Signal/Signal-Server
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Server synced 2026-04-22 22:38:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Generate external creds for KBS based on UUID

Browse Source
This commit is contained in:
Moxie Marlinspike
2020-01-22 13:47:33 -08:00
parent e4e20c2d25
commit e399f9e851
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
service/src/test/java/org/whispersystems/textsecuregcm/tests/controllers/AccountControllerTest.java
View File

@@ -50,6 +50,7 @@ import java.security.SecureRandom;
import java.util.Collections;
import java.util.HashMap;
import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.TimeUnit;
import io.dropwizard.auth.PolymorphicAuthValueFactoryProvider;
@@ -68,6 +69,8 @@ public class AccountControllerTest {
private static final String SENDER_PREAUTH = "+14157777777";
private static final String SENDER_REG_LOCK = "+14158888888";
private static final UUID SENDER_REG_LOCK_UUID = UUID.randomUUID();
private static final String ABUSIVE_HOST = "192.168.1.1";
private static final String RESTRICTED_HOST = "192.168.1.2";
private static final String NICE_HOST = "127.0.0.1";
@@ -150,6 +153,7 @@ public class AccountControllerTest {
when(senderRegLockAccount.getRegistrationLock()).thenReturn(Optional.of(registrationLockCredentials.getHashedAuthenticationToken()));
when(senderRegLockAccount.getRegistrationLockSalt()).thenReturn(Optional.of(registrationLockCredentials.getSalt()));
when(senderRegLockAccount.getLastSeen()).thenReturn(System.currentTimeMillis());
when(senderRegLockAccount.getUuid()).thenReturn(SENDER_REG_LOCK_UUID);
when(pendingAccountsManager.getCodeForNumber(SENDER)).thenReturn(Optional.of(new StoredVerificationCode("1234", System.currentTimeMillis(), null)));
when(pendingAccountsManager.getCodeForNumber(SENDER_OLD)).thenReturn(Optional.of(new StoredVerificationCode("1234", System.currentTimeMillis() - TimeUnit.MINUTES.toMillis(31), null)));
@@ -608,9 +612,9 @@ public class AccountControllerTest {
RegistrationLockFailure failure = response.readEntity(RegistrationLockFailure.class);
assertThat(failure.getBackupCredentials()).isNotNull();
assertThat(failure.getBackupCredentials().getUsername()).isEqualTo(SENDER_REG_LOCK);
assertThat(failure.getBackupCredentials().getUsername()).isEqualTo(SENDER_REG_LOCK_UUID.toString());
assertThat(failure.getBackupCredentials().getPassword()).isNotEmpty();
assertThat(failure.getBackupCredentials().getPassword().startsWith(SENDER_REG_LOCK)).isTrue();
assertThat(failure.getBackupCredentials().getPassword().startsWith(SENDER_REG_LOCK_UUID.toString())).isTrue();
assertThat(failure.getTimeRemaining()).isGreaterThan(0);
verifyNoMoreInteractions(pinLimiter);