diff --git a/native/native_rust_library/src/lib.rs b/native/native_rust_library/src/lib.rs --- a/native/native_rust_library/src/lib.rs +++ b/native/native_rust_library/src/lib.rs @@ -5,11 +5,10 @@ UpdateUserPasswordFinishRequest, UpdateUserPasswordStartRequest, }; use grpc_clients::identity::protos::client::{ - outbound_keys_for_user_request::Identifier, DeleteUserRequest, - DeviceKeyUpload, DeviceType, Empty, IdentityKeyInfo, - OpaqueLoginFinishRequest, OpaqueLoginStartRequest, OutboundKeyInfo, - OutboundKeysForUserRequest, PreKey, RegistrationFinishRequest, - RegistrationStartRequest, WalletLoginRequest, + outbound_keys_for_user_request::Identifier, DeviceKeyUpload, DeviceType, + Empty, IdentityKeyInfo, OpaqueLoginFinishRequest, OpaqueLoginStartRequest, + OutboundKeyInfo, OutboundKeysForUserRequest, PreKey, + RegistrationFinishRequest, RegistrationStartRequest, WalletLoginRequest, }; use grpc_clients::identity::{get_auth_client, get_unauthenticated_client}; use lazy_static::lazy_static; @@ -579,18 +578,16 @@ } async fn delete_user_helper(auth_info: AuthInfo) -> Result<(), Error> { - let delete_user_request = DeleteUserRequest { - access_token: auth_info.access_token, - user_id: auth_info.user_id, - device_id_key: auth_info.device_id, - }; - let mut identity_client = get_unauthenticated_client( + let mut identity_client = get_auth_client( "http://127.0.0.1:50054", + auth_info.user_id, + auth_info.device_id, + auth_info.access_token, CODE_VERSION, DEVICE_TYPE.as_str_name().to_lowercase(), ) .await?; - identity_client.delete_user(delete_user_request).await?; + identity_client.delete_user(Empty {}).await?; Ok(()) } diff --git a/services/identity/src/client_service.rs b/services/identity/src/client_service.rs --- a/services/identity/src/client_service.rs +++ b/services/identity/src/client_service.rs @@ -14,16 +14,16 @@ // Workspace crate imports use crate::client_service::client_proto::{ inbound_keys_for_user_request, outbound_keys_for_user_request, - AddReservedUsernamesRequest, DeleteUserRequest, Empty, GenerateNonceResponse, - InboundKeyInfo, InboundKeysForUserRequest, InboundKeysForUserResponse, - LogoutRequest, OpaqueLoginFinishRequest, OpaqueLoginFinishResponse, - OpaqueLoginStartRequest, OpaqueLoginStartResponse, OutboundKeyInfo, - OutboundKeysForUserRequest, OutboundKeysForUserResponse, - RegistrationFinishRequest, RegistrationFinishResponse, - RegistrationStartRequest, RegistrationStartResponse, - RemoveReservedUsernameRequest, ReservedRegistrationStartRequest, - ReservedWalletLoginRequest, VerifyUserAccessTokenRequest, - VerifyUserAccessTokenResponse, WalletLoginRequest, WalletLoginResponse, + AddReservedUsernamesRequest, Empty, GenerateNonceResponse, InboundKeyInfo, + InboundKeysForUserRequest, InboundKeysForUserResponse, + OpaqueLoginFinishRequest, OpaqueLoginFinishResponse, OpaqueLoginStartRequest, + OpaqueLoginStartResponse, OutboundKeyInfo, OutboundKeysForUserRequest, + OutboundKeysForUserResponse, RegistrationFinishRequest, + RegistrationFinishResponse, RegistrationStartRequest, + RegistrationStartResponse, RemoveReservedUsernameRequest, + ReservedRegistrationStartRequest, ReservedWalletLoginRequest, + VerifyUserAccessTokenRequest, VerifyUserAccessTokenResponse, + WalletLoginRequest, WalletLoginResponse, }; use crate::config::CONFIG; use crate::database::{ @@ -559,77 +559,6 @@ Ok(Response::new(response)) } - async fn log_out_user( - &self, - request: tonic::Request, - ) -> Result, tonic::Status> { - let message = request.into_inner(); - - let token_is_valid = self - .client - .verify_access_token( - message.user_id.clone(), - message.device_id_key.clone(), - message.access_token, - ) - .await - .map_err(handle_db_error)?; - - if !token_is_valid { - return Err(tonic::Status::permission_denied("bad token")); - } - - self - .client - .remove_device_from_users_table( - message.user_id.clone(), - message.device_id_key.clone(), - ) - .await - .map_err(handle_db_error)?; - - self - .client - .delete_access_token_data(message.user_id, message.device_id_key) - .await - .map_err(handle_db_error)?; - - let response = Empty {}; - - Ok(Response::new(response)) - } - - async fn delete_user( - &self, - request: tonic::Request, - ) -> Result, tonic::Status> { - let message = request.into_inner(); - - let token_is_valid = self - .client - .verify_access_token( - message.user_id.clone(), - message.device_id_key, - message.access_token, - ) - .await - .map_err(handle_db_error)?; - - if !token_is_valid { - return Err(tonic::Status::permission_denied("bad token")); - } - - self - .client - .delete_user(message.user_id) - .await - .map_err(handle_db_error)?; - - let response = Empty {}; - - Ok(Response::new(response)) - } - async fn generate_nonce( &self, _request: tonic::Request, diff --git a/services/identity/src/grpc_services/authenticated.rs b/services/identity/src/grpc_services/authenticated.rs --- a/services/identity/src/grpc_services/authenticated.rs +++ b/services/identity/src/grpc_services/authenticated.rs @@ -264,4 +264,42 @@ let response = Empty {}; Ok(Response::new(response)) } + + async fn log_out_user( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + let (user_id, device_id) = get_user_and_device_id(&request)?; + + self + .db_client + .remove_device_from_users_table(user_id.clone(), device_id.clone()) + .await + .map_err(handle_db_error)?; + + self + .db_client + .delete_access_token_data(user_id, device_id) + .await + .map_err(handle_db_error)?; + + let response = Empty {}; + Ok(Response::new(response)) + } + + async fn delete_user( + &self, + request: tonic::Request, + ) -> Result, tonic::Status> { + let (user_id, _) = get_user_and_device_id(&request)?; + + self + .db_client + .delete_user(user_id) + .await + .map_err(handle_db_error)?; + + let response = Empty {}; + Ok(Response::new(response)) + } } diff --git a/shared/protos/identity_authenticated.proto b/shared/protos/identity_authenticated.proto --- a/shared/protos/identity_authenticated.proto +++ b/shared/protos/identity_authenticated.proto @@ -25,6 +25,11 @@ rpc UpdateUserPasswordFinish(UpdateUserPasswordFinishRequest) returns (identity.client.Empty) {} + // Called by user to log out (clears device's keys and access token) + rpc LogOutUser(identity.client.Empty) returns (identity.client.Empty) {} + // Called by a user to delete their own account + rpc DeleteUser(identity.client.Empty) returns (identity.client.Empty) {} + // Called by clients to get required keys for opening a connection // to a user's keyserver rpc GetKeyserverKeys(OutboundKeysForUserRequest) returns diff --git a/shared/protos/identity_client.proto b/shared/protos/identity_client.proto --- a/shared/protos/identity_client.proto +++ b/shared/protos/identity_client.proto @@ -25,10 +25,6 @@ rpc LoginWalletUser(WalletLoginRequest) returns (WalletLoginResponse) {} rpc LoginReservedWalletUser(ReservedWalletLoginRequest) returns (WalletLoginResponse) {} - // Called by user to log out (clears device's keys and access token) - rpc LogOutUser(LogoutRequest) returns (Empty) {} - // Called by a user to delete their own account - rpc DeleteUser(DeleteUserRequest) returns (Empty) {} // Sign-In with Ethereum actions @@ -228,26 +224,6 @@ string accessToken = 2; } -// LogOutUser - -message LogoutRequest { - string accessToken = 1; - string userID = 2; - // Public ed25519 key used for signing. We need this to look up a device's - // access token - string deviceIDKey = 3; -} - -// DeleteUser - -message DeleteUserRequest { - string accessToken = 1; - string userID = 2; - // Public ed25519 key used for signing. We need this to look up a device's - // access token - string deviceIDKey = 3; -} - // GenerateNonce message GenerateNonceResponse{