From 0075e94a4213fa2f6c230824d048912a32859da0 Mon Sep 17 00:00:00 2001 From: Jon Chambers Date: Wed, 14 Aug 2024 12:07:43 -0400 Subject: [PATCH] Rename `AuthenticatedAccount` to `AuthenticatedDevice` --- .../org/signal/openapi/OpenApiExtension.java | 6 +-- .../textsecuregcm/WhisperServerService.java | 24 +++++----- .../auth/AccountAuthenticator.java | 6 +-- ...dAccount.java => AuthenticatedDevice.java} | 6 +-- ...inkedDeviceRefreshRequirementProvider.java | 2 +- .../controllers/AccountController.java | 44 +++++++++---------- .../controllers/AccountControllerV2.java | 21 +++++---- .../controllers/ArchiveController.java | 30 ++++++------- .../controllers/ArtController.java | 4 +- .../controllers/AttachmentControllerV2.java | 4 +- .../controllers/AttachmentControllerV3.java | 4 +- .../controllers/AttachmentControllerV4.java | 4 +- .../controllers/CallLinkController.java | 4 +- .../controllers/CallRoutingController.java | 4 +- .../controllers/CertificateController.java | 6 +-- .../controllers/ChallengeController.java | 6 +-- .../controllers/DeviceController.java | 14 +++--- .../controllers/DirectoryV2Controller.java | 4 +- .../controllers/DonationController.java | 6 +-- .../controllers/KeepAliveController.java | 4 +- .../KeyTransparencyController.java | 8 ++-- .../controllers/KeysController.java | 12 ++--- .../controllers/MessageController.java | 22 +++++----- .../controllers/PaymentsController.java | 6 +-- .../controllers/ProfileController.java | 16 +++---- .../controllers/ProvisioningController.java | 4 +- .../controllers/RemoteConfigController.java | 4 +- .../controllers/SecureStorageController.java | 4 +- .../SecureValueRecovery2Controller.java | 4 +- .../SecureValueRecovery3Controller.java | 6 +-- .../controllers/StickerController.java | 4 +- .../controllers/SubscriptionController.java | 30 ++++++------- .../storage/AccountPrincipalSupplier.java | 16 +++---- .../textsecuregcm/storage/AccountUtil.java | 2 - .../AuthenticatedConnectListener.java | 4 +- .../WebSocketAccountAuthenticator.java | 18 ++++---- .../websocket/WebSocketConnection.java | 8 ++-- ...socketResourceProviderIntegrationTest.java | 10 ++--- .../WebsocketReuseAuthIntegrationTest.java | 34 +++++++------- .../auth/AccountAuthenticatorTest.java | 14 +++--- ...rChangeRefreshRequirementProviderTest.java | 20 ++++----- .../controllers/AccountControllerTest.java | 4 +- .../controllers/AccountControllerV2Test.java | 6 +-- .../controllers/ArchiveControllerTest.java | 4 +- .../controllers/ArtControllerTest.java | 4 +- .../controllers/AttachmentControllerTest.java | 4 +- .../controllers/CallLinkControllerTest.java | 4 +- .../CallRoutingControllerTest.java | 4 +- .../CertificateControllerTest.java | 4 +- .../controllers/ChallengeControllerTest.java | 4 +- .../controllers/DeviceControllerTest.java | 4 +- .../DirectoryControllerV2Test.java | 5 +-- .../controllers/DonationControllerTest.java | 4 +- .../KeyTransparencyControllerTest.java | 4 +- .../controllers/KeysControllerTest.java | 4 +- .../controllers/MessageControllerTest.java | 4 +- .../controllers/PaymentsControllerTest.java | 4 +- .../controllers/ProfileControllerTest.java | 4 +- .../ProvisioningControllerTest.java | 4 +- .../RemoteConfigControllerTest.java | 4 +- .../SecureStorageControllerTest.java | 4 +- .../SecureValueRecovery3ControllerTest.java | 4 +- .../controllers/StickerControllerTest.java | 4 +- .../SubscriptionControllerTest.java | 4 +- .../textsecuregcm/tests/util/AuthHelper.java | 6 +-- .../WebSocketAccountAuthenticatorTest.java | 6 +-- .../WebSocketConnectionIntegrationTest.java | 8 ++-- .../websocket/WebSocketConnectionTest.java | 13 +++--- 68 files changed, 285 insertions(+), 292 deletions(-) rename service/src/main/java/org/whispersystems/textsecuregcm/auth/{AuthenticatedAccount.java => AuthenticatedDevice.java} (80%) diff --git a/api-doc/src/main/java/org/signal/openapi/OpenApiExtension.java b/api-doc/src/main/java/org/signal/openapi/OpenApiExtension.java index c0194e7a7..b6d97cfcc 100644 --- a/api-doc/src/main/java/org/signal/openapi/OpenApiExtension.java +++ b/api-doc/src/main/java/org/signal/openapi/OpenApiExtension.java @@ -21,7 +21,7 @@ import java.util.ServiceLoader; import java.util.Set; import javax.ws.rs.Consumes; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; /** * One of the extension mechanisms of Swagger Core library (OpenAPI processor) is via custom implementations @@ -62,11 +62,11 @@ public ResolvedParameter extractParameters( if (annotations.stream().anyMatch(a -> a.annotationType().equals(Auth.class))) { // this is the case of authenticated endpoint, if (type instanceof SimpleType simpleType - && simpleType.getRawClass().equals(AuthenticatedAccount.class)) { + && simpleType.getRawClass().equals(AuthenticatedDevice.class)) { return AUTHENTICATED_ACCOUNT; } if (type instanceof SimpleType simpleType - && isOptionalOfType(simpleType, AuthenticatedAccount.class)) { + && isOptionalOfType(simpleType, AuthenticatedDevice.class)) { return OPTIONAL_AUTHENTICATED_ACCOUNT; } } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java index 428c8b98c..995088cd4 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java @@ -76,7 +76,7 @@ import org.whispersystems.textsecuregcm.attachments.GcsAttachmentGenerator; import org.whispersystems.textsecuregcm.attachments.TusAttachmentGenerator; import org.whispersystems.textsecuregcm.auth.AccountAuthenticator; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.CertificateGenerator; import org.whispersystems.textsecuregcm.auth.CloudflareTurnCredentialsManager; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; @@ -974,8 +974,8 @@ protected void configureServer(final ServerBuilder serverBuilder) { config.getExternalRequestFilterConfiguration().paths().toArray(new String[]{})); } - final AuthFilter accountAuthFilter = - new BasicCredentialAuthFilter.Builder() + final AuthFilter accountAuthFilter = + new BasicCredentialAuthFilter.Builder() .setAuthenticator(accountAuthenticator) .buildAuthFilter(); @@ -992,12 +992,12 @@ protected void configureServer(final ServerBuilder serverBuilder) { environment.jersey().register(new RequestStatisticsFilter(TrafficSource.HTTP)); environment.jersey().register(MultiRecipientMessageProvider.class); environment.jersey().register(new AuthDynamicFeature(accountAuthFilter)); - environment.jersey().register(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)); + environment.jersey().register(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)); environment.jersey().register(new WebsocketRefreshApplicationEventListener(accountsManager, clientPresenceManager)); environment.jersey().register(new TimestampResponseFilter()); /// - WebSocketEnvironment webSocketEnvironment = new WebSocketEnvironment<>(environment, + WebSocketEnvironment webSocketEnvironment = new WebSocketEnvironment<>(environment, config.getWebSocketConfiguration(), Duration.ofMillis(90000)); webSocketEnvironment.jersey().register(new VirtualExecutorServiceProvider("managed-async-websocket-virtual-thread-")); webSocketEnvironment.setAuthenticator(new WebSocketAccountAuthenticator(accountAuthenticator, new AccountPrincipalSupplier(accountsManager))); @@ -1128,7 +1128,7 @@ protected void configureServer(final ServerBuilder serverBuilder) { webSocketEnvironment.jersey().register(controller); } - WebSocketEnvironment provisioningEnvironment = new WebSocketEnvironment<>(environment, + WebSocketEnvironment provisioningEnvironment = new WebSocketEnvironment<>(environment, webSocketEnvironment.getRequestLog(), Duration.ofMillis(60000)); provisioningEnvironment.jersey().register(new WebsocketRefreshApplicationEventListener(accountsManager, clientPresenceManager)); provisioningEnvironment.setConnectListener(new ProvisioningConnectListener(provisioningManager)); @@ -1144,11 +1144,11 @@ protected void configureServer(final ServerBuilder serverBuilder) { JettyWebSocketServletContainerInitializer.configure(environment.getApplicationContext(), null); - WebSocketResourceProviderFactory webSocketServlet = new WebSocketResourceProviderFactory<>( - webSocketEnvironment, AuthenticatedAccount.class, config.getWebSocketConfiguration(), + WebSocketResourceProviderFactory webSocketServlet = new WebSocketResourceProviderFactory<>( + webSocketEnvironment, AuthenticatedDevice.class, config.getWebSocketConfiguration(), RemoteAddressFilter.REMOTE_ADDRESS_ATTRIBUTE_NAME); - WebSocketResourceProviderFactory provisioningServlet = new WebSocketResourceProviderFactory<>( - provisioningEnvironment, AuthenticatedAccount.class, config.getWebSocketConfiguration(), + WebSocketResourceProviderFactory provisioningServlet = new WebSocketResourceProviderFactory<>( + provisioningEnvironment, AuthenticatedDevice.class, config.getWebSocketConfiguration(), RemoteAddressFilter.REMOTE_ADDRESS_ATTRIBUTE_NAME); ServletRegistration.Dynamic websocket = environment.servlets().addServlet("WebSocket", webSocketServlet); @@ -1169,8 +1169,8 @@ protected void configureServer(final ServerBuilder serverBuilder) { } private void registerExceptionMappers(Environment environment, - WebSocketEnvironment webSocketEnvironment, - WebSocketEnvironment provisioningEnvironment) { + WebSocketEnvironment webSocketEnvironment, + WebSocketEnvironment provisioningEnvironment) { List.of( new LoggingUnhandledExceptionMapper(), diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticator.java b/service/src/main/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticator.java index 22460d228..f416997ee 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticator.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticator.java @@ -25,7 +25,7 @@ import org.whispersystems.textsecuregcm.util.Pair; import org.whispersystems.textsecuregcm.util.Util; -public class AccountAuthenticator implements Authenticator { +public class AccountAuthenticator implements Authenticator { private static final String LEGACY_NAME_PREFIX = "org.whispersystems.textsecuregcm.auth.BaseAccountAuthenticator"; @@ -73,7 +73,7 @@ static Pair getIdentifierAndDeviceId(final String basicUsername) { } @Override - public Optional authenticate(BasicCredentials basicCredentials) { + public Optional authenticate(BasicCredentials basicCredentials) { boolean succeeded = false; String failureReason = null; @@ -112,7 +112,7 @@ public Optional authenticate(BasicCredentials basicCredent device.get(), SaltedTokenHash.generateFor(basicCredentials.getPassword())); // new credentials have current version } - return Optional.of(new AuthenticatedAccount(authenticatedAccount, device.get())); + return Optional.of(new AuthenticatedDevice(authenticatedAccount, device.get())); } else { failureReason = "incorrectPassword"; return Optional.empty(); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/auth/AuthenticatedAccount.java b/service/src/main/java/org/whispersystems/textsecuregcm/auth/AuthenticatedDevice.java similarity index 80% rename from service/src/main/java/org/whispersystems/textsecuregcm/auth/AuthenticatedAccount.java rename to service/src/main/java/org/whispersystems/textsecuregcm/auth/AuthenticatedDevice.java index 4fdca7be4..7193d5dad 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/auth/AuthenticatedAccount.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/auth/AuthenticatedDevice.java @@ -6,16 +6,16 @@ package org.whispersystems.textsecuregcm.auth; import java.security.Principal; -import java.util.function.Supplier; import javax.security.auth.Subject; import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Device; -public class AuthenticatedAccount implements Principal, AccountAndAuthenticatedDeviceHolder { +public class AuthenticatedDevice implements Principal, AccountAndAuthenticatedDeviceHolder { + private final Account account; private final Device device; - public AuthenticatedAccount(final Account account, final Device device) { + public AuthenticatedDevice(final Account account, final Device device) { this.account = account; this.device = device; } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/auth/LinkedDeviceRefreshRequirementProvider.java b/service/src/main/java/org/whispersystems/textsecuregcm/auth/LinkedDeviceRefreshRequirementProvider.java index 12060f2ea..01eb00fe1 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/auth/LinkedDeviceRefreshRequirementProvider.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/auth/LinkedDeviceRefreshRequirementProvider.java @@ -25,7 +25,7 @@ * any active WebSocket connections for the account must be closed in order for clients to get a refreshed * {@link io.dropwizard.auth.Auth} object with a current device list. * - * @see AuthenticatedAccount + * @see AuthenticatedDevice */ public class LinkedDeviceRefreshRequirementProvider implements WebsocketRefreshRequirementProvider { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java index 5f7de5863..e11522bfa 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountController.java @@ -33,7 +33,7 @@ import javax.ws.rs.core.Response.Status; import org.signal.libsignal.usernames.BaseUsernameException; import org.whispersystems.textsecuregcm.auth.AccountAndAuthenticatedDeviceHolder; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.SaltedTokenHash; import org.whispersystems.textsecuregcm.auth.TurnToken; import org.whispersystems.textsecuregcm.auth.TurnTokenGenerator; @@ -99,7 +99,7 @@ public AccountController( @GET @Path("/turn/") @Produces(MediaType.APPLICATION_JSON) - public TurnToken getTurnToken(@ReadOnly @Auth AuthenticatedAccount auth) throws RateLimitExceededException { + public TurnToken getTurnToken(@ReadOnly @Auth AuthenticatedDevice auth) throws RateLimitExceededException { rateLimiters.getTurnLimiter().validate(auth.getAccount().getUuid()); return turnTokenGenerator.generate(auth.getAccount().getUuid()); } @@ -108,7 +108,7 @@ public TurnToken getTurnToken(@ReadOnly @Auth AuthenticatedAccount auth) throws @Path("/gcm/") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public void setGcmRegistrationId(@Mutable @Auth AuthenticatedAccount auth, + public void setGcmRegistrationId(@Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid GcmRegistrationId registrationId) { final Account account = auth.getAccount(); @@ -128,7 +128,7 @@ public void setGcmRegistrationId(@Mutable @Auth AuthenticatedAccount auth, @DELETE @Path("/gcm/") - public void deleteGcmRegistrationId(@Mutable @Auth AuthenticatedAccount auth) { + public void deleteGcmRegistrationId(@Mutable @Auth AuthenticatedDevice auth) { Account account = auth.getAccount(); Device device = auth.getAuthenticatedDevice(); @@ -143,7 +143,7 @@ public void deleteGcmRegistrationId(@Mutable @Auth AuthenticatedAccount auth) { @Path("/apn/") @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public void setApnRegistrationId(@Mutable @Auth AuthenticatedAccount auth, + public void setApnRegistrationId(@Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid ApnRegistrationId registrationId) { final Account account = auth.getAccount(); @@ -161,7 +161,7 @@ public void setApnRegistrationId(@Mutable @Auth AuthenticatedAccount auth, @DELETE @Path("/apn/") - public void deleteApnRegistrationId(@Mutable @Auth AuthenticatedAccount auth) { + public void deleteApnRegistrationId(@Mutable @Auth AuthenticatedDevice auth) { Account account = auth.getAccount(); Device device = auth.getAuthenticatedDevice(); @@ -180,7 +180,7 @@ public void deleteApnRegistrationId(@Mutable @Auth AuthenticatedAccount auth) { @PUT @Produces(MediaType.APPLICATION_JSON) @Path("/registration_lock") - public void setRegistrationLock(@Mutable @Auth AuthenticatedAccount auth, @NotNull @Valid RegistrationLock accountLock) { + public void setRegistrationLock(@Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid RegistrationLock accountLock) { SaltedTokenHash credentials = SaltedTokenHash.generateFor(accountLock.getRegistrationLock()); accounts.update(auth.getAccount(), @@ -189,13 +189,13 @@ public void setRegistrationLock(@Mutable @Auth AuthenticatedAccount