mirror of
https://github.com/signalapp/Signal-Server
synced 2026-04-18 03:15:22 +01:00
Make GrpcAllowListInterceptor dynamically configurable
This commit is contained in:
Ravi Khadiwala
committed by
ravi-signal
ravi-signal
parent
f17a39386b
commit
c8d4ea97e4
@@ -31,7 +31,7 @@ import org.whispersystems.textsecuregcm.configuration.DeviceCheckConfiguration;
|
|||||||
import org.whispersystems.textsecuregcm.configuration.DirectoryV2Configuration;
|
import org.whispersystems.textsecuregcm.configuration.DirectoryV2Configuration;
|
||||||
import org.whispersystems.textsecuregcm.configuration.DynamoDbClientFactory;
|
import org.whispersystems.textsecuregcm.configuration.DynamoDbClientFactory;
|
||||||
import org.whispersystems.textsecuregcm.configuration.DynamoDbTables;
|
import org.whispersystems.textsecuregcm.configuration.DynamoDbTables;
|
||||||
import org.whispersystems.textsecuregcm.configuration.GrpcAllowListConfiguration;
|
import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicGrpcAllowListConfiguration;
|
||||||
import org.whispersystems.textsecuregcm.configuration.ExternalRequestFilterConfiguration;
|
import org.whispersystems.textsecuregcm.configuration.ExternalRequestFilterConfiguration;
|
||||||
import org.whispersystems.textsecuregcm.configuration.FaultTolerantRedisClientFactory;
|
import org.whispersystems.textsecuregcm.configuration.FaultTolerantRedisClientFactory;
|
||||||
import org.whispersystems.textsecuregcm.configuration.FaultTolerantRedisClusterFactory;
|
import org.whispersystems.textsecuregcm.configuration.FaultTolerantRedisClusterFactory;
|
||||||
@@ -352,7 +352,7 @@ public class WhisperServerConfiguration extends Configuration {
|
|||||||
@NotNull
|
@NotNull
|
||||||
@Valid
|
@Valid
|
||||||
@JsonProperty
|
@JsonProperty
|
||||||
private GrpcAllowListConfiguration grpcAllowList = new GrpcAllowListConfiguration();
|
private DynamicGrpcAllowListConfiguration grpcAllowList = new DynamicGrpcAllowListConfiguration();
|
||||||
|
|
||||||
@Valid
|
@Valid
|
||||||
@NotNull
|
@NotNull
|
||||||
@@ -595,7 +595,7 @@ public class WhisperServerConfiguration extends Configuration {
|
|||||||
return grpc;
|
return grpc;
|
||||||
}
|
}
|
||||||
|
|
||||||
public GrpcAllowListConfiguration getGrpcAllowList() {
|
public DynamicGrpcAllowListConfiguration getGrpcAllowList() {
|
||||||
return grpcAllowList;
|
return grpcAllowList;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -882,8 +882,7 @@ public class WhisperServerService extends Application<WhisperServerConfiguration
|
|||||||
|
|
||||||
final ErrorMappingInterceptor errorMappingInterceptor = new ErrorMappingInterceptor();
|
final ErrorMappingInterceptor errorMappingInterceptor = new ErrorMappingInterceptor();
|
||||||
final ErrorConformanceInterceptor errorConformanceInterceptor = new ErrorConformanceInterceptor();
|
final ErrorConformanceInterceptor errorConformanceInterceptor = new ErrorConformanceInterceptor();
|
||||||
final GrpcAllowListInterceptor grpcAllowListInterceptor =
|
final GrpcAllowListInterceptor grpcAllowListInterceptor = new GrpcAllowListInterceptor(dynamicConfigurationManager);
|
||||||
new GrpcAllowListInterceptor(config.getGrpcAllowList().enableAll(), config.getGrpcAllowList().enabledServices(), config.getGrpcAllowList().enabledMethods());
|
|
||||||
final RequestAttributesInterceptor requestAttributesInterceptor = new RequestAttributesInterceptor();
|
final RequestAttributesInterceptor requestAttributesInterceptor = new RequestAttributesInterceptor();
