Signal-iOS/SignalServiceKit/Profiles/ProfileFetcherJob.swift

543 lines
22 KiB
Swift

//
// Copyright 2017 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
//
import Foundation
import LibSignalClient
import SignalCoreKit
public enum ProfileRequestError: Error {
case notAuthorized
case notFound
case rateLimit
}
// MARK: -
public class ProfileFetcherJob {
private let serviceId: ServiceId
private let authedAccount: AuthedAccount
private let db: any DB
private let deleteForMeSyncMessageSettingsStore: any DeleteForMeSyncMessageSettingsStore
private let identityManager: any OWSIdentityManager
private let paymentsHelper: any PaymentsHelper
private let profileManager: any ProfileManager
private let recipientDatabaseTable: any RecipientDatabaseTable
private let recipientManager: any SignalRecipientManager
private let recipientMerger: any RecipientMerger
private let syncManager: any SyncManagerProtocol
private let tsAccountManager: any TSAccountManager
private let udManager: any OWSUDManager
private let versionedProfiles: any VersionedProfilesSwift
init(
serviceId: ServiceId,
authedAccount: AuthedAccount,
db: any DB,
deleteForMeSyncMessageSettingsStore: any DeleteForMeSyncMessageSettingsStore,
identityManager: any OWSIdentityManager,
paymentsHelper: any PaymentsHelper,
profileManager: any ProfileManager,
recipientDatabaseTable: any RecipientDatabaseTable,
recipientManager: any SignalRecipientManager,
recipientMerger: any RecipientMerger,
syncManager: any SyncManagerProtocol,
tsAccountManager: any TSAccountManager,
udManager: any OWSUDManager,
versionedProfiles: any VersionedProfilesSwift
) {
self.serviceId = serviceId
self.authedAccount = authedAccount
self.db = db
self.deleteForMeSyncMessageSettingsStore = deleteForMeSyncMessageSettingsStore
self.identityManager = identityManager
self.paymentsHelper = paymentsHelper
self.profileManager = profileManager
self.recipientDatabaseTable = recipientDatabaseTable
self.recipientManager = recipientManager
self.recipientMerger = recipientMerger
self.syncManager = syncManager
self.tsAccountManager = tsAccountManager
self.udManager = udManager
self.versionedProfiles = versionedProfiles
}
// MARK: -
public func run() async throws -> FetchedProfile {
let backgroundTask = addBackgroundTask()
defer {
backgroundTask.end()
}
let localIdentifiers = try tsAccountManager.localIdentifiersWithMaybeSneakyTransaction(authedAccount: authedAccount)
do {
let fetchedProfile = try await requestProfile(localIdentifiers: localIdentifiers)
try await updateProfile(fetchedProfile: fetchedProfile, localIdentifiers: localIdentifiers)
return fetchedProfile
} catch ProfileRequestError.notFound {
await db.awaitableWrite { [serviceId] tx in
let recipient = self.recipientDatabaseTable.fetchRecipient(serviceId: serviceId, transaction: tx)
guard let recipient else {
return
}
self.recipientManager.markAsUnregisteredAndSave(
recipient,
unregisteredAt: .now,
shouldUpdateStorageService: true,
tx: tx
)
self.recipientMerger.splitUnregisteredRecipientIfNeeded(
localIdentifiers: localIdentifiers,
unregisteredRecipient: recipient,
tx: tx
)
}
throw ProfileRequestError.notFound
}
}
private func requestProfile(localIdentifiers: LocalIdentifiers) async throws -> FetchedProfile {
return try await requestProfileWithRetries(localIdentifiers: localIdentifiers)
}
private func requestProfileWithRetries(localIdentifiers: LocalIdentifiers, retryCount: Int = 0) async throws -> FetchedProfile {
do {
return try await requestProfileAttempt(localIdentifiers: localIdentifiers)
} catch where error.httpStatusCode == 401 {
throw ProfileRequestError.notAuthorized
} catch where error.httpStatusCode == 404 {
throw ProfileRequestError.notFound
} catch where error.httpStatusCode == 413 || error.httpStatusCode == 429 {
throw ProfileRequestError.rateLimit
} catch where error.isRetryable && retryCount < 3 {
return try await requestProfileWithRetries(localIdentifiers: localIdentifiers, retryCount: retryCount + 1)
}
}
private func requestProfileAttempt(localIdentifiers: LocalIdentifiers) async throws -> FetchedProfile {
let serviceId = self.serviceId
let udAccess: OWSUDAccess?
