mirror of
https://github.com/signalapp/Signal-Server
synced 2026-04-19 23:38:07 +01:00
Replace DeviceCapabilities entity with Set<DeviceCapability>
This commit is contained in:
Jon Chambers
GitHub
@@ -60,6 +60,7 @@ import org.whispersystems.textsecuregcm.limits.RateLimiters;
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.Device;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import org.whispersystems.textsecuregcm.storage.RegistrationRecoveryPasswordsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.UsernameHashNotAvailableException;
|
||||
import org.whispersystems.textsecuregcm.storage.UsernameReservationNotFoundException;
|
||||
@@ -282,7 +283,7 @@ public class AccountController {
|
||||
auth.getAccount().getPhoneNumberIdentifier(),
|
||||
auth.getAccount().getUsernameHash().filter(h -> h.length > 0).orElse(null),
|
||||
auth.getAccount().getUsernameLinkHandle(),
|
||||
auth.getAccount().isStorageSupported());
|
||||
auth.getAccount().hasCapability(DeviceCapability.STORAGE));
|
||||
}
|
||||
|
||||
@DELETE
|
||||
|
||||
@@ -54,6 +54,7 @@ import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil;
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.ChangeNumberManager;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import org.whispersystems.websocket.auth.Mutable;
|
||||
import org.whispersystems.websocket.auth.ReadOnly;
|
||||
|
||||
@@ -151,7 +152,7 @@ public class AccountControllerV2 {
|
||||
updatedAccount.getPhoneNumberIdentifier(),
|
||||
updatedAccount.getUsernameHash().orElse(null),
|
||||
updatedAccount.getUsernameLinkHandle(),
|
||||
updatedAccount.isStorageSupported());
|
||||
updatedAccount.hasCapability(DeviceCapability.STORAGE));
|
||||
} catch (MismatchedDevicesException e) {
|
||||
throw new WebApplicationException(Response.status(409)
|
||||
.type(MediaType.APPLICATION_JSON_TYPE)
|
||||
@@ -210,7 +211,7 @@ public class AccountControllerV2 {
|
||||
updatedAccount.getPhoneNumberIdentifier(),
|
||||
updatedAccount.getUsernameHash().orElse(null),
|
||||
updatedAccount.getUsernameLinkHandle(),
|
||||
updatedAccount.isStorageSupported());
|
||||
updatedAccount.hasCapability(DeviceCapability.STORAGE));
|
||||
} catch (MismatchedDevicesException e) {
|
||||
throw new WebApplicationException(Response.status(409)
|
||||
.type(MediaType.APPLICATION_JSON_TYPE)
|
||||
|
||||
@@ -4,6 +4,8 @@
|
||||
*/
|
||||
package org.whispersystems.textsecuregcm.controllers;
|
||||
|
||||
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
|
||||
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.common.net.HttpHeaders;
|
||||
import io.dropwizard.auth.Auth;
|
||||
@@ -16,15 +18,19 @@ import io.swagger.v3.oas.annotations.headers.Header;
|
||||
import io.swagger.v3.oas.annotations.media.Content;
|
||||
import io.swagger.v3.oas.annotations.media.Schema;
|
||||
import io.swagger.v3.oas.annotations.responses.ApiResponse;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import java.time.Duration;
|
||||
import java.time.Instant;
|
||||
import java.util.Arrays;
|
||||
import java.util.EnumMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.CompletableFuture;
|
||||
import java.util.concurrent.CompletionException;
|
||||
import java.util.concurrent.CompletionStage;
|
||||
import java.util.concurrent.atomic.AtomicInteger;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.annotation.Nullable;
|
||||
import javax.validation.Valid;
|
||||
import javax.validation.constraints.Max;
|
||||
@@ -47,22 +53,21 @@ import javax.ws.rs.WebApplicationException;
|
||||
import javax.ws.rs.core.Context;
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
import io.swagger.v3.oas.annotations.tags.Tag;
|
||||
import org.glassfish.jersey.server.ContainerRequest;
|
||||
import org.whispersystems.textsecuregcm.auth.LinkedDeviceRefreshRequirementProvider;
|
||||
import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice;
|
||||
import org.whispersystems.textsecuregcm.auth.BasicAuthorizationHeader;
|
||||
import org.whispersystems.textsecuregcm.auth.ChangesLinkedDevices;
|
||||
import org.whispersystems.textsecuregcm.auth.LinkedDeviceRefreshRequirementProvider;
|
||||
import org.whispersystems.textsecuregcm.entities.AccountAttributes;
|
||||