|
||||||
|
|
||||||
final ValidatingInterceptor validatingInterceptor = new ValidatingInterceptor();
|
final ValidatingInterceptor validatingInterceptor = new ValidatingInterceptor();
|
||||||
|
|||||||
@@ -72,6 +72,10 @@ public class DynamicConfiguration {
|
|||||||
@Valid
|
@Valid
|
||||||
private DynamicCarrierDataLookupConfiguration carrierDataLookup = new DynamicCarrierDataLookupConfiguration();
|
private DynamicCarrierDataLookupConfiguration carrierDataLookup = new DynamicCarrierDataLookupConfiguration();
|
||||||
|
|
||||||
|
@JsonProperty
|
||||||
|
@Valid
|
||||||
|
private DynamicGrpcAllowListConfiguration grpcAllowList = new DynamicGrpcAllowListConfiguration();
|
||||||
|
|
||||||
public Optional<DynamicExperimentEnrollmentConfiguration> getExperimentEnrollmentConfiguration(
|
public Optional<DynamicExperimentEnrollmentConfiguration> getExperimentEnrollmentConfiguration(
|
||||||
final String experimentName) {
|
final String experimentName) {
|
||||||
return Optional.ofNullable(experiments.get(experimentName));
|
return Optional.ofNullable(experiments.get(experimentName));
|
||||||
@@ -129,4 +133,8 @@ public class DynamicConfiguration {
|
|||||||
public DynamicCarrierDataLookupConfiguration getCarrierDataLookupConfiguration() {
|
public DynamicCarrierDataLookupConfiguration getCarrierDataLookupConfiguration() {
|
||||||
return carrierDataLookup;
|
return carrierDataLookup;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public DynamicGrpcAllowListConfiguration getGrpcAllowList() {
|
||||||
|
return grpcAllowList;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,10 +2,11 @@
|
|||||||
* Copyright 2026 Signal Messenger, LLC
|
* Copyright 2026 Signal Messenger, LLC
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
* SPDX-License-Identifier: AGPL-3.0-only
|
||||||
*/
|
*/
|
||||||
package org.whispersystems.textsecuregcm.configuration;
|
package org.whispersystems.textsecuregcm.configuration.dynamic;
|
||||||
|
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
|
import java.util.Set;
|
||||||
|
|
||||||
/// Configure which gRPC methods are enabled
|
/// Configure which gRPC methods are enabled
|
||||||
///
|
///
|
||||||
@@ -16,22 +17,22 @@ import java.util.List;
|
|||||||
/// @param enabledMethods A list of fully qualified method names of RPCs that should be enabled. For example,
|
/// @param enabledMethods A list of fully qualified method names of RPCs that should be enabled. For example,
|
||||||
/// `org.signal.chat.account.AccountsAnonymous/LookupUsernameHash` would enable the
|
/// `org.signal.chat.account.AccountsAnonymous/LookupUsernameHash` would enable the
|
||||||
/// `LookupUsernameHash` RPC method
|
/// `LookupUsernameHash` RPC method
|
||||||
public record GrpcAllowListConfiguration(
|
public record DynamicGrpcAllowListConfiguration(
|
||||||
boolean enableAll,
|
boolean enableAll,
|
||||||
List<String> enabledServices,
|
Set<String> enabledServices,
|
||||||
List<String> enabledMethods) {
|
Set<String> enabledMethods) {
|
||||||
|
|
||||||
public GrpcAllowListConfiguration {
|
public DynamicGrpcAllowListConfiguration {
|
||||||
if (enabledServices == null) {
|
if (enabledServices == null) {
|
||||||
enabledServices = Collections.emptyList();
|
enabledServices = Collections.emptySet();
|
||||||
}
|
}
|
||||||
if (enabledMethods == null) {
|
if (enabledMethods == null) {
|
||||||
enabledMethods = Collections.emptyList();
|
