pusher 1.3.3 → 2.0.0

data/examples/presence_channels/presence_channels.rb

@@ -0,0 +1,56 @@
+require 'sinatra'
+require 'sinatra/cookies'
+require 'sinatra/json'
+require 'pusher'
+
+# You can get these variables from http://dashboard.pusher.com
+pusher = Pusher::Client.new(
+  app_id: 'your-app-id',
+     key: 'your-app-key',
+  secret: 'your-app-secret',
+ cluster: 'your-app-cluster'
+)
+
+set :public_folder, 'public'
+
+get '/' do
+  redirect '/presence_channels.html'
+end
+
+# Emulate rails behaviour where this information would be stored in session
+get '/signin' do
+  cookies[:user_id] = 'example_cookie'
+  'Ok'
+end
+
+# Auth endpoint: https://pusher.com/docs/channels/server_api/authenticating-users
+post '/pusher/auth' do
+  channel_data = {
+      user_id: 'example_user',
+      user_info: {
+        name: 'example_name',
+       email: 'example_email'
+      }
+  }
+
+  if cookies[:user_id] == 'example_cookie'
+    response = pusher.authenticate(params[:channel_name], params[:socket_id], channel_data)
+    json response
+  else
+    status 403
+  end
+end
+
+get '/pusher_trigger' do
+  channels = ['presence-channel-test'];
+
+  begin
+    pusher.trigger(channels, 'test-event', {
+      message: 'hello world'
+    })
+  rescue Pusher::Error => e
+  # For example, Pusher::AuthenticationError, Pusher::HTTPError, or Pusher::Error
+  end
+
+  'Triggered!'
+end

data/examples/presence_channels/public/presence_channels.html

@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<head>
+  <title>Pusher Test</title>
+  <script src="https://js.pusher.com/5.0/pusher.min.js"></script>
+  <script>
+
+    // Enable pusher logging - don't include this in production
+    Pusher.logToConsole = true;
+
+    var pusher = new Pusher('your-app-key', {
+      cluster: 'your-app-cluster',
+      forceTLS: true,
+      authEndpoint: '/pusher/auth'
+    });
+
+    var channel = pusher.subscribe('presence-channel-test');
+    channel.bind('test-event', function(data) {
+      alert(JSON.stringify(data));
+    });
+  </script>
+</head>
+<body>
+  <h1>Pusher Test</h1>
+  <p>
+    Try publishing an event to channel <code>presence-channel-test</code>
+    with event name <code>test-event</code>.
+  </p>
+</body>

data/lib/pusher.rb

@@ -28,9 +28,7 @@ module Pusher
     extend Forwardable
 
     def_delegators :default_client, :scheme, :host, :port, :app_id, :key, :secret, :http_proxy
-    def_delegators :default_client, :notification_host, :notification_scheme
     def_delegators :default_client, :scheme=, :host=, :port=, :app_id=, :key=, :secret=, :http_proxy=
-    def_delegators :default_client, :notification_host=, :notification_scheme=
 
     def_delegators :default_client, :authentication_token, :url, :cluster
     def_delegators :default_client, :encrypted=, :url=, :cluster=
@@ -66,4 +64,3 @@ require 'pusher/channel'
 require 'pusher/request'
 require 'pusher/resource'
 require 'pusher/webhook'
-require 'pusher/native_notification/client'

data/lib/pusher/channel.rb

@@ -174,6 +174,15 @@ module Pusher
       r
     end
 
+    def shared_secret(encryption_master_key)
+      return unless encryption_master_key
+
+      secret_string = @name + encryption_master_key
+      digest = OpenSSL::Digest::SHA256.new
+      digest << secret_string
+      digest.digest
+    end
+
     private
 
     def validate_socket_id(socket_id)

data/lib/pusher/client.rb

@@ -1,13 +1,19 @@
+require 'base64'
 require 'pusher-signature'
 
 module Pusher
   class Client
-    attr_accessor :scheme, :host, :port, :app_id, :key, :secret, :notification_host, :notification_scheme
+    attr_accessor :scheme, :host, :port, :app_id, :key, :secret, :encryption_master_key
     attr_reader :http_proxy, :proxy
     attr_writer :connect_timeout, :send_timeout, :receive_timeout,
                 :keep_alive_timeout
 
     ## CONFIGURATION ##
+    DEFAULT_CONNECT_TIMEOUT = 5
+    DEFAULT_SEND_TIMEOUT = 5
+    DEFAULT_RECEIVE_TIMEOUT = 5
+    DEFAULT_KEEP_ALIVE_TIMEOUT = 30
+    DEFAULT_CLUSTER = "mt1"
 
