nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/helper/ProfileHelper.java

   1 package org.asamk.signal.manager.helper;
   2
   3 import org.asamk.signal.manager.AvatarStore;
   4 import org.asamk.signal.manager.SignalDependencies;
   5 import org.asamk.signal.manager.config.ServiceConfig;
   6 import org.asamk.signal.manager.storage.SignalAccount;
   7 import org.asamk.signal.manager.storage.recipients.Profile;
   8 import org.asamk.signal.manager.storage.recipients.RecipientId;
   9 import org.asamk.signal.manager.util.IOUtils;
  10 import org.asamk.signal.manager.util.ProfileUtils;
  11 import org.asamk.signal.manager.util.Utils;
  12 import org.signal.zkgroup.profiles.ProfileKey;
  13 import org.signal.zkgroup.profiles.ProfileKeyCredential;
  14 import org.slf4j.Logger;
  15 import org.slf4j.LoggerFactory;
  16 import org.whispersystems.libsignal.IdentityKey;
  17 import org.whispersystems.libsignal.InvalidKeyException;
  18 import org.whispersystems.libsignal.util.guava.Optional;
  19 import org.whispersystems.signalservice.api.crypto.UnidentifiedAccess;
  20 import org.whispersystems.signalservice.api.profiles.ProfileAndCredential;
  21 import org.whispersystems.signalservice.api.profiles.SignalServiceProfile;
  22 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
  23 import org.whispersystems.signalservice.api.push.exceptions.NotFoundException;
  24 import org.whispersystems.signalservice.api.push.exceptions.PushNetworkException;
  25 import org.whispersystems.signalservice.api.services.ProfileService;
  26
  27 import java.io.File;
  28 import java.io.IOException;
  29 import java.io.OutputStream;
  30 import java.nio.file.Files;
  31 import java.util.Base64;
  32 import java.util.Date;
  33 import java.util.HashSet;
  34 import java.util.List;
  35 import java.util.Objects;
  36 import java.util.Set;
  37
  38 import io.reactivex.rxjava3.core.Single;
  39
  40 public final class ProfileHelper {
  41
  42     private final static Logger logger = LoggerFactory.getLogger(ProfileHelper.class);
  43
  44     private final SignalAccount account;
  45     private final SignalDependencies dependencies;
  46     private final AvatarStore avatarStore;
  47     private final UnidentifiedAccessProvider unidentifiedAccessProvider;
  48     private final SignalServiceAddressResolver addressResolver;
  49
  50     public ProfileHelper(
  51             final SignalAccount account,
  52             final SignalDependencies dependencies,
  53             final AvatarStore avatarStore,
  54             final UnidentifiedAccessProvider unidentifiedAccessProvider,
  55             final SignalServiceAddressResolver addressResolver
  56     ) {
  57         this.account = account;
  58         this.dependencies = dependencies;
  59         this.avatarStore = avatarStore;
  60         this.unidentifiedAccessProvider = unidentifiedAccessProvider;
  61         this.addressResolver = addressResolver;
  62     }
  63
  64     public Profile getRecipientProfile(RecipientId recipientId) {
  65         return getRecipientProfile(recipientId, false);
  66     }
  67
  68     public void refreshRecipientProfile(RecipientId recipientId) {
  69         getRecipientProfile(recipientId, true);
  70     }
  71
  72     public ProfileKeyCredential getRecipientProfileKeyCredential(RecipientId recipientId) {
  73         var profileKeyCredential = account.getProfileStore().getProfileKeyCredential(recipientId);
  74         if (profileKeyCredential != null) {
  75             return profileKeyCredential;
  76         }
  77
  78         ProfileAndCredential profileAndCredential;
  79         try {
  80             profileAndCredential = retrieveProfileAndCredential(recipientId,
  81                     SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL);
  82         } catch (IOException e) {
  83             logger.warn("Failed to retrieve profile key credential, ignoring: {}", e.getMessage());
  84             return null;
  85         }
  86
  87         profileKeyCredential = profileAndCredential.getProfileKeyCredential().orNull();
  88         account.getProfileStore().storeProfileKeyCredential(recipientId, profileKeyCredential);
  89
  90         var profileKey = account.getProfileStore().getProfileKey(recipientId);
  91         if (profileKey != null) {
  92             final var profile = decryptProfileAndDownloadAvatar(recipientId,
  93                     profileKey,
  94                     profileAndCredential.getProfile());
  95             account.getProfileStore().storeProfile(recipientId, profile);
  96         }
  97
  98         return profileKeyCredential;
  99     }
 100
 101     /**
 102      * @param givenName  if null, the previous givenName will be kept
 103      * @param familyName if null, the previous familyName will be kept
 104      * @param about      if null, the previous about text will be kept
 105      * @param aboutEmoji if null, the previous about emoji will be kept
 106      * @param avatar     if avatar is null the image from the local avatar store is used (if present),
 107      */
 108     public void setProfile(
 109             String givenName, final String familyName, String about, String aboutEmoji, Optional<File> avatar
 110     ) throws IOException {
 111         setProfile(true, givenName, familyName, about, aboutEmoji, avatar);
 112     }
 113
 114     public void setProfile(
 115             boolean uploadProfile,
 116             String givenName,
 117             final String familyName,
 118             String about,
 119             String aboutEmoji,
 120             Optional<File> avatar
 121     ) throws IOException {
 122         var profile = getRecipientProfile(account.getSelfRecipientId());
 123         var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
 124         if (givenName != null) {
 125             builder.withGivenName(givenName);
 126         }
 127         if (familyName != null) {
 128             builder.withFamilyName(familyName);
 129         }
 130         if (about != null) {
 131             builder.withAbout(about);
 132         }
 133         if (aboutEmoji != null) {
 134             builder.withAboutEmoji(aboutEmoji);
 135         }
 136         var newProfile = builder.build();
 137
 138         if (uploadProfile) {
 139             try (final var streamDetails = avatar == null
 140                     ? avatarStore.retrieveProfileAvatar(account.getSelfAddress())
 141                     : avatar.isPresent() ? Utils.createStreamDetailsFromFile(avatar.get()) : null) {
 142                 final var avatarPath = dependencies.getAccountManager()
 143                         .setVersionedProfile(account.getAci(),
 144                                 account.getProfileKey(),
 145                                 newProfile.getInternalServiceName(),
 146                                 newProfile.getAbout() == null ? "" : newProfile.getAbout(),
 147                                 newProfile.getAboutEmoji() == null ? "" : newProfile.getAboutEmoji(),
 148                                 Optional.absent(),
 149                                 streamDetails,
 150                                 List.of(/* TODO */));
 151                 builder.withAvatarUrlPath(avatarPath.orNull());
 152                 newProfile = builder.build();
 153             }
 154         }
 155
 156         if (avatar != null) {
 157             if (avatar.isPresent()) {
 158                 avatarStore.storeProfileAvatar(account.getSelfAddress(),
 159                         outputStream -> IOUtils.copyFileToStream(avatar.get(), outputStream));
 160             } else {
 161                 avatarStore.deleteProfileAvatar(account.getSelfAddress());
 162             }
 163         }
 164         account.getProfileStore().storeProfile(account.getSelfRecipientId(), newProfile);
 165     }
 166
 167     private final Set<RecipientId> pendingProfileRequest = new HashSet<>();
 168
 169     private Profile getRecipientProfile(RecipientId recipientId, boolean force) {
 170         var profile = account.getProfileStore().getProfile(recipientId);
 171
 172         var now = System.currentTimeMillis();
 173         // Profiles are cached for 24h before retrieving them again, unless forced
 174         if (!force && profile != null && now - profile.getLastUpdateTimestamp() < 6 * 60 * 60 * 1000) {
 175             return profile;
 176         }
 177
 178         synchronized (pendingProfileRequest) {
 179             if (pendingProfileRequest.contains(recipientId)) {
 180                 return profile;
 181             }
 182             pendingProfileRequest.add(recipientId);
 183         }
 184         final SignalServiceProfile encryptedProfile;
 185         try {
 186             encryptedProfile = retrieveEncryptedProfile(recipientId);
 187         } finally {
 188             synchronized (pendingProfileRequest) {
 189                 pendingProfileRequest.remove(recipientId);
 190             }
 191         }
 192
 193         if (encryptedProfile == null) {
 194             profile = Profile.newBuilder().withLastUpdateTimestamp(now).build();
 195         } else {
 196             profile = decryptProfileIfKeyKnown(recipientId, encryptedProfile);
 197         }
 198
 199         account.getProfileStore().storeProfile(recipientId, profile);
 200
 201         return profile;
 202     }
 203
 204     private Profile decryptProfileIfKeyKnown(
 205             final RecipientId recipientId, final SignalServiceProfile encryptedProfile
 206     ) {
 207         var profileKey = account.getProfileStore().getProfileKey(recipientId);
 208         if (profileKey == null) {
 209             return new Profile(System.currentTimeMillis(),
 210                     null,
 211                     null,
 212                     null,
 213                     null,
 214                     null,
 215                     ProfileUtils.getUnidentifiedAccessMode(encryptedProfile, null),
 216                     ProfileUtils.getCapabilities(encryptedProfile));
 217         }
 218
 219         return decryptProfileAndDownloadAvatar(recipientId, profileKey, encryptedProfile);
 220     }
 221
 222     private SignalServiceProfile retrieveEncryptedProfile(RecipientId recipientId) {
 223         try {
 224             return retrieveProfileAndCredential(recipientId, SignalServiceProfile.RequestType.PROFILE).getProfile();
 225         } catch (IOException e) {
 226             logger.warn("Failed to retrieve profile, ignoring: {}", e.getMessage());
 227             return null;
 228         }
 229     }
 230
 231     private SignalServiceProfile retrieveProfileSync(String username) throws IOException {
 232         final var locale = Utils.getDefaultLocale();
 233         return dependencies.getMessageReceiver().retrieveProfileByUsername(username, Optional.absent(), locale);
 234     }
 235
 236     private ProfileAndCredential retrieveProfileAndCredential(
 237             final RecipientId recipientId, final SignalServiceProfile.RequestType requestType
 238     ) throws IOException {
 239         final var profileAndCredential = retrieveProfileSync(recipientId, requestType);
 240         final var profile = profileAndCredential.getProfile();
 241
 242         try {
 243             var newIdentity = account.getIdentityKeyStore()
 244                     .saveIdentity(recipientId,
 245                             new IdentityKey(Base64.getDecoder().decode(profile.getIdentityKey())),
 246                             new Date());
 247
 248             if (newIdentity) {
 249                 account.getSessionStore().archiveSessions(recipientId);
 250                 account.getSenderKeyStore().deleteSharedWith(recipientId);
 251             }
 252         } catch (InvalidKeyException ignored) {
 253             logger.warn("Got invalid identity key in profile for {}",
 254                     addressResolver.resolveSignalServiceAddress(recipientId).getIdentifier());
 255         }
 256         return profileAndCredential;
 257     }
 258
 259     private Profile decryptProfileAndDownloadAvatar(
 260             final RecipientId recipientId, final ProfileKey profileKey, final SignalServiceProfile encryptedProfile
 261     ) {
 262         final var avatarPath = encryptedProfile.getAvatar();
 263         downloadProfileAvatar(recipientId, avatarPath, profileKey);
 264
 265         return ProfileUtils.decryptProfile(profileKey, encryptedProfile);
 266     }
 267
 268     public void downloadProfileAvatar(
 269             final RecipientId recipientId, final String avatarPath, final ProfileKey profileKey
 270     ) {
 271         var profile = account.getProfileStore().getProfile(recipientId);
 272         if (profile == null || !Objects.equals(avatarPath, profile.getAvatarUrlPath())) {
 273             downloadProfileAvatar(addressResolver.resolveSignalServiceAddress(recipientId), avatarPath, profileKey);
 274             var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
 275             account.getProfileStore().storeProfile(recipientId, builder.withAvatarUrlPath(avatarPath).build());
 276         }
 277     }
 278
 279     private ProfileAndCredential retrieveProfileSync(
 280             RecipientId recipientId, SignalServiceProfile.RequestType requestType
 281     ) throws IOException {
 282         try {
 283             return retrieveProfile(recipientId, requestType).blockingGet();
 284         } catch (RuntimeException e) {
 285             if (e.getCause() instanceof PushNetworkException) {
 286                 throw (PushNetworkException) e.getCause();
 287             } else if (e.getCause() instanceof NotFoundException) {
 288                 throw (NotFoundException) e.getCause();
 289             } else {
 290                 throw new IOException(e);
 291             }
 292         }
 293     }
 294
 295     private Single<ProfileAndCredential> retrieveProfile(
 296             RecipientId recipientId, SignalServiceProfile.RequestType requestType
 297     ) {
 298         var unidentifiedAccess = getUnidentifiedAccess(recipientId);
 299         var profileKey = Optional.fromNullable(account.getProfileStore().getProfileKey(recipientId));
 300
 301         final var address = addressResolver.resolveSignalServiceAddress(recipientId);
 302         return retrieveProfile(address, profileKey, unidentifiedAccess, requestType);
 303     }
 304
 305     private Single<ProfileAndCredential> retrieveProfile(
 306             SignalServiceAddress address,
 307             Optional<ProfileKey> profileKey,
 308             Optional<UnidentifiedAccess> unidentifiedAccess,
 309             SignalServiceProfile.RequestType requestType
 310     ) {
 311         final var profileService = dependencies.getProfileService();
 312         final var locale = Utils.getDefaultLocale();
 313
 314         return profileService.getProfile(address, profileKey, unidentifiedAccess, requestType, locale).map(pair -> {
 315             var processor = new ProfileService.ProfileResponseProcessor(pair);
 316             if (processor.hasResult()) {
 317                 return processor.getResult();
 318             } else if (processor.notFound()) {
 319                 throw new NotFoundException("Profile not found");
 320             } else {
 321                 throw pair.getExecutionError()
 322                         .or(pair.getApplicationError())
 323                         .or(new IOException("Unknown error while retrieving profile"));
 324             }
 325         });
 326     }
 327
 328     private void downloadProfileAvatar(
 329             SignalServiceAddress address, String avatarPath, ProfileKey profileKey
 330     ) {
 331         if (avatarPath == null) {
 332             try {
 333                 avatarStore.deleteProfileAvatar(address);
 334             } catch (IOException e) {
 335                 logger.warn("Failed to delete local profile avatar, ignoring: {}", e.getMessage());
 336             }
 337             return;
 338         }
 339
 340         try {
 341             avatarStore.storeProfileAvatar(address,
 342                     outputStream -> retrieveProfileAvatar(avatarPath, profileKey, outputStream));
 343         } catch (Throwable e) {
 344             if (e instanceof AssertionError && e.getCause() instanceof InterruptedException) {
 345                 Thread.currentThread().interrupt();
 346             }
 347             logger.warn("Failed to download profile avatar, ignoring: {}", e.getMessage());
 348         }
 349     }
 350
 351     private void retrieveProfileAvatar(
 352             String avatarPath, ProfileKey profileKey, OutputStream outputStream
 353     ) throws IOException {
 354         var tmpFile = IOUtils.createTempFile();
 355         try (var input = dependencies.getMessageReceiver()
 356                 .retrieveProfileAvatar(avatarPath,
 357                         tmpFile,
 358                         profileKey,
 359                         ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
 360             // Use larger buffer size to prevent AssertionError: Need: 12272 but only have: 8192 ...
 361             IOUtils.copyStream(input, outputStream, (int) ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE);
 362         } finally {
 363             try {
 364                 Files.delete(tmpFile.toPath());
 365             } catch (IOException e) {
 366                 logger.warn("Failed to delete received profile avatar temp file “{}”, ignoring: {}",
 367                         tmpFile,
 368                         e.getMessage());
 369             }
 370         }
 371     }
 372
 373     private Optional<UnidentifiedAccess> getUnidentifiedAccess(RecipientId recipientId) {
 374         var unidentifiedAccess = unidentifiedAccessProvider.getAccessFor(recipientId);
 375
 376         if (unidentifiedAccess.isPresent()) {
 377             return unidentifiedAccess.get().getTargetUnidentifiedAccess();
 378         }
 379
 380         return Optional.absent();
 381     }
 382 }