers a843780f68 Add a (failing!) test for device-linking 2023-12-07 13:27:26 -05:00
Jon Chambers 5ad83da4e0 Remove the now-unused admin logger 2023-12-07 12:58:43 -05:00
Jon Chambers 50d92265ea
Add devices to accounts transactionally 2023-12-07 11:19:40 -05:00
Chris Eager e084a9f2b6 Remove PUT/DELETE methods from RemoteConfigController 2023-12-07 10:54:19 -05:00
Jon Chambers 664f9f36e1 Use padded base64 encoding for outbound device names 2023-12-07 10:53:56 -05:00
Jon Chambers 4c9efdb936 Revert "Revert "Represent device names as byte arrays""
This reverts commit 45848e7bfe.
2023-12-07 10:53:56 -05:00
Jon Chambers 45848e7bfe Revert "Represent device names as byte arrays"
This reverts commit 5ae2e5281a.
2023-12-06 17:05:04 -05:00
Ravi Khadiwala 4fa10e5783 Fix NPE in request metrics when a finished request is missing a response 2023-12-06 15:11:41 -05:00
Ravi Khadiwala fc0bc85f4d Add some extra request validation to `/v1/archives/keys` 2023-12-06 15:11:27 -05:00
Jon Chambers 5ae2e5281a Represent device names as byte arrays 2023-12-06 15:10:45 -05:00
Jon Chambers 34a943832a Align push notification types and delivery priorities 2023-12-06 12:40:16 -05:00
Jon Chambers db17693ba7 Revert "Temporarily make registration challenge notifications "noisy""
This reverts commit 9069c5abb6.
2023-12-06 12:40:16 -05:00
Jon Chambers 6cdf8ebd2c
Count requests with missing device capabilities 2023-12-06 10:40:50 -05:00
Ravi Khadiwala 072b470f46 Be more specific about encodings in /v1/archive docs 2023-12-06 10:40:20 -05:00
Ravi Khadiwala 78b2df2ecc Use long instead of int for epoch seconds 2023-12-06 10:40:06 -05:00
Jon Chambers 00e72a30c9 Assume all accounts have primary devices 2023-12-06 10:28:19 -05:00
Jon Chambers df421e0182
Update signed pre-keys in transactions 2023-12-05 14:20:16 -05:00
Jon Chambers ede9297139 Disallow identity key changes 2023-12-05 14:14:24 -05:00
Jon Chambers 85383fe581 Remove an unused "store keys" method 2023-12-05 14:14:24 -05:00
Jon Chambers 4cca7aa4bd Normalize identity types throughout `KeysController` 2023-12-05 14:14:24 -05:00
Jon Chambers e2037dea6c Rename `PreKeyState` to `SetKeysRequest` 2023-12-05 14:14:24 -05:00
Jon Chambers f10f772e94 Convert `PreKeyState` to a record 2023-12-05 14:14:24 -05:00
Jon Chambers 9ecfe15ac4 Use multiline strings for `PreKeyState` documentation 2023-12-05 14:14:24 -05:00
Jon Chambers 5f0726af8a
Perform cleanup operations before overwriting an existing account record 2023-12-05 12:18:09 -05:00
Ravi Khadiwala 331bbdd4e6 replace deprecated apache RandomUtils 2023-12-05 10:48:18 -06:00
Jon Chambers 37e3bcfc3e Move "remove device" logic into `AccountsManager` 2023-12-05 11:44:58 -05:00
Jon Chambers 4f42c10d60 Disallow sync messages to PNIs 2023-12-05 11:44:27 -05:00
Jonathan Klabunde Tomer 20392a567b Revert "multisend cleanup"
This reverts commit c03249b411.
2023-12-01 14:39:31 -08:00
Jonathan Klabunde Tomer c03249b411
multisend cleanup 2023-11-30 15:50:36 -08:00
gram-signal 22e6584402
Add auth controller for SVR3 to /v3/backup. 2023-11-30 15:50:21 -08:00
Jon Chambers aa23a5422a Don't modify registration IDs from the "set account attributes" endpoint 2023-11-29 16:56:47 -05:00
Jon Chambers 01fde4f9ca Require PNI-associated registration IDs for new devices 2023-11-29 16:56:47 -05:00
Jon Chambers 3980dec123 Revert "Add metrics to check presence of PNI-associated registration IDs"
This reverts commit 1da3f96d10.
2023-11-29 16:56:47 -05:00
Jon Chambers c97f837f45 Revert "Instrument registration ID changes via the "set account attributes" endpoint"
This reverts commit 8fbc1dac74.
2023-11-29 16:56:47 -05:00
Chris Eager 9c54d2407b Update tests 2023-11-29 15:48:24 -06:00
Chris Eager a027c4ce1f Conditionally use `request.remoteAddr` instead of `X-Forwarded-For` 2023-11-29 15:48:24 -06:00
Chris Eager b1fd025ea6 Use EpochSecondSerializer for UserRemoteConfigList.serverEpochTime 2023-11-29 15:47:10 -06:00
Jonathan Klabunde Tomer a05a230085
use Account-specific json serializer when reserving username hash 2023-11-29 13:40:06 -08:00
Jon Chambers 8fbc1dac74 Instrument registration ID changes via the "set account attributes" endpoint 2023-11-29 10:26:41 -05:00
Katherine f46842c6c9
Validate registration IDs 2023-11-28 15:43:35 -08:00
ravi-signal 202dd8e92d
Add copy endpoint to ArchiveController
Co-authored-by: Jonathan Klabunde Tomer <125505367+jkt-signal@users.noreply.github.com>
Co-authored-by: Chris Eager <79161849+eager-signal@users.noreply.github.com>
2023-11-28 11:45:41 -06:00
Jon Chambers 1da3f96d10 Add metrics to check presence of PNI-associated registration IDs 2023-11-28 12:26:15 -05:00
Chris Eager 5f6fe4d670 Add `NoneHealthResponder` to replace default responder 2023-11-27 14:38:47 -06:00
Chris Eager a74438d1ee Add test for concurrent in-flight outbound messages on WebSocket queue processing
This also elevates the implicit default concurrency (via reactor’s `Queues.SMALL_BUFFER_SIZE`) to be explicit.
2023-11-27 14:37:46 -06:00
Jon Chambers c8033f875d Create accounts transactionally 2023-11-27 09:57:43 -05:00
Jon Chambers 07c04006df Avoid blocking calls in async account updates 2023-11-27 09:57:43 -05:00
Jon Chambers 521900c048 Always require atomic account creation 2023-11-27 09:52:57 -05:00
Jon Chambers 9069c5abb6 Temporarily make registration challenge notifications "noisy" 2023-11-22 10:25:59 -05:00
Jon Chambers ff7a5f471b Always use "conserve power" priority for challenge notifications 2023-11-21 17:58:32 -05:00
Ravi Khadiwala 42a47406cc Fix platform tag for push challenge metric 2023-11-21 17:57:32 -05:00
Katherine de10b6de7b
Add metric to count invalid registration ID when setting account attributes 2023-11-20 14:25:27 -08:00
Chris Eager d6ade0e1ac Send HTTP 408 on idle timeout 2023-11-20 16:24:54 -06:00
Jonathan Klabunde Tomer cb1fc734c2
report exceptions in fanned-out sends of multi-recipient messages 2023-11-20 10:46:26 -08:00
Katherine Yen db7f18aae7 Add missing boolean parameter to `getSubscriptionStatus` method call 2023-11-16 19:28:10 -05:00
Katherine 7fbc327591
For Braintree, return `active` subscription status if latest transaction also succeeded 2023-11-16 19:15:46 -05:00
Chris Eager 84b56ae1b2
Upgrade to dropwizard 3.0 2023-11-16 17:57:48 -06:00
Katherine 041aa8639a
Enforce story ratelimit 2023-11-16 12:36:43 -05:00
Katherine 216ac72ad0
Use Braintree subscription status alongside transaction status to determine 204 and 402 responses for `/v1/subscription/{subscriberId}/receipt_credentials` 2023-11-16 12:36:19 -05:00
Jon Chambers c85ddaeb9c
Make DynamoDB client connection pool sizes configurable 2023-11-16 12:29:43 -05:00
Jonathan Klabunde Tomer 8f7bae54fe
When persisting messages fails due to a full queue in DynamoDB, automatically unlink one device to free up room.
