wireapp · smatting · Jul 8, 2022 · May 10, 2022 · May 10, 2022 · May 12, 2022
@@ -0,0 +1 @@
+Added new-remote-conversation RPC, used to notify a backend of a remote conversation the first time any user from that backend is added to it.
@@ -0,0 +1 @@
+Added federation endpoint `send-mls-message` used to send messages to remote converesations
@@ -69,6 +69,10 @@ data:
         host: cargohold.{{ .Release.Namespace }}-fed2.svc.cluster.local
         port: 8080
 
+      cannon:
+        host: cannon.{{ .Release.Namespace }}-fed2.svc.cluster.local
+        port: 8080
+
       # TODO remove this
       federator:
         host: federator.{{ .Release.Namespace }}-fed2.svc.cluster.local

@@ -41,7 +41,7 @@ data Error = Error
     message :: !LText,
     errorData :: Maybe ErrorData
   }
-  deriving (Show, Typeable)
+  deriving (Eq, Show, Typeable)
 
 mkError :: Status -> LText -> LText -> Error
 mkError c l m = Error c l m Nothing
@@ -52,7 +52,7 @@ data ErrorData = FederationErrorData
   { federrDomain :: !Domain,
     federrPath :: !Text
   }
-  deriving (Show, Typeable)
+  deriving (Eq, Show, Typeable)
 
 instance ToJSON ErrorData where
   toJSON (FederationErrorData d p) =

@@ -25,6 +25,7 @@ import Data.Qualified
 import Data.Range
 import Data.Time.Clock (UTCTime)
 import Imports
+import qualified Network.Wai.Utilities.Error as Wai
 import Servant.API
 import Wire.API.Arbitrary (Arbitrary, GenericUniform (..))
 import Wire.API.Conversation
@@ -44,8 +45,14 @@ import Wire.API.Util.Aeson (CustomEncoded (..))
 
 -- | For conventions see /docs/developer/federation-api-conventions.md
 type GalleyApi =
-  -- | Register a new conversation
-  FedEndpoint "on-conversation-created" (NewRemoteConversation ConvId) ()
+  -- | Register a new conversation. This is only called on backends of users
+  -- that are part of a conversation at creation time. Since MLS conversations
+  -- are always created empty (i.e. they only contain the creator), this RPC is
+  -- never invoked for such conversations.
+  FedEndpoint "on-conversation-created" (ConversationCreated ConvId) ()
+    -- This endpoint is called the first time a user from this backend is
+    -- added to a remote conversation.
+    :<|> FedEndpoint "on-new-remote-conversation" NewRemoteConversation EmptyResponse
     :<|> FedEndpoint "get-conversations" GetConversationsRequest GetConversationsResponse
     -- used by the backend that owns a conversation to inform this backend of
     -- changes to the conversation
@@ -61,6 +68,7 @@ type GalleyApi =
     :<|> FedEndpoint "update-conversation" ConversationUpdateRequest ConversationUpdateResponse
     :<|> FedEndpoint "mls-welcome" MLSWelcomeRequest EmptyResponse
     :<|> FedEndpoint "on-mls-message-sent" RemoteMLSMessage EmptyResponse
+    :<|> FedEndpoint "send-mls-message" MessageSendRequest MLSMessageResponse
 