if localIdentifiers.contains(serviceId: serviceId) {
// Don't use UD for "self" profile fetches.
udAccess = nil
} else {
udAccess = db.read { tx in udManager.udAccess(for: serviceId, tx: SDSDB.shimOnlyBridge(tx)) }
}
var currentVersionedProfileRequest: VersionedProfileRequest?
let requestMaker = RequestMaker(
label: "Profile Fetch",
requestFactoryBlock: { (udAccessKeyForRequest) -> TSRequest? in
// Clear out any existing request.
currentVersionedProfileRequest = nil
switch serviceId {
case let aci as Aci:
do {
let request = try self.versionedProfiles.versionedProfileRequest(
for: aci,
udAccessKey: udAccessKeyForRequest,
auth: self.authedAccount.chatServiceAuth
)
currentVersionedProfileRequest = request
return request.request
} catch {
owsFailDebug("Error: \(error)")
return nil
}
default:
Logger.info("Unversioned profile fetch.")
return OWSRequestFactory.getUnversionedProfileRequest(
serviceId: ServiceIdObjC.wrapValue(serviceId),
udAccessKey: udAccessKeyForRequest,
auth: self.authedAccount.chatServiceAuth
)
}
},
serviceId: serviceId,
udAccess: udAccess,
authedAccount: self.authedAccount,
options: [.allowIdentifiedFallback, .isProfileFetch]
)
let result = try await requestMaker.makeRequest().awaitable()
let profile: SignalServiceProfile = try .fromResponse(
serviceId: serviceId,
responseObject: result.responseJson
)
// If we sent a versioned request, store the credential that was returned.
if let versionedProfileRequest = currentVersionedProfileRequest {
// This calls databaseStorage.write { }
await versionedProfiles.didFetchProfile(profile: profile, profileRequest: versionedProfileRequest)
}
return fetchedProfile(
for: profile,
profileKeyFromVersionedRequest: currentVersionedProfileRequest?.profileKey
)
}
private func fetchedProfile(
for profile: SignalServiceProfile,
profileKeyFromVersionedRequest: OWSAES256Key?
) -> FetchedProfile {
let profileKey: OWSAES256Key?
if let profileKeyFromVersionedRequest {
// We sent a versioned request, so use the corresponding profile key for
// decryption. If we don't, we might try to decrypt an old profile with a
// new key, and that won't work.
profileKey = profileKeyFromVersionedRequest
} else {
// We sent an unversioned request, so just use any profile key that's
// available. If we explicitly sent an unversioned request, we may have a
// key available locally. If we wanted a versioned request but ended up
// with an unversioned request, we may have received a key while the
// profile fetch was in flight.
profileKey = db.read { profileManager.profileKey(for: SignalServiceAddress(profile.serviceId), transaction: SDSDB.shimOnlyBridge($0)) }
}
return FetchedProfile(profile: profile, profileKey: profileKey)
}
private func updateProfile(
fetchedProfile: FetchedProfile,
localIdentifiers: LocalIdentifiers
) async throws {
await updateProfile(
fetchedProfile: fetchedProfile,
avatarDownloadResult: try await downloadAvatarIfNeeded(
fetchedProfile,
localIdentifiers: localIdentifiers
),
localIdentifiers: localIdentifiers
)
}
private struct AvatarDownloadResult {
var remoteRelativePath: OptionalChange<String?>
var localFileUrl: OptionalChange<URL?>
}
private func downloadAvatarIfNeeded(
_ fetchedProfile: FetchedProfile,
localIdentifiers: LocalIdentifiers
) async throws -> AvatarDownloadResult {
if localIdentifiers.contains(serviceId: fetchedProfile.profile.serviceId) {
// Profile fetches NEVER touch the local user's avatar.
