Retire AttachmentControllerV2

2026-04-19 23:38:07 +01:00 · 2024-10-21 09:58:25 -04:00
parent 5abfef50fc
commit bda4788a34
11 changed files with 3 additions and 190 deletions
--- a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java
@@ -17,7 +17,6 @@ import org.whispersystems.textsecuregcm.attachments.TusConfiguration;
 import org.whispersystems.textsecuregcm.configuration.ApnConfiguration;
 import org.whispersystems.textsecuregcm.configuration.AppleAppStoreConfiguration;
 import org.whispersystems.textsecuregcm.configuration.ArtServiceConfiguration;
-import org.whispersystems.textsecuregcm.configuration.AwsAttachmentsConfiguration;
 import org.whispersystems.textsecuregcm.configuration.AwsCredentialsProviderFactory;
 import org.whispersystems.textsecuregcm.configuration.BadgesConfiguration;
 import org.whispersystems.textsecuregcm.configuration.BraintreeConfiguration;
@@ -109,11 +108,6 @@ public class WhisperServerConfiguration extends Configuration {
  @JsonProperty
  private DynamoDbTables dynamoDbTables;

-  @NotNull
-  @Valid
-  @JsonProperty
-  private AwsAttachmentsConfiguration awsAttachments;
-
  @NotNull
  @Valid
  @JsonProperty
@@ -397,10 +391,6 @@ public class WhisperServerConfiguration extends Configuration {
    return webSocket;
  }

