Page MenuHomePhabricator
Differential D13371

[lib] refactor `createOlmSessionWithPeer` -> `createOlmSessionsWithUser`
ClosedPublic
Actions

Authored by kamil on Sep 18 2024, 4:51 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Mar 25, 7:32 AM
Unknown Object (File)
Sun, Mar 9, 11:54 PM
Unknown Object (File)
Fri, Feb 28, 9:26 AM
Unknown Object (File)
Fri, Feb 28, 8:13 AM
Unknown Object (File)
Fri, Feb 28, 8:13 AM
Unknown Object (File)
Fri, Feb 28, 8:13 AM
Unknown Object (File)
Fri, Feb 28, 8:12 AM
Unknown Object (File)
Jan 25 2025, 6:57 PM
View All 67 Files
Subscribers
ashoat

Details

Reviewers
bartek
tomek
marcin
Commits
rCOMMa9f48d77d6a5: [lib] refactor `createOlmSessionWithPeer` -> `createOlmSessionsWithUser`
Summary

ENG-9106.

This API better matches Identity API, which returns data for all user devices.

Additionally, session creation for each device is done in parallel.

Test Plan

Tested in D13376

Diff Detail

Repository
rCOMM Comm
Branch
land-fixes
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

kamil created this revision.Sep 18 2024, 4:51 AM
kamil held this revision as a draft.
Herald added a subscriber: ashoat. · View Herald TranscriptSep 18 2024, 4:51 AM
kamil edited the summary of this revision. (Show Details)Sep 18 2024, 4:52 AM
kamil added inline comments.Sep 18 2024, 4:56 AM
lib/utils/crypto-utils.js
184 ↗(On Diff #44289)

This change is a fix for ENG-9278.

We shouldn't throw it as this is a regular case:

  • having singleton device list
  • having an out-of-sync device list in auxUserStore (e.g. device on logout failed to send updates) - created ENG-9332 to track.
kamil added a child revision: D13372: [lib] refactor `createOlmSessionWithPeer` -> `createOlmSessionsWithUser` in `PeerOlmSessionCreatorContextType`.Sep 18 2024, 5:01 AM
Harbormaster completed remote builds in B31679: Diff 44289.Sep 18 2024, 5:08 AM
kamil published this revision for review.Sep 18 2024, 5:42 AM
kamil edited the test plan for this revision. (Show Details)
ashoat added inline comments.Sep 18 2024, 6:01 AM
lib/components/peer-olm-session-creator-provider.react.js
13–16 ↗(On Diff #44289)

It's weird that this is defined here but SessionCreationOptions is defined above createOlmSessionsWithUser

Would it make sense to move this definition to be closer to SessionCreationOptions?

tomek accepted this revision.Sep 18 2024, 7:21 AM
This revision is now accepted and ready to land.Sep 18 2024, 7:21 AM
tomek added inline comments.Sep 18 2024, 7:23 AM
lib/utils/crypto-utils.js
243–247 ↗(On Diff #44289)

It might be a good idea to also log an exception

bartek accepted this revision.Sep 18 2024, 11:53 AM
kamil updated this revision to Diff 44322.Sep 19 2024, 1:19 AM
  • log exception
  • move type definition to a better place
Harbormaster completed remote builds in B31706: Diff 44322.Sep 19 2024, 1:44 AM
Closed by commit rCOMMa9f48d77d6a5: [lib] refactor `createOlmSessionWithPeer` -> `createOlmSessionsWithUser` (authored by kamil). · Explain WhySep 19 2024, 3:49 AM
This revision was automatically updated to reflect the committed changes.
kamil added a commit: rCOMMa9f48d77d6a5: [lib] refactor `createOlmSessionWithPeer` -> `createOlmSessionsWithUser`.

