Skip to content

Commit

Permalink
Catching up to main
Browse files Browse the repository at this point in the history
  • Loading branch information
@cody-constine-ttd
cody-constine-ttd committed Dec 2, 2024
2 parents aad4592 + 3954046 commit bc2d667
Show file tree
Hide file tree
Showing 13 changed files with 16 additions and 97 deletions.
3 changes: 0 additions & 3 deletions .trivyignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,3 @@

# https://thetradedesk.atlassian.net/browse/UID2-4460
CVE-2024-47535

# https://thetradedesk.atlassian.net/browse/UID2-4461
CVE-2024-7254
1 change: 0 additions & 1 deletion conf/local-config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@
"refresh_identity_token_after_seconds": 900,
"advertising_token_v3": false,
"advertising_token_v4_percentage": 0,
"site_ids_using_v4_tokens": "",
"refresh_token_v3": false,
"identity_v3": false,
"identity_scope": "uid2",
Expand Down
6 changes: 3 additions & 3 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,11 @@

<groupId>com.uid2</groupId>
<artifactId>uid2-operator</artifactId>
<version>6.0.0</version>
<version>5.42.7-alpha-139-SNAPSHOT</version>

<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<vertx.version>4.5.3</vertx.version>
<vertx.version>4.5.11</vertx.version>
<vertx-maven-plugin.version>1.0.22</vertx-maven-plugin.version>
<junit-jupiter.version>5.11.2</junit-jupiter.version>
<junit-vintage.version>5.11.2</junit-vintage.version>
Expand All @@ -22,7 +22,7 @@
<enclave-aws.version>2.1.0</enclave-aws.version>
<enclave-azure.version>2.1.0</enclave-azure.version>
<enclave-gcp.version>2.1.0</enclave-gcp.version>
<uid2-shared.version>8.0.0</uid2-shared.version>
<uid2-shared.version>8.0.6</uid2-shared.version>
<image.version>${project.version}</image.version>
<maven.compiler.source>21</maven.compiler.source>
<maven.compiler.target>21</maven.compiler.target>
Expand Down
1 change: 0 additions & 1 deletion scripts/aws/conf/default-config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,5 @@
"sharing_token_expiry_seconds": 2592000,
"validate_service_links": false,
"advertising_token_v4_percentage": 100,
"site_ids_using_v4_tokens": "",
"operator_type": "private"
}
1 change: 0 additions & 1 deletion scripts/azure-cc/conf/default-config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,5 @@
"sharing_token_expiry_seconds": 2592000,
"validate_service_links": false,
"advertising_token_v4_percentage": 100,
"site_ids_using_v4_tokens": "",
"operator_type": "private"
}
1 change: 0 additions & 1 deletion scripts/gcp-oidc/conf/default-config.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,5 @@
"sharing_token_expiry_seconds": 2592000,
"validate_service_links": false,
"advertising_token_v4_percentage": 100,
"site_ids_using_v4_tokens": "",
"operator_type": "private"
}
2 changes: 1 addition & 1 deletion src/main/java/com/uid2/operator/Main.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -422,7 +422,7 @@ private static Vertx createVertx() {
}

private static void setupMetrics(MicrometerMetricsOptions metricOptions) {
BackendRegistries.setupBackend(metricOptions);
BackendRegistries.setupBackend(metricOptions, null);

MeterRegistry backendRegistry = BackendRegistries.getDefaultNow();
if (backendRegistry instanceof PrometheusMeterRegistry) {
Expand Down
17 changes: 0 additions & 17 deletions src/main/java/com/uid2/operator/service/TokenUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,21 +62,4 @@ public static byte encodeIdentityScope(IdentityScope identityScope) {
public static byte encodeIdentityType(IdentityType identityType) {
return (byte) (identityType.value << 2);
}

public static Set<Integer> getSiteIdsUsingV4Tokens(String siteIdsUsingV4TokensInString) {
String[] siteIdsV4TokensList = siteIdsUsingV4TokensInString.split(",");

