f6cbc32ee7
Align "link device" and "fetch pre-keys" rate limits
2022-03-04 10:45:06 -05:00
602614acf6
Refine assessment metrics
2022-03-03 16:09:49 -08:00
3854b7d472
Remove `@Consumes` from `GET /v1/config`
2022-03-03 16:08:55 -08:00
5e25481088
Fix a trivial typo in a constant's name
2022-03-03 10:59:19 -05:00
fe86e15d80
Remove PNI repair code
2022-03-03 10:25:11 -05:00
179b4a69eb
Clear one-time pre-keys when PNIs are assigned
2022-03-03 10:24:54 -05:00
eee6307789
Move score floor to dynamic configuration, add distribution summary
2022-03-02 15:18:33 -08:00
9fc5002619
Add stories capability
2022-03-02 15:16:21 -08:00
faa6ae284a
Add uak as a top level attribute
2022-03-02 10:41:09 -06:00
8b4355b21d
Add a "challenge issued" counter tagged by country and platform
2022-03-02 10:40:47 -06:00
e8835da740
Tag captcha success rate counter by country
2022-03-02 10:40:47 -06:00
93d06e3f4d
Fix typos
2022-03-01 14:14:52 -08:00
935e268dec
Parameterize sitekey
2022-03-01 10:40:42 -08:00
3a1c716c73
Remove an unused rate limiter
2022-02-25 13:50:17 -08:00
f3457502a6
Support different v2 captcha actions
2022-02-25 13:49:47 -08:00
d3cd1d1b15
Use GetLatestConfiguration in config manager
...
Use StartConfigurationSession/GetLatestConfiguration instead of
GetConfiguration since the latter has been deprecated
2022-02-23 15:36:33 -06:00
f5a75c6319
Simplify RateLimitExceeded with no retry-duration
...
- Avoid passing negative durations in error cases
- Drop unused message
- Return a duration for a bad forwarded-for
2022-02-23 15:25:24 -06:00
ae3a5c5f5e
Return a Retry-After on rate-limited responses
...
Previously, only endpoints throwing a RetryLaterException would include
a Retry-After header in the 413 response. Now, by default, all
RateLimitExceededExceptions will be marshalled into a 413 with a
Retry-After included if possible.
2022-02-23 15:25:24 -06:00
c367a71223
APNS: include a collapse-id for non-VOIP notifications
...
This has two benefits:
- The APNS server should only send an iOS client a single push
notification for any missed messages while the device is offline
(server-side coalescing). Note that the client can still turn that
into multiple "user notifications" as it pulls from its queue.
- If multiple notifications get delivered but iOS is unable to process
them (say, because the phone just restarted and hasn't been unlocked
yet), the user should only get one "You may have received messages"
notification (client-side coalescing).
2022-02-18 10:41:10 -05:00
d259ef0348
Update rate limit exceeded counter
2022-02-17 13:23:48 -08:00
288cbf4a80
Clean up null-ability of incoming message entity fields
2022-02-17 13:23:48 -08:00
ba5e5a780f
Throw an exception instead of using Optional<Resposne>
2022-02-17 13:23:48 -08:00
73fa3c3fe4
Add test for content length validation
2022-02-17 13:23:48 -08:00
579eb85175
Reject invalid envelope types
2022-02-17 13:23:48 -08:00
b2b20072ae
Add `MicrometerRegistryManager`
2022-02-17 13:18:30 -08:00
a2c4d3fe95
Use a strong reference to the application shutdown gauge
2022-02-17 13:18:30 -08:00
31e2be2e4d
Fixup invalid accept-language counter
...
- Fix name
- Add platform/version tags to the counter
2022-02-10 11:57:25 -06:00
9f5d97e1c6
Silence noisy warnings for invalid Accept-Language
2022-02-10 11:57:25 -06:00
baaae6cd9f
Add `@NotNull` to controller args where appropriate
...
Notably, `@Valid` doesn't imply `@NotNull`
2022-02-10 11:57:04 -06:00
ed398aa7b9
Add `DeviceCapabilities.pni`
2022-02-09 15:56:01 -08:00
6e2ae42dab
Add platform to metrics
2022-02-09 15:55:07 -08:00
41bf2b2c42
Add a binary format for incoming messages
...
The existing, general incoming message endpoint accepts messages as
JSON strings containing base64 data, along with all the metadata as
other JSON keys. That's not very efficient, and we don't make use of
that full generality anyway. This commit introduces a new binary
format that supports everything we're using from the old format (with
the help of some query parameters like multi-recipient messages).
