]> nmode's Git Repositories - signal-cli/blob - lib/src/main/java/org/asamk/signal/manager/helper/ProfileHelper.java
git.nmode.ca / signal-cli / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Reformat files
[signal-cli] / lib / src / main / java / org / asamk / signal / manager / helper / ProfileHelper.java
1 package org.asamk.signal.manager.helper;
2
3 import org.asamk.signal.manager.api.GroupNotFoundException;
4 import org.asamk.signal.manager.api.NotAGroupMemberException;
5 import org.asamk.signal.manager.api.PhoneNumberSharingMode;
6 import org.asamk.signal.manager.api.Profile;
7 import org.asamk.signal.manager.config.ServiceConfig;
8 import org.asamk.signal.manager.internal.SignalDependencies;
9 import org.asamk.signal.manager.jobs.SyncStorageJob;
10 import org.asamk.signal.manager.storage.SignalAccount;
11 import org.asamk.signal.manager.storage.groups.GroupInfoV2;
12 import org.asamk.signal.manager.storage.recipients.RecipientAddress;
13 import org.asamk.signal.manager.storage.recipients.RecipientId;
14 import org.asamk.signal.manager.util.IOUtils;
15 import org.asamk.signal.manager.util.KeyUtils;
16 import org.asamk.signal.manager.util.PaymentUtils;
17 import org.asamk.signal.manager.util.ProfileUtils;
18 import org.asamk.signal.manager.util.Utils;
19 import org.jetbrains.annotations.Nullable;
20 import org.signal.libsignal.protocol.IdentityKey;
21 import org.signal.libsignal.protocol.InvalidKeyException;
22 import org.signal.libsignal.zkgroup.profiles.ExpiringProfileKeyCredential;
23 import org.signal.libsignal.zkgroup.profiles.ProfileKey;
24 import org.slf4j.Logger;
25 import org.slf4j.LoggerFactory;
26 import org.whispersystems.signalservice.api.crypto.SealedSenderAccess;
27 import org.whispersystems.signalservice.api.profiles.AvatarUploadParams;
28 import org.whispersystems.signalservice.api.profiles.ProfileAndCredential;
29 import org.whispersystems.signalservice.api.profiles.SignalServiceProfile;
30 import org.whispersystems.signalservice.api.push.SignalServiceAddress;
31 import org.whispersystems.signalservice.api.push.exceptions.NotFoundException;
32 import org.whispersystems.signalservice.api.push.exceptions.PushNetworkException;
33 import org.whispersystems.signalservice.api.services.ProfileService;
34 import org.whispersystems.signalservice.api.util.ExpiringProfileCredentialUtil;
35
36 import java.io.IOException;
37 import java.io.OutputStream;
38 import java.nio.file.Files;
39 import java.util.Base64;
40 import java.util.Collection;
41 import java.util.List;
42 import java.util.Locale;
43 import java.util.Objects;
44 import java.util.Optional;
45 import java.util.Set;
46
47 import io.reactivex.rxjava3.core.Flowable;
48 import io.reactivex.rxjava3.core.Maybe;
49 import io.reactivex.rxjava3.core.Single;
50
51 public final class ProfileHelper {
52
53 private static final Logger logger = LoggerFactory.getLogger(ProfileHelper.class);
54
55 private final SignalAccount account;
56 private final SignalDependencies dependencies;
57 private final Context context;
58
59 public ProfileHelper(final Context context) {
60 this.account = context.getAccount();
61 this.dependencies = context.getDependencies();
62 this.context = context;
63 }
64
65 public void rotateProfileKey() throws IOException {
66 // refresh our profile, before creating a new profile key
67 getSelfProfile();
68 var profileKey = KeyUtils.createProfileKey();
69 account.setProfileKey(profileKey);
70 context.getAccountHelper().updateAccountAttributes();
71 setProfile(true, true, null, null, null, null, null, null);
72 account.getRecipientStore().rotateSelfStorageId();
73 context.getJobExecutor().enqueueJob(new SyncStorageJob());
74
75 final var recipientIds = account.getRecipientStore().getRecipientIdsWithEnabledProfileSharing();
76 for (final var recipientId : recipientIds) {
