Commit Graph

2859 Commits

Author SHA1 Message Date
Chris Eager 459882e6fa Add JettyHttpConfigurationCustomizer 2024-03-18 17:38:19 -05:00
Chris Eager 2c2b5d555e Rename obsolete uses of recaptcha 2024-03-13 16:40:32 -05:00
Alex Konradi 0ab2428d87
Don't produce zkgroup auth creds with PNI as ACI 2024-03-13 16:22:45 -05:00
Chris Eager 8574494573 Support "captcha" rename in AnswerChallengeRequest.type 2024-03-13 16:19:05 -05:00
Chris Eager a4d4a9c686 Remove RecaptchaClient 2024-03-13 16:19:05 -05:00
Chris Eager fd9eb462cc Replace extraneous SecureRandom with empty byte array 2024-03-12 16:49:57 -05:00
Ravi Khadiwala f9533e016f Adjust metrics in RemoveExpiredUsernameHoldsCommand 2024-03-11 13:50:08 -05:00
Jon Chambers 85b15fa63b Actually increment the "get group credentials" counter 2024-03-08 17:07:16 -05:00
Chris Eager 3dadaf9334 Migrate DynamicConfigurationManager to use java.util.concurrent 2024-03-08 13:53:28 -06:00
Ravi Khadiwala 9e510a678c disable response buffering on the websocket
Jersey buffers responses (by default up to 8192 bytes) just so it can
add a content length to responses. We already buffer our responses to
serialize them as protos, so we can compute the content length
ourselves. Setting the buffer to zero disables buffering.
2024-03-08 13:46:00 -06:00
Chris Eager 2dc0ea2b89 Address potential NullPointerException when calling Collection#contains 2024-03-08 13:43:31 -06:00
Alex Konradi 7d364ca7ce
Count group auth reqs without pniAsServiceId=true 2024-03-06 15:41:48 -05:00
Chris Eager 9f6a6d7f5b Include HTTP/2 stream idle timeouts in IOExceptionMapper 2024-03-06 11:11:39 -06:00
Ravi Khadiwala 3cc740cda3 Temporarily hold a username after an account releases it 2024-03-06 11:09:25 -06:00
Ravi Khadiwala 47b24b5dff Simplify username operations in `Accounts`
- Group username table constants together
- Rethrow JsonProcessingException earlier
- Use UpdateAccountSpec.forAccount in username operations
- Inline confirm/clear transaction helpers
2024-03-06 11:09:25 -06:00
adel-signal 8f100a792e
calling: update TurnCallRouter to reduce returned options 2024-03-05 11:26:19 -08:00
Ravi Khadiwala 4e5dd914dd Add varargs variant to HmacUtil 2024-02-28 15:18:39 -06:00
ravi-signal 2adf1e5017
Avoid modification of Account from `@ReadOnly` endpoint 2024-02-28 15:18:12 -06:00
Jon Chambers d1d03f45c5 Resolve warnings throughout `AccountControllerTest` 2024-02-26 16:11:03 -05:00
Ravi Khadiwala 436bd891bd Don't register SpamFilter as a request filter 2024-02-26 09:33:36 -06:00
Chris Eager a7c28fe5ed Rename "name" tags to be more distinguishing 2024-02-26 09:32:50 -06:00
Chris Eager 60814d1ff0 Configure metrics registries earlier in background command setup 2024-02-26 09:32:01 -06:00
Jon Chambers d018efe2a5
Require non-null proofs in "confirm username hash" requests 2024-02-26 10:30:52 -05:00
Jon Chambers 6fd0cba06a Temporarily restore the `giftBadges` capability for backward compatibility 2024-02-26 10:30:29 -05:00
Katherine 12c6af23ee
Map TransactionConflict to ContestedOptimisticLockException in username flows 2024-02-23 14:06:03 -08:00
Ravi Khadiwala 69330f47fd Explicitly call spam-filter for verification session updates
Pass in the same information to the spam-filter, but just use explicit
method calls rather than jersey request filters.
2024-02-23 16:04:24 -06:00
Ravi Khadiwala 4f40c128bf Explicitly call spam-filter for challenges
Pass in the same information to the spam-filter, but just use explicit
method calls rather than jersey request filters.
2024-02-23 15:58:52 -06:00
Jon Chambers 30b5ad1515 Fix an incorrectly-named "check keys" method 2024-02-23 13:17:10 -05:00
adel-signal 665a26d164
update call routing to return ipv6 ips in RFC3986 format 2024-02-23 11:57:58 -05:00
Jon Chambers a5774bf6ff
Introduce a (dormant) Noise/WebSocket for future client/server communication 2024-02-23 11:42:42 -05:00
Jon Chambers d2716fe5cf Add an endpoint for checking that clients and the server have a common view of the client's repeated-use keys 2024-02-23 11:41:58 -05:00
Jon Chambers 279f877bf2 Validate pre-key signatures via the legacy "set signed pre-key" endpoint 2024-02-23 11:33:41 -05:00
Ravi Khadiwala df69d9f195 Annotate authenticated endpoints with `@ReadOnly` or `@Mutable` 2024-02-22 12:05:32 -06:00
Ravi Khadiwala 26ffa19f36 Lifecycle management for Account objects reused accross websocket requests 2024-02-22 12:05:32 -06:00
Jon Chambers 29ef3f0b41 Add tests and metrics for parsing invalid keys 2024-02-21 15:32:25 -05:00
Jon Chambers 106d5e54c7 Extract a common base class for public key serializers/deserializers 2024-02-21 15:32:25 -05:00
Jon Chambers 6ac2460eb0 Drop the "key without version byte" counter 2024-02-21 15:32:25 -05:00
Chris Eager c8d649e8c2 Update MetricsHttpChannelListener to share MetricsRequestEventListener namespace 2024-02-21 13:32:47 -06:00
Ravi Khadiwala 1fdf82dd6c Remove unused ChangePhoneNumberRequest object
Actual request object is ChangeNumberRequest
2024-02-21 13:32:27 -06:00
Jon Chambers 4aa4246695 Clear account records from the account cache after username operations 2024-02-20 12:11:29 -05:00
Chris Eager 1bebceb29c Actually fix flaky test in MetricsHttpChannelListenerIntegrationTest 2024-02-20 10:52:04 -06:00
Jon Chambers a2139ee236 Revert "Add diagnostic dimensions to the "get keys" counter"
This reverts commit cd64390141.
2024-02-18 20:14:05 -05:00
Jon Chambers 8c55f39cdf Revert "Use a phased enrollment strategy for the `pnp` compatibility flag"
This reverts commit 3e12a8780d.
2024-02-18 20:08:39 -05:00
Chris Eager 0329184c94 Fix flaky test in MetricsHttpChannelListenerIntegrationTest 2024-02-18 20:08:29 -05:00
Jon Chambers cd64390141 Add diagnostic dimensions to the "get keys" counter 2024-02-18 18:10:58 -05:00
Jon Chambers 3e12a8780d Use a phased enrollment strategy for the `pnp` compatibility flag 2024-02-18 17:59:00 -05:00
Jon Chambers 11e6ff1bbe Introduce a `pnp` capability for backward compatibility 2024-02-18 17:59:00 -05:00
Jon Chambers 36f85fc97e Fix an inverted boolean in a counter 2024-02-16 15:18:18 -05:00
Jon Chambers 9040cfd200 Count "store key" attempts by key type/platform 2024-02-16 13:09:55 -05:00
Jon Chambers 757da3b15a Fully-qualify OpenAPI `Tag`, allowing for imported Micrometer `Tag` 2024-02-16 13:09:55 -05:00
Jon Chambers d162590a32 Record a remote-aggregated distribution of one-time pre-key counts 2024-02-16 13:09:55 -05:00
Jon Chambers f41e1716c6 Combine/expand existing "get keys" counter 2024-02-16 13:09:55 -05:00
Jon Chambers 4dce0f1b9d Add identity type/"stale" dimensions to the "pre-key unavailable" counter 2024-02-16 13:09:55 -05:00
Jonathan Klabunde Tomer fef57dce0d
use explicit `Timer` rather than micrometer annotation for send-message latency distribution 2024-02-15 14:58:43 -08:00
Jon Chambers d884700b61 Significantly reduce default Redis command timeout 2024-02-15 17:57:17 -05:00
Jonathan Klabunde Tomer ff9ad4bd1d
export 1:1 message send latency as a full distribution 2024-02-15 10:33:02 -08:00
Chris Eager 9ce2b7555c Add static servlet paths to MetricsHttpChannelListener 2024-02-14 17:09:30 -06:00
Jon Chambers f90ccd3391 Count attempts to fetch a one-time EC pre-key that result in a "key unavailable" response 2024-02-14 18:04:31 -05:00
Jon Chambers 5ff092e541 Retire the `pni` device capability 2024-02-14 18:04:23 -05:00
Ravi Khadiwala dcdf401f64 Make DELETE /v1/device synchronous 2024-02-14 15:30:10 -05:00
Chris Eager e4fb80b39b Add onResponseFailure handler to MetricsHttpChannelListener 2024-02-14 13:43:23 -06:00
Chris Eager 9745854ab8 Switch MetricsHttpChannelListener to ContainerResponseFilter 2024-02-14 13:43:23 -06:00
Jon Chambers 7124621f66
Use pre-calculated pre-key counts when possible 2024-02-14 14:28:33 -05:00
Jon Chambers 47fd8f5793 Assume that all devices are PNI-capable 2024-02-14 14:27:48 -05:00
Jonathan Klabunde Tomer 40d698f2db Remove last vestiges of stale capabilities.
Not for deployment until 2024-02-06!
2024-02-14 14:23:05 -05:00
adel-signal 74abe98706
initialize call routing data syncs 2024-02-13 17:05:08 -08:00
Chris Eager 86787f3bc8 Start DynamicConfigurationManager directly after construction 2024-02-13 13:08:20 -06:00
Chris Eager 699b0c775a Add dynamic configuration to enable detailed Lettuce metrics 2024-02-13 10:33:43 -06:00
Chris Eager ff59ef8094 Add MetricHttpChannelListener 2024-02-13 10:29:03 -06:00
Jonathan Klabunde Tomer 089af7cc1f
correct metric name in MaxMindDatabaseManager timer 2024-02-09 13:37:39 -08:00
Jonathan Klabunde Tomer 1591a2d9a3 CallRoutingTableManager: fix crash on startup due to typo in metric naming 2024-02-09 12:27:51 -08:00
Jonathan Klabunde Tomer f7984ed642
CallDnsRecordsManager: fix crash on startup due to typo in metric naming 2024-02-09 12:14:50 -08:00
adel-signal d1f68eacd9
Add call routing API endpoint for turn servers 2024-02-09 11:12:23 -08:00
Jon Chambers 4f45f23094 Prevent old versions of the Android app from carrying out "change phone number" requests 2024-02-09 09:58:38 -05:00
Jon Chambers c5dc01ee11 Restore high-cardinality Lettuce metrics for debugging 2024-02-08 19:27:56 -05:00
Ravi Khadiwala 3b44ed6d16 Explicitly call spam-filter for messages
Pass in the same information to the spam-filter, but just use explicit
method calls rather than jersey request filters.
