Add self report #1930

mikehelmick · 2021-03-20T00:29:54Z

Towards #1928

Proposed Changes

Adds API for UserReport to request a verification code
requests are de-duplicated for phone number over 90d

New checkbox to enable user report

New SMS template for "User Report"

Release Note

Add support for self-report initiation and certification. This feature is disabled by default, enable by setting `ENABLE_USER_REPORT` to `true`

internal/routes/apiserver.go

whaught · 2021-03-20T00:58:12Z

pkg/controller/issueapi/gen_code.go

+		if errors.Is(err, database.ErrAlreadyReported) {
+			return &IssueResult{
+				obsResult:   enobs.ResultError("DUPLICATE_USER_REPORT"),
+				HTTPCode:    http.StatusTooManyRequests,


I feel like StatusTooManyRequests implies rate-limiting? Would conflict be more appropriate?

other ideas, just 400? 403?

409 would be most appropriate. I think we need to document the response and explain what clients should do instead.

internal/clients/api_server.go

pkg/api/api.go

pkg/config/admin_server_config.go

pkg/controller/cleanup/handle_cleanup.go

pkg/database/user_report.go

pkg/database/vercode.go

sethvargo · 2021-03-20T17:11:18Z

terraform/database.tf

+# Create secret for the database HMAC for phone numbers
+resource "random_id" "db-phone-number-hmac" {
+  count       = var.db_phone_number_hmac_count
+  byte_length = 128


Some of the comments say 256?

this is the HMAC secret length, not the nonce length

mikehelmick · 2021-03-20T23:26:35Z

updated + added api docs.

pkg/controller/realmadmin/settings_modify.go

pkg/controller/verifyapi/verify.go

pkg/database/database.go

pkg/database/realm.go

pkg/database/token_test.go

pkg/database/user_report.go

pkg/database/vercode_test.go

sethvargo · 2021-03-22T19:31:14Z

Test failures seem real?

mikehelmick added 2 commits March 19, 2021 17:08

finish main self report

d5db71a

short timestamps

1215461

mikehelmick requested a review from a team as a code owner March 20, 2021 00:29

mikehelmick requested review from sethvargo and whaught March 20, 2021 00:29

google-cla bot added the cla: yes Auto: added by CLA bot when all committers have signed a CLA. label Mar 20, 2021

mikehelmick added 4 commits March 19, 2021 17:34

tf fix

7895d32

tf fmt

6ead6f7

lint

fbbff2c

time warp

3ddef82

whaught reviewed Mar 20, 2021

View reviewed changes

internal/routes/apiserver.go Show resolved Hide resolved

whaught reviewed Mar 20, 2021

View reviewed changes

sethvargo suggested changes Mar 20, 2021

View reviewed changes

docs + review comments

364ff43

sethvargo suggested changes Mar 22, 2021

View reviewed changes

review comments

28edde2

sethvargo previously approved these changes Mar 22, 2021

View reviewed changes

Fix test failures

b7ab847

mikehelmick dismissed sethvargo’s stale review via b7ab847 March 22, 2021 19:41

sethvargo approved these changes Mar 22, 2021

View reviewed changes

mikehelmick enabled auto-merge (squash) March 22, 2021 19:48

mikehelmick merged commit d7ec6c6 into google:main Mar 22, 2021

github-actions bot locked as resolved and limited conversation to collaborators Mar 24, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add self report #1930

Add self report #1930

mikehelmick commented Mar 20, 2021

whaught Mar 20, 2021

mikehelmick Mar 20, 2021

sethvargo Mar 20, 2021

sethvargo Mar 20, 2021

mikehelmick Mar 20, 2021

mikehelmick commented Mar 20, 2021

sethvargo commented Mar 22, 2021

Add self report #1930

Add self report #1930

Conversation

mikehelmick commented Mar 20, 2021

Proposed Changes

whaught Mar 20, 2021

Choose a reason for hiding this comment

mikehelmick Mar 20, 2021

Choose a reason for hiding this comment

sethvargo Mar 20, 2021

Choose a reason for hiding this comment

sethvargo Mar 20, 2021

Choose a reason for hiding this comment

mikehelmick Mar 20, 2021

Choose a reason for hiding this comment

mikehelmick commented Mar 20, 2021

sethvargo commented Mar 22, 2021