Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-20 23:18:09 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add a check for missing uak in OptionalAccess

Browse Source
This commit is contained in:
Ravi Khadiwala
2024-04-25 17:46:00 -05:00
committed by Jon Chambers
parent 19944bfdb2
commit 88e2687e23
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
service/src/main/java/org/whispersystems/textsecuregcm/auth/OptionalAccess.java
View File

@@ -73,6 +73,11 @@ public class OptionalAccess {
return;
}
// At this point, any successful authentication requires a real access key on the target account
if (targetAccount.get().getUnidentifiedAccessKey().isEmpty()) {
throw new NotAuthorizedException(Response.Status.UNAUTHORIZED);
}
// Otherwise, access is gated by the caller having the unidentified-access key matching the target account.
if (MessageDigest.isEqual(accessKey.get().getAccessKey(), targetAccount.get().getUnidentifiedAccessKey().get())) {
return;