auth, @NotNu @DELETE @Path("/registration_lock") - public void removeRegistrationLock(@Mutable @Auth AuthenticatedAccount auth) { + public void removeRegistrationLock(@Mutable @Auth AuthenticatedDevice auth) { accounts.update(auth.getAccount(), a -> a.setRegistrationLock(null, null)); } @PUT @Path("/name/") - public void setName(@Mutable @Auth AuthenticatedAccount auth, @NotNull @Valid DeviceName deviceName) { + public void setName(@Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid DeviceName deviceName) { Account account = auth.getAccount(); Device device = auth.getAuthenticatedDevice(); accounts.updateDevice(account, device.getId(), d -> d.setName(deviceName.getDeviceName())); @@ -206,7 +206,7 @@ public void setName(@Mutable @Auth AuthenticatedAccount auth, @NotNull @Valid De @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public void setAccountAttributes( - @Mutable @Auth AuthenticatedAccount auth, + @Mutable @Auth AuthenticatedDevice auth, @HeaderParam(HeaderUtils.X_SIGNAL_AGENT) String userAgent, @NotNull @Valid AccountAttributes attributes) { final Account account = auth.getAccount(); @@ -236,14 +236,14 @@ public void setAccountAttributes( @Path("/me") @Deprecated() // use whoami @Produces(MediaType.APPLICATION_JSON) - public AccountIdentityResponse getMe(@ReadOnly @Auth AuthenticatedAccount auth) { + public AccountIdentityResponse getMe(@ReadOnly @Auth AuthenticatedDevice auth) { return buildAccountIdentityResponse(auth); } @GET @Path("/whoami") @Produces(MediaType.APPLICATION_JSON) - public AccountIdentityResponse whoAmI(@ReadOnly @Auth AuthenticatedAccount auth) { + public AccountIdentityResponse whoAmI(@ReadOnly @Auth AuthenticatedDevice auth) { return buildAccountIdentityResponse(auth); } @@ -266,7 +266,7 @@ private AccountIdentityResponse buildAccountIdentityResponse(AccountAndAuthentic ) @ApiResponse(responseCode = "204", description = "Username successfully deleted.", useReturnTypeSchema = true) @ApiResponse(responseCode = "401", description = "Account authentication check failed.") - public CompletableFuture deleteUsernameHash(@Mutable @Auth final AuthenticatedAccount auth) { + public CompletableFuture deleteUsernameHash(@Mutable @Auth final AuthenticatedDevice auth) { return accounts.clearUsernameHash(auth.getAccount()) .thenApply(Util.ASYNC_EMPTY_RESPONSE); } @@ -288,7 +288,7 @@ public CompletableFuture deleteUsernameHash(@Mutable @Auth final Authe @ApiResponse(responseCode = "422", description = "Invalid request format.") @ApiResponse(responseCode = "429", description = "Ratelimited.") public CompletableFuture reserveUsernameHash( - @Mutable @Auth final AuthenticatedAccount auth, + @Mutable @Auth final AuthenticatedDevice auth, @NotNull @Valid final ReserveUsernameHashRequest usernameRequest) throws RateLimitExceededException { rateLimiters.getUsernameReserveLimiter().validate(auth.getAccount().getUuid()); @@ -328,7 +328,7 @@ public CompletableFuture reserveUsernameHash( @ApiResponse(responseCode = "422", description = "Invalid request format.") @ApiResponse(responseCode = "429", description = "Ratelimited.") public CompletableFuture confirmUsernameHash( - @Mutable @Auth final AuthenticatedAccount auth, + @Mutable @Auth final AuthenticatedDevice auth, @NotNull @Valid final ConfirmUsernameHashRequest confirmRequest) { try { @@ -373,7 +373,7 @@ public CompletableFuture confirmUsernameHash( @ApiResponse(responseCode = "400", description = "Request must not be authenticated.") @ApiResponse(responseCode = "404", description = "Account not found for the given username.") public CompletableFuture lookupUsernameHash( - @ReadOnly @Auth final Optional maybeAuthenticatedAccount, + @ReadOnly @Auth final Optional maybeAuthenticatedAccount, @PathParam("usernameHash") final String usernameHash) { requireNotAuthenticated(maybeAuthenticatedAccount); @@ -412,7 +412,7 @@ public CompletableFuture lookupUsernameHash( @ApiResponse(responseCode = "422", description = "Invalid request format.") @ApiResponse(responseCode = "429", description = "Ratelimited.") public UsernameLinkHandle updateUsernameLink( - @Mutable @Auth final AuthenticatedAccount auth, + @Mutable @Auth final AuthenticatedDevice auth, @NotNull @Valid final EncryptedUsername encryptedUsername) throws RateLimitExceededException { // check ratelimiter for username link operations rateLimiters.forDescriptor(RateLimiters.For.USERNAME_LINK_OPERATION).validate(auth.getAccount().getUuid()); @@ -446,7 +446,7 @@ public UsernameLinkHandle updateUsernameLink( @ApiResponse(responseCode = "204", description = "Username Link successfully deleted.", useReturnTypeSchema = true) @ApiResponse(responseCode = "401", description = "Account authentication check failed.") @ApiResponse(responseCode = "429", description = "Ratelimited.") - public void deleteUsernameLink(@Mutable @Auth final AuthenticatedAccount auth) throws RateLimitExceededException { + public void deleteUsernameLink(@Mutable @Auth final AuthenticatedDevice auth) throws RateLimitExceededException { // check ratelimiter for username link operations rateLimiters.forDescriptor(RateLimiters.For.USERNAME_LINK_OPERATION).validate(auth.getAccount().getUuid()); clearUsernameLink(auth.getAccount()); @@ -469,7 +469,7 @@ public void deleteUsernameLink(@Mutable @Auth final AuthenticatedAccount auth) t @ApiResponse(responseCode = "422", description = "Invalid request format.") @ApiResponse(responseCode = "429", description = "Ratelimited.") public CompletableFuture lookupUsernameLink( - @ReadOnly @Auth final Optional maybeAuthenticatedAccount, + @ReadOnly @Auth final Optional maybeAuthenticatedAccount, @PathParam("uuid") final UUID usernameLinkHandle) { requireNotAuthenticated(maybeAuthenticatedAccount); @@ -495,7 +495,7 @@ public CompletableFuture lookupUsernameLink( @Path("/account/{identifier}") @RateLimitedByIp(RateLimiters.For.CHECK_ACCOUNT_EXISTENCE) public Response accountExists( - @ReadOnly @Auth final Optional authenticatedAccount, + @ReadOnly @Auth final Optional authenticatedAccount, @Parameter(description = "An ACI or PNI account identifier to check") @PathParam("identifier") final ServiceIdentifier accountIdentifier) { @@ -510,7 +510,7 @@ public Response accountExists( @DELETE @Path("/me") - public CompletableFuture deleteAccount(@Mutable @Auth AuthenticatedAccount auth) { + public CompletableFuture deleteAccount(@Mutable @Auth AuthenticatedDevice auth) { return accounts.delete(auth.getAccount(), AccountsManager.DeletionReason.USER_REQUEST).thenApply(Util.ASYNC_EMPTY_RESPONSE); } @@ -528,7 +528,7 @@ private void updateUsernameLink( accounts.update(account, a -> a.setUsernameLinkDetails(usernameLinkHandle, encryptedUsername)); } - private void requireNotAuthenticated(final Optional authenticatedAccount) { + private void requireNotAuthenticated(final Optional authenticatedAccount) { if (authenticatedAccount.isPresent()) { throw new BadRequestException("Operation requires unauthenticated access"); } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2.java index e8ba156a3..d35e6b17e 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2.java @@ -36,7 +36,7 @@ import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ChangesPhoneNumber; import org.whispersystems.textsecuregcm.auth.PhoneVerificationTokenManager; import org.whispersystems.textsecuregcm.auth.RegistrationLockVerificationManager; @@ -49,7 +49,6 @@ import org.whispersystems.textsecuregcm.entities.PhoneVerificationRequest; import org.whispersystems.textsecuregcm.entities.RegistrationLockFailure; import org.whispersystems.textsecuregcm.entities.StaleDevices; -import org.whispersystems.textsecuregcm.limits.RateLimiter; import org.whispersystems.textsecuregcm.limits.RateLimiters; import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil; import org.whispersystems.textsecuregcm.storage.Account; @@ -106,11 +105,11 @@ public AccountControllerV2(final AccountsManager accountsManager, final ChangeNu @ApiResponse(responseCode = "429", description = "Too many attempts", headers = @Header( name = "Retry-After", description = "If present, an positive integer indicating the number of seconds before a subsequent attempt could succeed")) - public AccountIdentityResponse changeNumber(@Mutable @Auth final AuthenticatedAccount authenticatedAccount, + public AccountIdentityResponse changeNumber(@Mutable @Auth final AuthenticatedDevice authenticatedDevice, @NotNull @Valid final ChangeNumberRequest request, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgentString) throws RateLimitExceededException, InterruptedException { - if (!authenticatedAccount.getAuthenticatedDevice().isPrimary()) { + if (!authenticatedDevice.getAuthenticatedDevice().isPrimary()) { throw new ForbiddenException(); } @@ -132,7 +131,7 @@ public AccountIdentityResponse changeNumber(@Mutable @Auth final AuthenticatedAc final String number = request.number(); // Only verify and check reglock if there's a data change to be made... - if (!authenticatedAccount.getAccount().getNumber().equals(number)) { + if (!authenticatedDevice.getAccount().getNumber().equals(number)) { rateLimiters.getRegistrationLimiter().validate(number); @@ -154,7 +153,7 @@ public AccountIdentityResponse changeNumber(@Mutable @Auth final AuthenticatedAc // ...but always attempt to make the change in case a client retries and needs to re-send messages try { final Account updatedAccount = changeNumberManager.changeNumber( - authenticatedAccount.getAccount(), + authenticatedDevice.getAccount(), request.number(), request.pniIdentityKey(), request.devicePniSignedPrekeys(), @@ -199,11 +198,11 @@ public AccountIdentityResponse changeNumber(@Mutable @Auth final AuthenticatedAc @ApiResponse(responseCode = "410", description = "The registration IDs provided for some devices do not match those stored on the server.", content = @Content(schema = @Schema(implementation = StaleDevices.class))) public AccountIdentityResponse distributePhoneNumberIdentityKeys( - @Mutable @Auth final AuthenticatedAccount authenticatedAccount, + @Mutable @Auth final AuthenticatedDevice authenticatedDevice, @HeaderParam(HttpHeaders.USER_AGENT) @Nullable final String userAgentString, @NotNull @Valid final PhoneNumberIdentityKeyDistributionRequest request) { - if (!authenticatedAccount.getAuthenticatedDevice().isPrimary()) { + if (!authenticatedDevice.getAuthenticatedDevice().isPrimary()) { throw new ForbiddenException(); } @@ -213,7 +212,7 @@ public AccountIdentityResponse distributePhoneNumberIdentityKeys( try { final Account updatedAccount = changeNumberManager.updatePniKeys( - authenticatedAccount.getAccount(), + authenticatedDevice.getAccount(), request.pniIdentityKey(), request.devicePniSignedPrekeys(), request.devicePniPqLastResortPrekeys(), @@ -247,7 +246,7 @@ public AccountIdentityResponse distributePhoneNumberIdentityKeys( @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public void setPhoneNumberDiscoverability( - @Mutable @Auth AuthenticatedAccount auth, + @Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid PhoneNumberDiscoverabilityRequest phoneNumberDiscoverability ) { accountsManager.update(auth.getAccount(), a -> a.setDiscoverableByPhoneNumber( @@ -261,7 +260,7 @@ public void setPhoneNumberDiscoverability( @ApiResponse(responseCode = "200", description = "Response with data report. A plain text representation is a field in the response.", useReturnTypeSchema = true) - public AccountDataReportResponse getAccountDataReport(@ReadOnly @Auth final AuthenticatedAccount auth) { + public AccountDataReportResponse getAccountDataReport(@ReadOnly @Auth final AuthenticatedDevice auth) { final Account account = auth.getAccount(); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArchiveController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArchiveController.java index b410b8988..59a71fd99 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArchiveController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArchiveController.java @@ -53,7 +53,7 @@ import org.signal.libsignal.zkgroup.backups.BackupAuthCredentialPresentation; import org.signal.libsignal.zkgroup.backups.BackupAuthCredentialRequest; import org.signal.libsignal.zkgroup.receipts.ReceiptCredentialPresentation; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.backup.BackupAuthManager; import org.whispersystems.textsecuregcm.backup.BackupManager; import org.whispersystems.textsecuregcm.backup.CopyParameters; @@ -112,7 +112,7 @@ Set a (blinded) backup-id for the account. Each account may have a single active @ApiResponse(responseCode = "400", description = "The provided backup auth credential request was invalid") @ApiResponse(responseCode = "429", description = "Rate limited. Too many attempts to change the backup-id have been made") public CompletionStage setBackupId( - @Mutable @Auth final AuthenticatedAccount account, + @Mutable @Auth final AuthenticatedDevice account, @Valid @NotNull final SetBackupIdRequest setBackupIdRequest) throws RateLimitExceededException { return this.backupAuthManager .commitBackupId(account.getAccount(), setBackupIdRequest.backupAuthCredentialRequest) @@ -156,7 +156,7 @@ public ReceiptCredentialPresentation deserialize(JsonParser jsonParser, @ApiResponse(responseCode = "400", description = "The provided presentation or receipt was invalid") @ApiResponse(responseCode = "429", description = "Rate limited.") public CompletionStage redeemReceipt( - @Mutable @Auth final AuthenticatedAccount account, + @Mutable @Auth final AuthenticatedDevice account, @Valid @NotNull final RedeemBackupReceiptRequest redeemBackupReceiptRequest) { return this.backupAuthManager.redeemReceipt( account.getAccount(), @@ -197,7 +197,7 @@ public record BackupAuthCredential( @ApiResponse(responseCode = "404", description = "Could not find an existing blinded backup id") @ApiResponse(responseCode = "429", description = "Rate limited.") public CompletionStage getBackupZKCredentials( - @Mutable @Auth AuthenticatedAccount auth, + @Mutable @Auth AuthenticatedDevice auth, @NotNull @QueryParam("redemptionStartSeconds") Long startSeconds, @NotNull @QueryParam("redemptionEndSeconds") Long endSeconds) { @@ -270,7 +270,7 @@ public record ReadAuthResponse( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage readAuth( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -321,7 +321,7 @@ public record BackupInfoResponse( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage backupInfo( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -366,7 +366,7 @@ public record SetPublicKeyRequest( @ApiResponse(responseCode = "204", description = "The public key was set") @ApiResponse(responseCode = "429", description = "Rate limited.") public CompletionStage setPublicKey( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -403,7 +403,7 @@ public record UploadDescriptorResponse( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage backup( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -439,7 +439,7 @@ public CompletionStage backup( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage uploadTemporaryAttachment( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -537,7 +537,7 @@ public record CopyMediaResponse( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage copyMedia( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -634,7 +634,7 @@ static Entry fromCopyResult(final CopyResult copyResult) { @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage copyMedia( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -671,7 +671,7 @@ public CompletionStage copyMedia( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage refresh( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -737,7 +737,7 @@ public record ListResponse( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage listMedia( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -792,7 +792,7 @@ public record MediaToDelete( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage deleteMedia( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull @@ -828,7 +828,7 @@ public CompletionStage deleteMedia( @ApiResponse(responseCode = "429", description = "Rate limited.") @ApiResponseZkAuth public CompletionStage deleteBackup( - @ReadOnly @Auth final Optional account, + @ReadOnly @Auth final Optional account, @Parameter(description = BackupAuthCredentialPresentationHeader.DESCRIPTION, schema = @Schema(implementation = String.class)) @NotNull diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArtController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArtController.java index 714acbee1..ba47480e8 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArtController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ArtController.java @@ -12,7 +12,7 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.ArtServiceConfiguration; @@ -43,7 +43,7 @@ public ArtController(final RateLimiters rateLimiters, @GET @Path("/auth") @Produces(MediaType.APPLICATION_JSON) - public ExternalServiceCredentials getAuth(final @ReadOnly @Auth AuthenticatedAccount auth) + public ExternalServiceCredentials getAuth(final @ReadOnly @Auth AuthenticatedDevice auth) throws RateLimitExceededException { final UUID uuid = auth.getAccount().getUuid(); rateLimiters.forDescriptor(RateLimiters.For.EXTERNAL_SERVICE_CREDENTIALS).validate(uuid); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV2.