Skip to content

Fix PN metadata leak, PN navigation to chat, and unexpected PNs from other accounts #7268

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 17, 2019
Merged

Fix PN metadata leak, PN navigation to chat, and unexpected PNs from other accounts #7268

merged 1 commit into from
Jan 17, 2019

Conversation

rasom
Copy link
Contributor

@rasom rasom commented Jan 14, 2019
edited
Loading

The same PR as #6893. It has too many comments, quite hard to "navigate" even to find new builds.

fixes #6772, #3488 and #2984, depends on status-im/status-go#1297

Summary:

Pre-PR example payload:

{
	"notification": {
		"title": "Status",
		"body": "You have a new message"
	},
	"data": {
		"msg": {
			"from": "0x04325367620ae20dd878dbb39f69f02c567d789dd21af8a88623dc5b529827c2812571c380a2cd8236a2851b8843d6486481166c39debf60a5d30b9099c66213e4",
			"to": "0x04601f0228b9c046ddf524f7c612093c0ba69a8b7ee37e3f9292626fd6bb50578f57e9f5672e79967fcef7803cfe28daf93342cb4cdb6eb9702eb759d3154b192b"
		}
	}
}

Same payload post-PR (notice versioning):

{
	"data": {
		"msg-v2": {
			"from": "0x2cea3bd5",
			"to": "0xb1f89744",
			"id": "0x872653ad"
		}
	}
}

This PR:

  • Adds new message id field to the PN in the form of hash:${msg-v2/id}, creating a 1:1 link between Whisper messages and their respective PN on the receiver side
  • Moves to using sender/receiver pubkey hashes instead of the pubkeys themselves (first 10 characters/4 bytes of sha3 hash)
    • Key/values sent: msg-v2/from, msg-v2/to, msg-v2/id
  • Stores complete PN payload as JSON in db (:push-notifications/stored)
  • Moves from Notification API (where title/body were being sent with the PN) to Messaging API (Messaging API only sends a hidden message with key/value pairs) (Metadata leak in push notifications #6772)
  • Maintains compatibility with older clients (receiving only, sent PNs will not be displayed on older clients)
  • Creates background task to receive FCM message and display appropriate PN
    • Only create PN if message with hash equal to msg-v2/id is not marked as seen
  • Removes unused config/in-app-notifications-enabled?/IN_APP_NOTIFICATIONS_ENABLED
  • Removes dependency on NotifyUsers status-go API by leveraging react-native-firebase API the API does not support some critical properties for Android and iOS, so we must continue with the implementation in status-go for the time being. Created a suggestion at https://boards.invertase.io/react-native-firebase/p/add-missing-properties-to-messagingremotemessage.
  • Fixes navigating to chat if the user is signed out and taps on notification (Clicking message notification does not open the chat #3488).

Review notes (optional):

This PR paves the way to fix issues like #3488, #3487, #2984

Testing notes (optional):

Platforms

Check that new apps can receive PNs from both new and old clients. I've tested Desktop and Android, but not iOS.

  • Android (as sender/receiver)
  • iOS (as sender/receiver)
  • Desktop (as sender only)

See here for expected behavior from a technical perspective: https://github.com/invertase/react-native-firebase-docs/blob/master/docs/messaging/introduction.md#data-only-messages

Areas that maybe impacted

Functional

  • 1-1 chats
  • group chats

Steps to test:

  1. Open Status on device 1
  2. Open Status on device 2
  3. Add device 2 as a contact on device 1
  4. Send a message from device 1 to device 2
  5. Add device 1 as a contact of device 2
  6. Put the app on device 2 in the background
  7. Send another message from device 1 to device 2
  8. Confirm that a Push Notification is displayed on device 2
  9. Tap on the PN
  10. Confirm that the app navigates to the appropriate chat

Future steps

With this PR implemented, we can easily implement the following:

  1. Show sender/chat room in PN if db is unlocked (Show sender in mobile push notifications when db is unlocked #7043)
  2. Group PNs by sender/chat (Group mobile push notifications by sender #7046)
  3. Navigate to message matching partial IDs in mobile push notifications when PN is tapped Navigate to message matching partial IDs in mobile push notifications when PN is tapped #7044

status: ready

GitHub
📖 React Native Firebase documentation source files - please use the website to browse the docs. - invertase/react-native-firebase-docs

@ghost
Copy link

ghost commented Jan 14, 2019

Pull Request Checklist

  • Have you updated the documentation, if impacted (e.g. docs.status.im)?

