Initial multi device support refactoring.

1) Store account data as a json type, which includes all
   devices in a single object.

2) Simplify message delivery logic.

3) Make federated calls a pass through to standard controllers.

4) Simplify key retrieval logic.

src/test/java/org/whispersystems/textsecuregcm/tests/controllers/AccountControllerTest.java

@@ -0,0 +1,88 @@
+package org.whispersystems.textsecuregcm.tests.controllers;
+
+import com.google.common.base.Optional;
+import com.sun.jersey.api.client.ClientResponse;
+import com.yammer.dropwizard.testing.ResourceTest;
+import org.junit.Test;
+import org.whispersystems.textsecuregcm.controllers.AccountController;
+import org.whispersystems.textsecuregcm.entities.AccountAttributes;
+import org.whispersystems.textsecuregcm.limits.RateLimiter;
+import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import org.whispersystems.textsecuregcm.sms.SmsSender;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.PendingAccountsManager;
+import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
+
+import javax.ws.rs.core.MediaType;
+
+import static org.fest.assertions.api.Assertions.assertThat;
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Mockito.*;
+
+public class AccountControllerTest extends ResourceTest {
+
+  private static final String SENDER = "+14152222222";
+
+  private PendingAccountsManager pendingAccountsManager = mock(PendingAccountsManager.class);
+  private AccountsManager        accountsManager        = mock(AccountsManager.class       );
+  private RateLimiters           rateLimiters           = mock(RateLimiters.class          );
+  private RateLimiter            rateLimiter            = mock(RateLimiter.class           );
+  private SmsSender              smsSender              = mock(SmsSender.class             );
+
+  @Override
+  protected void setUpResources() throws Exception {
+    addProvider(AuthHelper.getAuthenticator());
+
+    when(rateLimiters.getSmsDestinationLimiter()).thenReturn(rateLimiter);
+    when(rateLimiters.getVoiceDestinationLimiter()).thenReturn(rateLimiter);
+    when(rateLimiters.getVerifyLimiter()).thenReturn(rateLimiter);
+
+    when(pendingAccountsManager.getCodeForNumber(SENDER)).thenReturn(Optional.of("1234"));
+
+    addResource(new AccountController(pendingAccountsManager,
+                                      accountsManager,
+                                      rateLimiters,
+                                      smsSender));
+  }
+
+  @Test
+  public void testSendCode() throws Exception {
+    ClientResponse response =
+        client().resource(String.format("/v1/accounts/sms/code/%s", SENDER))
+            .get(ClientResponse.class);
+
+    assertThat(response.getStatus()).isEqualTo(200);
+
+    verify(smsSender).deliverSmsVerification(eq(SENDER), anyString());
+  }
+
+  @Test
+  public void testVerifyCode() throws Exception {
+    ClientResponse response =
+        client().resource(String.format("/v1/accounts/code/%s", "1234"))
+            .header("Authorization", AuthHelper.getAuthHeader(SENDER, "bar"))
+            .entity(new AccountAttributes("keykeykeykey", false, false))
+            .type(MediaType.APPLICATION_JSON_TYPE)
+            .put(ClientResponse.class);
+
+    assertThat(response.getStatus()).isEqualTo(204);
+
+    verify(accountsManager).create(isA(Account.class));
+  }
+
+  @Test
+  public void testVerifyBadCode() throws Exception {
+    ClientResponse response =
+        client().resource(String.format("/v1/accounts/code/%s", "1111"))
+            .header("Authorization", AuthHelper.getAuthHeader(SENDER, "bar"))
+            .entity(new AccountAttributes("keykeykeykey", false, false))
+            .type(MediaType.APPLICATION_JSON_TYPE)
+            .put(ClientResponse.class);
+
+    assertThat(response.getStatus()).isEqualTo(403);
+
+    verifyNoMoreInteractions(accountsManager);
+  }
+
+}

src/test/java/org/whispersystems/textsecuregcm/tests/controllers/DeviceControllerTest.java

