diff --git a/keyserver/addons/rust-node-addon/src/identity_client/mod.rs b/keyserver/addons/rust-node-addon/src/identity_client/mod.rs --- a/keyserver/addons/rust-node-addon/src/identity_client/mod.rs +++ b/keyserver/addons/rust-node-addon/src/identity_client/mod.rs @@ -10,9 +10,10 @@ use client_proto::{ AddReservedUsernamesRequest, DeviceKeyUpload, DeviceType, IdentityKeyInfo, InboundKeyInfo, PreKey, RegistrationFinishRequest, RegistrationStartRequest, - RemoveReservedUsernameRequest, UploadOneTimeKeysRequest, + RemoveReservedUsernameRequest, }; use grpc_clients::identity::authenticated::ChainedInterceptedAuthClient; +use grpc_clients::identity::protos::authenticated::UploadOneTimeKeysRequest; use grpc_clients::identity::protos::unauthenticated as client_proto; use grpc_clients::identity::shared::CodeVersionLayer; use lazy_static::lazy_static; diff --git a/keyserver/addons/rust-node-addon/src/identity_client/upload_one_time_keys.rs b/keyserver/addons/rust-node-addon/src/identity_client/upload_one_time_keys.rs --- a/keyserver/addons/rust-node-addon/src/identity_client/upload_one_time_keys.rs +++ b/keyserver/addons/rust-node-addon/src/identity_client/upload_one_time_keys.rs @@ -12,12 +12,10 @@ notif_one_time_pre_keys: Vec, ) -> Result { // Set up the gRPC client that will be used to talk to the Identity service - let mut identity_client = get_identity_client().await?; + let mut identity_client = + get_authenticated_identity_client(user_id, device_id, access_token).await?; let upload_request = UploadOneTimeKeysRequest { - user_id, - device_id, - access_token, content_one_time_pre_keys, notif_one_time_pre_keys, }; diff --git a/services/commtest/tests/identity_access_tokens_tests.rs b/services/commtest/tests/identity_access_tokens_tests.rs --- a/services/commtest/tests/identity_access_tokens_tests.rs +++ b/services/commtest/tests/identity_access_tokens_tests.rs @@ -3,8 +3,7 @@ }; use commtest::service_addr; use grpc_clients::identity::{ - get_unauthenticated_client, - protos::client::{UploadOneTimeKeysRequest, VerifyUserAccessTokenRequest}, + get_unauthenticated_client, protos::client::VerifyUserAccessTokenRequest, }; #[tokio::test] @@ -33,31 +32,3 @@ assert!(response.into_inner().token_valid); } - -#[tokio::test] -async fn upload_one_time_keys() { - let identity_grpc_endpoint = service_addr::IDENTITY_GRPC.to_string(); - let device_info = create_device(None).await; - - let mut identity_client = get_unauthenticated_client( - &identity_grpc_endpoint, - PLACEHOLDER_CODE_VERSION, - DEVICE_TYPE.to_string(), - ) - .await - .expect("Couldn't connect to identity service"); - - let upload_request = UploadOneTimeKeysRequest { - user_id: device_info.user_id, - device_id: device_info.device_id, - access_token: device_info.access_token, - content_one_time_pre_keys: vec!["a".to_string(), "b".to_string()], - notif_one_time_pre_keys: vec!["c".to_string(), "d".to_string()], - }; - - // This send will fail if the one-time keys weren't successfully added - identity_client - .upload_one_time_keys(upload_request) - .await - .unwrap(); -} diff --git a/services/commtest/tests/identity_keyserver_tests.rs b/services/commtest/tests/identity_keyserver_tests.rs --- a/services/commtest/tests/identity_keyserver_tests.rs +++ b/services/commtest/tests/identity_keyserver_tests.rs @@ -3,9 +3,9 @@ }; use commtest::service_addr; use grpc_clients::identity::{ - get_auth_client, get_unauthenticated_client, - protos::{ - authenticated::OutboundKeysForUserRequest, client::UploadOneTimeKeysRequest, + get_auth_client, + protos::authenticated::{ + OutboundKeysForUserRequest, UploadOneTimeKeysRequest, }, }; @@ -17,8 +17,8 @@ let mut client = get_auth_client( &identity_grpc_endpoint, device_info.user_id.clone(), - device_info.device_id.clone(), - device_info.access_token.clone(), + device_info.device_id, + device_info.access_token, PLACEHOLDER_CODE_VERSION, DEVICE_TYPE.to_string(), ) @@ -26,22 +26,11 @@ .expect("Couldn't connect to identity service"); let upload_request = UploadOneTimeKeysRequest { - user_id: device_info.user_id.clone(), - device_id: device_info.device_id, - access_token: device_info.access_token, content_one_time_pre_keys: vec!["content1".to_string()], notif_one_time_pre_keys: vec!["notif1".to_string()], }; - let mut unauthenticated_client = get_unauthenticated_client( - &identity_grpc_endpoint, - PLACEHOLDER_CODE_VERSION, - DEVICE_TYPE.to_string(), - ) - .await - .expect("Couldn't connect to identity service"); - - unauthenticated_client + client .upload_one_time_keys(upload_request) .await .expect("Failed to upload keys"); diff --git a/services/commtest/tests/identity_one_time_key_tests.rs b/services/commtest/tests/identity_one_time_key_tests.rs --- a/services/commtest/tests/identity_one_time_key_tests.rs +++ b/services/commtest/tests/identity_one_time_key_tests.rs @@ -3,15 +3,18 @@ }; use commtest::service_addr; use grpc_clients::identity::{ - get_unauthenticated_client, protos::client::UploadOneTimeKeysRequest, + get_auth_client, protos::authenticated::UploadOneTimeKeysRequest, }; #[tokio::test] -async fn verify_access_token() { +async fn upload_one_time_keys() { let device_info = create_device(None).await; - let mut identity_client = get_unauthenticated_client( + let mut identity_client = get_auth_client( &service_addr::IDENTITY_GRPC.to_string(), + device_info.user_id, + device_info.device_id, + device_info.access_token, PLACEHOLDER_CODE_VERSION, DEVICE_TYPE.to_string(), ) @@ -19,9 +22,6 @@ .expect("Couldn't connect to identity service"); let upload_request = UploadOneTimeKeysRequest { - user_id: device_info.user_id, - device_id: device_info.device_id, - access_token: device_info.access_token, content_one_time_pre_keys: vec![ "content1".to_string(), "content2".to_string(), diff --git a/services/commtest/tests/identity_tunnelbroker_tests.rs b/services/commtest/tests/identity_tunnelbroker_tests.rs --- a/services/commtest/tests/identity_tunnelbroker_tests.rs +++ b/services/commtest/tests/identity_tunnelbroker_tests.rs @@ -4,9 +4,10 @@ use commtest::service_addr; use commtest::tunnelbroker::socket::{create_socket, receive_message}; use futures_util::StreamExt; -use grpc_clients::identity::protos::authenticated::OutboundKeysForUserRequest; -use grpc_clients::identity::protos::client::UploadOneTimeKeysRequest; -use grpc_clients::identity::{get_auth_client, get_unauthenticated_client}; +use grpc_clients::identity::get_auth_client; +use grpc_clients::identity::protos::authenticated::{ + OutboundKeysForUserRequest, UploadOneTimeKeysRequest, +}; use tunnelbroker_messages::RefreshKeyRequest; #[tokio::test] @@ -34,8 +35,12 @@ let identity_grpc_endpoint = service_addr::IDENTITY_GRPC.to_string(); let device_info = create_device(None).await; - let mut identity_client = get_unauthenticated_client( + // Request outbound keys, which should trigger identity service to ask for more keys + let mut client = get_auth_client( &identity_grpc_endpoint, + device_info.user_id.clone(), + device_info.device_id, + device_info.access_token, PLACEHOLDER_CODE_VERSION, DEVICE_TYPE.to_string(), ) @@ -43,29 +48,11 @@ .expect("Couldn't connect to identity service"); let upload_request = UploadOneTimeKeysRequest { - user_id: device_info.user_id.clone(), - device_id: device_info.device_id.clone(), - access_token: device_info.access_token.clone(), content_one_time_pre_keys: vec!