import org.whispersystems.textsecuregcm.entities.DeviceActivationRequest;
|
||||
import org.whispersystems.textsecuregcm.entities.DeviceInfo;
|
||||
import org.whispersystems.textsecuregcm.entities.DeviceInfoList;
|
||||
import org.whispersystems.textsecuregcm.entities.RestoreAccountRequest;
|
||||
import org.whispersystems.textsecuregcm.entities.LinkDeviceResponse;
|
||||
import org.whispersystems.textsecuregcm.entities.LinkDeviceRequest;
|
||||
import org.whispersystems.textsecuregcm.entities.LinkDeviceResponse;
|
||||
import org.whispersystems.textsecuregcm.entities.PreKeySignatureValidator;
|
||||
import org.whispersystems.textsecuregcm.entities.ProvisioningMessage;
|
||||
import org.whispersystems.textsecuregcm.entities.RemoteAttachment;
|
||||
import org.whispersystems.textsecuregcm.entities.RestoreAccountRequest;
|
||||
import org.whispersystems.textsecuregcm.entities.SetPublicKeyRequest;
|
||||
import org.whispersystems.textsecuregcm.entities.TransferArchiveUploadedRequest;
|
||||
import org.whispersystems.textsecuregcm.identity.IdentityType;
|
||||
@@ -74,9 +79,10 @@ import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.ClientPublicKeysManager;
|
||||
import org.whispersystems.textsecuregcm.storage.Device;
|
||||
import org.whispersystems.textsecuregcm.storage.Device.DeviceCapabilities;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceSpec;
|
||||
import org.whispersystems.textsecuregcm.storage.LinkDeviceTokenAlreadyUsedException;
|
||||
import org.whispersystems.textsecuregcm.util.DeviceCapabilityAdapter;
|
||||
import org.whispersystems.textsecuregcm.util.EnumMapUtil;
|
||||
import org.whispersystems.textsecuregcm.util.ExceptionUtils;
|
||||
import org.whispersystems.textsecuregcm.util.LinkDeviceToken;
|
||||
@@ -270,7 +276,7 @@ public class DeviceController {
|
||||
throw new DeviceLimitExceededException(account.getDevices().size(), maxDeviceLimit);
|
||||
}
|
||||
|
||||
final DeviceCapabilities capabilities = accountAttributes.getCapabilities();
|
||||
final Set<DeviceCapability> capabilities = accountAttributes.getCapabilities();
|
||||
|
||||
if (capabilities == null) {
|
||||
throw new WebApplicationException(Response.status(422, "Missing device capabilities").build());
|
||||
@@ -405,7 +411,13 @@ public class DeviceController {
|
||||
@PUT
|
||||
@Produces(MediaType.APPLICATION_JSON)
|
||||
@Path("/capabilities")
|
||||
public void setCapabilities(@Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid DeviceCapabilities capabilities) {
|
||||
public void setCapabilities(@Mutable @Auth final AuthenticatedDevice auth,
|
||||
|
||||
@NotNull
|
||||
@JsonSerialize(using = DeviceCapabilityAdapter.Serializer.class)
|
||||
@JsonDeserialize(using = DeviceCapabilityAdapter.Deserializer.class)
|
||||
final Set<DeviceCapability> capabilities) {
|
||||
|
||||
assert (auth.getAuthenticatedDevice() != null);
|
||||
final byte deviceId = auth.getAuthenticatedDevice().getId();
|
||||
accounts.updateDevice(auth.getAccount(), deviceId, d -> d.setCapabilities(capabilities));
|
||||
@@ -433,11 +445,13 @@ public class DeviceController {
|
||||
setPublicKeyRequest.publicKey());
|
||||
}
|
||||
|
||||
private static boolean isCapabilityDowngrade(Account account, DeviceCapabilities capabilities) {
|
||||
boolean isDowngrade = false;
|
||||
isDowngrade |= account.isDeleteSyncSupported() && !capabilities.deleteSync();
|
||||
isDowngrade |= account.isVersionedExpirationTimerSupported() && !capabilities.versionedExpirationTimer();
|
||||
return isDowngrade;
|
||||
private static boolean isCapabilityDowngrade(final Account account, final Set<DeviceCapability> capabilities) {
|
||||
final Set<DeviceCapability> requiredCapabilities = Arrays.stream(DeviceCapability.values())
|
||||
.filter(DeviceCapability::preventDowngrade)
|
||||
.filter(account::hasCapability)
|
||||
.collect(Collectors.toSet());
|
||||
|
||||
return !capabilities.containsAll(requiredCapabilities);
|
||||
}
|
||||
|
||||
@PUT
|
||||
|
||||
@@ -73,7 +73,6 @@ import org.whispersystems.textsecuregcm.entities.CreateProfileRequest;
|
||||
import org.whispersystems.textsecuregcm.entities.CredentialProfileResponse;
|
||||
import org.whispersystems.textsecuregcm.entities.ExpiringProfileKeyCredentialProfileResponse;
