Avoid blocking in an async context

jon-signal · jon-signal · commit 1301bfda93d2 · 2026-04-17T09:54:36.000-04:00
diff --git a/service/src/main/java/org/whispersystems/textsecuregcm/auth/PhoneVerificationTokenManager.java b/service/src/main/java/org/whispersystems/textsecuregcm/auth/PhoneVerificationTokenManager.java
@@ -108,20 +108,24 @@ private void verifyBySessionId(final String number, final byte[] sessionId) thro
     }
   }
 
-  private void verifyByRecoveryPassword(final ContainerRequestContext requestContext, final String number, final byte[] recoveryPassword)
-      throws InterruptedException {
+  private void verifyByRecoveryPassword(final ContainerRequestContext requestContext,
+      final String number,
+      final byte[] recoveryPassword) throws InterruptedException {
+
     if (!registrationRecoveryChecker.checkRegistrationRecoveryAttempt(requestContext, number)) {
       throw new ForbiddenException("recoveryPassword couldn't be verified");
     }
+
     try {
-      final boolean verified = registrationRecoveryPasswordsManager.verify(phoneNumberIdentifiers.getPhoneNumberIdentifier(number).join(), recoveryPassword)
+      final boolean verified = phoneNumberIdentifiers.getPhoneNumberIdentifier(number)
+          .thenCompose(phoneNumberIdentifier -> registrationRecoveryPasswordsManager.verify(phoneNumberIdentifier, recoveryPassword))
           .get(VERIFICATION_TIMEOUT_SECONDS, TimeUnit.SECONDS);
+
       if (!verified) {
         throw new ForbiddenException("recoveryPassword couldn't be verified");
       }
     } catch (final ExecutionException | TimeoutException e) {
       throw new ServerErrorException(Response.Status.SERVICE_UNAVAILABLE);
     }
   }
-
 }

Original file line number	Diff line number	Diff line change
`@@ -108,20 +108,24 @@ private void verifyBySessionId(final String number, final byte[] sessionId) thro`
`108`	`108`	`}`
`109`	`109`	`}`
`110`	`110`
`111`		`- private void verifyByRecoveryPassword(final ContainerRequestContext requestContext, final String number, final byte[] recoveryPassword)`
`112`		`- throws InterruptedException {`
	`111`	`+ private void verifyByRecoveryPassword(final ContainerRequestContext requestContext,`
	`112`	`+ final String number,`
	`113`	`+ final byte[] recoveryPassword) throws InterruptedException {`
	`114`	`+`
`113`	`115`	`if (!registrationRecoveryChecker.checkRegistrationRecoveryAttempt(requestContext, number)) {`
`114`	`116`	`throw new ForbiddenException("recoveryPassword couldn't be verified");`
`115`	`117`	`}`
	`118`	`+`
`116`	`119`	`try {`
`117`		`- final boolean verified = registrationRecoveryPasswordsManager.verify(phoneNumberIdentifiers.getPhoneNumberIdentifier(number).join(), recoveryPassword)`
	`120`	`+ final boolean verified = phoneNumberIdentifiers.getPhoneNumberIdentifier(number)`
	`121`	`+ .thenCompose(phoneNumberIdentifier -> registrationRecoveryPasswordsManager.verify(phoneNumberIdentifier, recoveryPassword))`
`118`	`122`	`.get(VERIFICATION_TIMEOUT_SECONDS, TimeUnit.SECONDS);`
	`123`	`+`
`119`	`124`	`if (!verified) {`
`120`	`125`	`throw new ForbiddenException("recoveryPassword couldn't be verified");`
`121`	`126`	`}`
`122`	`127`	`} catch (final ExecutionException \| TimeoutException e) {`
`123`	`128`	`throw new ServerErrorException(Response.Status.SERVICE_UNAVAILABLE);`
`124`	`129`	`}`
`125`	`130`	`}`
`126`		`-`
`127`	`131`	`}`