2022-02-07 16:05:03 -08:00
639d634426
Restore displaced UUID from deleted accounts table when present
2022-01-31 13:01:36 -08:00
5358fc4f43
Use `setRegistrationLockFromAttributes`
2022-01-31 12:56:59 -08:00
99eda80a78
Measure rate limit challenge responses by platform
2022-01-27 16:05:52 -05:00
cbbdea1ba4
Impose more stringent requirements on cardinality checks
2022-01-26 16:13:12 -05:00
05e7c98620
Return an `AccountIdentityResponse` when changing phone numbers
2022-01-26 14:44:53 -05:00
1f1d618dea
Rename `AccountCreationResult` to `AccountIdentityResponse` (since it's not just for account creation any more)
2022-01-26 14:44:53 -05:00
b18117ef89
Add tests for unidentified access when requesting profiles
2022-01-25 14:07:44 -05:00
44cb796574
Add more detail to "could not get acceptable languages" logging
2022-01-25 12:21:35 -05:00
f69db11f42
Drop some unused dynamic configuration properties
2022-01-21 18:46:37 -05:00
96a680dcf0
Remove displaced account from directory when changing numbers
2022-01-21 18:46:11 -05:00
c612663490
Handle `null` `AccountAttributes` when verifying linked devices
2022-01-14 14:47:46 -05:00
de5d967d18
Track metrics for dynamic config load failures
2022-01-14 14:47:12 -05:00
7fc63f7847
Allow callers to specify one or more dynamic config classes
2022-01-14 14:45:29 -05:00
146655e997
Add a "sameAvatar" flag to CreateProfileRequest
...
If sameAvatar is set (and "avatar" is also set), the avatar field for
a profile will be copied from the existing profile. This saves S3
churn and client bandwidth.
2022-01-04 13:57:41 -08:00
bb27dd0c3b
Migrate from `Object[]` parameters to `Stream<Arguments>`
2022-01-03 15:10:02 -08:00
d7a3c12bbe
Drop unused DynamoDB class rules
2022-01-03 15:10:02 -08:00
a1e84f5a88
Migrate service tests to JUnit 5
2022-01-03 15:10:02 -08:00
b758737907
Migrate remaining JUnit 4 Redis cluster tests to `RedisClusterExtension`
...
* Increase redis cluster initialization wait to 10 seconds
* Move to JUnit 5 `Assumptions`
2022-01-03 14:59:39 -08:00
3e777df86c
Timeout `sendNextMessagePage` after 5 minutes
2021-12-20 11:31:11 -08:00
278b4e810d
Add (failing) test for send message timeouts
2021-12-20 11:31:11 -08:00
346c7cd743
Remove null-check of destination UUID
2021-12-20 11:31:11 -08:00
5baa51d547
Migrate challenge-issuing configuration into the abusive message filter module
2021-12-16 12:22:19 -05:00
616db337e1
Remove an old rate limiting feature flag
2021-12-16 12:22:19 -05:00
3895871462
Repair missing PNIs in JSON blobs on account load
2021-12-16 11:17:51 -05:00
a87b84fbe2
Return an empty response if somebody requests a profile key credential with a non-existent version
2021-12-16 10:30:55 -05:00
20c95e2606
Register `ApplicationShutdownMonitor` last
...
This will make it start last and shut down first, which is pretty much what we want for shutdown state monitoring
2021-12-15 19:27:23 -05:00
22dccaeddb
Count cases where we can find a given account, but not the given profile version
2021-12-15 15:53:47 -05:00
e611a70ba4
Remove usernames from profile responses
2021-12-15 15:53:47 -05:00
66845d7080
Refactor: separate the various types of profile responses
2021-12-15 15:53:47 -05:00
4ea7278c6f
Remove unversioned profile properties from `Account` entities
2021-12-15 15:53:47 -05:00
2b2e26f14b
Remove deprecated, unversioned profile setters
2021-12-15 15:53:47 -05:00
b496ef8d6f
Fix an issue where the deleted accounts lock client was trying to talk to the deleted accounts table
2021-12-15 13:16:32 -05:00
2d1ca98605
Consolidate DynamoDB clients/configuration
2021-12-15 12:42:41 -05:00
eaa4c318e3
Add usernames to `whoami` and account creation responses
2021-12-15 11:47:10 -05:00
31373fd1ba
Add a command for assigning usernames to individual users
2021-12-15 11:46:33 -05:00
0ce87153e5
Remove second database for `AbusiveHostRules`
2021-12-08 16:03:02 -08:00
dba1711e8d
Convert `AbusiveHostRule` to a record
2021-12-08 14:43:21 -08:00
a70b057e1c
Add second (migration) database to `AbusiveHostRules`
2021-12-08 12:46:05 -08:00
3df143dd3d
Switch to zonky test embedded postgres and use postgres 11.13.0
2021-12-03 16:07:07 -05:00