|
||||
import org.whispersystems.textsecuregcm.entities.ProfileAvatarUploadAttributes;
|
||||
import org.whispersystems.textsecuregcm.entities.UserCapabilities;
|
||||
import org.whispersystems.textsecuregcm.entities.VersionedProfileResponse;
|
||||
import org.whispersystems.textsecuregcm.identity.AciServiceIdentifier;
|
||||
import org.whispersystems.textsecuregcm.identity.IdentityType;
|
||||
@@ -85,6 +84,7 @@ import org.whispersystems.textsecuregcm.s3.PostPolicyGenerator;
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountBadge;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
|
||||
import org.whispersystems.textsecuregcm.storage.ProfilesManager;
|
||||
import org.whispersystems.textsecuregcm.storage.VersionedProfile;
|
||||
@@ -431,7 +431,7 @@ public class ProfileController {
|
||||
return new BaseProfileResponse(account.getIdentityKey(IdentityType.ACI),
|
||||
account.getUnidentifiedAccessKey().map(UnidentifiedAccessChecksum::generateFor).orElse(null),
|
||||
account.isUnrestrictedUnidentifiedAccess(),
|
||||
UserCapabilities.createForAccount(account),
|
||||
getAccountCapabilities(account),
|
||||
profileBadgeConverter.convert(
|
||||
HeaderUtils.getAcceptableLanguagesForRequest(containerRequestContext),
|
||||
account.getBadges(),
|
||||
@@ -443,7 +443,7 @@ public class ProfileController {
|
||||
return new BaseProfileResponse(account.getIdentityKey(IdentityType.PNI),
|
||||
null,
|
||||
false,
|
||||
UserCapabilities.createForAccount(account),
|
||||
getAccountCapabilities(account),
|
||||
Collections.emptyList(),
|
||||
new PniServiceIdentifier(account.getPhoneNumberIdentifier()));
|
||||
}
|
||||
@@ -489,4 +489,9 @@ public class ProfileController {
|
||||
now.format(PostPolicyGenerator.AWS_DATE_TIME), policy.second(), signature);
|
||||
}
|
||||
|
||||
private static Map<String, Boolean> getAccountCapabilities(final Account account) {
|
||||
return Arrays.stream(DeviceCapability.values())
|
||||
.filter(DeviceCapability::includeInProfile)
|
||||
.collect(Collectors.toMap(Enum::name, account::hasCapability));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -40,11 +40,11 @@ import org.whispersystems.textsecuregcm.entities.AccountIdentityResponse;
|
||||
import org.whispersystems.textsecuregcm.entities.PhoneVerificationRequest;
|
||||
import org.whispersystems.textsecuregcm.entities.RegistrationLockFailure;
|
||||
import org.whispersystems.textsecuregcm.entities.RegistrationRequest;
|
||||
import org.whispersystems.textsecuregcm.limits.RateLimiter;
|
||||
import org.whispersystems.textsecuregcm.limits.RateLimiters;
|
||||
import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil;
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceSpec;
|
||||
import org.whispersystems.textsecuregcm.util.HeaderUtils;
|
||||
import org.whispersystems.textsecuregcm.util.Util;
|
||||
@@ -127,7 +127,7 @@ public class RegistrationController {
|
||||
REREGISTRATION_IDLE_DAYS_DISTRIBUTION.record(timeSinceLastSeen.toDays());
|
||||
});
|
||||
|
||||
if (!registrationRequest.skipDeviceTransfer() && existingAccount.map(Account::isTransferSupported).orElse(false)) {
|
||||
if (!registrationRequest.skipDeviceTransfer() && existingAccount.map(account -> account.hasCapability(DeviceCapability.TRANSFER)).orElse(false)) {
|
||||
// If a device transfer is possible, clients must explicitly opt out of a transfer (i.e. after prompting the user)
|
||||
// before we'll let them create a new account "from scratch"
|
||||
throw new WebApplicationException(Response.status(409, "device transfer available").build());
|
||||
@@ -171,7 +171,7 @@ public class RegistrationController {
|
||||
account.getPhoneNumberIdentifier(),
|
||||
account.getUsernameHash().orElse(null),
|
||||
account.getUsernameLinkHandle(),
|
||||
existingAccount.map(Account::isStorageSupported).orElse(false));
|
||||
existingAccount.map(a -> a.hasCapability(DeviceCapability.STORAGE)).orElse(false));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -11,12 +11,14 @@ import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
|
||||
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import javax.annotation.Nullable;
|
||||
import javax.validation.constraints.AssertTrue;
