Commit Graph

2544 Commits

Author SHA1 Message Date
adel-signal 8f100a792e
calling: update TurnCallRouter to reduce returned options 2024-03-05 11:26:19 -08:00
Ravi Khadiwala 4e5dd914dd Add varargs variant to HmacUtil 2024-02-28 15:18:39 -06:00
ravi-signal 2adf1e5017
Avoid modification of Account from `@ReadOnly` endpoint 2024-02-28 15:18:12 -06:00
Jon Chambers d1d03f45c5 Resolve warnings throughout `AccountControllerTest` 2024-02-26 16:11:03 -05:00
Ravi Khadiwala 436bd891bd Don't register SpamFilter as a request filter 2024-02-26 09:33:36 -06:00
Chris Eager a7c28fe5ed Rename "name" tags to be more distinguishing 2024-02-26 09:32:50 -06:00
Chris Eager 60814d1ff0 Configure metrics registries earlier in background command setup 2024-02-26 09:32:01 -06:00
Jon Chambers d018efe2a5
Require non-null proofs in "confirm username hash" requests 2024-02-26 10:30:52 -05:00
Jon Chambers 6fd0cba06a Temporarily restore the `giftBadges` capability for backward compatibility 2024-02-26 10:30:29 -05:00
Katherine 12c6af23ee
Map TransactionConflict to ContestedOptimisticLockException in username flows 2024-02-23 14:06:03 -08:00
Ravi Khadiwala 69330f47fd Explicitly call spam-filter for verification session updates
Pass in the same information to the spam-filter, but just use explicit
method calls rather than jersey request filters.
2024-02-23 16:04:24 -06:00
Ravi Khadiwala 4f40c128bf Explicitly call spam-filter for challenges
Pass in the same information to the spam-filter, but just use explicit
method calls rather than jersey request filters.
2024-02-23 15:58:52 -06:00
Jon Chambers 30b5ad1515 Fix an incorrectly-named "check keys" method 2024-02-23 13:17:10 -05:00
adel-signal 665a26d164
update call routing to return ipv6 ips in RFC3986 format 2024-02-23 11:57:58 -05:00
Jon Chambers a5774bf6ff
Introduce a (dormant) Noise/WebSocket for future client/server communication 2024-02-23 11:42:42 -05:00
Jon Chambers d2716fe5cf Add an endpoint for checking that clients and the server have a common view of the client's repeated-use keys 2024-02-23 11:41:58 -05:00
Jon Chambers 279f877bf2 Validate pre-key signatures via the legacy "set signed pre-key" endpoint 2024-02-23 11:33:41 -05:00
Ravi Khadiwala df69d9f195 Annotate authenticated endpoints with `@ReadOnly` or `@Mutable` 2024-02-22 12:05:32 -06:00
Ravi Khadiwala 26ffa19f36 Lifecycle management for Account objects reused accross websocket requests 2024-02-22 12:05:32 -06:00
Jon Chambers 29ef3f0b41 Add tests and metrics for parsing invalid keys 2024-02-21 15:32:25 -05:00
Jon Chambers 106d5e54c7 Extract a common base class for public key serializers/deserializers 2024-02-21 15:32:25 -05:00
Jon Chambers 6ac2460eb0 Drop the "key without version byte" counter 2024-02-21 15:32:25 -05:00
Chris Eager c8d649e8c2 Update MetricsHttpChannelListener to share MetricsRequestEventListener namespace 2024-02-21 13:32:47 -06:00
Ravi Khadiwala 1fdf82dd6c Remove unused ChangePhoneNumberRequest object
Actual request object is ChangeNumberRequest
2024-02-21 13:32:27 -06:00
Jon Chambers 4aa4246695 Clear account records from the account cache after username operations 2024-02-20 12:11:29 -05:00
Chris Eager 1bebceb29c Actually fix flaky test in MetricsHttpChannelListenerIntegrationTest 2024-02-20 10:52:04 -06:00
Jon Chambers a2139ee236 Revert "Add diagnostic dimensions to the "get keys" counter"
This reverts commit cd64390141.
2024-02-18 20:14:05 -05:00
Jon Chambers 8c55f39cdf Revert "Use a phased enrollment strategy for the `pnp` compatibility flag"
This reverts commit 3e12a8780d.
2024-02-18 20:08:39 -05:00
Chris Eager 0329184c94 Fix flaky test in MetricsHttpChannelListenerIntegrationTest 2024-02-18 20:08:29 -05:00
Jon Chambers cd64390141 Add diagnostic dimensions to the "get keys" counter 2024-02-18 18:10:58 -05:00
Jon Chambers 3e12a8780d Use a phased enrollment strategy for the `pnp` compatibility flag 2024-02-18 17:59:00 -05:00
Jon Chambers 11e6ff1bbe Introduce a `pnp` capability for backward compatibility 2024-02-18 17:59:00 -05:00
Jon Chambers 36f85fc97e Fix an inverted boolean in a counter 2024-02-16 15:18:18 -05:00
Jon Chambers 9040cfd200 Count "store key" attempts by key type/platform 2024-02-16 13:09:55 -05:00
Jon Chambers 757da3b15a Fully-qualify OpenAPI `Tag`, allowing for imported Micrometer `Tag` 2024-02-16 13:09:55 -05:00
Jon Chambers d162590a32 Record a remote-aggregated distribution of one-time pre-key counts 2024-02-16 13:09:55 -05:00
Jon Chambers f41e1716c6 Combine/expand existing "get keys" counter 2024-02-16 13:09:55 -05:00
Jon Chambers 4dce0f1b9d Add identity type/"stale" dimensions to the "pre-key unavailable" counter 2024-02-16 13:09:55 -05:00
Jonathan Klabunde Tomer fef57dce0d
use explicit `Timer` rather than micrometer annotation for send-message latency distribution 2024-02-15 14:58:43 -08:00
Jon Chambers d884700b61 Significantly reduce default Redis command timeout 2024-02-15 17:57:17 -05:00
Jonathan Klabunde Tomer ff9ad4bd1d
export 1:1 message send latency as a full distribution 2024-02-15 10:33:02 -08:00
Chris Eager 9ce2b7555c Add static servlet paths to MetricsHttpChannelListener 2024-02-14 17:09:30 -06:00
Jon Chambers f90ccd3391 Count attempts to fetch a one-time EC pre-key that result in a "key unavailable" response 2024-02-14 18:04:31 -05:00
Jon Chambers 5ff092e541 Retire the `pni` device capability 2024-02-14 18:04:23 -05:00
Ravi Khadiwala dcdf401f64 Make DELETE /v1/device synchronous 2024-02-14 15:30:10 -05:00
Chris Eager e4fb80b39b Add onResponseFailure handler to MetricsHttpChannelListener 2024-02-14 13:43:23 -06:00
Chris Eager 9745854ab8 Switch MetricsHttpChannelListener to ContainerResponseFilter 2024-02-14 13:43:23 -06:00
Jon Chambers 7124621f66
Use pre-calculated pre-key counts when possible 2024-02-14 14:28:33 -05:00
Jon Chambers 47fd8f5793 Assume that all devices are PNI-capable 2024-02-14 14:27:48 -05:00
Jonathan Klabunde Tomer 40d698f2db Remove last vestiges of stale capabilities.