@status-im-auto
Copy link
Member

status-im-auto commented Jan 14, 2019
edited
Loading

Jenkins Builds

Click to see older builds (92)
Commit #️⃣ Finished (UTC) Duration Platform Result
✔️ f344beb #1 2019-01-14 20:20:59 ~18 min android 📦 package
✔️ f344beb #1 2019-01-14 20:21:30 ~19 min android-e2e 📦 package
✔️ f344beb #1 2019-01-14 20:22:54 ~20 min macos 📦 package
✔️ f344beb #1 2019-01-14 20:25:43 ~23 min ios-e2e 📦 package
✔️ f344beb #1 2019-01-14 20:27:19 ~24 min ios 📦 package
✔️ f344beb #1 2019-01-14 20:30:38 ~28 min windows 📦 package
✔️ f344beb #1 2019-01-14 20:32:35 ~30 min linux 📦 package
✔️ 9923dca #2 2019-01-15 06:45:09 ~12 min macos 📦 package
✔️ 9923dca #2 2019-01-15 06:46:55 ~14 min android 📦 package
✔️ 9923dca #2 2019-01-15 06:47:12 ~14 min ios-e2e 📦 package
✔️ 9923dca #2 2019-01-15 06:47:28 ~15 min android-e2e 📦 package
✔️ 9923dca #2 2019-01-15 06:49:30 ~17 min windows 📦 package
✔️ 9923dca #2 2019-01-15 06:49:37 ~17 min ios 📦 package
✔️ 9923dca #2 2019-01-15 06:50:57 ~18 min linux 📦 package
✔️ 3c8df1a #3 2019-01-15 09:42:22 ~16 min macos 📦 package
✔️ 3c8df1a #3 2019-01-15 09:42:26 ~16 min android-e2e 📦 package
✔️ 3c8df1a #3 2019-01-15 09:42:53 ~16 min ios 📦 package
✔️ 3c8df1a #3 2019-01-15 09:42:54 ~16 min ios-e2e 📦 package
✔️ 3c8df1a #3 2019-01-15 09:43:22 ~17 min windows 📦 package
✔️ 3c8df1a #3 2019-01-15 09:44:33 ~18 min linux 📦 package
✔️ 3c8df1a #3 2019-01-15 09:54:00 ~28 min android 📦 package
✔️ 54190e4 #4 2019-01-15 10:30:15 ~12 min macos 📦 package
✔️ 54190e4 #4 2019-01-15 10:31:59 ~14 min android-e2e 📦 package
✔️ 54190e4 #4 2019-01-15 10:31:59 ~14 min android 📦 package
✔️ 54190e4 #4 2019-01-15 10:32:37 ~15 min ios-e2e 📦 package
✔️ 54190e4 #4 2019-01-15 10:33:37 ~16 min ios 📦 package
✔️ 54190e4 #4 2019-01-15 10:34:33 ~17 min windows 📦 package
✔️ 54190e4 #4 2019-01-15 10:52:16 ~34 min linux 📦 package
✔️ 4481a34 #5 2019-01-15 10:58:20 ~14 min android 📦 package
✔️ 4481a34 #5 2019-01-15 10:58:29 ~14 min macos 📦 package
✔️ 4481a34 #5 2019-01-15 10:58:42 ~14 min android-e2e 📦 package
✔️ 4481a34 #5 2019-01-15 10:59:04 ~15 min ios-e2e 📦 package
✔️ 4481a34 #5 2019-01-15 11:02:11 ~18 min ios 📦 package
✔️ 4481a34 #5 2019-01-15 11:19:26 ~35 min windows 📦 package
a11fd41 #6 2019-01-15 11:14:23 ~1 min 0 sec ios-e2e 📄 build log
✔️ a11fd41 #6 2019-01-15 11:25:54 ~12 min macos 📦 package
✔️ a11fd41 #6 2019-01-15 11:27:33 ~14 min android 📦 package
✔️ a11fd41 #6 2019-01-15 11:29:16 ~15 min android-e2e 📦 package
✔️ a11fd41 #6 2019-01-15 11:29:23 ~15 min ios 📦 package
✔️ a11fd41 #6 2019-01-15 11:37:51 ~18 min windows 📦 package
✔️ a11fd41 #6 2019-01-15 11:45:32 ~17 min linux 📦 package
✔️ 320a191 #7 2019-01-15 12:18:22 ~16 min ios-e2e 📦 package
✔️ 320a191 #7 2019-01-15 12:18:25 ~16 min android-e2e 📦 package
✔️ 320a191 #7 2019-01-15 12:18:39 ~16 min android 📦 package
✔️ 320a191 #7 2019-01-15 12:20:08 ~17 min macos 📦 package
✔️ 320a191 #7 2019-01-15 12:22:37 ~20 min windows 📦 package
✔️ 320a191 #7 2019-01-15 12:22:38 ~20 min ios 📦 package
✔️ 320a191 #7 2019-01-15 12:24:47 ~22 min linux 📦 package
c9e2cf7 #8 2019-01-15 12:54:43 ~19 min ios 📄 build log
✔️ c9e2cf7 #8 2019-01-15 12:59:02 ~24 min android-e2e 📦 package
✔️ c9e2cf7 #8 2019-01-15 12:59:17 ~24 min windows 📦 package
✔️ c9e2cf7 #8 2019-01-15 12:59:52 ~24 min ios-e2e 📦 package