|
||||
import javax.validation.constraints.Size;
|
||||
import org.whispersystems.textsecuregcm.auth.UnidentifiedAccessUtil;
|
||||
import org.whispersystems.textsecuregcm.storage.Device.DeviceCapabilities;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import org.whispersystems.textsecuregcm.util.ByteArrayAdapter;
|
||||
import org.whispersystems.textsecuregcm.util.DeviceCapabilityAdapter;
|
||||
import org.whispersystems.textsecuregcm.util.ExactlySize;
|
||||
|
||||
public class AccountAttributes {
|
||||
@@ -47,7 +49,10 @@ public class AccountAttributes {
|
||||
private boolean unrestrictedUnidentifiedAccess;
|
||||
|
||||
@JsonProperty
|
||||
private DeviceCapabilities capabilities;
|
||||
@JsonSerialize(using = DeviceCapabilityAdapter.Serializer.class)
|
||||
@JsonDeserialize(using = DeviceCapabilityAdapter.Deserializer.class)
|
||||
@Nullable
|
||||
private Set<DeviceCapability> capabilities;
|
||||
|
||||
@JsonProperty
|
||||
private boolean discoverableByPhoneNumber = true;
|
||||
@@ -68,7 +73,7 @@ public class AccountAttributes {
|
||||
final byte[] name,
|
||||
final String registrationLock,
|
||||
final boolean discoverableByPhoneNumber,
|
||||
final DeviceCapabilities capabilities) {
|
||||
final Set<DeviceCapability> capabilities) {
|
||||
this.fetchesMessages = fetchesMessages;
|
||||
this.registrationId = registrationId;
|
||||
this.phoneNumberIdentityRegistrationId = phoneNumberIdentifierRegistrationId;
|
||||
@@ -106,7 +111,8 @@ public class AccountAttributes {
|
||||
return unrestrictedUnidentifiedAccess;
|
||||
}
|
||||
|
||||
public DeviceCapabilities getCapabilities() {
|
||||
@Nullable
|
||||
public Set<DeviceCapability> getCapabilities() {
|
||||
return capabilities;
|
||||
}
|
||||
|
||||
@@ -130,11 +136,6 @@ public class AccountAttributes {
|
||||
return this;
|
||||
}
|
||||
|
||||
@VisibleForTesting
|
||||
public void setPhoneNumberIdentityRegistrationId(final Integer phoneNumberIdentityRegistrationId) {
|
||||
this.phoneNumberIdentityRegistrationId = phoneNumberIdentityRegistrationId;
|
||||
}
|
||||
|
||||
@AssertTrue
|
||||
public boolean isEachRegistrationIdValid() {
|
||||
return validRegistrationId(registrationId) && validRegistrationId(phoneNumberIdentityRegistrationId);
|
||||
|
||||
@@ -15,6 +15,7 @@ import org.whispersystems.textsecuregcm.util.ServiceIdentifierAdapter;
|
||||
import org.whispersystems.textsecuregcm.util.IdentityKeyAdapter;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class BaseProfileResponse {
|
||||
|
||||
@@ -32,7 +33,7 @@ public class BaseProfileResponse {
|
||||
private boolean unrestrictedUnidentifiedAccess;
|
||||
|
||||
@JsonProperty
|
||||
private UserCapabilities capabilities;
|
||||
private Map<String, Boolean> capabilities;
|
||||
|
||||
@JsonProperty
|
||||
private List<Badge> badges;
|
||||
@@ -48,7 +49,7 @@ public class BaseProfileResponse {
|
||||
public BaseProfileResponse(final IdentityKey identityKey,
|
||||
final byte[] unidentifiedAccess,
|
||||
final boolean unrestrictedUnidentifiedAccess,
|
||||
final UserCapabilities capabilities,
|
||||
final Map<String, Boolean> capabilities,
|
||||
final List<Badge> badges,
|
||||
final ServiceIdentifier uuid) {
|
||||
|
||||
@@ -72,7 +73,7 @@ public class BaseProfileResponse {
|
||||
return unrestrictedUnidentifiedAccess;
|
||||
}
|
||||
|
||||
public UserCapabilities getCapabilities() {
|
||||
public Map<String, Boolean> getCapabilities() {
|
||||
return capabilities;
|
||||
}
|
||||
|
||||
|
||||
@@ -1,18 +0,0 @@
|
||||
/*
|
||||
* Copyright 2013-2022 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
package org.whispersystems.textsecuregcm.entities;
|
||||
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
|
||||
public record UserCapabilities(
|
||||
boolean deleteSync,
|
||||
boolean versionedExpirationTimer) {
|
||||
|
||||
public static UserCapabilities createForAccount(final Account account) {
|
||||
return new UserCapabilities(account.isDeleteSyncSupported(),
|
||||
account.isVersionedExpirationTimerSupported());
|
||||
}
|
||||
}
|
||||
@@ -8,6 +8,8 @@ package org.whispersystems.textsecuregcm.grpc;
|
||||
import com.google.protobuf.ByteString;
|
||||
import io.grpc.Status;
|
||||
