Add a gRPC service for working with pre-keys

service/src/test/java/org/whispersystems/textsecuregcm/auth/UnidentifiedAccessUtilTest.java

@@ -0,0 +1,52 @@
+/*
+ * Copyright 2023 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.whispersystems.textsecuregcm.auth;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import java.security.SecureRandom;
+import java.util.Optional;
+import java.util.stream.Stream;
+import javax.annotation.Nullable;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.Arguments;
+import org.junit.jupiter.params.provider.MethodSource;
+import org.whispersystems.textsecuregcm.storage.Account;
+
+class UnidentifiedAccessUtilTest {
+
+  @ParameterizedTest
+  @MethodSource
+  void checkUnidentifiedAccess(@Nullable final byte[] targetUak,
+      final boolean unrestrictedUnidentifiedAccess,
+      final byte[] presentedUak,
+      final boolean expectAccessAllowed) {
+
+    final Account account = mock(Account.class);
+    when(account.getUnidentifiedAccessKey()).thenReturn(Optional.ofNullable(targetUak));
+    when(account.isUnrestrictedUnidentifiedAccess()).thenReturn(unrestrictedUnidentifiedAccess);
+
+    assertEquals(expectAccessAllowed, UnidentifiedAccessUtil.checkUnidentifiedAccess(account, presentedUak));
+  }
+
+  private static Stream<Arguments> checkUnidentifiedAccess() {
+    final byte[] uak = new byte[16];
+    new SecureRandom().nextBytes(uak);
+
+    final byte[] incorrectUak = new byte[uak.length + 1];
+
+    return Stream.of(
+        Arguments.of(null, false, uak, false),
+        Arguments.of(null, true, uak, true),
+        Arguments.of(uak, false, incorrectUak, false),
+        Arguments.of(uak, false, uak, true),
+        Arguments.of(uak, true, incorrectUak, true),
+        Arguments.of(uak, true, uak, true)
+    );
+  }
+}

service/src/test/java/org/whispersystems/textsecuregcm/auth/grpc/MockAuthenticationInterceptor.java

@@ -0,0 +1,46 @@
+/*
+ * Copyright 2023 Signal Messenger, LLC
+ * SPDX-License-Identifier: AGPL-3.0-only
+ */
+
+package org.whispersystems.textsecuregcm.auth.grpc;
+
+import io.grpc.Context;
+import io.grpc.Contexts;
+import io.grpc.Metadata;
+import io.grpc.ServerCall;
+import io.grpc.ServerCallHandler;
+import io.grpc.ServerInterceptor;
+import java.util.UUID;
+import javax.annotation.Nullable;
+import org.whispersystems.textsecuregcm.util.Pair;
+
+public class MockAuthenticationInterceptor implements ServerInterceptor {
+
+  @Nullable
+  private Pair<UUID, Long> authenticatedDevice;
+
+  public void setAuthenticatedDevice(final UUID accountIdentifier, final long deviceId) {
+    authenticatedDevice = new Pair<>(accountIdentifier, deviceId);
+  }
+
+  public void clearAuthenticatedDevice() {
+    authenticatedDevice = null;
+  }
+
+  @Override
+  public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(final ServerCall<ReqT, RespT> call,
+      final Metadata headers,
+      final ServerCallHandler<ReqT, RespT> next) {
+
+    if (authenticatedDevice != null) {
+      final Context context = Context.current()
+          .withValue(AuthenticationUtil.CONTEXT_AUTHENTICATED_ACCOUNT_IDENTIFIER_KEY, authenticatedDevice.first())
+          .withValue(AuthenticationUtil.CONTEXT_AUTHENTICATED_DEVICE_IDENTIFIER_KEY, authenticatedDevice.second());
+
+      return Contexts.interceptCall(context, call, headers, next);
+    }
+
+    return next.startCall(call, headers);
+  }
+}