Page MenuHomePhabricator

[keyserver] processOlmAccountCreation
ClosedPublic

Authored by varun on Dec 29 2023, 8:43 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Nov 27, 2:45 AM
Unknown Object (File)
Wed, Nov 27, 2:27 AM
Unknown Object (File)
Wed, Nov 27, 12:43 AM
Unknown Object (File)
Mon, Nov 18, 11:58 PM
Unknown Object (File)
Fri, Nov 8, 1:06 AM
Unknown Object (File)
Fri, Nov 1, 5:42 AM
Unknown Object (File)
Oct 23 2024, 6:39 AM
Unknown Object (File)
Oct 17 2024, 4:32 AM
Subscribers

Details

Summary

similar to SIWE account creation logic. differences:

  • signedIdentityKeysBlob must be present
  • we use the UserIdentifier type to get the username (and eth address if present)
  • we don't send a reserved username request since this user has already registered with identity

not deduping because we eventually want to deprecate the siwe account creation function anyway

Depends on D10491

Test Plan

tested in next diff by calling the olm auth responder and confirming that the above listed changes all work as expected

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

varun published this revision for review.Dec 29 2023, 8:51 AM
keyserver/src/creators/account-creator.js
323 ↗(On Diff #35101)

We seem to be allowing the user to pick any username here. Instead, we should ask the identity service for the username, to prevent the user from picking a username that doesn't match the identity service's records for the given userID

ashoat requested changes to this revision.Dec 29 2023, 11:07 AM

not deduping because we eventually want to deprecate the siwe account creation function anyway

I don't love this reasoning. This code will be around for a while with duplication. It seems like at least some of the shared code can be factored out here, especially the stuff at the end. Can you try to factor it out?

This revision now requires changes to proceed.Dec 29 2023, 11:07 AM

checking delta between two account creation functions

keyserver/src/creators/account-creator.js
323 ↗(On Diff #35101)

the caller of this function will pass the username retrieved from the identity service

keyserver/src/creators/account-creator.js
15 ↗(On Diff #35330)

not sure what happened here but i'll make sure to add the .js suffix back

300–302 ↗(On Diff #35330)

not sure if we need to block on setNewSession but that's what we were doing in the existing code so i haven't changed it

ashoat added inline comments.
keyserver/src/creators/account-creator.js
300–302 ↗(On Diff #35330)

setNewSession mutates viewer, so yeah probably best to await on it

305 ↗(On Diff #35330)

You could just pass the viewer in only, and use viewer.userID

lib/types/account-types.js
175–178 ↗(On Diff #35330)

To be honest, I don't think there's much of a point to this new type. It could be collapsed into ProcessOLMAccountCreationRequest to remove a layer of indirection

This revision is now accepted and ready to land.Jan 6 2024, 1:29 PM
This revision was automatically updated to reflect the committed changes.