Revision Contents
Changeset List

PathSize
lib/
components/
7 lines
utils/
196 lines

Diff 44322

View Options

lib/components/peer-olm-session-creator-provider.react.js

// @flow // @flow
import invariant from 'invariant'; import invariant from 'invariant';
import * as React from 'react'; import * as React from 'react';
import { logOutActionTypes, useLogOut } from '../actions/user-actions.js'; import {
keyserverAuthActionTypes,
logOutActionTypes,
useKeyserverAuth,
useLogOut,
} from '../actions/user-actions.js';
import { extractKeyserverIDFromID } from '../keyserver-conn/keyserver-call-utils.js';
import { filterThreadIDsInFilterList } from '../reducers/calendar-filters-reducer.js';
import { import {
connectionSelector, connectionSelector,
cookieSelector, cookieSelector,
deviceTokenSelector,
} from '../selectors/keyserver-selectors.js'; } from '../selectors/keyserver-selectors.js';
import { IdentityClientContext } from '../shared/identity-client-context.js'; import { IdentityClientContext } from '../shared/identity-client-context.js';
import { OlmSessionCreatorContext } from '../shared/olm-session-creator-context.js'; import { OlmSessionCreatorContext } from '../shared/olm-session-creator-context.js';
import type { BaseSocketProps } from '../socket/socket.react.js'; import type { BaseSocketProps } from '../socket/socket.react.js';
import { logInActionSources } from '../types/account-types.js';
import { useDispatchActionPromise } from '../utils/redux-promise-utils.js'; import { useDispatchActionPromise } from '../utils/redux-promise-utils.js';
import { useSelector } from '../utils/redux-utils.js'; import { useSelector } from '../utils/redux-utils.js';
import { usingCommServicesAccessToken } from '../utils/services-utils.js'; import { usingCommServicesAccessToken } from '../utils/services-utils.js';
import { ashoatKeyserverID } from '../utils/validation-utils.js'; import { ashoatKeyserverID } from '../utils/validation-utils.js';
type Props = { type Props = {
...BaseSocketProps, ...BaseSocketProps,
+keyserverID: string, +keyserverID: string,
+socketComponent: React.ComponentType<BaseSocketProps>, +socketComponent: React.ComponentType<BaseSocketProps>,
}; };
function KeyserverConnectionHandler(props: Props) { function KeyserverConnectionHandler(props: Props) {
const { socketComponent: Socket, keyserverID, ...rest } = props; const { socketComponent: Socket, keyserverID, ...rest } = props;
const dispatchActionPromise = useDispatchActionPromise(); const dispatchActionPromise = useDispatchActionPromise();
const callLogOut = useLogOut(); const callLogOut = useLogOut();
const keyserverAuth = useKeyserverAuth();
const hasConnectionIssue = useSelector( const hasConnectionIssue = useSelector(
state => !!connectionSelector(keyserverID)(state)?.connectionIssue, state => !!connectionSelector(keyserverID)(state)?.connectionIssue,
); );
const cookie = useSelector(cookieSelector(keyserverID)); const cookie = useSelector(cookieSelector(keyserverID));
const keyserverDeviceToken = useSelector(deviceTokenSelector(keyserverID));
// We have an assumption that we should be always connected to Ashoat's
// keyserver. It is possible that a token which it has is correct, so we can
// try to use it. In worst case it is invalid and our push-handler will try
// to fix it.
ashoatUnsubmitted
Not Done
Inline Actions

This logic is a bit confusing.

I guess the reason we decided to store a separate deviceToken per keyserver is because we want to know if we've shared our deviceToken to that keyserver yet, not because we expect to have a different deviceToken per keyserver.

It would probably make more sense if we have a deviceTokenHasBeenUploaded: boolean in KeyserverInfo, and a deviceToken field at the top level of Redux. But we'll likely end up removing deviceTokens from keyservers soon anyways...

ashoat: This logic is a bit confusing. I guess the reason we decided to store a separate `deviceToken`…
tomekAuthorUnsubmitted
Done
Inline Actions

It would probably make more sense if we have a deviceTokenHasBeenUploaded: boolean in KeyserverInfo, and a deviceToken field at the top level of Redux. But we'll likely end up removing deviceTokens from keyservers soon anyways...

Agree. But moving the token to Tunnelbroker will simplify it even more. For now, I don't think it is worth fixing now.