return AvatarDownloadResult(remoteRelativePath: .noChange, localFileUrl: .noChange)
}
guard let profileKey = fetchedProfile.profileKey, fetchedProfile.decryptedProfile != nil else {
// If we don't have a profile key for this user, or if the rest of their
// encrypted profile wasn't valid, don't change their avatar because we
// aren't changing their name.
return AvatarDownloadResult(remoteRelativePath: .noChange, localFileUrl: .noChange)
}
guard let newAvatarUrlPath = fetchedProfile.profile.avatarUrlPath else {
// If profile has no avatar, we don't need to download the avatar.
return AvatarDownloadResult(remoteRelativePath: .setTo(nil), localFileUrl: .setTo(nil))
}
let profileAddress = SignalServiceAddress(fetchedProfile.profile.serviceId)
let didAlreadyDownloadAvatar = db.read { tx -> Bool in
let oldAvatarUrlPath = profileManager.profileAvatarURLPath(
for: profileAddress,
transaction: SDSDB.shimOnlyBridge(tx)
)
return (
oldAvatarUrlPath == newAvatarUrlPath
&& profileManager.hasProfileAvatarData(profileAddress, transaction: SDSDB.shimOnlyBridge(tx))
)
}
if didAlreadyDownloadAvatar {
return AvatarDownloadResult(remoteRelativePath: .noChange, localFileUrl: .noChange)
}
let temporaryAvatarUrl: URL?
do {
temporaryAvatarUrl = try await profileManager.downloadAndDecryptAvatar(
avatarUrlPath: newAvatarUrlPath,
profileKey: profileKey
)
} catch {
Logger.warn("Error: \(error)")
if error.isNetworkFailureOrTimeout, localIdentifiers.contains(serviceId: fetchedProfile.profile.serviceId) {
// Fetches and local profile updates can conflict. To avoid these conflicts
// we treat "partial" profile fetches (where we download the profile but
// not the associated avatar) as failures.
throw SSKUnretryableError.partialLocalProfileFetch
}
// Reaching this point with anything other than a network failure or
// timeout should be very rare. It might reflect:
//
// * A race around rotating profile keys which would cause a decryption
// error.
//
// * An incomplete profile update (profile updated but avatar not uploaded
// afterward). This might be due to a race with an update that is in
// flight. We should eventually recover since profile updates are
// durable.
temporaryAvatarUrl = nil
}
return AvatarDownloadResult(
remoteRelativePath: .setTo(newAvatarUrlPath),
localFileUrl: .setTo(temporaryAvatarUrl)
)
}
private func updateProfile(
fetchedProfile: FetchedProfile,
avatarDownloadResult: AvatarDownloadResult,
localIdentifiers: LocalIdentifiers
) async {
let profile = fetchedProfile.profile
let serviceId = profile.serviceId
await db.awaitableWrite { transaction in
self.updateUnidentifiedAccess(
serviceId: serviceId,
verifier: profile.unidentifiedAccessVerifier,
hasUnrestrictedAccess: profile.hasUnrestrictedUnidentifiedAccess,
tx: transaction
)
// First, we add ensure we have a copy of any new badge in our badge store
let badgeModels = fetchedProfile.profile.badges.map { $0.1 }
let persistedBadgeIds: [String] = badgeModels.compactMap {
do {
try self.profileManager.badgeStore.createOrUpdateBadge($0, transaction: SDSDB.shimOnlyBridge(transaction))
return $0.id
} catch {
owsFailDebug("Failed to save badgeId: \($0.id). \(error)")