2024-02-07 14:30:32 -06:00
Chris Eager 0965ab8063 Move HeaderUtils#getMostRecentyProxy to RemoteAddressFilter 2024-02-07 14:28:37 -06:00
Fedor Indutny 24a7762873
Add `identityType` tag to `SENT_MESSAGE_COUNTER_NAME` 2024-02-06 17:39:00 -06:00
Chris Eager e441ab60a2 Add metric for IPv4/IPv6 requests count 2024-02-06 17:38:25 -06:00
Chris Eager 2ab14ca59e Refactor remote address/X-Forwarded-For handling 2024-02-05 13:37:06 -06:00
Chris Eager 4475d65780 Make Accounts#changeNumber exception handling more resilient to future changes 2024-02-01 15:14:15 -06:00
Ravi Khadiwala b1d10f5817 Add lifecycle management for AwsCrt for commands 2024-02-01 15:08:45 -06:00
Chris Eager c838df90ef Add HttpServletRequestUtil 2024-01-31 17:53:47 -06:00
Chris Eager fb39af67e5 Allow for more TransactWriteItems when inspecting TransactionCanceledException 2024-01-31 17:46:32 -06:00
Chris Eager 2d4d37f96a Translate TransactionCanceledException to ContestedOptimisticLockException in Accounts#changeNumber 2024-01-31 17:27:16 -06:00
Jon Chambers 26adf20ee8 Make "fetch profile" endpoints `@ManagedAsync` 2024-01-31 14:38:50 -06:00
Jon Chambers 72668ed0a2 Make "send individual message" endpoint `@ManagedAsync` 2024-01-31 14:38:50 -06:00
Ravi Khadiwala 50f1ed7851 Add a virtual-thread backed `@ManagedAsyncExecutor` 2024-01-31 14:38:50 -06:00
ravi-signal cf8f2a3463
remove synchronized locks that may be held while blocking 2024-01-31 14:29:15 -06:00
ravi-signal b483159b3a
reintroduce VirtualThreadPinEventMonitor 2024-01-31 14:28:12 -06:00
ravi-signal 480abebf7e
Offload account lock updates to accountLockExecutor 2024-01-31 14:27:16 -06:00
Ravi Khadiwala b924dea045 Remove VirtualThreadPinEventMonitor 2024-01-30 13:49:39 -06:00
Ravi Khadiwala 2c1e7e5ed6 Disable flaky VirtualThreadPinEventMonitorTest 2024-01-30 13:29:58 -06:00
Ravi Khadiwala 4dfd74906c Add timeouts to VirtualThreadPinEventMonitorTest 2024-01-30 13:10:43 -06:00
Chris Eager c80225a18c Remove `NoneHealthResponder` 2024-01-30 12:51:43 -06:00
ravi-signal 0e6242373e
Add a monitor for virtual thread pin events 2024-01-30 12:48:07 -06:00
ravi-signal 4305db5579
Update to aws sdk 2.23.8 and use AwsCrtHttpClient 2024-01-30 12:46:27 -06:00
ravi-signal 36e7772f74
Put some validation on to profile version strings
Co-authored-by: Jon Chambers <63609320+jon-signal@users.noreply.github.com>
2024-01-26 15:24:38 -06:00
Chris Eager ca05df5172 Revert "Add support for secondary credentials for registration service"
This reverts commit 4b8fc2950f.
2024-01-26 11:42:35 -06:00
Chris Eager 422e8e6f3e Remove CommandStopListener 2024-01-26 11:31:04 -06:00
Jon Chambers 852b285d84 Configure and instantiate a `ClientPublicKeys` data store/manager 2024-01-26 10:29:59 -05:00
Jon Chambers 6c13193623 Add a data store for client public keys for transport-level authentication/encryption 2024-01-26 10:29:59 -05:00
Ravi Khadiwala 6bda9d8604 Set destination account on the request context 2024-01-25 13:02:28 -06:00
Ravi Khadiwala 1428ca73de Make identity token fetcher more async friendly
After the identity token expires a subsequent call would do a blocking
operation to retrieve the new token. Since we're making use of an async
gRPC client, this tends to block a thread we don't want to be blocking
on.

Instead, switch to periodically refreshing the token on a dedicated
thread.
2024-01-25 13:01:21 -06:00
Katherine 498ace0488
Remove iOS special case handling logic for SEPA/iDEAL 2024-01-25 10:52:17 -08:00
Chris Eager 4b8fc2950f Add support for secondary credentials for registration service 2024-01-24 13:52:23 -06:00
Jon Chambers 595cc55578 Retire the `returnPqKey` flag when fetching pre-keys 2024-01-23 16:01:40 -05:00
Ravi Khadiwala 91b0c368b4 Remove unused table configuration parameter 2024-01-23 14:48:52 -06:00
Jonathan Klabunde Tomer 21d0ffc990
Allow "reserving" one's own committed username hash 2024-01-23 12:44:55 -08:00
Chris Eager 55b9d84956 Add `host` to `DogstatsdConfiguration` 2024-01-22 15:59:52 -06:00
Chris Eager ffdb0db6c6 Migrate from `host` tag to `dd.internal.entity_id` 2024-01-22 15:59:52 -06:00
Chris Eager a5ed07a666 Support environment variable substitution in configuration 2024-01-22 11:25:18 -06:00
Chris Eager da02c90bad Remove AWS instance profile credentials provider 2024-01-22 11:24:03 -06:00
Ravi Khadiwala 3820a231ec Strictly enforce ACI service identifier strings have no prefix 2024-01-22 11:23:33 -06:00
Dimitris Apostolou 408b065b9e Fix typos 2024-01-20 12:40:08 -05:00
hduelme 238ab84749 use StandardCharsets UTF_8 instead of String 2024-01-20 12:39:43 -05:00
Ravi Khadiwala f5080f9bd6 Support configurable verification code sender overrides 2024-01-19 13:58:17 -06:00
Ravi Khadiwala db4aa99ce0 Make the ServiceIdentifier interface sealed 2024-01-19 13:57:20 -06:00
ravi-signal 70134507f8
Add metric for ServiceId string parsing 2024-01-19 13:56:47 -06:00
Ravi Khadiwala 360a4793ae Remove global lock in RateLimitChallengeManager 2024-01-19 13:56:09 -06:00
Jon Chambers 47bfb25f2c Retire a now-unused transacational update method for accounts 2024-01-18 16:40:21 -05:00
Jon Chambers b048b0bf65 Remove signed pre-keys from `Device` entities 2024-01-18 12:13:00 -05:00
Jonathan Klabunde Tomer 394f9929ad
limit size of multi-recipient messages 2024-01-11 16:31:37 -08:00
ravi-signal bf39be3320
Add Content-Type header for copy uploads 2024-01-11 14:59:35 -06:00
Chris Eager 4a2cbb9ec7 Stop timers on Flux termination 2024-01-11 14:57:31 -06:00
Ravi Khadiwala cc6cf8194f Add media deletion endpoint 2024-01-11 10:19:06 -06:00
Ravi Khadiwala e934ead85c Fix incorrect comparison in archive usage metric 2024-01-11 10:19:06 -06:00
Ravi Khadiwala 323bfd9a6e Remove some secondary keys from account cache
Remove e164, usernameHash, and usernameLink secondary mappings from the
accounts redis cache.
2024-01-11 10:10:32 -06:00
Jon Chambers bf05e47e26 Get accounts asynchronously when checking SVR credentials via gRPC 2024-01-11 11:09:49 -05:00
Jon Chambers d18f576239 Revert "Revert "Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys""
This reverts commit 3f9edfe597.
2024-01-10 11:22:10 -05:00
Jon Chambers 7d483c711a Revert "Revert "Retire "migrate signed pre-keys" configuration""
This reverts commit a024949311.
2024-01-10 11:22:10 -05:00
Jon Chambers 61256d49cd Revert "Revert "Retire the "migrate signed pre-keys" command""
This reverts commit f738bc97e7.
2024-01-10 11:22:10 -05:00
Jonathan Klabunde Tomer 184cdc0331
Remove two-stage check of username availability in reserve/confirm 2024-01-09 14:01:42 -08:00
Ravi Khadiwala ed972a0037 Fix archive listing directory prefix order 2024-01-09 16:01:11 -06:00
Ravi Khadiwala a62a6c1cb6 Change type of Cdn3StorageManagerConfiguration.clientSecret to SecretString 2024-01-08 16:06:54 -06:00
Ravi Khadiwala f66566aa17 Fix default configuratiton in MonitoredS3ObjectConfiguration 2024-01-08 14:52:14 -06:00
ravi-signal b6ecfc7131
Add archive listing 2024-01-08 13:54:57 -06:00
adel-signal 2b688b1a60
Refactor spam filter's S3MonitoredObject to server parent module.
Allows other parts of server to use S3MonitoredObjects.
2024-01-08 10:34:12 -08:00
Jon Chambers 3c64d9292f Revert "Expand the default max packet size for Dogstatsd"
This reverts commit 0f52d2e464.
2024-01-08 12:23:16 -05:00
Jon Chambers 0f52d2e464 Expand the default max packet size for Dogstatsd 2024-01-08 11:43:50 -05:00
Jonathan Klabunde Tomer 1e5fadc440
Allow reserving a hash previously reserved (but not committed) by the same user 2024-01-05 15:38:45 -08:00
Chris Eager f495ff483a
Update RemoveExpiredLinkedDevicesCommand to retry failures 2024-01-05 15:38:34 -08:00
Jonathan Klabunde Tomer d1a80cc880 fix build-breaking typo 2024-01-04 11:46:07 -08:00
Jonathan Klabunde Tomer e1ad25cee0
Group Send Credential support in chat 2024-01-04 11:38:57 -08:00
Chris Eager 195f23c347
Add `/v1/accounts` and `/v2/keys` to the WebSocket 2024-01-02 15:51:57 -06:00
Chris Eager ad6b99be6a Dispatch client presence operations after device deletion to a dedicated executor 2023-12-22 10:51:17 -06:00
Chris Eager b9dd9fc47d Reduce fan-out by processing a single stream of expired linked devices 2023-12-22 10:51:06 -06:00
Chris Eager 637792c6d4 Move `RemoveExpiredLinkedDevicesCommand` error handling for more accurate metrics 2023-12-21 16:06:41 -06:00
Jon Chambers 4d1bca2d97 Dispatch client presence operations after account deletion to a dedicated executor 2023-12-21 13:40:49 -05:00
Chris Eager f33a2eba50
Add buffer + shuffle and configurable concurrency to `RemoveExpiredLinkedDevicesCommand` 2023-12-21 11:14:02 -06:00
Jon Chambers 5d6bea5ec9 Clear Redis cache entries strictly after removing accounts from DynamoDB 2023-12-21 12:08:03 -05:00
Jon Chambers 057d1f07a8 Remove bulk "set repeated-use signed pre-keys" methods because they were only ever used for single devices 2023-12-21 12:07:42 -05:00
Jon Chambers 95bb9a9780 Log signed pre-key retrieval errors and mismatches 2023-12-20 14:55:12 -05:00
Chris Eager 06c391cbf6 Add counter for failed account updates to RemoveExpiredLinkedDevicesCommand 2023-12-20 13:51:28 -06:00
Chris Eager d90dff95b1 Move MeterRegistry#close calls to after the lifecycle has fully stopped 2023-12-20 13:51:16 -06:00
Ravi Khadiwala ca47a7b663 handle new RegistrationService proto error 2023-12-19 18:19:26 -06:00
Jonathan Klabunde Tomer 9d3d4a3698
Add phone-number-sharing field to versioned profile
Co-authored-by: Katherine <katherine@signal.org>
2023-12-19 11:20:04 -08:00
Chris Eager 3b509bf820 Add command to remove expired linked devices 2023-12-19 13:11:26 -06:00
Jon Chambers 5b7f91827a
Remove signed pre-keys transactionally when removing devices 2023-12-19 14:11:05 -05:00
Chris Eager 06800043a9 Set TLS keystore password in secondary persistent services 2023-12-15 13:39:58 -06:00
Chris Eager 3090de56b8 Set TLS keystore password from secrets configuration 2023-12-15 12:47:27 -06:00
Katherine a37acd1f42
Add ttl for braintree writes to onetime donation table 2023-12-15 13:37:35 -05:00
Jonathan Klabunde Tomer 43f17414ff
Make key-setting methods asynchronous again 2023-12-14 16:49:16 -08:00
Jon Chambers b259eea8ce
Refactor/clarify account creation/reclamation process 2023-12-14 16:48:57 -08:00
Katherine 9cfc2ba09a
Persist onetime donation payment success timestamps for Braintree transactions 2023-12-14 16:48:29 -08:00
Chris Eager bb347999ce
Propagate another subscription processor error to clients 2023-12-14 15:40:08 -05:00
Katherine 3548c3df15
Calculate onetime badge expiration from payment success timestamp 2023-12-14 15:39:46 -05:00
Jon Chambers 1167d0ac2e Make key-setting methods synchronous 2023-12-13 17:49:55 -05:00
Jon Chambers f738bc97e7 Revert "Retire the "migrate signed pre-keys" command"
This reverts commit c7cc3002d5.