@@ -0,0 +1,92 @@
+/**
+ * Copyright (C) 2014 Open WhisperSystems
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.whispersystems.textsecuregcm.tests.controllers;
+
+import com.google.common.base.Optional;
+import com.yammer.dropwizard.testing.ResourceTest;
+import org.junit.Test;
+import org.whispersystems.textsecuregcm.controllers.DeviceController;
+import org.whispersystems.textsecuregcm.entities.AccountAttributes;
+import org.whispersystems.textsecuregcm.entities.DeviceResponse;
+import org.whispersystems.textsecuregcm.limits.RateLimiter;
+import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.storage.PendingDevicesManager;
+import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
+import org.whispersystems.textsecuregcm.util.VerificationCode;
+
+import javax.ws.rs.Path;
+import javax.ws.rs.core.MediaType;
+
+import static org.fest.assertions.api.Assertions.assertThat;
+import static org.mockito.Mockito.*;
+
+public class DeviceControllerTest extends ResourceTest {
+  @Path("/v1/devices")
+  static class DumbVerificationDeviceController extends DeviceController {
+    public DumbVerificationDeviceController(PendingDevicesManager pendingDevices, AccountsManager accounts, RateLimiters rateLimiters) {
+      super(pendingDevices, accounts, rateLimiters);
+    }
+
+    @Override
+    protected VerificationCode generateVerificationCode() {
+      return new VerificationCode(5678901);
+    }
+  }
+
+  private PendingDevicesManager pendingDevicesManager = mock(PendingDevicesManager.class);
+  private AccountsManager       accountsManager       = mock(AccountsManager.class       );
+  private RateLimiters          rateLimiters          = mock(RateLimiters.class          );
+  private RateLimiter           rateLimiter           = mock(RateLimiter.class           );
+  private Account               account               = mock(Account.class               );
+
+  @Override
+  protected void setUpResources() throws Exception {
+    addProvider(AuthHelper.getAuthenticator());
+
+    when(rateLimiters.getSmsDestinationLimiter()).thenReturn(rateLimiter);
+    when(rateLimiters.getVoiceDestinationLimiter()).thenReturn(rateLimiter);
+    when(rateLimiters.getVerifyLimiter()).thenReturn(rateLimiter);
+
+    when(account.getNextDeviceId()).thenReturn(42L);
+
+    when(pendingDevicesManager.getCodeForNumber(AuthHelper.VALID_NUMBER)).thenReturn(Optional.of("5678901"));
+    when(accountsManager.get(AuthHelper.VALID_NUMBER)).thenReturn(Optional.of(account));
+
+    addResource(new DumbVerificationDeviceController(pendingDevicesManager, accountsManager, rateLimiters));
+  }
+
+  @Test
+  public void validDeviceRegisterTest() throws Exception {
+    VerificationCode deviceCode = client().resource("/v1/devices/provisioning_code")
+        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+        .get(VerificationCode.class);
+
+    assertThat(deviceCode).isEqualTo(new VerificationCode(5678901));
+
+    DeviceResponse response = client().resource("/v1/devices/5678901")
+        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, "password1"))
+        .entity(new AccountAttributes("keykeykeykey", false, true))
+        .type(MediaType.APPLICATION_JSON_TYPE)
+        .put(DeviceResponse.class);
+
+    assertThat(response.getDeviceId()).isEqualTo(42L);
+
+    verify(pendingDevicesManager).remove(AuthHelper.VALID_NUMBER);
+  }
+}

src/test/java/org/whispersystems/textsecuregcm/tests/controllers/KeyControllerTest.java