     # Loads the configuration from an url in the environment
     def self.from_env(key = 'PUSHER_URL')
@@ -23,46 +29,35 @@ module Pusher
     end
 
     def initialize(options = {})
-      default_options = {
-        :scheme => 'http',
-        :port => 80,
-      }
+      @scheme = "https"
+      @port = options[:port] || 443
 
-      if options[:use_tls] || options[:encrypted]
-        default_options[:scheme] = "https"
-        default_options[:port] = 443
+      if options.key?(:encrypted)
+        warn "[DEPRECATION] `encrypted` is deprecated and will be removed in the next major version. Use `use_tls` instead."
       end
 
-      merged_options = default_options.merge(options)
-
-      if options.has_key?(:host)
-        merged_options[:host] = options[:host]
-      elsif options.has_key?(:cluster)
-        merged_options[:host] = "api-#{options[:cluster]}.pusher.com"
-      else
-        merged_options[:host] = "api.pusherapp.com"
+      if options[:use_tls] == false || options[:encrypted] == false
+        @scheme = "http"
+        @port = options[:port] || 80
       end
 
-      # TODO: Change host name when finalized
-      merged_options[:notification_host] =
-        options.fetch(:notification_host, "nativepush-cluster1.pusher.com")
+      @app_id = options[:app_id]
+      @key = options[:key]
+      @secret = options[:secret]
 
-      merged_options[:notification_scheme] =
-        options.fetch(:notification_scheme, "https")
+      @host = options[:host]
+      @host ||= "api-#{options[:cluster]}.pusher.com" unless options[:cluster].nil? || options[:cluster].empty?
+      @host ||= "api-#{DEFAULT_CLUSTER}.pusher.com"
 
-      @scheme, @host, @port, @app_id, @key, @secret, @notification_host, @notification_scheme =
-        merged_options.values_at(
-          :scheme, :host, :port, :app_id, :key, :secret, :notification_host, :notification_scheme
-        )
+      @encryption_master_key = Base64.strict_decode64(options[:encryption_master_key_base64]) if options[:encryption_master_key_base64]
 
-      @http_proxy = nil
-      self.http_proxy = options[:http_proxy] if options[:http_proxy]
+      @http_proxy = options[:http_proxy]
 
       # Default timeouts
-      @connect_timeout = 5
-      @send_timeout = 5
-      @receive_timeout = 5
-      @keep_alive_timeout = 30
+      @connect_timeout = DEFAULT_CONNECT_TIMEOUT
+      @send_timeout = DEFAULT_SEND_TIMEOUT
+      @receive_timeout = DEFAULT_RECEIVE_TIMEOUT
+      @keep_alive_timeout = DEFAULT_KEEP_ALIVE_TIMEOUT
     end
 
     # @private Returns the authentication token for the client
@@ -76,10 +71,10 @@ module Pusher
     def url(path = nil)
       raise ConfigurationError, :app_id unless @app_id
       URI::Generic.build({
-        :scheme => @scheme,
-        :host => @host,
-        :port => @port,
-        :path => "/apps/#{@app_id}#{path}"
+        scheme: @scheme,
+        host: @host,
+        port: @port,
+        path: "/apps/#{@app_id}#{path}"
       })
     end
 
@@ -103,13 +98,12 @@ module Pusher
       @http_proxy = http_proxy
       uri = URI.parse(http_proxy)
       @proxy = {
-        :scheme => uri.scheme,
-        :host => uri.host,
-        :port => uri.port,
-        :user => uri.user,
-        :password => uri.password
+        scheme: uri.scheme,
+        host: uri.host,
+        port: uri.port,
+        user: uri.user,
+        password: uri.password
       }
-      @http_proxy
     end
 
     # Configure whether Pusher API calls should be made over SSL
@@ -129,6 +123,8 @@ module Pusher
     end
 
     def cluster=(cluster)
+      cluster = DEFAULT_CLUSTER if cluster.nil? || cluster.empty?
+
       @host = "api-#{cluster}.pusher.com"
     end
 
@@ -138,6 +134,12 @@ module Pusher
       @connect_timeout, @send_timeout, @receive_timeout = value, value, value
     end
 