d78d7c726e
Fix a UUID transposition when requesting profile key credentials
2021-12-03 16:06:26 -05:00
d0ad580c7d
Add (failing!) tests for getting a profile key credentials for somebody else
2021-12-03 16:06:26 -05:00
4a8a2a70b5
Return 400 instead of 500 when amount is too small
2021-12-03 12:24:16 -06:00
20a71b7df2
Add tests for generating profile key credentials
2021-12-03 12:16:13 -05:00
68412b3901
Allow the "get profile" endpoint to include a PNI credential
2021-12-03 12:16:13 -05:00
31e5058b15
Make temporary iOS envelope type adaptation a little wider
2021-12-03 12:06:31 -05:00
14cff958e9
Migrate challenge-issuing rate limiters to the abusive message filter
2021-12-03 11:52:58 -05:00
9628f147f1
Separate statically- and dynamically-configured rate limiters
2021-12-03 11:01:15 -05:00
13e346d4eb
Distinguish local vs remote in `ClientPresenceManager#disconnectPresence`
2021-12-02 14:32:42 -08:00
e507ce2f26
Include ACI and PNI in DeviceResponse
2021-12-02 17:21:05 -05:00
9c62622733
Handle cases where a message might be missing a destination UUID
2021-12-02 14:06:49 -05:00
62aa0cef39
Set destination UUIDs for receipts
2021-12-02 14:06:49 -05:00
401953313a
Remove all vestiges of the relational account database
2021-12-02 12:46:43 -05:00
4d2403d619
Use `assertTimeoutPreemptively` instead of `assertTimeout`
2021-12-02 12:17:08 -05:00
c5f261305d
Store destination UUIDs when persisting messages to DynamoDB
2021-12-02 12:17:08 -05:00
394f58f6cc
Add a (failing!) check for destination UUIDs
2021-12-02 12:17:08 -05:00
674bf1b0e0
Drop a myserious empty test
2021-12-02 12:17:08 -05:00
606ddd8a9b
Populate destination UUID for messages delivered via websocket
2021-12-02 12:17:08 -05:00
e23a1fac50
Remove old Postgres-backed remote config machinery
2021-12-02 12:16:43 -05:00
342323a7e6
Use canonical usernames throughout `AccountsManager`
2021-12-02 12:02:29 -05:00
efb410444b
Introduce a username validator
2021-12-02 12:02:29 -05:00
17c9b4c5d3
Transition from Postgres-backed remote config store to Dynamo-backed store
2021-12-02 11:13:07 -05:00
706de8e2f1
Add a command to migrate remote configuration entries from Postgres to DynamoDB
2021-12-02 11:13:07 -05:00
23bc11f3b6
Introduce a DynamoDB-backed remote config store
2021-12-02 11:13:07 -05:00
4eb7dde1c8
Migrate RemoteConfigsTest to Junit 5
2021-12-02 11:13:07 -05:00
064861b930
Consolidate profiles store tests and discard `ProfilesStore` interface
2021-12-02 10:49:54 -05:00
afa910bbd7
Drop relational profiles store
2021-12-02 10:49:54 -05:00
6aceb24fd2
Drop profile migration tools
2021-12-02 10:49:54 -05:00
d94e86781f
Migrate username storage from a relational database to DynamoDB
2021-12-01 16:50:18 -05:00
acfcb18f29
Allow overwriting of previously-delted profiles
2021-12-01 11:59:18 -05:00
f7ff8e3837
Add a (failing!) test for deleting, then resetting profiles
2021-12-01 11:59:18 -05:00
048e17c62b
Use a memoizing supplier instead of a looping thread to cache remote config entries
2021-11-30 16:35:42 -07:00
d89b4f7e95
Compare versioned profiles synchronously; log a subset of mismatches for further investigation
2021-11-30 16:35:29 -07:00
795b226b90
Mark methods that update `SignedPreKey`s as `@ChangesDeviceEnabledState`
2021-11-30 10:40:12 -07:00
e485c380e0
Change the name of the CSV file argument to avoid upstream naming collisions
2021-11-30 11:31:12 -05:00
bb4f4bc441
Modify the "migrate profiles" command to accept a list of UUIDs/versions from a CSV file
2021-11-30 11:22:51 -05:00
65b49b2d9c
Use a "for each" strategy in profile migration methods
2021-11-24 16:54:30 -05:00
9e7010f185
Migrate profiles from a relational database to DynamoDB
2021-11-24 14:48:41 -05:00
3bb8e5bb00
Set a TTL for `Account` entries in the general cache
2021-11-24 14:47:36 -05:00
2a4d1da2ca
Delete accounts from Redis after they've been deleted from Dynamo
2021-11-24 13:47:53 -05:00
6b71b66bd2
Take no action if badge list is omitted entirely
2021-11-24 13:47:39 -05:00
ebf24fb125
Add a (failing!) test for clients omitting badges in profile update requests
2021-11-24 13:47:39 -05:00
46d64b949e
Don't read "soft-deleted" profiles
...
