Federation: Allow connecting to remote users (#1824)

One2One conversations are not created yet. This will be worked upon separately.
Legal-hold restrictions are also not dealt with as for now, it will not be allowed to turn on legal-hold and federation at the same point.

Co-authored-by: Stefan Matting <[email protected]>
Co-authored-by: jschaul <[email protected]>
Co-authored-by: Akshay Mankar <[email protected]>

Author: 4 people

changelog.d/6-federation/fed-connections

@@ -0,0 +1 @@
+Allow connecting to remote users. One to one conversations are not created yet.

libs/wire-api-federation/src/Wire/API/Federation/API/Brig.hs

@@ -20,14 +20,15 @@ module Wire.API.Federation.API.Brig where
 import Control.Monad.Except (MonadError (..))
 import Data.Aeson (FromJSON, ToJSON)
 import Data.Handle (Handle)
-import Data.Id (ClientId, UserId)
+import Data.Id
 import Imports
 import Servant.API
 import Servant.API.Generic
 import Servant.Client.Generic (AsClientT, genericClient)
 import Test.QuickCheck (Arbitrary)
 import Wire.API.Arbitrary (GenericUniform (..))
 import Wire.API.Federation.Client (FederationClientFailure, FederatorClient)
+import Wire.API.Federation.Domain (OriginDomainHeader)
 import qualified Wire.API.Federation.GRPC.Types as Proto
 import Wire.API.Message (UserClients)
 import Wire.API.User (UserProfile)
@@ -92,7 +93,14 @@ data Api routes = Api
         :- "federation"
         :> "get-user-clients"
         :> ReqBody '[JSON] GetUserClients
-        :> Post '[JSON] (UserMap (Set PubClient))
+        :> Post '[JSON] (UserMap (Set PubClient)),
+    sendConnectionAction ::
+      routes
+        :- "federation"
+        :> "send-connection-action"
+        :> OriginDomainHeader
+        :> ReqBody '[JSON] NewConnectionRequest
+        :> Post '[JSON] NewConnectionResponse
   }
   deriving (Generic)
 
@@ -102,5 +110,46 @@ newtype GetUserClients = GetUserClients
   deriving stock (Eq, Show, Generic)
   deriving (ToJSON, FromJSON) via (CustomEncoded GetUserClients)
 
+-- NOTE: ConversationId for remote connections
+--
+-- The plan is to model the connect/one2one conversationId as deterministically derived from
+-- the combination of both userIds and both domains. It may be in the domain
+-- of the sending OR the receiving backend (with a 50/50 probability).
+-- However at the level of the federation API, we are only concerned about
+-- the question of which backend has the authority over the conversationId.
+--
+-- (Backend A should not prescribe backend B to use a certain UUID for its
+-- conversation; as that could lead to a potential malicious override of an
+-- existing conversation)
+--
+-- The deterministic conversation Id should be seen as a 'best effort'
+-- attempt only. (we cannot guarantee a backend won't change the code in the
+-- future)
+
+data NewConnectionRequest = NewConnectionRequest
+  { -- | The 'from' userId is understood to always have the domain of the backend making the connection request
+    ncrFrom :: UserId,
+    -- | The 'to' userId is understood to always have the domain of the receiving backend.
+    ncrTo :: UserId,
+    ncrAction :: RemoteConnectionAction
+  }
+  deriving stock (Eq, Show, Generic)
+  deriving (Arbitrary) via (GenericUniform NewConnectionRequest)
+  deriving (FromJSON, ToJSON) via (CustomEncoded NewConnectionRequest)
+
+data RemoteConnectionAction
+  = RemoteConnect
+  | RemoteRescind
+  deriving stock (Eq, Show, Generic)
+  deriving (Arbitrary) via (GenericUniform RemoteConnectionAction)
+  deriving (FromJSON, ToJSON) via (CustomEncoded RemoteConnectionAction)
+
+data NewConnectionResponse
+  = NewConnectionResponseUserNotActivated
+  | NewConnectionResponseOk (Maybe RemoteConnectionAction)
+  deriving stock (Eq, Show, Generic)
+  deriving (Arbitrary) via (GenericUniform NewConnectionResponse)
+  deriving (FromJSON, ToJSON) via (CustomEncoded NewConnectionResponse)
+
 clientRoutes :: (MonadError FederationClientFailure m, MonadIO m) => Api (AsClientT (FederatorClient 'Proto.Brig m))
 clientRoutes = genericClient

libs/wire-api-federation/test/Test/Wire/API/Federation/Golden/GoldenSpec.hs

@@ -23,6 +23,8 @@ import qualified Test.Wire.API.Federation.Golden.ConversationUpdate as Conversat
 import qualified Test.Wire.API.Federation.Golden.LeaveConversationRequest as LeaveConversationRequest
 import qualified Test.Wire.API.Federation.Golden.LeaveConversationResponse as LeaveConversationResponse
 import qualified Test.Wire.API.Federation.Golden.MessageSendResponse as MessageSendResponse
+import qualified Test.Wire.API.Federation.Golden.NewConnectionRequest as NewConnectionRequest
+import qualified Test.Wire.API.Federation.Golden.NewConnectionResponse as NewConnectionResponse
 import Test.Wire.API.Federation.Golden.Runner (testObjects)
 