77 context.getSendHelper().sendProfileKey(recipientId);
78 }
79
80 final var selfRecipientId = account.getSelfRecipientId();
81 final var activeGroupIds = account.getGroupStore()
82 .getGroups()
83 .stream()
84 .filter(g -> g instanceof GroupInfoV2 && g.isMember(selfRecipientId) && g.isProfileSharingEnabled())
85 .map(g -> (GroupInfoV2) g)
86 .map(GroupInfoV2::getGroupId)
87 .toList();
88 for (final var groupId : activeGroupIds) {
89 try {
90 context.getGroupHelper().updateGroupProfileKey(groupId);
91 } catch (GroupNotFoundException | NotAGroupMemberException | IOException e) {
92 logger.warn("Failed to update group profile key: {}", e.getMessage());
93 }
94 }
95 }
96
97 public Profile getRecipientProfile(RecipientId recipientId) {
98 return getRecipientProfile(recipientId, false);
99 }
100
101 public List<Profile> getRecipientProfiles(Collection<RecipientId> recipientIds) {
102 return getRecipientProfiles(recipientIds, false);
103 }
104
105 public void refreshRecipientProfile(RecipientId recipientId) {
106 getRecipientProfile(recipientId, true);
107 }
108
109 public void refreshRecipientProfiles(Collection<RecipientId> recipientIds) {
110 getRecipientProfiles(recipientIds, true);
111 }
112
113 public List<ExpiringProfileKeyCredential> getExpiringProfileKeyCredential(List<RecipientId> recipientIds) {
114 final var profileFetches = Flowable.fromIterable(recipientIds)
115 .filter(recipientId -> !ExpiringProfileCredentialUtil.isValid(account.getProfileStore()
116 .getExpiringProfileKeyCredential(recipientId)))
117 .map(recipientId -> retrieveProfile(recipientId,
118 SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL).onErrorComplete());
119 Maybe.merge(profileFetches, 10).blockingSubscribe();
120
121 return recipientIds.stream().map(r -> account.getProfileStore().getExpiringProfileKeyCredential(r)).toList();
122 }
123
124 public ExpiringProfileKeyCredential getExpiringProfileKeyCredential(RecipientId recipientId) {
125 var profileKeyCredential = account.getProfileStore().getExpiringProfileKeyCredential(recipientId);
126 if (ExpiringProfileCredentialUtil.isValid(profileKeyCredential)) {
127 return profileKeyCredential;
128 }
129
130 try {
131 blockingGetProfile(retrieveProfile(recipientId, SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL));
132 } catch (IOException e) {
133 logger.warn("Failed to retrieve profile key credential, ignoring: {}", e.getMessage());
134 return null;
135 }
136
137 return account.getProfileStore().getExpiringProfileKeyCredential(recipientId);
138 }
139
140 /**
141 * @param givenName if null, the previous givenName will be kept
142 * @param familyName if null, the previous familyName will be kept
143 * @param about if null, the previous about text will be kept
144 * @param aboutEmoji if null, the previous about emoji will be kept
145 * @param avatar if avatar is null the image from the local avatar store is used (if present),
146 */
147 public void setProfile(
148 String givenName,
149 final String familyName,
150 String about,
151 String aboutEmoji,
152 Optional<String> avatar,
153 byte[] mobileCoinAddress
154 ) throws IOException {
155 setProfile(true, false, givenName, familyName, about, aboutEmoji, avatar, mobileCoinAddress);
156 }
157
158 public void setProfile(
159 boolean uploadProfile,
160 boolean forceUploadAvatar,
161 String givenName,
162 final String familyName,
163 String about,
164 String aboutEmoji,
165 Optional<String> avatar,
166 byte[] mobileCoinAddress
167 ) throws IOException {
168 var profile = getSelfProfile();
169 var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
170 if (givenName != null) {
171 builder.withGivenName(givenName);
172 }
173 if (familyName != null) {
174 builder.withFamilyName(familyName);
175 }
176 if (about != null) {
177 builder.withAbout(about);
178 }
179 if (aboutEmoji != null) {