Not for deployment until 2024-02-06!
2024-02-14 14:23:05 -05:00
adel-signal 74abe98706
initialize call routing data syncs 2024-02-13 17:05:08 -08:00
Chris Eager 86787f3bc8 Start DynamicConfigurationManager directly after construction 2024-02-13 13:08:20 -06:00
Chris Eager 699b0c775a Add dynamic configuration to enable detailed Lettuce metrics 2024-02-13 10:33:43 -06:00
Chris Eager ff59ef8094 Add MetricHttpChannelListener 2024-02-13 10:29:03 -06:00
Jonathan Klabunde Tomer 089af7cc1f
correct metric name in MaxMindDatabaseManager timer 2024-02-09 13:37:39 -08:00
Jonathan Klabunde Tomer 1591a2d9a3 CallRoutingTableManager: fix crash on startup due to typo in metric naming 2024-02-09 12:27:51 -08:00
Jonathan Klabunde Tomer f7984ed642
CallDnsRecordsManager: fix crash on startup due to typo in metric naming 2024-02-09 12:14:50 -08:00
adel-signal d1f68eacd9
Add call routing API endpoint for turn servers 2024-02-09 11:12:23 -08:00
Jon Chambers 4f45f23094 Prevent old versions of the Android app from carrying out "change phone number" requests 2024-02-09 09:58:38 -05:00
Jon Chambers c5dc01ee11 Restore high-cardinality Lettuce metrics for debugging 2024-02-08 19:27:56 -05:00
Ravi Khadiwala 3b44ed6d16 Explicitly call spam-filter for messages
Pass in the same information to the spam-filter, but just use explicit
method calls rather than jersey request filters.
2024-02-07 14:30:32 -06:00
Chris Eager 0965ab8063 Move HeaderUtils#getMostRecentyProxy to RemoteAddressFilter 2024-02-07 14:28:37 -06:00
Fedor Indutny 24a7762873
Add `identityType` tag to `SENT_MESSAGE_COUNTER_NAME` 2024-02-06 17:39:00 -06:00
Chris Eager e441ab60a2 Add metric for IPv4/IPv6 requests count 2024-02-06 17:38:25 -06:00
Chris Eager 2ab14ca59e Refactor remote address/X-Forwarded-For handling 2024-02-05 13:37:06 -06:00
Chris Eager 4475d65780 Make Accounts#changeNumber exception handling more resilient to future changes 2024-02-01 15:14:15 -06:00
Ravi Khadiwala b1d10f5817 Add lifecycle management for AwsCrt for commands 2024-02-01 15:08:45 -06:00
Chris Eager c838df90ef Add HttpServletRequestUtil 2024-01-31 17:53:47 -06:00
Chris Eager fb39af67e5 Allow for more TransactWriteItems when inspecting TransactionCanceledException 2024-01-31 17:46:32 -06:00
Chris Eager 2d4d37f96a Translate TransactionCanceledException to ContestedOptimisticLockException in Accounts#changeNumber 2024-01-31 17:27:16 -06:00
Jon Chambers 26adf20ee8 Make "fetch profile" endpoints `@ManagedAsync` 2024-01-31 14:38:50 -06:00
Jon Chambers 72668ed0a2 Make "send individual message" endpoint `@ManagedAsync` 2024-01-31 14:38:50 -06:00
Ravi Khadiwala 50f1ed7851 Add a virtual-thread backed `@ManagedAsyncExecutor` 2024-01-31 14:38:50 -06:00
ravi-signal cf8f2a3463
remove synchronized locks that may be held while blocking 2024-01-31 14:29:15 -06:00
ravi-signal b483159b3a
reintroduce VirtualThreadPinEventMonitor 2024-01-31 14:28:12 -06:00
ravi-signal 480abebf7e
Offload account lock updates to accountLockExecutor 2024-01-31 14:27:16 -06:00
Ravi Khadiwala b924dea045 Remove VirtualThreadPinEventMonitor 2024-01-30 13:49:39 -06:00
Ravi Khadiwala 2c1e7e5ed6 Disable flaky VirtualThreadPinEventMonitorTest 2024-01-30 13:29:58 -06:00
Ravi Khadiwala 4dfd74906c Add timeouts to VirtualThreadPinEventMonitorTest 2024-01-30 13:10:43 -06:00
Chris Eager c80225a18c Remove `NoneHealthResponder` 2024-01-30 12:51:43 -06:00
ravi-signal 0e6242373e
Add a monitor for virtual thread pin events 2024-01-30 12:48:07 -06:00
ravi-signal 4305db5579
Update to aws sdk 2.23.8 and use AwsCrtHttpClient 2024-01-30 12:46:27 -06:00
ravi-signal 36e7772f74
Put some validation on to profile version strings
Co-authored-by: Jon Chambers <63609320+jon-signal@users.noreply.github.com>
2024-01-26 15:24:38 -06:00
Chris Eager ca05df5172 Revert "Add support for secondary credentials for registration service"
This reverts commit 4b8fc2950f.
