Merge branch 'main' into sch-UID2-5966-retrieve-environment-from-core

sophia-chen-ttd · web-flow · commit 08350d9248a1 · 2025-09-03T16:19:20.000+10:00
diff --git a/pom.xml b/pom.xml
@@ -6,8 +6,8 @@
 
     <groupId>com.uid2</groupId>
     <artifactId>uid2-operator</artifactId>
-    <version>5.57.19-alpha-450-SNAPSHOT</version>
-
+    <version>5.57.20</version>
+  
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <vertx.version>4.5.18</vertx.version>
@@ -22,7 +22,7 @@
         <enclave-aws.version>2.1.0</enclave-aws.version>
         <enclave-azure.version>2.1.13</enclave-azure.version>
         <enclave-gcp.version>2.1.0</enclave-gcp.version>
-        <uid2-shared.version>10.9.0</uid2-shared.version>
+        <uid2-shared.version>11.0.4</uid2-shared.version>
         <image.version>${project.version}</image.version>
         <maven.compiler.source>21</maven.compiler.source>
         <maven.compiler.target>21</maven.compiler.target>
diff --git a/src/main/java/com/uid2/operator/service/UIDOperatorService.java b/src/main/java/com/uid2/operator/service/UIDOperatorService.java
@@ -10,8 +10,6 @@
 import io.vertx.core.AsyncResult;
 import io.vertx.core.Future;
 import io.vertx.core.Handler;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import java.time.Clock;
 import java.time.Duration;
@@ -28,7 +26,6 @@ public class UIDOperatorService implements IUIDOperatorService {
     public static final String IDENTITY_TOKEN_EXPIRES_AFTER_SECONDS = "identity_token_expires_after_seconds";
     public static final String REFRESH_TOKEN_EXPIRES_AFTER_SECONDS = "refresh_token_expires_after_seconds";
     public static final String REFRESH_IDENTITY_TOKEN_AFTER_SECONDS = "refresh_identity_token_after_seconds";
-    private static final Logger LOGGER = LoggerFactory.getLogger(UIDOperatorService.class);
 
     private static final Instant REFRESH_CUTOFF = LocalDateTime.parse("2021-03-08T17:00:00", DateTimeFormatter.ISO_LOCAL_DATE_TIME).toInstant(ZoneOffset.UTC);
     private static final long DAY_IN_MS = Duration.ofDays(1).toMillis();
@@ -174,7 +171,7 @@ public List<SaltEntry> getModifiedBuckets(Instant sinceTimestamp) {
 
     private ISaltProvider.ISaltSnapshot getSaltProviderSnapshot(Instant asOf) {
         ISaltProvider.ISaltSnapshot snapshot = this.saltProvider.getSnapshot(asOf);
-        if(snapshot.getExpires().isBefore(Instant.now())) {
+        if (snapshot.getExpires().isBefore(Instant.now())) {
             saltRetrievalResponseHandler.handle(true);
         } else {
             saltRetrievalResponseHandler.handle(false);
@@ -255,8 +252,8 @@ private byte[] getPreviousAdvertisingId(UserIdentity firstLevelHashIdentity, Sal
     }
 
     private long getRefreshFrom(SaltEntry rotatingSalt, Instant asOf) {
-        Long refreshFrom = rotatingSalt.refreshFrom();
-        if (refreshFrom == null || refreshFrom < asOf.toEpochMilli()) {
+        long refreshFrom = rotatingSalt.refreshFrom();
+        if (refreshFrom < asOf.toEpochMilli()) {
             return asOf.truncatedTo(DAYS).plus(1, DAYS).toEpochMilli();
         }
         return refreshFrom;
@@ -297,8 +294,7 @@ static protected class GlobalOptoutResult {
         private final Instant time;
 
         //providedTime can be null if isOptedOut is false!
-        GlobalOptoutResult(Instant providedTime)
-        {
+        GlobalOptoutResult(Instant providedTime) {
             isOptedOut = providedTime != null;
             time = providedTime;
         }
diff --git a/src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java b/src/test/java/com/uid2/operator/UIDOperatorVerticleTest.java
@@ -64,7 +64,6 @@
 
