keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

UD auth for profile fetching

Browse Source 
Converging with Android, use UnidentifiedAccess getter
pull/1/head
Michael Kirk 7 years ago
parent 0be1f8cca2
commit fb2abdcd1a
5 changed files with 81 additions and 54 deletions
Show Stats Download Patch File Download Diff File

16
SignalMessaging/profiles/ProfileFetcherJob.swift
Unescape Escape View File

@ -134,13 +134,14 @@ public class ProfileFetcherJob: NSObject {
Logger.error("getProfile: \(recipientId)")
// TODO: Use UD socket for some profile gets.
if socketManager.canMakeRequests(of: .default) {
let request = OWSRequestFactory.getProfileRequest(recipientId: recipientId, unidentifiedAccess: nil)
let unidentifiedAccess: SSKUnidentifiedAccess? = self.getUnidentifiedAccess(forRecipientId: recipientId)
let socketType: OWSWebSocketType = unidentifiedAccess == nil ? .default : .UD
if socketManager.canMakeRequests(of: socketType) {
let request = OWSRequestFactory.getProfileRequest(recipientId: recipientId, unidentifiedAccess: unidentifiedAccess)
let (promise, fulfill, reject) = Promise<SignalServiceProfile>.pending()
self.socketManager.make(request,
webSocketType: .default,
webSocketType: socketType,
success: { (responseObject: Any?) -> Void in
do {
let profile = try SignalServiceProfile(recipientId: recipientId, responseObject: responseObject)
@ -154,8 +155,7 @@ public class ProfileFetcherJob: NSObject {
})
return promise
} else {
// TODO unidentified AUTH
return self.signalServiceClient.retrieveProfile(recipientId: recipientId, unidentifiedAccess: nil)
return self.signalServiceClient.retrieveProfile(recipientId: recipientId, unidentifiedAccess: unidentifiedAccess)
}
}
@ -207,4 +207,8 @@ public class ProfileFetcherJob: NSObject {
}
}
}
private func getUnidentifiedAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccess? {
return self.udManager.getAccess(forRecipientId: recipientId)?.targetUnidentifiedAccess
}
}

26
SignalServiceKit/src/Messages/OWSMessageSend.swift
Unescape Escape View File

@ -62,35 +62,17 @@ public class OWSMessageSend: NSObject {
self.message = message
self.thread = thread
self.recipient = recipient
self.localNumber = localNumber
let senderCertificate = senderCertificate
let udAccessKey: SMKUDAccessKey?
var isLocalNumber: Bool
if let recipientId = recipient.uniqueId {
switch udManager.unidentifiedAccessMode(recipientId: recipientId) {
case .enabled:
udAccessKey = udManager.udAccessKeyForRecipient(recipientId)
case .unrestricted:
udAccessKey = udManager.generateAccessKeyForUnrestrictedRecipient()
case .disabled, .unknown:
udAccessKey = nil
}
isLocalNumber = localNumber == recipientId
self.unidentifiedAccess = udManager.getAccess(forRecipientId: recipientId)?.targetUnidentifiedAccess
self.isLocalNumber = localNumber == recipientId
} else {
isLocalNumber = false
udAccessKey = nil
owsFailDebug("SignalRecipient missing recipientId")
}
if let udAccessKey = udAccessKey, let senderCertificate = senderCertificate {
self.unidentifiedAccess = SSKUnidentifiedAccess(accessKey: udAccessKey, senderCertificate: senderCertificate)
} else {
self.isLocalNumber = false
self.unidentifiedAccess = nil
}
self.localNumber = localNumber
self.isLocalNumber = isLocalNumber
self.success = success
self.failure = failure
}