enabledMethods = Collections.emptySet();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public GrpcAllowListConfiguration() {
|
public DynamicGrpcAllowListConfiguration() {
|
||||||
// By default, no GRPC methods are accessible
|
// By default, no GRPC methods are accessible
|
||||||
this(false, Collections.emptyList(), Collections.emptyList());
|
this(false, Collections.emptySet(), Collections.emptySet());
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -10,31 +10,28 @@ import io.grpc.ServerCall;
|
|||||||
import io.grpc.ServerCallHandler;
|
import io.grpc.ServerCallHandler;
|
||||||
import io.grpc.ServerInterceptor;
|
import io.grpc.ServerInterceptor;
|
||||||
import io.grpc.Status;
|
import io.grpc.Status;
|
||||||
import java.util.HashSet;
|
import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicGrpcAllowListConfiguration;
|
||||||
import java.util.List;
|
import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration;
|
||||||
import java.util.Set;
|
import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
|
||||||
|
|
||||||
public class GrpcAllowListInterceptor implements ServerInterceptor {
|
public class GrpcAllowListInterceptor implements ServerInterceptor {
|
||||||
|
|
||||||
private final boolean enableAll;
|
private final DynamicConfigurationManager<DynamicConfiguration> dynamicConfigurationManager;
|
||||||
private final Set<String> enabledServices;
|
|
||||||
private final Set<String> enabledMethods;
|
|
||||||
|
|
||||||
|
|
||||||
public GrpcAllowListInterceptor(
|
public GrpcAllowListInterceptor(
|
||||||
final boolean enableAll,
|
final DynamicConfigurationManager<DynamicConfiguration> dynamicConfigurationManager) {
|
||||||
final List<String> enabledServices,
|
this.dynamicConfigurationManager = dynamicConfigurationManager;
|
||||||
final List<String> enabledMethods) {
|
|
||||||
this.enableAll = enableAll;
|
|
||||||
this.enabledServices = new HashSet<>(enabledServices);
|
|
||||||
this.enabledMethods = new HashSet<>(enabledMethods);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(final ServerCall<ReqT, RespT> serverCall,
|
public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(final ServerCall<ReqT, RespT> serverCall,
|
||||||
final Metadata metadata, final ServerCallHandler<ReqT, RespT> next) {
|
final Metadata metadata, final ServerCallHandler<ReqT, RespT> next) {
|
||||||
|
final DynamicGrpcAllowListConfiguration allowList = this.dynamicConfigurationManager.getConfiguration().getGrpcAllowList();
|
||||||
final MethodDescriptor<ReqT, RespT> methodDescriptor = serverCall.getMethodDescriptor();
|
final MethodDescriptor<ReqT, RespT> methodDescriptor = serverCall.getMethodDescriptor();
|
||||||
if (!enableAll && !enabledServices.contains(methodDescriptor.getServiceName()) && !enabledMethods.contains(methodDescriptor.getFullMethodName())) {
|
if (!allowList.enableAll() &&
|
||||||
|
!allowList.enabledServices().contains(methodDescriptor.getServiceName()) &&
|
||||||
|
!allowList.enabledMethods().contains(methodDescriptor.getFullMethodName())) {
|
||||||
return ServerInterceptorUtil.closeWithStatus(serverCall, Status.UNIMPLEMENTED);
|
return ServerInterceptorUtil.closeWithStatus(serverCall, Status.UNIMPLEMENTED);
|
||||||
}
|
}
|
||||||
return next.startCall(serverCall, metadata);
|
return next.startCall(serverCall, metadata);
|
||||||
|
|||||||
@@ -5,6 +5,8 @@
|
|||||||
package org.whispersystems.textsecuregcm.grpc;
|
package org.whispersystems.textsecuregcm.grpc;
|
||||||
|
|
||||||
import static org.assertj.core.api.Assertions.assertThat;