✔️ c9e2cf7 #8 2019-01-15 13:00:35 ~25 min linux 📦 package
✔️ c9e2cf7 #8 2019-01-15 13:02:17 ~27 min macos 📦 package
c9e2cf7 #9 2019-01-15 13:10:13 ~12 min ios 📄 build log
✔️ c9e2cf7 #8 2019-01-15 13:12:04 ~37 min android 📦 package
c9e2cf7 #10 2019-01-15 13:41:12 ~7 min 25 sec ios 📄 build log
✔️ c9e2cf7 #11 2019-01-15 14:02:28 ~16 min ios 📦 package
ae1acf3 #10 2019-01-15 15:00:58 ~7 min 30 sec ios-e2e 📄 build log
ae1acf3 #13 2019-01-15 15:01:10 ~7 min 33 sec ios 📄 build log
✔️ ae1acf3 #10 2019-01-15 15:11:52 ~18 min macos 📦 package
✔️ ae1acf3 #10 2019-01-15 15:16:07 ~18 min android 📦 package
✔️ ae1acf3 #10 2019-01-15 15:17:11 ~20 min android-e2e 📦 package
✔️ ae1acf3 #10 2019-01-15 15:20:36 ~23 min windows 📦 package
✔️ ae1acf3 #10 2019-01-15 15:22:40 ~25 min linux 📦 package
✔️ ae1acf3 #14 2019-01-15 16:21:26 ~15 min ios 📦 package
✔️ ae1acf3 #11 2019-01-15 16:21:31 ~14 min ios-e2e 📦 package
✔️ ae1acf3 #15 2019-01-16 13:41:12 ~14 min ios 📦 package
fe3d71c #12 2019-01-17 08:03:35 ~1 min 8 sec ios-e2e 📄 build log
✔️ fe3d71c #11 2019-01-17 08:14:32 ~12 min macos 📦 package
✔️ fe3d71c #11 2019-01-17 08:16:51 ~14 min android 📦 package
fe3d71c #16 2019-01-17 08:17:22 ~14 min ios 📄 build log
✔️ fe3d71c #11 2019-01-17 08:17:25 ~15 min android-e2e 📦 package
✔️ fe3d71c #11 2019-01-17 08:20:23 ~17 min linux 📦 package
✔️ fe3d71c #11 2019-01-17 08:28:18 ~25 min windows 📦 package
✔️ fe3d71c #17 2019-01-17 10:34:37 ~15 min ios 📦 package
✔️ fe3d71c #13 2019-01-17 10:49:06 ~16 min ios-e2e 📦 package
✔️ fe3d71c #19 2019-01-17 11:14:16 ~16 min ios 📦 package
d326f9c #12 2019-01-17 13:02:29 ~1 min 6 sec android 📄 build log
d326f9c #12 2019-01-17 13:03:55 ~2 min 32 sec android-e2e 📄 build log
✔️ d326f9c #20 2019-01-17 13:17:29 ~16 min ios 📦 package
✔️ d326f9c #14 2019-01-17 13:17:39 ~16 min ios-e2e 📦 package
✔️ d326f9c #12 2019-01-17 13:17:59 ~16 min macos 📦 package
✔️ d326f9c #12 2019-01-17 13:22:49 ~21 min windows 📦 package
✔️ d326f9c #12 2019-01-17 13:23:42 ~22 min linux 📦 package
70361ea #13 2019-01-17 13:48:24 ~1 min 55 sec android 📄 build log
✔️ 70361ea #13 2019-01-17 13:59:35 ~13 min macos 📦 package
✔️ 70361ea #15 2019-01-17 14:00:31 ~14 min ios-e2e 📦 package
✔️ 70361ea #21 2019-01-17 14:01:31 ~15 min ios 📦 package
✔️ 70361ea #13 2019-01-17 14:02:21 ~15 min android-e2e 📦 package
✔️ 70361ea #13 2019-01-17 14:06:12 ~19 min windows 📦 package
✔️ 70361ea #13 2019-01-17 14:07:19 ~20 min linux 📦 package
Commit #️⃣ Finished (UTC) Duration Platform Result
✔️ af38f61 #14 2019-01-17 14:39:11 ~13 min macos 📦 package
✔️ af38f61 #16 2019-01-17 14:41:06 ~15 min ios-e2e 📦 package
✔️ af38f61 #14 2019-01-17 14:41:06 ~15 min android 📦 package
✔️ af38f61 #22 2019-01-17 14:41:34 ~16 min ios 📦 package
✔️ af38f61 #14 2019-01-17 14:42:32 ~17 min android-e2e 📦 package
✔️ af38f61 #14 2019-01-17 14:49:53 ~24 min windows 📦 package
✔️ af38f61 #14 2019-01-17 14:50:48 ~25 min linux 📦 package
✔️ 5a69b41 #15 2019-01-17 17:39:45 ~15 min android 📦 package
✔️ 5a69b41 #17 2019-01-17 17:39:49 ~15 min ios-e2e 📦 package
✔️ 5a69b41 #15 2019-01-17 17:40:04 ~15 min macos 📦 package
✔️ 5a69b41 #15 2019-01-17 17:40:07 ~15 min android-e2e 📦 package
✔️ 5a69b41 #23 2019-01-17 17:40:33 ~16 min ios 📦 package
✔️ 5a69b41 #15 2019-01-17 17:46:26 ~21 min linux 📦 package