 import javax.crypto.SecretKey;
 import java.math.BigInteger;
-import java.net.URLEncoder;
 import java.nio.charset.StandardCharsets;
 import java.security.*;
 import java.time.*;
@@ -91,7 +90,7 @@ public class UIDOperatorVerticleTest {
     private static final Instant legacyClientCreationDateTime = Instant.ofEpochSecond(OPT_OUT_CHECK_CUTOFF_DATE).minus(1, ChronoUnit.SECONDS);
     private static final Instant newClientCreationDateTime = Instant.ofEpochSecond(OPT_OUT_CHECK_CUTOFF_DATE).plus(1, ChronoUnit.SECONDS);
     private static final String firstLevelSalt = "first-level-salt";
-    private static final SaltEntry rotatingSalt123 = new SaltEntry(123, "hashed123", 0, "salt123", null, null, null, null);
+    private static final SaltEntry rotatingSalt123 = new SaltEntry(123, "hashed123", 0, "salt123", 1000L, "prevSalt123", null, null);
     private static final Duration identityExpiresAfter = Duration.ofMinutes(10);
     private static final Duration refreshExpiresAfter = Duration.ofMinutes(15);
     private static final Duration refreshIdentityAfter = Duration.ofMinutes(5);
@@ -105,7 +104,6 @@ public class UIDOperatorVerticleTest {
     private static final String iosClientVersionHeaderValue = "ios-1.2.3";
     private static final String tvosClientVersionHeaderValue = "tvos-1.2.3";
     private static final int clientSideTokenGenerateSiteId = 123;
-
     private static final int optOutStatusMaxRequestSize = 1000;
 
     @Mock
@@ -144,7 +142,7 @@ public class UIDOperatorVerticleTest {
     private final JsonObject config = new JsonObject();
 
     @BeforeEach
-    public void deployVerticle(Vertx vertx, VertxTestContext testContext, TestInfo testInfo) {
+    void deployVerticle(Vertx vertx, VertxTestContext testContext, TestInfo testInfo) {
         when(saltProvider.getSnapshot(any())).thenReturn(saltProviderSnapshot);
         when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().plus(1, ChronoUnit.HOURS));
         when(clock.instant()).thenAnswer(i -> now);
@@ -174,7 +172,7 @@ public void deployVerticle(Vertx vertx, VertxTestContext testContext, TestInfo t
     }
 
     @AfterEach
-    public void teardown() throws Exception {
+    void teardown() {
         Metrics.globalRegistry.remove(registry);
     }
 
@@ -233,14 +231,6 @@ private void clearAuth() {
         when(clientKeyProvider.get(any())).thenReturn(null);
     }
 
-    private static String urlEncode(String value) {
-        try {
-            return URLEncoder.encode(value, StandardCharsets.UTF_8);
-        } catch (Exception e) {
-            return null;
-        }
-    }
-
     private String getUrlForEndpoint(String endpoint) {
         return String.format("http://127.0.0.1:%d/%s", Const.Port.ServicePortForOperator + Utils.getPortOffset(), endpoint);
     }
@@ -282,7 +272,6 @@ protected void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expe
         sendTokenGenerate(vertx, v2PostPayload, expectedHttpCode, null, handler, true, Collections.emptyMap());
     }
 
-
     protected void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expectedHttpCode,
                                      Handler<JsonObject> handler, Map<String, String> additionalHeaders) {
         sendTokenGenerate(vertx, v2PostPayload, expectedHttpCode, null, handler, true, additionalHeaders);
@@ -298,7 +287,6 @@ private void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expect
     }
 
     private void sendTokenGenerate(Vertx vertx, JsonObject v2PostPayload, int expectedHttpCode, String referer, Handler<JsonObject> handler, boolean additionalParams, Map<String, String> additionalHeaders) {
-
         ClientKey ck = (ClientKey) clientKeyProvider.get("");
 
         long nonce = new BigInteger(Random.getBytes(8)).longValue();
@@ -1204,7 +1192,8 @@ void v3IdentityMapMissingValidInputKeys(String inputPayload, Vertx vertx, VertxT
     }
 
     @ParameterizedTest
-    @ValueSource(strings = {"{\"invalid_key\": []}",
+    @ValueSource(strings = {
+            "{\"invalid_key\": []}",
             "{\"email\": [ null ]}",
             "{\"email\": [ \"some_email\", null ]}"
     })
@@ -1409,10 +1398,12 @@ void tokenGenerateNewClientWrongPolicySpecifiedOlderKeySuccessful(String policyP
     }
 
     @ParameterizedTest // TODO: remove test after optout check phase 3
-    @CsvSource({"policy,someoptout@example.com,Email",
+    @CsvSource({
+            "policy,someoptout@example.com,Email",
             "policy,+01234567890,Phone",
             "optout_check,someoptout@example.com,Email",
-            "optout_check,+01234567890,Phone"})
+            "optout_check,+01234567890,Phone"
+    })
     void tokenGenerateOptOutToken(String policyParameterKey, String identity, IdentityType identityType,
                                   Vertx vertx, VertxTestContext testContext) {
         ClientKey oldClientKey = new ClientKey(
@@ -1476,8 +1467,7 @@ void tokenGenerateOptOutToken(String policyParameterKey, String identity, Identi
                             TokenResponseStatsCollector.ResponseStatus.Success,
                             TokenResponseStatsCollector.PlatformType.Other);
 