import java.util.Objects;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import javax.annotation.Nullable;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.signal.chat.device.ClearPushTokenRequest;
|
||||
@@ -27,6 +29,7 @@ import org.whispersystems.textsecuregcm.auth.grpc.AuthenticatedDevice;
|
||||
import org.whispersystems.textsecuregcm.auth.grpc.AuthenticationUtil;
|
||||
import org.whispersystems.textsecuregcm.storage.AccountsManager;
|
||||
import org.whispersystems.textsecuregcm.storage.Device;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import reactor.core.publisher.Flux;
|
||||
import reactor.core.publisher.Mono;
|
||||
|
||||
@@ -200,15 +203,21 @@ public class DevicesGrpcService extends ReactorDevicesGrpc.DevicesImplBase {
|
||||
public Mono<SetCapabilitiesResponse> setCapabilities(final SetCapabilitiesRequest request) {
|
||||
final AuthenticatedDevice authenticatedDevice = AuthenticationUtil.requireAuthenticatedDevice();
|
||||
|
||||
final Set<DeviceCapability> capabilities = request.getCapabilitiesList().stream()
|
||||
.map(capability -> switch (capability) {
|
||||
case DEVICE_CAPABILITY_STORAGE -> DeviceCapability.STORAGE;
|
||||
case DEVICE_CAPABILITY_TRANSFER -> DeviceCapability.TRANSFER;
|
||||
case DEVICE_CAPABILITY_DELETE_SYNC -> DeviceCapability.DELETE_SYNC;
|
||||
case DEVICE_CAPABILITY_VERSIONED_EXPIRATION_TIMER -> DeviceCapability.VERSIONED_EXPIRATION_TIMER;
|
||||
default -> throw Status.INVALID_ARGUMENT.withDescription("Unrecognized device capability").asRuntimeException();
|
||||
})
|
||||
.collect(Collectors.toSet());
|
||||
|
||||
return Mono.fromFuture(() -> accountsManager.getByAccountIdentifierAsync(authenticatedDevice.accountIdentifier()))
|
||||
.map(maybeAccount -> maybeAccount.orElseThrow(Status.UNAUTHENTICATED::asRuntimeException))
|
||||
.flatMap(account ->
|
||||
Mono.fromFuture(() -> accountsManager.updateDeviceAsync(account, authenticatedDevice.deviceId(),
|
||||
d -> d.setCapabilities(new Device.DeviceCapabilities(
|
||||
request.getStorage(),
|
||||
request.getTransfer(),
|
||||
request.getDeleteSync(),
|
||||
request.getVersionedExpirationTimer())))))
|
||||
d -> d.setCapabilities(capabilities))))
|
||||
.thenReturn(SetCapabilitiesResponse.newBuilder().build());
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,14 +9,15 @@ import com.google.common.annotations.VisibleForTesting;
|
||||
import com.google.protobuf.ByteString;
|
||||
import io.grpc.Status;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Arrays;
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
import org.signal.chat.profile.AccountCapabilities;
|
||||
import org.signal.chat.profile.Badge;
|
||||
import org.signal.chat.profile.BadgeSvg;
|
||||
import org.signal.chat.profile.GetExpiringProfileKeyCredentialResponse;
|
||||
import org.signal.chat.profile.GetUnversionedProfileResponse;
|
||||
import org.signal.chat.profile.GetVersionedProfileResponse;
|
||||
import org.signal.chat.profile.UserCapabilities;
|
||||
import org.signal.libsignal.protocol.ServiceId;
|
||||
import org.signal.libsignal.zkgroup.InvalidInputException;
|
||||
import org.signal.libsignal.zkgroup.VerificationFailedException;
|
||||
@@ -24,9 +25,9 @@ import org.signal.libsignal.zkgroup.profiles.ExpiringProfileKeyCredentialRespons
|
||||
import org.signal.libsignal.zkgroup.profiles.ServerZkProfileOperations;
|
||||
import org.whispersystems.textsecuregcm.auth.UnidentifiedAccessChecksum;
|
||||
import org.whispersystems.textsecuregcm.badges.ProfileBadgeConverter;
|
||||
import org.whispersystems.textsecuregcm.identity.AciServiceIdentifier;
|
||||
import org.whispersystems.textsecuregcm.identity.ServiceIdentifier;
|
||||
import org.whispersystems.textsecuregcm.storage.Account;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import org.whispersystems.textsecuregcm.storage.ProfilesManager;
|
||||
import org.whispersystems.textsecuregcm.storage.VersionedProfile;
|
||||
import org.whispersystems.textsecuregcm.util.ProfileHelper;
|
||||
@@ -80,11 +81,21 @@ public class ProfileGrpcHelper {
|
||||
}
|
||||
|
||||
@VisibleForTesting
|
||||
static UserCapabilities buildUserCapabilities(final org.whispersystems.textsecuregcm.entities.UserCapabilities capabilities) {
|
||||
