Remove obsolete ArtController

service/config/sample-secrets-bundle.yml

@@ -89,9 +89,6 @@ paymentsService.userAuthenticationTokenSharedSecret: AAAAAAAAAAAAAAAAAAAAAAAAAAA
 paymentsService.fixerApiKey: unset
 paymentsService.coinMarketCapApiKey: unset
 
-artService.userAuthenticationTokenSharedSecret: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= # base64-encoded 32-byte secret not shared with any external service, but used in ArtController
-artService.userAuthenticationTokenUserIdSecret: AAAAAAAAAAA= # base64-encoded secret to obscure user phone numbers from Sticker Creator
-
 currentReportingKey.secret: AAAAAAAAAAA=
 currentReportingKey.salt: AAAAAAAAAAA=
 

service/config/sample.yml

@@ -331,10 +331,6 @@ paymentsService:
     coinMarketCapCurrencyIds:
       MOB: 7878
 
-artService:
-  userAuthenticationTokenSharedSecret: secret://artService.userAuthenticationTokenSharedSecret
-  userAuthenticationTokenUserIdSecret: secret://artService.userAuthenticationTokenUserIdSecret
-
 badges:
   badges:
     - id: TEST

service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerConfiguration.java

@@ -17,7 +17,6 @@
 import org.whispersystems.textsecuregcm.configuration.ApnConfiguration;
 import org.whispersystems.textsecuregcm.configuration.AppleAppStoreConfiguration;
 import org.whispersystems.textsecuregcm.configuration.AppleDeviceCheckConfiguration;
-import org.whispersystems.textsecuregcm.configuration.ArtServiceConfiguration;
 import org.whispersystems.textsecuregcm.configuration.AwsCredentialsProviderFactory;
 import org.whispersystems.textsecuregcm.configuration.BadgesConfiguration;
 import org.whispersystems.textsecuregcm.configuration.BraintreeConfiguration;
@@ -217,11 +216,6 @@ public class WhisperServerConfiguration extends Configuration {
   @JsonProperty
   private PaymentsServiceConfiguration paymentsService;
 
-  @Valid
-  @NotNull
-  @JsonProperty
-  private ArtServiceConfiguration artService;
-
   @Valid
   @NotNull
   @JsonProperty
@@ -469,10 +463,6 @@ public PaymentsServiceConfiguration getPaymentsServiceConfiguration() {
     return paymentsService;
   }
 
-  public ArtServiceConfiguration getArtServiceConfiguration() {
-    return artService;
-  }
-
   public ZkConfig getZkConfig() {
     return zkConfig;
   }

service/src/main/java/org/whispersystems/textsecuregcm/WhisperServerService.java

@@ -108,7 +108,6 @@
 import org.whispersystems.textsecuregcm.controllers.AccountController;
 import org.whispersystems.textsecuregcm.controllers.AccountControllerV2;
 import org.whispersystems.textsecuregcm.controllers.ArchiveController;
-import org.whispersystems.textsecuregcm.controllers.ArtController;
 import org.whispersystems.textsecuregcm.controllers.AttachmentControllerV4;
 import org.whispersystems.textsecuregcm.controllers.CallLinkController;
 import org.whispersystems.textsecuregcm.controllers.CallRoutingController;
@@ -214,9 +213,6 @@
 import org.whispersystems.textsecuregcm.storage.AccountPrincipalSupplier;
 import org.whispersystems.textsecuregcm.storage.Accounts;
 import org.whispersystems.textsecuregcm.storage.AccountsManager;
-import org.whispersystems.textsecuregcm.storage.devicecheck.AppleDeviceCheckManager;
-import org.whispersystems.textsecuregcm.storage.devicecheck.AppleDeviceCheckTrustAnchor;
-import org.whispersystems.textsecuregcm.storage.devicecheck.AppleDeviceChecks;
 import org.whispersystems.textsecuregcm.storage.ChangeNumberManager;
 import org.whispersystems.textsecuregcm.storage.ClientPublicKeys;
 import org.whispersystems.textsecuregcm.storage.ClientPublicKeysManager;
@@ -244,6 +240,9 @@
 import org.whispersystems.textsecuregcm.storage.Subscriptions;
 import org.whispersystems.textsecuregcm.storage.VerificationSessionManager;
 import org.whispersystems.textsecuregcm.storage.VerificationSessions;
+import org.whispersystems.textsecuregcm.storage.devicecheck.AppleDeviceCheckManager;
+import org.whispersystems.textsecuregcm.storage.devicecheck.AppleDeviceCheckTrustAnchor;
+import org.whispersystems.textsecuregcm.storage.devicecheck.AppleDeviceChecks;
 import org.whispersystems.textsecuregcm.subscriptions.AppleAppStoreManager;
 import org.whispersystems.textsecuregcm.subscriptions.BankMandateTranslator;
 import org.whispersystems.textsecuregcm.subscriptions.BraintreeManager;
@@ -582,8 +581,6 @@ public void run(WhisperServerConfiguration config, Environment environment) thro
         config.getSecureStorageServiceConfiguration());
     ExternalServiceCredentialsGenerator paymentsCredentialsGenerator = PaymentsController.credentialsGenerator(
         config.getPaymentsServiceConfiguration());
-    ExternalServiceCredentialsGenerator artCredentialsGenerator = ArtController.credentialsGenerator(
-        config.getArtServiceConfiguration());
     ExternalServiceCredentialsGenerator svr2CredentialsGenerator = SecureValueRecovery2Controller.credentialsGenerator(
             config.getSvr2Configuration());
 