 data GetConversationsRequest = GetConversationsRequest
   { gcrUserId :: UserId,
@@ -105,31 +113,41 @@ newtype GetConversationsResponse = GetConversationsResponse
 --
 -- FUTUREWORK: Think about extracting common conversation metadata into a
 -- separarate data type that can be reused in several data types in this module.
-data NewRemoteConversation conv = NewRemoteConversation
+data ConversationCreated conv = ConversationCreated
   { -- | The time when the conversation was created
-    rcTime :: UTCTime,
+    ccTime :: UTCTime,
     -- | The user that created the conversation. This is implicitly qualified
     -- by the requesting domain, since it is impossible to create a regular/group
     -- conversation on a remote backend.
-    rcOrigUserId :: UserId,
+    ccOrigUserId :: UserId,
     -- | The conversation ID, local to the backend invoking the RPC
-    rcCnvId :: conv,
+    ccCnvId :: conv,
     -- | The conversation type
-    rcCnvType :: ConvType,
-    rcCnvAccess :: [Access],
-    rcCnvAccessRoles :: Set AccessRoleV2,
+    ccCnvType :: ConvType,
+    ccCnvAccess :: [Access],
+    ccCnvAccessRoles :: Set AccessRoleV2,
     -- | The conversation name,
-    rcCnvName :: Maybe Text,
+    ccCnvName :: Maybe Text,
     -- | Members of the conversation apart from the creator
-    rcNonCreatorMembers :: Set OtherMember,
-    rcMessageTimer :: Maybe Milliseconds,
-    rcReceiptMode :: Maybe ReceiptMode
+    ccNonCreatorMembers :: Set OtherMember,
+    ccMessageTimer :: Maybe Milliseconds,
+    ccReceiptMode :: Maybe ReceiptMode,
+    ccProtocol :: Protocol
   }
   deriving stock (Eq, Show, Generic, Functor)
-  deriving (ToJSON, FromJSON) via (CustomEncoded (NewRemoteConversation conv))
+  deriving (ToJSON, FromJSON) via (CustomEncoded (ConversationCreated conv))
 
-rcRemoteOrigUserId :: NewRemoteConversation (Remote ConvId) -> Remote UserId
-rcRemoteOrigUserId rc = qualifyAs (rcCnvId rc) (rcOrigUserId rc)
+ccRemoteOrigUserId :: ConversationCreated (Remote ConvId) -> Remote UserId
+ccRemoteOrigUserId cc = qualifyAs (ccCnvId cc) (ccOrigUserId cc)
+
+data NewRemoteConversation = NewRemoteConversation
+  { -- | The conversation ID, local to the backend invoking the RPC.
+    nrcConvId :: ConvId,
+    -- | The conversation protocol.
+    nrcProtocol :: Protocol
+  }
+  deriving stock (Eq, Show, Generic)
+  deriving (ToJSON, FromJSON) via (CustomEncoded NewRemoteConversation)
 
 data ConversationUpdate = ConversationUpdate
   { cuTime :: UTCTime,
@@ -275,3 +293,11 @@ newtype MLSWelcomeRequest = MLSWelcomeRequest
   deriving stock (Eq, Generic, Show)
   deriving (Arbitrary) via (GenericUniform MLSWelcomeRequest)
   deriving (FromJSON, ToJSON) via (CustomEncoded MLSWelcomeRequest)
+
+data MLSMessageResponse
+  = MLSMessageResponseError GalleyError
+  | MLSMessageResponseProtocolError Text
+  | MLSMessageResponseProposalFailure Wai.Error
+  | MLSMessageResponseUpdates [ConversationUpdate]
+  deriving stock (Eq, Show, Generic)
+  deriving (ToJSON, FromJSON) via (CustomEncoded MLSMessageResponse)
@@ -15,7 +15,7 @@
 -- You should have received a copy of the GNU Affero General Public License along
 -- with this program. If not, see <https://www.gnu.org/licenses/>.
 