2024-01-26 11:42:35 -06:00
Chris Eager 422e8e6f3e Remove CommandStopListener 2024-01-26 11:31:04 -06:00
Jon Chambers 852b285d84 Configure and instantiate a `ClientPublicKeys` data store/manager 2024-01-26 10:29:59 -05:00
Jon Chambers 6c13193623 Add a data store for client public keys for transport-level authentication/encryption 2024-01-26 10:29:59 -05:00
Ravi Khadiwala 6bda9d8604 Set destination account on the request context 2024-01-25 13:02:28 -06:00
Ravi Khadiwala 1428ca73de Make identity token fetcher more async friendly
After the identity token expires a subsequent call would do a blocking
operation to retrieve the new token. Since we're making use of an async
gRPC client, this tends to block a thread we don't want to be blocking
on.

Instead, switch to periodically refreshing the token on a dedicated
thread.
2024-01-25 13:01:21 -06:00
Katherine 498ace0488
Remove iOS special case handling logic for SEPA/iDEAL 2024-01-25 10:52:17 -08:00
Chris Eager 4b8fc2950f Add support for secondary credentials for registration service 2024-01-24 13:52:23 -06:00
Jon Chambers 595cc55578 Retire the `returnPqKey` flag when fetching pre-keys 2024-01-23 16:01:40 -05:00
Ravi Khadiwala 91b0c368b4 Remove unused table configuration parameter 2024-01-23 14:48:52 -06:00
Jonathan Klabunde Tomer 21d0ffc990
Allow "reserving" one's own committed username hash 2024-01-23 12:44:55 -08:00
Chris Eager 55b9d84956 Add `host` to `DogstatsdConfiguration` 2024-01-22 15:59:52 -06:00
Chris Eager ffdb0db6c6 Migrate from `host` tag to `dd.internal.entity_id` 2024-01-22 15:59:52 -06:00
Chris Eager a5ed07a666 Support environment variable substitution in configuration 2024-01-22 11:25:18 -06:00
Chris Eager da02c90bad Remove AWS instance profile credentials provider 2024-01-22 11:24:03 -06:00
Ravi Khadiwala 3820a231ec Strictly enforce ACI service identifier strings have no prefix 2024-01-22 11:23:33 -06:00
Dimitris Apostolou 408b065b9e Fix typos 2024-01-20 12:40:08 -05:00
hduelme 238ab84749 use StandardCharsets UTF_8 instead of String 2024-01-20 12:39:43 -05:00
Ravi Khadiwala f5080f9bd6 Support configurable verification code sender overrides 2024-01-19 13:58:17 -06:00
Ravi Khadiwala db4aa99ce0 Make the ServiceIdentifier interface sealed 2024-01-19 13:57:20 -06:00
ravi-signal 70134507f8
Add metric for ServiceId string parsing 2024-01-19 13:56:47 -06:00
Ravi Khadiwala 360a4793ae Remove global lock in RateLimitChallengeManager 2024-01-19 13:56:09 -06:00
Jon Chambers 47bfb25f2c Retire a now-unused transacational update method for accounts 2024-01-18 16:40:21 -05:00
Jon Chambers b048b0bf65 Remove signed pre-keys from `Device` entities 2024-01-18 12:13:00 -05:00
Jonathan Klabunde Tomer 394f9929ad
limit size of multi-recipient messages 2024-01-11 16:31:37 -08:00
ravi-signal bf39be3320
Add Content-Type header for copy uploads 2024-01-11 14:59:35 -06:00
Chris Eager 4a2cbb9ec7 Stop timers on Flux termination 2024-01-11 14:57:31 -06:00
Ravi Khadiwala cc6cf8194f Add media deletion endpoint 2024-01-11 10:19:06 -06:00
Ravi Khadiwala e934ead85c Fix incorrect comparison in archive usage metric 2024-01-11 10:19:06 -06:00
Ravi Khadiwala 323bfd9a6e Remove some secondary keys from account cache
Remove e164, usernameHash, and usernameLink secondary mappings from the
accounts redis cache.
2024-01-11 10:10:32 -06:00
Jon Chambers bf05e47e26 Get accounts asynchronously when checking SVR credentials via gRPC 2024-01-11 11:09:49 -05:00
Jon Chambers d18f576239 Revert "Revert "Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys""
This reverts commit 3f9edfe597.
2024-01-10 11:22:10 -05:00
Jon Chambers 7d483c711a Revert "Revert "Retire "migrate signed pre-keys" configuration""
This reverts commit a024949311.
2024-01-10 11:22:10 -05:00
Jon Chambers 61256d49cd Revert "Revert "Retire the "migrate signed pre-keys" command""
This reverts commit f738bc97e7.
2024-01-10 11:22:10 -05:00
Jonathan Klabunde Tomer 184cdc0331
Remove two-stage check of username availability in reserve/confirm 2024-01-09 14:01:42 -08:00
Ravi Khadiwala ed972a0037 Fix archive listing directory prefix order 2024-01-09 16:01:11 -06:00
Ravi Khadiwala a62a6c1cb6 Change type of Cdn3StorageManagerConfiguration.clientSecret to SecretString 2024-01-08 16:06:54 -06:00
Ravi Khadiwala f66566aa17 Fix default configuratiton in MonitoredS3ObjectConfiguration 2024-01-08 14:52:14 -06:00
ravi-signal b6ecfc7131
Add archive listing 2024-01-08 13:54:57 -06:00
adel-signal 2b688b1a60
Refactor spam filter's S3MonitoredObject to server parent module.
Allows other parts of server to use S3MonitoredObjects.
2024-01-08 10:34:12 -08:00
Jon Chambers 3c64d9292f Revert "Expand the default max packet size for Dogstatsd"
This reverts commit 0f52d2e464.