2023-12-13 17:49:55 -05:00
Jon Chambers 3f9edfe597 Revert "Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys"
This reverts commit feb933b4df.
2023-12-13 17:49:55 -05:00
Jon Chambers a024949311 Revert "Retire "migrate signed pre-keys" configuration"
This reverts commit 44145073f1.
2023-12-13 17:49:55 -05:00
Jon Chambers 609c901867 Refactor key-fetching to be reactive 2023-12-13 12:46:48 -05:00
Jon Chambers 4ce060a963 Count wildcard "get keys" requests by platform 2023-12-13 12:46:48 -05:00
Jon Chambers c4ca0fee40 Synchronize access to `responseItems` when assembling a "get keys" response 2023-12-13 12:46:48 -05:00
Chris Eager 8d4acf0330 Remove `ForkJoinPool.managedBlock` in favor of async updates 2023-12-13 10:18:04 -05:00
Jon Chambers 28a981f29f Assume that all devices have signed pre-keys 2023-12-13 10:17:51 -05:00
Jon Chambers c29113d17a Reject requests with missing device capabilities 2023-12-12 11:37:44 -05:00
Katherine 951f978447
Use start of subscription period as fallback timestamp 2023-12-12 11:34:44 -05:00
Jon Chambers 07899f35bd Return `DeviceController#linkDevice` to synchronous processing 2023-12-12 11:34:23 -05:00
Katherine 3cbbf37468
Use payment success timestamp to calculate recurring donation badge expiration 2023-12-12 10:01:20 -05:00
Jon Chambers 6c7a3df5ae Retire non-atomic device-linking pathways 2023-12-12 09:53:51 -05:00
Jon Chambers 2054ab2771 Revert "Count requests with missing device capabilities"
This reverts commit 6cdf8ebd2c.
2023-12-12 09:53:51 -05:00
Jon Chambers 44145073f1 Retire "migrate signed pre-keys" configuration 2023-12-12 09:53:34 -05:00
Jon Chambers feb933b4df Treat the stand-alone signed pre-keys table as the source of truth for signed pre-keys 2023-12-11 11:39:54 -05:00
Jon Chambers c7cc3002d5 Retire the "migrate signed pre-keys" command 2023-12-11 11:07:00 -05:00
xiaolou86 049b901d63 Fix typos 2023-12-09 10:04:12 -05:00
Jon Chambers 3cf1b92dfc Do not set one-time pre-keys if the lists of new keys are empty 2023-12-08 14:03:08 -05:00
Jon Chambers 5b0fcbe854 Always expose sequential fluxes to account crawlers 2023-12-08 13:43:42 -05:00
Jon Chambers cca747a1f6 Treat transaction conflicts during transactional account updates as contested optimistic locks 2023-12-08 12:13:23 -05:00
Jon Chambers 417d99a17e Check story rate limits in parallel 2023-12-08 12:13:08 -05:00
Jon Chambers e9708b9259 Use random UUIDs throughout `MessageControllerTest` 2023-12-08 12:13:08 -05:00
Jon Chambers e5d3be16b0 Fetch destination accounts in parallel when sending multi-recipient messages 2023-12-08 12:13:08 -05:00
Jordan Rose 2ab3c97ee8
Replace MultiRecipientMessage parsing with libsignal's implementation
Co-authored-by: Jonathan Klabunde Tomer <jkt@signal.org>
2023-12-08 11:52:47 -05:00
Jon Chambers f20d3043d6
Process key migrations sequentially to better control concurrency 2023-12-07 21:42:49 -05:00
Jonathan Klabunde Tomer 4efda89358
multisend cleanup 2023-12-07 12:23:02 -08:00
Jon Chambers 1fb88271e5 Invalidate cache entries for accounts after successfully adding devices 2023-12-07 13:27:26 -05:00
Jon Chambers a843780f68 Add a (failing!) test for device-linking 2023-12-07 13:27:26 -05:00
Jon Chambers 5ad83da4e0 Remove the now-unused admin logger 2023-12-07 12:58:43 -05:00
Jon Chambers 50d92265ea
Add devices to accounts transactionally 2023-12-07 11:19:40 -05:00
Chris Eager e084a9f2b6 Remove PUT/DELETE methods from RemoteConfigController 2023-12-07 10:54:19 -05:00
Jon Chambers 664f9f36e1 Use padded base64 encoding for outbound device names 2023-12-07 10:53:56 -05:00
Jon Chambers 4c9efdb936 Revert "Revert "Represent device names as byte arrays""
This reverts commit 45848e7bfe.
2023-12-07 10:53:56 -05:00
Jon Chambers 45848e7bfe Revert "Represent device names as byte arrays"
This reverts commit 5ae2e5281a.
2023-12-06 17:05:04 -05:00
Ravi Khadiwala 4fa10e5783 Fix NPE in request metrics when a finished request is missing a response 2023-12-06 15:11:41 -05:00
Ravi Khadiwala fc0bc85f4d Add some extra request validation to `/v1/archives/keys` 2023-12-06 15:11:27 -05:00
Jon Chambers 5ae2e5281a Represent device names as byte arrays 2023-12-06 15:10:45 -05:00
Jon Chambers 34a943832a Align push notification types and delivery priorities 2023-12-06 12:40:16 -05:00
Jon Chambers db17693ba7 Revert "Temporarily make registration challenge notifications "noisy""
This reverts commit 9069c5abb6.
2023-12-06 12:40:16 -05:00
Jon Chambers 6cdf8ebd2c
Count requests with missing device capabilities 2023-12-06 10:40:50 -05:00
Ravi Khadiwala 072b470f46 Be more specific about encodings in /v1/archive docs 2023-12-06 10:40:20 -05:00
Ravi Khadiwala 78b2df2ecc Use long instead of int for epoch seconds 2023-12-06 10:40:06 -05:00
Jon Chambers 00e72a30c9 Assume all accounts have primary devices 2023-12-06 10:28:19 -05:00
Jon Chambers df421e0182
Update signed pre-keys in transactions 2023-12-05 14:20:16 -05:00
Jon Chambers ede9297139 Disallow identity key changes 2023-12-05 14:14:24 -05:00
Jon Chambers 85383fe581 Remove an unused "store keys" method 2023-12-05 14:14:24 -05:00
Jon Chambers 4cca7aa4bd Normalize identity types throughout `KeysController` 2023-12-05 14:14:24 -05:00
Jon Chambers e2037dea6c Rename `PreKeyState` to `SetKeysRequest` 2023-12-05 14:14:24 -05:00
Jon Chambers f10f772e94 Convert `PreKeyState` to a record 2023-12-05 14:14:24 -05:00
Jon Chambers 9ecfe15ac4 Use multiline strings for `PreKeyState` documentation 2023-12-05 14:14:24 -05:00
Jon Chambers 5f0726af8a
Perform cleanup operations before overwriting an existing account record 2023-12-05 12:18:09 -05:00
Ravi Khadiwala 331bbdd4e6 replace deprecated apache RandomUtils 2023-12-05 10:48:18 -06:00
Jon Chambers 37e3bcfc3e Move "remove device" logic into `AccountsManager` 2023-12-05 11:44:58 -05:00
Jon Chambers 4f42c10d60 Disallow sync messages to PNIs 2023-12-05 11:44:27 -05:00
Jonathan Klabunde Tomer 20392a567b Revert "multisend cleanup"
This reverts commit c03249b411.
2023-12-01 14:39:31 -08:00
Jonathan Klabunde Tomer c03249b411
multisend cleanup 2023-11-30 15:50:36 -08:00
gram-signal 22e6584402
Add auth controller for SVR3 to /v3/backup. 2023-11-30 15:50:21 -08:00
Jon Chambers aa23a5422a Don't modify registration IDs from the "set account attributes" endpoint 2023-11-29 16:56:47 -05:00
Jon Chambers 01fde4f9ca Require PNI-associated registration IDs for new devices 2023-11-29 16:56:47 -05:00
Jon Chambers 3980dec123 Revert "Add metrics to check presence of PNI-associated registration IDs"
This reverts commit 1da3f96d10.
2023-11-29 16:56:47 -05:00
Jon Chambers c97f837f45 Revert "Instrument registration ID changes via the "set account attributes" endpoint"
This reverts commit 8fbc1dac74.
2023-11-29 16:56:47 -05:00
Chris Eager 9c54d2407b Update tests 2023-11-29 15:48:24 -06:00
Chris Eager a027c4ce1f Conditionally use `request.remoteAddr` instead of `X-Forwarded-For` 2023-11-29 15:48:24 -06:00
Chris Eager b1fd025ea6 Use EpochSecondSerializer for UserRemoteConfigList.serverEpochTime 2023-11-29 15:47:10 -06:00
Jonathan Klabunde Tomer a05a230085
use Account-specific json serializer when reserving username hash 2023-11-29 13:40:06 -08:00
Jon Chambers 8fbc1dac74 Instrument registration ID changes via the "set account attributes" endpoint 2023-11-29 10:26:41 -05:00
Katherine f46842c6c9
Validate registration IDs 2023-11-28 15:43:35 -08:00
ravi-signal 202dd8e92d
Add copy endpoint to ArchiveController
Co-authored-by: Jonathan Klabunde Tomer <125505367+jkt-signal@users.noreply.github.com>
Co-authored-by: Chris Eager <79161849+eager-signal@users.noreply.github.com>
2023-11-28 11:45:41 -06:00
Jon Chambers 1da3f96d10 Add metrics to check presence of PNI-associated registration IDs 2023-11-28 12:26:15 -05:00
Chris Eager 5f6fe4d670 Add `NoneHealthResponder` to replace default responder 2023-11-27 14:38:47 -06:00
Chris Eager a74438d1ee Add test for concurrent in-flight outbound messages on WebSocket queue processing
This also elevates the implicit default concurrency (via reactor’s `Queues.SMALL_BUFFER_SIZE`) to be explicit.