pedropombeiro
pedropombeiro approved these changes Jan 15, 2019
View reviewed changes
@rasom rasom force-pushed the fix/#6772-pn-metadata-leak branch 2 times, most recently from 1df2523 to ae1acf3 Compare January 15, 2019 14:52
@asemiankevich asemiankevich self-assigned this Jan 16, 2019
@statustestbot
Copy link

100% of end-end tests have passed

Total executed tests: 58
Failed tests: 0
Passed tests: 58

Passed tests (58)

Click to expand
1. test_create_account
Device sessions

2. test_user_can_switch_network
Device sessions

3. test_filters_from_daap
Device sessions

4. test_copy_and_paste_messages
Device sessions

5. test_send_transaction_from_daap
Device sessions

6. test_request_and_receive_tokens_in_1_1_chat
Device sessions

7. test_delete_cut_and_paste_messages
Device sessions

8. test_deploy_contract_from_daap
Device sessions

9. test_offline_login
Device sessions

10. test_pass_phrase_validation
Device sessions

11. test_public_chat_messaging
Device sessions

12. test_password_in_logcat_sign_in
Device sessions

13. test_set_profile_picture
Device sessions

14. test_text_message_1_1_chat
Device sessions

15. test_add_to_contacts
Device sessions

16. test_unread_messages_counter_1_1_chat
Device sessions

17. test_logcat_send_transaction_from_daap
Device sessions

18. test_onboarding_screen_when_requesting_tokens_for_new_account
Device sessions

