diff --git a/scripts/aws/conf/euid-integ-config.json b/scripts/aws/conf/euid-integ-config.json index 0944b74e9..702bc9ff2 100644 --- a/scripts/aws/conf/euid-integ-config.json +++ b/scripts/aws/conf/euid-integ-config.json @@ -12,6 +12,5 @@ "optout_api_uri": "https://optout.integ.euid.eu/optout/replicate", "cloud_encryption_keys_metadata_path": "https://core.integ.euid.eu/cloud_encryption_keys/retrieve", "optout_s3_folder": "optout/", - "allow_legacy_api": false, "identity_scope": "euid" } \ No newline at end of file diff --git a/scripts/aws/conf/euid-prod-config.json b/scripts/aws/conf/euid-prod-config.json index e09b202f3..b9f043485 100644 --- a/scripts/aws/conf/euid-prod-config.json +++ b/scripts/aws/conf/euid-prod-config.json @@ -23,7 +23,6 @@ "identity_token_expires_after_seconds": 259200, "refresh_token_expires_after_seconds": 2592000, "refresh_identity_token_after_seconds": 3600, - "allow_legacy_api": false, "identity_scope": "euid", "refresh_token_v3": true, "enable_phone_support": true, diff --git a/scripts/aws/conf/uid2-prod-config.json b/scripts/aws/conf/uid2-prod-config.json index e143f098e..25ad8c7af 100644 --- a/scripts/aws/conf/uid2-prod-config.json +++ b/scripts/aws/conf/uid2-prod-config.json @@ -24,7 +24,6 @@ "identity_token_expires_after_seconds": 259200, "refresh_token_expires_after_seconds": 2592000, "refresh_identity_token_after_seconds": 3600, - "allow_legacy_api": false, "runtime_config_store": { "type": "http", "config" : { diff --git a/scripts/azure-cc/conf/default-config.json b/scripts/azure-cc/conf/default-config.json index f0205faeb..c7e8d6ab3 100644 --- a/scripts/azure-cc/conf/default-config.json +++ b/scripts/azure-cc/conf/default-config.json @@ -34,7 +34,6 @@ "identity_token_expires_after_seconds": 86400, "refresh_token_expires_after_seconds": 2592000, "refresh_identity_token_after_seconds": 3600, - "allow_legacy_api": false, "failure_shutdown_wait_hours": 120, "sharing_token_expiry_seconds": 2592000, "validate_service_links": false, diff --git a/scripts/gcp-oidc/conf/default-config.json b/scripts/gcp-oidc/conf/default-config.json index 3d804aaa1..bd09cac63 100644 --- a/scripts/gcp-oidc/conf/default-config.json +++ b/scripts/gcp-oidc/conf/default-config.json @@ -34,7 +34,6 @@ "identity_token_expires_after_seconds": 86400, "refresh_token_expires_after_seconds": 2592000, "refresh_identity_token_after_seconds": 3600, - "allow_legacy_api": false, "failure_shutdown_wait_hours": 120, "sharing_token_expiry_seconds": 2592000, "validate_service_links": false, diff --git a/scripts/gcp/conf/integ-config.json b/scripts/gcp/conf/integ-config.json index d3fb9e9ff..99d74dc7e 100644 --- a/scripts/gcp/conf/integ-config.json +++ b/scripts/gcp/conf/integ-config.json @@ -13,7 +13,6 @@ "refresh_identity_token_after_seconds": 3600, "enclave_platform": "gcp-vmid", "service_instances": 16, - "allow_legacy_api": false, "sharing_token_expiry_seconds": 2592000, "operator_type": "private" } diff --git a/scripts/gcp/conf/prod-config.json b/scripts/gcp/conf/prod-config.json index 836349c19..f8e1bed78 100644 --- a/scripts/gcp/conf/prod-config.json +++ b/scripts/gcp/conf/prod-config.json @@ -13,7 +13,6 @@ "refresh_identity_token_after_seconds": 3600, "enclave_platform": "gcp-vmid", "service_instances": 16, - "allow_legacy_api": false, "sharing_token_expiry_seconds": 2592000, "operator_type": "private" } diff --git a/src/main/java/com/uid2/operator/Const.java b/src/main/java/com/uid2/operator/Const.java index daa8862ee..31dcd4a4d 100644 --- a/src/main/java/com/uid2/operator/Const.java +++ b/src/main/java/com/uid2/operator/Const.java @@ -11,7 +11,6 @@ public class Config extends com.uid2.shared.Const.Config { public static final String StorageMockProp = "storage_mock"; public static final String StatsCollectorEventBus = "StatsCollector"; public static final String FailureShutdownWaitHoursProp = "failure_shutdown_wait_hours"; - public static final String AllowLegacyAPIProp = "allow_legacy_api"; public static final String SharingTokenExpiryProp = "sharing_token_expiry_seconds"; public static final String MaxBidstreamLifetimeSecondsProp = "max_bidstream_lifetime_seconds"; public static final String AllowClockSkewSecondsProp = "allow_clock_skew_seconds"; diff --git a/src/main/java/com/uid2/operator/monitoring/TokenResponseStatsCollector.java b/src/main/java/com/uid2/operator/monitoring/TokenResponseStatsCollector.java index a61446aa9..523afa16f 100644 --- a/src/main/java/com/uid2/operator/monitoring/TokenResponseStatsCollector.java +++ b/src/main/java/com/uid2/operator/monitoring/TokenResponseStatsCollector.java @@ -9,11 +9,7 @@ public class TokenResponseStatsCollector { public enum Endpoint { - GenerateV0, - GenerateV1, GenerateV2, - RefreshV0, - RefreshV1, RefreshV2, //it's the first version but the endpoint is v2/token/client-generate so we will call it v2 ClientSideTokenGenerateV2, diff --git a/src/main/java/com/uid2/operator/vertx/Endpoints.java b/src/main/java/com/uid2/operator/vertx/Endpoints.java index 81633a16c..be8fa0b05 100644 --- a/src/main/java/com/uid2/operator/vertx/Endpoints.java +++ b/src/main/java/com/uid2/operator/vertx/Endpoints.java @@ -6,20 +6,6 @@ public enum Endpoints { OPS_HEALTHCHECK("/ops/healthcheck"), - V0_KEY_LATEST("/key/latest"), - V0_TOKEN_GENERATE("/token/generate"), - V0_TOKEN_REFRESH("/token/refresh"), - V0_TOKEN_VALIDATE("/token/validate"), - V0_IDENTITY_MAP("/identity/map"), - V0_TOKEN_LOGOUT("/token/logout"), - - V1_TOKEN_GENERATE("/v1/token/generate"), - V1_TOKEN_VALIDATE("/v1/token/validate"), - V1_TOKEN_REFRESH("/v1/token/refresh"), - V1_IDENTITY_BUCKETS("/v1/identity/buckets"), - V1_IDENTITY_MAP("/v1/identity/map"), - V1_KEY_LATEST("/v1/key/latest"), - V2_TOKEN_GENERATE("/v2/token/generate"), V2_TOKEN_REFRESH("/v2/token/refresh"), V2_TOKEN_VALIDATE("/v2/token/validate"), diff --git a/src/main/java/com/uid2/operator/vertx/UIDOperatorVerticle.java b/src/main/java/com/uid2/operator/vertx/UIDOperatorVerticle.java index f8528556f..19c53343f 100644 --- a/src/main/java/com/uid2/operator/vertx/UIDOperatorVerticle.java +++ b/src/main/java/com/uid2/operator/vertx/UIDOperatorVerticle.java @@ -103,7 +103,6 @@ public class UIDOperatorVerticle extends AbstractVerticle { private final IOptOutStore optOutStore; private final IClientKeyProvider clientKeyProvider; private final Clock clock; - private final boolean allowLegacyAPI; private final boolean identityV3Enabled; private final boolean disableOptoutToken; private final UidInstanceIdProvider uidInstanceIdProvider; @@ -195,7 +194,6 @@ public UIDOperatorVerticle(IConfigStore configStore, this.saltRetrievalResponseHandler = saltRetrievalResponseHandler; this.optOutStatusApiEnabled = config.getBoolean(Const.Config.OptOutStatusApiEnabled, true); this.optOutStatusMaxRequestSize = config.getInteger(Const.Config.OptOutStatusMaxRequestSize, 5000); - this.allowLegacyAPI = config.getBoolean(Const.Config.AllowLegacyAPIProp, false); this.identityV3Enabled = config.getBoolean(IdentityV3Prop, false); this.disableOptoutToken = config.getBoolean(DisableOptoutTokenProp, false); this.uidInstanceIdProvider = uidInstanceIdProvider; @@ -265,32 +263,6 @@ private Router createRoutesSetup() throws IOException { // Static and health check router.get(OPS_HEALTHCHECK.toString()).handler(this::handleHealthCheck); - if (this.allowLegacyAPI) { - // V1 APIs - router.get(V1_TOKEN_GENERATE.toString()).handler(auth.handleV1(this::handleTokenGenerateV1, Role.GENERATOR)); - router.get(V1_TOKEN_VALIDATE.toString()).handler(this::handleTokenValidateV1); - router.get(V1_TOKEN_REFRESH.toString()).handler(auth.handleWithOptionalAuth(this::handleTokenRefreshV1)); - router.get(V1_IDENTITY_BUCKETS.toString()).handler(auth.handle(this::handleBucketsV1, Role.MAPPER)); - router.get(V1_IDENTITY_MAP.toString()).handler(auth.handle(this::handleIdentityMapV1, Role.MAPPER)); - router.post(V1_IDENTITY_MAP.toString()).handler(bodyHandler).handler(auth.handle(this::handleIdentityMapBatchV1, Role.MAPPER)); - router.get(V1_KEY_LATEST.toString()).handler(auth.handle(this::handleKeysRequestV1, Role.ID_READER)); - - // Deprecated APIs - router.get(V0_KEY_LATEST.toString()).handler(auth.handle(this::handleKeysRequest, Role.ID_READER)); - router.get(V0_TOKEN_GENERATE.toString()).handler(auth.handle(this::handleTokenGenerate, Role.GENERATOR)); - router.get(V0_TOKEN_REFRESH.toString()).handler(this::handleTokenRefresh); - router.get(V0_TOKEN_VALIDATE.toString()).handler(this::handleValidate); - router.get(V0_IDENTITY_MAP.toString()).handler(auth.handle(this::handleIdentityMap, Role.MAPPER)); - router.post(V0_IDENTITY_MAP.toString()).handler(bodyHandler).handler(auth.handle(this::handleIdentityMapBatch, Role.MAPPER)); - - // Internal