Set<Integer> siteIdsV4TokensSet = new HashSet<>();
try {
for (String siteId : siteIdsV4TokensList) {
String siteIdTrimmed = siteId.trim();
if (!siteIdTrimmed.isEmpty()) {
siteIdsV4TokensSet.add(Integer.parseInt(siteIdTrimmed));
}
}
} catch (NumberFormatException ex) {
throw new IllegalArgumentException(String.format("Invalid integer format found in site_ids_using_v4_tokens: %s", siteIdsUsingV4TokensInString));
}
return siteIdsV4TokensSet;
}
}
21 changes: 7 additions & 14 deletions src/main/java/com/uid2/operator/service/UIDOperatorService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@
import java.util.*;

import static com.uid2.operator.IdentityConst.*;
import static com.uid2.operator.service.TokenUtils.getSiteIdsUsingV4Tokens;

public class UIDOperatorService implements IUIDOperatorService {
public static final String IDENTITY_TOKEN_EXPIRES_AFTER_SECONDS = "identity_token_expires_after_seconds";
Expand All @@ -49,7 +48,6 @@ public class UIDOperatorService implements IUIDOperatorService {
private final OperatorIdentity operatorIdentity;
protected final TokenVersion tokenVersionToUseIfNotV4;
protected final int advertisingTokenV4Percentage;
protected final Set<Integer> siteIdsUsingV4Tokens;
private final TokenVersion refreshTokenVersion;
private final boolean identityV3Enabled;

Expand Down Expand Up @@ -94,7 +92,6 @@ public UIDOperatorService(JsonObject config, IOptOutStore optOutStore, ISaltProv
}

this.advertisingTokenV4Percentage = config.getInteger("advertising_token_v4_percentage", 0); //0 indicates token v4 will not be used
this.siteIdsUsingV4Tokens = getSiteIdsUsingV4Tokens(config.getString("site_ids_using_v4_tokens", ""));
this.tokenVersionToUseIfNotV4 = config.getBoolean("advertising_token_v3", false) ? TokenVersion.V3 : TokenVersion.V2;

this.refreshTokenVersion = TokenVersion.V3;
Expand Down Expand Up @@ -271,18 +268,14 @@ private RefreshToken createRefreshToken(PublisherIdentity publisherIdentity, Use

private AdvertisingToken createAdvertisingToken(PublisherIdentity publisherIdentity, UserIdentity userIdentity, Instant now) {
TokenVersion tokenVersion;
if (siteIdsUsingV4Tokens.contains(publisherIdentity.siteId)) {
tokenVersion = TokenVersion.V4;
} else {
int pseudoRandomNumber = 1;
final var rawUid = userIdentity.id;
if (rawUid.length > 2)
{
int hash = ((rawUid[0] & 0xFF) << 12) | ((rawUid[1] & 0xFF) << 4) | ((rawUid[2] & 0xFF) & 0xF); //using same logic as ModBasedSaltEntryIndexer.getIndex() in uid2-shared
pseudoRandomNumber = (hash % 100) + 1; //1 to 100
}
tokenVersion = (pseudoRandomNumber <= this.advertisingTokenV4Percentage) ? TokenVersion.V4 : this.tokenVersionToUseIfNotV4;
int pseudoRandomNumber = 1;
final var rawUid = userIdentity.id;
if (rawUid.length > 2)
{
int hash = ((rawUid[0] & 0xFF) << 12) | ((rawUid[1] & 0xFF) << 4) | ((rawUid[2] & 0xFF) & 0xF); //using same logic as ModBasedSaltEntryIndexer.getIndex() in uid2-shared
pseudoRandomNumber = (hash % 100) + 1; //1 to 100
}
tokenVersion = (pseudoRandomNumber <= this.advertisingTokenV4Percentage) ? TokenVersion.V4 : this.tokenVersionToUseIfNotV4;
return new AdvertisingToken(tokenVersion, now, now.plusMillis(identityExpiresAfter.toMillis()), this.operatorIdentity, publisherIdentity, userIdentity);
}