-module Test.Wire.API.Federation.Golden.NewRemoteConversation where
+module Test.Wire.API.Federation.Golden.ConversationCreated where
 
 import Data.Domain
 import Data.Id
@@ -25,21 +25,22 @@ import qualified Data.Set as Set
 import qualified Data.UUID as UUID
 import Imports
 import Wire.API.Conversation
+import Wire.API.Conversation.Protocol
 import Wire.API.Conversation.Role
 import Wire.API.Federation.API.Galley
 import Wire.API.Provider.Service
 
-testObject_NewRemoteConversation1 :: NewRemoteConversation ConvId
-testObject_NewRemoteConversation1 =
-  NewRemoteConversation
-    { rcTime = read "1864-04-12 12:22:43.673 UTC",
-      rcOrigUserId = Id (fromJust (UUID.fromString "eed9dea3-5468-45f8-b562-7ad5de2587d0")),
-      rcCnvId = Id (fromJust (UUID.fromString "d13dbe58-d4e3-450f-9c0c-1e632f548740")),
-      rcCnvType = RegularConv,
-      rcCnvAccess = [InviteAccess, CodeAccess],
-      rcCnvAccessRoles = Set.fromList [TeamMemberAccessRole, NonTeamMemberAccessRole],
-      rcCnvName = Just "gossip",
-      rcNonCreatorMembers =
+testObject_ConversationCreated1 :: ConversationCreated ConvId
+testObject_ConversationCreated1 =
+  ConversationCreated
+    { ccTime = read "1864-04-12 12:22:43.673 UTC",
+      ccOrigUserId = Id (fromJust (UUID.fromString "eed9dea3-5468-45f8-b562-7ad5de2587d0")),
+      ccCnvId = Id (fromJust (UUID.fromString "d13dbe58-d4e3-450f-9c0c-1e632f548740")),
+      ccCnvType = RegularConv,
+      ccCnvAccess = [InviteAccess, CodeAccess],
+      ccCnvAccessRoles = Set.fromList [TeamMemberAccessRole, NonTeamMemberAccessRole],
+      ccCnvName = Just "gossip",
+      ccNonCreatorMembers =
         Set.fromList
           [ OtherMember
               { omQualifiedId =
@@ -64,21 +65,23 @@ testObject_NewRemoteConversation1 =
                 omConvRoleName = roleNameWireMember
               }
           ],
-      rcMessageTimer = Just (Ms 1000),
-      rcReceiptMode = Just (ReceiptMode 42)
+      ccMessageTimer = Just (Ms 1000),
+      ccReceiptMode = Just (ReceiptMode 42),
+      ccProtocol = ProtocolProteus
     }
 
-testObject_NewRemoteConversation2 :: NewRemoteConversation ConvId
-testObject_NewRemoteConversation2 =
-  NewRemoteConversation
-    { rcTime = read "1864-04-12 12:22:43.673 UTC",
-      rcOrigUserId = Id (fromJust (UUID.fromString "eed9dea3-5468-45f8-b562-7ad5de2587d0")),
-      rcCnvId = Id (fromJust (UUID.fromString "d13dbe58-d4e3-450f-9c0c-1e632f548740")),
-      rcCnvType = One2OneConv,
-      rcCnvAccess = [],
-      rcCnvAccessRoles = Set.fromList [TeamMemberAccessRole, NonTeamMemberAccessRole],
-      rcCnvName = Nothing,
-      rcNonCreatorMembers = Set.fromList [],
-      rcMessageTimer = Nothing,
-      rcReceiptMode = Nothing
+testObject_ConversationCreated2 :: ConversationCreated ConvId
+testObject_ConversationCreated2 =
+  ConversationCreated
+    { ccTime = read "1864-04-12 12:22:43.673 UTC",
+      ccOrigUserId = Id (fromJust (UUID.fromString "eed9dea3-5468-45f8-b562-7ad5de2587d0")),
+      ccCnvId = Id (fromJust (UUID.fromString "d13dbe58-d4e3-450f-9c0c-1e632f548740")),
+      ccCnvType = One2OneConv,
+      ccCnvAccess = [],
+      ccCnvAccessRoles = Set.fromList [TeamMemberAccessRole, NonTeamMemberAccessRole],
+      ccCnvName = Nothing,
+      ccNonCreatorMembers = Set.fromList [],
+      ccMessageTimer = Nothing,
+      ccReceiptMode = Nothing,
+      ccProtocol = ProtocolMLS (ConversationMLSData (GroupId "group") (Epoch 3))
     }
@@ -19,13 +19,13 @@ module Test.Wire.API.Federation.Golden.GoldenSpec where
 