2023-11-27 14:37:46 -06:00
Jon Chambers c8033f875d Create accounts transactionally 2023-11-27 09:57:43 -05:00
Jon Chambers 07c04006df Avoid blocking calls in async account updates 2023-11-27 09:57:43 -05:00
Jon Chambers 521900c048 Always require atomic account creation 2023-11-27 09:52:57 -05:00
Jon Chambers 9069c5abb6 Temporarily make registration challenge notifications "noisy" 2023-11-22 10:25:59 -05:00
Jon Chambers ff7a5f471b Always use "conserve power" priority for challenge notifications 2023-11-21 17:58:32 -05:00
Ravi Khadiwala 42a47406cc Fix platform tag for push challenge metric 2023-11-21 17:57:32 -05:00
Katherine de10b6de7b
Add metric to count invalid registration ID when setting account attributes 2023-11-20 14:25:27 -08:00
Chris Eager d6ade0e1ac Send HTTP 408 on idle timeout 2023-11-20 16:24:54 -06:00
Jonathan Klabunde Tomer cb1fc734c2
report exceptions in fanned-out sends of multi-recipient messages 2023-11-20 10:46:26 -08:00
Katherine Yen db7f18aae7 Add missing boolean parameter to `getSubscriptionStatus` method call 2023-11-16 19:28:10 -05:00
Katherine 7fbc327591
For Braintree, return `active` subscription status if latest transaction also succeeded 2023-11-16 19:15:46 -05:00
Chris Eager 84b56ae1b2
Upgrade to dropwizard 3.0 2023-11-16 17:57:48 -06:00
Katherine 041aa8639a
Enforce story ratelimit 2023-11-16 12:36:43 -05:00
Katherine 216ac72ad0
Use Braintree subscription status alongside transaction status to determine 204 and 402 responses for `/v1/subscription/{subscriberId}/receipt_credentials` 2023-11-16 12:36:19 -05:00
Jon Chambers c85ddaeb9c
Make DynamoDB client connection pool sizes configurable 2023-11-16 12:29:43 -05:00
Jonathan Klabunde Tomer 8f7bae54fe
When persisting messages fails due to a full queue in DynamoDB, automatically unlink one device to free up room.
Co-authored-by: Chris Eager <79161849+eager-signal@users.noreply.github.com>
2023-11-15 17:15:17 -08:00
Jon Chambers ce60f13320
Don't track IPv4/IPv6 metrics at the application level
We can measure this at the infrastructure level without observing IPs directly.
2023-11-15 17:18:54 -05:00
Jon Chambers 1ac0140666 Remove a couple of now-unused variables 2023-11-15 17:12:08 -05:00
Jon Chambers 6cc8b147a9 Remove unused `X-Forwarded-For` parameters 2023-11-15 17:09:47 -05:00
Jonathan Klabunde Tomer 7764185c57
return explicit Response rather than Void from async controllers with no expected body content 2023-11-14 21:57:25 -08:00
Katherine d4ef2adf0a
Remove low priority attempt login notification workaround for old iOS clients 2023-11-13 12:06:55 -05:00
Jonathan Klabunde Tomer a83378a44e
add an option to replace username ciphertext without rotating the link handle 2023-11-13 09:01:54 -08:00
ravi-signal a4a4204762
Allow re-registered accounts to reclaim their usernames 2023-11-13 10:41:23 -06:00
Jon Chambers acd1140ef6 Make registration challenge APNs payloads "silent" 2023-11-13 08:39:58 -08:00
Jon Chambers fbf71c93ff Make rate limit challenge APNs payloads "silent" 2023-11-13 08:39:58 -08:00
Katherine 38bc0c466a
Change `sepaMaximumEuros` field to number in JSON response 2023-11-10 10:16:03 -08:00
Katherine 71e4351743
Add `sepaMaximumEuros` field to subscription configuration 2023-11-10 09:13:51 -08:00
Katherine 387e4b94b4
Expand charge object on Stripe subscription to surface charge failure information 2023-11-10 09:12:59 -08:00
Katherine 201c76b861
Add charge failure details to `/v1/subscription/{subscriberId}/receipt_credentials` 402 response 2023-11-08 10:54:14 -08:00
Sergey Skrobotov db63ff6b88 gRPC validations 2023-11-03 11:30:48 -07:00
Katherine 115431a486
Un-hardcode payment activation flag 2023-11-03 11:27:34 -07:00
Jonathan Klabunde Tomer d47ff9b7c7
don't make empty transactions 2023-11-02 16:20:19 -07:00
Chris Eager 2bc4412d66 Encapsulate device ID in ProvisioningAddress 2023-11-02 11:48:10 -05:00
Chris Eager 6a428b4da9 Convert Device.id from `long` to `byte` 2023-11-02 11:48:10 -05:00
Jonathan Klabunde Tomer 7299067829
Don't attempt to update PNI PQ prekeys for disabled devices 2023-11-01 16:55:55 -07:00
Chris Eager 570aa4b9e2 Remove several unused classes 2023-11-01 15:46:10 -05:00
Ravi Khadiwala 6b38b538f1 Add ArchiveController
Adds endpoints for creating and managing backup objects with ZK
anonymous credentials.
2023-10-30 14:02:19 -05:00
Chris Eager ba139dddd8 Use all devices when checking limit 2023-10-30 12:40:06 -05:00
Chris Eager 0f5c62ade5 Set max threads = min threads on command executor services 2023-10-27 09:26:32 -05:00
Jon Chambers 54bc3bce96
Add an authentication-required gRPC service for working with accounts 2023-10-25 14:47:20 -04:00
Jon Chambers 3d92e5b8a9
Explicitly stop and start managed dependencies 2023-10-24 16:50:02 -04:00
Jon Chambers e4de6bf4a7
Only update devices that aren't already disabled 2023-10-24 15:29:03 -04:00
Katherine Yen 6f166425fe Fix bank mandate test 2023-10-20 16:19:31 -04:00
Chris Eager cf2353bcf9 Remove InstrumentedExecutorService wrapping 2023-10-20 15:14:35 -05:00
Jon Chambers 744eb58071 Discard old chunk-based account crawler machinery 2023-10-20 16:09:17 -04:00
Jon Chambers 9d47a6f41f Introduce a reactive push notification feedback processor 2023-10-20 16:09:17 -04:00
Jonathan Klabunde Tomer fd19299ae0
Accept a captcha score threshold for challenges from the spam filter 2023-10-20 09:09:22 -07:00
Jon Chambers 9c053e20da Drop `Util#isEmpty`/`Util#nonEmpty` in favor of `StringUtils` 2023-10-20 12:04:15 -04:00
Jon Chambers 19d7b5c65d Drop `Util#wait` 2023-10-20 12:04:15 -04:00
Jon Chambers 7b9d8829da Remove entirely unused `Util` methods 2023-10-20 12:04:15 -04:00
Jon Chambers f0ab52eb5d Rename "master device" to "primary device" 2023-10-20 10:52:13 -04:00
Jon Chambers e8cebad27e Avoid modifying original `Account` instances when constructing JSON for updates 2023-10-20 10:51:50 -04:00
Jon Chambers 6441d5838d Clear username links in the same transaction when clearing username hashes 2023-10-20 10:51:50 -04:00
Jon Chambers ac0c8b1e9a Introduce a canonical constant for UAK length 2023-10-20 10:50:44 -04:00
Katherine 8ec062fbef
Define an endpoint to set the default payment method for iDEAL subscriptions 2023-10-19 10:29:40 -07:00
Katherine 5990a100db
Add charge failure details to `/v1/subscription/boost/receipt_credential` 402 response 2023-10-19 10:21:26 -07:00
Jon Chambers bc35278684 Drop the old `AccountCleaner` 2023-10-19 10:34:24 -04:00
Jon Chambers c3c7329ebb Add a single-shot command for removing expired accounts 2023-10-19 10:34:24 -04:00
Jon Chambers 6fd1c84126 Make command namespace available to subclasses 2023-10-19 10:34:24 -04:00
Jon Chambers 0100f0fcc9 Migrate a username links test from `AccountsTest` to `AccountsManagerUsernameIntegrationTest` 2023-10-18 10:20:48 -04:00
Jon Chambers 0cdc32cf65 Really REALLY fix instrumentation for re-registration of recently-deleted accounts 2023-10-18 10:15:03 -04:00
Jon Chambers 601e9eebbd Implement an anonymous account service for looking up accounts 2023-10-18 10:14:52 -04:00
Jon Chambers eaa868cf06 Add a remote address interceptor to base gRPC tests 2023-10-18 10:14:52 -04:00
Jon Chambers f55504c665 Add utility methods for rate-limiting by remote address 2023-10-18 10:14:52 -04:00
Katherine Yen b2ff016cc1 Add back story ratelimiter with counter but do not enforce 2023-10-17 12:22:17 -04:00
Jon Chambers 33b4f17945
Make username-related operations asynchronous 2023-10-17 12:21:52 -04:00
Jon Chambers e310a3560b Remove unused configuration for the legacy Secure Backup Service 2023-10-17 12:21:14 -04:00
Jon Chambers 162b27323e Fix instrumentation for re-registration of recently-deleted accounts 2023-10-17 12:20:58 -04:00
Jon Chambers ae976ef8d6 Retire legacy Secure Value Recovery plumbing 2023-10-13 15:32:41 -04:00
Katherine c6b4e2b71d
Support iDEAL 2023-10-12 09:54:05 -07:00
Jon Chambers 33c8bbd0ce Trim stale capabilities from the profiles gRPC service 2023-10-12 12:52:32 -04:00
Jon Chambers f2a3b8dba4 Treat APNs team/key IDs as secrets so they can change atomically with the key itself 2023-10-12 12:52:13 -04:00
Katherine 207ae6129b
Add `paymentMethod` and `paymentProcessing` fields to `GET /v1/subscription/{subscriberId}` endpoint 2023-10-10 09:56:50 -07:00
Katherine e1aa734c40
Define endpoint to get localized bank mandate text 2023-10-05 09:53:33 -07:00
Jon Chambers bb7e0528c4
Make account deletion an asynchronous operation 2023-10-04 10:44:50 -04:00
Jonathan Klabunde Tomer 010eadcd10
UnlinkDeviceCommand improvements 2023-10-03 15:14:02 -07:00
Katherine c43e0b54f2
Exclude `SEPA_DEBIT` as a supported payment method for certain iOS client versions 2023-10-03 11:34:52 -07:00
Chris Eager 6522b74e20 Remove obsolete metrics 2023-10-03 11:42:25 -05:00
Chris Eager 8c7975d89a Clear presence only if the connection’s displacement listener is still present 2023-10-03 11:42:25 -05:00
Chris Eager 407070c9fc Unsubscribe from keyspace notifications only if queue still maps to the listener 2023-10-03 11:42:25 -05:00
Katherine 7821a3cd61
Accommodate PayPal with SEPA changes 2023-09-28 10:28:17 -07:00
Katherine a00c2fcfdb
Support SEPA 2023-09-28 08:26:01 -07:00
Jonathan Klabunde Tomer 9cd21d1326
count ItemCollectionSizeLimitExceededExceptions persisting messages 2023-09-27 10:58:28 -07:00
Jonathan Klabunde Tomer aaba95f9b8
return `null` for empty username hash in AccountIdentityResponse 2023-09-27 10:58:04 -07:00
Chris Eager 8d1135a2a3 Refine `RegistrationController` logic
Local device transfer on iOS uses the `409` status code to prompt the
transfer UI. This needs to happen before sending a `423` and locking
an existing account, since the device transfer
includes the local device database verbatim.