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV2.java index dd46f05b2..866079fdc 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV2.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV2.java @@ -20,7 +20,7 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.AttachmentDescriptorV2; import org.whispersystems.textsecuregcm.limits.RateLimiter; import org.whispersystems.textsecuregcm.limits.RateLimiters; @@ -54,7 +54,7 @@ public AttachmentControllerV2(RateLimiters rateLimiters, String accessKey, Strin @Produces(MediaType.APPLICATION_JSON) @Path("/form/upload") public AttachmentDescriptorV2 getAttachmentUploadForm( - @ReadOnly @Auth AuthenticatedAccount auth, + @ReadOnly @Auth AuthenticatedDevice auth, @HeaderParam(HttpHeaders.USER_AGENT) String userAgent) throws RateLimitExceededException { rateLimiter.validate(auth.getAccount().getUuid()); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV3.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV3.java index 5265444b3..ab8d2f68c 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV3.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV3.java @@ -19,7 +19,7 @@ import javax.ws.rs.core.MediaType; import org.whispersystems.textsecuregcm.attachments.AttachmentGenerator; import org.whispersystems.textsecuregcm.attachments.GcsAttachmentGenerator; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.AttachmentDescriptorV3; import org.whispersystems.textsecuregcm.limits.RateLimiter; import org.whispersystems.textsecuregcm.limits.RateLimiters; @@ -50,7 +50,7 @@ public AttachmentControllerV3(@Nonnull RateLimiters rateLimiters, @Nonnull GcsAt @GET @Produces(MediaType.APPLICATION_JSON) @Path("/form/upload") - public AttachmentDescriptorV3 getAttachmentUploadForm(@ReadOnly @Auth AuthenticatedAccount auth) + public AttachmentDescriptorV3 getAttachmentUploadForm(@ReadOnly @Auth AuthenticatedDevice auth) throws RateLimitExceededException { rateLimiter.validate(auth.getAccount().getUuid()); final String key = generateAttachmentKey(); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV4.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV4.java index e0fd48c4c..64079cfbe 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV4.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerV4.java @@ -21,7 +21,7 @@ import org.whispersystems.textsecuregcm.attachments.AttachmentGenerator; import org.whispersystems.textsecuregcm.attachments.GcsAttachmentGenerator; import org.whispersystems.textsecuregcm.attachments.TusAttachmentGenerator; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.AttachmentDescriptorV3; import org.whispersystems.textsecuregcm.experiment.ExperimentEnrollmentManager; import org.whispersystems.textsecuregcm.limits.RateLimiter; @@ -77,7 +77,7 @@ public AttachmentControllerV4( @ApiResponse(responseCode = "429", description = "Too many attempts", headers = @Header( name = "Retry-After", description = "If present, an positive integer indicating the number of seconds before a subsequent attempt could succeed")) - public AttachmentDescriptorV3 getAttachmentUploadForm(@ReadOnly @Auth AuthenticatedAccount auth) + public AttachmentDescriptorV3 getAttachmentUploadForm(@ReadOnly @Auth AuthenticatedDevice auth) throws RateLimitExceededException { rateLimiter.validate(auth.getAccount().getUuid()); final String key = generateAttachmentKey(); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java index d41613aaf..4558a628c 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallLinkController.java @@ -16,7 +16,7 @@ import org.signal.libsignal.zkgroup.GenericServerSecretParams; import org.signal.libsignal.zkgroup.InvalidInputException; import org.signal.libsignal.zkgroup.calllinks.CreateCallLinkCredentialRequest; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.CreateCallLinkCredential; import org.whispersystems.textsecuregcm.entities.GetCreateCallLinkCredentialsRequest; import org.whispersystems.textsecuregcm.limits.RateLimiters; @@ -52,7 +52,7 @@ public CallLinkController( @ApiResponse(responseCode = "422", description = "Invalid request format.") @ApiResponse(responseCode = "429", description = "Ratelimited.") public CreateCallLinkCredential getCreateAuth( - final @ReadOnly @Auth AuthenticatedAccount auth, + final @ReadOnly @Auth AuthenticatedDevice auth, final @NotNull @Valid GetCreateCallLinkCredentialsRequest request ) throws RateLimitExceededException { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallRoutingController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallRoutingController.java index 8e5144a6f..c394e646d 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallRoutingController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CallRoutingController.java @@ -20,7 +20,7 @@ import javax.ws.rs.core.MediaType; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.CloudflareTurnCredentialsManager; import org.whispersystems.textsecuregcm.auth.TurnToken; import org.whispersystems.textsecuregcm.auth.TurnTokenGenerator; @@ -73,7 +73,7 @@ public CallRoutingController( @ApiResponse(responseCode = "422", description = "Invalid request format.") @ApiResponse(responseCode = "429", description = "Rate limited.") public TurnToken getCallingRelays( - final @ReadOnly @Auth AuthenticatedAccount auth, + final @ReadOnly @Auth AuthenticatedDevice auth, @Context ContainerRequestContext requestContext ) throws RateLimitExceededException, IOException { UUID aci = auth.getAccount().getUuid(); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java index 595119919..5885d81de 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/CertificateController.java @@ -34,7 +34,7 @@ import org.signal.libsignal.zkgroup.auth.AuthCredentialWithPniResponse; import org.signal.libsignal.zkgroup.auth.ServerZkAuthOperations; import org.signal.libsignal.zkgroup.calllinks.CallLinkAuthCredentialResponse; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.CertificateGenerator; import org.whispersystems.textsecuregcm.entities.DeliveryCertificate; import org.whispersystems.textsecuregcm.entities.GroupCredentials; @@ -70,7 +70,7 @@ public CertificateController( @GET @Produces(MediaType.APPLICATION_JSON) @Path("/delivery") - public DeliveryCertificate getDeliveryCertificate(@ReadOnly @Auth AuthenticatedAccount auth, + public DeliveryCertificate getDeliveryCertificate(@ReadOnly @Auth AuthenticatedDevice auth, @QueryParam("includeE164") @DefaultValue("true") boolean includeE164) throws InvalidKeyException { @@ -89,7 +89,7 @@ public DeliveryCertificate getDeliveryCertificate(@ReadOnly @Auth AuthenticatedA @Produces(MediaType.APPLICATION_JSON) @Path("/auth/group") public GroupCredentials getGroupAuthenticationCredentials( - @ReadOnly @Auth AuthenticatedAccount auth, + @ReadOnly @Auth AuthenticatedDevice auth, @QueryParam("redemptionStartSeconds") long startSeconds, @QueryParam("redemptionEndSeconds") long endSeconds, @QueryParam("zkcCredential") boolean zkcCredential) { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ChallengeController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ChallengeController.java index 39b3ce7f2..a90665c97 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ChallengeController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ChallengeController.java @@ -30,7 +30,7 @@ import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.AnswerChallengeRequest; import org.whispersystems.textsecuregcm.entities.AnswerPushChallengeRequest; import org.whispersystems.textsecuregcm.entities.AnswerCaptchaChallengeRequest; @@ -79,7 +79,7 @@ Some server endpoints (the "send message" endpoint, for example) may return a 42 @ApiResponse(responseCode = "429", description = "Too many attempts", headers = @Header( name = "Retry-After", description = "If present, an positive integer indicating the number of seconds before a subsequent attempt could succeed")) - public Response handleChallengeResponse(@ReadOnly @Auth final AuthenticatedAccount auth, + public Response handleChallengeResponse(@ReadOnly @Auth final AuthenticatedDevice auth, @Valid final AnswerChallengeRequest answerRequest, @Context ContainerRequestContext requestContext, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent) throws RateLimitExceededException, IOException { @@ -165,7 +165,7 @@ public Response handleChallengeResponse(@ReadOnly @Auth final AuthenticatedAccou @ApiResponse(responseCode = "429", description = "Too many attempts", headers = @Header( name = "Retry-After", description = "If present, an positive integer indicating the number of seconds before a subsequent attempt could succeed")) - public Response requestPushChallenge(@ReadOnly @Auth final AuthenticatedAccount auth, + public Response requestPushChallenge(@ReadOnly @Auth final AuthenticatedDevice auth, @Context ContainerRequestContext requestContext) { final ChallengeConstraints constraints = challengeConstraintChecker.challengeConstraints( requestContext, auth.getAccount()); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java index c948fb829..154039e23 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DeviceController.java @@ -47,7 +47,7 @@ import javax.ws.rs.core.Response; import org.glassfish.jersey.server.ContainerRequest; import org.whispersystems.textsecuregcm.auth.LinkedDeviceRefreshRequirementProvider; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.BasicAuthorizationHeader; import org.whispersystems.textsecuregcm.auth.ChangesLinkedDevices; import org.whispersystems.textsecuregcm.entities.AccountAttributes; @@ -118,7 +118,7 @@ public DeviceController(byte[] linkDeviceSecret, @GET @Produces(MediaType.APPLICATION_JSON) - public DeviceInfoList getDevices(@ReadOnly @Auth AuthenticatedAccount auth) { + public DeviceInfoList getDevices(@ReadOnly @Auth AuthenticatedDevice auth) { List devices = new LinkedList<>(); for (Device device : auth.getAccount().getDevices()) { @@ -133,7 +133,7 @@ public DeviceInfoList getDevices(@ReadOnly @Auth AuthenticatedAccount auth) { @Produces(MediaType.APPLICATION_JSON) @Path("/{device_id}") @ChangesLinkedDevices - public void removeDevice(@Mutable @Auth AuthenticatedAccount auth, @PathParam("device_id") byte deviceId) { + public void removeDevice(@Mutable @Auth AuthenticatedDevice auth, @PathParam("device_id") byte deviceId) { if (auth.getAuthenticatedDevice().getId() != Device.PRIMARY_ID) { throw new WebApplicationException(Response.Status.UNAUTHORIZED); } @@ -148,7 +148,7 @@ public void removeDevice(@Mutable @Auth AuthenticatedAccount auth, @PathParam("d @GET @Path("/provisioning/code") @Produces(MediaType.APPLICATION_JSON) - public VerificationCode createDeviceToken(@ReadOnly @Auth AuthenticatedAccount auth) + public VerificationCode createDeviceToken(@ReadOnly @Auth AuthenticatedDevice auth) throws RateLimitExceededException, DeviceLimitExceededException { final Account account = auth.getAccount(); @@ -273,7 +273,7 @@ public DeviceResponse linkDevice(@HeaderParam(HttpHeaders.AUTHORIZATION) BasicAu @PUT @Produces(MediaType.APPLICATION_JSON) @Path("/unauthenticated_delivery") - public void setUnauthenticatedDelivery(@Mutable @Auth AuthenticatedAccount auth) { + public void setUnauthenticatedDelivery(@Mutable @Auth AuthenticatedDevice auth) { assert (auth.getAuthenticatedDevice() != null); // Deprecated } @@ -281,7 +281,7 @@ public void setUnauthenticatedDelivery(@Mutable @Auth AuthenticatedAccount auth) @PUT @Produces(MediaType.APPLICATION_JSON) @Path("/capabilities") - public void setCapabilities(@Mutable @Auth AuthenticatedAccount auth, @NotNull @Valid DeviceCapabilities capabilities) { + public void setCapabilities(@Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid DeviceCapabilities capabilities) { assert (auth.getAuthenticatedDevice() != null); final byte deviceId = auth.getAuthenticatedDevice().getId(); accounts.updateDevice(auth.getAccount(), deviceId, d -> d.setCapabilities(capabilities)); @@ -301,7 +301,7 @@ public void setCapabilities(@Mutable @Auth AuthenticatedAccount auth, @NotNull @ @ApiResponse(responseCode = "200", description = "Public key stored successfully") @ApiResponse(responseCode = "401", description = "Account authentication check failed") @ApiResponse(responseCode = "422", description = "Invalid request format") - public CompletableFuture setPublicKey(@Auth final AuthenticatedAccount auth, + public CompletableFuture setPublicKey(@Auth final AuthenticatedDevice auth, final SetPublicKeyRequest setPublicKeyRequest) { return clientPublicKeysManager.setPublicKey(auth.getAccount(), diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DirectoryV2Controller.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DirectoryV2Controller.java index 0ee567d4c..9c020c6f9 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DirectoryV2Controller.