2024-01-08 12:23:16 -05:00
Jon Chambers 0f52d2e464 Expand the default max packet size for Dogstatsd 2024-01-08 11:43:50 -05:00
Jonathan Klabunde Tomer 1e5fadc440
Allow reserving a hash previously reserved (but not committed) by the same user 2024-01-05 15:38:45 -08:00
Chris Eager f495ff483a
Update RemoveExpiredLinkedDevicesCommand to retry failures 2024-01-05 15:38:34 -08:00
Jonathan Klabunde Tomer d1a80cc880 fix build-breaking typo 2024-01-04 11:46:07 -08:00
Jonathan Klabunde Tomer e1ad25cee0
Group Send Credential support in chat 2024-01-04 11:38:57 -08:00
Chris Eager 195f23c347
Add `/v1/accounts` and `/v2/keys` to the WebSocket 2024-01-02 15:51:57 -06:00
Chris Eager ad6b99be6a Dispatch client presence operations after device deletion to a dedicated executor 2023-12-22 10:51:17 -06:00
Chris Eager b9dd9fc47d Reduce fan-out by processing a single stream of expired linked devices 2023-12-22 10:51:06 -06:00
Chris Eager 637792c6d4 Move `RemoveExpiredLinkedDevicesCommand` error handling for more accurate metrics 2023-12-21 16:06:41 -06:00
Jon Chambers 4d1bca2d97 Dispatch client presence operations after account deletion to a dedicated executor 2023-12-21 13:40:49 -05:00
Chris Eager f33a2eba50
Add buffer + shuffle and configurable concurrency to `RemoveExpiredLinkedDevicesCommand` 2023-12-21 11:14:02 -06:00
Jon Chambers 5d6bea5ec9 Clear Redis cache entries strictly after removing accounts from DynamoDB 2023-12-21 12:08:03 -05:00
Jon Chambers 057d1f07a8 Remove bulk "set repeated-use signed pre-keys" methods because they were only ever used for single devices 2023-12-21 12:07:42 -05:00
Jon Chambers 95bb9a9780 Log signed pre-key retrieval errors and mismatches 2023-12-20 14:55:12 -05:00
Chris Eager 06c391cbf6 Add counter for failed account updates to RemoveExpiredLinkedDevicesCommand 2023-12-20 13:51:28 -06:00
Chris Eager d90dff95b1 Move MeterRegistry#close calls to after the lifecycle has fully stopped 2023-12-20 13:51:16 -06:00
Ravi Khadiwala ca47a7b663 handle new RegistrationService proto error 2023-12-19 18:19:26 -06:00
Jonathan Klabunde Tomer 9d3d4a3698
Add phone-number-sharing field to versioned profile
Co-authored-by: Katherine <katherine@signal.org>
2023-12-19 11:20:04 -08:00
Chris Eager 3b509bf820 Add command to remove expired linked devices 2023-12-19 13:11:26 -06:00
Jon Chambers 5b7f91827a
Remove signed pre-keys transactionally when removing devices 2023-12-19 14:11:05 -05:00
Chris Eager 06800043a9 Set TLS keystore password in secondary persistent services 2023-12-15 13:39:58 -06:00
Chris Eager 3090de56b8 Set TLS keystore password from secrets configuration 2023-12-15 12:47:27 -06:00
Katherine a37acd1f42
Add ttl for braintree writes to onetime donation table 2023-12-15 13:37:35 -05:00
Jonathan Klabunde Tomer 43f17414ff
Make key-setting methods asynchronous again 2023-12-14 16:49:16 -08:00
Jon Chambers b259eea8ce
Refactor/clarify account creation/reclamation process 2023-12-14 16:48:57 -08:00
Katherine 9cfc2ba09a
Persist onetime donation payment success timestamps for Braintree transactions 2023-12-14 16:48:29 -08:00
Chris Eager bb347999ce
Propagate another subscription processor error to clients 2023-12-14 15:40:08 -05:00
Katherine 3548c3df15
Calculate onetime badge expiration from payment success timestamp 2023-12-14 15:39:46 -05:00
Jon Chambers 1167d0ac2e Make key-setting methods synchronous 2023-12-13 17:49:55 -05:00
Jon Chambers f738bc97e7 Revert "Retire the "migrate signed pre-keys" command"
This reverts commit c7cc3002d5.
2023-12-13 17:49:55 -05:00
Jon Chambers 3f9edfe597 Revert "Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys"
This reverts commit feb933b4df.
2023-12-13 17:49:55 -05:00
Jon Chambers a024949311 Revert "Retire "migrate signed pre-keys" configuration"
This reverts commit 44145073f1.
2023-12-13 17:49:55 -05:00
Jon Chambers 609c901867 Refactor key-fetching to be reactive 2023-12-13 12:46:48 -05:00
Jon Chambers 4ce060a963 Count wildcard "get keys" requests by platform 2023-12-13 12:46:48 -05:00
Jon Chambers c4ca0fee40 Synchronize access to `responseItems` when assembling a "get keys" response 2023-12-13 12:46:48 -05:00
Chris Eager 8d4acf0330 Remove `ForkJoinPool.managedBlock` in favor of async updates 2023-12-13 10:18:04 -05:00
Jon Chambers 28a981f29f Assume that all devices have signed pre-keys 2023-12-13 10:17:51 -05:00
Jon Chambers c29113d17a Reject requests with missing device capabilities 2023-12-12 11:37:44 -05:00
Katherine 951f978447
Use start of subscription period as fallback timestamp 2023-12-12 11:34:44 -05:00
Jon Chambers 07899f35bd Return `DeviceController#linkDevice` to synchronous processing 2023-12-12 11:34:23 -05:00
Katherine 3cbbf37468
Use payment success timestamp to calculate recurring donation badge expiration 2023-12-12 10:01:20 -05:00
Jon Chambers 6c7a3df5ae Retire non-atomic device-linking pathways 2023-12-12 09:53:51 -05:00
Jon Chambers 2054ab2771 Revert "Count requests with missing device capabilities"
This reverts commit 6cdf8ebd2c.
