Commit 4f26ad13 authored by Deniro StopCovid's avatar Deniro StopCovid

chore: Change the default value of the property...

chore: Change the default value of the property 'robert.server.status-request-minimum-epoch-gap' to '2'
parent 56b40a29
...@@ -9,6 +9,7 @@ import java.util.stream.Collectors; ...@@ -9,6 +9,7 @@ import java.util.stream.Collectors;
import javax.inject.Inject; import javax.inject.Inject;
import org.bson.internal.Base64; import org.bson.internal.Base64;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils; import org.springframework.util.CollectionUtils;
...@@ -98,7 +99,10 @@ public class StatusControllerImpl implements IStatusController { ...@@ -98,7 +99,10 @@ public class StatusControllerImpl implements IStatusController {
if (responseEntity.isPresent()) { if (responseEntity.isPresent()) {
Optional.ofNullable(statusVo.getPushInfo()).ifPresent(this.restApiService::registerPushNotif); Optional.ofNullable(statusVo.getPushInfo())
.filter(push -> Objects.nonNull(responseEntity.get().getStatusCode()))
.filter(push -> responseEntity.get().getStatusCode().equals(HttpStatus.OK))
.ifPresent(this.restApiService::registerPushNotif);
return responseEntity.get(); return responseEntity.get();
} else { } else {
......
...@@ -56,9 +56,9 @@ management.endpoints.web.exposure.include=${ROBERT_SERVER_MONITORING_ENDPOINTS:h ...@@ -56,9 +56,9 @@ management.endpoints.web.exposure.include=${ROBERT_SERVER_MONITORING_ENDPOINTS:h
robert.server.country-code=${ROBERT_SERVER_COUNTRY_CODE:0x33} robert.server.country-code=${ROBERT_SERVER_COUNTRY_CODE:0x33}
robert.server.request-time-delta-tolerance=${ROBERT_SERVER_REQUEST_TIME_DELTA_TOLERANCE:60} robert.server.request-time-delta-tolerance=${ROBERT_SERVER_REQUEST_TIME_DELTA_TOLERANCE:60}
robert.server.status-request-minimum-epoch-gap=${ROBERT_SERVER_ESR_MINI_EPOCH_GAP:48} robert.server.status-request-minimum-epoch-gap=${ROBERT_SERVER_ESR_MINI_EPOCH_GAP:2}
robert.server.captcha-challenge-timestamp-tolerance=${ROBERT_SERVER_CAPTCHA_CHALLENGE_TIMESTAMP_TOLERANCE:15} robert.server.captcha-challenge-timestamp-tolerance=${ROBERT_SERVER_CAPTCHA_CHALLENGE_TIMESTAMP_TOLERANCE:15}
robert.server.time-start=${ROBERT_SERVER_TIMESTART:20200601} robert.server.time-start=${ROBERT_SERVER_TIMESTART:20200601}
push.server.host=${PUSH_SERVER_HOST:localhost} push.server.host=${PUSH_SERVER_HOST:localhost}
push.server.port=${PUSH_SERVER_PORT:8080} push.server.port=${PUSH_SERVER_PORT:9096}
...@@ -212,7 +212,7 @@ public class StatusControllerWsRestTest { ...@@ -212,7 +212,7 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("EncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("EncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
statusBody = StatusVo.builder() statusBody = StatusVo.builder()
.ebid(Base64.encode(reqContent[0])) .ebid(Base64.encode(reqContent[0]))
...@@ -249,7 +249,7 @@ public class StatusControllerWsRestTest { ...@@ -249,7 +249,7 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(modifiedIdA)) .setIdA(ByteString.copyFrom(modifiedIdA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
when(this.registrationService.findById(modifiedIdA)).thenReturn(Optional.empty()); when(this.registrationService.findById(modifiedIdA)).thenReturn(Optional.empty());
statusBody = StatusVo.builder() statusBody = StatusVo.builder()
...@@ -303,6 +303,44 @@ public class StatusControllerWsRestTest { ...@@ -303,6 +303,44 @@ public class StatusControllerWsRestTest {