tomek: > It would probably make more sense if we have a deviceTokenHasBeenUploaded: boolean in…
const ashoatKeyserverDeviceToken = useSelector(
deviceTokenSelector(ashoatKeyserverID),
);
const deviceToken = keyserverDeviceToken ?? ashoatKeyserverDeviceToken;
const navInfo = useSelector(state => state.navInfo);
const calendarFilters = useSelector(state => state.calendarFilters);
const calendarQuery = React.useMemo(() => {
const filters = filterThreadIDsInFilterList(
calendarFilters,
(threadID: string) => extractKeyserverIDFromID(threadID) === keyserverID,
);
return {
startDate: navInfo.startDate,
endDate: navInfo.endDate,
filters,
};
}, [calendarFilters, keyserverID, navInfo.endDate, navInfo.startDate]);
React.useEffect(() => { React.useEffect(() => {
if (hasConnectionIssue) { if (hasConnectionIssue) {
void dispatchActionPromise(logOutActionTypes, callLogOut()); void dispatchActionPromise(logOutActionTypes, callLogOut());
} }
}, [callLogOut, hasConnectionIssue, dispatchActionPromise]); }, [callLogOut, hasConnectionIssue, dispatchActionPromise]);
const identityContext = React.useContext(IdentityClientContext); const identityContext = React.useContext(IdentityClientContext);
invariant(identityContext, 'Identity context should be set'); invariant(identityContext, 'Identity context should be set');
const { identityClient } = identityContext; const { identityClient, getAuthMetadata } = identityContext;
const olmSessionCreator = React.useContext(OlmSessionCreatorContext); const olmSessionCreator = React.useContext(OlmSessionCreatorContext);
invariant(olmSessionCreator, 'Olm session creator should be set'); invariant(olmSessionCreator, 'Olm session creator should be set');
React.useEffect(() => { React.useEffect(() => {
if (!usingCommServicesAccessToken) { if (!usingCommServicesAccessToken) {
return; return;
} }
void (async () => { void (async () => {
try { try {
const keyserverKeys = const keyserverKeys =
await identityClient.getKeyserverKeys(keyserverID); await identityClient.getKeyserverKeys(keyserverID);
// eslint-disable-next-line no-unused-vars
const [notifsSession, contentSession] = await Promise.all([ const [notifsSession, contentSession] = await Promise.all([
olmSessionCreator.notificationsSessionCreator( olmSessionCreator.notificationsSessionCreator(
cookie, cookie,
keyserverKeys.identityKeysBlob.notificationIdentityPublicKeys, keyserverKeys.identityKeysBlob.notificationIdentityPublicKeys,
keyserverKeys.notifInitializationInfo, keyserverKeys.notifInitializationInfo,
keyserverID, keyserverID,
), ),
olmSessionCreator.contentSessionCreator( olmSessionCreator.contentSessionCreator(
keyserverKeys.identityKeysBlob.primaryIdentityPublicKeys, keyserverKeys.identityKeysBlob.primaryIdentityPublicKeys,
keyserverKeys.contentInitializationInfo, keyserverKeys.contentInitializationInfo,
), ),
]); ]);
const { userID, deviceID } = await getAuthMetadata();
invariant(userID, 'userID should be set');
invariant(deviceID, 'deviceID should be set');
const deviceTokenUpdateInput = deviceToken
? { [keyserverID]: { deviceToken } }
: {};
await dispatchActionPromise(
keyserverAuthActionTypes,
keyserverAuth({
userID,
deviceID,
doNotRegister: false,
calendarQuery,
deviceTokenUpdateInput,
logInActionSource: process.env.BROWSER
? logInActionSources.keyserverAuthFromWeb
: logInActionSources.keyserverAuthFromNative,
keyserverData: {
[keyserverID]: {
initialContentEncryptedMessage: contentSession,
initialNotificationsEncryptedMessage: notifsSession,
},
},
}),
);
} catch (e) { } catch (e) {
console.log( console.log(
`Error getting keys for keyserver with id ${keyserverID}`, `Error while authenticating to keyserver with id ${keyserverID}`,
e, e,
); );
} }
})(); })();
}, [keyserverID, identityClient, olmSessionCreator, cookie]); }, [
keyserverID,
identityClient,
olmSessionCreator,
cookie,
getAuthMetadata,
dispatchActionPromise,
keyserverAuth,
deviceToken,
calendarQuery,
]);
if (keyserverID !== ashoatKeyserverID) { if (keyserverID !== ashoatKeyserverID) {
return null; return null;
} }
return <Socket {...rest} />; return <Socket {...rest} />;
} }
const Handler: React.ComponentType<Props> = React.memo<Props>( const Handler: React.ComponentType<Props> = React.memo<Props>(
KeyserverConnectionHandler, KeyserverConnectionHandler,
); );
export default Handler; export default Handler;
View Options

