Priority Bidder Ejection

config/config.go

@@ -951,6 +951,8 @@ func SetupViper(v *viper.Viper, filename string, bidderInfos BidderInfos) {
 
 	v.SetDefault("event.timeout_ms", 1000)
 
+	v.SetDefault("user_sync.priority_groups", [][]string{})
+
 	v.SetDefault("accounts.filesystem.enabled", false)
 	v.SetDefault("accounts.filesystem.directorypath", "./stored_requests/data/by_id")
 	v.SetDefault("accounts.in_memory_cache.type", "none")

config/usersync.go

@@ -2,13 +2,13 @@ package config
 
 // UserSync specifies the static global user sync configuration.
 type UserSync struct {
-	Cooperative UserSyncCooperative `mapstructure:"coop_sync"`
-	ExternalURL string              `mapstructure:"external_url"`
-	RedirectURL string              `mapstructure:"redirect_url"`
+	Cooperative    UserSyncCooperative `mapstructure:"coop_sync"`
+	ExternalURL    string              `mapstructure:"external_url"`
+	RedirectURL    string              `mapstructure:"redirect_url"`
+	PriorityGroups [][]string          `mapstructure:"priority_groups"`
 }
 
 // UserSyncCooperative specifies the static global default cooperative cookie sync
 type UserSyncCooperative struct {
-	EnabledByDefault bool       `mapstructure:"default"`
-	PriorityGroups   [][]string `mapstructure:"priority_groups"`
+	EnabledByDefault bool `mapstructure:"default"`
 }

endpoints/cookie_sync.go

@@ -173,7 +173,7 @@ func (c *cookieSyncEndpoint) parseRequest(r *http.Request) (usersync.Request, pr
 		Bidders: request.Bidders,
 		Cooperative: usersync.Cooperative{
 			Enabled:        (request.CooperativeSync != nil && *request.CooperativeSync) || (request.CooperativeSync == nil && c.config.UserSync.Cooperative.EnabledByDefault),
-			PriorityGroups: c.config.UserSync.Cooperative.PriorityGroups,
+			PriorityGroups: c.config.UserSync.PriorityGroups,
 		},
 		Limit: request.Limit,
 		Privacy: usersyncPrivacy{

endpoints/cookie_sync_test.go

@@ -516,9 +516,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{
@@ -563,9 +563,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{
@@ -616,9 +616,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: true,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -642,9 +642,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -668,9 +668,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: true,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -694,9 +694,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -720,9 +720,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: true,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -746,9 +746,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -889,9 +889,8 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
-				Cooperative: config.UserSyncCooperative{
-					PriorityGroups: [][]string{{"a", "b", "c"}},
-				},
+				PriorityGroups: [][]string{{"a", "b", "c"}},
+				Cooperative:    config.UserSyncCooperative{},
 			},
 			expectedPrivacy: privacy.Policies{},
 			expectedRequest: usersync.Request{
@@ -919,9 +918,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -950,9 +949,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},
@@ -984,9 +983,9 @@ func TestCookieSyncParseRequest(t *testing.T) {
 			givenGDPRConfig:  config.GDPR{Enabled: true, DefaultValue: "0"},
 			givenCCPAEnabled: true,
 			givenConfig: config.UserSync{
+				PriorityGroups: [][]string{{"a", "b", "c"}},
 				Cooperative: config.UserSyncCooperative{
 					EnabledByDefault: false,
-					PriorityGroups:   [][]string{{"a", "b", "c"}},
 				},
 			},
 			expectedPrivacy: privacy.Policies{},

endpoints/setuid.go

@@ -164,8 +164,19 @@ func NewSetUIDEndpoint(cfg *config.Configuration, syncersByBidder map[string]use
 
 		setSiteCookie := siteCookieCheck(r.UserAgent())
 
