Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-22 10:18:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update ChangeNumber to allow reset of registration IDs.

Browse Source
This commit is contained in:
gram-signal
2022-06-02 16:37:32 -06:00
committed by GitHub
parent 5cfb133f79
commit 7001ad1445
6 changed files with 139 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java
View File

@@ -25,6 +25,7 @@ import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.CompletableFuture;
import java.util.stream.Collectors;
import javax.annotation.Nullable;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
@@ -86,6 +87,7 @@ import org.whispersystems.textsecuregcm.storage.AbusiveHostRules;
import org.whispersystems.textsecuregcm.storage.Account;
import org.whispersystems.textsecuregcm.storage.AccountsManager;
import org.whispersystems.textsecuregcm.storage.ChangeNumberManager;
import org.whispersystems.textsecuregcm.storage.ChangeNumberManager.DeviceUpdate;
import org.whispersystems.textsecuregcm.storage.Device;
import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
import org.whispersystems.textsecuregcm.storage.StoredVerificationCodeManager;
@@ -408,22 +410,27 @@ public class AccountController {
throw new ForbiddenException();
}
if (request.getDeviceSignedPrekeys() != null && !request.getDeviceSignedPrekeys().isEmpty()) {
if (request.getDeviceMessages() == null || request.getDeviceMessages().size() != request.getDeviceSignedPrekeys().size() - 1) {
// device_messages should exist and be one shorter than device_signed_prekeys, since it doesn't have the primary's key.
throw new WebApplicationException(Response.status(400).build());
}
Map<Long, DeviceUpdate> devices = Collections.emptyMap();
if (request.getDeviceUpdates() != null && !request.getDeviceUpdates().isEmpty()) {
devices = request.getDeviceUpdates().entrySet().stream()
.collect(Collectors.toMap(
e -> e.getKey(),
e -> new DeviceUpdate(e.getValue().getSignedPhoneNumberIdentityPreKey(), e.getValue().getMessage(), e.getValue().getRegistrationID())));
try {
// Checks that all except master ID are in device messages
List<IncomingMessage> deviceMessages = devices.entrySet().stream()
.map(e -> e.getValue().message())
.filter(e -> e != null)
.collect(Collectors.toList());
MessageValidation.validateCompleteDeviceList(
authenticatedAccount.getAccount(), request.getDeviceMessages(),
authenticatedAccount.getAccount(), deviceMessages,
IncomingMessage::getDestinationDeviceId, true, Optional.of(Device.MASTER_ID));
MessageValidation.validateRegistrationIds(
authenticatedAccount.getAccount(), request.getDeviceMessages(),
authenticatedAccount.getAccount(), deviceMessages,
IncomingMessage::getDestinationDeviceId, IncomingMessage::getDestinationRegistrationId);
// Checks that all including master ID are in signed prekeys
MessageValidation.validateCompleteDeviceList(
authenticatedAccount.getAccount(), request.getDeviceSignedPrekeys().entrySet(),
authenticatedAccount.getAccount(), devices.entrySet(),
e -> e.getKey(), false, Optional.empty());
} catch (MismatchedDevicesException e) {
throw new WebApplicationException(Response.status(409)
@@ -437,9 +444,6 @@ public class AccountController {
.entity(new StaleDevices(e.getStaleDevices()))
.build());
}
} else if (request.getDeviceMessages() != null && !request.getDeviceMessages().isEmpty()) {
// device_messages shouldn't exist without device_signed_prekeys.
throw new WebApplicationException(Response.status(400).build());
}
final String number = request.getNumber();
@@ -470,8 +474,7 @@ public class AccountController {
final Account updatedAccount = changeNumberManager.changeNumber(
authenticatedAccount.getAccount(),
request.getNumber(),
Optional.ofNullable(request.getDeviceSignedPrekeys()).orElse(Collections.emptyMap()),
Optional.ofNullable(request.getDeviceMessages()).orElse(Collections.emptyList()));
devices);
return new AccountIdentityResponse(
updatedAccount.getUuid(),