19. test_logcat_send_transaction_from_wallet
Device sessions

20. test_send_token_with_7_decimals
Device sessions

21. test_modify_transaction_fee_values
Device sessions

22. test_token_with_more_than_allowed_decimals
Device sessions

23. test_send_eth_from_wallet_to_address
Device sessions

24. test_send_transaction_details_in_1_1_chat
Device sessions

25. test_manage_assets
Device sessions

26. test_wallet_set_up
Device sessions

27. test_logcat_send_transaction_in_1_1_chat
Device sessions

28. test_request_and_receive_eth_in_1_1_chat
Device sessions

29. test_swipe_to_delete_public_chat
Device sessions

30. test_passphrase_whitespaces_ignored_while_recovering_access
Device sessions

31. test_send_emoji
Device sessions

32. test_add_contact_by_pasting_public_key
Device sessions

33. test_logcat_recovering_account
Device sessions

34. test_messaging_in_different_networks
Device sessions

35. test_send_tokens_in_1_1_chat
Device sessions

36. test_network_mismatch_for_send_request_commands
Device sessions

37. test_logcat_sign_message_from_daap
Device sessions

38. test_swipe_to_delete_1_1_chat
Device sessions

39. test_switch_users_and_add_new_account
Device sessions

40. test_send_stt_from_wallet
Device sessions

41. test_send_eth_in_1_1_chat
Device sessions

42. test_login_with_new_account
Device sessions

43. test_send_eth_from_wallet_to_contact
Device sessions

44. test_add_contact_from_public_chat
Device sessions

45. test_send_request_not_enabled_tokens
Device sessions

46. test_send_message_to_newly_added_contact
Device sessions

47. test_password_in_logcat_creating_account
Device sessions

48. test_backup_recovery_phrase
Device sessions

49. test_offline_status
Device sessions

50. test_open_google_com_via_open_dapp
Device sessions

51. test_unread_messages_counter_public_chat
Device sessions

52. test_sign_message_from_daap
Device sessions

53. test_user_can_remove_profile_picture
Device sessions

54. test_share_contact_code_and_wallet_address
Device sessions

55. test_request_eth_in_wallet
Device sessions

56. test_refresh_button_browsing_app_webview
Device sessions

57. test_backup_recovery_phrase_warning_from_wallet
Device sessions

58. test_recover_account
Device sessions

@asemiankevich
Copy link
Contributor

for some reason i still dont receive PNs on my ios device. I am using iPhone 7 with iOS 11.4.1. I think the problem may be in this Allow notifications setting flag. I have turned it on and off in settings and it does not make any effect. Android device looks good to me.
@Serhy @churik please check on your side.

@churik
Copy link
Member

churik commented Jan 16, 2019
edited
Loading

@asemiankevich case when you turn off and on PN works for me as expected - so I can again receive PNs.
Device: IPhone 7
IOS: 11.4.1

@rasom
Copy link
Contributor Author

rasom commented Jan 16, 2019

@asemiankevich just checked on iphone X and 6s, both with 12.1.2, works as expected. From which device/app version do you send the messages?

@churik
Copy link
Member

churik commented Jan 16, 2019
edited
Loading

@asemiankevich just checked on iphone X and 6s, both with 12.1.2, works as expected. From which device/app version do you send the messages?

@rasom
From @asemiankevich : Ios 11.4.1 can't receive PN from Android 8

@rasom
Copy link
Contributor Author

rasom commented Jan 16, 2019

From @asemiankevich : Ios 11.4.1 can't receive PN from Android 8

ok, and what's the app version on android?

@rasom
Copy link
Contributor Author

rasom commented Jan 16, 2019

Tried to turn on/off notifications on ios, can receive PNs after turning notifications on.

@asemiankevich
Copy link
Contributor

asemiankevich commented Jan 16, 2019
edited
Loading

From @asemiankevich : Ios 11.4.1 can't receive PN from Android 8

ok, and what's the app version on android?

@rasom it is android 8, version of the app is latest current PR build

@annadanchenko
Copy link

can also reproduce no PN if Android 9, pixel XL sends new message in 1:1 chat to IPhone 7 plus, iOS 11.0.3.

  1. Iphone added pixel by scanning qr code and sent a new text message
  2. Pixel added iPhone as a contact and sent a message to iPhone
  3. App is on background on iPhone
  4. Pixel sends new message to iPhone -> no PN shown but if switch to chat on iPhone then new message is there

@asemiankevich
Copy link
Contributor

probably it is related to iOS version, because old versions are killing the app on background faster, not sure. It is all fine with iOS 12.

@rasom
Copy link
Contributor Author

rasom commented Jan 16, 2019

@asemiankevich @annadanchenko @pombeirp @mandrigin
On my iphone X i can see PNs even after 1h in the background (probably even longer but i didn't test), on iphone 6s the app is suspended in 2-3 minutes. Currently, if app is suspended we can't receive PNs on ios.

We can try to implement some handling on native side but not as part of this PR. I would suggest merging it as it is for now.

@asemiankevich
Copy link
Contributor

agree

@asemiankevich
Copy link
Contributor

moved back to testing, there are some other issues to be rechecked before merge

@rasom rasom force-pushed the fix/#6772-pn-metadata-leak branch from ae1acf3 to fe3d71c Compare January 17, 2019 08:02
@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

@asemiankevich make sure you are testing build # 10, that builds table is broken a bit

@statustestbot
Copy link

100% of end-end tests have passed

Total executed tests: 58
Failed tests: 0
Passed tests: 58

Passed tests (58)

