diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs --- a/services/identity/src/grpc_services/authenticated.rs +++ b/services/identity/src/grpc_services/authenticated.rs @@ -13,6 +13,7 @@ use auth_proto::{ identity_client_service_server::IdentityClientService, KeyserverKeysResponse, OutboundKeyInfo, OutboundKeysForUserRequest, RefreshUserPreKeysRequest, + UploadOneTimeKeysRequest, }; use client::{Empty, IdentityKeyInfo}; use tracing::debug; @@ -149,4 +150,25 @@ return Ok(response); } + + async fn upload_one_time_keys( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + let (user_id, device_id) = get_user_and_device_id(&request)?; + let message = request.into_inner(); + + debug!("Attempting to update one time keys for user: {}", user_id); + self + .db_client + .append_one_time_prekeys( + device_id, + message.content_one_time_pre_keys, + message.notif_one_time_pre_keys, + ) + .await + .map_err(handle_db_error)?; + + Ok(tonic::Response::new(Empty {})) + } } diff --git a/shared/protos/identity_authenticated.proto b/shared/protos/identity_authenticated.proto --- a/shared/protos/identity_authenticated.proto +++ b/shared/protos/identity_authenticated.proto @@ -11,6 +11,9 @@ // the credentials on every request service IdentityClientService { + // Replenish one-time preKeys + rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) + returns (identity.client.Empty) {} // Rotate a devices preKey and preKey signature // Rotated for deniability of older messages rpc RefreshUserPreKeys(RefreshUserPreKeysRequest) @@ -24,6 +27,15 @@ // Helper types +// UploadOneTimeKeys + +// As OPKs get exhausted, they need to be refreshed +message UploadOneTimeKeysRequest { + repeated string contentOneTimePreKeys = 1; + repeated string notifOneTimePreKeys = 2; +} + + // RefreshUserPreKeys message RefreshUserPreKeysRequest {