+    # Set an encryption_master_key to use with private-encrypted channels from
+    # a base64 encoded string.
+    def encryption_master_key_base64=(s)
+      @encryption_master_key = s ? Base64.strict_decode64(s) : nil
+    end
+
     ## INTERACT WITH THE API ##
 
     def resource(path)
@@ -317,24 +319,6 @@ module Pusher
       post_async('/batch_events', trigger_batch_params(events.flatten))
     end
 
-    def notification_client
-      @notification_client ||=
-        NativeNotification::Client.new(@app_id, @notification_host, @notification_scheme, self)
-    end
-
-
-    # Send a push notification
-    #
-    # POST /apps/[app_id]/notifications
-    #
-    # @param interests [Array] An array of interests
-    # @param message [String] Message to send
-    # @param options [Hash] Additional platform specific options
-    #
-    # @return [Hash]
-    def notify(interests, data = {})
-      notification_client.notify(interests, data)
-    end
 
     # Generate the expected response for an authentication endpoint.
     # See http://pusher.com/docs/authenticating_users for details.
@@ -362,14 +346,20 @@ module Pusher
     #
     def authenticate(channel_name, socket_id, custom_data = nil)
       channel_instance = channel(channel_name)
-      channel_instance.authenticate(socket_id, custom_data)
+      r = channel_instance.authenticate(socket_id, custom_data)
+      if channel_name.match(/^private-encrypted-/)
+        r[:shared_secret] = Base64.strict_encode64(
+          channel_instance.shared_secret(encryption_master_key)
+        )
+      end
+      r
     end
 
     # @private Construct a net/http http client
     def sync_http_client
-      @client ||= begin
-        require 'httpclient'
+      require 'httpclient'
 
+      @client ||= begin
         HTTPClient.new(@http_proxy).tap do |c|
           c.connect_timeout = @connect_timeout
           c.send_timeout = @send_timeout
@@ -388,14 +378,14 @@ module Pusher
         require 'em-http' unless defined?(EventMachine::HttpRequest)
 
         connection_opts = {
-          :connect_timeout => @connect_timeout,
-          :inactivity_timeout => @receive_timeout,
+          connect_timeout: @connect_timeout,
+          inactivity_timeout: @receive_timeout,
         }
 
         if defined?(@proxy)
           proxy_opts = {
-            :host => @proxy[:host],
-            :port => @proxy[:port]
+            host: @proxy[:host],
+            port: @proxy[:port]
           }
           if @proxy[:user]
             proxy_opts[:authorization] = [@proxy[:user], @proxy[:password]]
@@ -413,10 +403,17 @@ module Pusher
       channels = Array(channels).map(&:to_s)
       raise Pusher::Error, "Too many channels (#{channels.length}), max 10" if channels.length > 10
 
+      encoded_data = if channels.any?{ |c| c.match(/^private-encrypted-/) } then
+        raise Pusher::Error, "Cannot trigger to multiple channels if any are encrypted" if channels.length > 1
+        encrypt(channels[0], encode_data(data))
+      else
+        encode_data(data)
+      end
+
       params.merge({
         name: event_name,
         channels: channels,
-        data: encode_data(data),
+        data: encoded_data,
       })
     end
 
@@ -424,7 +421,11 @@ module Pusher
       {
         batch: events.map do |event|
           event.dup.tap do |e|
-            e[:data] = encode_data(e[:data])
+            e[:data] = if e[:channel].match(/^private-encrypted-/) then
+              encrypt(e[:channel], encode_data(e[:data]))
+            else
+              encode_data(e[:data])
+            end
           end
         end
       }
@@ -436,8 +437,37 @@ module Pusher
       MultiJson.encode(data)
     end
 
+    # Encrypts a message with a key derived from the master key and channel
+    # name
+    def encrypt(channel_name, encoded_data)
+      raise ConfigurationError, :encryption_master_key unless @encryption_master_key
+
+      # Only now load rbnacl, so that people that aren't using it don't need to
+      # install libsodium
+      require_rbnacl
+
+      secret_box = RbNaCl::SecretBox.new(
+        channel(channel_name).shared_secret(@encryption_master_key)
+      )
+
+      nonce = RbNaCl::Random.random_bytes(secret_box.nonce_bytes)
+      ciphertext = secret_box.encrypt(nonce, encoded_data)
+
+      MultiJson.encode({
+        "nonce" => Base64::strict_encode64(nonce),
+        "ciphertext" => Base64::strict_encode64(ciphertext),
+      })
+    end
+
     def configured?
       host && scheme && key && secret && app_id
     end
+
+    def require_rbnacl
+      require 'rbnacl'
+    rescue LoadError => e
+      $stderr.puts "You don't have rbnacl installed in your application. Please add it to your Gemfile and run bundle install"
+      raise e
+    end
   end
 end

data/lib/pusher/version.rb

@@ -1,3 +1,3 @@
 module Pusher
-  VERSION = '1.3.3'
+  VERSION = '2.0.0'
 end

data/pull_request_template.md

@@ -0,0 +1,7 @@
+## Description
+
+Add a short description of the change. If this is related to an issue, please add a reference to the issue.
+
+## CHANGELOG
+
+* [CHANGED] Describe your change here. Look at CHANGELOG.md to see the format.