2023-12-12 09:53:51 -05:00
Jon Chambers 44145073f1 Retire "migrate signed pre-keys" configuration 2023-12-12 09:53:34 -05:00
Jon Chambers feb933b4df Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys 2023-12-11 11:39:54 -05:00
Jon Chambers c7cc3002d5 Retire the "migrate signed pre-keys" command 2023-12-11 11:07:00 -05:00
xiaolou86 049b901d63 Fix typos 2023-12-09 10:04:12 -05:00
Jon Chambers 3cf1b92dfc Do not set one-time pre-keys if the lists of new keys are empty 2023-12-08 14:03:08 -05:00
Jon Chambers 5b0fcbe854 Always expose sequential fluxes to account crawlers 2023-12-08 13:43:42 -05:00
Jon Chambers cca747a1f6 Treat transaction conflicts during transactional account updates as contested optimistic locks 2023-12-08 12:13:23 -05:00
Jon Chambers 417d99a17e Check story rate limits in parallel 2023-12-08 12:13:08 -05:00
Jon Chambers e9708b9259 Use random UUIDs throughout `MessageControllerTest` 2023-12-08 12:13:08 -05:00
Jon Chambers e5d3be16b0 Fetch destination accounts in parallel when sending multi-recipient messages 2023-12-08 12:13:08 -05:00
Jordan Rose 2ab3c97ee8
Replace MultiRecipientMessage parsing with libsignal's implementation
Co-authored-by: Jonathan Klabunde Tomer <jkt@signal.org>
2023-12-08 11:52:47 -05:00
Jon Chambers f20d3043d6
Process key migrations sequentially to better control concurrency 2023-12-07 21:42:49 -05:00
Jonathan Klabunde Tomer 4efda89358
multisend cleanup 2023-12-07 12:23:02 -08:00
Jon Chambers 1fb88271e5 Invalidate cache entries for accounts after successfully adding devices 2023-12-07 13:27:26 -05:00
Jon Chambers a843780f68 Add a (failing!) test for device-linking 2023-12-07 13:27:26 -05:00
Jon Chambers 5ad83da4e0 Remove the now-unused admin logger 2023-12-07 12:58:43 -05:00
Jon Chambers 50d92265ea
Add devices to accounts transactionally 2023-12-07 11:19:40 -05:00
Chris Eager e084a9f2b6 Remove PUT/DELETE methods from RemoteConfigController 2023-12-07 10:54:19 -05:00
Jon Chambers 664f9f36e1 Use padded base64 encoding for outbound device names 2023-12-07 10:53:56 -05:00
Jon Chambers 4c9efdb936 Revert "Revert "Represent device names as byte arrays""
This reverts commit 45848e7bfe.
2023-12-07 10:53:56 -05:00
Jon Chambers 45848e7bfe Revert "Represent device names as byte arrays"
This reverts commit 5ae2e5281a.
2023-12-06 17:05:04 -05:00
Ravi Khadiwala 4fa10e5783 Fix NPE in request metrics when a finished request is missing a response 2023-12-06 15:11:41 -05:00
Ravi Khadiwala fc0bc85f4d Add some extra request validation to `/v1/archives/keys` 2023-12-06 15:11:27 -05:00
Jon Chambers 5ae2e5281a Represent device names as byte arrays 2023-12-06 15:10:45 -05:00
Jon Chambers 34a943832a Align push notification types and delivery priorities 2023-12-06 12:40:16 -05:00
Jon Chambers db17693ba7 Revert "Temporarily make registration challenge notifications "noisy""
This reverts commit 9069c5abb6.
2023-12-06 12:40:16 -05:00
Jon Chambers 6cdf8ebd2c
Count requests with missing device capabilities 2023-12-06 10:40:50 -05:00
Ravi Khadiwala 072b470f46 Be more specific about encodings in /v1/archive docs 2023-12-06 10:40:20 -05:00
Ravi Khadiwala 78b2df2ecc Use long instead of int for epoch seconds 2023-12-06 10:40:06 -05:00
Jon Chambers 00e72a30c9 Assume all accounts have primary devices 2023-12-06 10:28:19 -05:00
Jon Chambers df421e0182
Update signed pre-keys in transactions 2023-12-05 14:20:16 -05:00
Jon Chambers ede9297139 Disallow identity key changes 2023-12-05 14:14:24 -05:00
Jon Chambers 85383fe581 Remove an unused "store keys" method 2023-12-05 14:14:24 -05:00
Jon Chambers 4cca7aa4bd Normalize identity types throughout `KeysController` 2023-12-05 14:14:24 -05:00
Jon Chambers e2037dea6c Rename `PreKeyState` to `SetKeysRequest` 2023-12-05 14:14:24 -05:00
Jon Chambers f10f772e94 Convert `PreKeyState` to a record 2023-12-05 14:14:24 -05:00
Jon Chambers 9ecfe15ac4 Use multiline strings for `PreKeyState` documentation 2023-12-05 14:14:24 -05:00
Jon Chambers 5f0726af8a
Perform cleanup operations before overwriting an existing account record 2023-12-05 12:18:09 -05:00
Ravi Khadiwala 331bbdd4e6 replace deprecated apache RandomUtils 2023-12-05 10:48:18 -06:00
Jon Chambers 37e3bcfc3e Move "remove device" logic into `AccountsManager` 2023-12-05 11:44:58 -05:00
Jon Chambers 4f42c10d60 Disallow sync messages to PNIs 2023-12-05 11:44:27 -05:00
Jonathan Klabunde Tomer 20392a567b Revert "multisend cleanup"
This reverts commit c03249b411.
2023-12-01 14:39:31 -08:00
Jonathan Klabunde Tomer c03249b411
multisend cleanup 2023-11-30 15:50:36 -08:00
gram-signal 22e6584402
Add auth controller for SVR3 to /v3/backup. 2023-11-30 15:50:21 -08:00
Jon Chambers aa23a5422a Don't modify registration IDs from the "set account attributes" endpoint 2023-11-29 16:56:47 -05:00
Jon Chambers 01fde4f9ca Require PNI-associated registration IDs for new devices 2023-11-29 16:56:47 -05:00
Jon Chambers 3980dec123 Revert "Add metrics to check presence of PNI-associated registration IDs"
This reverts commit 1da3f96d10.
2023-11-29 16:56:47 -05:00
Jon Chambers c97f837f45 Revert "Instrument registration ID changes via the "set account attributes" endpoint"
This reverts commit 8fbc1dac74.
