Merge pull request #1974 from IABTechLab/gdm-hotfix

Made refreshFrom not nullable

Author: gmsdelmundo

pom.xml

@@ -22,7 +22,7 @@
         <enclave-aws.version>2.1.0</enclave-aws.version>
         <enclave-azure.version>2.1.13</enclave-azure.version>
         <enclave-gcp.version>2.1.0</enclave-gcp.version>
-        <uid2-shared.version>10.9.0</uid2-shared.version>
+        <uid2-shared.version>11.0.4</uid2-shared.version>
         <image.version>${project.version}</image.version>
         <maven.compiler.source>21</maven.compiler.source>
         <maven.compiler.target>21</maven.compiler.target>

src/main/java/com/uid2/operator/service/UIDOperatorService.java

@@ -10,8 +10,6 @@
 import io.vertx.core.AsyncResult;
 import io.vertx.core.Future;
 import io.vertx.core.Handler;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import java.time.Clock;
 import java.time.Duration;
@@ -28,7 +26,6 @@ public class UIDOperatorService implements IUIDOperatorService {
     public static final String IDENTITY_TOKEN_EXPIRES_AFTER_SECONDS = "identity_token_expires_after_seconds";
     public static final String REFRESH_TOKEN_EXPIRES_AFTER_SECONDS = "refresh_token_expires_after_seconds";
     public static final String REFRESH_IDENTITY_TOKEN_AFTER_SECONDS = "refresh_identity_token_after_seconds";
-    private static final Logger LOGGER = LoggerFactory.getLogger(UIDOperatorService.class);
 
     private static final Instant REFRESH_CUTOFF = LocalDateTime.parse("2021-03-08T17:00:00", DateTimeFormatter.ISO_LOCAL_DATE_TIME).toInstant(ZoneOffset.UTC);
     private static final long DAY_IN_MS = Duration.ofDays(1).toMillis();
@@ -174,7 +171,7 @@ public List<SaltEntry> getModifiedBuckets(Instant sinceTimestamp) {
 
     private ISaltProvider.ISaltSnapshot getSaltProviderSnapshot(Instant asOf) {
         ISaltProvider.ISaltSnapshot snapshot = this.saltProvider.getSnapshot(asOf);
-        if(snapshot.getExpires().isBefore(Instant.now())) {
+        if (snapshot.getExpires().isBefore(Instant.now())) {
             saltRetrievalResponseHandler.handle(true);
         } else {
             saltRetrievalResponseHandler.handle(false);
@@ -255,8 +252,8 @@ private byte[] getPreviousAdvertisingId(UserIdentity firstLevelHashIdentity, Sal
     }
 
     private long getRefreshFrom(SaltEntry rotatingSalt, Instant asOf) {
-        Long refreshFrom = rotatingSalt.refreshFrom();
-        if (refreshFrom == null || refreshFrom < asOf.toEpochMilli()) {
+        long refreshFrom = rotatingSalt.refreshFrom();
+        if (refreshFrom < asOf.toEpochMilli()) {
             return asOf.truncatedTo(DAYS).plus(1, DAYS).toEpochMilli();
         }
         return refreshFrom;
@@ -297,8 +294,7 @@ static protected class GlobalOptoutResult {
         private final Instant time;
 
         //providedTime can be null if isOptedOut is false!
-        GlobalOptoutResult(Instant providedTime)
-        {
+        GlobalOptoutResult(Instant providedTime) {
             isOptedOut = providedTime != null;
             time = providedTime;
         }