2023-09-25 15:54:31 -05:00
Jon Chambers f9fabbedce Convert `SubscriptionController` request/response entities to records 2023-09-25 12:32:49 -07:00
Chris Eager 16012e6ffe Remove obsolete `ManagedPeriodicWork` 2023-09-25 12:15:17 -07:00
Jon Chambers d10a132b0c Remove unused methods in `SubscriptionController` 2023-09-25 12:14:56 -07:00
Sergey Skrobotov 0b3af7d824 gRPC API for external services credentials service 2023-09-25 12:14:49 -07:00
Sergey Skrobotov d0fdae3df7 Enable header-based auth for WebSocket connections 2023-09-25 12:14:40 -07:00
Chris Eager 0e989419c6 Add metric for late removal of message availability and displacement listeners 2023-09-19 12:04:24 -05:00
ravi-signal 0fa8276d2d
retry hCaptcha errors
Co-authored-by: Jon Chambers <63609320+jon-signal@users.noreply.github.com>
2023-09-14 16:07:35 -05:00
Ravi Khadiwala b594986241 Set an idle timeout on registration gRPC client 2023-09-14 16:06:49 -05:00
Sergey Skrobotov 9f3ffa3707 gRPC API for payments service 2023-09-14 11:12:00 -07:00
Jonathan Klabunde Tomer 8e598c19dc
don't attempt to update KEM prekeys if we have no PQ-enabled devices 2023-09-14 11:11:22 -07:00
Katherine 2601d6e906
Convert some fields on `CreateProfileRequest` and `VersionedProfileResponse` to byte arrays 2023-09-13 14:00:03 -07:00
Jon Chambers f0544fab89 Update recently-deleted accounts table transactionally as part of account mutations 2023-09-13 16:02:19 -04:00
Jon Chambers 1b9bf01ab1 Absorb `DeletedAccounts` into `Accounts` 2023-09-13 16:02:19 -04:00
Katherine cbc3887226
Define identity key check endpoint in keys anonymous service 2023-09-11 11:57:00 -07:00
Jon Chambers 2b764c2abd Don't allow callers to unlink their primary device 2023-09-11 14:29:48 -04:00
Jon Chambers 845fc338d7 Add a (failing) test for removing primary devices from accounts 2023-09-11 14:29:48 -04:00
Sergey Skrobotov 977243ebfd DRY gRPC tests, refactor error mapping 2023-09-08 17:12:08 -07:00
Chris Eager 29ca544c95 Revert "Set `suppressCancel=true` in `Mono.fromFuture`"
This reverts commit 8348263fab.
2023-09-07 17:03:33 -05:00
Ravi Khadiwala 94b41d3a2c Fixup default rate limits
A previous refactor left the default rate limits off by a factor of 60.
2023-09-07 16:07:42 -05:00
Chris Eager 92bb783cbb Use static exception instance when a connection is closed 2023-09-07 16:06:16 -05:00
Chris Eager 8348263fab Set `suppressCancel=true` in `Mono.fromFuture` 2023-09-07 16:06:03 -05:00
Ravi Khadiwala 5934b7344a Remove unused captcha configuration 2023-09-07 11:16:32 -05:00
Chris Eager a9a2e40fed Move `onErrorResume` to individual `sendMessage` `Mono` 2023-09-07 11:15:57 -05:00
Chris Eager 656326355a Invert `String.equals()` to prevent `NullPointerException` 2023-09-07 11:14:36 -05:00
Chris Eager b89e2e5355 Propagate certain subscription processor errors to client responses 2023-09-06 15:57:14 -05:00
Chris Eager 2d187abf13 Handle WebSocket sendMessage errors with onErrorResume 2023-09-06 15:53:01 -05:00
Chris Eager ecd6b0174a Add timeouts to crawl chunk `join()`s 2023-08-31 15:03:19 -05:00
Chris Eager a1e534a515 Add default request timeout to FaultTolerantHttpClient 2023-08-31 15:03:19 -05:00
Sergey Skrobotov ebbe19ba63
Add missing copyright headers and reorder some imports 2023-08-30 16:07:53 -07:00
Katherine Yen 6a37b73463
Profile gRPC: Define `getExpiringProfileKeyCredential` endpoint 2023-08-30 14:56:43 -07:00
Katherine Yen dd18fcaea2
Profile gRPC: Define `getVersionedProfile` endpoint 2023-08-30 14:47:11 -07:00
Katherine Yen 5afc058f90
Profile gRPC: Define `getUnversionedProfile` endpoint 2023-08-30 14:24:43 -07:00
Jon Chambers 5e221fa9a3
Tests for validation of Kyber keys on PNI change/key distribution events
Co-authored-by: Jonathan Klabunde Tomer <jkt@signal.org>
2023-08-30 14:07:33 -07:00
Jon Chambers 0e0cb4d422 Drop the non-normalized account crawler 2023-08-30 13:55:41 -04:00
Jonathan Klabunde Tomer 9577d552c6
pass challenge type to rate limit reset listeners 2023-08-29 15:19:49 -07:00
Chris Eager 093f17dce2
Update to stripe-java 23.1.1 2023-08-29 15:18:16 -07:00
Jon Chambers 6089f49b9c
Add a gRPC interceptor for getting client addresses 2023-08-29 15:18:06 -07:00
Sergey Skrobotov cfb910e87e Adding copyright headers to proto files 2023-08-28 14:39:33 -07:00
Chris Eager d338ba5152 Convert some KeysController methods return `CompletableFuture`s 2023-08-24 11:59:28 -05:00
Chris Eager f181397664 Add test for round-trip AccountsManager JSON serialization 2023-08-24 11:18:01 -05:00
Chris Eager 708f23a2ee Remove deprecated identity key and signed pre-key methods 2023-08-24 11:18:01 -05:00
Chris Eager 7536b75508 Remove unused test fixtures 2023-08-24 11:06:11 -05:00
Jonathan Klabunde Tomer 7237ae6c54
check that pq last-resort prekeys, if submitted, match device list 2023-08-24 09:04:29 -07:00
Sergey Skrobotov ca05753a3e adding 400 response documentation to the API call 2023-08-23 13:20:07 -07:00
Jon Chambers 754f71ce00 Add a gRPC service for working with devices 2023-08-22 16:31:02 -05:00
Jon Chambers 619b05e56c Add utility a method for requiring authentication with the account's primary device 2023-08-22 16:31:02 -05:00
Jon Chambers 8b13826949 Convert `DeviceInfo` and `DeviceInfoList` to a record 2023-08-22 16:31:02 -05:00
Jon Chambers a96ee57c7e Defer asynchronous actions when deriving `Mono` instances from futures 2023-08-22 16:28:02 -05:00
Jon Chambers ff1ef90a6d Defer actions taken after rate limit checks 2023-08-22 16:28:02 -05:00
Ravi Khadiwala 17d48b95ac keep lettuce metrics; strip remote tags 2023-08-18 16:28:19 -05:00
Chris Eager eeea97e2fe Return a single OAuth2 credentials JSON 2023-08-18 16:16:31 -05:00
Jon Chambers 76305190a2 Temporarily restore explicit service/version/environment/host tags 2023-08-17 18:30:59 -04:00
Jon Chambers ab83990170 Send latency metrics as distributions 2023-08-17 17:10:16 -04:00
Jon Chambers 8103a22026 Submit Micrometer metrics via dogstatsd instead of the Datadog API 2023-08-17 17:01:36 -04:00
Jonathan Klabunde Tomer 1f8e4713ef
limit concurrency of async DynamoDB ops 2023-08-17 13:56:09 -07:00
Katherine Yen ff9fe2c1be
Remove record equality test 2023-08-17 13:55:27 -07:00
Jon Chambers 7f37c8ee5e Retire now-unused HTTP transport configuration for Datadog metric reporter 2023-08-17 16:53:53 -04:00
Jon Chambers ed0a723fef Include underlying exceptions when logging failures to write exit files 2023-08-17 12:32:45 -04:00
Jon Chambers 5c31ef43c9 Send an HTTP/440 response instead of an HTTP/502 if an upstream provider rejects a "send verification code" request 2023-08-17 12:15:00 -04:00
Katherine Yen 43fd8518c0
Add missing `java.util.Base64` import to ProfileController 2023-08-16 14:02:53 -07:00
Katherine Yen 19a08f01e8
Write certain profile data as bytes instead of strings to dynamo and represent those fields as byte arrays on `VersionedProfile` 2023-08-16 13:45:16 -07:00
Jon Chambers ccd860207b Make `MessagesManager#clear` asynchronous 2023-08-15 14:08:16 -04:00
Jon Chambers 2c835b5c51 Make message deletion from DynamoDB asynchronous 2023-08-15 14:08:16 -04:00
Jon Chambers 5caa951c61 Make `MessagesCache#clear` methods asynchronous 2023-08-15 14:08:16 -04:00
Jon Chambers 4d8c4d6693 Also delete APNs VOIP tokens when clearing APNs tokens 2023-08-15 14:08:00 -04:00
Jon Chambers a9d0574ea8 Remove most `@Timed` annotations 2023-08-15 14:06:31 -04:00
Ravi Khadiwala ed6a2c55eb adjust lettuce metric denial for post-transform name 2023-08-11 09:43:41 -05:00
Ravi Khadiwala b6ee074149 fix captcha shortening url path resolution 2023-08-10 16:01:56 -05:00
Ravi Khadiwala f6b3500e92 remove most high cardinality lettuce metrics 2023-08-10 16:01:16 -05:00
Katherine Yen a71dc48b9b
Prepare to read profile data stored as byte arrays 2023-08-10 14:00:35 -07:00
Katherine Yen bc5eed48c3
Add authentication interceptor to profile gRPC service 2023-08-10 13:59:46 -07:00
Jon Chambers 2ecf3cb303 Revert "Don't immediately require PNI-associated keys for "atomic" device linking"
This reverts commit 4ec97cf006.
2023-08-10 16:59:35 -04:00
Jon Chambers bed33d042a Revert "Require PNI-associated keys if the target account has a PNI identity key"
This reverts commit 1dde612855.
