Page MenuHomePhabricator

[identity] Implement RPC to log out secondary device
ClosedPublic

Authored by bartek on May 20 2024, 5:53 AM.
Tags
None
Referenced Files
F3346237: D12120.diff
Fri, Nov 22, 8:03 AM
Unknown Object (File)
Thu, Nov 21, 2:04 AM
Unknown Object (File)
Wed, Nov 13, 12:14 PM
Unknown Object (File)
Mon, Nov 11, 11:07 AM
Unknown Object (File)
Mon, Nov 11, 8:05 AM
Unknown Object (File)
Sun, Nov 10, 10:07 PM
Unknown Object (File)
Tue, Nov 5, 4:43 AM
Unknown Object (File)
Tue, Nov 5, 4:43 AM
Subscribers

Details

Summary

Implementation of the RPC described in D12119. Details and linked issues there.
This RPC needs to:

  • Verify if the device is on the device list
  • Clear device CSAT
  • Clear device data (prekeys etc)
  • Clear OTKs

Depends on D12119

Test Plan
  • Registered a user (Identity-auto created device list with primary device).
  • Logged in with a second device (secondary device added to the list)
  • Called the RPC on the secondary device
    • Confirmed that CSAT as well as device keys were cleared by viewing DDB tables
    • Confirmed that the device ID still exists on the device list

Also confirmed that the RPC fails:

  • If the device is not on the device list
  • If the device is a primary device

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

bartek held this revision as a draft.

Check if device is secondary

bartek published this revision for review.May 20 2024, 6:26 AM
kamil added inline comments.
services/identity/src/database/device_list.rs
152 ↗(On Diff #40399)

should this be is_primary_device?

services/identity/src/grpc_services/authenticated.rs
354–370 ↗(On Diff #40399)

what if one of these fails? is it okay to leave partial data for a device?

This revision is now accepted and ready to land.May 23 2024, 2:35 AM
services/identity/src/database/device_list.rs
152 ↗(On Diff #40399)

Not necessarily, it checks if the list contains primary device with given ID.
Both names seem correct though

services/identity/src/grpc_services/authenticated.rs
354–370 ↗(On Diff #40399)

Actually, removing CSAT should be before others. I'll reorder them.
Besides that, it's safe to keep others, in the worst case the database will just contain some garbage. Also, the client might retry the call if any of them returns error.
Even if they fail, I'm going to implement a mechanism that clears the data upon device list updates.