src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java

@@ -64,7 +64,6 @@
 
 import javax.crypto.SecretKey;
 import java.math.BigInteger;
-import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
 import java.security.*;
 import java.time.*;
@@ -91,7 +90,7 @@ public class UIDOperatorVerticleTest {
     private static final Instant legacyClientCreationDateTime = Instant.ofEpochSecond(OPT_OUT_CHECK_CUTOFF_DATE).minus(1, ChronoUnit.SECONDS);
     private static final Instant newClientCreationDateTime = Instant.ofEpochSecond(OPT_OUT_CHECK_CUTOFF_DATE).plus(1, ChronoUnit.SECONDS);
     private static final String firstLevelSalt = "first-level-salt";
-    private static final SaltEntry rotatingSalt123 = new SaltEntry(123, "hashed123", 0, "salt123", null, null, null, null);
+    private static final SaltEntry rotatingSalt123 = new SaltEntry(123, "hashed123", 0, "salt123", 1000L, "prevSalt123", null, null);
     private static final Duration identityExpiresAfter = Duration.ofMinutes(10);
     private static final Duration refreshExpiresAfter = Duration.ofMinutes(15);
     private static final Duration refreshIdentityAfter = Duration.ofMinutes(5);
@@ -105,7 +104,6 @@ public class UIDOperatorVerticleTest {
     private static final String iosClientVersionHeaderValue = "ios-1.2.3";
     private static final String tvosClientVersionHeaderValue = "tvos-1.2.3";
     private static final int clientSideTokenGenerateSiteId = 123;
-
     private static final int optOutStatusMaxRequestSize = 1000;
 
     @Mock
@@ -144,7 +142,7 @@ public class UIDOperatorVerticleTest {
     private final JsonObject config = new JsonObject();
 
     @BeforeEach
-    public void deployVerticle(Vertx vertx, VertxTestContext testContext, TestInfo testInfo) {
+    void deployVerticle(Vertx vertx, VertxTestContext testContext, TestInfo testInfo) {
         when(saltProvider.getSnapshot(any())).thenReturn(saltProviderSnapshot);
         when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().plus(1, ChronoUnit.HOURS));
         when(clock.instant()).thenAnswer(i -> now);
@@ -174,7 +172,7 @@ public void deployVerticle(Vertx vertx, VertxTestContext testContext, TestInfo t
     }
 
     @AfterEach
-    public void teardown() throws Exception {
+    void teardown() {
         Metrics.globalRegistry.remove(registry);
     }
 
@@ -232,14 +230,6 @@ private void clearAuth() {
         when(clientKeyProvider.get(any())).thenReturn(null);
     }
 
-    private static String urlEncode(String value) {
-        try {
-            return URLEncoder.encode(value, StandardCharsets.UTF_8);
-        } catch (Exception e) {
-            return null;
-        }
-    }
-
     private String getUrlForEndpoint(String endpoint) {
         return String.format("http://127.0.0.1:%d/%s", Const.Port.ServicePortForOperator + Utils.getPortOffset(), endpoint);
     }
@@ -281,7 +271,6 @@ protected void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expe
         sendTokenGenerate(vertx, v2PostPayload, expectedHttpCode, null, handler, true, Collections.emptyMap());
     }
 
-
     protected void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expectedHttpCode,
                                      Handler<JsonObject> handler, Map<String, String> additionalHeaders) {
         sendTokenGenerate(vertx, v2PostPayload, expectedHttpCode, null, handler, true, additionalHeaders);
@@ -297,7 +286,6 @@ private void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expect
     }
 
     private void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expectedHttpCode, String referer, Handler<JsonObject> handler, boolean additionalParams, Map<String, String> additionalHeaders) {
-
         ClientKey ck = (ClientKey) clientKeyProvider.get("");
 
         long nonce = new BigInteger(Random.getBytes(8)).longValue();
@@ -1203,7 +1191,8 @@ void v3IdentityMapMissingValidInputKeys(String inputPayload, Vertx vertx, VertxT
     }
 
     @ParameterizedTest
-    @ValueSource(strings = {"{\"invalid_key\": []}",
+    @ValueSource(strings = {
+            "{\"invalid_key\": []}",
             "{\"email\": [ null ]}",
             "{\"email\": [ \"some_email\", null ]}"
     })
@@ -1408,10 +1397,12 @@ void tokenGenerateNewClientWrongPolicySpecifiedOlderKeySuccessful(String policyP
     }
 
     @ParameterizedTest // TODO: remove test after optout check phase 3
-    @CsvSource({"policy,[email protected],Email",
+    @CsvSource({
+            "policy,[email protected],Email",
             "policy,+01234567890,Phone",
             "optout_check,[email protected],Email",
-            "optout_check,+01234567890,Phone"})
+            "optout_check,+01234567890,Phone"
+    })
     void tokenGenerateOptOutToken(String policyParameterKey, String identity, IdentityType identityType,
                                   Vertx vertx, VertxTestContext testContext) {
         ClientKey oldClientKey = new ClientKey(
@@ -1475,8 +1466,7 @@ void tokenGenerateOptOutToken(String policyParameterKey, String identity, Identi
                             TokenResponseStatsCollector.ResponseStatus.Success,
                             TokenResponseStatsCollector.PlatformType.Other);
 