@@ -1101,7 +1098,6 @@ protected void configureServer(final ServerBuilder<?> serverBuilder) {
             usernameHashZkProofVerifier),
         new AccountControllerV2(accountsManager, changeNumberManager, phoneVerificationTokenManager,
             registrationLockVerificationManager, rateLimiters),
-        new ArtController(rateLimiters, artCredentialsGenerator),
         new AttachmentControllerV4(rateLimiters, gcsAttachmentGenerator, tusAttachmentGenerator,
             experimentEnrollmentManager),
         new ArchiveController(backupAuthManager, backupManager),

service/src/main/java/org/whispersystems/textsecuregcm/grpc/ExternalServiceDefinitions.java

@@ -16,21 +16,11 @@
 import org.signal.chat.credentials.ExternalServiceType;
 import org.whispersystems.textsecuregcm.WhisperServerConfiguration;
 import org.whispersystems.textsecuregcm.auth.ExternalServiceCredentialsGenerator;
-import org.whispersystems.textsecuregcm.configuration.ArtServiceConfiguration;
 import org.whispersystems.textsecuregcm.configuration.DirectoryV2ClientConfiguration;
 import org.whispersystems.textsecuregcm.configuration.PaymentsServiceConfiguration;
 import org.whispersystems.textsecuregcm.configuration.SecureValueRecovery2Configuration;
 
 enum ExternalServiceDefinitions {
-  ART(ExternalServiceType.EXTERNAL_SERVICE_TYPE_ART, (chatConfig, clock) -> {
-    final ArtServiceConfiguration cfg = chatConfig.getArtServiceConfiguration();
-    return ExternalServiceCredentialsGenerator
-        .builder(cfg.userAuthenticationTokenSharedSecret())
-        .withUserDerivationKey(cfg.userAuthenticationTokenUserIdSecret())
-        .prependUsername(false)
-        .truncateSignature(false)
-        .build();
-  }),
   DIRECTORY(ExternalServiceType.EXTERNAL_SERVICE_TYPE_DIRECTORY, (chatConfig, clock) -> {
     final DirectoryV2ClientConfiguration cfg = chatConfig.getDirectoryV2Configuration().getDirectoryV2ClientConfiguration();
     return ExternalServiceCredentialsGenerator

service/src/main/proto/org/signal/chat/credentials.proto

@@ -49,11 +49,10 @@ service ExternalServiceCredentialsAnonymous {
 
 enum ExternalServiceType {
   EXTERNAL_SERVICE_TYPE_UNSPECIFIED = 0;
-  EXTERNAL_SERVICE_TYPE_ART = 1;
-  EXTERNAL_SERVICE_TYPE_DIRECTORY = 2;
-  EXTERNAL_SERVICE_TYPE_PAYMENTS = 3;
-  EXTERNAL_SERVICE_TYPE_STORAGE = 4;
-  EXTERNAL_SERVICE_TYPE_SVR = 5;
+  EXTERNAL_SERVICE_TYPE_DIRECTORY = 1;
+  EXTERNAL_SERVICE_TYPE_PAYMENTS = 2;
+  EXTERNAL_SERVICE_TYPE_STORAGE = 3;
+  EXTERNAL_SERVICE_TYPE_SVR = 4;
 }
 
 message GetExternalServiceCredentialsRequest {

service/src/test/java/org/whispersystems/textsecuregcm/grpc/ExternalServiceCredentialsGrpcServiceTest.java

@@ -43,7 +43,7 @@
 public class ExternalServiceCredentialsGrpcServiceTest
     extends SimpleBaseGrpcTest<ExternalServiceCredentialsGrpcService, ExternalServiceCredentialsGrpc.ExternalServiceCredentialsBlockingStub> {
 