service APIs - router.get(V0_TOKEN_LOGOUT.toString()).handler(auth.handle(this::handleLogoutAsync, Role.OPTOUT)); - - // only uncomment to do local testing - //router.get("/internal/optout/get").handler(auth.loopbackOnly(this::handleOptOutGet)); - - } - return router; } @@ -528,7 +500,7 @@ else if(emailHash != null) { responseStatus = TokenResponseStatsCollector.ResponseStatus.OptOut; } else { //user not opted out and already generated valid identity token - response = ResponseUtil.SuccessV2(toJsonV1(identityTokens)); + response = ResponseUtil.SuccessV2(toTokenResponseJson(identityTokens)); } //if returning an optout token or a successful identity token created originally if (responseStatus == TokenResponseStatsCollector.ResponseStatus.Success) { @@ -622,15 +594,6 @@ private void handleKeysRequestCommon(RoutingContext rc, Handler onSuc onSuccess.handle(getAccessibleKeysAsJson(keys, clientKey)); } - public void handleKeysRequestV1(RoutingContext rc) { - try { - handleKeysRequestCommon(rc, keys -> ResponseUtil.Success(rc, keys)); - } catch (Exception e) { - LOGGER.error("Unknown error while handling keys request v1", e); - rc.fail(500); - } - } - public void handleKeysRequestV2(RoutingContext rc) { try { handleKeysRequestCommon(rc, keys -> ResponseUtil.SuccessV2(rc, keys)); @@ -640,15 +603,6 @@ public void handleKeysRequestV2(RoutingContext rc) { } } - public void handleKeysRequest(RoutingContext rc) { - try { - handleKeysRequestCommon(rc, keys -> sendJsonResponse(rc, keys)); - } catch (Exception e) { - LOGGER.error("Unknown error while handling keys request", e); - rc.fail(500); - } - } - public void handleKeysSharing(RoutingContext rc) { RuntimeConfig config = this.getConfigFromRc(rc); int sharingTokenExpirySeconds = config.getSharingTokenExpirySeconds(); @@ -840,58 +794,6 @@ private void handleHealthCheck(RoutingContext rc) { } } - private void handleTokenRefreshV1(RoutingContext rc) { - final List tokenList = rc.queryParam("refresh_token"); - TokenResponseStatsCollector.PlatformType platformType = getPlatformType(rc); - Integer siteId = null; - if (tokenList == null || tokenList.size() == 0) { - SendClientErrorResponseAndRecordStats(ResponseStatus.ClientError, 400, rc, "Required Parameter Missing: refresh_token", siteId, TokenResponseStatsCollector.Endpoint.RefreshV1, TokenResponseStatsCollector.ResponseStatus.MissingParams, siteProvider, platformType); - return; - } - - String refreshToken = tokenList.get(0); - if (refreshToken.length() == V2RequestUtil.V2_REFRESH_PAYLOAD_LENGTH) { - // V2 token sent by V1 JSSDK. Decrypt and extract original refresh token - V2RequestUtil.V2Request v2req = V2RequestUtil.parseRefreshRequest(refreshToken, this.keyManager); - if (v2req.isValid()) { - refreshToken = (String) v2req.payload; - } else { - SendClientErrorResponseAndRecordStats(ResponseStatus.ClientError, 400, rc, v2req.errorMessage, siteId, TokenResponseStatsCollector.Endpoint.RefreshV1, TokenResponseStatsCollector.ResponseStatus.BadPayload, siteProvider, platformType); - return; - } - } - - RuntimeConfig config = this.getConfigFromRc(rc); - - Duration identityExpiresAfter = Duration.ofSeconds(config.getIdentityTokenExpiresAfterSeconds()); - - try { - final RefreshResponse r = this.refreshIdentity(rc, refreshToken); - siteId = rc.get(Const.RoutingContextData.SiteId); - if (!r.isRefreshed()) { - if (r.isOptOut() || r.isDeprecated()) { - ResponseUtil.SuccessNoBody(ResponseStatus.OptOut, rc); - } else if (!AuthMiddleware.isAuthenticated(rc)) { - // unauthenticated clients get a generic error - ResponseUtil.LogWarningAndSendResponse(ResponseStatus.GenericError, 400, rc, "Error refreshing token"); - } else if (r.isInvalidToken()) { - ResponseUtil.LogWarningAndSendResponse(ResponseStatus.InvalidToken, 400, rc, "Invalid Token presented " + tokenList.get(0)); - } else if (r.isExpired()) { - ResponseUtil.LogWarningAndSendResponse(ResponseStatus.ExpiredToken, 400, rc, "Expired Token presented"); - } else { - ResponseUtil.LogErrorAndSendResponse(ResponseStatus.UnknownError, 500, rc, "Unknown State"); - } - } else { - ResponseUtil.Success(rc, toJsonV1(r.getTokens())); - this.recordRefreshDurationStats(siteId, getApiContact(rc), r.getDurationSinceLastRefresh(), rc.request().headers().contains(ORIGIN_HEADER), identityExpiresAfter); - } - - TokenResponseStatsCollector.recordRefresh(siteProvider, siteId, TokenResponseStatsCollector.Endpoint.RefreshV1, r, platformType); - } catch (Exception e) { - SendServerErrorResponseAndRecordStats(rc, "Unknown error while refreshing token", siteId, TokenResponseStatsCollector.Endpoint.RefreshV1, TokenResponseStatsCollector.ResponseStatus.Unknown, siteProvider, e, platformType); - } - } - private static final Map, Counter> CLIENT_VERSION_COUNTERS = new HashMap<>(); private void recordOperatorServedSdkUsage(RoutingContext rc, Integer siteId, String apiContact, String clientVersion) { if (siteId != null && apiContact != null && clientVersion != null) { @@ -937,7 +839,7 @@ private void handleTokenRefreshV2(RoutingContext rc) { ResponseUtil.LogErrorAndSendResponse(ResponseStatus.UnknownError, 500, rc, "Unknown State"); } } else { - ResponseUtil.SuccessV2(rc, toJsonV1(r.getTokens())); + ResponseUtil.SuccessV2(rc, toTokenResponseJson(r.getTokens())); this.recordRefreshDurationStats(siteId, getApiContact(rc), r.getDurationSinceLastRefresh(), rc.request().headers().contains(ORIGIN_HEADER), identityExpiresAfter); } TokenResponseStatsCollector.recordRefresh(siteProvider, siteId, TokenResponseStatsCollector.Endpoint.RefreshV2, r, platformType); @@ -946,35 +848,6 @@ private void handleTokenRefreshV2(RoutingContext rc) { } } - private void handleTokenValidateV1(RoutingContext rc) { - try { - final InputUtil.InputVal input = this.phoneSupport ? getTokenInputV1(rc) : getTokenInput(rc); - if (!isTokenInputValid(input, rc)) { - return; - } - if ((Arrays.equals(ValidateIdentityForEmailHash, input.getIdentityInput()) && input.getIdentityType() == IdentityType.Email) - || (Arrays.equals(ValidateIdentityForPhoneHash, input.getIdentityInput()) && input.getIdentityType() == IdentityType.Phone)) { - try { - final Instant now = Instant.now(); - if (this.idService.advertisingTokenMatches(rc.queryParam("token").get(0), input.toUserIdentity(this.identityScope, 0, now), now)) { - ResponseUtil.Success(rc, Boolean.TRUE); - } else { - ResponseUtil.Success(rc, Boolean.FALSE); - } - } catch (Exception e) { - ResponseUtil.Success(rc, Boolean.FALSE); - } - } else { - ResponseUtil.Success(rc, Boolean.FALSE); - } - } catch (ClientInputValidationException cie) { - ResponseUtil.LogWarningAndSendResponse(ResponseStatus.InvalidToken, 400, rc, "Invalid Token presented"); - } catch (Exception e) { - LOGGER.error("Unknown error while validating token", e); - rc.fail(500); - } - } - private void handleTokenValidateV2(RoutingContext rc) { try { final JsonObject req = (JsonObject) rc.data().get("request"); @@ -1006,36 +879,6 @@ private void handleTokenValidateV2(RoutingContext rc) { } } - private void handleTokenGenerateV1(RoutingContext rc) { - final int siteId = AuthMiddleware.getAuthClient(rc).getSiteId(); - TokenResponseStatsCollector.PlatformType platformType = TokenResponseStatsCollector.PlatformType.Other; - - RuntimeConfig config = this.getConfigFromRc(rc); - Duration refreshIdentityAfter = Duration.ofSeconds(config.getRefreshIdentityTokenAfterSeconds()); - Duration refreshExpiresAfter = Duration.ofSeconds(config.getRefreshTokenExpiresAfterSeconds()); - Duration identityExpiresAfter = Duration.ofSeconds(config.getIdentityTokenExpiresAfterSeconds()); - - try { - final InputUtil.InputVal input = this.phoneSupport ? this.getTokenInputV1(rc) : this.getTokenInput(rc); - platformType = getPlatformType(rc); - if (isTokenInputValid(input, rc)) { - final IdentityTokens t = this.idService.generateIdentity( - new IdentityRequest( - new PublisherIdentity(siteId, 0, 0), - input.toUserIdentity(this.identityScope, 1, Instant.now()), - OptoutCheckPolicy.defaultPolicy()), - refreshIdentityAfter, - refreshExpiresAfter, - identityExpiresAfter); - - ResponseUtil.Success(rc, toJsonV1(t)); - recordTokenResponseStats(siteId, TokenResponseStatsCollector.Endpoint.GenerateV1, TokenResponseStatsCollector.ResponseStatus.Success, siteProvider, t.getAdvertisingTokenVersion(), platformType); - } - } catch (Exception e) { - SendServerErrorResponseAndRecordStats(rc, "Unknown error while generating token v1", siteId, TokenResponseStatsCollector.Endpoint.GenerateV1, TokenResponseStatsCollector.ResponseStatus.Unknown, siteProvider, e, platformType); - } - } - private void handleTokenGenerateV2(RoutingContext rc) { final Integer siteId = AuthMiddleware.getAuthClient(rc).getSiteId(); TokenResponseStatsCollector.PlatformType platformType = TokenResponseStatsCollector.PlatformType.Other; @@ -1109,14 +952,14 @@ private void handleTokenGenerateV2(RoutingContext rc) { refreshExpiresAfter, identityExpiresAfter); - ResponseUtil.SuccessV2(rc, toJsonV1(optOutTokens)); + ResponseUtil.SuccessV2(rc, toTokenResponseJson(optOutTokens)); recordTokenResponseStats(siteId, TokenResponseStatsCollector.Endpoint.GenerateV2, TokenResponseStatsCollector.ResponseStatus.Success, siteProvider, optOutTokens.getAdvertisingTokenVersion(), platformType); } else { // new participant, or legacy specified policy/optout_check=1 ResponseUtil.SuccessNoBodyV2("optout", rc); recordTokenResponseStats(siteId, TokenResponseStatsCollector.Endpoint.GenerateV2, TokenResponseStatsCollector.ResponseStatus.OptOut, siteProvider, null, platformType); } } else { - ResponseUtil.SuccessV2(rc, toJsonV1(t)); + ResponseUtil.SuccessV2(rc, toTokenResponseJson(t)); recordTokenResponseStats(siteId, TokenResponseStatsCollector.Endpoint.GenerateV2, TokenResponseStatsCollector.ResponseStatus.Success, siteProvider, t.getAdvertisingTokenVersion(), platformType); } } @@ -1129,111 +972,6 @@ private void handleTokenGenerateV2(RoutingContext rc) { } } - private void handleTokenGenerate(RoutingContext rc) { - final InputUtil.InputVal input = this.getTokenInput(rc); - Integer siteId = null; - - RuntimeConfig config = this.getConfigFromRc(rc); - Duration refreshIdentityAfter = Duration.ofSeconds(config.getRefreshIdentityTokenAfterSeconds()); - Duration refreshExpiresAfter = Duration.ofSeconds(config.getRefreshTokenExpiresAfterSeconds()); - Duration identityExpiresAfter = Duration.ofSeconds(config.getIdentityTokenExpiresAfterSeconds()); - - - if (input == null) { - SendClientErrorResponseAndRecordStats(ResponseStatus.ClientError, 400, rc, ERROR_INVALID_INPUT_EMAIL_MISSING, siteId, TokenResponseStatsCollector.Endpoint.GenerateV0, TokenResponseStatsCollector.ResponseStatus.BadPayload, siteProvider, TokenResponseStatsCollector.PlatformType.Other); - return; - } - else if (!input.isValid()) { - SendClientErrorResponseAndRecordStats(ResponseStatus.ClientError, 400, rc, "Invalid email or email_hash", siteId, TokenResponseStatsCollector.Endpoint.GenerateV0, TokenResponseStatsCollector.ResponseStatus.BadPayload, siteProvider, TokenResponseStatsCollector.PlatformType.Other); - return; - } - - try { - siteId = AuthMiddleware.getAuthClient(rc).getSiteId(); - final IdentityTokens t = this.idService.generateIdentity( - new IdentityRequest( - new PublisherIdentity(siteId, 0, 0), - input.toUserIdentity(this.identityScope, 1, Instant.now()), - OptoutCheckPolicy.defaultPolicy()), - refreshIdentityAfter, - refreshExpiresAfter, - identityExpiresAfter); - - recordTokenResponseStats(siteId, TokenResponseStatsCollector.Endpoint.GenerateV0, TokenResponseStatsCollector.ResponseStatus.Success, siteProvider, t.getAdvertisingTokenVersion(), TokenResponseStatsCollector.PlatformType.Other); - sendJsonResponse(rc, toJson(t)); - - } catch (Exception e) { - SendServerErrorResponseAndRecordStats(rc, "Unknown error while generating token", siteId, TokenResponseStatsCollector.Endpoint.GenerateV0, TokenResponseStatsCollector.ResponseStatus.Unknown, siteProvider, e, TokenResponseStatsCollector.PlatformType.Other); - } - } - - private void handleTokenRefresh(RoutingContext rc) { - final List tokenList = rc.queryParam("refresh_token"); - Integer siteId = null; - if (tokenList == null || tokenList.size() == 0) { - SendClientErrorResponseAndRecordStats(ResponseStatus.ClientError, 400, rc, "Required Parameter Missing: refresh_token", siteId, TokenResponseStatsCollector.Endpoint.RefreshV0, TokenResponseStatsCollector.ResponseStatus.MissingParams, siteProvider, TokenResponseStatsCollector.PlatformType.Other); - return; - } - - RuntimeConfig config = this.getConfigFromRc(rc); - - Duration identityExpiresAfter = Duration.ofSeconds(config.getIdentityTokenExpiresAfterSeconds()); - - try { - final RefreshResponse r = this.refreshIdentity(rc, tokenList.get(0)); - - sendJsonResponse(rc, toJson(r.getTokens())); - - siteId = rc.get(Const.RoutingContextData.SiteId); - if (r.isRefreshed()) { - this.recordRefreshDurationStats(siteId, getApiContact(rc), r.getDurationSinceLastRefresh(), rc.request().headers().contains(ORIGIN_HEADER), identityExpiresAfter); - } - TokenResponseStatsCollector.recordRefresh(siteProvider, siteId, TokenResponseStatsCollector.Endpoint.RefreshV0, r, TokenResponseStatsCollector.PlatformType.Other); - } catch (Exception e) { - SendServerErrorResponseAndRecordStats(rc, "Unknown error while refreshing token", siteId, TokenResponseStatsCollector.Endpoint.RefreshV0, TokenResponseStatsCollector.ResponseStatus.Unknown, siteProvider, e, TokenResponseStatsCollector.PlatformType.Other); - } - } - - private void handleValidate(RoutingContext rc) { - try { - final InputUtil.InputVal input = getTokenInput(rc); - if (input != null && input.isValid() && Arrays.equals(ValidateIdentityForEmailHash, input.getIdentityInput())) { - try { - final Instant now = Instant.now(); - if (this.idService.advertisingTokenMatches(rc.queryParam("token").get(0), input.toUserIdentity(this.identityScope, 0, now), now)) { - rc.response().end("true"); - } else { - rc.response().end("false"); - } - } catch (Exception e) { - rc.response().end("false"); - } - } else { - rc.response().end("not allowed"); - } - } catch (Exception e) { - LOGGER.error("Unknown error while validating token", e); - rc.fail(500); - } - } - - private void handleLogoutAsync(RoutingContext rc) { - final InputUtil.InputVal input = this.phoneSupport ? getTokenInputV1(rc) : getTokenInput(rc); - final String uidTraceId = rc.request().getHeader(Audit.UID_TRACE_ID_HEADER); - if (input.isValid()) { - final Instant now = Instant.now(); - this.idService.invalidateTokensAsync(input.toUserIdentity(this.identityScope, 0, now), now, uidTraceId, ar -> { - if (ar.succeeded()) { - rc.response().end("OK"); - } else { - rc.fail(500); - } - }); - } else { - ResponseUtil.LogWarningAndSendResponse(ResponseStatus.InvalidToken, 400, rc, "Invalid Token presented " + input); - } - } - private Future handleLogoutAsyncV2(RoutingContext rc) { final JsonObject req = (JsonObject) rc.data().get("request"); final InputUtil.InputVal input = getTokenInputV2(req); @@ -1259,57 +997,6 @@ private Future handleLogoutAsyncV2(RoutingContext rc) { } } - private void handleOptOutGet(RoutingContext rc) { - final InputUtil.InputVal input = getTokenInputV1(rc); - if (input.isValid()) { - try { - final Instant now = Instant.now(); - final UserIdentity userIdentity = input.toUserIdentity(this.identityScope, 0, now); - final Instant result = this.idService.getLatestOptoutEntry(userIdentity, now); - long timestamp = result == null ? -1 : result.getEpochSecond(); - rc.response().setStatusCode(200) - .setChunked(true) - .write(String.valueOf(timestamp)); - rc.response().end(); - } catch (Exception ex) { - LOGGER.error("Unexpected error while handling optout get", ex); - rc.fail(500); - } - } else { - ResponseUtil.LogWarningAndSendResponse(ResponseStatus.InvalidToken, 400, rc, "Invalid Token presented " + input); - } - } - - private void handleBucketsV1(RoutingContext rc) { - final List qp = rc.queryParam("since_timestamp"); - if (qp != null && qp.size() > 0) { - final Instant sinceTimestamp; - try { - LocalDateTime ld = LocalDateTime.parse(qp.get(0), DateTimeFormatter.ISO_LOCAL_DATE_TIME); - sinceTimestamp = ld.toInstant(ZoneOffset.UTC); - LOGGER.info(String.format("identity bucket endpoint is called with since_timestamp %s and site id %s", ld, AuthMiddleware.getAuthClient(rc).getSiteId())); - } catch (Exception e) { - ResponseUtil.LogInfoAndSend400Response(rc, "invalid date, must conform to ISO 8601"); - return; - } - final List modified = this.idService.getModifiedBuckets(sinceTimestamp); - final JsonArray resp = new JsonArray(); - if (modified != null) { - for (SaltEntry e : modified) { - final JsonObject o = new JsonObject(); - o.put("bucket_id", e.hashedId()); - Instant