+		// Priority Ejector Set Up
+		if !isSyncerPriority(syncer.Key(), cfg.UserSync.PriorityGroups, syncersByBidder) {
+			err = errors.New("syncer key " + syncer.Key() + " is not in priority groups")
+			w.WriteHeader(http.StatusBadRequest)
+			metricsEngine.RecordSetUid(metrics.SetUidBadRequest)
+			so.Errors = []error{err}
+			so.Status = http.StatusBadRequest
+			return
+		}
+		priorityEjector := &usersync.PriorityBidderEjector{PriorityGroups: cfg.UserSync.PriorityGroups}
+
 		// Write Cookie
-		encodedCookie, err := cookie.PrepareCookieForWrite(&cfg.HostCookie, encoder)
+		encodedCookie, err := cookie.PrepareCookieForWrite(&cfg.HostCookie, encoder, priorityEjector)
 		if err != nil {
 			w.WriteHeader(http.StatusBadRequest)
 			metricsEngine.RecordSetUid(metrics.SetUidBadRequest)
@@ -335,6 +346,19 @@ func getSyncer(query url.Values, syncersByBidder map[string]usersync.Syncer) (us
 	return syncer, bidder, nil
 }
 
+func isSyncerPriority(syncer string, priorityGroups [][]string, syncersByBidder map[string]usersync.Syncer) bool {
+	for _, group := range priorityGroups {
+		for _, bidder := range group {
+			if bidderSyncer, ok := syncersByBidder[bidder]; ok {
+				if syncer == bidderSyncer.Key() {
+					return true
+				}
+			}
+		}
+	}
+	return false
+}
+
 // getResponseFormat reads the format query parameter or falls back to the syncer's default.
 // Returns either "b" (iframe), "i" (redirect), or an empty string "" (legacy behavior of an
 // empty response body with no content type).

endpoints/setuid_test.go

@@ -306,6 +306,15 @@ func TestSetUIDEndpoint(t *testing.T) {
 			expectedHeaders:        map[string]string{"Content-Type": "text/html", "Content-Length": "0"},
 			description:            "Set uid for valid bidder with valid account provided with invalid user sync activity",
 		},
+		{
+			uri:                    "/setuid?bidder=nonPriorityBidder&uid=123",
+			syncersBidderNameToKey: map[string]string{"nonPriorityBidder": "nonPrioritySyncer"},
+			existingSyncs:          nil,
+			gdprAllowsHostCookies:  true,
+			expectedSyncs:          nil,
+			expectedStatusCode:     http.StatusBadRequest,
+			description:            "Syncer is not a priority",
+		},
 	}
 
 	analytics := analyticsConf.NewPBSAnalytics(&config.Analytics{})
@@ -1322,6 +1331,99 @@ func TestGetResponseFormat(t *testing.T) {
 	}
 }
 
