Fix: Delete user.ext.prebid.buyeruids after extraction (prebid#4049)

endpoints/openrtb2/sample-requests/valid-whole/exemplary/user-ext-prebid-buyeruids.json

@@ -0,0 +1,170 @@
+{
+  "description": "Bid request with user.ext.prebid.buyeruids object",
+  "config": {
+    "mockBidders": [
+      {
+        "bidderName": "appnexus",
+        "currency": "USD",
+        "price": 1.00
+      },
+      {
+        "bidderName": "pubmatic",
+        "currency": "USD",
+        "price": 2.00
+      }
+    ],
+    "bidderInfoOverrides": {
+      "appnexus": {
+        "openrtb": {
+          "version": "2.5"
+        }
+      },
+      "pubmatic": {
+        "openrtb": {
+          "version": "2.6"
+        }
+      }
+    }
+  },
+  "mockBidRequest": {
+    "id": "request-id",
+    "site": {
+      "page": "prebid.org"
+    },
+    "imp": [
+      {
+        "id": "imp-id",
+        "banner": {
+          "format": [
+            {
+              "w": 300,
+              "h": 600
+            }
+          ]
+        },
+        "ext": {
+          "appnexus": {
+            "placementId": 12883451
+          },
+          "pubmatic": {
+            "publisherId": "123"
+          }
+        }
+      }
+    ],
+    "user": {
+      "consent": "some-consent-string",
+      "ext": {
+        "prebid": {
+          "buyeruids": {
+            "appnexus": "appnexus-buyeruid",
+            "pubmatic": "pubmatic-buyeruid" 
+          }
+        }
+      }
+    }
+  },
+  "expectedMockBidderRequests": {
+    "appnexus": {
+      "id": "request-id",
+      "site": {
+        "page": "prebid.org",
+        "ext": {
+          "amp": 0
+        }
+      },
+      "at": 1,
+      "device": {
+        "ip": "192.0.2.1"
+      },
+      "imp": [
+      {
+        "id": "imp-id",
+        "banner": {
+          "format": [
+            {
+              "w": 300,
+              "h": 600
+            }
+          ]
+        },
+        "ext": {
+          "bidder": {
+            "placementId": 12883451
+          }
+        },
+        "secure": 1
+      }],
+      "user": {
+        "buyeruid": "appnexus-buyeruid",
+        "ext": {
+          "consent": "some-consent-string"
+        }
+      }
+    },
+    "pubmatic": {
+      "id": "request-id",
+      "site": {
+        "page": "prebid.org",
+        "ext": {
+          "amp": 0
+        }
+      },
+      "at": 1,
+      "device": {
+        "ip": "192.0.2.1"
+      },
+      "imp": [
+      {
+        "id": "imp-id",
+        "banner": {
+          "format": [
+            {
+              "w": 300,
+              "h": 600
+            }
+          ]
+        },
+        "ext": {
+          "bidder": {
+            "publisherId": "123"
+          }
+        },
+        "secure": 1
+      }],
+      "user": {
+        "buyeruid": "pubmatic-buyeruid",
+        "consent": "some-consent-string"
+      }
+    }
+  },
+  "expectedBidResponse": {
+    "id": "request-id",
+    "seatbid": [
+      {
+        "bid": [
+          {
+            "id": "appnexus-bid",
+            "impid": "imp-id",
+            "price": 1.0
+          }
+        ],
+        "seat": "appnexus"
+      },
+      {
+        "bid": [
+          {
+            "id": "pubmatic-bid",
+            "impid": "imp-id",
+            "price": 2.0
+          }
+        ],
+        "seat": "pubmatic"
+      }
+    ],
+    "bidid": "test bid id",
+    "cur": "USD",
+    "nbr": 0
+  },
+  "expectedReturnCode": 200
+}

exchange/utils.go

@@ -82,11 +82,12 @@ func (rs *requestSplitter) cleanOpenRTBRequests(ctx context.Context,
 		return
 	}
 
-	explicitBuyerUIDs, err := extractBuyerUIDs(req.BidRequest.User)
+	explicitBuyerUIDs, err := extractAndCleanBuyerUIDs(req)
 	if err != nil {
 		errs = []error{err}
 		return
 	}
+
 	lowerCaseExplicitBuyerUIDs := make(map[string]string)
 	for bidder, uid := range explicitBuyerUIDs {
 		lowerKey := strings.ToLower(bidder)
@@ -598,39 +599,30 @@ func isBidderInExtAlternateBidderCodes(adapter, currentMultiBidBidder string, ad
 	return false
 }
 
-// extractBuyerUIDs parses the values from user.ext.prebid.buyeruids, and then deletes those values from the ext.
+// extractAndCleanBuyerUIDs parses the values from user.ext.prebid.buyeruids, and then deletes those values from the ext.
 // This prevents a Bidder from using these values to figure out who else is involved in the Auction.
-func extractBuyerUIDs(user *openrtb2.User) (map[string]string, error) {
-	if user == nil {
-		return nil, nil
-	}
-	if len(user.Ext) == 0 {
+func extractAndCleanBuyerUIDs(req *openrtb_ext.RequestWrapper) (map[string]string, error) {
+	if req.User == nil {
 		return nil, nil
 	}
 
-	var userExt openrtb_ext.ExtUser
-	if err := jsonutil.Unmarshal(user.Ext, &userExt); err != nil {
+	userExt, err := req.GetUserExt()
+	if err != nil {
 		return nil, err
 	}
-	if userExt.Prebid == nil {
+
+	prebid := userExt.GetPrebid()
+	if prebid == nil {
 		return nil, nil
 	}
 
+	buyerUIDs := prebid.BuyerUIDs
+
+	prebid.BuyerUIDs = nil
+	userExt.SetPrebid(prebid)
+
 	// The API guarantees that user.ext.prebid.buyeruids exists and has at least one ID defined,
 	// as long as user.ext.prebid exists.
-	buyerUIDs := userExt.Prebid.BuyerUIDs
-	userExt.Prebid = nil
-
-	// Remarshal (instead of removing) if the ext has other known fields
-	if userExt.Consent != "" || len(userExt.Eids) > 0 {
-		if newUserExtBytes, err := jsonutil.Marshal(userExt); err != nil {
-			return nil, err
-		} else {
-			user.Ext = newUserExtBytes
-		}
-	} else {
-		user.Ext = nil
-	}
 	return buyerUIDs, nil
 }
 
@@ -762,8 +754,6 @@ func createSanitizedImpExt(impExt, impExtPrebid map[string]json.RawMessage) (map
 }
 
 // prepareUser changes req.User so that it's ready for the given bidder.
-// This *will* mutate the request, but will *not* mutate any objects nested inside it.
-//
 // In this function, "givenBidder" may or may not be an alias. "coreBidder" must *not* be an alias.
 // It returns true if a Cookie User Sync existed, and false otherwise.
 func prepareUser(req *openrtb_ext.RequestWrapper, givenBidder, syncerKey string, explicitBuyerUIDs map[string]string, usersyncs IdFetcher) bool {