 spec :: Spec
@@ -50,3 +52,13 @@ spec =
         (LeaveConversationResponse.testObject_LeaveConversationResponse7, "testObject_LeaveConversationResponse7.json"),
         (LeaveConversationResponse.testObject_LeaveConversationResponse8, "testObject_LeaveConversationResponse8.json")
       ]
+    testObjects
+      [ (NewConnectionRequest.testObject_NewConnectionRequest1, "testObject_NewConnectionRequest1.json"),
+        (NewConnectionRequest.testObject_NewConnectionRequest2, "testObject_NewConnectionRequest2.json")
+      ]
+    testObjects
+      [ (NewConnectionResponse.testObject_NewConnectionResponse1, "testObject_NewConnectionResponse1.json"),
+        (NewConnectionResponse.testObject_NewConnectionResponse2, "testObject_NewConnectionResponse2.json"),
+        (NewConnectionResponse.testObject_NewConnectionResponse3, "testObject_NewConnectionResponse3.json"),
+        (NewConnectionResponse.testObject_NewConnectionResponse4, "testObject_NewConnectionResponse4.json")
+      ]

libs/wire-api-federation/test/Test/Wire/API/Federation/Golden/NewConnectionRequest.hs

@@ -0,0 +1,39 @@
+-- This file is part of the Wire Server implementation.
+--
+-- Copyright (C) 2021 Wire Swiss GmbH <[email protected]>
+--
+-- This program is free software: you can redistribute it and/or modify it under
+-- the terms of the GNU Affero General Public License as published by the Free
+-- Software Foundation, either version 3 of the License, or (at your option) any
+-- later version.
+--
+-- This program is distributed in the hope that it will be useful, but WITHOUT
+-- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+-- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
+-- details.
+--
+-- You should have received a copy of the GNU Affero General Public License along
+-- with this program. If not, see <https://www.gnu.org/licenses/>.
+
+module Test.Wire.API.Federation.Golden.NewConnectionRequest where
+
+import Data.Id
+import qualified Data.UUID as UUID
+import Imports
+import Wire.API.Federation.API.Brig
+
+testObject_NewConnectionRequest1 :: NewConnectionRequest
+testObject_NewConnectionRequest1 =
+  NewConnectionRequest
+    { ncrFrom = Id (fromJust (UUID.fromString "69f66843-6cf1-48fb-8c05-1cf58c23566a")),
+      ncrTo = Id (fromJust (UUID.fromString "1669240c-c510-43e0-bf1a-33378fa4ba55")),
+      ncrAction = RemoteConnect
+    }
+
+testObject_NewConnectionRequest2 :: NewConnectionRequest
+testObject_NewConnectionRequest2 =
+  NewConnectionRequest
+    { ncrFrom = Id (fromJust (UUID.fromString "69f66843-6cf1-48fb-8c05-1cf58c23566a")),
+      ncrTo = Id (fromJust (UUID.fromString "1669240c-c510-43e0-bf1a-33378fa4ba55")),
+      ncrAction = RemoteRescind
+    }

libs/wire-api-federation/test/Test/Wire/API/Federation/Golden/NewConnectionResponse.hs

@@ -0,0 +1,33 @@
+-- This file is part of the Wire Server implementation.
+--
+-- Copyright (C) 2021 Wire Swiss GmbH <[email protected]>
+--
+-- This program is free software: you can redistribute it and/or modify it under
+-- the terms of the GNU Affero General Public License as published by the Free
+-- Software Foundation, either version 3 of the License, or (at your option) any
+-- later version.
+--
+-- This program is distributed in the hope that it will be useful, but WITHOUT
+-- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+-- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
+-- details.
+--
+-- You should have received a copy of the GNU Affero General Public License along
+-- with this program. If not, see <https://www.gnu.org/licenses/>.
+
+module Test.Wire.API.Federation.Golden.NewConnectionResponse where
+
+import Imports
+import Wire.API.Federation.API.Brig
+
+testObject_NewConnectionResponse1 :: NewConnectionResponse
+testObject_NewConnectionResponse1 = NewConnectionResponseOk Nothing
+
+testObject_NewConnectionResponse2 :: NewConnectionResponse
+testObject_NewConnectionResponse2 = NewConnectionResponseOk (Just RemoteConnect)
+
+testObject_NewConnectionResponse3 :: NewConnectionResponse
+testObject_NewConnectionResponse3 = NewConnectionResponseOk (Just RemoteRescind)
+
+testObject_NewConnectionResponse4 :: NewConnectionResponse
+testObject_NewConnectionResponse4 = NewConnectionResponseUserNotActivated

libs/wire-api-federation/test/golden/testObject_NewConnectionRequest1.json

@@ -0,0 +1,5 @@
+{
+    "to": "1669240c-c510-43e0-bf1a-33378fa4ba55",
+    "from": "69f66843-6cf1-48fb-8c05-1cf58c23566a",
+    "action": "RemoteConnect"
+}

libs/wire-api-federation/test/golden/testObject_NewConnectionRequest2.json

@@ -0,0 +1,5 @@
+{
+    "to": "1669240c-c510-43e0-bf1a-33378fa4ba55",
+    "from": "69f66843-6cf1-48fb-8c05-1cf58c23566a",
+    "action": "RemoteRescind"
+}

libs/wire-api-federation/test/golden/testObject_NewConnectionResponse1.json

@@ -0,0 +1,4 @@
+{
+    "tag": "NewConnectionResponseOk",
+    "contents": null
+}

libs/wire-api-federation/test/golden/testObject_NewConnectionResponse2.json

@@ -0,0 +1,4 @@
+{
+    "tag": "NewConnectionResponseOk",
+    "contents": "RemoteConnect"
+}

libs/wire-api-federation/test/golden/testObject_NewConnectionResponse3.json

@@ -0,0 +1,4 @@
+{
+    "tag": "NewConnectionResponseOk",
+    "contents": "RemoteRescind"
+}