2023-08-10 16:59:35 -04:00
Ravi Khadiwala 3ac7aba6b2 Add a captcha short-code expander 2023-08-09 12:41:31 -05:00
Jon Chambers 1dde612855 Require PNI-associated keys if the target account has a PNI identity key 2023-08-09 12:10:56 -04:00
Jon Chambers 4ec97cf006 Don't immediately require PNI-associated keys for "atomic" device linking 2023-08-09 12:10:56 -04:00
Jon Chambers d51c6fd2f8 Convert `Device.Capabilities` to a record 2023-08-08 15:38:37 -04:00
Jon Chambers d868e3075c Retire fully-adopted device capabilities 2023-08-08 15:38:37 -04:00
Jon Chambers ae61ee5486 Retire `AnalyzeDeviceCapabilitiesCommand` 2023-08-08 15:38:37 -04:00
Katherine Yen 58fd9ddb27
Count profile data that cannot be parsed as base64 2023-08-08 10:54:25 -07:00
Katherine Yen a953cb33b7 Define ProfileController protobufs and setProfile endpoint 2023-08-08 10:53:11 -07:00
Jon Chambers 95b90e7c5a Add a preliminary gRPC service for dealing with calling credentials 2023-08-08 12:46:55 -04:00
Jon Chambers 6a3ecb2881 Convert `TurnToken` to a record 2023-08-08 12:46:55 -04:00
Jon Chambers 6cf4241283 Add a reactive method for checking rate limits by UUID 2023-08-08 12:46:55 -04:00
Jon Chambers 42141e51a1 Use ACIs instead of E164s for TURN URI overrides 2023-08-08 12:46:55 -04:00
Jon Chambers b01945ff50 Clarify parameterized tests by modifying prototype request objects; remove spurious warning suppressions 2023-08-08 10:33:29 -04:00
Jon Chambers a131f2116f Retire verification code storage machinery 2023-08-04 17:26:55 -04:00
Jon Chambers 625637b888 Stop checking for stored verification codes when linking devices 2023-08-04 17:26:55 -04:00
Jon Chambers c873f62025 Produce verification tokens instead of stored verification codes for linking devices 2023-08-04 16:04:47 -04:00
Jon Chambers 43d91e5bd6 Convert `VerificationCode` to a record 2023-08-04 16:04:47 -04:00
Jon Chambers 5c4c729703 Disallow reuse of device verification tokens 2023-08-04 13:40:37 -05:00
Jon Chambers 308da3343d Accept signed tokens in addition to randomly-generated codes for authorizing device linking 2023-08-04 13:40:37 -05:00
Chris Eager 48c7572dd5 Add CommandStopListener 2023-08-04 13:29:35 -05:00
Jon Chambers 69ea9b0296 Add a request counter tagged by client version 2023-08-04 12:16:48 -04:00
Jon Chambers 969c6884c0 Add a command for analyzing device capabilities 2023-08-04 12:14:08 -04:00
Jon Chambers fcf311aab3 Retire the `PendingAccounts` table 2023-08-04 12:13:57 -04:00
ravi-signal 888879dfb2
Estimate message byte limit exceeded error count 2023-08-04 11:10:58 -05:00
Chris Eager f53743d287 Add configuration for Datadog UDP transport 2023-08-02 13:54:15 -05:00
Jon Chambers 2d132128e1 Switched to a composed request object model for anonymous keys gRPC operations 2023-07-28 14:20:24 -05:00
Chris Eager 6e5ffbe7b5 Restore `aci` field to `BatchIdentityCheckRequest` 2023-07-28 14:16:48 -05:00
Ravi Khadiwala baf98accd0 acquire lock before checking message listeners in MessagesCache 2023-07-26 16:45:53 -04:00
Ravi Khadiwala 901c950ee6 Add metrics to keyspace-notifier executor 2023-07-26 16:45:53 -04:00
Ravi Khadiwala 50ac7f9dc2 adjust messageDeletionAsyncExecutor core pool size 2023-07-26 16:45:41 -04:00
Jon Chambers b691b8d37d Log successful client version refreshes 2023-07-26 16:41:54 -04:00
Jon Chambers 4ead8527c8 Use `ClientReleasesManager` when deciding whether to add client version tags 2023-07-26 16:41:54 -04:00
Jon Chambers 6f4801fd6f Add a manager class for checking "liveness" of client versions 2023-07-26 16:41:54 -04:00
Jon Chambers 10689843b0 Add a repository for client release information 2023-07-26 16:41:54 -04:00
Chris Eager 60cc0c482e Add `@Produces` to `PUT /v1/accounts/apn` 2023-07-26 16:35:23 -04:00
Jon Chambers e1a5105c28 Revert "Restore max concurrency when migrating pre-keys"
This reverts commit ed8a1ed579.
2023-07-26 12:56:35 -04:00
Jon Chambers ed8a1ed579 Restore max concurrency when migrating pre-keys 2023-07-26 12:34:32 -04:00
Jon Chambers c3fd2e2284 Retry key storage attempts when migrating signed pre-keys 2023-07-26 12:34:32 -04:00
Chris Eager 872ef5d0a0 Add environment variable to toggle tcp appender 2023-07-24 13:13:13 -05:00
Chris Eager b44599cd59 Remove unused jedis library 2023-07-24 10:54:34 -04:00
Jordan Rose 7a5dcc700e Add support for AuthCredentialAsPni with pniAsServiceId=true
Update to libsignal 0.30.0, and add a new query param to
/v1/certificate/auth/group, "pniAsServiceId=true", that uses the new
encoding of PNIs in zkgroup rather than encoding PNIs the same way as
ACIs, as we have been doing.

Also includes all the adjustments for the libsignal 0.30.0 update.
2023-07-24 10:53:59 -04:00
ravi-signal 705fb93e45
Add v4 attachment controller
Add AttachmentControllerV4 which can be configured to generate upload
forms for a TUS based CDN
2023-07-21 12:09:45 -05:00
Jon Chambers 9df923d916
Update keys gRPC endpoint to use service identifiers 2023-07-21 13:03:01 -04:00
Chris Eager dc1cb9093a Remove unused code 2023-07-21 11:08:32 -05:00
Jon Chambers e32043ae79 Remove outdated documentation 2023-07-21 10:24:17 -04:00
Jon Chambers abb32bd919
Introduce "service identifiers" 2023-07-21 09:34:10 -04:00
Sergey Skrobotov cf92007f66 Moving Account serialization logic to storage-specific classes 2023-07-20 14:28:07 -07:00
Jon Chambers f5c57e5741 Make `ContestedOptimisticLockException` extend `NoStackTraceRuntimeException` 2023-07-20 11:15:08 -04:00
Jon Chambers 5627209fdd
Add a gRPC service for working with pre-keys 2023-07-20 11:10:26 -04:00
Jonathan Klabunde Tomer 0188d314ce
minor username api refinements 2023-07-19 15:12:47 -07:00
Jonathan Klabunde Tomer 67343f6bdc
accept encrypted username with confirm-username-hash requests 2023-07-19 10:54:11 -07:00
Katherine Yen ade2e9c6cf
Define asynchronous `ProfilesManager` operations 2023-07-19 10:43:58 -07:00
Sergey Skrobotov 352e1b2249 test classes moved to same packages with components they test 2023-07-17 13:34:58 -07:00
Jon Chambers b8d8d349f4 Control inbound message byte limits with a dynamic configuration flag 2023-07-14 16:25:33 -04:00
Jon Chambers e87468fbe0 Add a rate limit for inbound message bytes for a given account 2023-07-14 16:25:33 -04:00
Jon Chambers e38a713ccc Support sub-millisecond permit regeneration durations in rate limiters 2023-07-14 16:25:33 -04:00
Jon Chambers 82ed783a2d Introduce async account updaters 2023-07-14 16:25:19 -04:00
Jon Chambers d17c7aaba6 Add support for clearing accounts from Redis asynchronously 2023-07-14 16:25:19 -04:00
Jon Chambers 41f61c66a3 Add public methods for fetching accounts asynchronously 2023-07-13 13:53:29 -04:00
Jon Chambers 1b7a20619e Add tools for testing asynchronous Redis operations 2023-07-13 13:53:29 -04:00
Jon Chambers 7d19e58953 Add parallel pathways for getting accounts asyncronously to `Accounts` 2023-07-13 13:53:29 -04:00
Jon Chambers 1605676509 Store signed EC pre-keys in a dedicated table when setting signed pre-keys individually 2023-07-12 14:58:10 -04:00
Jon Chambers a0d6146ff5 Make key deletion operations asynchronous 2023-07-12 14:58:10 -04:00
Jon Chambers f709b00be3 Make `KeysManager` storage/retrieval operations asynchronous 2023-07-12 14:58:10 -04:00
Jonathan Klabunde Tomer 5847300290
Revert "Allow use of the token returned with spam challenges as auth for the challenge verification request" 2023-07-12 11:45:02 -07:00
Jonathan Klabunde Tomer 9aaac0eefd
don't require all devices to support PNI for PNIHW 2023-07-12 10:14:16 -07:00
Jon Chambers 6db97f5541 Standardize client tag version handling; add client version tags to delivery latency metrics 2023-07-11 13:35:29 -04:00
Jon Chambers adf6c751ee Use an explicit-allow model for tagging client versions in metrics 2023-07-11 13:35:29 -04:00
Jon Chambers c315b34395 Update formatting in `UserAgentTagUtil` 2023-07-11 13:35:29 -04:00
Jon Chambers f592201e4c Limit attachment controller tags to UA platform (instead of platform and version) 2023-07-11 13:35:29 -04:00
Jon Chambers 8bf5ee45ed Filter out `command` tags from Lettuce metrics and prepend a "chat." prefix to Lettuce metric names 2023-07-11 13:35:03 -04:00
Jon Chambers 25f759dd07 Drop `ActiveUserTally` 2023-07-11 13:34:36 -04:00
Jonathan Klabunde Tomer e5f4c17148
update openapi docs for several endpoints, notably those with PQXDH changes
Co-authored-by: Katherine Yen <katherine@signal.org>
2023-07-06 15:45:33 -07:00
Jonathan Klabunde Tomer 098b177bd3
Allow use of the token returned with spam challenges as auth for the challenge verification request 2023-07-06 15:25:19 -07:00
Jon Chambers ef1a8fc50f Use PascalCase RPC names for the registration service 2023-07-06 17:12:37 -04:00
Jon Chambers 76f2e93a2c Reduce concurrency limit for pre-key migration task 2023-07-06 16:45:03 -04:00
Jon Chambers 25ea1df299 Limit concurrency when writing signed EC pre-keys 2023-07-06 15:51:12 -04:00
Chris Eager 5ced86af1d Set `consistentRead=true` for registration recovery password lookup
This avoids a race condition (in integration test situations) where a lookup could return no results
2023-07-06 15:47:16 -04:00
Jon Chambers 62e02a49df Log errors from single-shot account crawlers rather than printing them to stderr 2023-07-06 15:46:28 -04:00
Jon Chambers 540550d72a Handle exceptions thrown when checking pre-key signatures 2023-07-06 15:46:11 -04:00
Jon Chambers 8cb83fb6e4 Switch to temporary registration endpoints to facilitate a change from snake_case to PascalCase 2023-07-06 15:46:00 -04:00
Jon Chambers 2c0fc8fe3e Remove legacy methods from `RegistrationServiceClient` 2023-07-06 10:32:58 -04:00
Jon Chambers 08c7baafac Remove legacy registration endpoints from `AccountController` 2023-07-06 10:32:58 -04:00
Jon Chambers 8edb450d73 Parallelize single-shot account crawlers 2023-07-06 10:15:16 -04:00
ravi-signal fedeef4da5
Add an optional parameter to require atomic account creation
By default, if a registration request has no optional fields for atomic
account creation set, the request will proceed non-atomically. If a
client sets the `atomic` field, now such a request would be rejected.