return UserCapabilities.newBuilder()
|
||||
.setDeleteSync(capabilities.deleteSync())
|
||||
.setVersionedExpirationTimer(capabilities.versionedExpirationTimer())
|
||||
.build();
|
||||
static AccountCapabilities buildAccountCapabilities(final Account account) {
|
||||
final AccountCapabilities.Builder capabilitiesBuilder = AccountCapabilities.newBuilder();
|
||||
|
||||
Arrays.stream(DeviceCapability.values())
|
||||
.filter(DeviceCapability::includeInProfile)
|
||||
.filter(account::hasCapability)
|
||||
.map(capability -> switch (capability) {
|
||||
case STORAGE -> org.signal.chat.common.DeviceCapability.DEVICE_CAPABILITY_STORAGE;
|
||||
case TRANSFER -> org.signal.chat.common.DeviceCapability.DEVICE_CAPABILITY_TRANSFER;
|
||||
case DELETE_SYNC -> org.signal.chat.common.DeviceCapability.DEVICE_CAPABILITY_DELETE_SYNC;
|
||||
case VERSIONED_EXPIRATION_TIMER -> org.signal.chat.common.DeviceCapability.DEVICE_CAPABILITY_VERSIONED_EXPIRATION_TIMER;
|
||||
})
|
||||
.forEach(capabilitiesBuilder::addCapabilities);
|
||||
|
||||
return capabilitiesBuilder.build();
|
||||
}
|
||||
|
||||
private static List<BadgeSvg> buildBadgeSvgs(final List<org.whispersystems.textsecuregcm.entities.BadgeSvg> badgeSvgs) {
|
||||
@@ -105,7 +116,7 @@ public class ProfileGrpcHelper {
|
||||
final ProfileBadgeConverter profileBadgeConverter) {
|
||||
final GetUnversionedProfileResponse.Builder responseBuilder = GetUnversionedProfileResponse.newBuilder()
|
||||
.setIdentityKey(ByteString.copyFrom(targetAccount.getIdentityKey(targetIdentifier.identityType()).serialize()))
|
||||
.setCapabilities(buildUserCapabilities(org.whispersystems.textsecuregcm.entities.UserCapabilities.createForAccount(targetAccount)));
|
||||
.setCapabilities(buildAccountCapabilities(targetAccount));
|
||||
|
||||
switch (targetIdentifier.identityType()) {
|
||||
case ACI -> {
|
||||
@@ -113,7 +124,7 @@ public class ProfileGrpcHelper {
|
||||
.addAllBadges(buildBadges(profileBadgeConverter.convert(
|
||||
RequestAttributesUtil.getAvailableAcceptedLocales(),
|
||||
targetAccount.getBadges(),
|
||||
ProfileHelper.isSelfProfileRequest(requesterUuid, (AciServiceIdentifier) targetIdentifier))));
|
||||
ProfileHelper.isSelfProfileRequest(requesterUuid, targetIdentifier))));
|
||||
|
||||
targetAccount.getUnidentifiedAccessKey()
|
||||
.map(UnidentifiedAccessChecksum::generateFor)
|
||||
|
||||
@@ -18,7 +18,6 @@ import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.UUID;
|
||||
import java.util.function.Predicate;
|
||||
import javax.annotation.Nullable;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.signal.libsignal.protocol.IdentityKey;
|
||||
@@ -30,7 +29,6 @@ import org.whispersystems.textsecuregcm.auth.StoredRegistrationLock;
|
||||
import org.whispersystems.textsecuregcm.entities.AccountAttributes;
|
||||
import org.whispersystems.textsecuregcm.identity.IdentityType;
|
||||
import org.whispersystems.textsecuregcm.identity.ServiceIdentifier;
|
||||
import org.whispersystems.textsecuregcm.storage.Device.DeviceCapabilities;
|
||||
import org.whispersystems.textsecuregcm.util.ByteArrayBase64UrlAdapter;
|
||||
import org.whispersystems.textsecuregcm.util.IdentityKeyAdapter;
|
||||
|
||||
@@ -279,33 +277,14 @@ public class Account {
|
||||
return devices.stream().filter(device -> device.getId() == deviceId).findFirst();
|
||||
}
|
||||
|
||||
public boolean isStorageSupported() {
|
||||
public boolean hasCapability(final DeviceCapability capability) {
|
||||
requireNotStale();
|
||||
|
||||
return devices.stream().anyMatch(device -> device.getCapabilities() != null && device.getCapabilities().storage());
|
||||
}
|
||||
|
||||
public boolean isTransferSupported() {
|
||||
requireNotStale();
|
||||
|
||||
return Optional.ofNullable(getPrimaryDevice().getCapabilities())
|
||||
.map(DeviceCapabilities::transfer)
|
||||
.orElse(false);
|
||||
}
|
||||
|
||||
public boolean isDeleteSyncSupported() {
|
||||
return allDevicesHaveCapability(DeviceCapabilities::deleteSync);
|
||||
}
|
||||
|
||||
public boolean isVersionedExpirationTimerSupported() {
|
||||
return allDevicesHaveCapability(DeviceCapabilities::versionedExpirationTimer);
|
||||
}
|
||||
|
||||
private boolean allDevicesHaveCapability(final Predicate<DeviceCapabilities> predicate) {
