Page MenuHomePhabricator

[lib] Remove usernames sent by the keyserver and use reservedUserIdentifiers
ClosedPublic

Authored by inka on Jul 31 2024, 6:28 AM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Nov 6, 11:03 PM
Unknown Object (File)
Wed, Nov 6, 11:03 PM
Unknown Object (File)
Wed, Nov 6, 11:02 PM
Unknown Object (File)
Wed, Nov 6, 10:19 PM
Unknown Object (File)
Oct 6 2024, 7:59 PM
Unknown Object (File)
Oct 6 2024, 7:28 PM
Unknown Object (File)
Sep 18 2024, 9:21 PM
Unknown Object (File)
Sep 18 2024, 9:17 PM
Subscribers

Details

Summary

@bartek updated identityClient.findUserIdentities to also return reservedUserIdentifiers - usernames of users not registered with identity, but registered with the keyserver. This means we can go back to stripping usernames from responses sent by the keyserver and request them from identity. This will now work for all users.
This diff addresses ENG-8771. It reverts D12674 with the following changes:

  1. In discardKeyserverUsernames we no longer check if id === bots.commbot.userID. This is because commbot is in reservedUserIdentifiers both on stagining and prod
  2. In discardKeyserverUsernames we check if usingCommServicesAccessToken. If not, we return the userInfos unchanged. This is because we cannot call the identity if there is no CSAT, so we need to keep the keyserver usernames
Test Plan

Tested that commbots username gets fetched (was seting with staging identity, because prod identity doesn't yet have Bartek's changes. I verified that prod identity also has commot in reservedUserIdentifiers).
Tested that usernames of users registered with identity still get fetched.

Verified that for a user with usingCSAT = false the usernames are not missing. Verified that usernames of users registered with usingCSAT = false are also present

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

inka requested review of this revision.Jul 31 2024, 6:44 AM
This revision is now accepted and ready to land.Aug 1 2024, 1:23 AM

As far as I have context, this makes sense!

NOTE: We should add a note on Releases and Beyond that we need to deploy prod Identity before releasing native/web

As far as I have context, this makes sense!

NOTE: We should add a note on Releases and Beyond that we need to deploy prod Identity before releasing native/web

Ohh, thank you for mentioning that