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DirectoryV2Controller.java @@ -14,7 +14,7 @@ import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.DirectoryV2ClientConfiguration; @@ -48,7 +48,7 @@ public DirectoryV2Controller(final ExternalServiceCredentialsGenerator userToken @GET @Path("/auth") @Produces(MediaType.APPLICATION_JSON) - public Response getAuthToken(final @ReadOnly @Auth AuthenticatedAccount auth) { + public Response getAuthToken(final @ReadOnly @Auth AuthenticatedDevice auth) { final UUID uuid = auth.getAccount().getUuid(); final ExternalServiceCredentials credentials = directoryServiceTokenGenerator.generateForUuid(uuid); return Response.ok().entity(credentials).build(); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DonationController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DonationController.java index a103ffc74..553920951 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DonationController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/DonationController.java @@ -28,9 +28,7 @@ import org.signal.libsignal.zkgroup.receipts.ReceiptCredentialPresentation; import org.signal.libsignal.zkgroup.receipts.ReceiptSerial; import org.signal.libsignal.zkgroup.receipts.ServerZkReceiptOperations; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.configuration.BadgesConfiguration; import org.whispersystems.textsecuregcm.entities.RedeemReceiptRequest; import org.whispersystems.textsecuregcm.storage.AccountBadge; @@ -73,7 +71,7 @@ public DonationController( @Consumes(MediaType.APPLICATION_JSON) @Produces({MediaType.APPLICATION_JSON, MediaType.TEXT_PLAIN}) public CompletionStage redeemReceipt( - @Mutable @Auth final AuthenticatedAccount auth, + @Mutable @Auth final AuthenticatedDevice auth, @NotNull @Valid final RedeemReceiptRequest request) { return CompletableFuture.supplyAsync(() -> { ReceiptCredentialPresentation receiptCredentialPresentation; diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeepAliveController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeepAliveController.java index 44d0f6893..d36f44917 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeepAliveController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeepAliveController.java @@ -17,7 +17,7 @@ import javax.ws.rs.core.Response; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil; import org.whispersystems.textsecuregcm.push.ClientPresenceManager; import org.whispersystems.websocket.auth.ReadOnly; @@ -41,7 +41,7 @@ public KeepAliveController(final ClientPresenceManager clientPresenceManager) { } @GET - public Response getKeepAlive(@ReadOnly @Auth Optional maybeAuth, + public Response getKeepAlive(@ReadOnly @Auth Optional maybeAuth, @WebSocketSession WebSocketSessionContext context) { maybeAuth.ifPresent(auth -> { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyController.java index 444836dba..6d13ec16c 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyController.java @@ -19,7 +19,7 @@ import katie.SearchResponse; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.KeyTransparencyMonitorRequest; import org.whispersystems.textsecuregcm.entities.KeyTransparencyMonitorResponse; import org.whispersystems.textsecuregcm.entities.KeyTransparencySearchRequest; @@ -85,7 +85,7 @@ public KeyTransparencyController( @RateLimitedByIp(RateLimiters.For.KEY_TRANSPARENCY_SEARCH_PER_IP) @Produces(MediaType.APPLICATION_JSON) public KeyTransparencySearchResponse search( - @ReadOnly @Auth final Optional authenticatedAccount, + @ReadOnly @Auth final Optional authenticatedAccount, @NotNull @Valid final KeyTransparencySearchRequest request) { // Disallow clients from making authenticated requests to this endpoint @@ -144,7 +144,7 @@ public KeyTransparencySearchResponse search( @RateLimitedByIp(RateLimiters.For.KEY_TRANSPARENCY_MONITOR_PER_IP) @Produces(MediaType.APPLICATION_JSON) public KeyTransparencyMonitorResponse monitor( - @ReadOnly @Auth final Optional authenticatedAccount, + @ReadOnly @Auth final Optional authenticatedAccount, @NotNull @Valid final KeyTransparencyMonitorRequest request) { // Disallow clients from making authenticated requests to this endpoint @@ -226,7 +226,7 @@ private static MonitorKey createMonitorKey(final ByteString fullSearchKey, final .build(); } - private void requireNotAuthenticated(final Optional authenticatedAccount) { + private void requireNotAuthenticated(final Optional authenticatedAccount) { if (authenticatedAccount.isPresent()) { throw new BadRequestException("Endpoint requires unauthenticated access"); } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysController.java index c567b8978..1a7c844ad 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/KeysController.java @@ -49,7 +49,7 @@ import org.signal.libsignal.zkgroup.groupsend.GroupSendDerivedKeyPair; import org.signal.libsignal.zkgroup.groupsend.GroupSendFullToken; import org.whispersystems.textsecuregcm.auth.Anonymous; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.GroupSendTokenHeader; import org.whispersystems.textsecuregcm.auth.OptionalAccess; import org.whispersystems.textsecuregcm.entities.CheckKeysRequest; @@ -108,7 +108,7 @@ public KeysController(RateLimiters rateLimiters, KeysManager keysManager, Accoun description = "Gets the number of one-time prekeys uploaded for this device and still available") @ApiResponse(responseCode = "200", description = "Body contains the number of available one-time prekeys for the device.", useReturnTypeSchema = true) @ApiResponse(responseCode = "401", description = "Account authentication check failed.") - public CompletableFuture getStatus(@ReadOnly @Auth final AuthenticatedAccount auth, + public CompletableFuture getStatus(@ReadOnly @Auth final AuthenticatedDevice auth, @QueryParam("identity") @DefaultValue("aci") final IdentityType identityType) { final CompletableFuture ecCountFuture = @@ -129,7 +129,7 @@ public CompletableFuture getStatus(@ReadOnly @Auth final Authentica @ApiResponse(responseCode = "403", description = "Attempt to change identity key from a non-primary device.") @ApiResponse(responseCode = "422", description = "Invalid request format.") public CompletableFuture setKeys( - @ReadOnly @Auth final AuthenticatedAccount auth, + @ReadOnly @Auth final AuthenticatedDevice auth, @RequestBody @NotNull @Valid final SetKeysRequest setKeysRequest, @Parameter(allowEmptyValue=true) @@ -243,7 +243,7 @@ private void checkSignedPreKeySignatures(final SetKeysRequest setKeysRequest, """) @ApiResponse(responseCode = "422", description = "Invalid request format") public CompletableFuture checkKeys( - @ReadOnly @Auth final AuthenticatedAccount auth, + @ReadOnly @Auth final AuthenticatedDevice auth, @RequestBody @NotNull @Valid final CheckKeysRequest checkKeysRequest, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent) { @@ -318,7 +318,7 @@ public CompletableFuture checkKeys( name = "Retry-After", description = "If present, a positive integer indicating the number of seconds before a subsequent attempt could succeed")) public PreKeyResponse getDeviceKeys( - @ReadOnly @Auth Optional auth, + @ReadOnly @Auth Optional auth, @HeaderParam(HeaderUtils.UNIDENTIFIED_ACCESS_KEY) Optional accessKey, @HeaderParam(HeaderUtils.GROUP_SEND_TOKEN) Optional groupSendToken, @@ -335,7 +335,7 @@ public PreKeyResponse getDeviceKeys( throw new WebApplicationException(Response.Status.UNAUTHORIZED); } - final Optional account = auth.map(AuthenticatedAccount::getAccount); + final Optional account = auth.map(AuthenticatedDevice::getAccount); final Optional maybeTarget = accounts.getByServiceIdentifier(targetIdentifier); if (groupSendToken.isPresent()) { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java index 306efc6d0..75d8df4cb 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/MessageController.java @@ -83,7 +83,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.whispersystems.textsecuregcm.auth.Anonymous; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.CombinedUnidentifiedSenderAccessKeys; import org.whispersystems.textsecuregcm.auth.GroupSendTokenHeader; import org.whispersystems.textsecuregcm.auth.OptionalAccess; @@ -270,7 +270,7 @@ public MessageController( @ApiResponse( responseCode = "410", description = "Mismatched registration ids supplied for some recipient devices", content = @Content(schema = @Schema(implementation = AccountStaleDevices[].class))) - public Response sendMessage(@ReadOnly @Auth Optional source, + public Response sendMessage(@ReadOnly @Auth Optional source, @Parameter(description="The recipient's unidentified access key") @HeaderParam(HeaderUtils.UNIDENTIFIED_ACCESS_KEY) Optional accessKey, @@ -326,11 +326,11 @@ public Response sendMessage(@ReadOnly @Auth Optional sourc if (!isSyncMessage) { destination = accountsManager.getByServiceIdentifier(destinationIdentifier); } else { - destination = source.map(AuthenticatedAccount::getAccount); + destination = source.map(AuthenticatedDevice::getAccount); } final Optional spamCheck = spamChecker.checkForSpam( - context, source.map(AuthenticatedAccount::getAccount), destination); + context, source.map(AuthenticatedDevice::getAccount), destination); if (spamCheck.isPresent()) { return spamCheck.get(); } @@ -374,7 +374,7 @@ public Response sendMessage(@ReadOnly @Auth Optional sourc throw new NotFoundException(); } } else { - OptionalAccess.verify(source.map(AuthenticatedAccount::getAccount), accessKey, destination, + OptionalAccess.verify(source.map(AuthenticatedDevice::getAccount), accessKey, destination, destinationIdentifier); } @@ -745,7 +745,7 @@ private void checkAccessKeys( @Timed @GET @Produces(MediaType.APPLICATION_JSON) - public CompletableFuture getPendingMessages(@ReadOnly @Auth AuthenticatedAccount auth, + public CompletableFuture getPendingMessages(@ReadOnly @Auth AuthenticatedDevice auth, @HeaderParam(Stories.X_SIGNAL_RECEIVE_STORIES) String receiveStoriesHeader, @HeaderParam(HttpHeaders.USER_AGENT) String userAgent) { @@ -800,7 +800,7 @@ private static long estimateMessageListSizeBytes(final OutgoingMessageEntityList @Timed @DELETE @Path("/uuid/{uuid}") - public CompletableFuture removePendingMessage(@ReadOnly @Auth AuthenticatedAccount auth, @PathParam("uuid") UUID uuid) { + public CompletableFuture removePendingMessage(@ReadOnly @Auth AuthenticatedDevice auth, @PathParam("uuid") UUID uuid) { return messagesManager.delete( auth.getAccount().getUuid(), auth.getAuthenticatedDevice(), @@ -831,7 +831,7 @@ public CompletableFuture removePendingMessage(@ReadOnly @Auth Authenti @Consumes(MediaType.APPLICATION_JSON) @Path("/report/{source}/{messageGuid}") public Response reportSpamMessage( - @ReadOnly @Auth AuthenticatedAccount auth, + @ReadOnly @Auth AuthenticatedDevice auth, @PathParam("source") String source, @PathParam("messageGuid") UUID messageGuid, @Nullable SpamReport spamReport, @@ -881,7 +881,7 @@ public Response reportSpamMessage( } private void sendIndividualMessage( - Optional source, + Optional source, Account destinationAccount, Device destinationDevice, ServiceIdentifier destinationIdentifier, @@ -896,7 +896,7 @@ private void sendIndividualMessage( final Envelope envelope; try { - final Account sourceAccount = source.map(AuthenticatedAccount::getAccount).orElse(null); + final Account sourceAccount = source.map(AuthenticatedDevice::getAccount).orElse(null); final Byte sourceDeviceId = source.map(account -> account.getAuthenticatedDevice().getId()).orElse(null); envelope = incomingMessage.toEnvelope( destinationIdentifier, @@ -938,7 +938,7 @@ private void sendCommonPayloadMessage(Account destinationAccount, messageSender.sendMessage(destinationAccount, destinationDevice, messageBuilder.build(), online); } - private void checkMessageRateLimit(AuthenticatedAccount source, Account destination, String userAgent) + private void checkMessageRateLimit(AuthenticatedDevice source, Account destination, String userAgent) throws RateLimitExceededException { final String senderCountryCode = Util.getCountryCode(source.getAccount().getNumber()); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/PaymentsController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/PaymentsController.java index 4a00b15de..eebc6f613 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/PaymentsController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/PaymentsController.java @@ -11,7 +11,7 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.PaymentsServiceConfiguration; @@ -43,14 +43,14 @@ public PaymentsController(final CurrencyConversionManager currencyManager, @GET @Path("/auth") @Produces(MediaType.APPLICATION_JSON) - public ExternalServiceCredentials getAuth(final @ReadOnly @Auth AuthenticatedAccount auth) { + public ExternalServiceCredentials getAuth(final @ReadOnly @Auth AuthenticatedDevice auth) { return paymentsServiceCredentialsGenerator.generateForUuid(auth.getAccount().getUuid()); } @GET @Path("/conversions") @Produces(MediaType.APPLICATION_JSON) - public CurrencyConversionEntityList getConversions(final @ReadOnly @Auth AuthenticatedAccount auth) { + public CurrencyConversionEntityList getConversions(final @ReadOnly @Auth AuthenticatedDevice auth) { return currencyManager.getCurrencyConversions().orElseThrow(); } } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java index f79232e72..8da674885 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProfileController.java @@ -64,7 +64,7 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.whispersystems.textsecuregcm.auth.Anonymous; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.GroupSendTokenHeader; import org.whispersystems.textsecuregcm.auth.OptionalAccess; import org.whispersystems.textsecuregcm.auth.UnidentifiedAccessChecksum; @@ -167,7 +167,7 @@ public ProfileController( @PUT @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) - public Response setProfile(@Mutable @Auth AuthenticatedAccount auth, @NotNull @Valid CreateProfileRequest request) { + public Response setProfile(@Mutable @Auth AuthenticatedDevice auth, @NotNull @Valid CreateProfileRequest request) { final Optional currentProfile = profilesManager.get(auth.getAccount().getUuid(), request.version()); @@ -233,14 +233,14 @@ public Response setProfile(@Mutable @Auth AuthenticatedAccount auth, @NotNull @V @Path("/{identifier}/{version}") @ManagedAsync public VersionedProfileResponse getProfile( - @ReadOnly @Auth Optional auth, + @ReadOnly @Auth Optional auth, @HeaderParam(HeaderUtils.UNIDENTIFIED_ACCESS_KEY) Optional accessKey, @Context ContainerRequestContext containerRequestContext, @PathParam("identifier") AciServiceIdentifier accountIdentifier, @PathParam("version") String version) throws RateLimitExceededException { - final Optional maybeRequester = auth.map(AuthenticatedAccount::getAccount); + final Optional maybeRequester = auth.map(AuthenticatedDevice::getAccount); final Account targetAccount = verifyPermissionToReceiveProfile(maybeRequester, accessKey, accountIdentifier); return buildVersionedProfileResponse(targetAccount, @@ -253,7 +253,7 @@ public VersionedProfileResponse getProfile( @Produces(MediaType.APPLICATION_JSON) @Path("/{identifier}/{version}/{credentialRequest}") public CredentialProfileResponse getProfile( - @ReadOnly @Auth Optional auth, + @ReadOnly @Auth Optional auth, @HeaderParam(HeaderUtils.UNIDENTIFIED_ACCESS_KEY) Optional accessKey, @Context ContainerRequestContext containerRequestContext, @PathParam("identifier") AciServiceIdentifier accountIdentifier, @@ -266,7 +266,7 @@ public CredentialProfileResponse getProfile( throw new BadRequestException(); } - final Optional maybeRequester = auth.map(AuthenticatedAccount::getAccount); + final Optional maybeRequester = auth.map(AuthenticatedDevice::getAccount); final Account targetAccount = verifyPermissionToReceiveProfile(maybeRequester, accessKey, accountIdentifier); final boolean isSelf = maybeRequester.map(requester -> ProfileHelper.isSelfProfileRequest(requester.getUuid(), accountIdentifier)).orElse(false); @@ -284,7 +284,7 @@ public CredentialProfileResponse getProfile( @Path("/{identifier}") @ManagedAsync public BaseProfileResponse getUnversionedProfile( - @ReadOnly @Auth Optional auth, + @ReadOnly @Auth Optional auth, @HeaderParam(HeaderUtils.UNIDENTIFIED_ACCESS_KEY) Optional accessKey, @HeaderParam(HeaderUtils.GROUP_SEND_TOKEN) Optional groupSendToken, @Context ContainerRequestContext containerRequestContext, @@ -293,7 +293,7 @@ public BaseProfileResponse getUnversionedProfile( @QueryParam("ca") boolean useCaCertificate) throws RateLimitExceededException { - final Optional maybeRequester = auth.map(AuthenticatedAccount::getAccount); + final Optional maybeRequester = auth.map(AuthenticatedDevice::getAccount); final Account targetAccount; if (groupSendToken.isPresent()) { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProvisioningController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProvisioningController.java index 2674bbef0..d9c530369 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProvisioningController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/ProvisioningController.java @@ -26,7 +26,7 @@ import javax.ws.rs.WebApplicationException; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.ProvisioningMessage; import org.whispersystems.textsecuregcm.limits.RateLimiters; import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil; @@ -56,7 +56,7 @@ public ProvisioningController(RateLimiters rateLimiters, ProvisioningManager pro @PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) - public void sendProvisioningMessage(@ReadOnly @Auth AuthenticatedAccount auth, + public void sendProvisioningMessage(@ReadOnly @Auth AuthenticatedDevice auth, @PathParam("destination") String destinationName, @NotNull @Valid ProvisioningMessage message, @HeaderParam(HttpHeaders.USER_AGENT) String userAgent) diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigController.java index 8e55c3932..81826315d 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigController.java @@ -22,7 +22,7 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.UserRemoteConfig; import org.whispersystems.textsecuregcm.entities.UserRemoteConfigList; import org.whispersystems.textsecuregcm.storage.RemoteConfigsManager; @@ -52,7 +52,7 @@ public RemoteConfigController(RemoteConfigsManager remoteConfigsManager, @GET @Produces(MediaType.APPLICATION_JSON) - public UserRemoteConfigList getAll(@ReadOnly @Auth AuthenticatedAccount auth) { + public UserRemoteConfigList getAll(@ReadOnly @Auth AuthenticatedDevice auth) { try { MessageDigest digest = MessageDigest.getInstance("SHA1"); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureStorageController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureStorageController.java index efa720474..64a2ec7bb 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureStorageController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureStorageController.java @@ -11,7 +11,7 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.SecureStorageServiceConfiguration; @@ -37,7 +37,7 @@ public SecureStorageController(ExternalServiceCredentialsGenerator storageServic @GET @Path("/auth") @Produces(MediaType.APPLICATION_JSON) - public ExternalServiceCredentials getAuth(@ReadOnly @Auth AuthenticatedAccount auth) { + public ExternalServiceCredentials getAuth(@ReadOnly @Auth AuthenticatedDevice auth) { return storageServiceCredentialsGenerator.generateForUuid(auth.getAccount().getUuid()); } } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery2Controller.