-                    sendTokenRefresh(vertx, testContext, body.getString("refresh_token"), body.getString("refresh_response_key"), 200, refreshRespJson ->
-                    {
+                    sendTokenRefresh(vertx, testContext, body.getString("refresh_token"), body.getString("refresh_response_key"), 200, refreshRespJson -> {
                         assertEquals("optout", refreshRespJson.getString("status"));
                         JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                         assertNull(refreshBody);
@@ -1491,10 +1481,12 @@ void tokenGenerateOptOutToken(String policyParameterKey, String identity, Identi
     }
 
     @ParameterizedTest // TODO: remove test after optout check phase 3
-    @CsvSource({"policy,[email protected],Email",
+    @CsvSource({
+            "policy,[email protected],Email",
             "policy,+01234567890,Phone",
             "optout_check,[email protected],Email",
-            "optout_check,+01234567890,Phone"})
+            "optout_check,+01234567890,Phone"
+    })
     void tokenGenerateOptOutTokenWithDisableOptoutTokenFF(String policyParameterKey, String identity, IdentityType identityType,
                                                           Vertx vertx, VertxTestContext testContext) {
         ClientKey oldClientKey = new ClientKey(
@@ -1637,8 +1629,7 @@ void tokenGenerateThenRefresh(String contentType, Vertx vertx, VertxTestContext
 
             when(this.optOutStore.getLatestEntry(any())).thenReturn(null);
 
-            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson ->
-            {
+            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson -> {
                 assertEquals("success", refreshRespJson.getString("status"));
                 JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                 assertNotNull(refreshBody);
@@ -1697,8 +1688,7 @@ void tokenGenerateThenRefreshSaltsExpired(Vertx vertx, VertxTestContext testCont
 
             when(this.optOutStore.getLatestEntry(any())).thenReturn(null);
 
-            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson ->
-            {
+            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson -> {
                 assertEquals("success", refreshRespJson.getString("status"));
                 JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                 assertNotNull(refreshBody);
@@ -1760,16 +1750,14 @@ void tokenGenerateThenRefreshNoActiveKey(Vertx vertx, VertxTestContext testConte
                     String genRefreshToken = bodyJson.getString("refresh_token");
 
                     setupKeys(true);
-                    sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 500, refreshRespJson ->
-                    {
+                    sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 500, refreshRespJson -> {
                         assertFalse(refreshRespJson.containsKey("body"));
                         assertEquals("No active encryption key available", refreshRespJson.getString("message"));
                         testContext.completeNow();
                     }, Map.of(ClientVersionHeader, androidClientVersionHeaderValue));
                 });
     }
 
-
     @Test
     void tokenGenerateThenValidateWithEmail_Match(Vertx vertx, VertxTestContext testContext) {
         final int clientSiteId = 201;
@@ -2713,8 +2701,7 @@ void tokenGenerateThenRefreshForPhone(Vertx vertx, VertxTestContext testContext)
 
             when(this.optOutStore.getLatestEntry(any())).thenReturn(null);
 
-            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson ->
-            {
+            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson -> {
                 assertEquals("success", refreshRespJson.getString("status"));
                 JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                 assertNotNull(refreshBody);
@@ -3216,7 +3203,7 @@ void cstgNoIdentityHashProvided(Vertx vertx, VertxTestContext testContext) throw
     @ParameterizedTest
     @CsvSource({
             "https://blahblah.com",
-            "http://local1host:8080", //intentionally spelling localhost wrong here!
+            "http://local1host:8080" //intentionally spelling localhost wrong here!
     })
     void cstgDomainNameCheckFails(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend();
@@ -3245,7 +3232,7 @@ void cstgDomainNameCheckFails(String httpOrigin, Vertx vertx, VertxTestContext t
     @CsvSource({
             "''", // An empty quoted value results in the empty string.
             "com.123",
-            "com.",
+            "com."
     })
     void cstgAppNameCheckFails(String appName, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend(Collections.emptyList(), List.of("com.123.Game.App.android"));
@@ -3275,7 +3262,7 @@ void cstgAppNameCheckFails(String appName, Vertx vertx, VertxTestContext testCon
 