Click to expand
1. test_create_account
Device sessions

2. test_user_can_switch_network
Device sessions

3. test_filters_from_daap
Device sessions

4. test_copy_and_paste_messages
Device sessions

5. test_send_transaction_from_daap
Device sessions

6. test_request_and_receive_tokens_in_1_1_chat
Device sessions

7. test_delete_cut_and_paste_messages
Device sessions

8. test_deploy_contract_from_daap
Device sessions

9. test_offline_login
Device sessions

10. test_pass_phrase_validation
Device sessions

11. test_public_chat_messaging
Device sessions

12. test_password_in_logcat_sign_in
Device sessions

13. test_set_profile_picture
Device sessions

14. test_text_message_1_1_chat
Device sessions

15. test_add_to_contacts
Device sessions

16. test_unread_messages_counter_1_1_chat
Device sessions

17. test_logcat_send_transaction_from_daap
Device sessions

18. test_onboarding_screen_when_requesting_tokens_for_new_account
Device sessions

19. test_logcat_send_transaction_from_wallet
Device sessions

20. test_send_token_with_7_decimals
Device sessions

21. test_modify_transaction_fee_values
Device sessions

22. test_token_with_more_than_allowed_decimals
Device sessions

23. test_send_eth_from_wallet_to_address
Device sessions

24. test_send_transaction_details_in_1_1_chat
Device sessions

25. test_manage_assets
Device sessions

26. test_wallet_set_up
Device sessions

27. test_logcat_send_transaction_in_1_1_chat
Device sessions

28. test_request_and_receive_eth_in_1_1_chat
Device sessions

29. test_swipe_to_delete_public_chat
Device sessions

30. test_passphrase_whitespaces_ignored_while_recovering_access
Device sessions

31. test_send_emoji
Device sessions

32. test_add_contact_by_pasting_public_key
Device sessions

33. test_logcat_recovering_account
Device sessions

34. test_messaging_in_different_networks
Device sessions

35. test_send_tokens_in_1_1_chat
Device sessions

36. test_network_mismatch_for_send_request_commands
Device sessions

37. test_logcat_sign_message_from_daap
Device sessions

38. test_swipe_to_delete_1_1_chat
Device sessions

39. test_switch_users_and_add_new_account
Device sessions

40. test_send_stt_from_wallet
Device sessions

41. test_send_eth_in_1_1_chat
Device sessions

42. test_login_with_new_account
Device sessions

43. test_send_eth_from_wallet_to_contact
Device sessions

44. test_add_contact_from_public_chat
Device sessions

45. test_send_request_not_enabled_tokens
Device sessions

46. test_send_message_to_newly_added_contact
Device sessions

47. test_password_in_logcat_creating_account
Device sessions

48. test_backup_recovery_phrase
Device sessions

49. test_offline_status
Device sessions

50. test_open_google_com_via_open_dapp
Device sessions

51. test_unread_messages_counter_public_chat
Device sessions

52. test_sign_message_from_daap
Device sessions

53. test_user_can_remove_profile_picture
Device sessions

54. test_share_contact_code_and_wallet_address
Device sessions

55. test_request_eth_in_wallet
Device sessions

56. test_refresh_button_browsing_app_webview
Device sessions

57. test_backup_recovery_phrase_warning_from_wallet
Device sessions

58. test_recover_account
Device sessions

@statustestbot
Copy link

100% of end-end tests have passed

Total executed tests: 58
Failed tests: 0
Passed tests: 58

Passed tests (58)

Click to expand
1. test_create_account
Device sessions

2. test_user_can_switch_network
Device sessions

3. test_filters_from_daap
Device sessions

4. test_copy_and_paste_messages
Device sessions

5. test_send_transaction_from_daap
Device sessions

6. test_request_and_receive_tokens_in_1_1_chat
Device sessions

7. test_delete_cut_and_paste_messages
Device sessions

8. test_deploy_contract_from_daap
Device sessions

9. test_offline_login
Device sessions

10. test_pass_phrase_validation
Device sessions

11. test_public_chat_messaging
Device sessions

12. test_password_in_logcat_sign_in
Device sessions

13. test_set_profile_picture
Device sessions

14. test_text_message_1_1_chat
Device sessions

15. test_add_to_contacts
Device sessions

16. test_unread_messages_counter_1_1_chat
Device sessions

17. test_logcat_send_transaction_from_daap
Device sessions

18. test_onboarding_screen_when_requesting_tokens_for_new_account
Device sessions

19. test_logcat_send_transaction_from_wallet
Device sessions

20. test_send_token_with_7_decimals
Device sessions

21. test_modify_transaction_fee_values
Device sessions

22. test_token_with_more_than_allowed_decimals
Device sessions

23. test_send_eth_from_wallet_to_address
Device sessions

24. test_send_transaction_details_in_1_1_chat
Device sessions

25. test_manage_assets
Device sessions

26. test_wallet_set_up
Device sessions

27. test_logcat_send_transaction_in_1_1_chat
Device sessions

28. test_request_and_receive_eth_in_1_1_chat
Device sessions

29. test_swipe_to_delete_public_chat
Device sessions

30. test_passphrase_whitespaces_ignored_while_recovering_access
Device sessions

31. test_send_emoji
Device sessions

32. test_add_contact_by_pasting_public_key
Device sessions

33. test_logcat_recovering_account
Device sessions

34. test_messaging_in_different_networks
Device sessions

35. test_send_tokens_in_1_1_chat
Device sessions

36. test_network_mismatch_for_send_request_commands
Device sessions

37. test_logcat_sign_message_from_daap
Device sessions

38. test_swipe_to_delete_1_1_chat
Device sessions

39. test_switch_users_and_add_new_account
Device sessions

40. test_send_stt_from_wallet
Device sessions

41. test_send_eth_in_1_1_chat
Device sessions

42. test_login_with_new_account
Device sessions

43. test_send_eth_from_wallet_to_contact
Device sessions

44. test_add_contact_from_public_chat
Device sessions

45. test_send_request_not_enabled_tokens
Device sessions

46. test_send_message_to_newly_added_contact
Device sessions

47. test_password_in_logcat_creating_account
Device sessions

48. test_backup_recovery_phrase
Device sessions

49. test_offline_status
Device sessions

50. test_open_google_com_via_open_dapp
Device sessions

51. test_unread_messages_counter_public_chat
Device sessions

52. test_sign_message_from_daap
Device sessions

53. test_user_can_remove_profile_picture
Device sessions

54. test_share_contact_code_and_wallet_address
Device sessions

55. test_request_eth_in_wallet
Device sessions

56. test_refresh_button_browsing_app_webview
Device sessions

57. test_backup_recovery_phrase_warning_from_wallet
Device sessions

58. test_recover_account
Device sessions

@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

@churik
i think currently # 11 is the last build

You don't need to wait, all necessary changes are already here. Question to Pedro is rather about the coordination of necessary changes on go side.

@pedropombeiro
Copy link
Contributor

@rasom I'll build a PR on go side to add a new method side-by-side with NotifyUsers (I'll call it SendMessageToUsers if you agree, since it users the messaging API instead of the notifications API) and then we'll just need to adapt this PR for it.

@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

@pombeirp ok

@churik
Copy link
Member

churik commented Jan 17, 2019

@rasom

1) IOS crash is not fixed yet

Steps described in #6893 (comment):

  • Put app on ios device to background
  • send message from another device
  • close app on ios device
  • tap notification
  • app crashes

testing is still WIP

pedropombeiro pushed a commit to status-im/status-go that referenced this pull request Jan 17, 2019
Add SendMessageToUsers method. Part of status-im/status-mobile#7268
95edcba
@pedropombeiro pedropombeiro mentioned this pull request Jan 17, 2019
Merged
@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019 

Jan 17 14:47:01 iPhonex-Roman StatusIm[20151] <Notice>: Exception '*** -[__NSDictionaryM setObject:forKeyedSubscript:]: key cannot be nil' was thrown while invoking complete on target RNFirebaseNotifications with params (
    "<null>",
    1
)
callstack: (
	0   CoreFoundation                      0x00000001d1160edc <redacted> + 252
	1   libobjc.A.dylib                     0x00000001d0331a40 objc_exception_throw + 56
	2   CoreFoundation                      0x00000001d10d8494 _CFArgv + 0
	3   CoreFoundation                      0x00000001d1051ca0 <redacted> + 932
	4   StatusIm                            0x0000000104fc6530 _ZN5folly6detail15str_to_integralIyEENS_8ExpectedIT_NS_14ConversionCodeEEEPNS_5RangeIPKcEE + 899356
	5   CoreFoundation                      0x00000001d1168630 <redacted> + 144
	6   CoreFoundation                      0x00000001d1046450 <redacted> + 292
	7   CoreFoundation                      0x00000001d1047034 <redacted> + 60
	8   StatusIm                            0x0000000104e80d68 StatusIm + 740712
	9   StatusIm                     <\M-b\M^@\M-&>
Jan 17 14:47:01 iPhonex-Roman StatusIm(CoreFoundation)[20151] <Notice>: *** Terminating app due to uncaught exception 'RCTFatalException: Exception '*** -[__NSDictionaryM setObject:forKeyedSubscript:]: key cannot be nil' was thrown while invoking complete on target RNFirebaseNotifications with params (
    "<null>",
    1
)
callstack: (
	0   CoreFoundation                      0x00000001d1160edc <redacted> + 252
	1   libobjc.A.dylib                     0x00000001d0331a40 objc_exception_throw + 56
	2   CoreFoundation                      0x00000001d10d8494 _CFArgv + 0
	3   CoreFoundation                      0x00000001d1051ca0 <redacted> + 932
	4   StatusIm                            0x0000000104fc6530 _ZN5folly6detail15str_to_integralIyEENS_8ExpectedIT_NS_14ConversionCodeEEEPNS_5RangeIPKcEE + 899356
	5   CoreFoundation                      0x00000001d1168630 <redacted> + 144
	6   CoreFoundation                      0x00000001d1046450 <redacted> + 292
	7   CoreFoundation                      0x00000001d1047034 <redacted> + 60
	8   StatusIm                            0x000<\M-b\M^@\M-&>

