Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-19 17:48:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Check verification codes for changing phone numbers against the stand-alone registration service when possible

Browse Source
This commit is contained in:
Jon Chambers
2022-10-13 18:04:15 -04:00
committed by Jon Chambers
parent 3c6c6c3706
commit 0a64e31625
2 changed files with 65 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java
View File

@@ -552,13 +552,20 @@ public class AccountController {
rateLimiters.getVerifyLimiter().validate(number);
final Optional<StoredVerificationCode> storedVerificationCode = pendingAccounts.getCodeForNumber(number);
final Optional<StoredVerificationCode> maybeStoredVerificationCode = pendingAccounts.getCodeForNumber(number);
if (storedVerificationCode.isEmpty() || !storedVerificationCode.get().isValid(request.code())) {
final boolean codeVerified = maybeStoredVerificationCode.map(storedVerificationCode ->
storedVerificationCode.sessionId() != null ?
registrationServiceClient.checkVerificationCode(storedVerificationCode.sessionId(),
request.code(), REGISTRATION_RPC_TIMEOUT).join() :
storedVerificationCode.isValid(request.code()))
.orElse(false);
if (!codeVerified) {
throw new ForbiddenException();
}
storedVerificationCode.map(StoredVerificationCode::twilioVerificationSid)
maybeStoredVerificationCode.map(StoredVerificationCode::twilioVerificationSid)
.ifPresent(
verificationSid -> smsSender.reportVerificationSucceeded(verificationSid, userAgent, "changeNumber"));