2023-11-29 16:56:47 -05:00
Chris Eager 9c54d2407b Update tests 2023-11-29 15:48:24 -06:00
Chris Eager a027c4ce1f Conditionally use `request.remoteAddr` instead of `X-Forwarded-For` 2023-11-29 15:48:24 -06:00
Chris Eager b1fd025ea6 Use EpochSecondSerializer for UserRemoteConfigList.serverEpochTime 2023-11-29 15:47:10 -06:00
Jonathan Klabunde Tomer a05a230085
use Account-specific json serializer when reserving username hash 2023-11-29 13:40:06 -08:00
Jon Chambers 8fbc1dac74 Instrument registration ID changes via the "set account attributes" endpoint 2023-11-29 10:26:41 -05:00
Katherine f46842c6c9
Validate registration IDs 2023-11-28 15:43:35 -08:00
ravi-signal 202dd8e92d
Add copy endpoint to ArchiveController
Co-authored-by: Jonathan Klabunde Tomer <125505367+jkt-signal@users.noreply.github.com>
Co-authored-by: Chris Eager <79161849+eager-signal@users.noreply.github.com>
2023-11-28 11:45:41 -06:00
Jon Chambers 1da3f96d10 Add metrics to check presence of PNI-associated registration IDs 2023-11-28 12:26:15 -05:00
Chris Eager 5f6fe4d670 Add `NoneHealthResponder` to replace default responder 2023-11-27 14:38:47 -06:00
Chris Eager a74438d1ee Add test for concurrent in-flight outbound messages on WebSocket queue processing
This also elevates the implicit default concurrency (via reactor’s `Queues.SMALL_BUFFER_SIZE`) to be explicit.
2023-11-27 14:37:46 -06:00
Jon Chambers c8033f875d Create accounts transactionally 2023-11-27 09:57:43 -05:00
Jon Chambers 07c04006df Avoid blocking calls in async account updates 2023-11-27 09:57:43 -05:00
Jon Chambers 521900c048 Always require atomic account creation 2023-11-27 09:52:57 -05:00
Jon Chambers 9069c5abb6 Temporarily make registration challenge notifications "noisy" 2023-11-22 10:25:59 -05:00
Jon Chambers ff7a5f471b Always use "conserve power" priority for challenge notifications 2023-11-21 17:58:32 -05:00
Ravi Khadiwala 42a47406cc Fix platform tag for push challenge metric 2023-11-21 17:57:32 -05:00
Katherine de10b6de7b
Add metric to count invalid registration ID when setting account attributes 2023-11-20 14:25:27 -08:00
Chris Eager d6ade0e1ac Send HTTP 408 on idle timeout 2023-11-20 16:24:54 -06:00
Jonathan Klabunde Tomer cb1fc734c2
report exceptions in fanned-out sends of multi-recipient messages 2023-11-20 10:46:26 -08:00
Katherine Yen db7f18aae7 Add missing boolean parameter to `getSubscriptionStatus` method call 2023-11-16 19:28:10 -05:00
Katherine 7fbc327591
For Braintree, return `active` subscription status if latest transaction also succeeded 2023-11-16 19:15:46 -05:00
Chris Eager 84b56ae1b2
Upgrade to dropwizard 3.0 2023-11-16 17:57:48 -06:00
Katherine 041aa8639a
Enforce story ratelimit 2023-11-16 12:36:43 -05:00
Katherine 216ac72ad0
Use Braintree subscription status alongside transaction status to determine 204 and 402 responses for `/v1/subscription/{subscriberId}/receipt_credentials` 2023-11-16 12:36:19 -05:00
Jon Chambers c85ddaeb9c
Make DynamoDB client connection pool sizes configurable 2023-11-16 12:29:43 -05:00
Jonathan Klabunde Tomer 8f7bae54fe
When persisting messages fails due to a full queue in DynamoDB, automatically unlink one device to free up room.
Co-authored-by: Chris Eager <79161849+eager-signal@users.noreply.github.com>
2023-11-15 17:15:17 -08:00
Jon Chambers ce60f13320
Don't track IPv4/IPv6 metrics at the application level
We can measure this at the infrastructure level without observing IPs directly.
2023-11-15 17:18:54 -05:00
Jon Chambers 1ac0140666 Remove a couple of now-unused variables 2023-11-15 17:12:08 -05:00
Jon Chambers 6cc8b147a9 Remove unused `X-Forwarded-For` parameters 2023-11-15 17:09:47 -05:00
Jonathan Klabunde Tomer 7764185c57
return explicit Response rather than Void from async controllers with no expected body content 2023-11-14 21:57:25 -08:00
Katherine d4ef2adf0a
Remove low priority attempt login notification workaround for old iOS clients 2023-11-13 12:06:55 -05:00
Jonathan Klabunde Tomer a83378a44e
add an option to replace username ciphertext without rotating the link handle 2023-11-13 09:01:54 -08:00
ravi-signal a4a4204762
Allow re-registered accounts to reclaim their usernames 2023-11-13 10:41:23 -06:00
Jon Chambers acd1140ef6 Make registration challenge APNs payloads "silent" 2023-11-13 08:39:58 -08:00
Jon Chambers fbf71c93ff Make rate limit challenge APNs payloads "silent" 2023-11-13 08:39:58 -08:00
Katherine 38bc0c466a
Change `sepaMaximumEuros` field to number in JSON response 2023-11-10 10:16:03 -08:00
Katherine 71e4351743
Add `sepaMaximumEuros` field to subscription configuration 2023-11-10 09:13:51 -08:00
Katherine 387e4b94b4
Expand charge object on Stripe subscription to surface charge failure information 2023-11-10 09:12:59 -08:00
Katherine 201c76b861
Add charge failure details to `/v1/subscription/{subscriberId}/receipt_credentials` 402 response 2023-11-08 10:54:14 -08:00
Sergey Skrobotov db63ff6b88 gRPC validations 2023-11-03 11:30:48 -07:00
Katherine 115431a486
Un-hardcode payment activation flag 2023-11-03 11:27:34 -07:00
Jonathan Klabunde Tomer d47ff9b7c7
don't make empty transactions 2023-11-02 16:20:19 -07:00
Chris Eager 2bc4412d66 Encapsulate device ID in ProvisioningAddress 2023-11-02 11:48:10 -05:00
Chris Eager 6a428b4da9 Convert Device.id from `long` to `byte` 2023-11-02 11:48:10 -05:00
Jonathan Klabunde Tomer 7299067829
Don't attempt to update PNI PQ prekeys for disabled devices 2023-11-01 16:55:55 -07:00
Chris Eager 570aa4b9e2 Remove several unused classes 2023-11-01 15:46:10 -05:00
Ravi Khadiwala 6b38b538f1 Add ArchiveController
Adds endpoints for creating and managing backup objects with ZK
anonymous credentials.