 import Imports
 import Test.Hspec
+import qualified Test.Wire.API.Federation.Golden.ConversationCreated as ConversationCreated
 import qualified Test.Wire.API.Federation.Golden.ConversationUpdate as ConversationUpdate
 import qualified Test.Wire.API.Federation.Golden.LeaveConversationRequest as LeaveConversationRequest
 import qualified Test.Wire.API.Federation.Golden.LeaveConversationResponse as LeaveConversationResponse
 import qualified Test.Wire.API.Federation.Golden.MessageSendResponse as MessageSendResponse
 import qualified Test.Wire.API.Federation.Golden.NewConnectionRequest as NewConnectionRequest
 import qualified Test.Wire.API.Federation.Golden.NewConnectionResponse as NewConnectionResponse
-import qualified Test.Wire.API.Federation.Golden.NewRemoteConversation as NewRemoteConversation
 import Test.Wire.API.Federation.Golden.Runner (testObjects)
 
 spec :: Spec
@@ -60,6 +60,6 @@ spec =
         (NewConnectionResponse.testObject_NewConnectionResponse4, "testObject_NewConnectionResponse4.json")
       ]
     testObjects
-      [ (NewRemoteConversation.testObject_NewRemoteConversation1, "testObject_NewRemoteConversation1.json"),
-        (NewRemoteConversation.testObject_NewRemoteConversation2, "testObject_NewRemoteConversation2.json")
+      [ (ConversationCreated.testObject_ConversationCreated1, "testObject_ConversationCreated1.json"),
+        (ConversationCreated.testObject_ConversationCreated2, "testObject_ConversationCreated2.json")
       ]
@@ -36,6 +36,9 @@
         }
     ],
     "orig_user_id": "eed9dea3-5468-45f8-b562-7ad5de2587d0",
+    "protocol": {
+        "protocol": "proteus"
+    },
     "receipt_mode": 42,
     "time": "1864-04-12T12:22:43.673Z"
 }
@@ -10,6 +10,11 @@
     "message_timer": null,
     "non_creator_members": [],
     "orig_user_id": "eed9dea3-5468-45f8-b562-7ad5de2587d0",
+    "protocol": {
+        "epoch": 3,
+        "group_id": "Z3JvdXA=",
+        "protocol": "mls"
+    },
     "receipt_mode": null,
     "time": "1864-04-12T12:22:43.673Z"
 }
@@ -120,14 +120,14 @@ test-suite spec
   main-is: Spec.hs
   other-modules:
       Test.Wire.API.Federation.API.BrigSpec
+      Test.Wire.API.Federation.Golden.ConversationCreated
       Test.Wire.API.Federation.Golden.ConversationUpdate
       Test.Wire.API.Federation.Golden.GoldenSpec
       Test.Wire.API.Federation.Golden.LeaveConversationRequest
       Test.Wire.API.Federation.Golden.LeaveConversationResponse
       Test.Wire.API.Federation.Golden.MessageSendResponse
       Test.Wire.API.Federation.Golden.NewConnectionRequest
       Test.Wire.API.Federation.Golden.NewConnectionResponse
-      Test.Wire.API.Federation.Golden.NewRemoteConversation
       Test.Wire.API.Federation.Golden.Runner
       Paths_wire_api_federation
   hs-source-dirs:

@@ -1315,6 +1315,7 @@ type MLSMessagingAPI =
     :<|> Named
            "mls-message"
            ( Summary "Post an MLS message"
+               :> CanThrow 'ConvAccessDenied
                :> CanThrow 'ConvNotFound
                :> CanThrow 'MLSKeyPackageRefNotFound
                :> CanThrow 'MLSClientMismatch