2023-07-05 11:24:11 -05:00
Jon Chambers b593d49399 Control signed pre-key deletion via a dynamic configuration flag to facilitate migration 2023-07-05 12:17:17 -04:00
Chris Eager 4a91fc3c3d Set `daemon=true` for pubsub topology change event thread 2023-07-05 11:15:12 -05:00
Chris Eager bb9605d7c3 Use RedisClient#setDefaultTimeout for a non-clustered client 2023-07-05 11:09:28 -05:00
Jon Chambers 1049326a70 Turn on Lettuce latency metrics 2023-06-30 18:20:43 -04:00
Chris Eager 457ecf145f Add test for Redis timeouts 2023-06-30 12:55:37 -05:00
Chris Eager bdcd055aaf Configure Redis timeouts using TimeoutOptions and RediURI 2023-06-30 12:55:37 -05:00
Jon Chambers 30ae2037e8 Correct order of constructor arguments for `KeysManager` 2023-06-30 12:05:16 -04:00
Jon Chambers ce4fdbfb3c Untangle metric names for `RepeatedUseSignedPreKeyStore` subclasses 2023-06-30 10:33:24 -04:00
Jon Chambers 2d154eb0cf Add a command to copy signed pre-keys from `Account` records to their own table 2023-06-30 10:33:24 -04:00
Jon Chambers a3e82dfae8 Add a temporary method for storing signed EC pre-keys if and only if another key has not already been stored 2023-06-30 10:33:24 -04:00
Jon Chambers 97a7469432 Measure signed EC pre-key agreement 2023-06-30 10:33:24 -04:00
Jon Chambers 1a1defb055 Store signed EC pre-keys in a dedicated table 2023-06-30 10:33:24 -04:00
Jon Chambers 93c78b6e40 Introduce `RepeatedUseECSignedPreKeyStore` 2023-06-30 10:33:24 -04:00
Chris Eager b852d6681d FaultTolerantHttpClient: used managed ScheduledExecutorService for retries 2023-06-30 10:24:18 -04:00
Chris Eager 8e48ac4ede Add `messagesCache` and `clientPresenceManager` to managed command dependencies 2023-06-30 10:24:18 -04:00
Ehren Kret 859f646c55 Correct timestamp resolution to intended integer value 2023-06-29 16:05:59 -05:00
Chris Eager fb39b2edaf
Improve two `@Disabled` flaky tests 2023-06-29 14:56:41 -05:00
Chris Eager c93af9e31e Remove `MessagePersister` from WhisperServerService environment
Persistence is now exclusively done by a separate command.
2023-06-28 14:17:49 -05:00
Chris Eager b81a0e99d4 Always have 0 `ApnPushNotificationScheduler` worker threads in front-end service 2023-06-28 14:17:23 -05:00
Chris Eager f8fefe2e5e Remove `AccountCrawler` (and `doPeriodicWork`) from `WhisperServerService` 2023-06-28 14:16:07 -05:00
Jon Chambers f26bc70b59 Add a basic, prototype authentication interceptor for gRPC services 2023-06-27 10:21:11 -04:00
Jon Chambers b5fd131aba Add an abstract base class for single-shot account crawls 2023-06-27 10:18:35 -04:00
Jon Chambers 06997e19e0 Add a method for iterating across all accounts 2023-06-27 10:18:35 -04:00
Jon Chambers 97710540c0 Use `Timer.Sample` throughout `Experiment` 2023-06-27 10:18:20 -04:00
Jon Chambers c78c109577 Drop a disused endpoint for fetching the caller's own signed pre-key 2023-06-27 10:16:39 -04:00
Jonathan Klabunde Tomer 8d995e456e
initial grpc service code in chat 2023-06-26 17:10:13 -07:00
Ehren Kret cc3cab9c88 Add server time to remote config fetch
Enable clients to very roughly adjust some actions for clock skew by
providing current server time in the remote config fetch.
2023-06-21 17:11:35 -05:00
Jon Chambers 0122b410be Include push notification urgency in push latency metrics 2023-06-21 15:10:26 -04:00
Jon Chambers 2ddd2b9476 Convert `PushRecord` to a `record` and make `PushType` non-optional 2023-06-21 15:10:26 -04:00
Jon Chambers a768498250 Record general message delivery latency 2023-06-21 15:10:14 -04:00
Sergey Skrobotov a45aadae16 Cleaning up references to the legacy format from the rate limiters lua script 2023-06-21 15:09:46 -04:00
Chris Eager 98578b18aa Update to dynamodb-lock-client 1.2.0 2023-06-21 15:08:40 -04:00
Chris Eager 6d81f69785 Start and stop all lifecycle-managed objects in `CrawlAccountsCommand` 2023-06-17 10:17:46 -05:00
Chris Eager 7dce183170 Add worker thread pool to PushFeedbackProcessor 2023-06-16 11:36:28 -05:00
Chris Eager f1962a03ef Parameterize worker thread count in CrawlAccountsCommand 2023-06-16 11:36:28 -05:00
Chris Eager befd336372 Remove static Remote Config auth tokens 2023-06-15 12:11:20 -05:00
Chris Eager 8501e61eb1 Set maxThreads = minThreads on command thread pools 2023-06-15 12:11:10 -05:00
Jon Chambers ae489e5a52 Log account ages when identity keys change 2023-06-15 13:10:35 -04:00
Chris Eager 13afdbda97
Report system resource metrics from background tasks 2023-06-14 16:48:23 -05:00
Jon Chambers 9cfd88a23f Move turn secret to static configuration 2023-06-14 10:47:17 -04:00
Jon Chambers 13456bad3a Update date math with JSR310 types 2023-06-14 10:47:17 -04:00
Jon Chambers 45be85c5ef Update formatting and resolve warnings/suggestions 2023-06-14 10:47:17 -04:00
Jonathan Klabunde Tomer 861dc0d021
reject message sends that have the same device more than once 2023-06-13 09:49:50 -07:00
Chris Eager 128d709c99
Additional counters and timers for WebSocket connections 2023-06-13 11:46:15 -05:00
Jon Chambers e8f01be8ef
Inject version bytes if missing from existing EC pre-keys 2023-06-09 11:41:51 -04:00
Jon Chambers 7f1ee015d1 Treat blank strings as null pre-keys 2023-06-09 10:39:16 -04:00
Jon Chambers 17aa5d8e74
Use strongly-typed pre-keys 2023-06-09 10:08:49 -04:00
Jon Chambers b27334b0ff Treat blank strings as null identity keys 2023-06-09 10:08:18 -04:00
Jon Chambers 7fc6b1e802 Count invalid pre-keys 2023-06-09 09:25:31 -04:00
Jon Chambers 8ec6a24a2d Fix a metric name/tag set 2023-06-08 12:34:27 -04:00
Jon Chambers 234707169e
Represent identity keys as `IdentityKey` instances 2023-06-08 11:36:58 -04:00
Jon Chambers 1c8443210a Check for missing version bytes in invalid identity keys 2023-06-08 09:56:21 -04:00
g1a55er aaf43a592f Replace reserved "notification" key with "newMessageAlert" 2023-06-08 09:53:31 -04:00
Jon Chambers 2b08742c0a
Create separate key stores for different kinds of pre-keys 2023-06-06 17:08:26 -04:00
Jon Chambers cac04146de Identify specific cases with invalid identity keys 2023-06-06 17:08:01 -04:00
ravi-signal 2b266c7beb
Validate registration ids for new accounts 2023-06-06 11:08:54 -04:00
Jonathan Klabunde Tomer 099932ae68 ApnPushNotifcationScheduler: always run worker thread at least once 2023-06-06 11:04:44 -04:00
Jon Chambers 8579babde6 Count instances where an account's identity key could not be interpreted as an `IdentityKey` 2023-06-06 11:01:25 -04:00
Jon Chambers 9c93d379a8 Fix a sneaky merge conflict 2023-06-05 12:38:35 -04:00
Jon Chambers 085c7a67c8
Refactor account locks/deleted account manager 2023-06-05 12:30:44 -04:00
Sergey Skrobotov e6917d8427 minor cleanup, docs, and integration tests for username API 2023-06-02 10:35:07 -07:00
Sergey Skrobotov 47cc7fd615 username links API 2023-06-02 10:26:14 -07:00
Jonathan Klabunde Tomer ecd207f0a1
Check structural validity of prekeys at upload time 2023-05-31 14:29:39 -07:00
Chris Eager d1e38737ce Support ID token at `PUT /v1/config` and `DELETE /v1/config` 2023-05-30 10:28:28 -05:00
Chris Eager f17de58a71 Change `ScheduledApnPushNotificationSenderServiceCommand` to extend `ServerCommand` 2023-05-30 10:14:33 -05:00
Chris Eager dd552e8e8f Change `MessagePersisterServiceCommand` to extend `ServerCommand` 2023-05-30 10:14:33 -05:00
Chris Eager 18480e9d18 Move metrics registry `environment.manage()` to utility 2023-05-30 10:14:33 -05:00
Chris Eager 7ffccd9c3a Initialize metrics in `ScheduledApnPushNotificationSenderServiceCommand` 2023-05-26 16:41:17 -05:00
Chris Eager 0edd99e9cf Initialize metrics in `MessagePersisterServiceCommand` 2023-05-26 16:41:17 -05:00
Chris Eager defdc14d5e Initialize metrics in `CrawlAccountsCommand` 2023-05-26 16:41:17 -05:00
Chris Eager 5dcf8edd38 Factor metrics registry intialization to a utility 2023-05-26 16:41:17 -05:00
Jon Chambers 91805caa9a Finalize rate limit unit inversion 2023-05-26 14:17:30 -04:00
Jon Chambers 48d39dccbd Fix rate limit division errors 2023-05-26 13:13:02 -04:00
Chris Eager e7bc8bd6b9 Consistently use AWS credentials providers from `WhisperServerService` 2023-05-26 12:45:38 -04:00
Jon Chambers f513dc0398 Invert rate limit units in default configurations 2023-05-26 11:37:06 -04:00
Jon Chambers 184969336e Allow `RateLimiterConfig` to accept either a leak rate per minute or a permit regeneration duration 2023-05-26 11:37:06 -04:00
Chris Eager 1534f1aa6a Add web identity token AWS SDK credentials provider 2023-05-26 11:07:41 -04:00
Chris Eager cd8f74e60b Add support for environment-dependent secondary OAuth2 credentials JSON 2023-05-26 11:07:30 -04:00
Jon Chambers d832eaa759 Represent identity keys as byte arrays 2023-05-26 10:12:22 -04:00
Jon Chambers 796863341d Revert "Count identity keys that are present, but can't be parsed as base64"
This reverts commit 024dd02628a7d989424273501528b52fe18c3ee9.