Co-authored-by: Chris Eager <79161849+eager-signal@users.noreply.github.com>
2023-11-15 17:15:17 -08:00
Jon Chambers ce60f13320
Don't track IPv4/IPv6 metrics at the application level
We can measure this at the infrastructure level without observing IPs directly.
2023-11-15 17:18:54 -05:00
Jon Chambers 1ac0140666 Remove a couple of now-unused variables 2023-11-15 17:12:08 -05:00
Jon Chambers 6cc8b147a9 Remove unused `X-Forwarded-For` parameters 2023-11-15 17:09:47 -05:00
Jonathan Klabunde Tomer 7764185c57
return explicit Response rather than Void from async controllers with no expected body content 2023-11-14 21:57:25 -08:00
Katherine d4ef2adf0a
Remove low priority attempt login notification workaround for old iOS clients 2023-11-13 12:06:55 -05:00
Jonathan Klabunde Tomer a83378a44e
add an option to replace username ciphertext without rotating the link handle 2023-11-13 09:01:54 -08:00
ravi-signal a4a4204762
Allow re-registered accounts to reclaim their usernames 2023-11-13 10:41:23 -06:00
Jon Chambers acd1140ef6 Make registration challenge APNs payloads "silent" 2023-11-13 08:39:58 -08:00
Jon Chambers fbf71c93ff Make rate limit challenge APNs payloads "silent" 2023-11-13 08:39:58 -08:00
Katherine 38bc0c466a
Change `sepaMaximumEuros` field to number in JSON response 2023-11-10 10:16:03 -08:00
Katherine 71e4351743
Add `sepaMaximumEuros` field to subscription configuration 2023-11-10 09:13:51 -08:00
Katherine 387e4b94b4
Expand charge object on Stripe subscription to surface charge failure information 2023-11-10 09:12:59 -08:00
Katherine 201c76b861
Add charge failure details to `/v1/subscription/{subscriberId}/receipt_credentials` 402 response 2023-11-08 10:54:14 -08:00
Sergey Skrobotov db63ff6b88 gRPC validations 2023-11-03 11:30:48 -07:00
Katherine 115431a486
Un-hardcode payment activation flag 2023-11-03 11:27:34 -07:00
Jonathan Klabunde Tomer d47ff9b7c7
don't make empty transactions 2023-11-02 16:20:19 -07:00
Chris Eager 2bc4412d66 Encapsulate device ID in ProvisioningAddress 2023-11-02 11:48:10 -05:00
Chris Eager 6a428b4da9 Convert Device.id from `long` to `byte` 2023-11-02 11:48:10 -05:00
Jonathan Klabunde Tomer 7299067829
Don't attempt to update PNI PQ prekeys for disabled devices 2023-11-01 16:55:55 -07:00
Chris Eager 570aa4b9e2 Remove several unused classes 2023-11-01 15:46:10 -05:00
Ravi Khadiwala 6b38b538f1 Add ArchiveController
Adds endpoints for creating and managing backup objects with ZK
anonymous credentials.
2023-10-30 14:02:19 -05:00
Chris Eager ba139dddd8 Use all devices when checking limit 2023-10-30 12:40:06 -05:00
Chris Eager 0f5c62ade5 Set max threads = min threads on command executor services 2023-10-27 09:26:32 -05:00
Jon Chambers 54bc3bce96
Add an authentication-required gRPC service for working with accounts 2023-10-25 14:47:20 -04:00
Jon Chambers 3d92e5b8a9
Explicitly stop and start managed dependencies 2023-10-24 16:50:02 -04:00
Chris Eager b0654a416a Update maven plugins 2023-10-24 14:32:55 -05:00
Chris Eager 19930ec2e4 Update dependencies
- AWS: 2.20.130 → 2.21.5
- Braintree: 3.25.0 → 3.27.0
- commons-csv: 2.13.0 → 2.14.0
- dropwizard: 2.1.7 → 2.1.9
- Google libraries BOM: 26.22.0 → 26.25.0
- grpc: 1.56.1 → 1.58.0
- kotlin: 1.9.0 → 1.9.10
- protobuf: 3.23.2 → 3.24.3
- stripe: 23.1.1 → 23.10.0
- junit-pioneer: 2.0.1 → 2.1.0
- firebase-admin: 9.1.1 → 9.2.0
- swagger-jaxrs2: 2.2.8 → 2.2.17
- java-uuid-generator: 4.2.0 → 4.3.0
- log4j: 2.17.0 → 2.21.0
- reactor-bom: 2022.0.10 → 2022.0.12
2023-10-24 14:32:55 -05:00
Jon Chambers e4de6bf4a7
Only update devices that aren't already disabled 2023-10-24 15:29:03 -04:00
Katherine Yen 6f166425fe Fix bank mandate test 2023-10-20 16:19:31 -04:00
Chris Eager cf2353bcf9 Remove InstrumentedExecutorService wrapping 2023-10-20 15:14:35 -05:00
Jon Chambers 744eb58071 Discard old chunk-based account crawler machinery 2023-10-20 16:09:17 -04:00
Jon Chambers 9d47a6f41f Introduce a reactive push notification feedback processor 2023-10-20 16:09:17 -04:00
Jonathan Klabunde Tomer fd19299ae0
Accept a captcha score threshold for challenges from the spam filter 2023-10-20 09:09:22 -07:00
Jon Chambers 9c053e20da Drop `Util#isEmpty`/`Util#nonEmpty` in favor of `StringUtils` 2023-10-20 12:04:15 -04:00
Jon Chambers 19d7b5c65d Drop `Util#wait` 2023-10-20 12:04:15 -04:00
Jon Chambers 7b9d8829da Remove entirely unused `Util` methods 2023-10-20 12:04:15 -04:00
Jon Chambers f0ab52eb5d Rename "master device" to "primary device" 2023-10-20 10:52:13 -04:00
Jon Chambers e8cebad27e Avoid modifying original `Account` instances when constructing JSON for updates 2023-10-20 10:51:50 -04:00
Jon Chambers 6441d5838d Clear username links in the same transaction when clearing username hashes 2023-10-20 10:51:50 -04:00
Jon Chambers ac0c8b1e9a Introduce a canonical constant for UAK length 2023-10-20 10:50:44 -04:00
Katherine 8ec062fbef
Define an endpoint to set the default payment method for iDEAL subscriptions 2023-10-19 10:29:40 -07:00
Katherine 5990a100db
Add charge failure details to `/v1/subscription/boost/receipt_credential` 402 response 2023-10-19 10:21:26 -07:00
Jon Chambers bc35278684 Drop the old `AccountCleaner` 2023-10-19 10:34:24 -04:00
Jon Chambers c3c7329ebb Add a single-shot command for removing expired accounts 2023-10-19 10:34:24 -04:00