2023-10-30 14:02:19 -05:00
Chris Eager ba139dddd8 Use all devices when checking limit 2023-10-30 12:40:06 -05:00
Chris Eager 0f5c62ade5 Set max threads = min threads on command executor services 2023-10-27 09:26:32 -05:00
Jon Chambers 54bc3bce96
Add an authentication-required gRPC service for working with accounts 2023-10-25 14:47:20 -04:00
Jon Chambers 3d92e5b8a9
Explicitly stop and start managed dependencies 2023-10-24 16:50:02 -04:00
Jon Chambers e4de6bf4a7
Only update devices that aren't already disabled 2023-10-24 15:29:03 -04:00
Katherine Yen 6f166425fe Fix bank mandate test 2023-10-20 16:19:31 -04:00
Chris Eager cf2353bcf9 Remove InstrumentedExecutorService wrapping 2023-10-20 15:14:35 -05:00
Jon Chambers 744eb58071 Discard old chunk-based account crawler machinery 2023-10-20 16:09:17 -04:00
Jon Chambers 9d47a6f41f Introduce a reactive push notification feedback processor 2023-10-20 16:09:17 -04:00
Jonathan Klabunde Tomer fd19299ae0
Accept a captcha score threshold for challenges from the spam filter 2023-10-20 09:09:22 -07:00
Jon Chambers 9c053e20da Drop `Util#isEmpty`/`Util#nonEmpty` in favor of `StringUtils` 2023-10-20 12:04:15 -04:00
Jon Chambers 19d7b5c65d Drop `Util#wait` 2023-10-20 12:04:15 -04:00
Jon Chambers 7b9d8829da Remove entirely unused `Util` methods 2023-10-20 12:04:15 -04:00
Jon Chambers f0ab52eb5d Rename "master device" to "primary device" 2023-10-20 10:52:13 -04:00
Jon Chambers e8cebad27e Avoid modifying original `Account` instances when constructing JSON for updates 2023-10-20 10:51:50 -04:00
Jon Chambers 6441d5838d Clear username links in the same transaction when clearing username hashes 2023-10-20 10:51:50 -04:00
Jon Chambers ac0c8b1e9a Introduce a canonical constant for UAK length 2023-10-20 10:50:44 -04:00
Katherine 8ec062fbef
Define an endpoint to set the default payment method for iDEAL subscriptions 2023-10-19 10:29:40 -07:00
Katherine 5990a100db
Add charge failure details to `/v1/subscription/boost/receipt_credential` 402 response 2023-10-19 10:21:26 -07:00
Jon Chambers bc35278684 Drop the old `AccountCleaner` 2023-10-19 10:34:24 -04:00
Jon Chambers c3c7329ebb Add a single-shot command for removing expired accounts 2023-10-19 10:34:24 -04:00
Jon Chambers 6fd1c84126 Make command namespace available to subclasses 2023-10-19 10:34:24 -04:00
Jon Chambers 0100f0fcc9 Migrate a username links test from `AccountsTest` to `AccountsManagerUsernameIntegrationTest` 2023-10-18 10:20:48 -04:00
Jon Chambers 0cdc32cf65 Really REALLY fix instrumentation for re-registration of recently-deleted accounts 2023-10-18 10:15:03 -04:00
Jon Chambers 601e9eebbd Implement an anonymous account service for looking up accounts 2023-10-18 10:14:52 -04:00
Jon Chambers eaa868cf06 Add a remote address interceptor to base gRPC tests 2023-10-18 10:14:52 -04:00
Jon Chambers f55504c665 Add utility methods for rate-limiting by remote address 2023-10-18 10:14:52 -04:00
Katherine Yen b2ff016cc1 Add back story ratelimiter with counter but do not enforce 2023-10-17 12:22:17 -04:00
Jon Chambers 33b4f17945
Make username-related operations asynchronous 2023-10-17 12:21:52 -04:00
Jon Chambers e310a3560b Remove unused configuration for the legacy Secure Backup Service 2023-10-17 12:21:14 -04:00
Jon Chambers 162b27323e Fix instrumentation for re-registration of recently-deleted accounts 2023-10-17 12:20:58 -04:00
Jon Chambers ae976ef8d6 Retire legacy Secure Value Recovery plumbing 2023-10-13 15:32:41 -04:00
Katherine c6b4e2b71d
Support iDEAL 2023-10-12 09:54:05 -07:00
Jon Chambers 33c8bbd0ce Trim stale capabilities from the profiles gRPC service 2023-10-12 12:52:32 -04:00
Jon Chambers f2a3b8dba4 Treat APNs team/key IDs as secrets so they can change atomically with the key itself 2023-10-12 12:52:13 -04:00
Katherine 207ae6129b
Add `paymentMethod` and `paymentProcessing` fields to `GET /v1/subscription/{subscriberId}` endpoint 2023-10-10 09:56:50 -07:00
Katherine e1aa734c40
Define endpoint to get localized bank mandate text 2023-10-05 09:53:33 -07:00
Jon Chambers bb7e0528c4
Make account deletion an asynchronous operation 2023-10-04 10:44:50 -04:00
Jonathan Klabunde Tomer 010eadcd10
UnlinkDeviceCommand improvements 2023-10-03 15:14:02 -07:00
Katherine c43e0b54f2
Exclude `SEPA_DEBIT` as a supported payment method for certain iOS client versions 2023-10-03 11:34:52 -07:00
Chris Eager 6522b74e20 Remove obsolete metrics 2023-10-03 11:42:25 -05:00
Chris Eager 8c7975d89a Clear presence only if the connection’s displacement listener is still present 2023-10-03 11:42:25 -05:00
Chris Eager 407070c9fc Unsubscribe from keyspace notifications only if queue still maps to the listener 2023-10-03 11:42:25 -05:00
Katherine 7821a3cd61
Accommodate PayPal with SEPA changes 2023-09-28 10:28:17 -07:00
Katherine a00c2fcfdb
Support SEPA 2023-09-28 08:26:01 -07:00
Jonathan Klabunde Tomer 9cd21d1326
count ItemCollectionSizeLimitExceededExceptions persisting messages 2023-09-27 10:58:28 -07:00
Jonathan Klabunde Tomer aaba95f9b8
return `null` for empty username hash in AccountIdentityResponse 2023-09-27 10:58:04 -07:00
Chris Eager 8d1135a2a3 Refine `RegistrationController` logic
Local device transfer on iOS uses the `409` status code to prompt the
transfer UI. This needs to happen before sending a `423` and locking
an existing account, since the device transfer
includes the local device database verbatim.