@@ -0,0 +1,123 @@
+package org.whispersystems.textsecuregcm.tests.controllers;
+
+import com.google.common.base.Optional;
+import com.sun.jersey.api.client.ClientResponse;
+import com.yammer.dropwizard.testing.ResourceTest;
+import org.junit.Test;
+import org.whispersystems.textsecuregcm.controllers.KeysController;
+import org.whispersystems.textsecuregcm.entities.PreKey;
+import org.whispersystems.textsecuregcm.entities.UnstructuredPreKeyList;
+import org.whispersystems.textsecuregcm.limits.RateLimiter;
+import org.whispersystems.textsecuregcm.limits.RateLimiters;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.Keys;
+import org.whispersystems.textsecuregcm.tests.util.AuthHelper;
+
+import java.util.LinkedList;
+import java.util.List;
+
+import static org.fest.assertions.api.Assertions.assertThat;
+import static org.mockito.Mockito.*;
+
+public class KeyControllerTest extends ResourceTest {
+
+  private final String EXISTS_NUMBER     = "+14152222222";
+  private final String NOT_EXISTS_NUMBER = "+14152222220";
+
+  private final PreKey SAMPLE_KEY  = new PreKey(1, EXISTS_NUMBER, Device.MASTER_ID, 1234, "test1", "test2", false);
+  private final PreKey SAMPLE_KEY2 = new PreKey(2, EXISTS_NUMBER, 2, 5667, "test3", "test4", false);
+  private final Keys   keys        = mock(Keys.class);
+
+  @Override
+  protected void setUpResources() {
+    addProvider(AuthHelper.getAuthenticator());
+
+    RateLimiters    rateLimiters = mock(RateLimiters.class);
+    RateLimiter     rateLimiter  = mock(RateLimiter.class );
+
+    when(rateLimiters.getPreKeysLimiter()).thenReturn(rateLimiter);
+
+    when(keys.get(eq(EXISTS_NUMBER), eq(1L))).thenReturn(Optional.of(SAMPLE_KEY));
+    when(keys.get(eq(NOT_EXISTS_NUMBER), eq(1L))).thenReturn(Optional.<PreKey>absent());
+
+    List<PreKey> allKeys = new LinkedList<>();
+    allKeys.add(SAMPLE_KEY);
+    allKeys.add(SAMPLE_KEY2);
+    when(keys.get(EXISTS_NUMBER)).thenReturn(Optional.of(new UnstructuredPreKeyList(allKeys)));
+
+    addResource(new KeysController(rateLimiters, keys, null));
+  }
+
+  @Test
+  public void validLegacyRequestTest() throws Exception {
+    PreKey result = client().resource(String.format("/v1/keys/%s", EXISTS_NUMBER))
+        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+        .get(PreKey.class);
+
+    assertThat(result.getKeyId()).isEqualTo(SAMPLE_KEY.getKeyId());
+    assertThat(result.getPublicKey()).isEqualTo(SAMPLE_KEY.getPublicKey());
+    assertThat(result.getIdentityKey()).isEqualTo(SAMPLE_KEY.getIdentityKey());
+
+    assertThat(result.getId() == 0);
+    assertThat(result.getNumber() == null);
+
+    verify(keys).get(eq(EXISTS_NUMBER), eq(1L));
+    verifyNoMoreInteractions(keys);
+  }
+
+  @Test
+  public void validMultiRequestTest() throws Exception {
+    UnstructuredPreKeyList results = client().resource(String.format("/v1/keys/%s/*", EXISTS_NUMBER))
+        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+        .get(UnstructuredPreKeyList.class);
+
+    assertThat(results.getKeys().size()).isEqualTo(2);
+
+    PreKey result = results.getKeys().get(0);
+
+    assertThat(result.getKeyId()).isEqualTo(SAMPLE_KEY.getKeyId());
+    assertThat(result.getPublicKey()).isEqualTo(SAMPLE_KEY.getPublicKey());
+    assertThat(result.getIdentityKey()).isEqualTo(SAMPLE_KEY.getIdentityKey());
+
+    assertThat(result.getId() == 0);
+    assertThat(result.getNumber() == null);
+
+    result = results.getKeys().get(1);
+    assertThat(result.getKeyId()).isEqualTo(SAMPLE_KEY2.getKeyId());
+    assertThat(result.getPublicKey()).isEqualTo(SAMPLE_KEY2.getPublicKey());
+    assertThat(result.getIdentityKey()).isEqualTo(SAMPLE_KEY2.getIdentityKey());
+
+    assertThat(result.getId() == 0);
+    assertThat(result.getNumber() == null);
+
+    verify(keys).get(eq(EXISTS_NUMBER));
+    verifyNoMoreInteractions(keys);
+  }
+
+
+  @Test
+  public void invalidRequestTest() throws Exception {
+    ClientResponse response = client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
+        .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.VALID_PASSWORD))
+        .get(ClientResponse.class);
+
+    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(404);
+  }
+
+  @Test
+  public void unauthorizedRequestTest() throws Exception {
+    ClientResponse response =
+        client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
+            .header("Authorization", AuthHelper.getAuthHeader(AuthHelper.VALID_NUMBER, AuthHelper.INVALID_PASSWORD))
+            .get(ClientResponse.class);
+
+    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(401);
+
+    response =
+        client().resource(String.format("/v1/keys/%s", NOT_EXISTS_NUMBER))
+            .get(ClientResponse.class);
+
+    assertThat(response.getClientResponseStatus().getStatusCode()).isEqualTo(401);
+  }
+
+}

src/test/java/org/whispersystems/textsecuregcm/tests/entities/ClientContactTest.java