@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

invertase/react-native-firebase#1576 (comment) might be related...

@rasom rasom force-pushed the fix/#6772-pn-metadata-leak branch from d326f9c to 70361ea Compare January 17, 2019 13:46
@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

@churik ios issue is fixed in # 22

@churik
Copy link
Member

churik commented Jan 17, 2019

@rasom can it affect all functionality or recheck only specific issue will be enough?

@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

this specific issue will be enough

@churik
Copy link
Member

churik commented Jan 17, 2019
edited
Loading

@rasom on latest build I started receive messages when app is closed (on IOS). IS it OK from the security perspective (taking into account #6893 (comment))?

@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

This may happen only if you send messages from another version of the application, which doesn't have current changes.

@churik
Copy link
Member

churik commented Jan 17, 2019
edited
Loading

Rechecked #7268 (comment) on build #22 - not reproducible
Full set of performed tests is here

Want to summarise:

  1. There is one breaking change - so users with previous builds (0.9.32 and earlier) can't receive PNs from users with last build

  2. IOS users will not receive PNs when app is closed- discussion here

  3. In some cases users can't receive PNs.
    Comments: Fix PN metadata leak, PN navigation to chat, and unexpected PNs from other accounts #7268 (comment) , Fix PN metadata leak, PN navigation to chat, and unexpected PNs from other accounts #7268 (comment)

Please tell me if some of those should be reported as separate issues and fixed.

cc @rachelhamlin @annadanchenko

@churik churik self-assigned this Jan 17, 2019
@mandrigin
Copy link
Contributor

@rasom please squash and merge these changes 🎉

@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

@mandrigin @pombeirp
this PR contains upgraded status-go, are we good to merge or need to wait till #7229 will be merged? Also it seems that status-im/status-go#1352 is not merged yet

@mandrigin
Copy link
Contributor

@rasom but this PR doesn't use this new method, I know it was reverted for #7229, but maybe we can merge this one now, then revert the revert and update status-go in #7229.
I believe there are some things left to be fixed on the Go side anyway.

@rasom
Update PNs to use data-only messaging, and only encode/decode data va…
5a69b41 
…lues. Fixes #6772

Fix navigation to chat when PN is tapped while signed off. Fixes #3488

Anonymize PN pubkeys. Part of #6772
@rasom rasom force-pushed the fix/#6772-pn-metadata-leak branch from af38f61 to 5a69b41 Compare January 17, 2019 17:24
@rasom rasom merged commit 5a69b41 into develop Jan 17, 2019
@rasom
Copy link
Contributor Author

rasom commented Jan 17, 2019

ok, merged

@rasom rasom deleted the fix/#6772-pn-metadata-leak branch January 17, 2019 17:24
@pedropombeiro
Copy link
Contributor

Thanks for all the help @rasom! This was a tough one!

@pedropombeiro pedropombeiro mentioned this pull request Jan 17, 2019
Closed
@rachelhamlin
Copy link
Contributor

@churik thanks :)

We'll call out the breaking change in the next release notes.

I think we should capture the issues with iOS and discuss priority in next core meeting.

This was referenced Feb 6, 2019
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pedropombeiro pedropombeiro pedropombeiro approved these changes

@mandrigin mandrigin mandrigin approved these changes

Assignees

@pedropombeiro pedropombeiro

@rasom rasom

@churik churik

@asemiankevich asemiankevich

Labels
Tested - OK
Projects
No open projects
Legacy QA Automation Project
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Metadata leak in push notifications
9 participants
@rasom @status-im-auto @statustestbot @asemiankevich @churik @annadanchenko @pedropombeiro @mandrigin @rachelhamlin