["content1".to_string()], notif_one_time_pre_keys: vec!["notif1".to_string()], }; - identity_client - .upload_one_time_keys(upload_request) - .await - .unwrap(); - - // Request outbound keys, which should trigger identity service to ask for more keys - let mut client = get_auth_client( - &identity_grpc_endpoint, - device_info.user_id.clone(), - device_info.device_id, - device_info.access_token, - PLACEHOLDER_CODE_VERSION, - DEVICE_TYPE.to_string(), - ) - .await - .expect("Couldn't connect to identity service"); + client.upload_one_time_keys(upload_request).await.unwrap(); let keyserver_request = OutboundKeysForUserRequest { user_id: device_info.user_id.clone(), diff --git a/services/identity/src/client_service.rs b/services/identity/src/client_service.rs --- a/services/identity/src/client_service.rs +++ b/services/identity/src/client_service.rs @@ -24,8 +24,8 @@ RemoveReservedUsernameRequest, ReservedRegistrationStartRequest, ReservedWalletLoginRequest, UpdateUserPasswordFinishRequest, UpdateUserPasswordStartRequest, UpdateUserPasswordStartResponse, - UploadOneTimeKeysRequest, VerifyUserAccessTokenRequest, - VerifyUserAccessTokenResponse, WalletLoginRequest, WalletLoginResponse, + VerifyUserAccessTokenRequest, VerifyUserAccessTokenResponse, + WalletLoginRequest, WalletLoginResponse, }; use crate::config::CONFIG; use crate::database::{ @@ -817,44 +817,6 @@ })) } - async fn upload_one_time_keys( - &self, - request: tonic::Request, - ) -> Result, tonic::Status> { - let message = request.into_inner(); - - debug!("Validating token: {:?}", message); - let token_valid = self - .client - .verify_access_token( - message.user_id.clone(), - message.device_id.clone(), - message.access_token, - ) - .await - .map_err(handle_db_error)?; - - if !token_valid { - return Err(tonic::Status::unauthenticated("Invalid token")); - } - - debug!( - "Attempting to update one time keys for user: {}", - message.user_id - ); - self - .client - .append_one_time_prekeys( - message.device_id, - message.content_one_time_pre_keys, - message.notif_one_time_pre_keys, - ) - .await - .map_err(handle_db_error)?; - - Ok(tonic::Response::new(Empty {})) - } - async fn verify_user_access_token( &self, request: tonic::Request, diff --git a/shared/protos/identity_client.proto b/shared/protos/identity_client.proto --- a/shared/protos/identity_client.proto +++ b/shared/protos/identity_client.proto @@ -55,8 +55,6 @@ // device, but will not contain one-time keys. rpc GetInboundKeysForUser(InboundKeysForUserRequest) returns (InboundKeysForUserResponse) {} - // Replenish one-time preKeys - rpc UploadOneTimeKeys(UploadOneTimeKeysRequest) returns (Empty) {} // Service actions @@ -337,17 +335,6 @@ map devices = 1; } -// UploadOneTimeKeys - -// As OPKs get exhausted, they need to be refreshed -message UploadOneTimeKeysRequest { - string userID = 1; - string deviceID = 2; - string accessToken = 3; - repeated string contentOneTimePreKeys = 4; - repeated string notifOneTimePreKeys = 5; -} - // VerifyUserAccessToken message VerifyUserAccessTokenRequest {