@@ -0,0 +1,44 @@
+package org.whispersystems.textsecuregcm.tests.entities;
+
+import org.junit.Test;
+import org.whispersystems.textsecuregcm.entities.ClientContact;
+import org.whispersystems.textsecuregcm.util.Util;
+
+import static com.yammer.dropwizard.testing.JsonHelpers.*;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+public class ClientContactTest {
+
+  @Test
+  public void serializeToJSON() throws Exception {
+    byte[]        token               = Util.getContactToken("+14152222222");
+    ClientContact contact             = new ClientContact(token, null, false);
+    ClientContact contactWithRelay    = new ClientContact(token, "whisper", false);
+    ClientContact contactWithRelaySms = new ClientContact(token, "whisper", true );
+
+    assertThat("Basic Contact Serialization works",
+               asJson(contact),
+               is(equalTo(jsonFixture("fixtures/contact.json"))));
+
+    assertThat("Contact Relay Serialization works",
+               asJson(contactWithRelay),
+               is(equalTo(jsonFixture("fixtures/contact.relay.json"))));
+
+    assertThat("Contact Relay+SMS Serialization works",
+               asJson(contactWithRelaySms),
+               is(equalTo(jsonFixture("fixtures/contact.relay.sms.json"))));
+  }
+
+  @Test
+  public void deserializeFromJSON() throws Exception {
+    ClientContact contact = new ClientContact(Util.getContactToken("+14152222222"),
+                                              "whisper", true);
+
+    assertThat("a ClientContact can be deserialized from JSON",
+               fromJson(jsonFixture("fixtures/contact.relay.sms.json"), ClientContact.class),
+               is(contact));
+  }
+
+}

src/test/java/org/whispersystems/textsecuregcm/tests/entities/PreKeyTest.java

@@ -0,0 +1,34 @@
+package org.whispersystems.textsecuregcm.tests.entities;
+
+import org.junit.Test;
+import org.whispersystems.textsecuregcm.entities.ClientContact;
+import org.whispersystems.textsecuregcm.entities.PreKey;
+import org.whispersystems.textsecuregcm.util.Util;
+
+import static com.yammer.dropwizard.testing.JsonHelpers.*;
+import static org.hamcrest.CoreMatchers.equalTo;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+
+public class PreKeyTest {
+
+  @Test
+  public void serializeToJSON() throws Exception {
+    PreKey preKey = new PreKey(1, "+14152222222", 1, 1234, "test", "identityTest", false);
+
+    assertThat("Basic Contact Serialization works",
+               asJson(preKey),
+               is(equalTo(jsonFixture("fixtures/prekey.json"))));
+  }
+
+  @Test
+  public void deserializeFromJSON() throws Exception {
+    ClientContact contact = new ClientContact(Util.getContactToken("+14152222222"),
+                                              "whisper", true);
+
+    assertThat("a ClientContact can be deserialized from JSON",
+               fromJson(jsonFixture("fixtures/contact.relay.sms.json"), ClientContact.class),
+               is(contact));
+  }
+
+}

src/test/java/org/whispersystems/textsecuregcm/tests/sms/DeliveryPreferenceTest.java

@@ -0,0 +1,36 @@
+package org.whispersystems.textsecuregcm.tests.sms;
+
+import com.google.common.base.Optional;
+import com.twilio.sdk.TwilioRestException;
+import junit.framework.TestCase;
+import org.whispersystems.textsecuregcm.sms.NexmoSmsSender;
+import org.whispersystems.textsecuregcm.sms.SmsSender;
+import org.whispersystems.textsecuregcm.sms.TwilioSmsSender;
+
+import java.io.IOException;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.verifyNoMoreInteractions;
+
+public class DeliveryPreferenceTest extends TestCase {
+
+  private TwilioSmsSender twilioSender = mock(TwilioSmsSender.class);
+  private NexmoSmsSender  nexmoSender  = mock(NexmoSmsSender.class);
+
+  public void testInternationalPreferenceOff() throws IOException, TwilioRestException {
+    SmsSender smsSender = new SmsSender(twilioSender, Optional.of(nexmoSender), false);
+
+    smsSender.deliverSmsVerification("+441112223333", "123-456");
+    verify(nexmoSender).deliverSmsVerification("+441112223333", "123-456");
+    verifyNoMoreInteractions(twilioSender);
+  }
+
+  public void testInternationalPreferenceOn() throws IOException, TwilioRestException {
+    SmsSender smsSender = new SmsSender(twilioSender, Optional.of(nexmoSender), true);
+
+    smsSender.deliverSmsVerification("+441112223333", "123-456");
+    verify(twilioSender).deliverSmsVerification("+441112223333", "123-456");
+    verifyNoMoreInteractions(nexmoSender);
+  }
+}