return nil
}
}
// Then, we update the profile. `profileBadges` will contain the badgeId of
// badges in the badge store
let profileBadgeMetadata = fetchedProfile.profile.badges
.map { $0.0 }
.filter { persistedBadgeIds.contains($0.badgeId) }
let avatarFilename: OptionalChange<String?>
do {
avatarFilename = try OWSUserProfile.consumeTemporaryAvatarFileUrl(
avatarDownloadResult.localFileUrl,
tx: SDSDB.shimOnlyBridge(transaction)
)
} catch {
Logger.warn("Couldn't move downloaded avatar: \(error)")
avatarFilename = .noChange
}
self.profileManager.updateProfile(
address: OWSUserProfile.insertableAddress(for: serviceId, localIdentifiers: localIdentifiers),
decryptedProfile: fetchedProfile.decryptedProfile,
avatarUrlPath: avatarDownloadResult.remoteRelativePath,
avatarFileName: avatarFilename,
profileBadges: profileBadgeMetadata,
lastFetchDate: Date(),
userProfileWriter: .profileFetch,
tx: SDSDB.shimOnlyBridge(transaction)
)
if localIdentifiers.contains(serviceId: serviceId) {
self.updateLocalCapabilitiesIfNeeded(
fetchedCapabilities: fetchedProfile.profile.capabilities,
tx: transaction
)
self.reconcileLocalProfileIfNeeded(fetchedProfile: fetchedProfile)
}
let identityManager = DependenciesBridge.shared.identityManager
identityManager.saveIdentityKey(profile.identityKey, for: serviceId, tx: transaction)
let paymentAddress = fetchedProfile.decryptedProfile?.paymentAddress(identityKey: fetchedProfile.identityKey)
self.paymentsHelper.setArePaymentsEnabled(
for: ServiceIdObjC.wrapValue(serviceId),
hasPaymentsEnabled: paymentAddress != nil,
transaction: SDSDB.shimOnlyBridge(transaction)
)
}
}
private func updateUnidentifiedAccess(
serviceId: ServiceId,
verifier: Data?,
hasUnrestrictedAccess: Bool,
tx: DBWriteTransaction
) {
let unidentifiedAccessMode: UnidentifiedAccessMode = {
guard let verifier else {
// If there is no verifier, at least one of this user's devices
// do not support UD.
return .disabled
}
if hasUnrestrictedAccess {
return .unrestricted
}
guard let udAccessKey = udManager.udAccessKey(for: serviceId, tx: SDSDB.shimOnlyBridge(tx)) else {
return .disabled
}
let dataToVerify = Data(count: 32)
guard let expectedVerifier = Cryptography.computeSHA256HMAC(dataToVerify, key: udAccessKey.keyData) else {
owsFailDebug("could not compute verification")
return .disabled
}
guard expectedVerifier.ows_constantTimeIsEqual(to: verifier) else {
return .disabled
}
return .enabled
}()
udManager.setUnidentifiedAccessMode(unidentifiedAccessMode, for: serviceId, tx: SDSDB.shimOnlyBridge(tx))
}
private func updateLocalCapabilitiesIfNeeded(
fetchedCapabilities: SignalServiceProfile.Capabilities,
tx: DBWriteTransaction
) {
if
fetchedCapabilities.deleteSync,
!deleteForMeSyncMessageSettingsStore.isSendingEnabled(tx: tx)
{
deleteForMeSyncMessageSettingsStore.enableSending(tx: tx)
/// Now that the capability is enabled, we want to enable sending
/// not just on this device but on all our devices. To that end, we
/// can send a "fetch our latest profile" sync message to our other
/// devices, which will make them fetch the profile and learn that
/// they should also enable `DeleteForMe` sending.