lib/utils/crypto-utils.js

// @flow // @flow
import invariant from 'invariant'; import invariant from 'invariant';
import * as React from 'react'; import * as React from 'react';
import { logOutActionTypes, useLogOut } from '../actions/user-actions.js'; import {
keyserverAuthActionTypes,
logOutActionTypes,
useKeyserverAuth,
useLogOut,
} from '../actions/user-actions.js';
import { extractKeyserverIDFromID } from '../keyserver-conn/keyserver-call-utils.js';
import { filterThreadIDsInFilterList } from '../reducers/calendar-filters-reducer.js';
import { import {
connectionSelector, connectionSelector,
cookieSelector, cookieSelector,
deviceTokenSelector,
} from '../selectors/keyserver-selectors.js'; } from '../selectors/keyserver-selectors.js';
import { IdentityClientContext } from '../shared/identity-client-context.js'; import { IdentityClientContext } from '../shared/identity-client-context.js';
import { OlmSessionCreatorContext } from '../shared/olm-session-creator-context.js'; import { OlmSessionCreatorContext } from '../shared/olm-session-creator-context.js';
import type { BaseSocketProps } from '../socket/socket.react.js'; import type { BaseSocketProps } from '../socket/socket.react.js';
import { logInActionSources } from '../types/account-types.js';
import { useDispatchActionPromise } from '../utils/redux-promise-utils.js'; import { useDispatchActionPromise } from '../utils/redux-promise-utils.js';
import { useSelector } from '../utils/redux-utils.js'; import { useSelector } from '../utils/redux-utils.js';
import { usingCommServicesAccessToken } from '../utils/services-utils.js'; import { usingCommServicesAccessToken } from '../utils/services-utils.js';
import { ashoatKeyserverID } from '../utils/validation-utils.js'; import { ashoatKeyserverID } from '../utils/validation-utils.js';
type Props = { type Props = {
...BaseSocketProps, ...BaseSocketProps,
+keyserverID: string, +keyserverID: string,
+socketComponent: React.ComponentType<BaseSocketProps>, +socketComponent: React.ComponentType<BaseSocketProps>,
}; };
function KeyserverConnectionHandler(props: Props) { function KeyserverConnectionHandler(props: Props) {
const { socketComponent: Socket, keyserverID, ...rest } = props; const { socketComponent: Socket, keyserverID, ...rest } = props;
const dispatchActionPromise = useDispatchActionPromise(); const dispatchActionPromise = useDispatchActionPromise();
const callLogOut = useLogOut(); const callLogOut = useLogOut();
const keyserverAuth = useKeyserverAuth();
const hasConnectionIssue = useSelector( const hasConnectionIssue = useSelector(
state => !!connectionSelector(keyserverID)(state)?.connectionIssue, state => !!connectionSelector(keyserverID)(state)?.connectionIssue,
); );
const cookie = useSelector(cookieSelector(keyserverID)); const cookie = useSelector(cookieSelector(keyserverID));
const keyserverDeviceToken = useSelector(deviceTokenSelector(keyserverID));
// We have an assumption that we should be always connected to Ashoat's
// keyserver. It is possible that a token which it has is correct, so we can
// try to use it. In worst case it is invalid and our push-handler will try
// to fix it.
ashoatUnsubmitted
Not Done
Inline Actions

This logic is a bit confusing.

I guess the reason we decided to store a separate deviceToken per keyserver is because we want to know if we've shared our deviceToken to that keyserver yet, not because we expect to have a different deviceToken per keyserver.

It would probably make more sense if we have a deviceTokenHasBeenUploaded: boolean in KeyserverInfo, and a deviceToken field at the top level of Redux. But we'll likely end up removing deviceTokens from keyservers soon anyways...

ashoat: This logic is a bit confusing. I guess the reason we decided to store a separate `deviceToken`…
tomekAuthorUnsubmitted
Done
Inline Actions

It would probably make more sense if we have a deviceTokenHasBeenUploaded: boolean in KeyserverInfo, and a deviceToken field at the top level of Redux. But we'll likely end up removing deviceTokens from keyservers soon anyways...