src/test/java/org/whispersystems/textsecuregcm/tests/sms/TwilioFallbackTest.java

@@ -0,0 +1,43 @@
+package org.whispersystems.textsecuregcm.tests.sms;
+
+import com.google.common.base.Optional;
+import com.twilio.sdk.TwilioRestException;
+import junit.framework.TestCase;
+import org.whispersystems.textsecuregcm.sms.NexmoSmsSender;
+import org.whispersystems.textsecuregcm.sms.SmsSender;
+import org.whispersystems.textsecuregcm.sms.TwilioSmsSender;
+
+import java.io.IOException;
+
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Mockito.*;
+
+public class TwilioFallbackTest extends TestCase {
+
+  private NexmoSmsSender  nexmoSender  = mock(NexmoSmsSender.class );
+  private TwilioSmsSender twilioSender = mock(TwilioSmsSender.class);
+
+  @Override
+  protected void setUp() throws IOException, TwilioRestException {
+    doThrow(new TwilioRestException("foo", 404)).when(twilioSender).deliverSmsVerification(anyString(), anyString());
+    doThrow(new TwilioRestException("bar", 405)).when(twilioSender).deliverVoxVerification(anyString(), anyString());
+  }
+
+  public void testNexmoSmsFallback() throws IOException, TwilioRestException {
+    SmsSender smsSender = new SmsSender(twilioSender, Optional.of(nexmoSender), true);
+    smsSender.deliverSmsVerification("+442223334444", "123-456");
+
+    verify(nexmoSender).deliverSmsVerification("+442223334444", "123-456");
+    verify(twilioSender).deliverSmsVerification("+442223334444", "123-456");
+  }
+
+  public void testNexmoVoxFallback() throws IOException, TwilioRestException {
+    SmsSender smsSender = new SmsSender(twilioSender, Optional.of(nexmoSender), true);
+    smsSender.deliverVoxVerification("+442223334444", "123-456");
+
+    verify(nexmoSender).deliverVoxVerification("+442223334444", "123-456");
+    verify(twilioSender).deliverVoxVerification("+442223334444", "123-456");
+  }
+
+
+}

src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java

@@ -0,0 +1,48 @@
+package org.whispersystems.textsecuregcm.tests.util;
+
+import com.google.common.base.Optional;
+import org.whispersystems.textsecuregcm.auth.AccountAuthenticator;
+import org.whispersystems.textsecuregcm.auth.AuthenticationCredentials;
+import org.whispersystems.textsecuregcm.auth.FederatedPeerAuthenticator;
+import org.whispersystems.textsecuregcm.auth.MultiBasicAuthProvider;
+import org.whispersystems.textsecuregcm.configuration.FederationConfiguration;
+import org.whispersystems.textsecuregcm.federation.FederatedPeer;
+import org.whispersystems.textsecuregcm.storage.Account;
+import org.whispersystems.textsecuregcm.storage.Device;
+import org.whispersystems.textsecuregcm.storage.AccountsManager;
+import org.whispersystems.textsecuregcm.util.Base64;
+
+import java.util.Arrays;
+
+import static org.mockito.Matchers.anyLong;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public class AuthHelper {
+  public static final String VALID_NUMBER   = "+14150000000";
+  public static final String VALID_PASSWORD = "foo";
+
+  public static final String INVVALID_NUMBER  = "+14151111111";
+  public static final String INVALID_PASSWORD = "bar";
+
+  public static MultiBasicAuthProvider<FederatedPeer, Account> getAuthenticator() {
+    AccountsManager           accounts    = mock(AccountsManager.class          );
+    Account                   account     = mock(Account.class                  );
+    Device                    device      = mock(Device.class                   );
+    AuthenticationCredentials credentials = mock(AuthenticationCredentials.class);
+
+    when(credentials.verify("foo")).thenReturn(true);
+    when(device.getAuthenticationCredentials()).thenReturn(credentials);
+    when(account.getDevice(anyLong())).thenReturn(Optional.of(device));
+    when(accounts.get(VALID_NUMBER)).thenReturn(Optional.of(account));
+
+    return new MultiBasicAuthProvider<>(new FederatedPeerAuthenticator(new FederationConfiguration()),
+                                        FederatedPeer.class,
+                                        new AccountAuthenticator(accounts),
+                                        Account.class, "WhisperServer");
+  }
+
+  public static String getAuthHeader(String number, String password) {
+    return "Basic " + Base64.encodeBytes((number + ":" + password).getBytes());
+  }
+}