180 builder.withAboutEmoji(aboutEmoji);
181 }
182 if (mobileCoinAddress != null) {
183 builder.withMobileCoinAddress(mobileCoinAddress);
184 }
185 var newProfile = builder.build();
186
187 if (uploadProfile) {
188 final var streamDetails = avatar != null && avatar.isPresent()
189 ? Utils.createStreamDetails(avatar.get())
190 .first()
191 : forceUploadAvatar && avatar == null ? context.getAvatarStore()
192 .retrieveProfileAvatar(account.getSelfRecipientAddress()) : null;
193 try (streamDetails) {
194 final var avatarUploadParams = streamDetails != null
195 ? AvatarUploadParams.forAvatar(streamDetails)
196 : avatar == null ? AvatarUploadParams.unchanged(true) : AvatarUploadParams.unchanged(false);
197 final var paymentsAddress = Optional.ofNullable(newProfile.getMobileCoinAddress())
198 .map(address -> PaymentUtils.signPaymentsAddress(address,
199 account.getAciIdentityKeyPair().getPrivateKey()));
200 logger.debug("Uploading new profile");
201 final var avatarPath = dependencies.getAccountManager()
202 .setVersionedProfile(account.getAci(),
203 account.getProfileKey(),
204 newProfile.getInternalServiceName(),
205 newProfile.getAbout() == null ? "" : newProfile.getAbout(),
206 newProfile.getAboutEmoji() == null ? "" : newProfile.getAboutEmoji(),
207 paymentsAddress,
208 avatarUploadParams,
209 List.of(/* TODO implement support for badges */),
210 account.getConfigurationStore().getPhoneNumberSharingMode()
211 == PhoneNumberSharingMode.EVERYBODY);
212 if (!avatarUploadParams.keepTheSame) {
213 builder.withAvatarUrlPath(avatarPath.orElse(null));
214 }
215 newProfile = builder.build();
216 }
217 }
218
219 if (avatar != null) {
220 if (avatar.isPresent()) {
221 try (final var streamDetails = Utils.createStreamDetails(avatar.get()).first()) {
222 context.getAvatarStore()
223 .storeProfileAvatar(account.getSelfRecipientAddress(),
224 outputStream -> IOUtils.copyStream(streamDetails.getStream(), outputStream));
225 }
226 } else {
227 context.getAvatarStore().deleteProfileAvatar(account.getSelfRecipientAddress());
228 }
229 }
230 account.getProfileStore().storeProfile(account.getSelfRecipientId(), newProfile);
231 }
232
233 public Profile getSelfProfile() {
234 return getRecipientProfile(account.getSelfRecipientId());
235 }
236
237 private List<Profile> getRecipientProfiles(Collection<RecipientId> recipientIds, boolean force) {
238 final var profileStore = account.getProfileStore();
239 final var profileFetches = Flowable.fromIterable(recipientIds)
240 .filter(recipientId -> force || isProfileRefreshRequired(profileStore.getProfile(recipientId)))
241 .map(recipientId -> retrieveProfile(recipientId,
242 SignalServiceProfile.RequestType.PROFILE).onErrorComplete());
243 Maybe.merge(profileFetches, 10).blockingSubscribe();
244
245 return recipientIds.stream().map(profileStore::getProfile).toList();
246 }
247
248 private Profile getRecipientProfile(RecipientId recipientId, boolean force) {
249 var profile = account.getProfileStore().getProfile(recipientId);
250
251 if (!force && !isProfileRefreshRequired(profile)) {
252 return profile;
253 }
254
255 try {
256 blockingGetProfile(retrieveProfile(recipientId, SignalServiceProfile.RequestType.PROFILE));
257 } catch (IOException e) {
258 logger.warn("Failed to retrieve profile, ignoring: {}", e.getMessage());
259 }
260
261 return account.getProfileStore().getProfile(recipientId);
262 }
263
264 private boolean isProfileRefreshRequired(final Profile profile) {
265 if (profile == null) {
266 return true;
267 }
268 // Profiles are cached for 6h before retrieving them again, unless forced
269 final var now = System.currentTimeMillis();
270 return now - profile.getLastUpdateTimestamp() >= 6 * 60 * 60 * 1000;
271 }
272
273 private Profile decryptProfileAndDownloadAvatar(
274 final RecipientId recipientId,
275 final ProfileKey profileKey,