|
import static org.assertj.core.api.Assertions.assertThat;
|
||||||
|
import static org.mockito.Mockito.mock;
|
||||||
|
import static org.mockito.Mockito.when;
|
||||||
|
|
||||||
import com.google.protobuf.ByteString;
|
import com.google.protobuf.ByteString;
|
||||||
import io.grpc.ManagedChannel;
|
import io.grpc.ManagedChannel;
|
||||||
@@ -14,7 +16,7 @@ import io.grpc.inprocess.InProcessChannelBuilder;
|
|||||||
import io.grpc.inprocess.InProcessServerBuilder;
|
import io.grpc.inprocess.InProcessServerBuilder;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.util.Collections;
|
import java.util.Collections;
|
||||||
import java.util.List;
|
import java.util.Set;
|
||||||
import java.util.concurrent.TimeUnit;
|
import java.util.concurrent.TimeUnit;
|
||||||
import org.junit.jupiter.api.AfterEach;
|
import org.junit.jupiter.api.AfterEach;
|
||||||
import org.junit.jupiter.api.BeforeEach;
|
import org.junit.jupiter.api.BeforeEach;
|
||||||
@@ -22,6 +24,10 @@ import org.junit.jupiter.api.Test;
|
|||||||
import org.signal.chat.rpc.EchoRequest;
|
import org.signal.chat.rpc.EchoRequest;
|
||||||
import org.signal.chat.rpc.EchoResponse;
|
import org.signal.chat.rpc.EchoResponse;
|
||||||
import org.signal.chat.rpc.EchoServiceGrpc;
|
import org.signal.chat.rpc.EchoServiceGrpc;
|
||||||
|
import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration;
|
||||||
|
import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicGrpcAllowListConfiguration;
|
||||||
|
import org.whispersystems.textsecuregcm.tests.util.FakeDynamicConfigurationManager;
|
||||||
|
|
||||||
|
|
||||||
class GrpcAllowListInterceptorTest {
|
class GrpcAllowListInterceptorTest {
|
||||||
private Server server;
|
private Server server;
|
||||||
@@ -45,7 +51,7 @@ class GrpcAllowListInterceptorTest {
|
|||||||
@Test
|
@Test
|
||||||
public void disableAll() throws Exception {
|
public void disableAll() throws Exception {
|
||||||
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
||||||
setup(false, Collections.emptyList(), Collections.emptyList());
|
setup(false, Collections.emptySet(), Collections.emptySet());
|
||||||
GrpcTestUtils.assertStatusException(Status.UNIMPLEMENTED, () ->
|
GrpcTestUtils.assertStatusException(Status.UNIMPLEMENTED, () ->
|
||||||
client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build()));
|
client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build()));
|
||||||
}
|
}
|
||||||
@@ -53,7 +59,7 @@ class GrpcAllowListInterceptorTest {
|
|||||||
@Test
|
@Test
|
||||||
public void enableAll() throws Exception {
|
public void enableAll() throws Exception {
|
||||||
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
||||||
setup(true, Collections.emptyList(), Collections.emptyList());
|
setup(true, Collections.emptySet(), Collections.emptySet());
|
||||||
final EchoResponse echo = client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build());
|
final EchoResponse echo = client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build());
|
||||||
assertThat(echo.getPayload()).isEqualTo(ByteString.empty());
|
assertThat(echo.getPayload()).isEqualTo(ByteString.empty());
|
||||||
}
|
}
|
||||||
@@ -61,7 +67,7 @@ class GrpcAllowListInterceptorTest {
|
|||||||
@Test
|
@Test
|
||||||
public void enableByMethod() throws Exception {
|
public void enableByMethod() throws Exception {
|
||||||
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
||||||
