Page MenuHomePhabricator
Differential D9421

[keyserver] cron job to refresh account prekeys
ClosedPublic
Actions

Authored by kamil on Oct 9 2023, 7:03 AM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, May 4, 4:28 PM
Unknown Object (File)
Wed, May 1, 10:41 PM
Unknown Object (File)
Tue, Apr 16, 5:31 AM
Unknown Object (File)
Tue, Apr 16, 5:30 AM
Unknown Object (File)
Tue, Apr 16, 5:29 AM
Unknown Object (File)
Mon, Apr 15, 3:54 PM
Unknown Object (File)
Mon, Apr 15, 3:17 AM
Unknown Object (File)
Sat, Apr 13, 12:16 PM
View All 62 Files
Subscribers
tomek
will

Details

Reviewers
varun
marcin
ashoat
Commits
rCOMM4f215ab1cbc7: [keyserver] cron job to refresh account prekeys
Summary

Issue: ENG-3944.

This is part of D8476 (breaking this for smaller diffs because it's complex).

Diff which publishes keys to Identity service.

Depends on D9420

Test Plan
  1. Call revalidateAccountPrekeys() to make sure checks work properly
  2. Call publishNewPrekeys() to make sure upload works properly.
  3. Check Identity logs for Refreshing prekeys for user: ...
  4. Check if time (last_prekey_publish_time) is updated after successful upload.

Test error:

  1. Delete user credentials (identity will fail to auth while refreshing keys)
  2. Trigger cron job
  3. check logs for encountered error while trying to validate prekeys

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kamil created this revision.Oct 9 2023, 7:03 AM
kamil held this revision as a draft.
Herald added subscribers: will, tomek. · View Herald TranscriptOct 9 2023, 7:03 AM
kamil added a child revision: D9422: [keyserver] delete marking prekeys as published each time `olm` account is accessed.Oct 9 2023, 7:05 AM
Harbormaster completed remote builds in B23097: Diff 31799.Oct 9 2023, 7:20 AM
kamil published this revision for review.Oct 9 2023, 8:18 AM
kamil mentioned this in D8476: [Keyserver] Publish prekeys to identity service for cron job.
marcin accepted this revision.Oct 10 2023, 3:33 AM

Looks fine assuming that we always want to rotate both even if only one actually needs rotation. Make sure you get @varun acceptance before landing since I don't have enough context to review publishNewPrekeys

This revision is now accepted and ready to land.Oct 10 2023, 3:33 AM
kamil added 1 blocking reviewer(s): varun.Oct 10 2023, 3:50 AM
This revision now requires review to proceed.Oct 10 2023, 3:50 AM
ashoat accepted this revision.Oct 10 2023, 7:38 AM
ashoat added inline comments.
keyserver/src/utils/olm-utils.js
204 ↗(On Diff #31799)

We can take this console.log out

varun requested changes to this revision.Oct 10 2023, 8:21 PM

Refreshing prekeys for user: ... just means the Identity service received the RefreshUserPreKeys request. Shouldn't we make sure that we actually received a successful response from the Identity service?

Also what happens if, say, the Identity service is offline? Does publishNewPrekeys fail gracefully? Maybe it doesn't matter since we only call it from a cron job?

This revision now requires changes to proceed.Oct 10 2023, 8:21 PM
kamil requested review of this revision.Oct 11 2023, 3:30 AM
In D9421#277121, @varun wrote:

Refreshing prekeys for user: ... just means the Identity service received the RefreshUserPreKeys request. Shouldn't we make sure that we actually received a successful response from the Identity service?

We do. We throw an error when refresh_user_pre_keys call fails.
Checking refresh_user_pre_keys response doesn't make sense because it returns an empty response.
Checking rustAPI.publishPrekeys() response also doesn't make sense, because it always returns true. (Probably this is some convention in Rust codebase? Was introduced in D8473)

So basically we await rustAPI.publishPrekeys() and this means success or it throws an error.

Also what happens if, say, the Identity service is offline? Does publishNewPrekeys fail gracefully? Maybe it doesn't matter since we only call it from a cron job?

When identity is offline, or anything went wrong on identity, the cron job fails silently (see it's surrounded via try {} catch() {}. I think we can keep publishNewPrekeys to throw error and make caller's responsibility to handle this.

kamil updated this revision to Diff 31923.Oct 11 2023, 3:32 AM

remove console.log

kamil edited the test plan for this revision. (Show Details)Oct 11 2023, 3:35 AM
Harbormaster completed remote builds in B23179: Diff 31923.Oct 11 2023, 3:50 AM
kamil mentioned this in D9423: [keyserver] validate prekeys only via cron job.Oct 11 2023, 6:03 AM
varun accepted this revision.Oct 11 2023, 7:06 AM

Checking rustAPI.publishPrekeys() response also doesn't make sense, because it always returns true. (Probably this is some convention in Rust codebase? Was introduced in D8473)

yeah not sure why we need a bool here at all, actually... could just be Result<()> instead

This revision is now accepted and ready to land.Oct 11 2023, 7:06 AM
kamil updated this revision to Diff 32014.Oct 16 2023, 1:36 AM
kamil edited the test plan for this revision. (Show Details)

revalidateAccountPrekeys -> validateAndUploadAccountPrekeys

Harbormaster completed remote builds in B23258: Diff 32014.Oct 16 2023, 1:54 AM
Closed by commit rCOMM4f215ab1cbc7: [keyserver] cron job to refresh account prekeys (authored by kamil). · Explain WhyOct 16 2023, 2:16 AM
This revision was automatically updated to reflect the committed changes.
kamil added a commit: rCOMM4f215ab1cbc7: [keyserver] cron job to refresh account prekeys.

Revision Contents
Changeset List

PathSize
keyserver/
src/
cron/
14 lines
utils/
63 lines

Diff 32028

View Options

keyserver/src/cron/cron.js

Loading...
View Options

keyserver/src/utils/olm-utils.js

Loading...