Update synthetic ID generation: new components, random suffix, and IPv6 normalization

crates/common/src/constants.rs

@@ -1,9 +1,9 @@
 use http::header::HeaderName;
 
-pub const HEADER_SYNTHETIC_FRESH: HeaderName = HeaderName::from_static("x-synthetic-fresh");
-pub const HEADER_SYNTHETIC_PUB_USER_ID: HeaderName = HeaderName::from_static("x-pub-user-id");
+pub const COOKIE_SYNTHETIC_ID: &str = "synthetic_id";
+
 pub const HEADER_X_PUB_USER_ID: HeaderName = HeaderName::from_static("x-pub-user-id");
-pub const HEADER_SYNTHETIC_TRUSTED_SERVER: HeaderName = HeaderName::from_static("x-psid-ts");
+pub const HEADER_X_SYNTHETIC_ID: HeaderName = HeaderName::from_static("x-synthetic-id");
 pub const HEADER_X_CONSENT_ADVERTISING: HeaderName =
     HeaderName::from_static("x-consent-advertising");
 pub const HEADER_X_FORWARDED_FOR: HeaderName = HeaderName::from_static("x-forwarded-for");

crates/common/src/cookies.rs

@@ -8,6 +8,7 @@ use error_stack::{Report, ResultExt};
 use fastly::http::header;
 use fastly::Request;
 
+use crate::constants::COOKIE_SYNTHETIC_ID;
 use crate::error::TrustedServerError;
 use crate::settings::Settings;
 
@@ -65,8 +66,8 @@ pub fn handle_request_cookies(
 #[must_use]
 pub fn create_synthetic_cookie(settings: &Settings, synthetic_id: &str) -> String {
     format!(
-        "synthetic_id={}; Domain={}; Path=/; Secure; SameSite=Lax; Max-Age={}",
-        synthetic_id, settings.publisher.cookie_domain, COOKIE_MAX_AGE,
+        "{}={}; Domain={}; Path=/; Secure; SameSite=Lax; Max-Age={}",
+        COOKIE_SYNTHETIC_ID, synthetic_id, settings.publisher.cookie_domain, COOKIE_MAX_AGE,
     )
 }
 
@@ -158,8 +159,8 @@ mod tests {
         assert_eq!(
             result,
             format!(
-                "synthetic_id=12345; Domain={}; Path=/; Secure; SameSite=Lax; Max-Age={}",
-                settings.publisher.cookie_domain, COOKIE_MAX_AGE,
+                "{}=12345; Domain={}; Path=/; Secure; SameSite=Lax; Max-Age={}",
+                COOKIE_SYNTHETIC_ID, settings.publisher.cookie_domain, COOKIE_MAX_AGE,
             )
         );
     }

crates/common/src/integrations/testlight.rs

@@ -8,15 +8,15 @@ use serde::{Deserialize, Serialize};
 use serde_json::{Map, Value};
 use validator::Validate;
 
-use crate::constants::{HEADER_SYNTHETIC_FRESH, HEADER_SYNTHETIC_TRUSTED_SERVER};
+use crate::constants::HEADER_X_SYNTHETIC_ID;
 use crate::error::TrustedServerError;
 use crate::integrations::{
     AttributeRewriteAction, IntegrationAttributeContext, IntegrationAttributeRewriter,
     IntegrationEndpoint, IntegrationProxy, IntegrationRegistration,
 };
 use crate::proxy::{proxy_request, ProxyRequestConfig};
 use crate::settings::{IntegrationConfig, Settings};
-use crate::synthetic::{generate_synthetic_id, get_or_generate_synthetic_id};
+use crate::synthetic::get_or_generate_synthetic_id;
 use crate::tsjs;
 
 const TESTLIGHT_INTEGRATION_ID: &str = "testlight";
@@ -142,8 +142,6 @@ impl IntegrationProxy for TestlightIntegration {
 
         let synthetic_id = get_or_generate_synthetic_id(settings, &req)
             .change_context(Self::error("Failed to fetch or mint synthetic ID"))?;
-        let fresh_id = generate_synthetic_id(settings, &req)
-            .change_context(Self::error("Failed to mint fresh synthetic ID"))?;
 
         payload.user.id = Some(synthetic_id.clone());
 
@@ -177,8 +175,7 @@ impl IntegrationProxy for TestlightIntegration {
             }
         }
 
-        response.set_header(HEADER_SYNTHETIC_TRUSTED_SERVER, &synthetic_id);
-        response.set_header(HEADER_SYNTHETIC_FRESH, &fresh_id);
+        response.set_header(HEADER_X_SYNTHETIC_ID, &synthetic_id);
         Ok(response)
     }
 }
@@ -221,7 +218,7 @@ fn default_shim_src() -> String {
 }
 
 fn default_enabled() -> bool {
-    true
+    false
 }
 
 impl Default for TestlightRequestBody {

crates/common/src/proxy.rs

@@ -1279,10 +1279,7 @@ mod tests {
                 sig
             ),
         );
-        req.set_header(
-            crate::constants::HEADER_SYNTHETIC_TRUSTED_SERVER,
-            "synthetic-123",
-        );
+        req.set_header(crate::constants::HEADER_X_SYNTHETIC_ID, "synthetic-123");
 
         let resp = handle_first_party_click(&settings, req)
             .await

crates/common/src/publisher.rs

@@ -5,7 +5,7 @@ use fastly::{Body, Request, Response};
 use crate::backend::ensure_backend_from_url;
 use crate::http_util::{serve_static_with_etag, RequestInfo};
 
-use crate::constants::{HEADER_SYNTHETIC_TRUSTED_SERVER, HEADER_X_COMPRESS_HINT};
+use crate::constants::{COOKIE_SYNTHETIC_ID, HEADER_X_COMPRESS_HINT, HEADER_X_SYNTHETIC_ID};
 use crate::cookies::create_synthetic_cookie;
 use crate::error::TrustedServerError;
 use crate::integrations::IntegrationRegistry;
@@ -202,9 +202,11 @@ pub fn handle_publisher_request(
         .get_header(header::COOKIE)
         .and_then(|h| h.to_str().ok())
         .map(|cookies| {
-            cookies
-                .split(';')
-                .any(|cookie| cookie.trim_start().starts_with("synthetic_id="))
+            cookies.split(';').any(|cookie| {
+                cookie
+                    .trim_start()
+                    .starts_with(&format!("{}=", COOKIE_SYNTHETIC_ID))
+            })
         })
         .unwrap_or(false);
 
@@ -305,7 +307,7 @@ pub fn handle_publisher_request(
         );
     }
 
-    response.set_header(HEADER_SYNTHETIC_TRUSTED_SERVER, synthetic_id.as_str());
+    response.set_header(HEADER_X_SYNTHETIC_ID, synthetic_id.as_str());
     if !has_synthetic_cookie {
         response.set_header(
             header::SET_COOKIE,