-  public AwsAttachmentsConfiguration getAwsAttachmentsConfiguration() {
-    return awsAttachments;
-  }
-
  public GcpAttachmentsConfiguration getGcpAttachmentsConfiguration() {
    return gcpAttachments;
  }
--- a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java
@@ -110,7 +110,6 @@ import org.whispersystems.textsecuregcm.controllers.AccountController;
 import org.whispersystems.textsecuregcm.controllers.AccountControllerV2;
 import org.whispersystems.textsecuregcm.controllers.ArchiveController;
 import org.whispersystems.textsecuregcm.controllers.ArtController;
-import org.whispersystems.textsecuregcm.controllers.AttachmentControllerV2;
 import org.whispersystems.textsecuregcm.controllers.AttachmentControllerV4;
 import org.whispersystems.textsecuregcm.controllers.CallLinkController;
 import org.whispersystems.textsecuregcm.controllers.CallRoutingController;
@@ -1096,10 +1095,6 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
        new AccountControllerV2(accountsManager, changeNumberManager, phoneVerificationTokenManager,
            registrationLockVerificationManager, rateLimiters),
        new ArtController(rateLimiters, artCredentialsGenerator),
-        new AttachmentControllerV2(rateLimiters,
-            config.getAwsAttachmentsConfiguration().credentials().accessKeyId().value(),
-            config.getAwsAttachmentsConfiguration().credentials().secretAccessKey().value(),
-            config.getAwsAttachmentsConfiguration().region(), config.getAwsAttachmentsConfiguration().bucket()),
        new AttachmentControllerV4(rateLimiters, gcsAttachmentGenerator, tusAttachmentGenerator,
            experimentEnrollmentManager),
        new ArchiveController(backupAuthManager, backupManager),
--- a/service/src/main/java/org/whispersystems/textsecuregcm/configuration/AwsAttachmentsConfiguration.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/configuration/AwsAttachmentsConfiguration.java
@@ -1,14 +0,0 @@
-/*
- * Copyright 2013 Signal Messenger, LLC
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-package org.whispersystems.textsecuregcm.configuration;
-
-import javax.validation.Valid;
-import javax.validation.constraints.NotBlank;
-import javax.validation.constraints.NotNull;
-
-public record AwsAttachmentsConfiguration(@NotNull @Valid StaticAwsCredentialsFactory credentials,
-                                          @NotBlank String bucket,
-                                          @NotBlank String region) {
-}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV2.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV2.java
@@ -1,84 +0,0 @@
-/*
- * Copyright 2013 Signal Messenger, LLC
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-package org.whispersystems.textsecuregcm.controllers;
-
-import static org.whispersystems.textsecuregcm.metrics.MetricsUtil.name;
-
-import com.google.common.net.HttpHeaders;
-import io.dropwizard.auth.Auth;
-import io.micrometer.core.instrument.Metrics;
-import io.micrometer.core.instrument.Tags;
-import io.swagger.v3.oas.annotations.tags.Tag;
-import java.security.SecureRandom;
-import java.time.ZoneOffset;
-import java.time.ZonedDateTime;
-import javax.ws.rs.GET;
-import javax.ws.rs.HeaderParam;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.MediaType;
-import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice;
-import org.whispersystems.textsecuregcm.entities.AttachmentDescriptorV2;
-import org.whispersystems.textsecuregcm.limits.RateLimiter;
-import org.whispersystems.textsecuregcm.limits.RateLimiters;
-import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil;
-import org.whispersystems.textsecuregcm.s3.PolicySigner;
-import org.whispersystems.textsecuregcm.s3.PostPolicyGenerator;
-import org.whispersystems.textsecuregcm.util.Conversions;
-import org.whispersystems.textsecuregcm.util.Pair;
-import org.whispersystems.websocket.auth.ReadOnly;
-
-// To be removed when Android 7.12 reaches saturation, likely some time toward the end of October 2024
-@Deprecated(forRemoval = true)
-@Path("/v2/attachments")
-@Tag(name = "Attachments")
-public class AttachmentControllerV2 {
-
-  private final PostPolicyGenerator policyGenerator;
-  private final PolicySigner policySigner;
-  private final RateLimiter rateLimiter;
-
-  private static final String CREATE_UPLOAD_COUNTER_NAME = name(AttachmentControllerV2.class, "uploadForm");
-
-  public AttachmentControllerV2(RateLimiters rateLimiters, String accessKey, String accessSecret, String region,
-      String bucket) {
-    this.rateLimiter = rateLimiters.getAttachmentLimiter();  
-    this.policyGenerator = new PostPolicyGenerator(region, bucket, accessKey);
-    this.policySigner = new PolicySigner(accessSecret, region);
-  }
-
-  @GET
-  @Produces(MediaType.APPLICATION_JSON)
-  @Path("/form/upload")
-  public AttachmentDescriptorV2 getAttachmentUploadForm(
-      @ReadOnly @Auth AuthenticatedDevice auth,
-      @HeaderParam(HttpHeaders.USER_AGENT) String userAgent)
-      throws RateLimitExceededException {
-    rateLimiter.validate(auth.getAccount().getUuid());
-
-    ZonedDateTime now = ZonedDateTime.now(ZoneOffset.UTC);
-    long attachmentId = generateAttachmentId();
-    String objectName = String.valueOf(attachmentId);
-    Pair<String, String> policy = policyGenerator.createFor(now, objectName, 100 * 1024 * 1024);
-    String signature = policySigner.getSignature(now, policy.second());
-
-    Metrics.counter(CREATE_UPLOAD_COUNTER_NAME, Tags.of(UserAgentTagUtil.getPlatformTag(userAgent))).increment();
-
-    return new AttachmentDescriptorV2(attachmentId, objectName, policy.first(),
-        "private", "AWS4-HMAC-SHA256",
-        now.format(PostPolicyGenerator.AWS_DATE_TIME),
-        policy.second(), signature);
-  }
-
-  private long generateAttachmentId() {
-    byte[] attachmentBytes = new byte[8];
-    new SecureRandom().nextBytes(attachmentBytes);
-
-    attachmentBytes[0] = (byte) (attachmentBytes[0] & 0x7F);
-    return Conversions.byteArrayToLong(attachmentBytes);
-  }
-
-}
--- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV4.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV4.java
@@ -30,7 +30,8 @@ import org.whispersystems.websocket.auth.ReadOnly;


 /**
- * The V4 API is identical to the {@link AttachmentControllerV3} API, but supports an additional TUS based cdn type (cdn3)
+ * The attachment controller generates "upload forms" for authenticated users that permit them to upload files
+ * (message attachments) to a remote storage location. The location may be selected by the server at runtime.
 */
@Path("/v4/attachments")
@Tag(name = "Attachments")
--- a/service/src/main/java/org/whispersystems/textsecuregcm/entities/AttachmentDescriptorV2.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/entities/AttachmentDescriptorV2.java
@@ -1,23 +0,0 @@
-/*
- * Copyright 2013-2020 Signal Messenger, LLC
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-package org.whispersystems.textsecuregcm.entities;
-
-import com.fasterxml.jackson.annotation.JsonProperty;
-
-public record AttachmentDescriptorV2(long attachmentId,
-                                     String key,
-                                     String credential,
-                                     String acl,
-                                     String algorithm,
-                                     String date,
-                                     String policy,
-                                     String signature) {
-
-  @JsonProperty
-  public String attachmentIdString() {
-    return String.valueOf(attachmentId);
-  }
-}