verify(this.registrationService, times(0)).saveRegistration(reg); verify(this.registrationService, times(0)).saveRegistration(reg);
} }
@Test
public void testBadTimeFutureFailsEvenWithPuhsInfoShouldNotCallPushRegister() {
byte[] idA = this.generateKey(5);
byte[] kA = this.generateKA();
Registration reg = Registration.builder()
.permanentIdentifier(idA)
.atRisk(true)
.isNotified(false)
.lastStatusRequestEpoch(currentEpoch - 3).build();
doReturn(Optional.of(reg)).when(this.registrationService).findById(ArgumentMatchers.any());
byte[][] reqContent = createEBIDTimeMACFor(idA, kA, currentEpoch, 0 - (this.propertyLoader.getRequestTimeDeltaTolerance() + 1));
statusBody = StatusVo.builder()
.ebid(Base64.encode(reqContent[0]))
.epochId(currentEpoch)
.time(Base64.encode(reqContent[1]))
.mac(Base64.encode(reqContent[2]))
.pushInfo(PushInfoVo.builder()
.token("token")
.locale("en-US")
.timezone("Europe/Paris")
.build())
.build();
this.requestEntity = new HttpEntity<>(this.statusBody, this.headers);
ResponseEntity<StatusResponseDto> response = this.restTemplate.exchange(this.targetUrl.toString(),
HttpMethod.POST, this.requestEntity, StatusResponseDto.class);
assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode());
verify(this.registrationService, times(0)).findById(ArgumentMatchers.any());
verify(this.registrationService, times(0)).saveRegistration(reg);
verify(this.restApiService, never()).registerPushNotif(any(PushInfoVo.class));
}
@Test @Test
public void testBadTimePastFails() { public void testBadTimePastFails() {
byte[] idA = this.generateKey(5); byte[] idA = this.generateKey(5);
...@@ -334,6 +372,49 @@ public class StatusControllerWsRestTest { ...@@ -334,6 +372,49 @@ public class StatusControllerWsRestTest {
verify(this.registrationService, times(0)).saveRegistration(reg); verify(this.registrationService, times(0)).saveRegistration(reg);
} }
@Test
public void testBadTimePastFailsEvenWithPushInfoShouldNotCallPushRegister() {
// Given
byte[] idA = this.generateKey(5);
byte[] kA = this.generateKA();
Registration reg = Registration.builder()
.permanentIdentifier(idA)
.atRisk(true)
.isNotified(false)
.lastStatusRequestEpoch(currentEpoch - 3).build();
doReturn(Optional.of(reg)).when(this.registrationService).findById(ArgumentMatchers.any());
byte[][] reqContent = createEBIDTimeMACFor(idA, kA, currentEpoch, 0 - (this.propertyLoader.getRequestTimeDeltaTolerance() + 1));
PushInfoVo pushInfo = PushInfoVo.builder()
.token("token")
.locale("en-US")
.timezone("Europe/Paris")
.build();
statusBody = StatusVo.builder()
.ebid(Base64.encode(reqContent[0]))
.epochId(currentEpoch)
.time(Base64.encode(reqContent[1]))
.mac(Base64.encode(reqContent[2]))
.pushInfo(pushInfo)
.build();
this.requestEntity = new HttpEntity<>(this.statusBody, this.headers);
// When
ResponseEntity<StatusResponseDto> response = this.restTemplate.exchange(this.targetUrl.toString(),
HttpMethod.POST, this.requestEntity, StatusResponseDto.class);
// Then
assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode());
verify(this.registrationService, times(0)).findById(ArgumentMatchers.any());
verify(this.registrationService, times(0)).saveRegistration(reg);
verify(this.restApiService, never()).registerPushNotif(pushInfo);
}
@Test @Test
public void testBadTimeSizeFails() { public void testBadTimeSizeFails() {
byte[] idA = this.generateKey(5); byte[] idA = this.generateKey(5);
...@@ -414,7 +495,7 @@ public class StatusControllerWsRestTest { ...@@ -414,7 +495,7 @@ public class StatusControllerWsRestTest {