-  private static final ExternalServiceCredentialsGenerator ART_CREDENTIALS_GENERATOR = Mockito.spy(ExternalServiceCredentialsGenerator
+  private static final ExternalServiceCredentialsGenerator DIRECTORY_CREDENTIALS_GENERATOR = Mockito.spy(ExternalServiceCredentialsGenerator
       .builder(TestRandomUtil.nextBytes(32))
       .withUserDerivationKey(TestRandomUtil.nextBytes(32))
       .prependUsername(false)
@@ -62,14 +62,14 @@ public class ExternalServiceCredentialsGrpcServiceTest
   @Override
   protected ExternalServiceCredentialsGrpcService createServiceBeforeEachTest() {
     return new ExternalServiceCredentialsGrpcService(Map.of(
-        ExternalServiceType.EXTERNAL_SERVICE_TYPE_ART, ART_CREDENTIALS_GENERATOR,
+        ExternalServiceType.EXTERNAL_SERVICE_TYPE_DIRECTORY, DIRECTORY_CREDENTIALS_GENERATOR,
         ExternalServiceType.EXTERNAL_SERVICE_TYPE_PAYMENTS, PAYMENTS_CREDENTIALS_GENERATOR
     ), rateLimiters);
   }
 
   static Stream<Arguments> testSuccess() {
     return Stream.of(
-        Arguments.of(ExternalServiceType.EXTERNAL_SERVICE_TYPE_ART, ART_CREDENTIALS_GENERATOR),
+        Arguments.of(ExternalServiceType.EXTERNAL_SERVICE_TYPE_DIRECTORY, DIRECTORY_CREDENTIALS_GENERATOR),
         Arguments.of(ExternalServiceType.EXTERNAL_SERVICE_TYPE_PAYMENTS, PAYMENTS_CREDENTIALS_GENERATOR)
     );
   }
@@ -111,22 +111,22 @@ public void testInvalidRequest() throws Exception {
   public void testRateLimitExceeded() throws Exception {
     final Duration retryAfter = MockUtils.updateRateLimiterResponseToFail(
         rateLimiters, RateLimiters.For.EXTERNAL_SERVICE_CREDENTIALS, AUTHENTICATED_ACI, Duration.ofSeconds(100));
-    Mockito.reset(ART_CREDENTIALS_GENERATOR);
+    Mockito.reset(DIRECTORY_CREDENTIALS_GENERATOR);
     assertRateLimitExceeded(
         retryAfter,
         () -> authenticatedServiceStub().getExternalServiceCredentials(
             GetExternalServiceCredentialsRequest.newBuilder()
-                .setExternalService(ExternalServiceType.EXTERNAL_SERVICE_TYPE_ART)
+                .setExternalService(ExternalServiceType.EXTERNAL_SERVICE_TYPE_DIRECTORY)
                 .build()),
-        ART_CREDENTIALS_GENERATOR
+        DIRECTORY_CREDENTIALS_GENERATOR
     );
   }
 
   @Test
   public void testUnauthenticatedCall() throws Exception {
     assertStatusUnauthenticated(() -> unauthenticatedServiceStub().getExternalServiceCredentials(
         GetExternalServiceCredentialsRequest.newBuilder()
-            .setExternalService(ExternalServiceType.EXTERNAL_SERVICE_TYPE_ART)
+            .setExternalService(ExternalServiceType.EXTERNAL_SERVICE_TYPE_DIRECTORY)
             .build()));
   }
 

service/src/test/resources/config/test-secrets-bundle.yml

@@ -159,9 +159,6 @@ paymentsService.userAuthenticationTokenSharedSecret: AAAAAAAAAAAAAAAAAAAAAAAAAAA
 paymentsService.fixerApiKey: unset
 paymentsService.coinMarketCapApiKey: unset
 
-artService.userAuthenticationTokenSharedSecret: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= # base64-encoded 32-byte secret not shared with any external service, but used in ArtController
-artService.userAuthenticationTokenUserIdSecret: AAAAAAAAAAA= # base64-encoded secret to obscure user phone numbers from Sticker Creator
-
 currentReportingKey.secret: AAAAAAAAAAA=
 currentReportingKey.salt: AAAAAAAAAAA=
 

service/src/test/resources/config/test.yml

@@ -326,10 +326,6 @@ paymentsService:
   externalClients:
     type: stub
 
-artService:
-  userAuthenticationTokenSharedSecret: secret://artService.userAuthenticationTokenSharedSecret
-  userAuthenticationTokenUserIdSecret: secret://artService.userAuthenticationTokenUserIdSecret
-
 badges:
   badges:
     - id: TEST