276 final SignalServiceProfile encryptedProfile
277 ) {
278 final var avatarPath = encryptedProfile.getAvatar();
279 downloadProfileAvatar(recipientId, avatarPath, profileKey);
280
281 return ProfileUtils.decryptProfile(profileKey, encryptedProfile);
282 }
283
284 public void downloadProfileAvatar(
285 final RecipientId recipientId,
286 final String avatarPath,
287 final ProfileKey profileKey
288 ) {
289 var profile = account.getProfileStore().getProfile(recipientId);
290 if (profile == null || !Objects.equals(avatarPath, profile.getAvatarUrlPath())) {
291 logger.trace("Downloading profile avatar for {}", recipientId);
292 downloadProfileAvatar(account.getRecipientAddressResolver().resolveRecipientAddress(recipientId),
293 avatarPath,
294 profileKey);
295 var builder = profile == null ? Profile.newBuilder() : Profile.newBuilder(profile);
296 account.getProfileStore().storeProfile(recipientId, builder.withAvatarUrlPath(avatarPath).build());
297 }
298 }
299
300 private ProfileAndCredential blockingGetProfile(Single<ProfileAndCredential> profile) throws IOException {
301 try {
302 return profile.blockingGet();
303 } catch (RuntimeException e) {
304 if (e.getCause() instanceof PushNetworkException) {
305 throw (PushNetworkException) e.getCause();
306 } else if (e.getCause() instanceof NotFoundException) {
307 throw (NotFoundException) e.getCause();
308 } else {
309 throw new IOException(e);
310 }
311 }
312 }
313
314 private Single<ProfileAndCredential> retrieveProfile(
315 RecipientId recipientId,
316 SignalServiceProfile.RequestType requestType
317 ) {
318 var unidentifiedAccess = getUnidentifiedAccess(recipientId);
319 var profileKey = Optional.ofNullable(account.getProfileStore().getProfileKey(recipientId));
320
321 logger.trace("Retrieving profile for {} {}",
322 recipientId,
323 profileKey.isPresent() ? "with profile key" : "without profile key");
324 final var address = context.getRecipientHelper().resolveSignalServiceAddress(recipientId);
325 return retrieveProfile(address, profileKey, unidentifiedAccess, requestType).doOnSuccess(p -> {
326 logger.trace("Got new profile for {}", recipientId);
327 final var encryptedProfile = p.getProfile();
328
329 if (requestType == SignalServiceProfile.RequestType.PROFILE_AND_CREDENTIAL
330 || !ExpiringProfileCredentialUtil.isValid(account.getProfileStore()
331 .getExpiringProfileKeyCredential(recipientId))) {
332 logger.trace("Storing profile credential");
333 final var profileKeyCredential = p.getExpiringProfileKeyCredential().orElse(null);
334 account.getProfileStore().storeExpiringProfileKeyCredential(recipientId, profileKeyCredential);
335 }
336
337 final var profile = account.getProfileStore().getProfile(recipientId);
338
339 if (recipientId.equals(account.getSelfRecipientId())) {
340 final var isUnrestricted = encryptedProfile.isUnrestrictedUnidentifiedAccess();
341 if (account.isUnrestrictedUnidentifiedAccess() != isUnrestricted) {
342 account.setUnrestrictedUnidentifiedAccess(isUnrestricted);
343 }
344 }
345
346 Profile newProfile = null;
347 if (profileKey.isPresent()) {
348 logger.trace("Decrypting profile");
349 newProfile = decryptProfileAndDownloadAvatar(recipientId, profileKey.get(), encryptedProfile);
350 }
351
352 if (newProfile == null) {
353 newProfile = (
354 profile == null ? Profile.newBuilder() : Profile.newBuilder(profile)
355 ).withLastUpdateTimestamp(System.currentTimeMillis())
356 .withUnidentifiedAccessMode(ProfileUtils.getUnidentifiedAccessMode(encryptedProfile, null))
357 .withCapabilities(ProfileUtils.getCapabilities(encryptedProfile))
358 .build();
359 }
360
361 try {
362 logger.trace("Storing identity");
363 final var identityKey = new IdentityKey(Base64.getDecoder().decode(encryptedProfile.getIdentityKey()));
364 account.getIdentityKeyStore().saveIdentity(p.getProfile().getServiceId(), identityKey);