@@ -93,8 +93,9 @@ spec ::
   Brig ->
   Galley ->
   CargoHold ->
+  Cannon ->
   IO TestTree
-spec _brigOpts mg brig galley cargohold cannon _federator brigTwo galleyTwo cargoholdTwo =
+spec _brigOpts mg brig galley cargohold cannon _federator brigTwo galleyTwo cargoholdTwo cannonTwo =
   pure $
     testGroup
       "federation-end2end-user"
@@ -116,7 +117,7 @@ spec _brigOpts mg brig galley cargohold cannon _federator brigTwo galleyTwo carg
         test mg "download remote asset" $ testRemoteAsset brig brigTwo cargohold cargoholdTwo,
         test mg "claim remote key packages" $ claimRemoteKeyPackages brig brigTwo,
         test mg "send an MLS message to a remote user" $
-          testSendMLSMessage brig brigTwo galleyTwo cannon
+          testSendMLSMessage brig brigTwo galley galleyTwo cannon cannonTwo
       ]
 
 -- | Path covered by this test:
@@ -691,8 +692,8 @@ claimRemoteKeyPackages brig1 brig2 = do
 
 -- bob creates an MLS conversation on domain 2 with alice on domain 1, then sends a
 -- message to alice
-testSendMLSMessage :: Brig -> Brig -> Galley -> Cannon -> Http ()
-testSendMLSMessage brig1 brig2 galley2 cannon1 = do
+testSendMLSMessage :: Brig -> Brig -> Galley -> Galley -> Cannon -> Cannon -> Http ()
+testSendMLSMessage brig1 brig2 galley1 galley2 cannon1 cannon2 = do
   let cli :: String -> FilePath -> [String] -> CreateProcess
       cli store tmp args =
         proc "mls-test-cli" $
@@ -832,6 +833,32 @@ testSendMLSMessage brig1 brig2 galley2 cannon1 = do
         spawn
           (cli bobClientId tmp ["message", "--group", tmp </> "group.json", "dove"])
           Nothing
+
+    -- alice creates the group and replies
+    void . liftIO $
+      spawn
+        ( cli
+            aliceClientId
+            tmp
+            [ "group",
+              "from-welcome",
+              "--group-out",
+              tmp </> "groupA.json",
+              tmp </> "welcome"
+            ]
+        )
+        Nothing
+    reply <-
+      liftIO $
+        spawn
+          ( cli
+              aliceClientId
+              tmp
+              ["message", "--group", tmp </> "groupA.json", "raven"]
+          )
+          Nothing
+
+    -- send welcome, commit and dove
     WS.bracketR cannon1 (userId alice) $ \wsAlice -> do
       post
         ( galley2
@@ -894,3 +921,26 @@ testSendMLSMessage brig1 brig2 galley2 cannon1 = do
         evtType e @?= MLSMessageAdd
         evtFrom e @?= userQualifiedId bob
         evtData e @?= EdMLSMessage dove
+
+    -- send the reply and assert reception
+    WS.bracketR cannon2 (userId bob) $ \wsBob -> do
+      post
+        ( galley1
+            . paths
+              ["mls", "messages"]
+            . zUser (userId alice)
+            . zConn "conn"
+            . header "Z-Type" "access"
+            . content "message/mls"
+            . bytes reply
+        )
+        !!! const 201 === statusCode
+
+      -- verify that bob receives the reply
+      WS.assertMatch_ (5 # Second) wsBob $ \n -> do
+        let e = List1.head (WS.unpackPayload n)
+        ntfTransient n @?= False
+        evtConv e @?= qconvId
+        evtType e @?= MLSMessageAdd
+        evtFrom e @?= userQualifiedId alice
+        evtData e @?= EdMLSMessage reply
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Added new-remote-conversation RPC, used to notify a backend of a remote conversation the first time any user from that backend is added to it.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		Added federation endpoint `send-mls-message` used to send messages to remote converesations