byte[][] reqContent = createEBIDTimeMACFor(idA, kA, currentEpoch); byte[][] reqContent = createEBIDTimeMACFor(idA, kA, currentEpoch);
doReturn(Optional.empty()) doReturn(Optional.empty())
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
// Mess up with MAC // Mess up with MAC
reqContent[2][3] = 0x00; reqContent[2][3] = 0x00;
...@@ -543,7 +624,7 @@ public class StatusControllerWsRestTest { ...@@ -543,7 +624,7 @@ public class StatusControllerWsRestTest {
/** {@link #statusRequestAtRiskSucceeds(URI)} and shortcut to test for API V2 exposure */ /** {@link #statusRequestAtRiskSucceeds(URI)} and shortcut to test for API V2 exposure */
@Test @Test
public void testStatusRequestAtRiskSucceedsV3() { public void testStatusRequestAtRiskSucceedsV3() {
statusRequestAtRiskSucceeds(this.targetUrl); statusRequestAtRiskSucceeds(this.targetUrl);
} }
protected void statusRequestAtRiskSucceeds(URI targetUrl) { protected void statusRequestAtRiskSucceeds(URI targetUrl) {
...@@ -573,11 +654,11 @@ public class StatusControllerWsRestTest { ...@@ -573,11 +654,11 @@ public class StatusControllerWsRestTest {
doReturn(Optional.of(reg)).when(this.registrationService).findById(idA); doReturn(Optional.of(reg)).when(this.registrationService).findById(idA);
doReturn(Optional.of(GetIdFromStatusResponse.newBuilder() doReturn(Optional.of(GetIdFromStatusResponse.newBuilder()
.setEpochId(currentEpoch) .setEpochId(currentEpoch)
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
this.requestEntity = new HttpEntity<>(this.statusBody, this.headers); this.requestEntity = new HttpEntity<>(this.statusBody, this.headers);
...@@ -629,7 +710,7 @@ public class StatusControllerWsRestTest { ...@@ -629,7 +710,7 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
this.requestEntity = new HttpEntity<>(this.statusBody, this.headers); this.requestEntity = new HttpEntity<>(this.statusBody, this.headers);
...@@ -693,7 +774,7 @@ public class StatusControllerWsRestTest { ...@@ -693,7 +774,7 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
doReturn(Optional.of(reg)).when(this.registrationService).saveRegistration(reg); doReturn(Optional.of(reg)).when(this.registrationService).saveRegistration(reg);
...@@ -765,7 +846,7 @@ public class StatusControllerWsRestTest { ...@@ -765,7 +846,7 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
statusBody = StatusVo.builder() statusBody = StatusVo.builder()
.ebid(Base64.encode(reqContent[0])) .ebid(Base64.encode(reqContent[0]))
...@@ -830,7 +911,74 @@ public class StatusControllerWsRestTest { ...@@ -830,7 +911,74 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
this.requestEntity = new HttpEntity<>(this.statusBody, this.headers);
// When
ResponseEntity<StatusResponseDto> response = this.restTemplate.exchange(this.targetUrl.toString(),
HttpMethod.POST, this.requestEntity, StatusResponseDto.class);
// Then
assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode());
assertEquals(currentEpoch, reg.getLastStatusRequestEpoch());
assertEquals(currentEpoch, reg.getLastFailedStatusRequestEpoch());
assertEquals(errorMessage, reg.getLastFailedStatusRequestMessage());
verify(this.registrationService, times(2)).findById(idA);
verify(this.registrationService, times(2)).saveRegistration(reg);
verify(this.restApiService, never()).registerPushNotif(any(PushInfoVo.class));
}
@Test
public void testStatusRequestESRThrottleFailsEvenWithPushInfo() {
// Given
String message = "Discarding ESR request because epochs are too close:";
String errorMessage = String.format("%s"