-                    sendTokenRefresh(vertx, testContext, body.getString("refresh_token"), body.getString("refresh_response_key"), 200, refreshRespJson ->
-                    {
+                    sendTokenRefresh(vertx, testContext, body.getString("refresh_token"), body.getString("refresh_response_key"), 200, refreshRespJson -> {
                         assertEquals("optout", refreshRespJson.getString("status"));
                         JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                         assertNull(refreshBody);
@@ -1492,10 +1482,12 @@ void tokenGenerateOptOutToken(String policyParameterKey, String identity, Identi
     }
 
     @ParameterizedTest // TODO: remove test after optout check phase 3
-    @CsvSource({"policy,someoptout@example.com,Email",
+    @CsvSource({
+            "policy,someoptout@example.com,Email",
             "policy,+01234567890,Phone",
             "optout_check,someoptout@example.com,Email",
-            "optout_check,+01234567890,Phone"})
+            "optout_check,+01234567890,Phone"
+    })
     void tokenGenerateOptOutTokenWithDisableOptoutTokenFF(String policyParameterKey, String identity, IdentityType identityType,
                                                           Vertx vertx, VertxTestContext testContext) {
         ClientKey oldClientKey = new ClientKey(
@@ -1638,8 +1630,7 @@ void tokenGenerateThenRefresh(String contentType, Vertx vertx, VertxTestContext
 
             when(this.optOutStore.getLatestEntry(any())).thenReturn(null);
 
-            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson ->
-            {
+            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson -> {
                 assertEquals("success", refreshRespJson.getString("status"));
                 JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                 assertNotNull(refreshBody);
@@ -1698,8 +1689,7 @@ void tokenGenerateThenRefreshSaltsExpired(Vertx vertx, VertxTestContext testCont
 
             when(this.optOutStore.getLatestEntry(any())).thenReturn(null);
 
-            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson ->
-            {
+            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson -> {
                 assertEquals("success", refreshRespJson.getString("status"));
                 JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                 assertNotNull(refreshBody);
@@ -1761,16 +1751,14 @@ void tokenGenerateThenRefreshNoActiveKey(Vertx vertx, VertxTestContext testConte
                     String genRefreshToken = bodyJson.getString("refresh_token");
 
                     setupKeys(true);
-                    sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 500, refreshRespJson ->
-                    {
+                    sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 500, refreshRespJson -> {
                         assertFalse(refreshRespJson.containsKey("body"));
                         assertEquals("No active encryption key available", refreshRespJson.getString("message"));
                         testContext.completeNow();
                     }, Map.of(ClientVersionHeader, androidClientVersionHeaderValue));
                 });
     }
 
-
     @Test
     void tokenGenerateThenValidateWithEmail_Match(Vertx vertx, VertxTestContext testContext) {
         final int clientSiteId = 201;
@@ -2714,8 +2702,7 @@ void tokenGenerateThenRefreshForPhone(Vertx vertx, VertxTestContext testContext)
 
             when(this.optOutStore.getLatestEntry(any())).thenReturn(null);
 
-            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson ->
-            {
+            sendTokenRefresh(vertx, testContext, genRefreshToken, bodyJson.getString("refresh_response_key"), 200, refreshRespJson -> {
                 assertEquals("success", refreshRespJson.getString("status"));
                 JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                 assertNotNull(refreshBody);
@@ -3217,7 +3204,7 @@ void cstgNoIdentityHashProvided(Vertx vertx, VertxTestContext testContext) throw
     @ParameterizedTest
     @CsvSource({
             "https://blahblah.com",
-            "http://local1host:8080", //intentionally spelling localhost wrong here!
+            "http://local1host:8080" //intentionally spelling localhost wrong here!
     })
     void cstgDomainNameCheckFails(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend();
@@ -3246,7 +3233,7 @@ void cstgDomainNameCheckFails(String httpOrigin, Vertx vertx, VertxTestContext t
     @CsvSource({
             "''", // An empty quoted value results in the empty string.
             "com.123",
-            "com.",
+            "com."
     })
     void cstgAppNameCheckFails(String appName, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend(Collections.emptyList(), List.of("com.123.Game.App.android"));
@@ -3276,7 +3263,7 @@ void cstgAppNameCheckFails(String appName, Vertx vertx, VertxTestContext testCon
 