48
SignalServiceKit/src/Messages/UD/OWSUDManager.swift
Unescape Escape View File

@ -29,17 +29,15 @@ public enum UnidentifiedAccessMode: Int {
// MARK: - Recipient State
@objc
func unidentifiedAccessMode(recipientId: String) -> UnidentifiedAccessMode
func setUnidentifiedAccessMode(_ mode: UnidentifiedAccessMode, recipientId: String)
@objc
func setUnidentifiedAccessMode(_ mode: UnidentifiedAccessMode, recipientId: String)
func getAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccessPair?
// Returns the UD access key for a given recipient if they are
// a UD recipient and we have a valid profile key for them.
@objc func udAccessKeyForRecipient(_ recipientId: String) -> SMKUDAccessKey?
@objc func udAccessKeyForRecipient(_ recipientId: RecipientIdentifier) -> SMKUDAccessKey?
@objc
func generateAccessKeyForUnrestrictedRecipient() -> SMKUDAccessKey
// MARK: - Local State
// MARK: Sender Certificate
@ -112,7 +110,38 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
// MARK: - Recipient state
@objc
public func unidentifiedAccessMode(recipientId: String) -> UnidentifiedAccessMode {
public func getAccess(forRecipientId recipientId: RecipientIdentifier) -> SSKUnidentifiedAccessPair? {
guard let theirAccessKey = self.udAccessKeyForRecipient(recipientId) else {
return nil
}
guard let ourSenderCertificate = self.senderCertificate() else {
return nil
}
guard let ourAccessKey: SMKUDAccessKey = {
if self.shouldAllowUnrestrictedAccessLocal() {
return SMKUDAccessKey(randomKeyData: ())
} else {
guard let localNumber = self.tsAccountManager.localNumber() else {
owsFailDebug("localNumber was unexpectedly nil")
return nil
}
return self.udAccessKeyForRecipient(localNumber)
}
}() else {
return nil
}
let targetUnidentifiedAccess = SSKUnidentifiedAccess(accessKey: theirAccessKey, senderCertificate: ourSenderCertificate)
let selfUnidentifiedAccess = SSKUnidentifiedAccess(accessKey: ourAccessKey, senderCertificate: ourSenderCertificate)
return SSKUnidentifiedAccessPair(targetUnidentifiedAccess: targetUnidentifiedAccess,
selfUnidentifiedAccess: selfUnidentifiedAccess)
}
@objc
private func unidentifiedAccessMode(recipientId: RecipientIdentifier) -> UnidentifiedAccessMode {
if tsAccountManager.localNumber() == recipientId {
if shouldAllowUnrestrictedAccessLocal() {
return .unrestricted
@ -135,7 +164,7 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
// Returns the UD access key for a given recipient
// if we have a valid profile key for them.
@objc
public func udAccessKeyForRecipient(_ recipientId: String) -> SMKUDAccessKey? {
public func udAccessKeyForRecipient(_ recipientId: RecipientIdentifier) -> SMKUDAccessKey? {
guard let profileKey = profileManager.profileKeyData(forRecipientId: recipientId) else {
// Mark as "not a UD recipient".
return nil
@ -149,11 +178,6 @@ public class OWSUDManagerImpl: NSObject, OWSUDManager {
}
}
@objc
public func generateAccessKeyForUnrestrictedRecipient() -> SMKUDAccessKey {
return SMKUDAccessKey(randomKeyData: ())
}
// MARK: - Sender Certificate
#if DEBUG

14
SignalServiceKit/src/Network/SignalServiceClient.swift
Unescape Escape View File

@ -8,20 +8,6 @@ import SignalMetadataKit
public typealias RecipientIdentifier = String
@objc
public class SSKUnidentifiedAccess: NSObject {
@objc
let accessKey: SMKUDAccessKey
@objc
let senderCertificate: SMKSenderCertificate
init(accessKey: SMKUDAccessKey, senderCertificate: SMKSenderCertificate) {
self.accessKey = accessKey
self.senderCertificate = senderCertificate
}
}
public protocol SignalServiceClient {
func getAvailablePreKeys() -> Promise<Int>
func registerPreKeys(identityKey: IdentityKey, signedPreKeyRecord: SignedPreKeyRecord, preKeyRecords: [PreKeyRecord]) -> Promise<Void>

31
SignalServiceKit/src/Network/UnidentifiedAccess.swift
Unescape Escape View File

@ -0,0 +1,31 @@
//
// Copyright (c) 2018 Open Whisper Systems. All rights reserved.
//
import Foundation
import SignalMetadataKit
@objc
public class SSKUnidentifiedAccessPair: NSObject {
public let targetUnidentifiedAccess: SSKUnidentifiedAccess
public let selfUnidentifiedAccess: SSKUnidentifiedAccess
init(targetUnidentifiedAccess: SSKUnidentifiedAccess, selfUnidentifiedAccess: SSKUnidentifiedAccess) {
self.targetUnidentifiedAccess = targetUnidentifiedAccess
self.selfUnidentifiedAccess = selfUnidentifiedAccess
}
}
@objc
public class SSKUnidentifiedAccess: NSObject {
@objc
let accessKey: SMKUDAccessKey
@objc
let senderCertificate: SMKSenderCertificate
init(accessKey: SMKUDAccessKey, senderCertificate: SMKSenderCertificate) {
self.accessKey = accessKey
self.senderCertificate = senderCertificate
}
}
Write Preview
Loading…
Cancel
Save