nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/util/NumberVerificationUtils.java

   1 package org.asamk.signal.manager.util;
   2
   3 import org.asamk.signal.manager.api.CaptchaRequiredException;
   4 import org.asamk.signal.manager.api.IncorrectPinException;
   5 import org.asamk.signal.manager.api.NonNormalizedPhoneNumberException;
   6 import org.asamk.signal.manager.api.Pair;
   7 import org.asamk.signal.manager.api.PinLockedException;
   8 import org.asamk.signal.manager.api.RateLimitException;
   9 import org.asamk.signal.manager.api.VerificationMethoNotAvailableException;
  10 import org.asamk.signal.manager.helper.PinHelper;
  11 import org.slf4j.Logger;
  12 import org.slf4j.LoggerFactory;
  13 import org.whispersystems.signalservice.api.SignalServiceAccountManager;
  14 import org.whispersystems.signalservice.api.kbs.MasterKey;
  15 import org.whispersystems.signalservice.api.push.exceptions.NoSuchSessionException;
  16 import org.whispersystems.signalservice.api.push.exceptions.NonSuccessfulResponseCodeException;
  17 import org.whispersystems.signalservice.api.push.exceptions.PushChallengeRequiredException;
  18 import org.whispersystems.signalservice.api.push.exceptions.TokenNotAcceptedException;
  19 import org.whispersystems.signalservice.internal.ServiceResponse;
  20 import org.whispersystems.signalservice.internal.push.LockedException;
  21 import org.whispersystems.signalservice.internal.push.RegistrationSessionMetadataResponse;
  22 import org.whispersystems.signalservice.internal.push.VerifyAccountResponse;
  23
  24 import java.io.IOException;
  25 import java.util.Locale;
  26 import java.util.function.Consumer;
  27
  28 public class NumberVerificationUtils {
  29
  30     private static final Logger logger = LoggerFactory.getLogger(NumberVerificationUtils.class);
  31
  32     public static String handleVerificationSession(
  33             SignalServiceAccountManager accountManager,
  34             String sessionId,
  35             Consumer<String> sessionIdSaver,
  36             boolean voiceVerification,
  37             String captcha
  38     ) throws CaptchaRequiredException, IOException, RateLimitException, VerificationMethoNotAvailableException {
  39         RegistrationSessionMetadataResponse sessionResponse;
  40         try {
  41             sessionResponse = getValidSession(accountManager, sessionId);
  42         } catch (PushChallengeRequiredException |
  43                  org.whispersystems.signalservice.api.push.exceptions.CaptchaRequiredException e) {
  44             if (captcha != null) {
  45                 sessionResponse = submitCaptcha(accountManager, sessionId, captcha);
  46             } else {
  47                 throw new CaptchaRequiredException("Captcha Required");
  48             }
  49         }
  50
  51         sessionId = sessionResponse.getBody().getId();
  52         sessionIdSaver.accept(sessionId);
  53
  54         if (sessionResponse.getBody().getVerified()) {
  55             return sessionId;
  56         }
  57
  58         if (sessionResponse.getBody().getAllowedToRequestCode()) {
  59             return sessionId;
  60         }
  61
  62         final var nextAttempt = voiceVerification
  63                 ? sessionResponse.getBody().getNextCall()
  64                 : sessionResponse.getBody().getNextSms();
  65         if (nextAttempt == null) {
  66             throw new VerificationMethoNotAvailableException();
  67         } else if (nextAttempt > 0) {
  68             final var timestamp = sessionResponse.getHeaders().getTimestamp() + nextAttempt * 1000;
  69             throw new RateLimitException(timestamp);
  70         }
  71
  72         final var nextVerificationAttempt = sessionResponse.getBody().getNextVerificationAttempt();
  73         if (nextVerificationAttempt != null && nextVerificationAttempt > 0) {
  74             final var timestamp = sessionResponse.getHeaders().getTimestamp() + nextVerificationAttempt * 1000;
  75             throw new CaptchaRequiredException(timestamp);
  76         }
  77
  78         if (sessionResponse.getBody().getRequestedInformation().contains("captcha")) {
  79             if (captcha != null) {
  80                 sessionResponse = submitCaptcha(accountManager, sessionId, captcha);
  81             }
  82             if (!sessionResponse.getBody().getAllowedToRequestCode()) {
  83                 throw new CaptchaRequiredException("Captcha Required");
  84             }
  85         }
  86
  87         return sessionId;
  88     }
  89
  90     public static void requestVerificationCode(
  91             SignalServiceAccountManager accountManager, String sessionId, boolean voiceVerification
  92     ) throws IOException, CaptchaRequiredException, NonNormalizedPhoneNumberException {
  93         final ServiceResponse<RegistrationSessionMetadataResponse> response;