     @ParameterizedTest
     @CsvSource({
-            "http://gototest.com",
+            "http://gototest.com"
     })
     void cstgDomainNameCheckFailsAndLogInvalidHttpOrigin(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         ListAppender<ILoggingEvent> logWatcher = new ListAppender<>();
@@ -3383,7 +3370,7 @@ void cstgDisabledAsUnauthorized(Vertx vertx, VertxTestContext testContext) throw
 
     @ParameterizedTest
     @CsvSource({
-            "http://gototest.com",
+            "http://gototest.com"
     })
     void cstgDomainNameCheckFailsAndLogSeveralInvalidHttpOrigin(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         ListAppender<ILoggingEvent> logWatcher = new ListAppender<>();
@@ -3426,7 +3413,7 @@ void cstgDomainNameCheckFailsAndLogSeveralInvalidHttpOrigin(String httpOrigin, V
     @CsvSource({
             "https://cstg.co.uk",
             "https://cstg2.com",
-            "http://localhost:8080",
+            "http://localhost:8080"
     })
     void cstgDomainNameCheckPasses(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend("cstg.co.uk", "cstg2.com", "localhost");
@@ -3453,7 +3440,7 @@ void cstgDomainNameCheckPasses(String httpOrigin, Vertx vertx, VertxTestContext
     @CsvSource({
             "com.123.Game.App.android",
             "com.123.game.app.android",
-            "123456789",
+            "123456789"
     })
     void cstgAppNameCheckPasses(String appName, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend(Collections.emptyList(), List.of("com.123.Game.App.android", "123456789"));
@@ -4035,7 +4022,7 @@ void cstgUserOptsOutAfterTokenGenerate(String id, IdentityType identityType, Ver
             "true,abc@abc.com,Email",
             "true,+61400000000,Phone",
             "false,abc@abc.com,Email",
-            "false,+61400000000,Phone",
+            "false,+61400000000,Phone"
     })
     void cstgSuccessForBothOptedAndNonOptedOutTest(boolean optOutExpected, String id, IdentityType identityType,
                                                    Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
@@ -4089,8 +4076,7 @@ void cstgSuccessForBothOptedAndNonOptedOutTest(boolean optOutExpected, String id
 
                     String genRefreshToken = genBody.getString("refresh_token");
                     //test a subsequent refresh from this cstg call and see if it still works
-                    sendTokenRefresh(vertx, testContext, genRefreshToken, genBody.getString("refresh_response_key"), 200, refreshRespJson ->
-                    {
+                    sendTokenRefresh(vertx, testContext, genRefreshToken, genBody.getString("refresh_response_key"), 200, refreshRespJson -> {
                         assertEquals("success", refreshRespJson.getString("status"));
                         JsonObject refreshBody = refreshRespJson.getJsonObject("body");
                         assertNotNull(refreshBody);
@@ -4123,7 +4109,7 @@ void cstgSuccessForBothOptedAndNonOptedOutTest(boolean optOutExpected, String id
     @CsvSource({
             "https://cstg.co.uk",
             "https://cstg2.com",
-            "http://localhost:8080",
+            "http://localhost:8080"
     })
     void cstgSaltsExpired(String httpOrigin, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         when(saltProviderSnapshot.getExpires()).thenReturn(Instant.now().minus(1, ChronoUnit.HOURS));
@@ -4172,7 +4158,7 @@ void cstgNoActiveKey(Vertx vertx, VertxTestContext testContext) throws NoSuchAlg
     @ParameterizedTest
     @CsvSource({
             "email_hash,random@unifiedid.com",
-            "phone_hash,1234567890",
+            "phone_hash,1234567890"
     })
     void cstgInvalidInput(String identityType, String rawUID, Vertx vertx, VertxTestContext testContext) throws NoSuchAlgorithmException, InvalidKeyException {
         setupCstgBackend("cstg.co.uk");
@@ -5308,7 +5294,7 @@ void identityBucketsAlwaysReturnMilliseconds(Vertx vertx, VertxTestContext testC
 
         // SaltEntry with a lastUpdated that has 0 milliseconds
         long lastUpdatedMillis = Instant.parse("2024-01-01T00:00:00Z").toEpochMilli();
-        SaltEntry bucketEntry = new SaltEntry(456, "hashed456", lastUpdatedMillis, "salt456", null, null, null, null);
+        SaltEntry bucketEntry = new SaltEntry(456, "hashed456", lastUpdatedMillis, "salt456", 1000L, null, null, null);
         when(saltProviderSnapshot.getModifiedSince(any())).thenReturn(List.of(bucketEntry));
 
         String sinceTimestamp = "2023-12-31T00:00:00"; // earlier timestamp