Jon Chambers 6fd1c84126 Make command namespace available to subclasses 2023-10-19 10:34:24 -04:00
Jon Chambers 0100f0fcc9 Migrate a username links test from `AccountsTest` to `AccountsManagerUsernameIntegrationTest` 2023-10-18 10:20:48 -04:00
Jon Chambers 0cdc32cf65 Really REALLY fix instrumentation for re-registration of recently-deleted accounts 2023-10-18 10:15:03 -04:00
Jon Chambers 601e9eebbd Implement an anonymous account service for looking up accounts 2023-10-18 10:14:52 -04:00
Jon Chambers eaa868cf06 Add a remote address interceptor to base gRPC tests 2023-10-18 10:14:52 -04:00
Jon Chambers f55504c665 Add utility methods for rate-limiting by remote address 2023-10-18 10:14:52 -04:00
Katherine Yen b2ff016cc1 Add back story ratelimiter with counter but do not enforce 2023-10-17 12:22:17 -04:00
Jon Chambers 33b4f17945
Make username-related operations asynchronous 2023-10-17 12:21:52 -04:00
Jon Chambers e310a3560b Remove unused configuration for the legacy Secure Backup Service 2023-10-17 12:21:14 -04:00
Jon Chambers 162b27323e Fix instrumentation for re-registration of recently-deleted accounts 2023-10-17 12:20:58 -04:00
Jon Chambers ae976ef8d6 Retire legacy Secure Value Recovery plumbing 2023-10-13 15:32:41 -04:00
Katherine c6b4e2b71d
Support iDEAL 2023-10-12 09:54:05 -07:00
Jon Chambers 33c8bbd0ce Trim stale capabilities from the profiles gRPC service 2023-10-12 12:52:32 -04:00
Jon Chambers f2a3b8dba4 Treat APNs team/key IDs as secrets so they can change atomically with the key itself 2023-10-12 12:52:13 -04:00
Katherine 207ae6129b
Add `paymentMethod` and `paymentProcessing` fields to `GET /v1/subscription/{subscriberId}` endpoint 2023-10-10 09:56:50 -07:00
Katherine e1aa734c40
Define endpoint to get localized bank mandate text 2023-10-05 09:53:33 -07:00
Jon Chambers bb7e0528c4
Make account deletion an asynchronous operation 2023-10-04 10:44:50 -04:00
Jonathan Klabunde Tomer 010eadcd10
UnlinkDeviceCommand improvements 2023-10-03 15:14:02 -07:00
Katherine c43e0b54f2
Exclude `SEPA_DEBIT` as a supported payment method for certain iOS client versions 2023-10-03 11:34:52 -07:00
Chris Eager 6522b74e20 Remove obsolete metrics 2023-10-03 11:42:25 -05:00
Chris Eager 8c7975d89a Clear presence only if the connection’s displacement listener is still present 2023-10-03 11:42:25 -05:00
Chris Eager 407070c9fc Unsubscribe from keyspace notifications only if queue still maps to the listener 2023-10-03 11:42:25 -05:00
Katherine 7821a3cd61
Accommodate PayPal with SEPA changes 2023-09-28 10:28:17 -07:00
Katherine a00c2fcfdb
Support SEPA 2023-09-28 08:26:01 -07:00
Jonathan Klabunde Tomer 9cd21d1326
count ItemCollectionSizeLimitExceededExceptions persisting messages 2023-09-27 10:58:28 -07:00
Jonathan Klabunde Tomer aaba95f9b8
return `null` for empty username hash in AccountIdentityResponse 2023-09-27 10:58:04 -07:00
Chris Eager 8d1135a2a3 Refine `RegistrationController` logic
Local device transfer on iOS uses the `409` status code to prompt the
transfer UI. This needs to happen before sending a `423` and locking
an existing account, since the device transfer
includes the local device database verbatim.
2023-09-25 15:54:31 -05:00
Jon Chambers f9fabbedce Convert `SubscriptionController` request/response entities to records 2023-09-25 12:32:49 -07:00
Chris Eager 16012e6ffe Remove obsolete `ManagedPeriodicWork` 2023-09-25 12:15:17 -07:00
Jon Chambers d10a132b0c Remove unused methods in `SubscriptionController` 2023-09-25 12:14:56 -07:00
Sergey Skrobotov 0b3af7d824 gRPC API for external services credentials service 2023-09-25 12:14:49 -07:00
Sergey Skrobotov d0fdae3df7 Enable header-based auth for WebSocket connections 2023-09-25 12:14:40 -07:00
Chris Eager 0e989419c6 Add metric for late removal of message availability and displacement listeners 2023-09-19 12:04:24 -05:00
ravi-signal 0fa8276d2d
retry hCaptcha errors
Co-authored-by: Jon Chambers <63609320+jon-signal@users.noreply.github.com>
2023-09-14 16:07:35 -05:00
Ravi Khadiwala b594986241 Set an idle timeout on registration gRPC client 2023-09-14 16:06:49 -05:00
Sergey Skrobotov 9f3ffa3707 gRPC API for payments service 2023-09-14 11:12:00 -07:00
Jonathan Klabunde Tomer 8e598c19dc
don't attempt to update KEM prekeys if we have no PQ-enabled devices 2023-09-14 11:11:22 -07:00
Katherine 2601d6e906
Convert some fields on `CreateProfileRequest` and `VersionedProfileResponse` to byte arrays 2023-09-13 14:00:03 -07:00
Jon Chambers f0544fab89 Update recently-deleted accounts table transactionally as part of account mutations 2023-09-13 16:02:19 -04:00
Jon Chambers 1b9bf01ab1 Absorb `DeletedAccounts` into `Accounts` 2023-09-13 16:02:19 -04:00
Katherine cbc3887226
Define identity key check endpoint in keys anonymous service 2023-09-11 11:57:00 -07:00
Jon Chambers 2b764c2abd Don't allow callers to unlink their primary device 2023-09-11 14:29:48 -04:00
Jon Chambers 845fc338d7 Add a (failing) test for removing primary devices from accounts 2023-09-11 14:29:48 -04:00
Sergey Skrobotov 977243ebfd DRY gRPC tests, refactor error mapping 2023-09-08 17:12:08 -07:00
Chris Eager 29ca544c95 Revert "Set `suppressCancel=true` in `Mono.fromFuture`"
This reverts commit 8348263fab.
2023-09-07 17:03:33 -05:00
Ravi Khadiwala 94b41d3a2c Fixup default rate limits
A previous refactor left the default rate limits off by a factor of 60.