     @ParameterizedTest
     @CsvSource({
-            "http://gototest.com",
+            "http://gototest.com"
     })
     void cstgDomainNameCheckFailsAndLogInvalidHttpOrigin(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         ListAppender<ILoggingEvent> logWatcher = new ListAppender<>();
@@ -3382,7 +3369,7 @@ void cstgDisabledAsUnauthorized(Vertx vertx, VertxTestContext testContext) throw
 
     @ParameterizedTest
     @CsvSource({
-            "http://gototest.com",
+            "http://gototest.com"
     })
     void cstgDomainNameCheckFailsAndLogSeveralInvalidHttpOrigin(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         ListAppender<ILoggingEvent> logWatcher = new ListAppender<>();
@@ -3425,7 +3412,7 @@ void cstgDomainNameCheckFailsAndLogSeveralInvalidHttpOrigin(String httpOrigin, V
     @CsvSource({
             "https://cstg.co.uk",
             "https://cstg2.com",
-            "http://localhost:8080",
+            "http://localhost:8080"
     })
     void cstgDomainNameCheckPasses(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend("cstg.co.uk", "cstg2.com", "localhost");
@@ -3452,7 +3439,7 @@ void cstgDomainNameCheckPasses(String httpOrigin, Vertx vertx, VertxTestContext
     @CsvSource({
             "com.123.Game.App.android",
             "com.123.game.app.android",
-            "123456789",
+            "123456789"
     })
     void cstgAppNameCheckPasses(String appName, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend(Collections.emptyList(), List.of("com.123.Game.App.android", "123456789"));
@@ -4034,7 +4021,7 @@ void cstgUserOptsOutAfterTokenGenerate(String id, IdentityType identityType, Ver
             "true,[email protected],Email",
             "true,+61400000000,Phone",
             "false,[email protected],Email",
-            "false,+61400000000,Phone",
+            "false,+61400000000,Phone"
     })
     void cstgSuccessForBothOptedAndNonOptedOutTest(boolean optOutExpected, String id, IdentityType identityType,
                                                    Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
@@ -4088,8 +4075,7 @@ void cstgSuccessForBothOptedAndNonOptedOutTest(boolean optOutExpected, String id
 
                     String genRefreshToken = genBody.getString("refresh_token");
                     //test a subsequent refresh from this cstg call and see if it still works
-                    sendTokenRefresh(vertx, testContext, genRefreshToken, genBody.getString("refresh_response_key"), 200, refreshRespJson ->
-                    {
+                    sendTokenRefresh(vertx, testContext, genRefreshToken, genBody.getString("refresh_response_key"), 200, refreshRespJson -> {
                         assertEquals("success", refreshRespJson.getString("status"));
                         JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                         assertNotNull(refreshBody);
@@ -4122,7 +4108,7 @@ void cstgSuccessForBothOptedAndNonOptedOutTest(boolean optOutExpected, String id
     @CsvSource({
             "https://cstg.co.uk",
             "https://cstg2.com",
-            "http://localhost:8080",
+            "http://localhost:8080"
     })
     void cstgSaltsExpired(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().minus(1, ChronoUnit.HOURS));
@@ -4171,7 +4157,7 @@ void cstgNoActiveKey(Vertx vertx, VertxTestContext testContext) throws NoSuchAlg
     @ParameterizedTest
     @CsvSource({
             "email_hash,[email protected]",
-            "phone_hash,1234567890",
+            "phone_hash,1234567890"
     })
     void cstgInvalidInput(String identityType, String rawUID, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend("cstg.co.uk");
@@ -5307,7 +5293,7 @@ void identityBucketsAlwaysReturnMilliseconds(Vertx vertx, VertxTestContext testC
 
         // SaltEntry with a lastUpdated that has 0 milliseconds
         long lastUpdatedMillis = Instant.parse("2024-01-01T00:00:00Z").toEpochMilli();
-        SaltEntry bucketEntry = new SaltEntry(456, "hashed456", lastUpdatedMillis, "salt456", null, null, null, null);
+        SaltEntry bucketEntry = new SaltEntry(456, "hashed456", lastUpdatedMillis, "salt456", 1000L, null, null, null);
         when(saltProviderSnapshot.getModifiedSince(any())).thenReturn(List.of(bucketEntry));
 
         String sinceTimestamp = "2023-12-31T00:00:00"; // earlier timestamp