data/pusher.gemspec

@@ -13,18 +13,21 @@ Gem::Specification.new do |s|
   s.description = %q{Wrapper for Pusher Channels REST api: : https://pusher.com/channels}
   s.license     = "MIT"
 
-  s.add_dependency "multi_json", "~> 1.0"
+  s.required_ruby_version = ">= 2.6"
+
+  s.add_dependency "multi_json", "~> 1.15"
   s.add_dependency 'pusher-signature', "~> 0.1.8"
-  s.add_dependency "httpclient", "~> 2.7"
+  s.add_dependency "httpclient", "~> 2.8"
   s.add_dependency "jruby-openssl" if defined?(JRUBY_VERSION)
 
-  s.add_development_dependency "rspec", "~> 3.0"
-  s.add_development_dependency "webmock"
-  s.add_development_dependency "em-http-request", "~> 1.1.0"
-  s.add_development_dependency "addressable", "=2.4.0"
-  s.add_development_dependency "rake", "~> 10.4.2"
-  s.add_development_dependency "rack", "~> 1.6.4"
-  s.add_development_dependency "json", "~> 1.8.3"
+  s.add_development_dependency "rspec", "~> 3.9"
+  s.add_development_dependency "webmock", "~> 3.9"
+  s.add_development_dependency "em-http-request", "~> 1.1"
+  s.add_development_dependency "addressable", "~> 2.7"
+  s.add_development_dependency "rake", "~> 13.0"
+  s.add_development_dependency "rack", "~> 2.2"
+  s.add_development_dependency "json", "~> 2.3"
+  s.add_development_dependency "rbnacl", "~> 7.1"
 
   s.files         = `git ls-files`.split("\n")
   s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")

data/spec/channel_spec.rb

@@ -29,7 +29,7 @@ describe Pusher::Channel do
   describe '#trigger!' do
     it "should use @client.trigger internally" do
       expect(@client).to receive(:trigger)
-      @channel.trigger('new_event', 'Some data')
+      @channel.trigger!('new_event', 'Some data')
     end
   end
 
@@ -39,16 +39,14 @@ describe Pusher::Channel do
 
       expect(Pusher.logger).to receive(:error).with("Exception from WebMock (HTTPClient::BadResponseError) (Pusher::HTTPError)")
       expect(Pusher.logger).to receive(:debug) #backtrace
-      channel = Pusher::Channel.new(@client.url, 'test_channel', @client)
-      channel.trigger('new_event', 'Some data')
+      @channel.trigger('new_event', 'Some data')
     end
 
     it "should log failure if Pusher returns an error response" do
       stub_post 401, "some signature info"
       expect(Pusher.logger).to receive(:error).with("some signature info (Pusher::AuthenticationError)")
       expect(Pusher.logger).to receive(:debug) #backtrace
-      channel = Pusher::Channel.new(@client.url, 'test_channel', @client)
-      channel.trigger('new_event', 'Some data')
+      @channel.trigger('new_event', 'Some data')
     end
   end
 
@@ -167,4 +165,23 @@ describe Pusher::Channel do
       }.to raise_error Pusher::Error
     end
   end
+
+  describe `#shared_secret` do
+    before(:each) do
+      @channel.instance_variable_set(:@name, 'private-encrypted-1')
+    end
+
+    it 'should return a shared_secret based on the channel name and encryption master key' do
+      key = '3W1pfB/Etr+ZIlfMWwZP3gz8jEeCt4s2pe6Vpr+2c3M='
+      shared_secret = @channel.shared_secret(key)
+      expect(Base64.strict_encode64(shared_secret)).to eq(
+        "6zeEp/chneRPS1cbK/hGeG860UhHomxSN6hTgzwT20I="
+      )
+    end
+
+    it 'should return nil if missing encryption master key' do
+      shared_secret = @channel.shared_secret(nil)
+      expect(shared_secret).to be_nil
+    end
+  end
 end