Nothing is actually "soft-deleting" profiles yet, and this
is a first step toward migrating profiles to a new data
store.
2021-11-24 12:02:07 -05:00
6919354520
Fix a counting bug with reported messages
2021-11-23 17:28:39 -05:00
a42fe9bfb0
Add crawler names to log messages
2021-11-23 16:22:09 -05:00
ee1f8b34ea
Add a command for reserving usernames
2021-11-23 16:21:03 -05:00
c910fa406d
Migrate reserved usernames from a relational database to DynamoDB
2021-11-23 16:21:03 -05:00
559205e33f
Log cases where accounts are missing or have inconsistent PNIs
2021-11-23 15:40:31 -05:00
c0756e9c60
Attempt an orderly websocket close on displacement before a hard disconnect
2021-11-23 11:36:32 -07:00
bf1190696e
Add badge workaround for old Android builds
2021-11-23 09:58:06 -06:00
71dd0890de
Restore an accidentally-removed PNI consistency check
2021-11-23 10:53:40 -05:00
e5acdf1402
Don't update the PNI attribute during general account updates
2021-11-23 10:53:40 -05:00
0f08b6bb59
Drop "got successful captcha" messages from `INFO` to `DEBUG`
2021-11-22 17:06:34 -05:00
6198a7b69a
Remove spurious `@JsonProperty` annotations
2021-11-22 15:43:09 -05:00
067aee6664
Remove unused properties from `OutgoingMessageEntity`
2021-11-22 15:43:09 -05:00
138a2ebbd0
Drop transactional logic from phone number identifier migration
2021-11-22 15:32:24 -05:00
296f6a7a88
Make phone number identifiers non-optional
2021-11-22 15:32:24 -05:00
069ffa9921
Drop PNI migration tools
2021-11-22 15:32:24 -05:00
f42fd8a840
Retire unused diagnostic metrics
2021-11-22 15:31:16 -05:00
10f27af6f2
Retire old unsealed-sender meters
2021-11-22 15:31:16 -05:00
0bbd34d060
Use text blocks where possible
2021-11-22 15:30:31 -05:00
282daeb0dc
Add a command to assign PNIs to accounts that don't already have one
2021-11-22 15:03:19 -05:00
d33b313c11
Break down legacy "get profile" requests by platform
2021-11-19 12:37:39 -05:00
fb7316c9ae
Return subscription status string in GET
2021-11-19 11:36:01 -06:00
279b0a51d9
Use latest invoice on subscription to generate receipts
2021-11-19 11:25:38 -06:00
6547d5ebf3
More consistent naming of receipt credentials endpoints
2021-11-19 10:14:00 -06:00
4f1ef9a039
Add additional http status codes to /v1/subscription/boost/receipt_credentials
2021-11-19 10:11:33 -06:00
077ead71a5
Rename legacy profile methods to separate them in metrics
2021-11-18 11:31:15 -05:00
caba110266
Revert "Revert "Remove transparent SVG for badging""
...
This reverts commit 0fdb23c1e9
2021-11-18 10:23:09 -06:00
0fdb23c1e9
Revert "Remove transparent SVG for badging"
...
This reverts commit 13a84f0c72
2021-11-18 10:09:34 -06:00
13a84f0c72
Remove transparent SVG for badging
2021-11-18 10:04:42 -06:00
669bd58e33
Drop the unused `Key` utility class
2021-11-17 10:57:29 -05:00
7ea43a728d
Set boost description from configuration
2021-11-16 17:21:57 -06:00
71b38356b1
Update to Mockito 4.0.0
2021-11-16 15:56:35 -07:00
5a99708f56
Update some deprecated usages
2021-11-16 15:56:13 -07:00
1dae05651f
Add PNIs to account creation and `whoami` responses
2021-11-16 15:08:10 -05:00
5164e92538
Shorten metric names
2021-11-16 15:08:10 -05:00
f89a20dbc7
Allow callers to set/retrieve keys by ACI or PNI
2021-11-16 15:08:10 -05:00
3a4c5a2bfb
Store and retrieve one-time pre-keys by UUID
2021-11-16 15:08:10 -05:00
Jon Chambers