Agree. But moving the token to Tunnelbroker will simplify it even more. For now, I don't think it is worth fixing now.

tomek: > It would probably make more sense if we have a deviceTokenHasBeenUploaded: boolean in…
const ashoatKeyserverDeviceToken = useSelector(
deviceTokenSelector(ashoatKeyserverID),
);
const deviceToken = keyserverDeviceToken ?? ashoatKeyserverDeviceToken;
const navInfo = useSelector(state => state.navInfo);
const calendarFilters = useSelector(state => state.calendarFilters);
const calendarQuery = React.useMemo(() => {
const filters = filterThreadIDsInFilterList(
calendarFilters,
(threadID: string) => extractKeyserverIDFromID(threadID) === keyserverID,
);
return {
startDate: navInfo.startDate,
endDate: navInfo.endDate,
filters,
};
}, [calendarFilters, keyserverID, navInfo.endDate, navInfo.startDate]);
React.useEffect(() => { React.useEffect(() => {
if (hasConnectionIssue) { if (hasConnectionIssue) {
void dispatchActionPromise(logOutActionTypes, callLogOut()); void dispatchActionPromise(logOutActionTypes, callLogOut());
} }
}, [callLogOut, hasConnectionIssue, dispatchActionPromise]); }, [callLogOut, hasConnectionIssue, dispatchActionPromise]);
const identityContext = React.useContext(IdentityClientContext); const identityContext = React.useContext(IdentityClientContext);
invariant(identityContext, 'Identity context should be set'); invariant(identityContext, 'Identity context should be set');
const { identityClient } = identityContext; const { identityClient, getAuthMetadata } = identityContext;
const olmSessionCreator = React.useContext(OlmSessionCreatorContext); const olmSessionCreator = React.useContext(OlmSessionCreatorContext);
invariant(olmSessionCreator, 'Olm session creator should be set'); invariant(olmSessionCreator, 'Olm session creator should be set');
React.useEffect(() => { React.useEffect(() => {
if (!usingCommServicesAccessToken) { if (!usingCommServicesAccessToken) {
return; return;
} }
void (async () => { void (async () => {
try { try {
const keyserverKeys = const keyserverKeys =
await identityClient.getKeyserverKeys(keyserverID); await identityClient.getKeyserverKeys(keyserverID);
// eslint-disable-next-line no-unused-vars
const [notifsSession, contentSession] = await Promise.all([ const [notifsSession, contentSession] = await Promise.all([
olmSessionCreator.notificationsSessionCreator( olmSessionCreator.notificationsSessionCreator(
cookie, cookie,
keyserverKeys.identityKeysBlob.notificationIdentityPublicKeys, keyserverKeys.identityKeysBlob.notificationIdentityPublicKeys,
keyserverKeys.notifInitializationInfo, keyserverKeys.notifInitializationInfo,
keyserverID, keyserverID,
), ),
olmSessionCreator.contentSessionCreator( olmSessionCreator.contentSessionCreator(
keyserverKeys.identityKeysBlob.primaryIdentityPublicKeys, keyserverKeys.identityKeysBlob.primaryIdentityPublicKeys,
keyserverKeys.contentInitializationInfo, keyserverKeys.contentInitializationInfo,
), ),
]); ]);
const { userID, deviceID } = await getAuthMetadata();
invariant(userID, 'userID should be set');
invariant(deviceID, 'deviceID should be set');
const deviceTokenUpdateInput = deviceToken
? { [keyserverID]: { deviceToken } }
: {};
await dispatchActionPromise(
keyserverAuthActionTypes,
keyserverAuth({
userID,
deviceID,
doNotRegister: false,
calendarQuery,
deviceTokenUpdateInput,
logInActionSource: process.env.BROWSER
? logInActionSources.keyserverAuthFromWeb
: logInActionSources.keyserverAuthFromNative,
keyserverData: {
[keyserverID]: {
initialContentEncryptedMessage: contentSession,
initialNotificationsEncryptedMessage: notifsSession,
},
},
}),
);
} catch (e) { } catch (e) {
console.log( console.log(
`Error getting keys for keyserver with id ${keyserverID}`, `Error while authenticating to keyserver with id ${keyserverID}`,
e, e,
); );
} }
})(); })();
}, [keyserverID, identityClient, olmSessionCreator, cookie]); }, [
keyserverID,
identityClient,
olmSessionCreator,
cookie,
getAuthMetadata,
dispatchActionPromise,
keyserverAuth,
deviceToken,
calendarQuery,
]);
if (keyserverID !== ashoatKeyserverID) { if (keyserverID !== ashoatKeyserverID) {
return null; return null;
} }
return <Socket {...rest} />; return <Socket {...rest} />;
} }
const Handler: React.ComponentType<Props> = React.memo<Props>( const Handler: React.ComponentType<Props> = React.memo<Props>(
KeyserverConnectionHandler, KeyserverConnectionHandler,
); );
export default Handler; export default Handler;