|
||||
requireNotStale();
|
||||
|
||||
return devices.stream()
|
||||
.allMatch(device -> device.getCapabilities() != null && predicate.test(device.getCapabilities()));
|
||||
return switch (capability.getAccountCapabilityMode()) {
|
||||
case PRIMARY_DEVICE -> getPrimaryDevice().hasCapability(capability);
|
||||
case ANY_DEVICE -> devices.stream().anyMatch(device -> device.hasCapability(capability));
|
||||
case ALL_DEVICES -> devices.stream().allMatch(device -> device.hasCapability(capability));
|
||||
};
|
||||
}
|
||||
|
||||
public byte getNextDeviceId() {
|
||||
|
||||
@@ -9,12 +9,17 @@ import com.fasterxml.jackson.annotation.JsonProperty;
|
||||
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
|
||||
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
|
||||
import java.time.Duration;
|
||||
import java.util.Collections;
|
||||
import java.util.EnumSet;
|
||||
import java.util.List;
|
||||
import java.util.OptionalInt;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import java.util.stream.IntStream;
|
||||
import javax.annotation.Nullable;
|
||||
import com.google.common.annotations.VisibleForTesting;
|
||||
import org.whispersystems.textsecuregcm.auth.SaltedTokenHash;
|
||||
import org.whispersystems.textsecuregcm.util.DeviceCapabilityAdapter;
|
||||
import org.whispersystems.textsecuregcm.util.DeviceNameByteArrayAdapter;
|
||||
|
||||
public class Device {
|
||||
@@ -72,7 +77,9 @@ public class Device {
|
||||
private String userAgent;
|
||||
|
||||
@JsonProperty
|
||||
private DeviceCapabilities capabilities;
|
||||
@JsonSerialize(using = DeviceCapabilityAdapter.Serializer.class)
|
||||
@JsonDeserialize(using = DeviceCapabilityAdapter.Deserializer.class)
|
||||
private Set<DeviceCapability> capabilities = Collections.emptySet();
|
||||
|
||||
public String getApnId() {
|
||||
return apnId;
|
||||
@@ -166,13 +173,19 @@ public class Device {
|
||||
return new SaltedTokenHash(authToken, salt);
|
||||
}
|
||||
|
||||
@Nullable
|
||||
public DeviceCapabilities getCapabilities() {
|
||||
@VisibleForTesting
|
||||
public Set<DeviceCapability> getCapabilities() {
|
||||
return capabilities;
|
||||
}
|
||||
|
||||
public void setCapabilities(DeviceCapabilities capabilities) {
|
||||
this.capabilities = capabilities;
|
||||
public void setCapabilities(@Nullable final Set<DeviceCapability> capabilities) {
|
||||
this.capabilities = (capabilities == null || capabilities.isEmpty())
|
||||
? Collections.emptySet()
|
||||
: EnumSet.copyOf(capabilities);
|
||||
}
|
||||
|
||||
public boolean hasCapability(final DeviceCapability capability) {
|
||||
return capabilities.contains(capability);
|
||||
}
|
||||
|
||||
public boolean isExpired() {
|
||||
@@ -220,8 +233,4 @@ public class Device {
|
||||
public String getUserAgent() {
|
||||
return this.userAgent;
|
||||
}
|
||||
|
||||
public record DeviceCapabilities(boolean storage, boolean transfer, boolean deleteSync,
|
||||
boolean versionedExpirationTimer) {
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,61 @@
|
||||
/*
|
||||
* Copyright 2024 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
package org.whispersystems.textsecuregcm.storage;
|
||||
|
||||
public enum DeviceCapability {
|
||||
STORAGE("storage", AccountCapabilityMode.ANY_DEVICE, false, false),
|
||||
TRANSFER("transfer", AccountCapabilityMode.PRIMARY_DEVICE, false, false),
|
||||
DELETE_SYNC("deleteSync", AccountCapabilityMode.ALL_DEVICES, true, true),
|
||||
VERSIONED_EXPIRATION_TIMER("versionedExpirationTimer", AccountCapabilityMode.ALL_DEVICES, true, true);
|
||||
|
||||
public enum AccountCapabilityMode {
|
||||
PRIMARY_DEVICE,
|
||||
ANY_DEVICE,
|
||||
ALL_DEVICES,
|
||||
}
|
||||
|
||||
private final String name;
|
||||
private final AccountCapabilityMode accountCapabilityMode;
|
||||
private final boolean preventDowngrade;
|
||||
private final boolean includeInProfile;
|
||||
|
||||
DeviceCapability(final String name,
|
||||
final AccountCapabilityMode accountCapabilityMode,
|
||||
final boolean preventDowngrade,
|
||||
final boolean includeInProfile) {
|
||||
|
||||
this.name = name;
|
||||
this.accountCapabilityMode = accountCapabilityMode;
|
||||
this.preventDowngrade = preventDowngrade;