Expand Down
1 change: 1 addition & 0 deletions src/main/java/com/uid2/operator/vertx/UIDOperatorVerticle.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -357,6 +357,7 @@ private void handleClientSideTokenGenerateImpl(RoutingContext rc) throws NoSuchA
null, TokenResponseStatsCollector.Endpoint.ClientSideTokenGenerateV2, TokenResponseStatsCollector.ResponseStatus.BadSubscriptionId, siteProvider, platformType);
return;
}
rc.put(com.uid2.shared.Const.RoutingContextData.SiteId, clientSideKeypair.getSiteId());

if(clientSideKeypair.isDisabled()) {
SendClientErrorResponseAndRecordStats(ResponseStatus.Unauthorized, 401, rc, "Unauthorized",
Expand Down
12 changes: 4 additions & 8 deletions src/test/java/com/uid2/operator/UIDOperatorServiceTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,11 +58,8 @@ public ExtendedUIDOperatorService(JsonObject config, IOptOutStore optOutStore, I
super(config, optOutStore, saltProvider, encoder, clock, identityScope, saltRetrievalResponseHandler);
}

public TokenVersion getAdvertisingTokenVersionForTests(int siteId) {
public TokenVersion getAdvertisingTokenVersionForTests() {
assert this.advertisingTokenV4Percentage == 0 || this.advertisingTokenV4Percentage == 100; //we want tests to be deterministic
if (this.siteIdsUsingV4Tokens.contains(siteId)) {
return TokenVersion.V4;
}
return this.advertisingTokenV4Percentage == 100 ? TokenVersion.V4 : this.tokenVersionToUseIfNotV4;
}
}
Expand Down Expand Up @@ -96,8 +93,7 @@ void setup() throws Exception {
uid2Config.put(UIDOperatorService.IDENTITY_TOKEN_EXPIRES_AFTER_SECONDS, IDENTITY_TOKEN_EXPIRES_AFTER_SECONDS);
uid2Config.put(UIDOperatorService.REFRESH_TOKEN_EXPIRES_AFTER_SECONDS, REFRESH_TOKEN_EXPIRES_AFTER_SECONDS);
uid2Config.put(UIDOperatorService.REFRESH_IDENTITY_TOKEN_AFTER_SECONDS, REFRESH_IDENTITY_TOKEN_AFTER_SECONDS);
uid2Config.put("advertising_token_v4_percentage", 0);
uid2Config.put("site_ids_using_v4_tokens", "127,128");
uid2Config.put("advertising_token_v4_percentage", 100);
uid2Config.put("advertising_token_v3", false); // prod is using v2 token version for now
uid2Config.put("identity_v3", false);

Expand Down Expand Up @@ -152,7 +148,7 @@ private UserIdentity createUserIdentity(String rawIdentityHash, IdentityScope sc
}

private AdvertisingToken validateAndGetToken(EncryptedTokenEncoder tokenEncoder, String advertisingTokenString, IdentityScope scope, IdentityType type, int siteId) {
TokenVersion tokenVersion = (scope == IdentityScope.UID2) ? uid2Service.getAdvertisingTokenVersionForTests(siteId) : euidService.getAdvertisingTokenVersionForTests(siteId);
TokenVersion tokenVersion = (scope == IdentityScope.UID2) ? uid2Service.getAdvertisingTokenVersionForTests() : euidService.getAdvertisingTokenVersionForTests();
UIDOperatorVerticleTest.validateAdvertisingToken(advertisingTokenString, tokenVersion, scope, type);
return tokenEncoder.decodeAdvertisingToken(advertisingTokenString);
}
Expand All @@ -164,7 +160,7 @@ private void assertIdentityScopeIdentityTypeAndEstablishedAt(UserIdentity expcte
}

@ParameterizedTest
@CsvSource({"123, V2","127, V4","128, V4"}) //site id 127 and 128 is for testing "site_ids_using_v4_tokens"
@CsvSource({"123, V4","127, V4","128, V4"})
public void testGenerateAndRefresh(int siteId, TokenVersion tokenVersion) {
final IdentityRequest identityRequest = new IdentityRequest(
new PublisherIdentity(siteId, 124, 125),
Expand Down
1 change: 0 additions & 1 deletion src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,6 @@ private void setupConfig(JsonObject config) {
config.put("identity_scope", getIdentityScope().toString());
config.put("advertising_token_v3", getTokenVersion() == TokenVersion.V3);
config.put("advertising_token_v4_percentage", getTokenVersion() == TokenVersion.V4 ? 100 : 0);
config.put("site_ids_using_v4_tokens", "");
config.put("identity_v3", useIdentityV3());
config.put("client_side_token_generate", true);
config.put("key_sharing_endpoint_provide_app_names", true);
Expand Down
46 changes: 0 additions & 46 deletions src/test/java/com/uid2/operator/service/TokenUtilsTest.java
View file

This file was deleted.

0 comments on commit bc2d667

Please sign in to comment.