lastUpdated = Instant.ofEpochMilli(e.lastUpdated()); - - o.put("last_updated", API_DATE_TIME_FORMATTER.format(lastUpdated)); - resp.add(o); - } - ResponseUtil.Success(rc, resp); - } - } else { - ResponseUtil.LogInfoAndSend400Response(rc, "missing parameter since_timestamp"); - } - } - private void handleBucketsV2(RoutingContext rc) { final JsonObject req = (JsonObject) rc.data().get("request"); final String qp = req.getString("since_timestamp"); @@ -1342,58 +1029,6 @@ private void handleBucketsV2(RoutingContext rc) { } } - private void handleIdentityMapV1(RoutingContext rc) { - final InputUtil.InputVal input = this.phoneSupport ? this.getTokenInputV1(rc) : this.getTokenInput(rc); - if (!isTokenInputValid(input, rc)) { - return; - } - try { - final Instant now = Instant.now(); - final MappedIdentity mappedIdentity = this.idService.map(input.toUserIdentity(this.identityScope, 0, now), now); - final JsonObject jsonObject = new JsonObject(); - jsonObject.put("identifier", input.getProvided()); - jsonObject.put("advertising_id", EncodingUtils.toBase64String(mappedIdentity.advertisingId)); - jsonObject.put("bucket_id", mappedIdentity.bucketId); - ResponseUtil.Success(rc, jsonObject); - } catch (Exception e) { - ResponseUtil.LogErrorAndSendResponse(ResponseStatus.UnknownError, 500, rc, "Unknown State", e); - } - } - - private void handleIdentityMap(RoutingContext rc) { - final InputUtil.InputVal input = this.getTokenInput(rc); - - try { - if (isTokenInputValid(input, rc)) { - final Instant now = Instant.now(); - final MappedIdentity mappedIdentity = this.idService.map(input.toUserIdentity(this.identityScope, 0, now), now); - rc.response().end(EncodingUtils.toBase64String(mappedIdentity.advertisingId)); - } - } catch (Exception ex) { - LOGGER.error("Unexpected error while mapping identity", ex); - rc.fail(500); - } - } - - private InputUtil.InputVal getTokenInput(RoutingContext rc) { - final InputUtil.InputVal input; - final List emailInput = rc.queryParam("email"); - final List emailHashInput = rc.queryParam("email_hash"); - if (emailInput != null && emailInput.size() > 0) { - if (emailHashInput != null && emailHashInput.size() > 0) { - // cannot specify both - input = null; - } else { - input = InputUtil.normalizeEmail(emailInput.get(0)); - } - } else if (emailHashInput != null && emailHashInput.size() > 0) { - input = InputUtil.normalizeEmailHash(emailHashInput.get(0)); - } else { - input = null; - } - return input; - } - private InputUtil.InputVal getTokenInputV2(JsonObject req) { if (req == null) return null; @@ -1429,44 +1064,6 @@ private InputUtil.InputVal getTokenInputV2(JsonObject req) { return getInput != null ? getInput.get() : null; } - private InputUtil.InputVal getTokenInputV1(RoutingContext rc) { - final List emailInput = rc.queryParam("email"); - final List emailHashInput = rc.queryParam("email_hash"); - final List phoneInput = rc.queryParam("phone"); - final List phoneHashInput = rc.queryParam("phone_hash"); - - int validInputs = 0; - if (emailInput != null && emailInput.size() > 0) { - ++validInputs; - } - if (emailHashInput != null && emailHashInput.size() > 0) { - ++validInputs; - } - if (phoneInput != null && phoneInput.size() > 0) { - ++validInputs; - } - if (phoneHashInput != null && phoneHashInput.size() > 0) { - ++validInputs; - } - - if (validInputs != 1) { - // there can be only 1 set of valid input - return null; - } - - if (emailInput != null && emailInput.size() > 0) { - return InputUtil.normalizeEmail(emailInput.get(0)); - } else if (phoneInput != null && phoneInput.size() > 0) { - return InputUtil.normalizePhone(phoneInput.get(0)); - } else if (emailHashInput != null && emailHashInput.size() > 0) { - return InputUtil.normalizeEmailHash(emailHashInput.get(0)); - } else if (phoneHashInput != null && phoneHashInput.size() > 0) { - return InputUtil.normalizePhoneHash(phoneHashInput.get(0)); - } - - return null; - } - private boolean isTokenInputValid(InputUtil.InputVal input, RoutingContext rc) { if (input == null) { String message = this.phoneSupport ? ERROR_INVALID_INPUT_WITH_PHONE_SUPPORT : ERROR_INVALID_INPUT_EMAIL_MISSING; @@ -1479,79 +1076,6 @@ private boolean isTokenInputValid(InputUtil.InputVal input, RoutingContext rc) { return true; } - private InputUtil.InputVal[] getIdentityBulkInput(RoutingContext rc) { - final JsonObject obj = rc.body().asJsonObject(); - final JsonArray emails = obj.getJsonArray("email"); - final JsonArray emailHashes = obj.getJsonArray("email_hash"); - // FIXME TODO. Avoid Double Iteration. Turn to a decorator pattern - if (emails == null && emailHashes == null) { - ResponseUtil.LogInfoAndSend400Response(rc, ERROR_INVALID_INPUT_EMAIL_MISSING); - return null; - } else if (emails != null && !emails.isEmpty()) { - if (emailHashes != null && !emailHashes.isEmpty()) { - ResponseUtil.LogInfoAndSend400Response(rc, ERROR_INVALID_INPUT_EMAIL_TWICE); - return null; - } - return createInputList(emails, false); - } else { - return createInputList(emailHashes, true); - } - } - - - private InputUtil.InputVal[] getIdentityBulkInputV1(RoutingContext rc) { - final JsonObject obj = rc.body().asJsonObject(); - if(obj.isEmpty()) { - ResponseUtil.LogInfoAndSend400Response(rc, ERROR_INVALID_INPUT_WITH_PHONE_SUPPORT); - return null; - } - final JsonArray emails = JsonParseUtils.parseArray(obj, "email", rc); - final JsonArray emailHashes = JsonParseUtils.parseArray(obj, "email_hash", rc); - final JsonArray phones = JsonParseUtils.parseArray(obj,"phone", rc); - final JsonArray phoneHashes = JsonParseUtils.parseArray(obj,"phone_hash", rc); - - if (emails == null && emailHashes == null && phones == null && phoneHashes == null) { - return null; - } - - int validInputs = 0; - int nonEmptyInputs = 0; - if (emails != null) { - ++validInputs; - if (!emails.isEmpty()) ++nonEmptyInputs; - } - if (emailHashes != null) { - ++validInputs; - if (!emailHashes.isEmpty()) ++nonEmptyInputs; - } - if (phones != null) { - ++validInputs; - if (!phones.isEmpty()) ++nonEmptyInputs; - } - if (phoneHashes != null) { - ++validInputs; - if (!phoneHashes.isEmpty()) ++nonEmptyInputs; - } - - if (validInputs == 0 || nonEmptyInputs > 1) { - ResponseUtil.LogInfoAndSend400Response(rc, ERROR_INVALID_INPUT_WITH_PHONE_SUPPORT); - return null; - } - - if (emails != null && !emails.isEmpty()) { - return createInputListV1(emails, IdentityType.Email, InputUtil.IdentityInputType.Raw); - } else if (emailHashes != null && !emailHashes.isEmpty()) { - return createInputListV1(emailHashes, IdentityType.Email, InputUtil.IdentityInputType.Hash); - } else if (phones != null && !phones.isEmpty()) { - return createInputListV1(phones, IdentityType.Phone, InputUtil.IdentityInputType.Raw); - } else if (phoneHashes != null && !phoneHashes.isEmpty()) { - return createInputListV1(phoneHashes, IdentityType.Phone, InputUtil.IdentityInputType.Hash); - } else { - // handle empty array - return createInputListV1(null, IdentityType.Email, InputUtil.IdentityInputType.Raw); - } - } - private JsonObject handleIdentityMapCommon(RoutingContext rc, InputUtil.InputVal[] inputList) { final Instant now = Instant.now(); final JsonArray mapped = new JsonArray(); @@ -1641,18 +1165,6 @@ private JsonObject processIdentityMapV3Response(RoutingContext rc, Map getInputList = null; final JsonArray emails = JsonParseUtils.parseArray(obj, "email", rc); if (emails != null && !emails.isEmpty()) { - getInputList = () -> createInputListV1(emails, IdentityType.Email, InputUtil.IdentityInputType.Raw); + getInputList = () -> createInputList(emails, IdentityType.Email, InputUtil.IdentityInputType.Raw); } final JsonArray emailHashes = JsonParseUtils.parseArray(obj, "email_hash", rc); @@ -1697,7 +1209,7 @@ private InputUtil.InputVal[] getIdentityMapV2Input(RoutingContext rc) { if (getInputList != null) { return null; // only one type of input is allowed } - getInputList = () -> createInputListV1(emailHashes, IdentityType.Email, InputUtil.IdentityInputType.Hash); + getInputList = () -> createInputList(emailHashes, IdentityType.Email, InputUtil.IdentityInputType.Hash); } final JsonArray phones = this.phoneSupport ? JsonParseUtils.parseArray(obj,"phone", rc) : null; @@ -1705,7 +1217,7 @@ private InputUtil.InputVal[] getIdentityMapV2Input(RoutingContext rc) { if (getInputList != null) { return null; // only one type of input is allowed } - getInputList = () -> createInputListV1(phones, IdentityType.Phone, InputUtil.IdentityInputType.Raw); + getInputList = () -> createInputList(phones, IdentityType.Phone, InputUtil.IdentityInputType.Raw); } final JsonArray phoneHashes = this.phoneSupport ? JsonParseUtils.parseArray(obj,"phone_hash", rc) : null; @@ -1713,7 +1225,7 @@ private InputUtil.InputVal[] getIdentityMapV2Input(RoutingContext rc) { if (getInputList != null) { return null; // only one type of input is allowed } - getInputList = () -> createInputListV1(phoneHashes, IdentityType.Phone, InputUtil.IdentityInputType.Hash); + getInputList = () -> createInputList(phoneHashes, IdentityType.Phone, InputUtil.IdentityInputType.Hash); } if (emails == null && emailHashes == null && phones == null && phoneHashes == null) { @@ -1721,7 +1233,7 @@ private InputUtil.InputVal[] getIdentityMapV2Input(RoutingContext rc) { } return getInputList == null ? - createInputListV1(null, IdentityType.Email, InputUtil.IdentityInputType.Raw) : // handle empty array + createInputList(null, IdentityType.Email, InputUtil.IdentityInputType.Raw) : // handle empty array getInputList.get(); } @@ -1766,33 +1278,6 @@ private Map processIdentityMapMixedInput(RoutingCo return normalizedIdentities; } - private void handleIdentityMapBatch(RoutingContext rc) { - try { - final JsonObject obj = rc.body().asJsonObject(); - final InputUtil.InputVal[] inputList; - final JsonArray emails = obj.getJsonArray("email"); - final JsonArray emailHashes = obj.getJsonArray("email_hash"); - if (emails == null && emailHashes == null) { - ResponseUtil.LogInfoAndSend400Response(rc, ERROR_INVALID_INPUT_EMAIL_MISSING); - return; - } else if (emails != null && !emails.isEmpty()) { - if (emailHashes != null && !emailHashes.isEmpty()) { - ResponseUtil.LogInfoAndSend400Response(rc, ERROR_INVALID_INPUT_EMAIL_TWICE); - return; - } - inputList = createInputList(emails, false); - } else { - inputList = createInputList(emailHashes, true); - } - - final JsonObject resp = handleIdentityMapCommon(rc, inputList); - sendJsonResponse(rc, resp); - } catch (Exception e) { - LOGGER.error("Unknown error while mapping batched identity", e); - rc.fail(500); - } - } - private static String getApiContact(RoutingContext rc) { String apiContact; try { @@ -2043,25 +1528,7 @@ private void recordRefreshDurationStats(Integer siteId, String apiContact, Durat c.increment(); } - private InputUtil.InputVal[] createInputList(JsonArray a, boolean inputAsHash) { - if (a == null || a.size() == 0) { - return new InputUtil.InputVal[0]; - } - final int size = a.size(); - final InputUtil.InputVal[] resp = new InputUtil.InputVal[size]; - - for (int i = 0; i < size; ++i) { - if (inputAsHash) { - resp[i] = InputUtil.normalizeEmailHash(a.getString(i)); - } else { - resp[i] = InputUtil.normalizeEmail(a.getString(i)); - } - } - return resp; - - } - - private InputUtil.InputVal[] createInputListV1(JsonArray a, IdentityType identityType, InputUtil.IdentityInputType inputType) { + private InputUtil.InputVal[] createInputList(JsonArray a, IdentityType identityType, InputUtil.IdentityInputType inputType) { if (a == null || a.isEmpty()) { return new InputUtil.InputVal[0]; } @@ -2152,7 +1619,6 @@ private boolean meetPolicyCheckRequirements(RoutingContext rc) { return true; } - private Tuple.Tuple2 readOptoutCheckPolicy(JsonObject req) { if(req.containsKey(OPTOUT_CHECK_POLICY_PARAM)) { return new Tuple.Tuple2<>(OptoutCheckPolicy.fromValue(req.getInteger(OPTOUT_CHECK_POLICY_PARAM)), OPTOUT_CHECK_POLICY_PARAM); @@ -2193,7 +1659,7 @@ private TransparentConsentParseResult getUserConsentV2(JsonObject req) { } } - private JsonObject toJsonV1(IdentityTokens t) { + private JsonObject toTokenResponseJson(IdentityTokens t) { final JsonObject json = new JsonObject(); json.put("advertising_token", t.getAdvertisingToken()); json.put("refresh_token", t.getRefreshToken()); @@ -2247,25 +1713,6 @@ private static JsonObject toJson(KeysetKey key) { return json; } - private JsonObject toJson(IdentityTokens t) { - final JsonObject json = new JsonObject(); - json.put("advertisement_token", t.getAdvertisingToken()); - json.put("advertising_token", t.getAdvertisingToken()); - json.put("refresh_token", t.getRefreshToken()); - - return json; - } - - private void sendJsonResponse(RoutingContext rc, JsonObject json) { - rc.response().putHeader(HttpHeaders.CONTENT_TYPE, HttpMediaType.APPLICATION_JSON.getType()) - .end(json.encode()); - } - - private void sendJsonResponse(RoutingContext rc, JsonArray json) { - rc.response().putHeader(HttpHeaders.CONTENT_TYPE, HttpMediaType.APPLICATION_JSON.getType()) - .end(json.encode()); - } - private void logInvalidOriginOrAppName(int siteId, String originOrAppName) { siteIdToInvalidOriginsAndAppNames.computeIfAbsent(siteId, k -> new HashSet<>()) .add(originOrAppName); diff --git a/src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java b/src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java index 5d5108b91..46163267f 100644 --- a/src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java +++ b/src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java @@ -161,8 +161,6 @@ public void deployVerticle(Vertx vertx, VertxTestContext testContext, TestInfo t if(testInfo.getDisplayName().equals("cstgNoPhoneSupport(Vertx, VertxTestContext)")) { config.put("enable_phone_support", false); } - // TODO: Remove this when we remove allow_legacy_api FF - config.put("allow_legacy_api", true); when(configStore.getConfig()).thenAnswer(x -> runtimeConfig); this.uidInstanceIdProvider = new UidInstanceIdProvider("test-instance", "id"); @@ -749,8 +747,7 @@ void verticleDeployed(Vertx vertx, VertxTestContext testContext) { } @ParameterizedTest - @CsvSource({"v1, text/plain", - "v2, text/plain", + @CsvSource({"v2, text/plain", "v2, application/octet-stream"}) void keyLatestNoAcl(String apiVersion, String contentType, Vertx vertx, VertxTestContext testContext) { fakeAuth(5, Role.ID_READER); @@ -774,7 +771,7 @@ void keyLatestNoAcl(String apiVersion, String contentType, Vertx vertx, VertxTes } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void keyLatestWithAcl(String apiVersion, Vertx vertx, VertxTestContext testContext) { fakeAuth(5, Role.ID_READER); Keyset[] keysets = { @@ -799,7 +796,7 @@ void keyLatestWithAcl(String apiVersion, Vertx vertx, VertxTestContext testConte } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void keyLatestClientBelongsToReservedSiteId(String apiVersion, Vertx vertx, VertxTestContext testContext) { fakeAuth(AdvertisingTokenSiteId, Role.ID_READER); KeysetKey[] encryptionKeys = { @@ -811,7 +808,7 @@ void keyLatestClientBelongsToReservedSiteId(String apiVersion, Vertx vertx, Vert } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void keyLatestHideRefreshKey(String apiVersion, Vertx vertx, VertxTestContext testContext) { fakeAuth(5, Role.ID_READER); Keyset[] keysets = { @@ -836,7 +833,7 @@ void keyLatestHideRefreshKey(String apiVersion, Vertx vertx, VertxTestContext te } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateBothEmailAndHashSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String emailAddress = "test@uid2.com"; @@ -861,7 +858,7 @@ void tokenGenerateBothEmailAndHashSpecified(String apiVersion, Vertx vertx, Vert } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateNoEmailOrHashSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -937,8 +934,7 @@ RefreshToken decodeRefreshToken(EncryptedTokenEncoder encoder, String refreshTok } @ParameterizedTest - @CsvSource({"v1, text/plain", - "v2, text/plain", + @CsvSource({"v2, text/plain", "v2, application/octet-stream"}) void identityMapNewClientNoPolicySpecified(String apiVersion, String contentType, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; @@ -1562,8 +1558,7 @@ void tokenGenerateOptOutTokenWithDisableOptoutTokenFF(String policyParameterKey, } @ParameterizedTest - @CsvSource({"v1, text/plain", - "v2, text/plain", + @CsvSource({"v2, text/plain", "v2, application/octet-stream"}) void tokenGenerateForEmail(String apiVersion, String contentType, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; @@ -1607,7 +1602,7 @@ void tokenGenerateForEmail(String apiVersion, String contentType, Vertx vertx, V } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateForEmailHash(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String emailHash = TokenUtils.getIdentityHashString("test@uid2.com"); @@ -1647,8 +1642,7 @@ void tokenGenerateForEmailHash(String apiVersion, Vertx vertx, VertxTestContext } @ParameterizedTest - @CsvSource({"v1, text/plain", - "v2, text/plain", + @CsvSource({"v2, text/plain", "v2, application/octet-stream"}) void tokenGenerateThenRefresh(String apiVersion, String contentType, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; @@ -1695,12 +1689,12 @@ void tokenGenerateThenRefresh(String apiVersion, String contentType, Vertx vertx assertTokenStatusMetrics( clientSiteId, - apiVersion.equals("v1") ? TokenResponseStatsCollector.Endpoint.GenerateV1 : TokenResponseStatsCollector.Endpoint.GenerateV2, + TokenResponseStatsCollector.Endpoint.GenerateV2, TokenResponseStatsCollector.ResponseStatus.Success, TokenResponseStatsCollector.PlatformType.InApp); assertTokenStatusMetrics( clientSiteId, - apiVersion.equals("v1") ? TokenResponseStatsCollector.Endpoint.RefreshV1 : TokenResponseStatsCollector.Endpoint.RefreshV2, + TokenResponseStatsCollector.Endpoint.RefreshV2, TokenResponseStatsCollector.ResponseStatus.Success, TokenResponseStatsCollector.PlatformType.InApp); @@ -1710,7 +1704,7 @@ void tokenGenerateThenRefresh(String apiVersion, String contentType, Vertx vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenRefreshSaltsExpired(String apiVersion, Vertx vertx, VertxTestContext testContext) { when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().minus(1, ChronoUnit.HOURS)); final int clientSiteId = 201; @@ -1756,12 +1750,12 @@ void tokenGenerateThenRefreshSaltsExpired(String apiVersion, Vertx vertx, VertxT assertTokenStatusMetrics( clientSiteId, - apiVersion.equals("v1") ? TokenResponseStatsCollector.Endpoint.GenerateV1 : TokenResponseStatsCollector.Endpoint.GenerateV2, + TokenResponseStatsCollector.Endpoint.GenerateV2, TokenResponseStatsCollector.ResponseStatus.Success, TokenResponseStatsCollector.PlatformType.InApp); assertTokenStatusMetrics( clientSiteId, - apiVersion.equals("v1") ? TokenResponseStatsCollector.Endpoint.RefreshV1 : TokenResponseStatsCollector.Endpoint.RefreshV2, + TokenResponseStatsCollector.Endpoint.RefreshV2, TokenResponseStatsCollector.ResponseStatus.Success, TokenResponseStatsCollector.PlatformType.InApp); @@ -1804,7 +1798,7 @@ void tokenGenerateThenRefreshNoActiveKey(Vertx vertx, VertxTestContext testConte @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenValidateWithEmail_Match(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String emailAddress = ValidateIdentityForEmail; @@ -1834,7 +1828,7 @@ void tokenGenerateThenValidateWithEmail_Match(String apiVersion, Vertx vertx, Ve } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenValidateWithEmailHash_Match(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -1863,7 +1857,7 @@ void tokenGenerateThenValidateWithEmailHash_Match(String apiVersion, Vertx vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenValidateWithBothEmailAndEmailHash(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String emailAddress = ValidateIdentityForEmail; @@ -1894,7 +1888,7 @@ void tokenGenerateThenValidateWithBothEmailAndEmailHash(String apiVersion, Vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateUsingCustomSiteKey(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 4; final int clientKeysetId = 201; @@ -1928,7 +1922,7 @@ void tokenGenerateUsingCustomSiteKey(String apiVersion, Vertx vertx, VertxTestCo } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateSaltsExpired(String apiVersion, Vertx vertx, VertxTestContext testContext) { when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().minus(1, ChronoUnit.HOURS)); final int clientSiteId = 201; @@ -1993,7 +1987,7 @@ void tokenGenerateNoActiveKey(Vertx vertx, VertxTestContext testContext) { } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenRefreshNoToken(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -2001,7 +1995,7 @@ void tokenRefreshNoToken(String apiVersion, Vertx vertx, VertxTestContext testCo assertEquals("invalid_token", json.getString("status")); assertTokenStatusMetrics( clientSiteId, - apiVersion.equals("v1") ? TokenResponseStatsCollector.Endpoint.RefreshV1 : TokenResponseStatsCollector.Endpoint.RefreshV2, + TokenResponseStatsCollector.Endpoint.RefreshV2, TokenResponseStatsCollector.ResponseStatus.InvalidToken, TokenResponseStatsCollector.PlatformType.Other); testContext.completeNow(); @@ -2009,7 +2003,7 @@ void tokenRefreshNoToken(String apiVersion, Vertx vertx, VertxTestContext testCo } @ParameterizedTest - @CsvSource({"v1,asdf", "v2,asdf", "v1,invalidBase64%%%%", "v2,invalidBase64%%%%"}) + @CsvSource({"v2,asdf", "v2,invalidBase64%%%%"}) void tokenRefreshInvalidTokenAuthenticated(String apiVersion, String token, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -2018,7 +2012,7 @@ void tokenRefreshInvalidTokenAuthenticated(String apiVersion, String token, Vert assertEquals("invalid_token", json.getString("status")); assertTokenStatusMetrics( clientSiteId, - apiVersion.equals("v1") ? TokenResponseStatsCollector.Endpoint.RefreshV1 : TokenResponseStatsCollector.Endpoint.RefreshV2, + TokenResponseStatsCollector.Endpoint.RefreshV2, TokenResponseStatsCollector.ResponseStatus.InvalidToken, TokenResponseStatsCollector.PlatformType.HasOriginHeader); testContext.completeNow(); @@ -2026,7 +2020,7 @@ void tokenRefreshInvalidTokenAuthenticated(String apiVersion, String token, Vert } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenRefreshInvalidTokenUnauthenticated(String apiVersion, Vertx vertx, VertxTestContext testContext) { sendTokenRefresh(apiVersion, vertx, testContext, "abcd", "", 400, json -> { assertEquals("error", json.getString("status")); @@ -2042,7 +2036,7 @@ private void generateRefreshToken(String apiVersion, Vertx vertx, String identit } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void captureDurationsBetweenRefresh(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -2072,7 +2066,7 @@ void captureDurationsBetweenRefresh(String apiVersion, Vertx vertx, VertxTestCon } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void captureExpiredAdvertisingTokenStatus(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -2097,7 +2091,7 @@ void captureExpiredAdvertisingTokenStatus(String apiVersion, Vertx vertx, VertxT } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenRefreshExpiredTokenAuthenticated(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -2117,7 +2111,7 @@ void tokenRefreshExpiredTokenAuthenticated(String apiVersion, Vertx vertx, Vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenRefreshExpiredTokenUnauthenticated(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String emailAddress = "test@uid2.com"; @@ -2137,7 +2131,7 @@ void tokenRefreshExpiredTokenUnauthenticated(String apiVersion, Vertx vertx, Ver } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenRefreshOptOut(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String emailAddress = "test@uid2.com"; @@ -2151,7 +2145,7 @@ void tokenRefreshOptOut(String apiVersion, Vertx vertx, VertxTestContext testCon assertEquals("optout", refreshRespJson.getString("status")); assertTokenStatusMetrics( clientSiteId, - apiVersion.equals("v1") ? TokenResponseStatsCollector.Endpoint.RefreshV1 : TokenResponseStatsCollector.Endpoint.RefreshV2, + TokenResponseStatsCollector.Endpoint.RefreshV2, TokenResponseStatsCollector.ResponseStatus.OptOut, TokenResponseStatsCollector.PlatformType.Other); testContext.completeNow(); @@ -2160,7 +2154,7 @@ void tokenRefreshOptOut(String apiVersion, Vertx vertx, VertxTestContext testCon } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenRefreshOptOutBeforeLogin(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String emailAddress = "test@uid2.com"; @@ -2180,49 +2174,8 @@ void tokenRefreshOptOutBeforeLogin(String apiVersion, Vertx vertx, VertxTestCont }); } - @Test - void v2HandleV1RefreshToken(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - fakeAuth(201, Role.GENERATOR); - final String emailAddress = "test@uid2.com"; - - generateRefreshToken("v1", vertx, "email", emailAddress, clientSiteId, genRespJson -> { - JsonObject bodyJson = genRespJson.getJsonObject("body"); - String refreshToken = bodyJson.getString("refresh_token"); - - sendTokenRefresh("v2", vertx, testContext, refreshToken, null, 200, refreshRespJson -> { - assertEquals("success", refreshRespJson.getString("status")); - - JsonObject refreshBodyJson = refreshRespJson.getJsonObject("body"); - assertNotNull(refreshBodyJson.getString("refresh_response_key")); - - decodeV2RefreshToken(refreshRespJson); - - testContext.completeNow(); - }); - }); - } - - @Test - void v1HandleV2RefreshToken(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - fakeAuth(201, Role.GENERATOR); - final String emailAddress = "test@uid2.com"; - - generateRefreshToken("v2", vertx, "email", emailAddress, clientSiteId, genRespJson -> { - JsonObject bodyJson = genRespJson.getJsonObject("body"); - String refreshToken = bodyJson.getString("refresh_token"); - - sendTokenRefresh("v1", vertx, testContext, refreshToken, null, 200, refreshRespJson -> { - assertEquals("success", refreshRespJson.getString("status")); - testContext.completeNow(); - }); - }); - } - @ParameterizedTest - @CsvSource({"v1, text/plain", - "v2, text/plain", + @CsvSource({"v2, text/plain", "v2, application/octet-stream"}) void tokenValidateWithEmail_Mismatch(String apiVersion, String contentType, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; @@ -2245,7 +2198,7 @@ void tokenValidateWithEmail_Mismatch(String apiVersion, String contentType, Vert } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenValidateWithEmailHash_Mismatch(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.GENERATOR); @@ -2264,121 +2217,9 @@ void tokenValidateWithEmailHash_Mismatch(String apiVersion, Vertx vertx, VertxTe }); } - @Test - void identityMapBothEmailAndHashSpecified(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String emailAddress = "test@uid2.com"; - final String emailHash = TokenUtils.getIdentityHashString(emailAddress); - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map?email=" + emailAddress + "&email_hash=" + urlEncode(emailHash), ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(400, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertFalse(json.containsKey("body")); - assertEquals("client_error", json.getString("status")); - - testContext.completeNow(); - }); - } - - @Test - void identityMapNoEmailOrHashSpecified(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map", ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(400, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertFalse(json.containsKey("body")); - assertEquals("client_error", json.getString("status")); - - testContext.completeNow(); - }); - } - - @Test - void identityMapForEmail(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String emailAddress = "test@uid2.com"; - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map?email=" + emailAddress, ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(200, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertEquals("success", json.getString("status")); - JsonObject body = json.getJsonObject("body"); - assertNotNull(body); - - assertEquals(emailAddress, body.getString("identifier")); - assertFalse(body.getString("advertising_id").isEmpty()); - assertFalse(body.getString("bucket_id").isEmpty()); - - testContext.completeNow(); - }); - } - - @Test - void identityMapForSaltsExpired(Vertx vertx, VertxTestContext testContext) { - when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().minus(1, ChronoUnit.HOURS)); - final int clientSiteId = 201; - final String emailAddress = "test@uid2.com"; - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map?email=" + emailAddress, ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(200, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertEquals("success", json.getString("status")); - JsonObject body = json.getJsonObject("body"); - assertNotNull(body); - - assertEquals(emailAddress, body.getString("identifier")); - assertFalse(body.getString("advertising_id").isEmpty()); - assertFalse(body.getString("bucket_id").isEmpty()); - - verify(shutdownHandler, atLeastOnce()).handleSaltRetrievalResponse(true); - - testContext.completeNow(); - }); - } - - @Test - void identityMapForEmailHash(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String emailHash = TokenUtils.getIdentityHashString("test@uid2.com"); - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map?email_hash=" + urlEncode(emailHash), ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(200, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertEquals("success", json.getString("status")); - JsonObject body = json.getJsonObject("body"); - assertNotNull(body); - - assertEquals(emailHash, body.getString("identifier")); - assertFalse(body.getString("advertising_id").isEmpty()); - assertFalse(body.getString("bucket_id").isEmpty()); - - testContext.completeNow(); - }); - } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchBothEmailAndHashEmpty(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2398,7 +2239,7 @@ void identityMapBatchBothEmailAndHashEmpty(String apiVersion, Vertx vertx, Vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchBothEmailAndHashSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2422,7 +2263,7 @@ void identityMapBatchBothEmailAndHashSpecified(String apiVersion, Vertx vertx, V } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchNoEmailOrHashSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2440,7 +2281,7 @@ void identityMapBatchNoEmailOrHashSpecified(String apiVersion, Vertx vertx, Vert } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapSingleEmailProvided(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2461,7 +2302,7 @@ void identityMapSingleEmailProvided(String apiVersion, Vertx vertx, VertxTestCon } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapSingleEmailHashProvided(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2482,7 +2323,7 @@ void identityMapSingleEmailHashProvided(String apiVersion, Vertx vertx, VertxTes } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapSinglePhoneProvided(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2503,7 +2344,7 @@ void identityMapSinglePhoneProvided(String apiVersion, Vertx vertx, VertxTestCon } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapSinglePhoneHashProvided(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2524,7 +2365,7 @@ void identityMapSinglePhoneHashProvided(String apiVersion, Vertx vertx, VertxTes } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchEmails(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2540,7 +2381,7 @@ void identityMapBatchEmails(String apiVersion, Vertx vertx, VertxTestContext tes } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchEmailHashes(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2566,7 +2407,7 @@ void identityMapBatchEmailHashes(String apiVersion, Vertx vertx, VertxTestContex } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchEmailsOneEmailInvalid(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2588,7 +2429,7 @@ void identityMapBatchEmailsOneEmailInvalid(String apiVersion, Vertx vertx, Vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchEmailsNoEmails(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2606,7 +2447,7 @@ void identityMapBatchEmailsNoEmails(String apiVersion, Vertx vertx, VertxTestCon } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchRequestTooLarge(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -2778,7 +2619,7 @@ void LogoutV2SaltsExpired(Vertx vertx, VertxTestContext testContext) { } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateBothPhoneAndHashSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = "+15555555555"; @@ -2801,7 +2642,7 @@ void tokenGenerateBothPhoneAndHashSpecified(String apiVersion, Vertx vertx, Vert } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateBothPhoneAndEmailSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = "+15555555555"; @@ -2824,7 +2665,7 @@ void tokenGenerateBothPhoneAndEmailSpecified(String apiVersion, Vertx vertx, Ver } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateBothPhoneHashAndEmailHashSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = "+15555555555"; @@ -2849,7 +2690,7 @@ void tokenGenerateBothPhoneHashAndEmailHashSpecified(String apiVersion, Vertx ve } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateForPhone(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = "+15555555555"; @@ -2887,7 +2728,7 @@ void tokenGenerateForPhone(String apiVersion, Vertx vertx, VertxTestContext test } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateForPhoneHash(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = "+15555555555"; @@ -2926,7 +2767,7 @@ void tokenGenerateForPhoneHash(String apiVersion, Vertx vertx, VertxTestContext } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenRefreshForPhone(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = "+15555555555"; @@ -2973,7 +2814,7 @@ void tokenGenerateThenRefreshForPhone(String apiVersion, Vertx vertx, VertxTestC } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenValidateWithPhone_Match(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = ValidateIdentityForPhone; @@ -3003,7 +2844,7 @@ void tokenGenerateThenValidateWithPhone_Match(String apiVersion, Vertx vertx, Ve } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenValidateSaltsExpired(String apiVersion, Vertx vertx, VertxTestContext testContext) { when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().minus(1, ChronoUnit.HOURS)); final int clientSiteId = 201; @@ -3036,7 +2877,7 @@ void tokenGenerateThenValidateSaltsExpired(String apiVersion, Vertx vertx, Vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenValidateWithPhoneHash_Match(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phoneHash = EncodingUtils.toBase64String(ValidateIdentityForPhoneHash); @@ -3066,7 +2907,7 @@ void tokenGenerateThenValidateWithPhoneHash_Match(String apiVersion, Vertx vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void tokenGenerateThenValidateWithBothPhoneAndPhoneHash(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; final String phone = ValidateIdentityForPhone; @@ -3097,142 +2938,9 @@ void tokenGenerateThenValidateWithBothPhoneAndPhoneHash(String apiVersion, Vertx }); } - @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) - void tokenRefreshOptOutForPhone(String apiVersion, Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String phone = "+15555555555"; - generateRefreshToken(apiVersion, vertx, "phone", phone, clientSiteId, genRespJson -> { - JsonObject bodyJson = genRespJson.getJsonObject("body"); - String refreshToken = bodyJson.getString("refresh_token"); - - when(this.optOutStore.getLatestEntry(any())).thenReturn(Instant.now()); - - get(vertx, "v1/token/refresh?refresh_token=" + urlEncode(refreshToken), testContext.succeeding(response -> testContext.verify(() -> { - assertEquals(200, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertEquals("optout", json.getString("status")); - assertTokenStatusMetrics(clientSiteId, TokenResponseStatsCollector.Endpoint.RefreshV1, TokenResponseStatsCollector.ResponseStatus.OptOut, TokenResponseStatsCollector.PlatformType.Other); - - testContext.completeNow(); - }))); - }); - } - - @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) - void tokenRefreshOptOutBeforeLoginForPhone(String apiVersion, Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String phone = "+15555555555"; - generateRefreshToken(apiVersion, vertx, "phone", phone, clientSiteId, genRespJson -> { - JsonObject bodyJson = genRespJson.getJsonObject("body"); - String refreshToken = bodyJson.getString("refresh_token"); - - when(this.optOutStore.getLatestEntry(any())).thenReturn(now.minusSeconds(10)); - - get(vertx, "v1/token/refresh?refresh_token=" + urlEncode(refreshToken), ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(200, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertEquals("optout", json.getString("status")); - assertNull(json.getJsonObject("body")); - - testContext.completeNow(); - }); - }); - } - - @Test - void identityMapBothPhoneAndHashSpecified(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String phone = "+15555555555"; - final String phoneHash = TokenUtils.getIdentityHashString(phone); - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map?phone=" + urlEncode(phone) + "&phone_hash=" + urlEncode(phoneHash), ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(400, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertFalse(json.containsKey("body")); - assertEquals("client_error", json.getString("status")); - - testContext.completeNow(); - }); - } - - @Test - void identityMapForPhone(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String phone = "+15555555555"; - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map?phone=" + urlEncode(phone), ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(200, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertEquals("success", json.getString("status")); - JsonObject body = json.getJsonObject("body"); - assertNotNull(body); - - assertEquals(phone, body.getString("identifier")); - assertFalse(body.getString("advertising_id").isEmpty()); - assertFalse(body.getString("bucket_id").isEmpty()); - - testContext.completeNow(); - }); - } - - @Test - void identityMapForPhoneHash(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String phone = "+15555555555"; - final String phonneHash = TokenUtils.getIdentityHashString(phone); - fakeAuth(clientSiteId, Role.MAPPER); - setupSalts(); - setupKeys(); - get(vertx, "v1/identity/map?phone_hash=" + urlEncode(phonneHash), ar -> { - assertTrue(ar.succeeded()); - HttpResponse response = ar.result(); - assertEquals(200, response.statusCode()); - JsonObject json = response.bodyAsJsonObject(); - assertEquals("success", json.getString("status")); - JsonObject body = json.getJsonObject("body"); - assertNotNull(body); - - assertEquals(phonneHash, body.getString("identifier")); - assertFalse(body.getString("advertising_id").isEmpty()); - assertFalse(body.getString("bucket_id").isEmpty()); - - testContext.completeNow(); - }); - } - - @Test - void sendInformationToStatsCollector(Vertx vertx, VertxTestContext testContext) { - final int clientSiteId = 201; - final String emailAddress = "test@uid2.com"; - fakeAuth(clientSiteId, Role.GENERATOR); - setupSalts(); - setupKeys(); - - vertx.eventBus().consumer(Const.Config.StatsCollectorEventBus, message -> { - String expected = "{\"path\":\"/v1/token/generate\",\"referer\":null,\"apiContact\":null,\"siteId\":201}"; - assertSame(message.body().toString(), expected); - }); - - get(vertx, "v1/token/generate?email=" + emailAddress, ar -> { - verify(statsCollectorQueue, times(1)).enqueue(any(), any()); - testContext.completeNow(); - }); - } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchBothPhoneAndHashEmpty(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3252,7 +2960,7 @@ void identityMapBatchBothPhoneAndHashEmpty(String apiVersion, Vertx vertx, Vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchBothPhoneAndHashSpecified(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3276,7 +2984,7 @@ void identityMapBatchBothPhoneAndHashSpecified(String apiVersion, Vertx vertx, V } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchPhones(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3297,7 +3005,7 @@ void identityMapBatchPhones(String apiVersion, Vertx vertx, VertxTestContext tes } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchPhoneHashes(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3323,7 +3031,7 @@ void identityMapBatchPhoneHashes(String apiVersion, Vertx vertx, VertxTestContex } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchPhonesOnePhoneInvalid(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3345,7 +3053,7 @@ void identityMapBatchPhonesOnePhoneInvalid(String apiVersion, Vertx vertx, Vertx } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchPhonesNoPhones(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3363,7 +3071,7 @@ void identityMapBatchPhonesNoPhones(String apiVersion, Vertx vertx, VertxTestCon } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapBatchRequestTooLargeForPhone(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3413,7 +3121,7 @@ void tokenGenerateRespectOptOutOption(String policyParameterKey, Vertx vertx, Ve } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityMapDefaultOption(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER); @@ -3446,8 +3154,6 @@ void identityMapDefaultOption(String apiVersion, Vertx vertx, VertxTestContext t private static Stream versionAndPolicy() { return Stream.of( - Arguments.arguments("v1", "policy"), - Arguments.arguments("v1", "optout_check"), Arguments.arguments("v2", "policy"), Arguments.arguments("v2", "optout_check") ); @@ -3485,7 +3191,7 @@ void identityMapRespectOptOutOption(String apiVersion, String policyParameterKey } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void requestWithoutClientKeyOrReferer(String apiVersion, Vertx vertx, VertxTestContext testContext) { final String emailAddress = "test@uid2.com"; setupSalts(); @@ -5687,7 +5393,7 @@ private void assertLastUpdatedHasMillis(JsonArray buckets) { } @ParameterizedTest - @ValueSource(strings = {"v1", "v2"}) + @ValueSource(strings = {"v2"}) void identityBucketsAlwaysReturnMilliseconds(String apiVersion, Vertx vertx, VertxTestContext testContext) { final int clientSiteId = 201; fakeAuth(clientSiteId, Role.MAPPER);