mirrors/signal-desktop
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

Use /v1/accounts/whoami instead of looking up our username and link

Browse source
This commit is contained in:
Jonathan Klabunde Tomer 2024-09-24 15:09:05 -07:00 committed by GitHub
parent a184fd377f
commit a1a15193c6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 19 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
ts/services/usernameIntegrity.ts
View file

@ -2,20 +2,21 @@
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-License-Identifier: AGPL-3.0-only
import pTimeout from 'p-timeout'; import pTimeout from 'p-timeout';
import { usernames } from '@signalapp/libsignal-client';
import * as Errors from '../types/errors'; import * as Errors from '../types/errors';
import { strictAssert } from '../util/assert';
import { isDone as isRegistrationDone } from '../util/registration'; import { isDone as isRegistrationDone } from '../util/registration';
import { getConversation } from '../util/getConversation'; import { getConversation } from '../util/getConversation';
import { MINUTE, DAY } from '../util/durations'; import { MINUTE, DAY } from '../util/durations';
import { drop } from '../util/drop'; import { drop } from '../util/drop';
import { explodePromise } from '../util/explodePromise'; import { explodePromise } from '../util/explodePromise';
import { BackOff, FIBONACCI_TIMEOUTS } from '../util/BackOff'; import { BackOff, FIBONACCI_TIMEOUTS } from '../util/BackOff';
import { checkForUsername } from '../util/lookupConversationWithoutServiceId';
import { storageJobQueue } from '../util/JobQueue'; import { storageJobQueue } from '../util/JobQueue';
import { getProfile } from '../util/getProfile'; import { getProfile } from '../util/getProfile';
import { isSharingPhoneNumberWithEverybody } from '../util/phoneNumberSharingMode'; import { isSharingPhoneNumberWithEverybody } from '../util/phoneNumberSharingMode';
import { bytesToUuid } from '../util/uuidToBytes';
import * as log from '../logging/log'; import * as log from '../logging/log';
import { resolveUsernameByLink } from './username';
import { runStorageServiceSyncJob } from './storage'; import { runStorageServiceSyncJob } from './storage';
import { writeProfile } from './writeProfile'; import { writeProfile } from './writeProfile';
@ -81,22 +82,25 @@ class UsernameIntegrityService {
private async checkUsername(): Promise<void> { private async checkUsername(): Promise<void> {
const me = window.ConversationController.getOurConversationOrThrow(); const me = window.ConversationController.getOurConversationOrThrow();
const username = me.get('username'); const username = me.get('username');
const aci = me.getAci();
let failed = false;
if (!username) { if (!username) {
log.info('usernameIntegrity: no username'); log.info('usernameIntegrity: no username');
return; return;
} }
if (!aci) {
log.info('usernameIntegrity: no aci'); const { server } = window.textsecure;
if (!server) {
log.info('usernameIntegrity: server interface is not available');
return; return;
} }
const result = await checkForUsername(username); strictAssert(window.textsecure.server, 'WebAPI must be available');
if (result?.aci !== aci) { const { usernameHash: remoteHash, usernameLinkHandle: remoteLink } =
log.error('usernameIntegrity: no remote username'); await server.whoami();
let failed = false;
if (remoteHash !== usernames.hash(username).toString('base64url')) {
log.error('usernameIntegrity: remote username mismatch');
await window.storage.put('usernameCorrupted', true); await window.storage.put('usernameCorrupted', true);
failed = true; failed = true;
@ -109,9 +113,8 @@ class UsernameIntegrityService {
return; return;
} }
const linkUsername = await resolveUsernameByLink(link); if (remoteLink !== bytesToUuid(link.serverId)) {
if (linkUsername !== username) { log.error('usernameIntegrity: username link mismatch');
log.error('usernameIntegrity: invalid username link');
await window.storage.put('usernameLinkCorrupted', true); await window.storage.put('usernameLinkCorrupted', true);
failed = true; failed = true;
} }

3
ts/textsecure/WebAPI.ts
View file

@ -885,7 +885,8 @@ const whoamiResultZod = z.object({
uuid: z.string(), uuid: z.string(),
pni: z.string(), pni: z.string(),
number: z.string(), number: z.string(),
username: z.string().or(z.null()).optional(), usernameHash: z.string().or(z.null()).optional(),
usernameLinkHandle: z.string().or(z.null()).optional(),
}); });
export type WhoamiResultType = z.infer<typeof whoamiResultZod>; export type WhoamiResultType = z.infer<typeof whoamiResultZod>;