pusher-js 7.0.6 → 7.2.0

package/src/core/config.ts

@@ -1,6 +1,13 @@
 import { Options } from './options';
 import Defaults from './defaults';
-import { AuthOptions, AuthorizerGenerator } from './auth/options';
+import {
+  ChannelAuthorizationHandler,
+  UserAuthenticationHandler,
+  AuthOptions
+} from './auth/options';
+import UserAuthenticator from './auth/user_authenticator';
+import ChannelAuthorizer from './auth/channel_authorizer';
+import { ChannelAuthorizerProxy } from './auth/deprecated_channel_authorizer';
 import Runtime from 'runtime';
 import * as nacl from 'tweetnacl';
 import Logger from './logger';
@@ -17,8 +24,6 @@ export interface Config {
   // these are all 'required' config parameters, it's not necessary for the user
   // to set them, but they have configured defaults.
   activityTimeout: number;
-  authEndpoint: string;
-  authTransport: AuthTransport;
   enableStats: boolean;
   httpHost: string;
   httpPath: string;
@@ -32,12 +37,12 @@ export interface Config {
   wsPath: string;
   wsPort: number;
   wssPort: number;
+  userAuthenticator: UserAuthenticationHandler;
+  channelAuthorizer: ChannelAuthorizationHandler;
 
   // these are all optional parameters or overrrides. The customer can set these
   // but it's not strictly necessary
   forceTLS?: boolean;
-  auth?: AuthOptions;
-  authorizer?: AuthorizerGenerator;
   cluster?: string;
   disabledTransports?: Transport[];
   enabledTransports?: Transport[];
@@ -46,11 +51,10 @@ export interface Config {
   timelineParams?: any;
 }
 
-export function getConfig(opts: Options): Config {
+// getConfig mainly sets the defaults for the options that are not provided
+export function getConfig(opts: Options, pusher): Config {
   let config: Config = {
     activityTimeout: opts.activityTimeout || Defaults.activityTimeout,
-    authEndpoint: opts.authEndpoint || Defaults.authEndpoint,
-    authTransport: opts.authTransport || Defaults.authTransport,
     cluster: opts.cluster || Defaults.cluster,
     httpPath: opts.httpPath || Defaults.httpPath,
     httpPort: opts.httpPort || Defaults.httpPort,
@@ -65,11 +69,12 @@ export function getConfig(opts: Options): Config {
     enableStats: getEnableStatsConfig(opts),
     httpHost: getHttpHost(opts),
     useTLS: shouldUseTLS(opts),
-    wsHost: getWebsocketHost(opts)
+    wsHost: getWebsocketHost(opts),
+
+    userAuthenticator: buildUserAuthenticator(opts),
+    channelAuthorizer: buildChannelAuthorizer(opts, pusher)
   };
 
-  if ('auth' in opts) config.auth = opts.auth;
-  if ('authorizer' in opts) config.authorizer = opts.authorizer;
   if ('disabledTransports' in opts)
     config.disabledTransports = opts.disabledTransports;
   if ('enabledTransports' in opts)
@@ -129,3 +134,63 @@ function getEnableStatsConfig(opts: Options): boolean {
   }
   return false;
 }
+
+function buildUserAuthenticator(opts: Options): UserAuthenticationHandler {
+  const userAuthentication = {
+    ...Defaults.userAuthentication,
+    ...opts.userAuthentication
+  };
+  if (
+    'customHandler' in userAuthentication &&
+    userAuthentication['customHandler'] != null
+  ) {
+    return userAuthentication['customHandler'];
+  }
+
+  return UserAuthenticator(userAuthentication);
+}
+
+function buildChannelAuth(
+  opts: Options,
+  pusher
+): AuthOptions<ChannelAuthorizationHandler> {
+  let channelAuthorization: AuthOptions<ChannelAuthorizationHandler>;
+  if ('channelAuthorization' in opts) {
+    channelAuthorization = {
+      ...Defaults.channelAuthorization,
+      ...opts.channelAuthorization
+    };
+  } else {
+    channelAuthorization = {
+      transport: opts.authTransport || Defaults.authTransport,
+      endpoint: opts.authEndpoint || Defaults.authEndpoint
+    };
+    if ('auth' in opts) {
+      if ('params' in opts.auth) channelAuthorization.params = opts.auth.params;
+      if ('headers' in opts.auth)
+        channelAuthorization.headers = opts.auth.headers;
+    }
+    if ('authorizer' in opts)
+      channelAuthorization.customHandler = ChannelAuthorizerProxy(
+        pusher,
+        channelAuthorization,
+        opts.authorizer
+      );
+  }
+  return channelAuthorization;
+}
+
+function buildChannelAuthorizer(
+  opts: Options,
+  pusher
+): ChannelAuthorizationHandler {
+  const channelAuthorization = buildChannelAuth(opts, pusher);
+  if (
+    'customHandler' in channelAuthorization &&
+    channelAuthorization['customHandler'] != null
+  ) {
+    return channelAuthorization['customHandler'];
+  }
+
+  return ChannelAuthorizer(channelAuthorization);
+}

package/src/core/defaults.ts

@@ -1,3 +1,8 @@
+import {
+  AuthOptions,
+  ChannelAuthorizationHandler,
+  UserAuthenticationHandler
+} from './auth/options';
 import { AuthTransport } from './config';
 