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery2Controller.java index f86bf524f..9b8581160 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery2Controller.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery2Controller.java @@ -23,7 +23,7 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsSelector; @@ -78,7 +78,7 @@ public SecureValueRecovery2Controller(final ExternalServiceCredentialsGenerator ) @ApiResponse(responseCode = "200", description = "`JSON` with generated credentials.", useReturnTypeSchema = true) @ApiResponse(responseCode = "401", description = "Account authentication check failed.") - public ExternalServiceCredentials getAuth(@ReadOnly @Auth final AuthenticatedAccount auth) { + public ExternalServiceCredentials getAuth(@ReadOnly @Auth final AuthenticatedDevice auth) { return backupServiceCredentialGenerator.generateFor(auth.getAccount().getUuid().toString()); } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3Controller.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3Controller.java index e7df22d18..aaefb01e7 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3Controller.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3Controller.java @@ -24,7 +24,7 @@ import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsSelector; @@ -85,7 +85,7 @@ public SecureValueRecovery3Controller(final ExternalServiceCredentialsGenerator """) @ApiResponse(responseCode = "200", description = "`JSON` with generated credentials and share-set", useReturnTypeSchema = true) @ApiResponse(responseCode = "401", description = "Account authentication check failed.") - public Svr3Credentials getAuth(@ReadOnly @Auth final AuthenticatedAccount auth) { + public Svr3Credentials getAuth(@ReadOnly @Auth final AuthenticatedDevice auth) { final ExternalServiceCredentials creds = backupServiceCredentialGenerator.generateFor( auth.getAccount().getUuid().toString()); return new Svr3Credentials(creds.username(), creds.password(), auth.getAccount().getSvr3ShareSet()); @@ -104,7 +104,7 @@ public Svr3Credentials getAuth(@ReadOnly @Auth final AuthenticatedAccount auth) @ApiResponse(responseCode = "204", description = "Successfully set share-set") @ApiResponse(responseCode = "401", description = "Account authentication check failed.") public void setShareSet( - @Mutable @Auth final AuthenticatedAccount auth, + @Mutable @Auth final AuthenticatedDevice auth, @NotNull @Valid final SetShareSetRequest request) { accountsManager.update(auth.getAccount(), account -> account.setSvr3ShareSet(request.shareSet())); } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/StickerController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/StickerController.java index 37ae7cff2..bde281eb1 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/StickerController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/StickerController.java @@ -20,7 +20,7 @@ import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.StickerPackFormUploadAttributes; import org.whispersystems.textsecuregcm.entities.StickerPackFormUploadAttributes.StickerPackFormUploadItem; import org.whispersystems.textsecuregcm.limits.RateLimiters; @@ -47,7 +47,7 @@ public StickerController(RateLimiters rateLimiters, String accessKey, String acc @GET @Produces(MediaType.APPLICATION_JSON) @Path("/pack/form/{count}") - public StickerPackFormUploadAttributes getStickersForm(@ReadOnly @Auth AuthenticatedAccount auth, + public StickerPackFormUploadAttributes getStickersForm(@ReadOnly @Auth AuthenticatedDevice auth, @PathParam("count") @Min(1) @Max(201) int stickerCount) throws RateLimitExceededException { rateLimiters.getStickerPackLimiter().validate(auth.getAccount().getUuid()); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SubscriptionController.java b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SubscriptionController.java index 9c9b0c121..07c071f3d 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SubscriptionController.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/controllers/SubscriptionController.java @@ -77,7 +77,7 @@ import org.signal.libsignal.zkgroup.receipts.ServerZkReceiptOperations; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.backup.BackupManager; import org.whispersystems.textsecuregcm.badges.BadgeTranslator; import org.whispersystems.textsecuregcm.badges.LevelTranslator; @@ -250,7 +250,7 @@ GetSubscriptionConfigurationResponse buildGetSubscriptionConfigurationResponse( @Path("/{subscriberId}") @Produces(MediaType.APPLICATION_JSON) public CompletableFuture deleteSubscriber( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId) { RequestData requestData = RequestData.process(authenticatedAccount, subscriberId, clock); return subscriptionManager.get(requestData.subscriberUser, requestData.hmac) @@ -272,7 +272,7 @@ public CompletableFuture deleteSubscriber( @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture updateSubscriber( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId) { RequestData requestData = RequestData.process(authenticatedAccount, subscriberId, clock); return subscriptionManager.get(requestData.subscriberUser, requestData.hmac) @@ -306,7 +306,7 @@ record CreatePaymentMethodResponse(String clientSecret, SubscriptionProcessor pr @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture createPaymentMethod( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId, @QueryParam("type") @DefaultValue("CARD") PaymentMethod paymentMethodType, @HeaderParam(HttpHeaders.USER_AGENT) @Nullable final String userAgentString) { @@ -361,7 +361,7 @@ public record CreatePayPalBillingAgreementResponse(@NotBlank String approvalUrl, @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture createPayPalPaymentMethod( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId, @NotNull @Valid CreatePayPalBillingAgreementRequest request, @Context ContainerRequestContext containerRequestContext, @@ -426,7 +426,7 @@ private SubscriptionProcessorManager getManagerForProcessor(SubscriptionProcesso @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture setDefaultPaymentMethodWithProcessor( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId, @PathParam("processor") SubscriptionProcessor processor, @PathParam("paymentMethodToken") @NotEmpty String paymentMethodToken) { @@ -457,7 +457,7 @@ public enum Type { @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture setSubscriptionLevel( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId, @PathParam("level") long level, @PathParam("currency") String currency, @@ -660,7 +660,7 @@ public record CreateBoostResponse(String clientSecret) { @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture createBoostPaymentIntent( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @NotNull @Valid CreateBoostRequest request, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent) { @@ -732,7 +732,7 @@ private void validateRequestCurrencyAmount(CreateBoostRequest request, BigDecima @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture createPayPalBoost( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @NotNull @Valid CreatePayPalBoostRequest request, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent, @Context ContainerRequestContext containerRequestContext) { @@ -783,7 +783,7 @@ record ConfirmPayPalBoostResponse(String paymentId) { @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture confirmPayPalBoost( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @NotNull @Valid ConfirmPayPalBoostRequest request, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent) { @@ -829,7 +829,7 @@ public record CreateBoostReceiptCredentialsErrorResponse(@JsonInclude(Include.NO @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture createBoostReceiptCredentials( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @NotNull @Valid final CreateBoostReceiptCredentialsRequest request, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent) { @@ -924,7 +924,7 @@ public record Subscription(long level, Instant billingCycleAnchor, Instant endOf @Path("/{subscriberId}") @Produces(MediaType.APPLICATION_JSON) public CompletableFuture getSubscriptionInformation( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId) { RequestData requestData = RequestData.process(authenticatedAccount, subscriberId, clock); return subscriptionManager.get(requestData.subscriberUser, requestData.hmac) @@ -967,7 +967,7 @@ public record GetReceiptCredentialsResponse(@NotEmpty byte[] receiptCredentialRe @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) public CompletableFuture createSubscriptionReceiptCredentials( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @HeaderParam(HttpHeaders.USER_AGENT) final String userAgent, @PathParam("subscriberId") String subscriberId, @NotNull @Valid GetReceiptCredentialsRequest request) { @@ -1020,7 +1020,7 @@ public CompletableFuture createSubscriptionReceiptCredentials( @Path("/{subscriberId}/default_payment_method_for_ideal/{setupIntentId}") @Produces(MediaType.APPLICATION_JSON) public CompletableFuture setDefaultPaymentMethodForIdeal( - @ReadOnly @Auth Optional authenticatedAccount, + @ReadOnly @Auth Optional authenticatedAccount, @PathParam("subscriberId") String subscriberId, @PathParam("setupIntentId") @NotEmpty String setupIntentId) { RequestData requestData = RequestData.process(authenticatedAccount, subscriberId, clock); @@ -1117,7 +1117,7 @@ private record RequestData(@Nonnull byte[] subscriberBytes, @Nonnull Instant now) { public static RequestData process( - Optional authenticatedAccount, + Optional authenticatedAccount, String subscriberId, Clock clock) { Instant now = clock.instant(); diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountPrincipalSupplier.java b/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountPrincipalSupplier.java index 12d20a3ee..893a9770a 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountPrincipalSupplier.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountPrincipalSupplier.java @@ -4,10 +4,10 @@ */ package org.whispersystems.textsecuregcm.storage; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.websocket.auth.PrincipalSupplier; -public class AccountPrincipalSupplier implements PrincipalSupplier { +public class AccountPrincipalSupplier implements PrincipalSupplier { private final AccountsManager accountsManager; @@ -16,20 +16,20 @@ public AccountPrincipalSupplier(final AccountsManager accountsManager) { } @Override - public AuthenticatedAccount refresh(final AuthenticatedAccount oldAccount) { + public AuthenticatedDevice refresh(final AuthenticatedDevice oldAccount) { final Account account = accountsManager.getByAccountIdentifier(oldAccount.getAccount().getUuid()) .orElseThrow(() -> new RefreshingAccountNotFoundException("Could not find account")); final Device device = account.getDevice(oldAccount.getAuthenticatedDevice().getId()) .orElseThrow(() -> new RefreshingAccountNotFoundException("Could not find device")); - return new AuthenticatedAccount(account, device); + return new AuthenticatedDevice(account, device); } @Override - public AuthenticatedAccount deepCopy(final AuthenticatedAccount authenticatedAccount) { - final Account cloned = AccountUtil.cloneAccountAsNotStale(authenticatedAccount.getAccount()); - return new AuthenticatedAccount( + public AuthenticatedDevice deepCopy(final AuthenticatedDevice authenticatedDevice) { + final Account cloned = AccountUtil.cloneAccountAsNotStale(authenticatedDevice.getAccount()); + return new AuthenticatedDevice( cloned, - cloned.getDevice(authenticatedAccount.getAuthenticatedDevice().getId()) + cloned.getDevice(authenticatedDevice.getAuthenticatedDevice().getId()) .orElseThrow(() -> new IllegalStateException( "Could not find device from a clone of an account where the device was present"))); } diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountUtil.java b/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountUtil.java index 53d826b94..58a91933c 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountUtil.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/storage/AccountUtil.java @@ -5,9 +5,7 @@ package org.whispersystems.textsecuregcm.storage; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; import org.whispersystems.textsecuregcm.util.SystemMapper; -import org.whispersystems.websocket.auth.PrincipalSupplier; import java.io.IOException; public class AccountUtil { diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/websocket/AuthenticatedConnectListener.java b/service/src/main/java/org/whispersystems/textsecuregcm/websocket/AuthenticatedConnectListener.java index 0c915810e..cc6d446a2 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/websocket/AuthenticatedConnectListener.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/websocket/AuthenticatedConnectListener.java @@ -19,7 +19,7 @@ import java.util.concurrent.atomic.AtomicReference; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.metrics.MessageMetrics; import org.whispersystems.textsecuregcm.metrics.UserAgentTagUtil; import org.whispersystems.textsecuregcm.push.ClientPresenceManager; @@ -136,7 +136,7 @@ public void onWebSocketConnect(WebSocketSessionContext context) { final Timer connectionTimer = getConnectionTimer(userAgent, authenticated); if (authenticated) { - final AuthenticatedAccount auth = context.getAuthenticated(AuthenticatedAccount.class); + final AuthenticatedDevice auth = context.getAuthenticated(AuthenticatedDevice.class); final Timer.Sample sample = Timer.start(); final WebSocketConnection connection = new WebSocketConnection(receiptSender, messagesManager, diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticator.java b/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticator.java index c03826dcb..037b65ee3 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticator.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticator.java @@ -14,30 +14,30 @@ import javax.annotation.Nullable; import org.eclipse.jetty.websocket.api.UpgradeRequest; import org.whispersystems.textsecuregcm.auth.AccountAuthenticator; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.websocket.ReusableAuth; import org.whispersystems.websocket.auth.AuthenticationException; import org.whispersystems.websocket.auth.PrincipalSupplier; import org.whispersystems.websocket.auth.WebSocketAuthenticator; -public class WebSocketAccountAuthenticator implements WebSocketAuthenticator { +public class WebSocketAccountAuthenticator implements WebSocketAuthenticator { - private static final ReusableAuth CREDENTIALS_NOT_PRESENTED = ReusableAuth.anonymous(); + private static final ReusableAuth CREDENTIALS_NOT_PRESENTED = ReusableAuth.anonymous(); - private static final ReusableAuth INVALID_CREDENTIALS_PRESENTED = ReusableAuth.invalid(); + private static final ReusableAuth INVALID_CREDENTIALS_PRESENTED = ReusableAuth.invalid(); private final AccountAuthenticator accountAuthenticator; - private final PrincipalSupplier principalSupplier; + private final PrincipalSupplier principalSupplier; public WebSocketAccountAuthenticator(final AccountAuthenticator accountAuthenticator, - final PrincipalSupplier principalSupplier) { + final PrincipalSupplier principalSupplier) { this.accountAuthenticator = accountAuthenticator; this.principalSupplier = principalSupplier; } @Override - public ReusableAuth authenticate(final UpgradeRequest request) + public ReusableAuth authenticate(final UpgradeRequest request) throws AuthenticationException { try { // If the `Authorization` header was set for the request it takes priority, and we use the result of the @@ -54,7 +54,7 @@ public ReusableAuth authenticate(final UpgradeRequest requ } } - private ReusableAuth authenticatedAccountFromQueryParams(final UpgradeRequest request) { + private ReusableAuth authenticatedAccountFromQueryParams(final UpgradeRequest request) { final Map> parameters = request.getParameterMap(); final List usernames = parameters.get("login"); final List passwords = parameters.get("password"); @@ -69,7 +69,7 @@ private ReusableAuth authenticatedAccountFromQueryParams(f .orElse(INVALID_CREDENTIALS_PRESENTED); } - private ReusableAuth authenticatedAccountFromHeaderAuth(@Nullable final String authHeader) + private ReusableAuth authenticatedAccountFromHeaderAuth(@Nullable final String authHeader) throws AuthenticationException { if (authHeader == null) { return CREDENTIALS_NOT_PRESENTED; diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnection.java b/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnection.java index 52fb97934..7d1720384 100644 --- a/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnection.java +++ b/service/src/main/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnection.java @@ -34,7 +34,7 @@ import org.reactivestreams.Publisher; import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.controllers.MessageController; import org.whispersystems.textsecuregcm.entities.MessageProtos.Envelope; import org.whispersystems.textsecuregcm.identity.AciServiceIdentifier; @@ -116,7 +116,7 @@ public class WebSocketConnection implements MessageAvailabilityListener, Displac private final MessageMetrics messageMetrics; private final PushNotificationManager pushNotificationManager; - private final AuthenticatedAccount auth; + private final AuthenticatedDevice auth; private final WebSocketClient client; private final int sendFuturesTimeoutMillis; @@ -148,7 +148,7 @@ public WebSocketConnection(ReceiptSender receiptSender, MessagesManager messagesManager, MessageMetrics messageMetrics, PushNotificationManager pushNotificationManager, - AuthenticatedAccount auth, + AuthenticatedDevice auth, WebSocketClient client, ScheduledExecutorService scheduledExecutorService, Scheduler messageDeliveryScheduler, @@ -171,7 +171,7 @@ public WebSocketConnection(ReceiptSender receiptSender, MessagesManager messagesManager, MessageMetrics messageMetrics, PushNotificationManager pushNotificationManager, - AuthenticatedAccount auth, + AuthenticatedDevice auth, WebSocketClient client, int sendFuturesTimeoutMillis, ScheduledExecutorService scheduledExecutorService, diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketResourceProviderIntegrationTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketResourceProviderIntegrationTest.java index 504cb805d..9cf245bf8 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketResourceProviderIntegrationTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketResourceProviderIntegrationTest.java @@ -32,7 +32,7 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.ValueSource; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.filters.RemoteAddressFilter; import org.whispersystems.textsecuregcm.tests.util.TestWebsocketListener; import org.whispersystems.websocket.ReusableAuth; @@ -70,7 +70,7 @@ public void run(final Configuration configuration, final Environment environment final WebSocketConfiguration webSocketConfiguration = new WebSocketConfiguration(); - final WebSocketEnvironment webSocketEnvironment = + final WebSocketEnvironment webSocketEnvironment = new WebSocketEnvironment<>(environment, webSocketConfiguration); environment.jersey().register(testController); @@ -80,14 +80,14 @@ public void run(final Configuration configuration, final Environment environment webSocketEnvironment.jersey().register(testController); webSocketEnvironment.jersey().register(new RemoteAddressFilter()); webSocketEnvironment.setAuthenticator(upgradeRequest -> - ReusableAuth.authenticated(mock(AuthenticatedAccount.class), PrincipalSupplier.forImmutablePrincipal())); + ReusableAuth.authenticated(mock(AuthenticatedDevice.class), PrincipalSupplier.forImmutablePrincipal())); webSocketEnvironment.jersey().property(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE); webSocketEnvironment.setConnectListener(webSocketSessionContext -> { }); - final WebSocketResourceProviderFactory webSocketServlet = - new WebSocketResourceProviderFactory<>(webSocketEnvironment, AuthenticatedAccount.class, + final WebSocketResourceProviderFactory webSocketServlet = + new WebSocketResourceProviderFactory<>(webSocketEnvironment, AuthenticatedDevice.class, webSocketConfiguration, REMOTE_ADDRESS_ATTRIBUTE_NAME); JettyWebSocketServletContainerInitializer.configure(environment.getApplicationContext(), null); diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketReuseAuthIntegrationTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketReuseAuthIntegrationTest.java index 915fca07c..ee5b0edf5 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketReuseAuthIntegrationTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/WebsocketReuseAuthIntegrationTest.java @@ -43,7 +43,7 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.ValueSource; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.filters.RemoteAddressFilter; import org.whispersystems.textsecuregcm.storage.RefreshingAccountNotFoundException; import org.whispersystems.textsecuregcm.tests.util.TestWebsocketListener; @@ -58,9 +58,9 @@ @ExtendWith(DropwizardExtensionsSupport.class) public class WebsocketReuseAuthIntegrationTest { - private static final AuthenticatedAccount ACCOUNT = mock(AuthenticatedAccount.class); + private static final AuthenticatedDevice ACCOUNT = mock(AuthenticatedDevice.class); @SuppressWarnings("unchecked") - private static final PrincipalSupplier PRINCIPAL_SUPPLIER = mock(PrincipalSupplier.class); + private static final PrincipalSupplier PRINCIPAL_SUPPLIER = mock(PrincipalSupplier.class); private static final DropwizardAppExtension DROPWIZARD_APP_EXTENSION = new DropwizardAppExtension<>(TestApplication.class); @@ -90,7 +90,7 @@ public void run(final Configuration configuration, final Environment environment final WebSocketConfiguration webSocketConfiguration = new WebSocketConfiguration(); - final WebSocketEnvironment webSocketEnvironment = + final WebSocketEnvironment webSocketEnvironment = new WebSocketEnvironment<>(environment, webSocketConfiguration); environment.jersey().register(testController); @@ -105,8 +105,8 @@ public void run(final Configuration configuration, final Environment environment webSocketEnvironment.setConnectListener(webSocketSessionContext -> { }); - final WebSocketResourceProviderFactory webSocketServlet = - new WebSocketResourceProviderFactory<>(webSocketEnvironment, AuthenticatedAccount.class, + final WebSocketResourceProviderFactory webSocketServlet = + new WebSocketResourceProviderFactory<>(webSocketEnvironment, AuthenticatedDevice.class, webSocketConfiguration, REMOTE_ADDRESS_ATTRIBUTE_NAME); JettyWebSocketServletContainerInitializer.configure(environment.getApplicationContext(), null); @@ -139,7 +139,7 @@ public void readAuth(final String path) throws IOException { @ParameterizedTest @ValueSource(strings = {"/test/write-auth", "/test/optional-write-auth"}) public void writeAuth(final String path) throws IOException { - final AuthenticatedAccount copiedAccount = mock(AuthenticatedAccount.class); + final AuthenticatedDevice copiedAccount = mock(AuthenticatedDevice.class); when(copiedAccount.getName()).thenReturn("copy"); when(PRINCIPAL_SUPPLIER.deepCopy(any())).thenReturn(copiedAccount); @@ -153,7 +153,7 @@ public void writeAuth(final String path) throws IOException { @Test public void readAfterWrite() throws IOException { when(PRINCIPAL_SUPPLIER.deepCopy(any())).thenReturn(ACCOUNT); - final AuthenticatedAccount account2 = mock(AuthenticatedAccount.class); + final AuthenticatedDevice account2 = mock(AuthenticatedDevice.class); when(account2.getName()).thenReturn("refresh"); when(PRINCIPAL_SUPPLIER.refresh(any())).thenReturn(account2); @@ -189,11 +189,11 @@ public void readAfterWriteRefreshFails() throws IOException { @Test public void readConcurrentWithWrite() throws IOException, ExecutionException, InterruptedException, TimeoutException { - final AuthenticatedAccount deepCopy = mock(AuthenticatedAccount.class); + final AuthenticatedDevice deepCopy = mock(AuthenticatedDevice.class); when(deepCopy.getName()).thenReturn("deepCopy"); when(PRINCIPAL_SUPPLIER.deepCopy(any())).thenReturn(deepCopy); - final AuthenticatedAccount refresh = mock(AuthenticatedAccount.class); + final AuthenticatedDevice refresh = mock(AuthenticatedDevice.class); when(refresh.getName()).thenReturn("refresh"); when(PRINCIPAL_SUPPLIER.refresh(any())).thenReturn(refresh); @@ -234,35 +234,35 @@ public static class TestController { @GET @Path("/read-auth") @ManagedAsync - public String readAuth(@ReadOnly @Auth final AuthenticatedAccount account) { + public String readAuth(@ReadOnly @Auth final AuthenticatedDevice account) { return account.getName(); } @GET @Path("/optional-read-auth") @ManagedAsync - public String optionalReadAuth(@ReadOnly @Auth final Optional account) { - return account.map(AuthenticatedAccount::getName).orElse("empty"); + public String optionalReadAuth(@ReadOnly @Auth final Optional account) { + return account.map(AuthenticatedDevice::getName).orElse("empty"); } @GET @Path("/write-auth") @ManagedAsync - public String writeAuth(@Auth final AuthenticatedAccount account) { + public String writeAuth(@Auth final AuthenticatedDevice account) { return account.getName(); } @GET @Path("/optional-write-auth") @ManagedAsync - public String optionalWriteAuth(@Auth final Optional account) { - return account.map(AuthenticatedAccount::getName).orElse("empty"); + public String optionalWriteAuth(@Auth final Optional account) { + return account.map(AuthenticatedDevice::getName).orElse("empty"); } @GET @Path("/start-delayed-write/{id}") @ManagedAsync - public String startDelayedWrite(@Auth final AuthenticatedAccount account, @PathParam("id") String id) + public String startDelayedWrite(@Auth final AuthenticatedDevice account, @PathParam("id") String id) throws InterruptedException { delayedWriteLatches.computeIfAbsent(id, i -> new CountDownLatch(1)).await(); return account.getName(); diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticatorTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticatorTest.java index f0b954959..bcfe61f37 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticatorTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/auth/AccountAuthenticatorTest.java @@ -166,7 +166,7 @@ void testAuthenticate() { when(credentials.verify(password)).thenReturn(true); when(credentials.getVersion()).thenReturn(SaltedTokenHash.CURRENT_VERSION); - final Optional maybeAuthenticatedAccount = + final Optional maybeAuthenticatedAccount = accountAuthenticator.authenticate(new BasicCredentials(uuid.toString(), password)); assertThat(maybeAuthenticatedAccount).isPresent(); @@ -194,7 +194,7 @@ void testAuthenticateNonDefaultDevice() { when(credentials.verify(password)).thenReturn(true); when(credentials.getVersion()).thenReturn(SaltedTokenHash.CURRENT_VERSION); - final Optional maybeAuthenticatedAccount = + final Optional maybeAuthenticatedAccount = accountAuthenticator.authenticate(new BasicCredentials(uuid + "." + deviceId, password)); assertThat(maybeAuthenticatedAccount).isPresent(); @@ -231,7 +231,7 @@ void testAuthenticateEnabled( } else { identifier = uuid.toString() + AccountAuthenticator.DEVICE_ID_SEPARATOR + deviceId; } - final Optional maybeAuthenticatedAccount = + final Optional maybeAuthenticatedAccount = accountAuthenticator.authenticate(new BasicCredentials(identifier, password)); assertThat(maybeAuthenticatedAccount).isPresent(); @@ -259,7 +259,7 @@ void testAuthenticateV1() { when(credentials.verify(password)).thenReturn(true); when(credentials.getVersion()).thenReturn(SaltedTokenHash.Version.V1); - final Optional maybeAuthenticatedAccount = + final Optional maybeAuthenticatedAccount = accountAuthenticator.authenticate(new BasicCredentials(uuid.toString(), password)); assertThat(maybeAuthenticatedAccount).isPresent(); @@ -294,7 +294,7 @@ void testAuthenticateDeviceNotFound() { when(credentials.verify(password)).thenReturn(true); when(credentials.getVersion()).thenReturn(SaltedTokenHash.CURRENT_VERSION); - final Optional maybeAuthenticatedAccount = + final Optional maybeAuthenticatedAccount = accountAuthenticator.authenticate(new BasicCredentials(uuid + "." + (deviceId + 1), password)); assertThat(maybeAuthenticatedAccount).isEmpty(); @@ -322,7 +322,7 @@ void testAuthenticateIncorrectPassword() { final String incorrectPassword = password + "incorrect"; - final Optional maybeAuthenticatedAccount = + final Optional maybeAuthenticatedAccount = accountAuthenticator.authenticate(new BasicCredentials(uuid.toString(), incorrectPassword)); assertThat(maybeAuthenticatedAccount).isEmpty(); @@ -332,7 +332,7 @@ void testAuthenticateIncorrectPassword() { @ParameterizedTest @MethodSource void testAuthenticateMalformedCredentials(final String username) { - final Optional maybeAuthenticatedAccount = assertDoesNotThrow( + final Optional maybeAuthenticatedAccount = assertDoesNotThrow( () -> accountAuthenticator.authenticate(new BasicCredentials(username, "password"))); assertThat(maybeAuthenticatedAccount).isEmpty(); diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/auth/PhoneNumberChangeRefreshRequirementProviderTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/auth/PhoneNumberChangeRefreshRequirementProviderTest.java index c3a528b79..9911bd48c 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/auth/PhoneNumberChangeRefreshRequirementProviderTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/auth/PhoneNumberChangeRefreshRequirementProviderTest.java @@ -112,7 +112,7 @@ public void run(final Configuration configuration, final Environment environment final WebSocketConfiguration webSocketConfiguration = new WebSocketConfiguration(); - final WebSocketEnvironment webSocketEnvironment = + final WebSocketEnvironment webSocketEnvironment = new WebSocketEnvironment<>(environment, webSocketConfiguration); environment.jersey().register(testController); @@ -129,13 +129,13 @@ public void run(final Configuration configuration, final Environment environment }); - environment.jersey().register(new AuthDynamicFeature(new BasicCredentialAuthFilter.Builder() + environment.jersey().register(new AuthDynamicFeature(new BasicCredentialAuthFilter.Builder() .setAuthenticator(AUTHENTICATOR) .buildAuthFilter())); webSocketEnvironment.setAuthenticator(new WebSocketAccountAuthenticator(AUTHENTICATOR, mock(PrincipalSupplier.class))); - final WebSocketResourceProviderFactory webSocketServlet = - new WebSocketResourceProviderFactory<>(webSocketEnvironment, AuthenticatedAccount.class, + final WebSocketResourceProviderFactory webSocketServlet = + new WebSocketResourceProviderFactory<>(webSocketEnvironment, AuthenticatedDevice.class, webSocketConfiguration, REMOTE_ADDRESS_ATTRIBUTE_NAME); JettyWebSocketServletContainerInitializer.configure(environment.getApplicationContext(), null); @@ -160,7 +160,7 @@ private void makeAnonymousRequest(final Protocol protocol, final String requestP private void makeAuthenticatedRequest( final Protocol protocol, final String requestPath) throws IOException { - when(AUTHENTICATOR.authenticate(any())).thenReturn(Optional.of(new AuthenticatedAccount(account1, authenticatedDevice))); + when(AUTHENTICATOR.authenticate(any())).thenReturn(Optional.of(new AuthenticatedDevice(account1, authenticatedDevice))); makeRequest(protocol,requestPath, false); } @@ -206,7 +206,7 @@ void handleRequestNoChange(final Protocol protocol) throws IOException { @EnumSource(Protocol.class) void handleRequestChange(final Protocol protocol) throws IOException { when(ACCOUNTS_MANAGER.getByAccountIdentifier(any())).thenReturn(Optional.of(account2)); - when(AUTHENTICATOR.authenticate(any())).thenReturn(Optional.of(new AuthenticatedAccount(account1, authenticatedDevice))); + when(AUTHENTICATOR.authenticate(any())).thenReturn(Optional.of(new AuthenticatedDevice(account1, authenticatedDevice))); makeAuthenticatedRequest(protocol, "/test/annotated"); @@ -220,7 +220,7 @@ void handleRequestChange(final Protocol protocol) throws IOException { @Test void handleRequestChangeAsyncEndpoint() throws IOException { when(ACCOUNTS_MANAGER.getByAccountIdentifier(any())).thenReturn(Optional.of(account2)); - when(AUTHENTICATOR.authenticate(any())).thenReturn(Optional.of(new AuthenticatedAccount(account1, authenticatedDevice))); + when(AUTHENTICATOR.authenticate(any())).thenReturn(Optional.of(new AuthenticatedDevice(account1, authenticatedDevice))); // Event listeners with asynchronous HTTP endpoints don't currently correctly maintain state between request and // response @@ -268,7 +268,7 @@ public static class TestController { @GET @Path("/annotated") @ChangesPhoneNumber - public String annotated(@ReadOnly @Auth final AuthenticatedAccount account) { + public String annotated(@ReadOnly @Auth final AuthenticatedDevice account) { return "ok"; } @@ -276,7 +276,7 @@ public String annotated(@ReadOnly @Auth final AuthenticatedAccount account) { @Path("/async-annotated") @ChangesPhoneNumber @ManagedAsync - public String asyncAnnotated(@ReadOnly @Auth final AuthenticatedAccount account) { + public String asyncAnnotated(@ReadOnly @Auth final AuthenticatedDevice account) { return "ok"; } @@ -289,7 +289,7 @@ public String notAuthenticated() { @GET @Path("/not-annotated") - public String notAnnotated(@ReadOnly @Auth final AuthenticatedAccount account) { + public String notAnnotated(@ReadOnly @Auth final AuthenticatedDevice account) { return "ok"; } } diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java index c4ac1c31b..a38521d58 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerTest.java @@ -54,7 +54,7 @@ import org.junit.jupiter.params.provider.ValueSource; import org.mockito.ArgumentCaptor; import org.signal.libsignal.usernames.BaseUsernameException; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.SaltedTokenHash; import org.whispersystems.textsecuregcm.auth.StoredRegistrationLock; import org.whispersystems.textsecuregcm.auth.TurnTokenGenerator; @@ -140,7 +140,7 @@ class AccountControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProperty(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE) .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new JsonMappingExceptionMapper()) .addProvider(new RateLimitExceededExceptionMapper()) .addProvider(new ImpossiblePhoneNumberExceptionMapper()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2Test.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2Test.java index 292ae33b2..ce67a2289 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2Test.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AccountControllerV2Test.java @@ -64,7 +64,7 @@ import org.signal.libsignal.protocol.IdentityKey; import org.signal.libsignal.protocol.ecc.Curve; import org.signal.libsignal.protocol.ecc.ECKeyPair; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.PhoneVerificationTokenManager; import org.whispersystems.textsecuregcm.auth.RegistrationLockError; import org.whispersystems.textsecuregcm.auth.RegistrationLockVerificationManager; @@ -116,7 +116,7 @@ class AccountControllerV2Test { private final ResourceExtension resources = ResourceExtension.builder() .addProperty(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE) .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new RateLimitExceededExceptionMapper()) .addProvider(new ImpossiblePhoneNumberExceptionMapper()) .addProvider(new NonNormalizedPhoneNumberExceptionMapper()) @@ -858,7 +858,7 @@ static Stream testGetAccountDataReport() { /** * Creates an {@link Account} with data sufficient for - * {@link AccountControllerV2#getAccountDataReport(AuthenticatedAccount)}. + * {@link AccountControllerV2#getAccountDataReport(AuthenticatedDevice)}. *

* Note: All devices will have a {@link SaltedTokenHash} for "password" */ diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArchiveControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArchiveControllerTest.java index 7ea3e2a3c..138ee5e4b 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArchiveControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArchiveControllerTest.java @@ -59,7 +59,7 @@ import org.signal.libsignal.zkgroup.receipts.ReceiptCredentialResponse; import org.signal.libsignal.zkgroup.receipts.ReceiptSerial; import org.signal.libsignal.zkgroup.receipts.ServerZkReceiptOperations; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.AuthenticatedBackupUser; import org.whispersystems.textsecuregcm.backup.BackupAuthManager; import org.whispersystems.textsecuregcm.backup.BackupAuthTestUtil; @@ -84,7 +84,7 @@ public class ArchiveControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProperty(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE) .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new CompletionExceptionMapper()) .addResource(new GrpcStatusRuntimeExceptionMapper()) .addProvider(new RateLimitExceededExceptionMapper()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArtControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArtControllerTest.java index 94e8260f5..d5441930f 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArtControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ArtControllerTest.java @@ -16,7 +16,7 @@ import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.ArtServiceConfiguration; @@ -34,7 +34,7 @@ class ArtControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new ArtController(rateLimiters, artCredentialsGenerator)) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerTest.java index 8c3f543dc..005ebf173 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/AttachmentControllerTest.java @@ -34,7 +34,7 @@ import org.whispersystems.textsecuregcm.attachments.GcsAttachmentGenerator; import org.whispersystems.textsecuregcm.attachments.TusAttachmentGenerator; import org.whispersystems.textsecuregcm.attachments.TusConfiguration; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.configuration.secrets.SecretBytes; import org.whispersystems.textsecuregcm.entities.AttachmentDescriptorV2; import org.whispersystems.textsecuregcm.entities.AttachmentDescriptorV3; @@ -90,7 +90,7 @@ class AttachmentControllerTest { "signal@example.com", 1000, "/attach-here", RSA_PRIVATE_KEY_PEM); resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new AttachmentControllerV2(RATE_LIMITERS, "accessKey", "accessSecret", "us-east-1", diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallLinkControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallLinkControllerTest.java index 23338bc2e..fe0a65c77 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallLinkControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallLinkControllerTest.java @@ -22,7 +22,7 @@ import org.signal.libsignal.protocol.util.Hex; import org.signal.libsignal.zkgroup.GenericServerSecretParams; import org.signal.libsignal.zkgroup.calllinks.CreateCallLinkCredentialRequestContext; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.GetCreateCallLinkCredentialsRequest; import org.whispersystems.textsecuregcm.limits.RateLimiter; import org.whispersystems.textsecuregcm.limits.RateLimiters; @@ -41,7 +41,7 @@ public class CallLinkControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new RateLimitExceededExceptionMapper()) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallRoutingControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallRoutingControllerTest.java index 4798a2e63..dabe5833d 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallRoutingControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallRoutingControllerTest.java @@ -28,7 +28,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.CloudflareTurnCredentialsManager; import org.whispersystems.textsecuregcm.auth.TurnToken; import org.whispersystems.textsecuregcm.auth.TurnTokenGenerator; @@ -65,7 +65,7 @@ class CallRoutingControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new RateLimitExceededExceptionMapper()) .addProvider(new TestRemoteAddressFilterProvider(REMOTE_ADDRESS)) .setMapper(SystemMapper.jsonMapper()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CertificateControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CertificateControllerTest.java index 98837bbb3..036b55b02 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CertificateControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/CertificateControllerTest.java @@ -38,7 +38,7 @@ import org.signal.libsignal.zkgroup.auth.ClientZkAuthOperations; import org.signal.libsignal.zkgroup.auth.ServerZkAuthOperations; import org.signal.libsignal.zkgroup.calllinks.CallLinkAuthCredentialResponse; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.CertificateGenerator; import org.whispersystems.textsecuregcm.entities.DeliveryCertificate; import org.whispersystems.textsecuregcm.entities.GroupCredentials; @@ -79,7 +79,7 @@ class CertificateControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new CertificateController(certificateGenerator, serverZkAuthOperations, genericServerSecretParams, clock)) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ChallengeControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ChallengeControllerTest.java index 7c491bf7e..ce38cc2d1 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ChallengeControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ChallengeControllerTest.java @@ -32,7 +32,7 @@ import org.junit.jupiter.api.extension.ExtendWith; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.ValueSource; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.limits.RateLimitChallengeManager; import org.whispersystems.textsecuregcm.mappers.RateLimitExceededExceptionMapper; import org.whispersystems.textsecuregcm.push.NotPushRegisteredException; @@ -53,7 +53,7 @@ class ChallengeControllerTest { private static final ResourceExtension EXTENSION = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new TestRemoteAddressFilterProvider("127.0.0.1")) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DeviceControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DeviceControllerTest.java index a3b3255f6..b8364817a 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DeviceControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DeviceControllerTest.java @@ -51,7 +51,7 @@ import org.signal.libsignal.protocol.IdentityKey; import org.signal.libsignal.protocol.ecc.Curve; import org.signal.libsignal.protocol.ecc.ECKeyPair; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.WebsocketRefreshApplicationEventListener; import org.whispersystems.textsecuregcm.entities.AccountAttributes; import org.whispersystems.textsecuregcm.entities.ApnRegistrationId; @@ -119,7 +119,7 @@ class DeviceControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProperty(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE) .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addProvider(new WebsocketRefreshApplicationEventListener(accountsManager, clientPresenceManager)) .addProvider(new DeviceLimitExceededExceptionMapper()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DirectoryControllerV2Test.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DirectoryControllerV2Test.java index 50f1efc9b..b3819c766 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DirectoryControllerV2Test.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DirectoryControllerV2Test.java @@ -15,13 +15,12 @@ import java.time.ZoneId; import java.util.UUID; import org.junit.jupiter.api.Test; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.DirectoryV2ClientConfiguration; import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Device; -import org.whispersystems.textsecuregcm.util.Pair; class DirectoryControllerV2Test { @@ -39,7 +38,7 @@ void testAuthToken() { when(account.getUuid()).thenReturn(uuid); final ExternalServiceCredentials credentials = (ExternalServiceCredentials) controller.getAuthToken( - new AuthenticatedAccount(account, mock(Device.class))).getEntity(); + new AuthenticatedDevice(account, mock(Device.class))).getEntity(); assertEquals(credentials.username(), "d369bc712e2e0dd36258"); assertEquals(credentials.password(), "1633738643:4433b0fab41f25f79dd4"); diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DonationControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DonationControllerTest.java index 4b95d308a..1e5ebeb62 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DonationControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/DonationControllerTest.java @@ -32,7 +32,7 @@ import org.signal.libsignal.zkgroup.receipts.ReceiptCredentialPresentation; import org.signal.libsignal.zkgroup.receipts.ReceiptSerial; import org.signal.libsignal.zkgroup.receipts.ServerZkReceiptOperations; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.configuration.BadgeConfiguration; import org.whispersystems.textsecuregcm.configuration.BadgesConfiguration; import org.whispersystems.textsecuregcm.entities.BadgeSvg; @@ -94,7 +94,7 @@ void beforeEach() throws Throwable { resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new DonationController(clock, zkReceiptOperations, redeemedReceiptsManager, accountsManager, getBadgesConfiguration(), receiptCredentialPresentationFactory)) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyControllerTest.java index 9870149b7..d0114682e 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeyTransparencyControllerTest.java @@ -25,7 +25,7 @@ import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.KeyTransparencyMonitorRequest; import org.whispersystems.textsecuregcm.entities.KeyTransparencyMonitorResponse; import org.whispersystems.textsecuregcm.entities.KeyTransparencySearchRequest; @@ -81,7 +81,7 @@ public class KeyTransparencyControllerTest { private final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(TEST_REMOTE_ADDRESS_FILTER_PROVIDER) .addProvider(new RateLimitByIpFilter(rateLimiters)) .setMapper(SystemMapper.jsonMapper()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeysControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeysControllerTest.java index afac2c240..1e24923f2 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeysControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/KeysControllerTest.java @@ -56,7 +56,7 @@ import org.signal.libsignal.protocol.ecc.Curve; import org.signal.libsignal.protocol.ecc.ECKeyPair; import org.signal.libsignal.zkgroup.ServerSecretParams; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.CheckKeysRequest; import org.whispersystems.textsecuregcm.entities.ECPreKey; import org.whispersystems.textsecuregcm.entities.ECSignedPreKey; @@ -155,7 +155,7 @@ class KeysControllerTest { .addProperty(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE) .addProvider(AuthHelper.getAuthFilter()) .addProvider(CompletionExceptionMapper.class) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new ServerRejectedExceptionMapper()) .addResource(new KeysController(rateLimiters, KEYS, accounts, serverSecretParams, clock)) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java index da1457ea2..cd2d14e5d 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/MessageControllerTest.java @@ -82,7 +82,7 @@ import org.junitpioneer.jupiter.cartesian.CartesianTest; import org.mockito.ArgumentCaptor; import org.signal.libsignal.zkgroup.ServerSecretParams; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.UnidentifiedAccessUtil; import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration; import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicInboundMessageByteLimitConfiguration; @@ -194,7 +194,7 @@ class MessageControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProperty(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE) .