+ " last ESR request epoch %d vs current epoch %d => %d < %d (tolerance)",
message,
currentEpoch,
currentEpoch,
0,
this.propertyLoader.getStatusRequestMinimumEpochGap());
byte[] idA = this.generateKey(5);
byte[] kA = this.generateKA();
Registration reg = Registration.builder()
.permanentIdentifier(idA)
.atRisk(false)
.isNotified(false)
.lastStatusRequestEpoch(currentEpoch).build();
byte[][] reqContent = createEBIDTimeMACFor(idA, kA, currentEpoch);
PushInfoVo pushInfo = PushInfoVo.builder()
.token("token")
.locale("en-US")
.timezone("Europe/Paris")
.build();
statusBody = StatusVo.builder()
.ebid(Base64.encode(reqContent[0]))
.epochId(currentEpoch)
.time(Base64.encode(reqContent[1]))
.mac(Base64.encode(reqContent[2]))
.pushInfo(pushInfo)
.build();
byte[] decryptedEbid = new byte[8];
System.arraycopy(idA, 0, decryptedEbid, 3, 5);
System.arraycopy(ByteUtils.intToBytes(currentEpoch), 1, decryptedEbid, 0, 3);
doReturn(Optional.of(reg)).when(this.registrationService).findById(idA);
doReturn(Optional.of(GetIdFromStatusResponse.newBuilder()
.setEpochId(currentEpoch)
.setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build()))
.when(this.cryptoServerClient).getIdFromStatus(any());
this.requestEntity = new HttpEntity<>(this.statusBody, this.headers); this.requestEntity = new HttpEntity<>(this.statusBody, this.headers);
...@@ -877,11 +1025,11 @@ public class StatusControllerWsRestTest { ...@@ -877,11 +1025,11 @@ public class StatusControllerWsRestTest {
doReturn(Optional.of(reg)).when(this.registrationService).findById(idA); doReturn(Optional.of(reg)).when(this.registrationService).findById(idA);
doReturn(Optional.of(GetIdFromStatusResponse.newBuilder() doReturn(Optional.of(GetIdFromStatusResponse.newBuilder()
.setEpochId(currentEpoch) .setEpochId(currentEpoch)
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
when(this.propertyLoader.getEsrLimit()).thenReturn(0); when(this.propertyLoader.getEsrLimit()).thenReturn(0);
...@@ -938,11 +1086,11 @@ public class StatusControllerWsRestTest { ...@@ -938,11 +1086,11 @@ public class StatusControllerWsRestTest {
doReturn(Optional.of(reg)).when(this.registrationService).findById(idA); doReturn(Optional.of(reg)).when(this.registrationService).findById(idA);
doReturn(Optional.of(GetIdFromStatusResponse.newBuilder() doReturn(Optional.of(GetIdFromStatusResponse.newBuilder()
.setEpochId(currentEpoch) .setEpochId(currentEpoch)
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
when(this.propertyLoader.getEsrLimit()).thenReturn(0); when(this.propertyLoader.getEsrLimit()).thenReturn(0);
...@@ -1013,7 +1161,7 @@ public class StatusControllerWsRestTest { ...@@ -1013,7 +1161,7 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
statusBody = StatusVo.builder() statusBody = StatusVo.builder()
.ebid(Base64.encode(reqContent[0])) .ebid(Base64.encode(reqContent[0]))
...@@ -1073,7 +1221,7 @@ public class StatusControllerWsRestTest { ...@@ -1073,7 +1221,7 @@ public class StatusControllerWsRestTest {
.setIdA(ByteString.copyFrom(idA)) .setIdA(ByteString.copyFrom(idA))
.setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes())) .setTuples(ByteString.copyFrom("Base64encodedEncryptedJSONStringWithTuples".getBytes()))
.build())) .build()))
.when(this.cryptoServerClient).getIdFromStatus(any()); .when(this.cryptoServerClient).getIdFromStatus(any());
this.requestEntity = new HttpEntity<>(this.statusBody, this.headers); this.requestEntity = new HttpEntity<>(this.statusBody, this.headers);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment