Updated raw UID2 version generation logic

Author: gmsdelmundo

src/main/java/com/uid2/operator/model/IdentityEnvironment.java

@@ -7,7 +7,9 @@ public enum IdentityEnvironment {
 
     public final int value;
 
-    IdentityEnvironment(int value) { this.value = value; }
+    IdentityEnvironment(int value) {
+        this.value = value;
+    }
 
     public static IdentityEnvironment fromValue(int value) {
         return switch (value) {
@@ -17,4 +19,13 @@ public static IdentityEnvironment fromValue(int value) {
             default -> throw new ClientInputValidationException("Invalid valid for IdentityEnvironment: " + value);
         };
     }
+
+    public static IdentityEnvironment fromString(String value) {
+        return switch (value.toLowerCase()) {
+            case "test" -> Test;
+            case "integ" -> Integ;
+            case "prod" -> Prod;
+            default -> throw new ClientInputValidationException("Invalid valid for IdentityEnvironment: " + value);
+        };
+    }
 }

src/main/java/com/uid2/operator/model/UserIdentity.java

@@ -2,20 +2,22 @@
 
 import java.time.Instant;
 import java.util.Arrays;
-import java.util.Objects;
 
 public class UserIdentity {
     public final IdentityScope identityScope;
     public final IdentityType identityType;
+    public final IdentityEnvironment identityEnvironment;
     public final byte[] id;
     public final int privacyBits;
     public final Instant establishedAt;
     public final Instant refreshedAt;
 
-    public UserIdentity(IdentityScope identityScope, IdentityType identityType, byte[] id, int privacyBits,
+    public UserIdentity(IdentityScope identityScope, IdentityType identityType, IdentityEnvironment identityEnvironment,
+                        byte[] id, int privacyBits,
                         Instant establishedAt, Instant refreshedAt) {
         this.identityScope = identityScope;
         this.identityType = identityType;
+        this.identityEnvironment = identityEnvironment;
         this.id = id;
         this.privacyBits = privacyBits;
         this.establishedAt = establishedAt;
@@ -25,6 +27,7 @@ public UserIdentity(IdentityScope identityScope, IdentityType identityType, byte
     public boolean matches(UserIdentity that) {
         return this.identityScope.equals(that.identityScope) &&
                 this.identityType.equals(that.identityType) &&
+                this.identityEnvironment.equals(that.identityEnvironment) &&
                 Arrays.equals(this.id, that.id);
     }
 }

src/main/java/com/uid2/operator/service/EncryptedTokenEncoder.java

@@ -17,9 +17,11 @@
 
 public class EncryptedTokenEncoder implements ITokenEncoder {
     private final KeyManager keyManager;
+    private final IdentityEnvironment identityEnvironment;
 
-    public EncryptedTokenEncoder(KeyManager keyManager) {
+    public EncryptedTokenEncoder(KeyManager keyManager, IdentityEnvironment identityEnvironment) {
         this.keyManager = keyManager;
+        this.identityEnvironment = identityEnvironment;
     }
 
     public byte[] encode(AdvertisingToken t, Instant asOf) {
@@ -124,7 +126,7 @@ private RefreshToken decodeRefreshTokenV2(Buffer b) {
                 TokenVersion.V2, createdAt, validTill,
                 new OperatorIdentity(0, OperatorType.Service, 0, 0),
                 new PublisherIdentity(siteId, 0, 0),
-                new UserIdentity(IdentityScope.UID2, IdentityType.Email, identity, privacyBits, Instant.ofEpochMilli(establishedMillis), null));
+                new UserIdentity(IdentityScope.UID2, IdentityType.Email, this.identityEnvironment, identity, privacyBits, Instant.ofEpochMilli(establishedMillis), null));
     }
 
     private RefreshToken decodeRefreshTokenV3(Buffer b, byte[] bytes) {
@@ -157,7 +159,7 @@ private RefreshToken decodeRefreshTokenV3(Buffer b, byte[] bytes) {
 
         return new RefreshToken(
                 TokenVersion.V3, createdAt, expiresAt, operatorIdentity, publisherIdentity,
-                new UserIdentity(identityScope, identityType, id, privacyBits, establishedAt, null));
+                new UserIdentity(identityScope, identityType, this.identityEnvironment, id, privacyBits, establishedAt, null));
     }
 
     @Override
@@ -225,13 +227,12 @@ public AdvertisingToken decodeAdvertisingTokenV2(Buffer b) {
                     Instant.ofEpochMilli(expiresMillis),
                     new OperatorIdentity(0, OperatorType.Service, 0, masterKeyId),
                     new PublisherIdentity(siteId, siteKeyId, 0),
-                    new UserIdentity(IdentityScope.UID2, IdentityType.Email, advertisingId, privacyBits, Instant.ofEpochMilli(establishedMillis), null)
+                    new UserIdentity(IdentityScope.UID2, IdentityType.Email, this.identityEnvironment, advertisingId, privacyBits, Instant.ofEpochMilli(establishedMillis), null)
             );
 
         } catch (Exception e) {
             throw new RuntimeException("Couldn't decode advertisingTokenV2", e);
         }
-
     }
 
     public AdvertisingToken decodeAdvertisingTokenV3orV4(Buffer b, byte[] bytes, TokenVersion tokenVersion) {
@@ -253,8 +254,7 @@ public AdvertisingToken decodeAdvertisingTokenV3orV4(Buffer b, byte[] bytes, Tok
         final IdentityScope identityScope = id.length == 32 ? IdentityScope.UID2 : decodeIdentityScopeV3(id[0]);
         final IdentityType identityType = id.length == 32 ? IdentityType.Email : decodeIdentityTypeV3(id[0]);
 
-        if (id.length > 32)
-        {
+        if (id.length > 32) {
             if (identityScope != decodeIdentityScopeV3(b.getByte(0))) {
                 throw new ClientInputValidationException("Failed decoding advertisingTokenV3: Identity scope mismatch");
             }
@@ -265,7 +265,7 @@ public AdvertisingToken decodeAdvertisingTokenV3orV4(Buffer b, byte[] bytes, Tok
 
         return new AdvertisingToken(
                 tokenVersion, createdAt, expiresAt, operatorIdentity, publisherIdentity,
-                new UserIdentity(identityScope, identityType, id, privacyBits, establishedAt, refreshedAt)
+                new UserIdentity(identityScope, identityType, this.identityEnvironment, id, privacyBits, establishedAt, refreshedAt)
         );
     }
 
@@ -338,7 +338,6 @@ public static String bytesToBase64Token(byte[] advertisingTokenBytes, TokenVersi
 
     @Override
     public IdentityTokens encode(AdvertisingToken advertisingToken, RefreshToken refreshToken, Instant refreshFrom, Instant asOf) {
-
         final byte[] advertisingTokenBytes = encode(advertisingToken, asOf);
         final String base64AdvertisingToken = bytesToBase64Token(advertisingTokenBytes, advertisingToken.version);
 
@@ -367,16 +366,16 @@ private byte[] encryptIdentityV2(PublisherIdentity publisherIdentity, UserIdenti
         }
     }
 
-    static private byte encodeIdentityTypeV3(UserIdentity userIdentity) {
+    private static byte encodeIdentityTypeV3(UserIdentity userIdentity) {
         return (byte) (TokenUtils.encodeIdentityScope(userIdentity.identityScope) | (userIdentity.identityType.value << 2) | 3);
         // "| 3" is used so that the 2nd char matches the version when V3 or higher. Eg "3" for V3 and "4" for V4
     }
 
-    static private IdentityScope decodeIdentityScopeV3(byte value) {
+    private static IdentityScope decodeIdentityScopeV3(byte value) {
         return IdentityScope.fromValue((value & 0x10) >> 4);
     }
 
-    static private IdentityType decodeIdentityTypeV3(byte value) {
+    private static IdentityType decodeIdentityTypeV3(byte value) {
         return IdentityType.fromValue((value & 0xf) >> 2);
     }
 
@@ -392,7 +391,7 @@ static PublisherIdentity decodePublisherIdentityV3(Buffer b, int offset) {
 
     static void encodeOperatorIdentityV3(Buffer b, OperatorIdentity operatorIdentity) {
         b.appendInt(operatorIdentity.siteId);
-        b.appendByte((byte)operatorIdentity.operatorType.value);
+        b.appendByte((byte) operatorIdentity.operatorType.value);
         b.appendInt(operatorIdentity.operatorVersion);
         b.appendInt(operatorIdentity.operatorKeyId);
     }

src/main/java/com/uid2/operator/service/IUIDOperatorService.java

@@ -10,7 +10,6 @@
 import java.util.List;
 
 public interface IUIDOperatorService {
-
     IdentityTokens generateIdentity(IdentityRequest request, Duration refreshIdentityAfter, Duration refreshExpiresAfter, Duration identityExpiresAfter);
 
     RefreshResponse refreshIdentity(RefreshToken token, Duration refreshIdentityAfter, Duration refreshExpiresAfter, Duration identityExpiresAfter);
@@ -25,6 +24,4 @@ public interface IUIDOperatorService {
     void invalidateTokensAsync(UserIdentity userIdentity, Instant asOf, String uidTraceId, Handler<AsyncResult<Instant>> handler);
 
     boolean advertisingTokenMatches(String advertisingToken, UserIdentity userIdentity, Instant asOf);
-
-    Instant getLatestOptoutEntry(UserIdentity userIdentity, Instant asOf);
 }

src/main/java/com/uid2/operator/service/InputUtil.java

@@ -1,17 +1,19 @@
 package com.uid2.operator.service;
 
+import com.uid2.operator.model.IdentityEnvironment;
 import com.uid2.operator.model.IdentityScope;
 import com.uid2.operator.model.IdentityType;
 import com.uid2.operator.model.UserIdentity;
 
 import java.time.Instant;
 
-public class InputUtil {
+public final class InputUtil {
+    private static final String GMAILDOMAIN = "gmail.com";
+    private static final int MIN_PHONENUMBER_DIGITS = 10;
+    private static final int MAX_PHONENUMBER_DIGITS = 15;
 
-    private static String GMAILDOMAIN = "gmail.com";
-
-    private static int MIN_PHONENUMBER_DIGITS = 10;
-    private static int MAX_PHONENUMBER_DIGITS = 15;
+    private InputUtil() {
+    }
 
     public static InputVal normalizeEmailHash(String input) {
         final int inputLength = input.length();
@@ -65,8 +67,7 @@ public static boolean isPhoneNumberNormalized(String phoneNumber) {
 
         // count the digits, return false if non-digit character is found
         int totalDigits = 0;
-        for (int i = 1; i < phoneNumber.length(); ++i)
-        {
+        for (int i = 1; i < phoneNumber.length(); ++i) {
             if (!InputUtil.isAsciiDigit(phoneNumber.charAt(i)))
                 return false;
             ++totalDigits;
@@ -80,7 +81,7 @@ public static boolean isPhoneNumberNormalized(String phoneNumber) {
 
     public static InputVal normalizeEmail(String email) {
         final String normalize = normalizeEmailString(email);
-        if (normalize != null && normalize.length() > 0) {
+        if (normalize != null && !normalize.isEmpty()) {
             return InputVal.validEmail(email, normalize);
         }
         return InputVal.invalidEmail(email);
@@ -143,15 +144,15 @@ public static String normalizeEmailString(String email) {
                         wsBuffer.append(c);
                         break;
                     }
-                    if (wsBuffer.length() > 0) {
-                        sb.append(wsBuffer.toString());
+                    if (!wsBuffer.isEmpty()) {
+                        sb.append(wsBuffer);
                         wsBuffer = new StringBuilder();
                     }
                     sb.append(c);
                 }
             }
         }
-        if (sb.length() == 0) {
+        if (sb.isEmpty()) {
             return null;
         }
         final String domainPart = sb.toString();
@@ -162,7 +163,7 @@ public static String normalizeEmailString(String email) {
         } else {
             addressPartToUse = preSb;
         }
-        if (addressPartToUse.length() == 0) {
+        if (addressPartToUse.isEmpty()) {
             return null;
         }
 
@@ -174,7 +175,7 @@ public enum IdentityInputType {
         Hash
     }
 
-    private static enum EmailParsingState {
+    private enum EmailParsingState {
         Starting,
         Pre,
         SubDomain,
@@ -255,16 +256,19 @@ public IdentityType getIdentityType() {
             return identityType;
         }
 
-        public IdentityInputType getInputType() { return inputType; }
+        public IdentityInputType getInputType() {
+            return inputType;
+        }
 
         public boolean isValid() {
             return valid;
         }
 
-        public UserIdentity toUserIdentity(IdentityScope identityScope, int privacyBits, Instant establishedAt) {
+        public UserIdentity toUserIdentity(IdentityScope identityScope, IdentityEnvironment identityEnvironment, int privacyBits, Instant establishedAt) {
             return new UserIdentity(
                     identityScope,
                     this.identityType,
+                    identityEnvironment,
                     getIdentityInput(),
                     privacyBits,
                     establishedAt,

src/main/java/com/uid2/operator/service/TokenUtils.java

@@ -6,7 +6,10 @@
 import com.uid2.operator.model.IdentityVersion;
 import com.uid2.shared.model.SaltEntry;
 
-public class TokenUtils {
+public final class TokenUtils {
+    private TokenUtils() {
+    }
+
     public static byte[] getIdentityHash(String identityString) {
         return EncodingUtils.getSha256Bytes(identityString);
     }
@@ -42,7 +45,7 @@ public static byte[] getAdvertisingIdV2FromIdentityHash(String identityString, S
     public static byte[] getAdvertisingIdV3(IdentityScope scope, IdentityType type, byte[] firstLevelHash, String rotatingSalt) {
         final byte[] sha = EncodingUtils.getSha256Bytes(EncodingUtils.toBase64String(firstLevelHash), rotatingSalt);
         final byte[] id = new byte[33];
-        id[0] = (byte)(encodeIdentityScope(scope) | encodeIdentityType(type));
+        id[0] = (byte) (encodeIdentityScope(scope) | encodeIdentityType(type));
         System.arraycopy(sha, 0, id, 1, 32);
         return id;
     }
@@ -55,9 +58,9 @@ public static byte[] getAdvertisingIdV3FromIdentityHash(IdentityScope scope, Ide
         return getAdvertisingIdV3(scope, type, getFirstLevelHashFromIdentityHash(identityString, firstLevelSalt), rotatingSalt);
     }
 
-    public static byte[] getAdvertisingIdV4(IdentityScope scope, IdentityType type, IdentityEnvironment environment, byte[] firstLevelHash, SaltEntry.KeyMaterial encryptingKey, String rotatingSalt) throws Exception {
+    public static byte[] getAdvertisingIdV4(IdentityScope scope, IdentityType type, IdentityEnvironment environment, byte[] firstLevelHash, SaltEntry.KeyMaterial encryptingKey) throws Exception {
         byte metadata = (byte) (encodeIdentityVersion(IdentityVersion.V4) | encodeIdentityScope(scope) | encodeIdentityType(type) | encodeIdentityEnvironment(environment));
-        return V4TokenUtils.buildAdvertisingIdV4(metadata, firstLevelHash, encryptingKey.id(), encryptingKey.key(), rotatingSalt);
+        return V4TokenUtils.buildAdvertisingIdV4(metadata, firstLevelHash, encryptingKey.id(), encryptingKey.key(), encryptingKey.salt());
     }
 
     public static byte encodeIdentityScope(IdentityScope identityScope) { return (byte) (identityScope.value << 4); }