+func TestIsSyncerPriority(t *testing.T) {
+	testCases := []struct {
+		name                 string
+		givenSyncerKey       string
+		givenPriorityGroups  [][]string
+		givenSyncersByBidder map[string]usersync.Syncer
+		expected             bool
+	}{
+		{
+			name:           "syncer-is-priority-one-to-one",
+			givenSyncerKey: "prioritySyncer",
+			givenPriorityGroups: [][]string{
+				{"prioritySyncer"},
+				{"2", "3"},
+			},
+			givenSyncersByBidder: map[string]usersync.Syncer{
+				"prioritySyncer": fakeSyncer{
+					key: "prioritySyncer",
+				},
+			},
+			expected: true,
+		},
+		{
+			name:           "syncer-is-priority-not-one-to-one",
+			givenSyncerKey: "adnxs",
+			givenPriorityGroups: [][]string{
+				{"appnexus"},
+				{"2", "3"},
+			},
+			givenSyncersByBidder: map[string]usersync.Syncer{
+				"appnexus": fakeSyncer{
+					key: "adnxs",
+				},
+			},
+			expected: true,
+		},
+		{
+			name:           "syncer-is-not-priority",
+			givenSyncerKey: "notPrioritySyncer",
+			givenPriorityGroups: [][]string{
+				{"1"},
+				{"2", "3"},
+			},
+			givenSyncersByBidder: map[string]usersync.Syncer{
+				"1": fakeSyncer{
+					key: "1",
+				},
+				"2": fakeSyncer{
+					key: "2",
+				},
+				"3": fakeSyncer{
+					key: "3",
+				},
+			},
+			expected: false,
+		},
+		{
+			name:           "no-syncer-given",
+			givenSyncerKey: "",
+			givenPriorityGroups: [][]string{
+				{"1"},
+				{"2", "3"},
+			},
+			givenSyncersByBidder: map[string]usersync.Syncer{
+				"1": fakeSyncer{
+					key: "1",
+				},
+				"2": fakeSyncer{
+					key: "2",
+				},
+				"3": fakeSyncer{
+					key: "3",
+				},
+			},
+			expected: false,
+		},
+		{
+			name:                 "no-priority-groups-given",
+			givenSyncerKey:       "adnxs",
+			givenPriorityGroups:  [][]string{},
+			givenSyncersByBidder: map[string]usersync.Syncer{},
+			expected:             false,
+		},
+	}
+
+	for _, test := range testCases {
+		t.Run(test.name, func(t *testing.T) {
+			isPriority := isSyncerPriority(test.givenSyncerKey, test.givenPriorityGroups, test.givenSyncersByBidder)
+			assert.Equal(t, test.expected, isPriority)
+		})
+	}
+}
+
 func assertHasSyncs(t *testing.T, testCase string, resp *httptest.ResponseRecorder, syncs map[string]string) {
 	t.Helper()
 	cookie := parseCookieString(t, resp)
@@ -1354,6 +1456,11 @@ func doRequest(req *http.Request, analytics analytics.PBSAnalyticsModule, metric
 			"blocked_acct": true,
 		},
 		AccountDefaults: config.Account{},
+		UserSync: config.UserSync{
+			PriorityGroups: [][]string{
+				{},
+			},
+		},
 	}
 	cfg.MarshalAccountDefaults()
 
@@ -1376,6 +1483,9 @@ func doRequest(req *http.Request, analytics analytics.PBSAnalyticsModule, metric
 	syncersByBidder := make(map[string]usersync.Syncer)
 	for bidderName, syncerKey := range syncersBidderNameToKey {
 		syncersByBidder[bidderName] = fakeSyncer{key: syncerKey, defaultSyncType: usersync.SyncTypeIFrame}
+		if bidderName != "nonPriorityBidder" {
+			cfg.UserSync.PriorityGroups[0] = append(cfg.UserSync.PriorityGroups[0], bidderName)
+		}
 	}
 
 	fakeAccountsFetcher := FakeAccountsFetcher{AccountData: map[string]json.RawMessage{

pbs/usersync.go

@@ -22,6 +22,7 @@ type UserSyncDeps struct {
 	ExternalUrl      string
 	RecaptchaSecret  string
 	HostCookieConfig *config.HostCookie
+	PriorityGroups   [][]string
 }
 
 // Struct for parsing json in google's response
@@ -81,7 +82,7 @@ func (deps *UserSyncDeps) OptOut(w http.ResponseWriter, r *http.Request, _ httpr
 	pc.SetOptOut(optout != "")
 
 	// Write Cookie
-	encodedCookie, err := pc.PrepareCookieForWrite(deps.HostCookieConfig, encoder)
+	encodedCookie, err := encoder.Encode(pc)
 	if err != nil {
 		w.WriteHeader(http.StatusBadRequest)
 		return

router/router.go

@@ -265,6 +265,7 @@ func New(cfg *config.Configuration, rateConvertor *currency.RateConverter) (r *R
 		HostCookieConfig: &(cfg.HostCookie),
 		ExternalUrl:      cfg.ExternalURL,
 		RecaptchaSecret:  cfg.RecaptchaSecret,
+		PriorityGroups:   cfg.UserSync.PriorityGroups,
 	}
 
 	r.GET("/setuid", endpoints.NewSetUIDEndpoint(cfg, syncersByBidder, gdprPermsBuilder, tcf2CfgBuilder, pbsAnalytics, accounts, r.MetricsEngine))