|
||||
this.includeInProfile = includeInProfile;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
public AccountCapabilityMode getAccountCapabilityMode() {
|
||||
return accountCapabilityMode;
|
||||
}
|
||||
|
||||
public boolean preventDowngrade() {
|
||||
return preventDowngrade;
|
||||
}
|
||||
|
||||
public boolean includeInProfile() {
|
||||
return includeInProfile;
|
||||
}
|
||||
|
||||
public static DeviceCapability forName(final String name) {
|
||||
for (final DeviceCapability capability : DeviceCapability.values()) {
|
||||
if (capability.getName().equals(name)) {
|
||||
return capability;
|
||||
}
|
||||
}
|
||||
|
||||
throw new IllegalArgumentException("Unknown capability: " + name);
|
||||
}
|
||||
}
|
||||
@@ -1,21 +1,22 @@
|
||||
package org.whispersystems.textsecuregcm.storage;
|
||||
|
||||
import java.time.Clock;
|
||||
import java.util.Arrays;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import org.whispersystems.textsecuregcm.auth.SaltedTokenHash;
|
||||
import org.whispersystems.textsecuregcm.entities.ApnRegistrationId;
|
||||
import org.whispersystems.textsecuregcm.entities.ECSignedPreKey;
|
||||
import org.whispersystems.textsecuregcm.entities.GcmRegistrationId;
|
||||
import org.whispersystems.textsecuregcm.entities.KEMSignedPreKey;
|
||||
import org.whispersystems.textsecuregcm.util.Util;
|
||||
import java.time.Clock;
|
||||
import java.util.Arrays;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
|
||||
public record DeviceSpec(
|
||||
byte[] deviceNameCiphertext,
|
||||
String password,
|
||||
String signalAgent,
|
||||
Device.DeviceCapabilities capabilities,
|
||||
Set<DeviceCapability> capabilities,
|
||||
int aciRegistrationId,
|
||||
int pniRegistrationId,
|
||||
boolean fetchesMessages,
|
||||
|
||||
@@ -0,0 +1,64 @@
|
||||
/*
|
||||
* Copyright 2024 Signal Messenger, LLC
|
||||
* SPDX-License-Identifier: AGPL-3.0-only
|
||||
*/
|
||||
|
||||
package org.whispersystems.textsecuregcm.util;
|
||||
|
||||
import com.fasterxml.jackson.core.JsonGenerator;
|
||||
import com.fasterxml.jackson.core.JsonParser;
|
||||
import com.fasterxml.jackson.core.type.TypeReference;
|
||||
import com.fasterxml.jackson.databind.DeserializationContext;
|
||||
import com.fasterxml.jackson.databind.JsonDeserializer;
|
||||
import com.fasterxml.jackson.databind.JsonSerializer;
|
||||
import com.fasterxml.jackson.databind.SerializerProvider;
|
||||
import org.whispersystems.textsecuregcm.storage.DeviceCapability;
|
||||
import java.io.IOException;
|
||||
import java.util.EnumSet;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
public class DeviceCapabilityAdapter {
|
||||
|
||||
private static final TypeReference<Map<String, Boolean>> STRING_TO_BOOLEAN_MAP_TYPE = new TypeReference<>() {};
|
||||
|
||||
private DeviceCapabilityAdapter() {
|
||||
}
|
||||
|
||||
public static class Serializer extends JsonSerializer<Set<DeviceCapability>> {
|
||||
|
||||
@Override
|
||||
public void serialize(final Set<DeviceCapability> capabilities,
|
||||
final JsonGenerator jsonGenerator,
|
||||
final SerializerProvider serializerProvider) throws IOException {
|
||||
|
||||
jsonGenerator.writeObject(capabilities.stream()
|
||||
.map(DeviceCapability::getName)
|
||||
.collect(Collectors.toMap(capability -> capability, ignored -> true)));
|
||||
}
|
||||
}
|
||||
|
||||
public static class Deserializer extends JsonDeserializer<Set<DeviceCapability>> {
|
||||
|
||||
@Override
|
||||
public Set<DeviceCapability> deserialize(final JsonParser jsonParser,
|
||||
final DeserializationContext deserializationContext) throws IOException {
|
||||
|
||||
final Map<String, Boolean> capabilitiesMap = jsonParser.readValueAs(STRING_TO_BOOLEAN_MAP_TYPE);
|
||||
final EnumSet<DeviceCapability> capabilities = EnumSet.noneOf(DeviceCapability.class);
|
||||
|
||||
capabilitiesMap.forEach((capability, active) -> {
|
||||
if (active) {
|
||||
try {
|
||||
capabilities.add(DeviceCapability.forName(capability));
|
||||
} catch (final IllegalArgumentException ignored) {
|
||||
// This most likely means we've retired a capability
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
return capabilities;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user