2023-05-26 10:12:22 -04:00
Jon Chambers 217b68a1e0 Represent pre-key public keys and signatures as byte arrays in DAOs 2023-05-26 09:58:38 -04:00
Jon Chambers 4a8ad3103c Actually write pre-keys as byte arrays 2023-05-26 08:23:54 -04:00
Jon Chambers a5f853c67a Change inactive account age threshold from 365 to 180 days 2023-05-26 08:23:19 -04:00
Jon Chambers 70b54e227e Count the prevalence of keys stored as strings or as bytes 2023-05-25 10:04:38 -05:00
Jonathan Klabunde Tomer 1ab6bff54e
add `@Produces` annotations to a few methods in DeviceController 2023-05-25 09:57:06 -05:00
Chris Eager c2317e8493 Start the dynamic configuration manager in dependent commands 2023-05-25 09:52:01 -05:00
Jon Chambers b034a088b1 Add support for "atomic" device linking/activation 2023-05-19 16:13:37 -04:00
Jon Chambers ae7cb8036e Factor `DeviceActivationRequest` out into its own record 2023-05-19 16:13:37 -04:00
Jon Chambers 8ce2b04fe4 Discard test device codes 2023-05-19 15:57:14 -04:00
Chris Eager a3c37aed47 Remove obsolete field from `SecureValueRecovery2Configuration` 2023-05-19 15:57:01 -04:00
Jon Chambers fa8f19fd43 Group atomic account creation operations 2023-05-19 15:56:45 -04:00
Jon Chambers c9a9409b9a Count identity keys that are present, but can't be parsed as base64 2023-05-19 15:56:27 -04:00
Jon Chambers d3e0ba6d44 Prepare to read pre-keys stored as byte arrays 2023-05-19 15:56:13 -04:00
Jon Chambers 300ac16cf1 Handle "transport not allowed" responses from the registration service 2023-05-19 15:55:53 -04:00
Chris Eager 3e53884979 Add `MessagePersisterServiceCommand` 2023-05-18 15:37:54 -05:00
Chris Eager 6043c1a4e8 Add `ScheduledApnPushNotificationSenderServiceCommand` 2023-05-18 11:44:01 -05:00
Jon Chambers 66a619a378 Allow for atomic account creation and activation 2023-05-18 09:51:13 -04:00
Katherine Yen 9450f88c8c Add annotation to catch empty request body 2023-05-17 14:28:41 -07:00
Sergey Skrobotov 287e2fa89a Moving secret values out of the main configuration file 2023-05-17 11:25:59 -07:00
Chris Eager 8d1c26d07d
Add `CrawlAccountsCommand` 2023-05-17 12:22:49 -05:00
Jonathan Klabunde Tomer caae27c44c
PQXDH endpoints for chat server 2023-05-16 14:34:33 -07:00
Katherine Yen 34d77e73ff
Fix integer division in call link ratelimit leak rate 2023-05-16 14:34:06 -07:00
Ravi Khadiwala 8c42199baf Add svr2 credentials to RegistrationLockFailure responses
Add an svr2 credential to 423 responses for:
  - PUT v2/accounts/number
  - POST v1/registration

Also add some openapi annotations to those endpoints
2023-05-12 11:02:32 -05:00
Katherine Yen 7395b5760a Remove unused call link config 2023-05-12 11:01:42 -05:00
Jon Chambers d2baa8b8fb Stop sending API keys to the registration service 2023-05-10 15:28:12 -04:00
Chris Eager 281b91a59a Remove obsolete `ContactDiscoveryWriter` 2023-05-10 14:01:09 -05:00
Jon Chambers 2be2b4ff23 Authenticate with the registration service using OIDC identity tokens in addition to shared API keys 2023-05-10 14:59:07 -04:00
Jon Chambers a83fd1d3fe Include request method as a request counter dimension 2023-05-09 15:17:46 -05:00
Jon Chambers cb72e4f426 Simplify request counter 2023-05-09 15:17:46 -05:00
Chris Eager 3214852a41 Fix `401` on `/v1/keepalive` 2023-05-09 15:08:03 -05:00
Jon Chambers 1057bd7e1f Resolve warnings/suggestions throughout `ProfileControllerTest` 2023-05-09 10:32:32 -04:00
Jonathan Klabunde Tomer 33903553ab
reinstate per-{path,status,platform,is-websocket} request counters 2023-05-09 09:49:20 -04:00
Katherine Yen c309afc04b
Displace client presence when existing account reregisters 2023-05-05 11:31:18 -07:00
Katherine Yen 7ba86b40aa
Create call link credential endpoint 2023-05-04 14:33:45 -07:00
Katherine Yen b2b0aee4b7
Call link auth credential 2023-05-04 14:17:01 -07:00
Jon Chambers 919cc7e5eb
Update libsignal to 0.23 2023-05-04 14:10:51 -07:00
Jonathan Klabunde Tomer e38911b2c5
Always check prekey signatures when new prekeys are uploaded 2023-05-04 11:31:45 -07:00
Chris Eager bc68b67cdf account crawler: remove obsolete accelerated mode 2023-05-04 11:27:16 -05:00
Chris Eager 42a9f1b3e4 account crawler: remove `set*Dynamo` methods 2023-05-04 11:27:16 -05:00
ravi-signal 08333d5989
Implement /v2/backup/auth/check 2023-05-04 11:23:33 -05:00
Ravi Khadiwala 0e0c0c5dfe return 400 instead of 503 for bad verification session-id 2023-05-04 09:22:51 -07:00
Ravi Khadiwala 59ebe65643 Add counter to /v2/attachments 2023-05-04 09:22:18 -07:00
Chris Eager 57b6c10dd1 Remove obsolete dynamic configuration 2023-05-03 13:20:44 -05:00
Jon Chambers 3ee5ac4514 Fix a late-breaking merge conflict 2023-05-02 16:12:26 -04:00
Jonathan Klabunde Tomer be176f98ad
metric for take-prekey yielding an empty result 2023-05-02 13:03:49 -07:00
Jon Chambers 12b58a31a1
Retire integration with legacy contact discovery system 2023-05-02 15:57:03 -04:00
Jon Chambers 8d468d17e3 Add a temporary counter for profile key credential types 2023-05-02 15:56:19 -04:00
Chris Eager e135d50d82 Add counter for `ContactDiscoverWriter` updates 2023-05-01 13:42:14 -05:00
Chris Eager 487b5edc75 Handle potentially null payment method when canceling subscription 2023-05-01 13:42:05 -05:00
Jonathan Klabunde Tomer 47ad5779ad
new /v2/accounts endpoint to distribute PNI key material without changing phone number 2023-04-21 12:20:57 -07:00
Katherine Yen 4fb89360ce
Allow registration via recovery password for reglock enabled accounts 2023-04-20 09:21:04 -07:00
Jon Chambers 6dfdbeb7bb Check for no-op APNs token changes 2023-04-19 17:01:01 -04:00
Jon Chambers d0ccbd5526 Simplify a check for no-op FCM token changes 2023-04-19 17:01:01 -04:00
Jon Chambers 031ee57371 Convert "set push token" request objects to records 2023-04-19 17:01:01 -04:00
Jon Chambers 2043678739 Remove the `removeSignalingKey` API endpoint 2023-04-19 17:00:47 -04:00
Jon Chambers dd27e3b0c8 Convert attachment descriptors to records 2023-04-19 17:00:34 -04:00
Jon Chambers 1083d8bde0 Remove the legacy group credential endpoint 2023-04-19 17:00:14 -04:00
Jon Chambers d1eb247d8c Clarify the purpose of an `addListener` method 2023-04-18 12:04:54 -04:00
Jon Chambers fd5e9ea016 Drop the old (and now unused!) `redis-dispatch` module 2023-04-18 12:04:54 -04:00
Jon Chambers 11829d1f9f Refactor provisioning plumbing to use Lettuce 2023-04-18 12:04:54 -04:00
Katherine Yen c485d317fb
Mock apnPushNotificationScheduler 2023-04-17 10:55:15 -07:00
Katherine Yen 350682b83a
Lock account and send notification when someone passes phone verification but fails reglock 2023-04-17 10:30:36 -07:00
ravi-signal 0fe6485038
Add a configuration to make rate limiters fail open 2023-04-14 13:08:14 -05:00
Sergey Skrobotov a553093046 integration tests initial setup 2023-04-13 11:12:34 -07:00
Katherine Yen 61af1ba029
Clean up prohibited username references 2023-04-10 15:21:02 -07:00
ravi-signal 8847cb92ac
Don't block when scheduling background apns pushes 2023-04-10 13:51:36 -05:00
Chris Eager 33a6577b6e Decrease message delivery executor thread count to 20 2023-04-07 10:56:23 -05:00
Chris Eager 23d5006f70 Add prefix to executor metric names 2023-04-05 09:51:53 -05:00
Chris Eager 2697872bdd Use Apache StringUtils#join 2023-04-05 09:51:30 -05:00
Ravi Khadiwala 7b331edcde Separate username and signature truncation fields 2023-04-05 09:51:00 -05:00
Katherine Yen e4da59c236
Generic credential auth endpoint for call links 2023-04-04 10:28:35 -07:00
Jonathan Klabunde Tomer 48ebafa4e0
DynamoDBExtension refactor and helpers for our schema (#1327)
There's a lot of boilerplate involved in setting up a DynamoDBExtension, and some tests were creating several extensions
rather than one with several tables, which is probably slower than it has to be.

This change adds a new DynamoDbExtensionSchema class in which we can define the Dynamo schema for tests, and refactors
DynamoDbExtension to make it easy to instantiate a single extension with all the tables one wants (and no more, both to
minimize test startup time and to ensure we explicitly test our dependencies and lack thereof).

Tests requiring a DynamoDbExtension with a table schema that's not part of the normal Signal schema can instantiate a
DynamoDbExtension.RawSchema instead.

Test timings are unaffected, at least on my machine. Before:
```[INFO] service ............................................ SUCCESS [01:18 min]```

After:
```[INFO] service ............................................ SUCCESS [01:18 min]```

Co-authored-by: Jonathan Klabunde Tomer <jkt@viola.signal.org>
2023-04-03 13:08:43 -07:00
Jonathan Klabunde Tomer 391b070cff
KeysController: return correct number of unsigned prekeys
When GET /v2/keys was orignally added in b263f47, prekeys were stored in
Postgres, with a user's unsigned and signed keys together in the same table.
Therefore GET /v2/keys subtracted one from the count returned by storage.

In d4d9403, we changed to a different storage schema, with unsigned prekeys in
one DynamoDB table and unsigned prekeys in the accounts Dynamo table.
Unfortunately, GET /v2/keys was not changed to stop subtracting one from the
count of prekeys in the keys table at the same time. This commit fixes that.
2023-04-03 14:32:45 -04:00
gram-signal 781cd0ca3f
Truncate SVR2 IDs to 16 bytes rather than 10. 2023-03-30 17:19:18 -06:00
Chris Eager 3ccfeb490b Add retry after exceptions during a cluster topology change event callback 2023-03-29 11:41:19 -05:00
Chris Eager 0cc84131de Add `enabled` to SVR2 configuration 2023-03-29 11:40:21 -05:00
Chris Eager 4fa08fb189 Add secure value recovery 2 to `AccountsManager#delete()` 2023-03-29 11:40:21 -05:00
Chris Eager 2a551d1d41 Add `SecureValueRecovery2Client` 2023-03-29 11:40:21 -05:00
Chris Eager 391aa9c518 Wrap runtime exceptions during WebSocket auth into AuthenticationException 2023-03-29 10:08:55 -05:00
Chris Eager f5c62a3d85 Migrate from bounded elastic to dedicated executor for message delivery 2023-03-22 12:57:44 -05:00
Chris Eager 6075d5137b Add `/v2/accounts/data_report` 2023-03-22 12:57:21 -05:00
ravi-signal 890293e429
change v1/challenge response for invalid captcha 2023-03-21 17:38:30 -05:00
Ravi Khadiwala 05b43a878b Register unlink device command 2023-03-21 17:35:57 -05:00
Chris Eager fe9c3982a1 Remove prepended username from `/v2/backup/auth` response 2023-03-21 17:35:42 -05:00
Ravi Khadiwala ee53260d72 Add filter-provided captcha score thresholds 2023-03-21 17:34:58 -05:00
Ravi Khadiwala a8eb27940d Add per-action captcha site-key configuration
- reject captcha requests without valid actions
- require specific site keys for each action
2023-03-21 17:34:58 -05:00
Katherine Yen a3a7d7108b
Change reglock expiration check to be > 0 instead of >= 0 2023-03-21 12:46:35 -07:00