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(RateLimitExceededExceptionMapper.class) .addProvider(MultiRecipientMessageProvider.class) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/PaymentsControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/PaymentsControllerTest.java index 6f7393882..06cf13770 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/PaymentsControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/PaymentsControllerTest.java @@ -22,7 +22,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.currency.CurrencyConversionManager; @@ -40,7 +40,7 @@ class PaymentsControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new PaymentsController(currencyManager, paymentsCredentialsGenerator)) .build(); diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProfileControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProfileControllerTest.java index e68a3c75e..f4c2548f7 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProfileControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProfileControllerTest.java @@ -74,7 +74,7 @@ import org.signal.libsignal.zkgroup.profiles.ProfileKeyCredentialRequest; import org.signal.libsignal.zkgroup.profiles.ProfileKeyCredentialRequestContext; import org.signal.libsignal.zkgroup.profiles.ServerZkProfileOperations; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.configuration.BadgeConfiguration; import org.whispersystems.textsecuregcm.configuration.BadgesConfiguration; import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration; @@ -149,7 +149,7 @@ class ProfileControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProperty(ServerProperties.UNWRAP_COMPLETION_STAGE_IN_WRITER_ENABLE, Boolean.TRUE) .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new RateLimitExceededExceptionMapper()) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProvisioningControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProvisioningControllerTest.java index 40deffb79..31ee64c43 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProvisioningControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/ProvisioningControllerTest.java @@ -30,7 +30,7 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.mockito.ArgumentCaptor; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.ProvisioningMessage; import org.whispersystems.textsecuregcm.limits.RateLimiter; import org.whispersystems.textsecuregcm.limits.RateLimiters; @@ -50,7 +50,7 @@ class ProvisioningControllerTest { private static final ResourceExtension RESOURCE_EXTENSION = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .addProvider(new RateLimitExceededExceptionMapper()) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigControllerTest.java index dc368705c..623d79959 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/RemoteConfigControllerTest.java @@ -34,7 +34,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.UserRemoteConfig; import org.whispersystems.textsecuregcm.entities.UserRemoteConfigList; import org.whispersystems.textsecuregcm.mappers.DeviceLimitExceededExceptionMapper; @@ -54,7 +54,7 @@ class RemoteConfigControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addProvider(new DeviceLimitExceededExceptionMapper()) .addResource(new RemoteConfigController(remoteConfigsManager, Map.of("maxGroupSize", "42"), TEST_CLOCK)) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureStorageControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureStorageControllerTest.java index 04157c959..d8f78458f 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureStorageControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureStorageControllerTest.java @@ -16,7 +16,7 @@ import org.glassfish.jersey.test.grizzly.GrizzlyWebTestContainerFactory; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentials; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.SecureStorageServiceConfiguration; @@ -36,7 +36,7 @@ class SecureStorageControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new SecureStorageController(STORAGE_CREDENTIAL_GENERATOR)) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3ControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3ControllerTest.java index 05e8377ef..6377f5c57 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3ControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SecureValueRecovery3ControllerTest.java @@ -38,7 +38,7 @@ import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator; import org.whispersystems.textsecuregcm.configuration.SecureValueRecovery3Configuration; import org.whispersystems.textsecuregcm.entities.AuthCheckRequest; @@ -74,7 +74,7 @@ public class SecureValueRecovery3ControllerTest extends SecureValueRecoveryContr private static final ResourceExtension RESOURCES = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(CONTROLLER) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/StickerControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/StickerControllerTest.java index 38403d262..57d636911 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/StickerControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/StickerControllerTest.java @@ -20,7 +20,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.StickerPackFormUploadAttributes; import org.whispersystems.textsecuregcm.limits.RateLimiter; import org.whispersystems.textsecuregcm.limits.RateLimiters; @@ -35,7 +35,7 @@ class StickerControllerTest { private static final ResourceExtension resources = ResourceExtension.builder() .addProvider(AuthHelper.getAuthFilter()) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(new StickerController(rateLimiters, "foo", "bar", "us-east-1", "mybucket")) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SubscriptionControllerTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SubscriptionControllerTest.java index cf1c10280..f59d205ba 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SubscriptionControllerTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/controllers/SubscriptionControllerTest.java @@ -63,7 +63,7 @@ import org.signal.libsignal.zkgroup.receipts.ReceiptCredentialResponse; import org.signal.libsignal.zkgroup.receipts.ReceiptSerial; import org.signal.libsignal.zkgroup.receipts.ServerZkReceiptOperations; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.backup.BackupManager; import org.whispersystems.textsecuregcm.badges.BadgeTranslator; import org.whispersystems.textsecuregcm.badges.LevelTranslator; @@ -119,7 +119,7 @@ class SubscriptionControllerTest { .addProvider(AuthHelper.getAuthFilter()) .addProvider(CompletionExceptionMapper.class) .addProvider(SubscriptionProcessorExceptionMapper.class) - .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedAccount.class)) + .addProvider(new AuthValueFactoryProvider.Binder<>(AuthenticatedDevice.class)) .setMapper(SystemMapper.jsonMapper()) .setTestContainerFactory(new GrizzlyWebTestContainerFactory()) .addResource(SUBSCRIPTION_CONTROLLER) diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java b/service/src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java index bda811868..95aa9b92f 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/tests/util/AuthHelper.java @@ -47,7 +47,7 @@ import org.signal.libsignal.zkgroup.groupsend.GroupSendFullToken; import org.signal.libsignal.zkgroup.groupsend.GroupSendEndorsementsResponse.ReceivedEndorsements; import org.whispersystems.textsecuregcm.auth.AccountAuthenticator; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.auth.SaltedTokenHash; import org.whispersystems.textsecuregcm.identity.AciServiceIdentifier; import org.whispersystems.textsecuregcm.identity.IdentityType; @@ -213,10 +213,10 @@ public static PolymorphicAuthDynamicFeature getAuthFilter() testAccount.setup(ACCOUNTS_MANAGER); } - AuthFilter accountAuthFilter = new BasicCredentialAuthFilter.Builder().setAuthenticator( + AuthFilter accountAuthFilter = new BasicCredentialAuthFilter.Builder().setAuthenticator( new AccountAuthenticator(ACCOUNTS_MANAGER)).buildAuthFilter(); - return new PolymorphicAuthDynamicFeature<>(ImmutableMap.of(AuthenticatedAccount.class, accountAuthFilter)); + return new PolymorphicAuthDynamicFeature<>(ImmutableMap.of(AuthenticatedDevice.class, accountAuthFilter)); } public static String getAuthHeader(UUID uuid, byte deviceId, String password) { diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticatorTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticatorTest.java index b1305091f..cfd6fa93c 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticatorTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketAccountAuthenticatorTest.java @@ -24,7 +24,7 @@ import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; import org.whispersystems.textsecuregcm.auth.AccountAuthenticator; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.storage.Account; import org.whispersystems.textsecuregcm.storage.Device; import org.whispersystems.textsecuregcm.util.HeaderUtils; @@ -52,7 +52,7 @@ void setUp() { accountAuthenticator = mock(AccountAuthenticator.class); when(accountAuthenticator.authenticate(eq(new BasicCredentials(VALID_USER, VALID_PASSWORD)))) - .thenReturn(Optional.of(new AuthenticatedAccount(mock(Account.class), mock(Device.class)))); + .thenReturn(Optional.of(new AuthenticatedDevice(mock(Account.class), mock(Device.class)))); when(accountAuthenticator.authenticate(eq(new BasicCredentials(INVALID_USER, INVALID_PASSWORD)))) .thenReturn(Optional.empty()); @@ -77,7 +77,7 @@ void testAuthenticate( accountAuthenticator, mock(PrincipalSupplier.class)); - final ReusableAuth result = webSocketAuthenticator.authenticate(upgradeRequest); + final ReusableAuth result = webSocketAuthenticator.authenticate(upgradeRequest); assertEquals(expectAccount, result.ref().isPresent()); assertEquals(expectInvalid, result.invalidCredentialsProvided()); diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionIntegrationTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionIntegrationTest.java index 6a4c3ccd9..b93ed78a0 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionIntegrationTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionIntegrationTest.java @@ -43,7 +43,7 @@ import org.junit.jupiter.params.provider.CsvSource; import org.mockito.ArgumentCaptor; import org.mockito.stubbing.Answer; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.entities.MessageProtos; import org.whispersystems.textsecuregcm.entities.MessageProtos.Envelope; import org.whispersystems.textsecuregcm.metrics.MessageMetrics; @@ -127,7 +127,7 @@ void testProcessStoredMessages(final int persistedMessageCount, final int cached new MessagesManager(messagesDynamoDb, messagesCache, reportMessageManager, sharedExecutorService), new MessageMetrics(), mock(PushNotificationManager.class), - new AuthenticatedAccount(account, device), + new AuthenticatedDevice(account, device), webSocketClient, scheduledExecutorService, messageDeliveryScheduler, @@ -213,7 +213,7 @@ void testProcessStoredMessagesClientClosed() { new MessagesManager(messagesDynamoDb, messagesCache, reportMessageManager, sharedExecutorService), new MessageMetrics(), mock(PushNotificationManager.class), - new AuthenticatedAccount(account, device), + new AuthenticatedDevice(account, device), webSocketClient, scheduledExecutorService, messageDeliveryScheduler, @@ -280,7 +280,7 @@ void testProcessStoredMessagesSendFutureTimeout() { new MessagesManager(messagesDynamoDb, messagesCache, reportMessageManager, sharedExecutorService), new MessageMetrics(), mock(PushNotificationManager.class), - new AuthenticatedAccount(account, device), + new AuthenticatedDevice(account, device), webSocketClient, 100, // use a very short timeout, so that this test completes quickly scheduledExecutorService, diff --git a/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionTest.java b/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionTest.java index 633da1715..f3f32a667 100644 --- a/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionTest.java +++ b/service/src/test/java/org/whispersystems/textsecuregcm/websocket/WebSocketConnectionTest.java @@ -10,7 +10,6 @@ import static org.junit.jupiter.api.Assertions.assertTimeoutPreemptively; import static org.junit.jupiter.api.Assertions.assertTrue; import static org.mockito.ArgumentMatchers.anyBoolean; -import static org.mockito.ArgumentMatchers.anyByte; import static org.mockito.ArgumentMatchers.argThat; import static org.mockito.ArgumentMatchers.eq; import static org.mockito.ArgumentMatchers.nullable; @@ -55,7 +54,7 @@ import org.junit.jupiter.api.Test; import org.mockito.stubbing.Answer; import org.whispersystems.textsecuregcm.auth.AccountAuthenticator; -import org.whispersystems.textsecuregcm.auth.AuthenticatedAccount; +import org.whispersystems.textsecuregcm.auth.AuthenticatedDevice; import org.whispersystems.textsecuregcm.identity.AciServiceIdentifier; import org.whispersystems.textsecuregcm.metrics.MessageMetrics; import org.whispersystems.textsecuregcm.push.ClientPresenceManager; @@ -89,7 +88,7 @@ class WebSocketConnectionTest { private AccountsManager accountsManager; private Account account; private Device device; - private AuthenticatedAccount auth; + private AuthenticatedDevice auth; private UpgradeRequest upgradeRequest; private MessagesManager messagesManager; private ReceiptSender receiptSender; @@ -103,7 +102,7 @@ void setup() { accountsManager = mock(AccountsManager.class); account = mock(Account.class); device = mock(Device.class); - auth = new AuthenticatedAccount(account, device); + auth = new AuthenticatedDevice(account, device); upgradeRequest = mock(UpgradeRequest.class); messagesManager = mock(MessagesManager.class); receiptSender = mock(ReceiptSender.class); @@ -128,11 +127,11 @@ void testCredentials() throws Exception { WebSocketSessionContext sessionContext = mock(WebSocketSessionContext.class); when(accountAuthenticator.authenticate(eq(new BasicCredentials(VALID_USER, VALID_PASSWORD)))) - .thenReturn(Optional.of(new AuthenticatedAccount(account, device))); + .thenReturn(Optional.of(new AuthenticatedDevice(account, device))); - ReusableAuth account = webSocketAuthenticator.authenticate(upgradeRequest); + ReusableAuth account = webSocketAuthenticator.authenticate(upgradeRequest); when(sessionContext.getAuthenticated()).thenReturn(account.ref().orElse(null)); - when(sessionContext.getAuthenticated(AuthenticatedAccount.class)).thenReturn(account.ref().orElse(null)); + when(sessionContext.getAuthenticated(AuthenticatedDevice.class)).thenReturn(account.ref().orElse(null)); final WebSocketClient webSocketClient = mock(WebSocketClient.class); when(webSocketClient.getUserAgent()).thenReturn("Signal-Android/6.22.8");