2023-09-07 16:07:42 -05:00
Chris Eager 92bb783cbb Use static exception instance when a connection is closed 2023-09-07 16:06:16 -05:00
Chris Eager 8348263fab Set `suppressCancel=true` in `Mono.fromFuture` 2023-09-07 16:06:03 -05:00
Ravi Khadiwala 5934b7344a Remove unused captcha configuration 2023-09-07 11:16:32 -05:00
Chris Eager a9a2e40fed Move `onErrorResume` to individual `sendMessage` `Mono` 2023-09-07 11:15:57 -05:00
Chris Eager 656326355a Invert `String.equals()` to prevent `NullPointerException` 2023-09-07 11:14:36 -05:00
Chris Eager b89e2e5355 Propagate certain subscription processor errors to client responses 2023-09-06 15:57:14 -05:00
Chris Eager 2d187abf13 Handle WebSocket sendMessage errors with onErrorResume 2023-09-06 15:53:01 -05:00
Chris Eager ecd6b0174a Add timeouts to crawl chunk `join()`s 2023-08-31 15:03:19 -05:00
Chris Eager a1e534a515 Add default request timeout to FaultTolerantHttpClient 2023-08-31 15:03:19 -05:00
Sergey Skrobotov ebbe19ba63
Add missing copyright headers and reorder some imports 2023-08-30 16:07:53 -07:00
Katherine Yen 6a37b73463
Profile gRPC: Define `getExpiringProfileKeyCredential` endpoint 2023-08-30 14:56:43 -07:00
Katherine Yen dd18fcaea2
Profile gRPC: Define `getVersionedProfile` endpoint 2023-08-30 14:47:11 -07:00
Katherine Yen 5afc058f90
Profile gRPC: Define `getUnversionedProfile` endpoint 2023-08-30 14:24:43 -07:00
Jon Chambers 5e221fa9a3
Tests for validation of Kyber keys on PNI change/key distribution events
Co-authored-by: Jonathan Klabunde Tomer <jkt@signal.org>
2023-08-30 14:07:33 -07:00
Jon Chambers 0e0cb4d422 Drop the non-normalized account crawler 2023-08-30 13:55:41 -04:00
Jonathan Klabunde Tomer 9577d552c6
pass challenge type to rate limit reset listeners 2023-08-29 15:19:49 -07:00
Chris Eager 093f17dce2
Update to stripe-java 23.1.1 2023-08-29 15:18:16 -07:00
Jon Chambers 6089f49b9c
Add a gRPC interceptor for getting client addresses 2023-08-29 15:18:06 -07:00
Sergey Skrobotov cfb910e87e Adding copyright headers to proto files 2023-08-28 14:39:33 -07:00
Chris Eager d338ba5152 Convert some KeysController methods return `CompletableFuture`s 2023-08-24 11:59:28 -05:00
Chris Eager f181397664 Add test for round-trip AccountsManager JSON serialization 2023-08-24 11:18:01 -05:00
Chris Eager 708f23a2ee Remove deprecated identity key and signed pre-key methods 2023-08-24 11:18:01 -05:00
Chris Eager 7536b75508 Remove unused test fixtures 2023-08-24 11:06:11 -05:00
Jonathan Klabunde Tomer 7237ae6c54
check that pq last-resort prekeys, if submitted, match device list 2023-08-24 09:04:29 -07:00
Sergey Skrobotov ca05753a3e adding 400 response documentation to the API call 2023-08-23 13:20:07 -07:00
Jon Chambers 754f71ce00 Add a gRPC service for working with devices 2023-08-22 16:31:02 -05:00
Jon Chambers 619b05e56c Add utility a method for requiring authentication with the account's primary device 2023-08-22 16:31:02 -05:00
Jon Chambers 8b13826949 Convert `DeviceInfo` and `DeviceInfoList` to a record 2023-08-22 16:31:02 -05:00
Jon Chambers a96ee57c7e Defer asynchronous actions when deriving `Mono` instances from futures 2023-08-22 16:28:02 -05:00
Jon Chambers ff1ef90a6d Defer actions taken after rate limit checks 2023-08-22 16:28:02 -05:00
Chris Eager 6f0462622b Update maven and various plugins 2023-08-21 11:34:08 -05:00
Chris Eager 2f17161163 Update various dependencies 2023-08-21 11:34:08 -05:00
Ravi Khadiwala 17d48b95ac keep lettuce metrics; strip remote tags 2023-08-18 16:28:19 -05:00
Chris Eager eeea97e2fe Return a single OAuth2 credentials JSON 2023-08-18 16:16:31 -05:00
Jon Chambers 76305190a2 Temporarily restore explicit service/version/environment/host tags 2023-08-17 18:30:59 -04:00
Jon Chambers ab83990170 Send latency metrics as distributions 2023-08-17 17:10:16 -04:00
Jon Chambers 8103a22026 Submit Micrometer metrics via dogstatsd instead of the Datadog API 2023-08-17 17:01:36 -04:00
Jonathan Klabunde Tomer 1f8e4713ef
limit concurrency of async DynamoDB ops 2023-08-17 13:56:09 -07:00
Katherine Yen ff9fe2c1be
Remove record equality test 2023-08-17 13:55:27 -07:00
Jon Chambers 7f37c8ee5e Retire now-unused HTTP transport configuration for Datadog metric reporter 2023-08-17 16:53:53 -04:00
Jon Chambers ed0a723fef Include underlying exceptions when logging failures to write exit files 2023-08-17 12:32:45 -04:00
Jon Chambers 5c31ef43c9 Send an HTTP/440 response instead of an HTTP/502 if an upstream provider rejects a "send verification code" request 2023-08-17 12:15:00 -04:00
Katherine Yen 43fd8518c0
Add missing `java.util.Base64` import to ProfileController 2023-08-16 14:02:53 -07:00
Katherine Yen 19a08f01e8
Write certain profile data as bytes instead of strings to dynamo and represent those fields as byte arrays on `VersionedProfile` 2023-08-16 13:45:16 -07:00
Jon Chambers ccd860207b Make `MessagesManager#clear` asynchronous 2023-08-15 14:08:16 -04:00
Jon Chambers 2c835b5c51 Make message deletion from DynamoDB asynchronous 2023-08-15 14:08:16 -04:00
Jon Chambers 5caa951c61 Make `MessagesCache#clear` methods asynchronous 2023-08-15 14:08:16 -04:00
Jon Chambers 4d8c4d6693 Also delete APNs VOIP tokens when clearing APNs tokens 2023-08-15 14:08:00 -04:00
Jon Chambers a9d0574ea8 Remove most `@Timed` annotations 2023-08-15 14:06:31 -04:00
Ravi Khadiwala ed6a2c55eb adjust lettuce metric denial for post-transform name 2023-08-11 09:43:41 -05:00
Ravi Khadiwala b6ee074149 fix captcha shortening url path resolution 2023-08-10 16:01:56 -05:00
Ravi Khadiwala f6b3500e92 remove most high cardinality lettuce metrics 2023-08-10 16:01:16 -05:00
Katherine Yen a71dc48b9b
Prepare to read profile data stored as byte arrays 2023-08-10 14:00:35 -07:00
Katherine Yen bc5eed48c3
Add authentication interceptor to profile gRPC service 2023-08-10 13:59:46 -07:00
Jon Chambers 2ecf3cb303 Revert "Don't immediately require PNI-associated keys for "atomic" device linking"
This reverts commit 4ec97cf006.
2023-08-10 16:59:35 -04:00
Jon Chambers bed33d042a Revert "Require PNI-associated keys if the target account has a PNI identity key"
This reverts commit 1dde612855.
2023-08-10 16:59:35 -04:00
Ravi Khadiwala 3ac7aba6b2 Add a captcha short-code expander 2023-08-09 12:41:31 -05:00
Jon Chambers 1dde612855 Require PNI-associated keys if the target account has a PNI identity key 2023-08-09 12:10:56 -04:00
Jon Chambers 4ec97cf006 Don't immediately require PNI-associated keys for "atomic" device linking 2023-08-09 12:10:56 -04:00
Jon Chambers d51c6fd2f8 Convert `Device.Capabilities` to a record 2023-08-08 15:38:37 -04:00
Jon Chambers d868e3075c Retire fully-adopted device capabilities 2023-08-08 15:38:37 -04:00
Jon Chambers ae61ee5486 Retire `AnalyzeDeviceCapabilitiesCommand` 2023-08-08 15:38:37 -04:00
Katherine Yen 58fd9ddb27
Count profile data that cannot be parsed as base64 2023-08-08 10:54:25 -07:00
Katherine Yen a953cb33b7 Define ProfileController protobufs and setProfile endpoint 2023-08-08 10:53:11 -07:00
Jon Chambers 95b90e7c5a Add a preliminary gRPC service for dealing with calling credentials 2023-08-08 12:46:55 -04:00
Jon Chambers 6a3ecb2881 Convert `TurnToken` to a record 2023-08-08 12:46:55 -04:00
Jon Chambers 6cf4241283 Add a reactive method for checking rate limits by UUID 2023-08-08 12:46:55 -04:00
Jon Chambers 42141e51a1 Use ACIs instead of E164s for TURN URI overrides 2023-08-08 12:46:55 -04:00
Jon Chambers b01945ff50 Clarify parameterized tests by modifying prototype request objects; remove spurious warning suppressions 2023-08-08 10:33:29 -04:00
Jon Chambers a131f2116f Retire verification code storage machinery 2023-08-04 17:26:55 -04:00
Jon Chambers 625637b888 Stop checking for stored verification codes when linking devices 2023-08-04 17:26:55 -04:00
Jon Chambers c873f62025 Produce verification tokens instead of stored verification codes for linking devices 2023-08-04 16:04:47 -04:00
Jon Chambers 43d91e5bd6 Convert `VerificationCode` to a record 2023-08-04 16:04:47 -04:00
Jon Chambers 5c4c729703 Disallow reuse of device verification tokens 2023-08-04 13:40:37 -05:00
Jon Chambers 308da3343d Accept signed tokens in addition to randomly-generated codes for authorizing device linking 2023-08-04 13:40:37 -05:00
Chris Eager 48c7572dd5 Add CommandStopListener 2023-08-04 13:29:35 -05:00
Jon Chambers 69ea9b0296 Add a request counter tagged by client version 2023-08-04 12:16:48 -04:00
Jon Chambers 969c6884c0 Add a command for analyzing device capabilities 2023-08-04 12:14:08 -04:00
Jon Chambers fcf311aab3 Retire the `PendingAccounts` table 2023-08-04 12:13:57 -04:00
ravi-signal 888879dfb2
Estimate message byte limit exceeded error count 2023-08-04 11:10:58 -05:00
Chris Eager f57910cd97 Update to dropwizard 2.1.7, jackson 2.13.5 2023-08-03 16:18:27 -05:00
Chris Eager 89a4034fc6 Remove `s3-upload` from `deploy` phase 2023-08-02 16:16:27 -05:00
Chris Eager f53743d287 Add configuration for Datadog UDP transport 2023-08-02 13:54:15 -05:00
Jon Chambers 2d132128e1 Switched to a composed request object model for anonymous keys gRPC operations 2023-07-28 14:20:24 -05:00
Chris Eager 6e5ffbe7b5 Restore `aci` field to `BatchIdentityCheckRequest` 2023-07-28 14:16:48 -05:00
Ravi Khadiwala baf98accd0 acquire lock before checking message listeners in MessagesCache 2023-07-26 16:45:53 -04:00
Ravi Khadiwala 901c950ee6 Add metrics to keyspace-notifier executor 2023-07-26 16:45:53 -04:00
Ravi Khadiwala 50ac7f9dc2 adjust messageDeletionAsyncExecutor core pool size 2023-07-26 16:45:41 -04:00
Jon Chambers b691b8d37d Log successful client version refreshes 2023-07-26 16:41:54 -04:00
Jon Chambers 4ead8527c8 Use `ClientReleasesManager` when deciding whether to add client version tags 2023-07-26 16:41:54 -04:00
Jon Chambers 6f4801fd6f Add a manager class for checking "liveness" of client versions 2023-07-26 16:41:54 -04:00
Jon Chambers 10689843b0 Add a repository for client release information 2023-07-26 16:41:54 -04:00
Chris Eager 60cc0c482e Add `@Produces` to `PUT /v1/accounts/apn` 2023-07-26 16:35:23 -04:00
Jon Chambers e1a5105c28 Revert "Restore max concurrency when migrating pre-keys"
This reverts commit ed8a1ed579.