  94         final var locale = Utils.getDefaultLocale(Locale.US);
  95         if (voiceVerification) {
  96             response = accountManager.requestVoiceVerificationCode(sessionId, locale, false);
  97         } else {
  98             response = accountManager.requestSmsVerificationCode(sessionId, locale, false);
  99         }
 100         try {
 101             Utils.handleResponseException(response);
 102         } catch (org.whispersystems.signalservice.api.push.exceptions.CaptchaRequiredException e) {
 103             throw new CaptchaRequiredException(e.getMessage(), e);
 104         } catch (org.whispersystems.signalservice.api.push.exceptions.NonNormalizedPhoneNumberException e) {
 105             throw new NonNormalizedPhoneNumberException("Phone number is not normalized ("
 106                     + e.getMessage()
 107                     + "). Expected normalized: "
 108                     + e.getNormalizedNumber(), e);
 109         }
 110     }
 111
 112     public static Pair<VerifyAccountResponse, MasterKey> verifyNumber(
 113             String sessionId, String verificationCode, String pin, PinHelper pinHelper, Verifier verifier
 114     ) throws IOException, PinLockedException, IncorrectPinException {
 115         verificationCode = verificationCode.replace("-", "");
 116         try {
 117             final var response = verifier.verify(sessionId, verificationCode, null);
 118
 119             return new Pair<>(response, null);
 120         } catch (LockedException e) {
 121             if (pin == null) {
 122                 throw new PinLockedException(e.getTimeRemaining());
 123             }
 124
 125             final var registrationLockData = pinHelper.getRegistrationLockData(pin, e);
 126             if (registrationLockData == null) {
 127                 throw e;
 128             }
 129
 130             var registrationLock = registrationLockData.getMasterKey().deriveRegistrationLock();
 131             VerifyAccountResponse response;
 132             try {
 133                 response = verifier.verify(sessionId, verificationCode, registrationLock);
 134             } catch (LockedException _e) {
 135                 throw new AssertionError("KBS Pin appeared to matched but reg lock still failed!");
 136             }
 137
 138             return new Pair<>(response, registrationLockData.getMasterKey());
 139         }
 140     }
 141
 142     private static RegistrationSessionMetadataResponse validateSession(
 143             final SignalServiceAccountManager accountManager, final String sessionId
 144     ) throws IOException {
 145         if (sessionId == null || sessionId.isEmpty()) {
 146             throw new NoSuchSessionException();
 147         }
 148         return Utils.handleResponseException(accountManager.getRegistrationSession(sessionId));
 149     }
 150
 151     private static RegistrationSessionMetadataResponse requestValidSession(
 152             final SignalServiceAccountManager accountManager
 153     ) throws IOException {
 154         return Utils.handleResponseException(accountManager.createRegistrationSession(null, "", ""));
 155     }
 156
 157     private static RegistrationSessionMetadataResponse getValidSession(
 158             final SignalServiceAccountManager accountManager, final String sessionId
 159     ) throws IOException {
 160         try {
 161             return validateSession(accountManager, sessionId);
 162         } catch (NoSuchSessionException e) {
 163             logger.debug("No registration session, creating new one.");
 164             return requestValidSession(accountManager);
 165         }
 166     }
 167
 168     private static RegistrationSessionMetadataResponse submitCaptcha(
 169             SignalServiceAccountManager accountManager, String sessionId, String captcha
 170     ) throws IOException, CaptchaRequiredException {
 171         captcha = captcha == null ? null : captcha.replace("signalcaptcha://", "");
 172         try {
 173             return Utils.handleResponseException(accountManager.submitCaptchaToken(sessionId, captcha));
 174         } catch (PushChallengeRequiredException |
 175                  org.whispersystems.signalservice.api.push.exceptions.CaptchaRequiredException |
 176                  TokenNotAcceptedException _e) {
 177             throw new CaptchaRequiredException("Captcha not accepted");
 178         } catch (NonSuccessfulResponseCodeException e) {
 179             if (e.getCode() == 400) {
 180                 throw new CaptchaRequiredException("Captcha has invalid format");
 181             }
 182             throw e;
 183         }
 184     }
 185
 186     public interface Verifier {
 187
 188         VerifyAccountResponse verify(
 189                 String sessionId, String verificationCode, String registrationLock
 190         ) throws IOException;
 191     }
 192 }