///
/// This would happen automatically the next time those devices
/// fetch the local profile, but we'd prefer it happen ASAP!
syncManager.sendFetchLatestProfileSyncMessage(tx: SDSDB.shimOnlyBridge(tx))
}
}
private func reconcileLocalProfileIfNeeded(fetchedProfile: FetchedProfile) {
guard CurrentAppContext().isMainApp else {
return
}
guard tsAccountManager.registrationStateWithMaybeSneakyTransaction.isRegisteredPrimaryDevice else {
return
}
DependenciesBridge.shared.localProfileChecker.didFetchLocalProfile(LocalProfileChecker.RemoteProfile(
avatarUrlPath: fetchedProfile.profile.avatarUrlPath,
decryptedProfile: fetchedProfile.decryptedProfile
))
}
private func addBackgroundTask() -> OWSBackgroundTask {
return OWSBackgroundTask(label: "\(#function)", completionBlock: { [weak self] status in
AssertIsOnMainThread()
guard status == .expired else {
return
}
guard self != nil else {
return
}
Logger.error("background task time ran out before profile fetch completed.")
})
}
}
// MARK: -
public struct DecryptedProfile {
public let nameComponents: Result<(givenName: String, familyName: String?)?, Error>
public let bio: Result<String?, Error>
public let bioEmoji: Result<String?, Error>
public let paymentAddressData: Result<Data?, Error>
public let phoneNumberSharing: Result<Bool?, Error>
}
// MARK: -
public struct FetchedProfile {
let profile: SignalServiceProfile
let profileKey: OWSAES256Key?
public let decryptedProfile: DecryptedProfile?
public let identityKey: IdentityKey
init(profile: SignalServiceProfile, profileKey: OWSAES256Key?) {
self.profile = profile
self.profileKey = profileKey
self.decryptedProfile = Self.decrypt(profile: profile, profileKey: profileKey)
self.identityKey = profile.identityKey
}
private static func decrypt(profile: SignalServiceProfile, profileKey: OWSAES256Key?) -> DecryptedProfile? {
guard let profileKey else {
return nil
}
let hasAnyField: Bool = (
profile.profileNameEncrypted != nil
|| profile.bioEncrypted != nil
|| profile.bioEmojiEncrypted != nil
|| profile.paymentAddressEncrypted != nil
|| profile.phoneNumberSharingEncrypted != nil
)
guard hasAnyField else {
return nil
}
let nameComponents = Result { try profile.profileNameEncrypted.map {
try OWSUserProfile.decrypt(profileNameData: $0, profileKey: profileKey)
}}
let bio = Result { try profile.bioEncrypted.flatMap {
try OWSUserProfile.decrypt(profileStringData: $0, profileKey: profileKey)
}}
let bioEmoji = Result { try profile.bioEmojiEncrypted.flatMap {
try OWSUserProfile.decrypt(profileStringData: $0, profileKey: profileKey)
}}
let paymentAddressData = Result { try profile.paymentAddressEncrypted.map {
try OWSUserProfile.decrypt(profileData: $0, profileKey: profileKey)
}}
let phoneNumberSharing = Result { try profile.phoneNumberSharingEncrypted.map {
try OWSUserProfile.decrypt(profileBooleanData: $0, profileKey: profileKey)
}}
return DecryptedProfile(
nameComponents: nameComponents,
bio: bio,
bioEmoji: bioEmoji,
paymentAddressData: paymentAddressData,
phoneNumberSharing: phoneNumberSharing
)
}
}
// MARK: -
public extension DecryptedProfile {
func paymentAddress(identityKey: IdentityKey) -> TSPaymentAddress? {
do {
guard var paymentAddressData = try paymentAddressData.get() else {
return nil
}
guard let (dataLength, dataLengthCount) = UInt32.from(littleEndianData: paymentAddressData) else {
owsFailDebug("couldn't find paymentAddressData's length")
return nil
}
paymentAddressData = paymentAddressData.dropFirst(dataLengthCount)
paymentAddressData = paymentAddressData.prefix(Int(dataLength))
guard paymentAddressData.count == dataLength else {
owsFailDebug("paymentAddressData is too short")
return nil
}
let proto = try SSKProtoPaymentAddress(serializedData: paymentAddressData)
return try TSPaymentAddress.fromProto(proto, identityKey: identityKey)
} catch {
owsFailDebug("Error: \(error)")
return nil
}
}
}