2023-07-26 12:56:35 -04:00
Jon Chambers ed8a1ed579 Restore max concurrency when migrating pre-keys 2023-07-26 12:34:32 -04:00
Jon Chambers c3fd2e2284 Retry key storage attempts when migrating signed pre-keys 2023-07-26 12:34:32 -04:00
Chris Eager 872ef5d0a0 Add environment variable to toggle tcp appender 2023-07-24 13:13:13 -05:00
Chris Eager b44599cd59 Remove unused jedis library 2023-07-24 10:54:34 -04:00
Jordan Rose 7a5dcc700e Add support for AuthCredentialAsPni with pniAsServiceId=true
Update to libsignal 0.30.0, and add a new query param to
/v1/certificate/auth/group, "pniAsServiceId=true", that uses the new
encoding of PNIs in zkgroup rather than encoding PNIs the same way as
ACIs, as we have been doing.

Also includes all the adjustments for the libsignal 0.30.0 update.
2023-07-24 10:53:59 -04:00
ravi-signal 705fb93e45
Add v4 attachment controller
Add AttachmentControllerV4 which can be configured to generate upload
forms for a TUS based CDN
2023-07-21 12:09:45 -05:00
Jon Chambers 9df923d916
Update keys gRPC endpoint to use service identifiers 2023-07-21 13:03:01 -04:00
Chris Eager dc1cb9093a Remove unused code 2023-07-21 11:08:32 -05:00
Jon Chambers e32043ae79 Remove outdated documentation 2023-07-21 10:24:17 -04:00
Jon Chambers abb32bd919
Introduce "service identifiers" 2023-07-21 09:34:10 -04:00
Sergey Skrobotov cf92007f66 Moving Account serialization logic to storage-specific classes 2023-07-20 14:28:07 -07:00
Jon Chambers f5c57e5741 Make `ContestedOptimisticLockException` extend `NoStackTraceRuntimeException` 2023-07-20 11:15:08 -04:00
Jon Chambers 5627209fdd
Add a gRPC service for working with pre-keys 2023-07-20 11:10:26 -04:00
Jonathan Klabunde Tomer 0188d314ce
minor username api refinements 2023-07-19 15:12:47 -07:00
Jonathan Klabunde Tomer 67343f6bdc
accept encrypted username with confirm-username-hash requests 2023-07-19 10:54:11 -07:00
Katherine Yen ade2e9c6cf
Define asynchronous `ProfilesManager` operations 2023-07-19 10:43:58 -07:00
Sergey Skrobotov 352e1b2249 test classes moved to same packages with components they test 2023-07-17 13:34:58 -07:00
Jon Chambers b8d8d349f4 Control inbound message byte limits with a dynamic configuration flag 2023-07-14 16:25:33 -04:00
Jon Chambers e87468fbe0 Add a rate limit for inbound message bytes for a given account 2023-07-14 16:25:33 -04:00
Jon Chambers e38a713ccc Support sub-millisecond permit regeneration durations in rate limiters 2023-07-14 16:25:33 -04:00
Jon Chambers 82ed783a2d Introduce async account updaters 2023-07-14 16:25:19 -04:00
Jon Chambers d17c7aaba6 Add support for clearing accounts from Redis asynchronously 2023-07-14 16:25:19 -04:00
Jon Chambers 41f61c66a3 Add public methods for fetching accounts asynchronously 2023-07-13 13:53:29 -04:00
Jon Chambers 1b7a20619e Add tools for testing asynchronous Redis operations 2023-07-13 13:53:29 -04:00
Jon Chambers 7d19e58953 Add parallel pathways for getting accounts asyncronously to `Accounts` 2023-07-13 13:53:29 -04:00
Jon Chambers 1605676509 Store signed EC pre-keys in a dedicated table when setting signed pre-keys individually 2023-07-12 14:58:10 -04:00
Jon Chambers a0d6146ff5 Make key deletion operations asynchronous 2023-07-12 14:58:10 -04:00
Jon Chambers f709b00be3 Make `KeysManager` storage/retrieval operations asynchronous 2023-07-12 14:58:10 -04:00
Jonathan Klabunde Tomer 5847300290
Revert "Allow use of the token returned with spam challenges as auth for the challenge verification request" 2023-07-12 11:45:02 -07:00
Jonathan Klabunde Tomer 9aaac0eefd
don't require all devices to support PNI for PNIHW 2023-07-12 10:14:16 -07:00
Jon Chambers 6db97f5541 Standardize client tag version handling; add client version tags to delivery latency metrics 2023-07-11 13:35:29 -04:00
Jon Chambers adf6c751ee Use an explicit-allow model for tagging client versions in metrics 2023-07-11 13:35:29 -04:00
Jon Chambers c315b34395 Update formatting in `UserAgentTagUtil` 2023-07-11 13:35:29 -04:00
Jon Chambers f592201e4c Limit attachment controller tags to UA platform (instead of platform and version) 2023-07-11 13:35:29 -04:00
Jon Chambers 8bf5ee45ed Filter out `command` tags from Lettuce metrics and prepend a "chat." prefix to Lettuce metric names 2023-07-11 13:35:03 -04:00
Jon Chambers 25f759dd07 Drop `ActiveUserTally` 2023-07-11 13:34:36 -04:00
Jonathan Klabunde Tomer e5f4c17148
update openapi docs for several endpoints, notably those with PQXDH changes
Co-authored-by: Katherine Yen <katherine@signal.org>
2023-07-06 15:45:33 -07:00
Jonathan Klabunde Tomer 098b177bd3
Allow use of the token returned with spam challenges as auth for the challenge verification request 2023-07-06 15:25:19 -07:00
Jon Chambers ef1a8fc50f Use PascalCase RPC names for the registration service 2023-07-06 17:12:37 -04:00
Jon Chambers 76f2e93a2c Reduce concurrency limit for pre-key migration task 2023-07-06 16:45:03 -04:00
Jon Chambers 25ea1df299 Limit concurrency when writing signed EC pre-keys 2023-07-06 15:51:12 -04:00
Chris Eager 5ced86af1d Set `consistentRead=true` for registration recovery password lookup
This avoids a race condition (in integration test situations) where a lookup could return no results
2023-07-06 15:47:16 -04:00
Jon Chambers 62e02a49df Log errors from single-shot account crawlers rather than printing them to stderr 2023-07-06 15:46:28 -04:00
Jon Chambers 540550d72a Handle exceptions thrown when checking pre-key signatures 2023-07-06 15:46:11 -04:00
Jon Chambers 8cb83fb6e4 Switch to temporary registration endpoints to facilitate a change from snake_case to PascalCase 2023-07-06 15:46:00 -04:00
Jon Chambers 2c0fc8fe3e Remove legacy methods from `RegistrationServiceClient` 2023-07-06 10:32:58 -04:00
Jon Chambers 08c7baafac Remove legacy registration endpoints from `AccountController` 2023-07-06 10:32:58 -04:00
Jon Chambers 8edb450d73 Parallelize single-shot account crawlers 2023-07-06 10:15:16 -04:00
ravi-signal fedeef4da5
Add an optional parameter to require atomic account creation
By default, if a registration request has no optional fields for atomic
account creation set, the request will proceed non-atomically. If a
client sets the `atomic` field, now such a request would be rejected.
2023-07-05 11:24:11 -05:00
Jon Chambers b593d49399 Control signed pre-key deletion via a dynamic configuration flag to facilitate migration 2023-07-05 12:17:17 -04:00
Chris Eager 4a91fc3c3d Set `daemon=true` for pubsub topology change event thread 2023-07-05 11:15:12 -05:00
Chris Eager bb9605d7c3 Use RedisClient#setDefaultTimeout for a non-clustered client 2023-07-05 11:09:28 -05:00
Jon Chambers 1049326a70 Turn on Lettuce latency metrics 2023-06-30 18:20:43 -04:00
Chris Eager 457ecf145f Add test for Redis timeouts 2023-06-30 12:55:37 -05:00
Chris Eager bdcd055aaf Configure Redis timeouts using TimeoutOptions and RediURI 2023-06-30 12:55:37 -05:00
Jon Chambers 30ae2037e8 Correct order of constructor arguments for `KeysManager` 2023-06-30 12:05:16 -04:00
Jon Chambers ce4fdbfb3c Untangle metric names for `RepeatedUseSignedPreKeyStore` subclasses 2023-06-30 10:33:24 -04:00
Jon Chambers 2d154eb0cf Add a command to copy signed pre-keys from `Account` records to their own table 2023-06-30 10:33:24 -04:00
Jon Chambers a3e82dfae8 Add a temporary method for storing signed EC pre-keys if and only if another key has not already been stored 2023-06-30 10:33:24 -04:00
Jon Chambers 97a7469432 Measure signed EC pre-key agreement 2023-06-30 10:33:24 -04:00
Jon Chambers 1a1defb055 Store signed EC pre-keys in a dedicated table 2023-06-30 10:33:24 -04:00
Jon Chambers 93c78b6e40 Introduce `RepeatedUseECSignedPreKeyStore` 2023-06-30 10:33:24 -04:00
Chris Eager b852d6681d FaultTolerantHttpClient: used managed ScheduledExecutorService for retries 2023-06-30 10:24:18 -04:00
Chris Eager 8e48ac4ede Add `messagesCache` and `clientPresenceManager` to managed command dependencies 2023-06-30 10:24:18 -04:00
Ehren Kret 859f646c55 Correct timestamp resolution to intended integer value 2023-06-29 16:05:59 -05:00
Chris Eager fb39b2edaf
Improve two `@Disabled` flaky tests 2023-06-29 14:56:41 -05:00
Chris Eager c93af9e31e Remove `MessagePersister` from WhisperServerService environment
Persistence is now exclusively done by a separate command.
2023-06-28 14:17:49 -05:00
Chris Eager b81a0e99d4 Always have 0 `ApnPushNotificationScheduler` worker threads in front-end service 2023-06-28 14:17:23 -05:00
Chris Eager f8fefe2e5e Remove `AccountCrawler` (and `doPeriodicWork`) from `WhisperServerService` 2023-06-28 14:16:07 -05:00
Jon Chambers f26bc70b59 Add a basic, prototype authentication interceptor for gRPC services 2023-06-27 10:21:11 -04:00
Jon Chambers b5fd131aba Add an abstract base class for single-shot account crawls 2023-06-27 10:18:35 -04:00
Jon Chambers 06997e19e0 Add a method for iterating across all accounts 2023-06-27 10:18:35 -04:00
Jon Chambers 97710540c0 Use `Timer.Sample` throughout `Experiment` 2023-06-27 10:18:20 -04:00
Jon Chambers c78c109577 Drop a disused endpoint for fetching the caller's own signed pre-key 2023-06-27 10:16:39 -04:00
Jonathan Klabunde Tomer 8d995e456e
initial grpc service code in chat 2023-06-26 17:10:13 -07:00
Ehren Kret cc3cab9c88 Add server time to remote config fetch
Enable clients to very roughly adjust some actions for clock skew by
providing current server time in the remote config fetch.
2023-06-21 17:11:35 -05:00
Jon Chambers 0122b410be Include push notification urgency in push latency metrics 2023-06-21 15:10:26 -04:00
Jon Chambers 2ddd2b9476 Convert `PushRecord` to a `record` and make `PushType` non-optional 2023-06-21 15:10:26 -04:00
Jon Chambers a768498250 Record general message delivery latency 2023-06-21 15:10:14 -04:00
Sergey Skrobotov a45aadae16 Cleaning up references to the legacy format from the rate limiters lua script 2023-06-21 15:09:46 -04:00
Sergey Skrobotov 25802432c2 adding a property to skip uploading to s3 during deploy task 2023-06-21 15:09:18 -04:00
Chris Eager 98578b18aa Update to dynamodb-lock-client 1.2.0 2023-06-21 15:08:40 -04:00
Chris Eager 6d81f69785 Start and stop all lifecycle-managed objects in `CrawlAccountsCommand` 2023-06-17 10:17:46 -05:00
Chris Eager 7dce183170 Add worker thread pool to PushFeedbackProcessor 2023-06-16 11:36:28 -05:00
Chris Eager f1962a03ef Parameterize worker thread count in CrawlAccountsCommand 2023-06-16 11:36:28 -05:00
Chris Eager befd336372 Remove static Remote Config auth tokens 2023-06-15 12:11:20 -05:00
Chris Eager 8501e61eb1 Set maxThreads = minThreads on command thread pools 2023-06-15 12:11:10 -05:00
Jon Chambers ae489e5a52 Log account ages when identity keys change 2023-06-15 13:10:35 -04:00
Chris Eager 13afdbda97
Report system resource metrics from background tasks 2023-06-14 16:48:23 -05:00
Jon Chambers 9cfd88a23f Move turn secret to static configuration 2023-06-14 10:47:17 -04:00
Jon Chambers 13456bad3a Update date math with JSR310 types 2023-06-14 10:47:17 -04:00
Jon Chambers 45be85c5ef Update formatting and resolve warnings/suggestions 2023-06-14 10:47:17 -04:00
Jonathan Klabunde Tomer 861dc0d021
reject message sends that have the same device more than once 2023-06-13 09:49:50 -07:00
Chris Eager 128d709c99
Additional counters and timers for WebSocket connections 2023-06-13 11:46:15 -05:00
Jon Chambers e8f01be8ef
Inject version bytes if missing from existing EC pre-keys 2023-06-09 11:41:51 -04:00
Jon Chambers 7f1ee015d1 Treat blank strings as null pre-keys 2023-06-09 10:39:16 -04:00
Jon Chambers 17aa5d8e74
Use strongly-typed pre-keys 2023-06-09 10:08:49 -04:00
Jon Chambers b27334b0ff Treat blank strings as null identity keys 2023-06-09 10:08:18 -04:00
Jon Chambers 7fc6b1e802 Count invalid pre-keys 2023-06-09 09:25:31 -04:00
Jon Chambers 8ec6a24a2d Fix a metric name/tag set 2023-06-08 12:34:27 -04:00
Jon Chambers 234707169e
Represent identity keys as `IdentityKey` instances 2023-06-08 11:36:58 -04:00
Jon Chambers 1c8443210a Check for missing version bytes in invalid identity keys 2023-06-08 09:56:21 -04:00
g1a55er aaf43a592f Replace reserved "notification" key with "newMessageAlert" 2023-06-08 09:53:31 -04:00
Jon Chambers 2b08742c0a
Create separate key stores for different kinds of pre-keys 2023-06-06 17:08:26 -04:00
Jon Chambers cac04146de Identify specific cases with invalid identity keys 2023-06-06 17:08:01 -04:00
ravi-signal 2b266c7beb
Validate registration ids for new accounts 2023-06-06 11:08:54 -04:00
Jonathan Klabunde Tomer 099932ae68 ApnPushNotifcationScheduler: always run worker thread at least once 2023-06-06 11:04:44 -04:00
Jon Chambers 8579babde6 Count instances where an account's identity key could not be interpreted as an `IdentityKey` 2023-06-06 11:01:25 -04:00
Jon Chambers 9c93d379a8 Fix a sneaky merge conflict 2023-06-05 12:38:35 -04:00
Jon Chambers 085c7a67c8
Refactor account locks/deleted account manager 2023-06-05 12:30:44 -04:00
Sergey Skrobotov e6917d8427 minor cleanup, docs, and integration tests for username API 2023-06-02 10:35:07 -07:00
Sergey Skrobotov 47cc7fd615 username links API 2023-06-02 10:26:14 -07:00
Jonathan Klabunde Tomer ecd207f0a1
Check structural validity of prekeys at upload time 2023-05-31 14:29:39 -07:00
Chris Eager 0ab66f2f14 Add `aws-java-sdk-sts` to dependencies 2023-05-31 14:57:48 -05:00
Chris Eager d1e38737ce Support ID token at `PUT /v1/config` and `DELETE /v1/config` 2023-05-30 10:28:28 -05:00
Chris Eager f17de58a71 Change `ScheduledApnPushNotificationSenderServiceCommand` to extend `ServerCommand` 2023-05-30 10:14:33 -05:00
Chris Eager dd552e8e8f Change `MessagePersisterServiceCommand` to extend `ServerCommand` 2023-05-30 10:14:33 -05:00
Chris Eager 18480e9d18 Move metrics registry `environment.manage()` to utility 2023-05-30 10:14:33 -05:00
Chris Eager 7ffccd9c3a Initialize metrics in `ScheduledApnPushNotificationSenderServiceCommand` 2023-05-26 16:41:17 -05:00
Chris Eager 0edd99e9cf Initialize metrics in `MessagePersisterServiceCommand` 2023-05-26 16:41:17 -05:00
Chris Eager defdc14d5e Initialize metrics in `CrawlAccountsCommand` 2023-05-26 16:41:17 -05:00
Chris Eager 5dcf8edd38 Factor metrics registry intialization to a utility 2023-05-26 16:41:17 -05:00
Jon Chambers 91805caa9a Finalize rate limit unit inversion 2023-05-26 14:17:30 -04:00
Jon Chambers 48d39dccbd Fix rate limit division errors 2023-05-26 13:13:02 -04:00
Chris Eager e7bc8bd6b9 Consistently use AWS credentials providers from `WhisperServerService` 2023-05-26 12:45:38 -04:00
Jon Chambers f513dc0398 Invert rate limit units in default configurations 2023-05-26 11:37:06 -04:00
Jon Chambers 184969336e Allow `RateLimiterConfig` to accept either a leak rate per minute or a permit regeneration duration 2023-05-26 11:37:06 -04:00
Chris Eager 1534f1aa6a Add web identity token AWS SDK credentials provider 2023-05-26 11:07:41 -04:00
Chris Eager cd8f74e60b Add support for environment-dependent secondary OAuth2 credentials JSON 2023-05-26 11:07:30 -04:00
Jon Chambers d832eaa759 Represent identity keys as byte arrays 2023-05-26 10:12:22 -04:00
Jon Chambers 796863341d Revert "Count identity keys that are present, but can't be parsed as base64"
This reverts commit 024dd02628a7d989424273501528b52fe18c3ee9.
2023-05-26 10:12:22 -04:00
Jon Chambers 217b68a1e0 Represent pre-key public keys and signatures as byte arrays in DAOs 2023-05-26 09:58:38 -04:00
Jon Chambers 4a8ad3103c Actually write pre-keys as byte arrays 2023-05-26 08:23:54 -04:00
Jon Chambers a5f853c67a Change inactive account age threshold from 365 to 180 days 2023-05-26 08:23:19 -04:00
Jon Chambers 70b54e227e Count the prevalence of keys stored as strings or as bytes 2023-05-25 10:04:38 -05:00
Jonathan Klabunde Tomer 1ab6bff54e
add `@Produces` annotations to a few methods in DeviceController 2023-05-25 09:57:06 -05:00
Chris Eager c2317e8493 Start the dynamic configuration manager in dependent commands 2023-05-25 09:52:01 -05:00
Jon Chambers b034a088b1 Add support for "atomic" device linking/activation 2023-05-19 16:13:37 -04:00
Jon Chambers ae7cb8036e Factor `DeviceActivationRequest` out into its own record 2023-05-19 16:13:37 -04:00
Jon Chambers 8ce2b04fe4 Discard test device codes 2023-05-19 15:57:14 -04:00
Chris Eager a3c37aed47 Remove obsolete field from `SecureValueRecovery2Configuration` 2023-05-19 15:57:01 -04:00
Jon Chambers fa8f19fd43 Group atomic account creation operations 2023-05-19 15:56:45 -04:00
Jon Chambers c9a9409b9a Count identity keys that are present, but can't be parsed as base64 2023-05-19 15:56:27 -04:00
Jon Chambers d3e0ba6d44 Prepare to read pre-keys stored as byte arrays 2023-05-19 15:56:13 -04:00
Jon Chambers 300ac16cf1 Handle "transport not allowed" responses from the registration service 2023-05-19 15:55:53 -04:00
Chris Eager 3e53884979 Add `MessagePersisterServiceCommand` 2023-05-18 15:37:54 -05:00
Chris Eager 6043c1a4e8 Add `ScheduledApnPushNotificationSenderServiceCommand` 2023-05-18 11:44:01 -05:00
Chris Eager 0d9fd043a4 Add container image build using Jib 2023-05-18 11:43:29 -05:00
Jon Chambers 66a619a378 Allow for atomic account creation and activation 2023-05-18 09:51:13 -04:00
Katherine Yen 9450f88c8c Add annotation to catch empty request body 2023-05-17 14:28:41 -07:00
Sergey Skrobotov 287e2fa89a Moving secret values out of the main configuration file 2023-05-17 11:25:59 -07:00
Chris Eager 8d1c26d07d
Add `CrawlAccountsCommand` 2023-05-17 12:22:49 -05:00
Jonathan Klabunde Tomer caae27c44c
PQXDH endpoints for chat server 2023-05-16 14:34:33 -07:00
Katherine Yen 34d77e73ff
Fix integer division in call link ratelimit leak rate 2023-05-16 14:34:06 -07:00
Ravi Khadiwala 8c42199baf Add svr2 credentials to RegistrationLockFailure responses
Add an svr2 credential to 423 responses for:
  - PUT v2/accounts/number
  - POST v1/registration

Also add some openapi annotations to those endpoints
2023-05-12 11:02:32 -05:00
Katherine Yen 7395b5760a Remove unused call link config 2023-05-12 11:01:42 -05:00
Jon Chambers d2baa8b8fb Stop sending API keys to the registration service 2023-05-10 15:28:12 -04:00
Chris Eager 281b91a59a Remove obsolete `ContactDiscoveryWriter` 2023-05-10 14:01:09 -05:00
Jon Chambers 2be2b4ff23 Authenticate with the registration service using OIDC identity tokens in addition to shared API keys 2023-05-10 14:59:07 -04:00
Jon Chambers a83fd1d3fe Include request method as a request counter dimension 2023-05-09 15:17:46 -05:00
Jon Chambers cb72e4f426 Simplify request counter 2023-05-09 15:17:46 -05:00
Chris Eager 3214852a41 Fix `401` on `/v1/keepalive` 2023-05-09 15:08:03 -05:00
Jon Chambers 1057bd7e1f Resolve warnings/suggestions throughout `ProfileControllerTest` 2023-05-09 10:32:32 -04:00
Jonathan Klabunde Tomer 33903553ab
reinstate per-{path,status,platform,is-websocket} request counters 2023-05-09 09:49:20 -04:00
Katherine Yen c309afc04b
Displace client presence when existing account reregisters 2023-05-05 11:31:18 -07:00
Katherine Yen 7ba86b40aa
Create call link credential endpoint 2023-05-04 14:33:45 -07:00
Katherine Yen b2b0aee4b7
Call link auth credential 2023-05-04 14:17:01 -07:00
Jon Chambers 919cc7e5eb
Update libsignal to 0.23 2023-05-04 14:10:51 -07:00
Jonathan Klabunde Tomer e38911b2c5
Always check prekey signatures when new prekeys are uploaded 2023-05-04 11:31:45 -07:00
Chris Eager bc68b67cdf account crawler: remove obsolete accelerated mode 2023-05-04 11:27:16 -05:00
Chris Eager 42a9f1b3e4 account crawler: remove `set*Dynamo` methods 2023-05-04 11:27:16 -05:00
ravi-signal 08333d5989
Implement /v2/backup/auth/check 2023-05-04 11:23:33 -05:00
Ravi Khadiwala 0e0c0c5dfe return 400 instead of 503 for bad verification session-id 2023-05-04 09:22:51 -07:00
Ravi Khadiwala 59ebe65643 Add counter to /v2/attachments 2023-05-04 09:22:18 -07:00
Chris Eager 57b6c10dd1 Remove obsolete dynamic configuration 2023-05-03 13:20:44 -05:00
Jon Chambers 3ee5ac4514 Fix a late-breaking merge conflict 2023-05-02 16:12:26 -04:00
Jonathan Klabunde Tomer be176f98ad
metric for take-prekey yielding an empty result 2023-05-02 13:03:49 -07:00
Jon Chambers 12b58a31a1
Retire integration with legacy contact discovery system 2023-05-02 15:57:03 -04:00
Jon Chambers 8d468d17e3 Add a temporary counter for profile key credential types 2023-05-02 15:56:19 -04:00
Chris Eager e135d50d82 Add counter for `ContactDiscoverWriter` updates 2023-05-01 13:42:14 -05:00
Chris Eager 487b5edc75 Handle potentially null payment method when canceling subscription 2023-05-01 13:42:05 -05:00
Jonathan Klabunde Tomer 47ad5779ad
new /v2/accounts endpoint to distribute PNI key material without changing phone number 2023-04-21 12:20:57 -07:00
Katherine Yen 4fb89360ce
Allow registration via recovery password for reglock enabled accounts 2023-04-20 09:21:04 -07:00
Jon Chambers 6dfdbeb7bb Check for no-op APNs token changes 2023-04-19 17:01:01 -04:00
Jon Chambers d0ccbd5526 Simplify a check for no-op FCM token changes 2023-04-19 17:01:01 -04:00
Jon Chambers 031ee57371 Convert "set push token" request objects to records 2023-04-19 17:01:01 -04:00
Jon Chambers 2043678739 Remove the `removeSignalingKey` API endpoint 2023-04-19 17:00:47 -04:00
Jon Chambers dd27e3b0c8 Convert attachment descriptors to records 2023-04-19 17:00:34 -04:00
Jon Chambers 1083d8bde0 Remove the legacy group credential endpoint 2023-04-19 17:00:14 -04:00
Jon Chambers d1eb247d8c Clarify the purpose of an `addListener` method 2023-04-18 12:04:54 -04:00
Jon Chambers fd5e9ea016 Drop the old (and now unused!) `redis-dispatch` module 2023-04-18 12:04:54 -04:00
Jon Chambers 11829d1f9f Refactor provisioning plumbing to use Lettuce 2023-04-18 12:04:54 -04:00
Katherine Yen c485d317fb
Mock apnPushNotificationScheduler 2023-04-17 10:55:15 -07:00
Katherine Yen 350682b83a
Lock account and send notification when someone passes phone verification but fails reglock 2023-04-17 10:30:36 -07:00
ravi-signal 0fe6485038
Add a configuration to make rate limiters fail open 2023-04-14 13:08:14 -05:00
Sergey Skrobotov a553093046 integration tests initial setup 2023-04-13 11:12:34 -07:00
Katherine Yen 61af1ba029
Clean up prohibited username references 2023-04-10 15:21:02 -07:00
ravi-signal 8847cb92ac
Don't block when scheduling background apns pushes 2023-04-10 13:51:36 -05:00
Chris Eager 33a6577b6e Decrease message delivery executor thread count to 20 2023-04-07 10:56:23 -05:00
Chris Eager 23d5006f70 Add prefix to executor metric names 2023-04-05 09:51:53 -05:00
Chris Eager 2697872bdd Use Apache StringUtils#join 2023-04-05 09:51:30 -05:00
Ravi Khadiwala 7b331edcde Separate username and signature truncation fields 2023-04-05 09:51:00 -05:00
Katherine Yen e4da59c236
Generic credential auth endpoint for call links 2023-04-04 10:28:35 -07:00
Jonathan Klabunde Tomer 48ebafa4e0
DynamoDBExtension refactor and helpers for our schema (#1327)
There's a lot of boilerplate involved in setting up a DynamoDBExtension, and some tests were creating several extensions
rather than one with several tables, which is probably slower than it has to be.

This change adds a new DynamoDbExtensionSchema class in which we can define the Dynamo schema for tests, and refactors
DynamoDbExtension to make it easy to instantiate a single extension with all the tables one wants (and no more, both to
minimize test startup time and to ensure we explicitly test our dependencies and lack thereof).

Tests requiring a DynamoDbExtension with a table schema that's not part of the normal Signal schema can instantiate a
DynamoDbExtension.RawSchema instead.

Test timings are unaffected, at least on my machine. Before:
```[INFO] service ............................................ SUCCESS [01:18 min]```

After:
```[INFO] service ............................................ SUCCESS [01:18 min]```

Co-authored-by: Jonathan Klabunde Tomer <jkt@viola.signal.org>
2023-04-03 13:08:43 -07:00
Jonathan Klabunde Tomer 391b070cff
KeysController: return correct number of unsigned prekeys
When GET /v2/keys was orignally added in b263f47, prekeys were stored in
Postgres, with a user's unsigned and signed keys together in the same table.
Therefore GET /v2/keys subtracted one from the count returned by storage.

In d4d9403, we changed to a different storage schema, with unsigned prekeys in
one DynamoDB table and unsigned prekeys in the accounts Dynamo table.
Unfortunately, GET /v2/keys was not changed to stop subtracting one from the
count of prekeys in the keys table at the same time. This commit fixes that.
2023-04-03 14:32:45 -04:00
gram-signal 781cd0ca3f
Truncate SVR2 IDs to 16 bytes rather than 10. 2023-03-30 17:19:18 -06:00