365 } catch (InvalidKeyException ignored) {
366 logger.warn("Got invalid identity key in profile for {}",
367 context.getRecipientHelper().resolveSignalServiceAddress(recipientId).getIdentifier());
368 }
369
370 logger.trace("Storing profile");
371 account.getProfileStore().storeProfile(recipientId, newProfile);
372 account.getRecipientStore().markRegistered(recipientId, true);
373
374 logger.trace("Done handling retrieved profile");
375 }).doOnError(e -> {
376 logger.warn("Failed to retrieve profile, ignoring: {}", e.getMessage());
377 final var profile = account.getProfileStore().getProfile(recipientId);
378 final var newProfile = (
379 profile == null ? Profile.newBuilder() : Profile.newBuilder(profile)
380 ).withLastUpdateTimestamp(System.currentTimeMillis())
381 .withUnidentifiedAccessMode(Profile.UnidentifiedAccessMode.UNKNOWN)
382 .withCapabilities(Set.of())
383 .build();
384 if (e instanceof NotFoundException) {
385 logger.debug("Marking recipient {} as unregistered after 404 profile fetch.", recipientId);
386 account.getRecipientStore().markRegistered(recipientId, false);
387 }
388
389 account.getProfileStore().storeProfile(recipientId, newProfile);
390 });
391 }
392
393 private Single<ProfileAndCredential> retrieveProfile(
394 SignalServiceAddress address,
395 Optional<ProfileKey> profileKey,
396 @Nullable SealedSenderAccess unidentifiedAccess,
397 SignalServiceProfile.RequestType requestType
398 ) {
399 final var profileService = dependencies.getProfileService();
400 final var locale = Utils.getDefaultLocale(Locale.US);
401
402 return profileService.getProfile(address, profileKey, unidentifiedAccess, requestType, locale).map(pair -> {
403 var processor = new ProfileService.ProfileResponseProcessor(pair);
404 if (processor.hasResult()) {
405 return processor.getResult();
406 } else if (processor.notFound()) {
407 throw new NotFoundException("Profile not found");
408 } else {
409 throw pair.getExecutionError()
410 .or(pair::getApplicationError)
411 .orElseThrow(() -> new IOException("Unknown error while retrieving profile"));
412 }
413 });
414 }
415
416 private void downloadProfileAvatar(RecipientAddress address, String avatarPath, ProfileKey profileKey) {
417 if (avatarPath == null) {
418 try {
419 context.getAvatarStore().deleteProfileAvatar(address);
420 } catch (IOException e) {
421 logger.warn("Failed to delete local profile avatar, ignoring: {}", e.getMessage());
422 }
423 return;
424 }
425
426 try {
427 context.getAvatarStore()
428 .storeProfileAvatar(address,
429 outputStream -> retrieveProfileAvatar(avatarPath, profileKey, outputStream));
430 } catch (Throwable e) {
431 logger.warn("Failed to download profile avatar, ignoring: {}", e.getMessage());
432 }
433 }
434
435 private void retrieveProfileAvatar(
436 String avatarPath,
437 ProfileKey profileKey,
438 OutputStream outputStream
439 ) throws IOException {
440 var tmpFile = IOUtils.createTempFile();
441 try (var input = dependencies.getMessageReceiver()
442 .retrieveProfileAvatar(avatarPath,
443 tmpFile,
444 profileKey,
445 ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE)) {
446 // Use larger buffer size to prevent AssertionError: Need: 12272 but only have: 8192 ...
447 IOUtils.copyStream(input, outputStream, (int) ServiceConfig.AVATAR_DOWNLOAD_FAILSAFE_MAX_SIZE);
448 } finally {
449 try {
450 Files.delete(tmpFile.toPath());
451 } catch (IOException e) {
452 logger.warn("Failed to delete received profile avatar temp file “{}”, ignoring: {}",
453 tmpFile,
454 e.getMessage());
455 }
456 }
457 }
458
459 private @Nullable SealedSenderAccess getUnidentifiedAccess(RecipientId recipientId) {
460 return context.getUnidentifiedAccessHelper().getSealedSenderAccessFor(recipientId, true);
461 }
462 }
[GitHub/AsamK] signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Codeberg
GitHub
GitLab
SourceHut