setup(false, Collections.emptyList(), List.of("org.signal.chat.rpc.EchoService/echo"));
|
setup(false, Collections.emptySet(), Set.of("org.signal.chat.rpc.EchoService/echo"));
|
||||||
|
|
||||||
final EchoResponse echo = client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build());
|
final EchoResponse echo = client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build());
|
||||||
assertThat(echo.getPayload()).isEqualTo(ByteString.empty());
|
assertThat(echo.getPayload()).isEqualTo(ByteString.empty());
|
||||||
@@ -73,7 +79,7 @@ class GrpcAllowListInterceptorTest {
|
|||||||
@Test
|
@Test
|
||||||
public void enableByService() throws Exception {
|
public void enableByService() throws Exception {
|
||||||
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
||||||
setup(false, List.of("org.signal.chat.rpc.EchoService"), Collections.emptyList());
|
setup(false, Set.of("org.signal.chat.rpc.EchoService"), Collections.emptySet());
|
||||||
|
|
||||||
final EchoResponse echo = client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build());
|
final EchoResponse echo = client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build());
|
||||||
assertThat(echo.getPayload()).isEqualTo(ByteString.empty());
|
assertThat(echo.getPayload()).isEqualTo(ByteString.empty());
|
||||||
@@ -85,7 +91,7 @@ class GrpcAllowListInterceptorTest {
|
|||||||
@Test
|
@Test
|
||||||
public void enableByServiceWrongService() throws Exception {
|
public void enableByServiceWrongService() throws Exception {
|
||||||
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
final EchoServiceGrpc.EchoServiceBlockingStub client =
|
||||||
setup(false, List.of("org.signal.chat.rpc.NotEchoService"), Collections.emptyList());
|
setup(false, Set.of("org.signal.chat.rpc.NotEchoService"), Collections.emptySet());
|
||||||
|
|
||||||
GrpcTestUtils.assertStatusException(Status.UNIMPLEMENTED, () ->
|
GrpcTestUtils.assertStatusException(Status.UNIMPLEMENTED, () ->
|
||||||
client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build()));
|
client.echo(EchoRequest.newBuilder().setPayload(ByteString.empty()).build()));
|
||||||
@@ -93,16 +99,19 @@ class GrpcAllowListInterceptorTest {
|
|||||||
|
|
||||||
private EchoServiceGrpc.EchoServiceBlockingStub setup(
|
private EchoServiceGrpc.EchoServiceBlockingStub setup(
|
||||||
boolean enableAll,
|
boolean enableAll,
|
||||||
List<String> enabledServices,
|
Set<String> enabledServices,
|
||||||
List<String> enabledMethods)
|
Set<String> enabledMethods)
|
||||||
throws IOException {
|
throws IOException {
|
||||||
if (server != null) {
|
if (server != null) {
|
||||||
server.shutdownNow();
|
server.shutdownNow();
|
||||||
}
|
}
|
||||||
|
final DynamicConfiguration configuration = mock(DynamicConfiguration.class);
|
||||||
|
when(configuration.getGrpcAllowList())
|
||||||
|
.thenReturn(new DynamicGrpcAllowListConfiguration(enableAll, enabledServices, enabledMethods));
|
||||||
server = InProcessServerBuilder.forName("GrpcAllowListInterceptorTest")
|
server = InProcessServerBuilder.forName("GrpcAllowListInterceptorTest")
|
||||||
.directExecutor()
|
.directExecutor()
|
||||||
.addService(new EchoServiceImpl())
|
.addService(new EchoServiceImpl())
|
||||||
.intercept(new GrpcAllowListInterceptor(enableAll, enabledServices, enabledMethods))
|
.intercept(new GrpcAllowListInterceptor(new FakeDynamicConfigurationManager<>(configuration)))
|
||||||
.build()
|
.build()
|
||||||
.start();
|
.start();
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user