2023-09-25 15:54:31 -05:00
Jon Chambers f9fabbedce Convert `SubscriptionController` request/response entities to records 2023-09-25 12:32:49 -07:00
Chris Eager 16012e6ffe Remove obsolete `ManagedPeriodicWork` 2023-09-25 12:15:17 -07:00
Jon Chambers d10a132b0c Remove unused methods in `SubscriptionController` 2023-09-25 12:14:56 -07:00
Sergey Skrobotov 0b3af7d824 gRPC API for external services credentials service 2023-09-25 12:14:49 -07:00
Sergey Skrobotov d0fdae3df7 Enable header-based auth for WebSocket connections 2023-09-25 12:14:40 -07:00
Chris Eager 0e989419c6 Add metric for late removal of message availability and displacement listeners 2023-09-19 12:04:24 -05:00
ravi-signal 0fa8276d2d
retry hCaptcha errors
Co-authored-by: Jon Chambers <63609320+jon-signal@users.noreply.github.com>
2023-09-14 16:07:35 -05:00
Ravi Khadiwala b594986241 Set an idle timeout on registration gRPC client 2023-09-14 16:06:49 -05:00
Sergey Skrobotov 9f3ffa3707 gRPC API for payments service 2023-09-14 11:12:00 -07:00
Jonathan Klabunde Tomer 8e598c19dc
don't attempt to update KEM prekeys if we have no PQ-enabled devices 2023-09-14 11:11:22 -07:00
Katherine 2601d6e906
Convert some fields on `CreateProfileRequest` and `VersionedProfileResponse` to byte arrays 2023-09-13 14:00:03 -07:00
Jon Chambers f0544fab89 Update recently-deleted accounts table transactionally as part of account mutations 2023-09-13 16:02:19 -04:00
Jon Chambers 1b9bf01ab1 Absorb `DeletedAccounts` into `Accounts` 2023-09-13 16:02:19 -04:00
Katherine cbc3887226
Define identity key check endpoint in keys anonymous service 2023-09-11 11:57:00 -07:00
Jon Chambers 2b764c2abd Don't allow callers to unlink their primary device 2023-09-11 14:29:48 -04:00
Jon Chambers 845fc338d7 Add a (failing) test for removing primary devices from accounts 2023-09-11 14:29:48 -04:00
Sergey Skrobotov 977243ebfd DRY gRPC tests, refactor error mapping 2023-09-08 17:12:08 -07:00
Chris Eager 29ca544c95 Revert "Set `suppressCancel=true` in `Mono.fromFuture`"
This reverts commit 8348263fab.
2023-09-07 17:03:33 -05:00
Ravi Khadiwala 94b41d3a2c Fixup default rate limits
A previous refactor left the default rate limits off by a factor of 60.
2023-09-07 16:07:42 -05:00
Chris Eager 92bb783cbb Use static exception instance when a connection is closed 2023-09-07 16:06:16 -05:00
Chris Eager 8348263fab Set `suppressCancel=true` in `Mono.fromFuture` 2023-09-07 16:06:03 -05:00
Ravi Khadiwala 5934b7344a Remove unused captcha configuration 2023-09-07 11:16:32 -05:00
Chris Eager a9a2e40fed Move `onErrorResume` to individual `sendMessage` `Mono` 2023-09-07 11:15:57 -05:00
Chris Eager 656326355a Invert `String.equals()` to prevent `NullPointerException` 2023-09-07 11:14:36 -05:00
Chris Eager b89e2e5355 Propagate certain subscription processor errors to client responses 2023-09-06 15:57:14 -05:00
Chris Eager 2d187abf13 Handle WebSocket sendMessage errors with onErrorResume 2023-09-06 15:53:01 -05:00
Chris Eager ecd6b0174a Add timeouts to crawl chunk `join()`s 2023-08-31 15:03:19 -05:00
Chris Eager a1e534a515 Add default request timeout to FaultTolerantHttpClient 2023-08-31 15:03:19 -05:00
Sergey Skrobotov ebbe19ba63
Add missing copyright headers and reorder some imports 2023-08-30 16:07:53 -07:00
Katherine Yen 6a37b73463
Profile gRPC: Define `getExpiringProfileKeyCredential` endpoint 2023-08-30 14:56:43 -07:00
Katherine Yen dd18fcaea2
Profile gRPC: Define `getVersionedProfile` endpoint 2023-08-30 14:47:11 -07:00
Katherine Yen 5afc058f90
Profile gRPC: Define `getUnversionedProfile` endpoint 2023-08-30 14:24:43 -07:00
Jon Chambers 5e221fa9a3
Tests for validation of Kyber keys on PNI change/key distribution events
Co-authored-by: Jonathan Klabunde Tomer <jkt@signal.org>
2023-08-30 14:07:33 -07:00
Jon Chambers 0e0cb4d422 Drop the non-normalized account crawler 2023-08-30 13:55:41 -04:00
Jonathan Klabunde Tomer 9577d552c6
pass challenge type to rate limit reset listeners 2023-08-29 15:19:49 -07:00
Chris Eager 093f17dce2
Update to stripe-java 23.1.1 2023-08-29 15:18:16 -07:00
Jon Chambers 6089f49b9c
Add a gRPC interceptor for getting client addresses 2023-08-29 15:18:06 -07:00
Sergey Skrobotov cfb910e87e Adding copyright headers to proto files 2023-08-28 14:39:33 -07:00
Chris Eager d338ba5152 Convert some KeysController methods return `CompletableFuture`s 2023-08-24 11:59:28 -05:00
Chris Eager f181397664 Add test for round-trip AccountsManager JSON serialization 2023-08-24 11:18:01 -05:00