 export interface DefaultConfig {
@@ -17,6 +22,8 @@ export interface DefaultConfig {
   pongTimeout: number;
   unavailableTimeout: number;
   cluster: string;
+  userAuthentication: AuthOptions<UserAuthenticationHandler>;
+  channelAuthorization: AuthOptions<ChannelAuthorizationHandler>;
 
   cdn_http?: string;
   cdn_https?: string;
@@ -44,6 +51,14 @@ var Defaults: DefaultConfig = {
   pongTimeout: 30000,
   unavailableTimeout: 10000,
   cluster: 'mt1',
+  userAuthentication: {
+    endpoint: '/pusher/user-auth',
+    transport: 'ajax'
+  },
+  channelAuthorization: {
+    endpoint: '/pusher/auth',
+    transport: 'ajax'
+  },
 
   // CDN configuration
   cdn_http: CDN_HTTP,

package/src/core/errors.ts

@@ -7,6 +7,15 @@ export class BadEventName extends Error {
     Object.setPrototypeOf(this, new.target.prototype);
   }
 }
+
+export class BadChannelName extends Error {
+  constructor(msg?: string) {
+    super(msg);
+
+    Object.setPrototypeOf(this, new.target.prototype);
+  }
+}
+
 export class RequestTimedOut extends Error {
   constructor(msg?: string) {
     super(msg);

package/src/core/options.ts

@@ -1,14 +1,27 @@
 import ConnectionManager from './connection/connection_manager';
-import { AuthOptions, AuthorizerGenerator } from './auth/options';
+import {
+  AuthOptions,
+  ChannelAuthorizationHandler,
+  UserAuthenticationHandler
+} from './auth/options';
+import {
+  ChannelAuthorizerGenerator,
+  DeprecatedAuthOptions
+} from './auth/deprecated_channel_authorizer';
 import { AuthTransport, Transport } from './config';
 import * as nacl from 'tweetnacl';
 
 export interface Options {
   activityTimeout?: number;
-  auth?: AuthOptions;
-  authEndpoint?: string;
-  authTransport?: AuthTransport;
-  authorizer?: AuthorizerGenerator;
+
+  auth?: DeprecatedAuthOptions; // DEPRECATED use channelAuthorization instead
+  authEndpoint?: string; // DEPRECATED use channelAuthorization instead
+  authTransport?: AuthTransport; // DEPRECATED use channelAuthorization instead
+  authorizer?: ChannelAuthorizerGenerator; // DEPRECATED use channelAuthorization instead
+
+  channelAuthorization?: AuthOptions<ChannelAuthorizationHandler>;
+  userAuthentication?: AuthOptions<UserAuthenticationHandler>;
+
   cluster?: string;
   enableStats?: boolean;
   disableStats?: boolean;

package/src/core/pusher.ts

@@ -20,6 +20,7 @@ import UrlStore from 'core/utils/url_store';
 import { Options } from './options';
 import { Config, getConfig } from './config';
 import StrategyOptions from './strategies/strategy_options';
+import UserFacade from './user';
 
 export default class Pusher {
   /*  STATIC PROPERTIES */
@@ -60,6 +61,7 @@ export default class Pusher {
   timelineSender: TimelineSender;
   connection: ConnectionManager;
   timelineSenderTimer: PeriodicTimer;
+  user: UserFacade;
 
   constructor(app_key: string, options?: Options) {
     checkAppKey(app_key);
@@ -77,7 +79,7 @@ export default class Pusher {
     }
 
     this.key = app_key;
-    this.config = getConfig(options);
+    this.config = getConfig(options, this);
 
     this.channels = Factory.createChannels();
     this.global_emitter = new EventsDispatcher();
@@ -145,6 +147,8 @@ export default class Pusher {
     Pusher.instances.push(this);
     this.timeline.info({ instances: Pusher.instances.length });
 
+    this.user = new UserFacade(this);
+
     if (Pusher.isReady) {
       this.connect();
     }
@@ -247,6 +251,10 @@ export default class Pusher {
   shouldUseTLS(): boolean {
     return this.config.useTLS;
   }
+
+  signin() {
+    this.user.signin();
+  }
 }
 
 function checkAppKey(key) {

package/src/core/user.ts

@@ -0,0 +1,143 @@
+import Pusher from './pusher';
+import Logger from './logger';
+import {
+  UserAuthenticationData,
+  UserAuthenticationCallback
+} from './auth/options';
+import Channel from './channels/channel';
+import EventsDispatcher from './events/dispatcher';
+
+export default class UserFacade extends EventsDispatcher {
+  pusher: Pusher;
+  signin_requested: boolean = false;
+  user_data: any = null;
+  serverToUserChannel: Channel = null;
+
+  public constructor(pusher: Pusher) {
+    super(function(eventName, data) {
+      Logger.debug('No callbacks on user for ' + eventName);
+    });
+    this.pusher = pusher;
+    this.pusher.connection.bind('connected', () => {
+      this._signin();
+    });
+    this.pusher.connection.bind('connecting', () => {
+      this._disconnect();
+    });
+    this.pusher.connection.bind('disconnected', () => {
+      this._disconnect();
+    });
+    this.pusher.connection.bind('message', event => {
+      var eventName = event.event;
+      if (eventName === 'pusher:signin_success') {
+        this._onSigninSuccess(event.data);
+      }
+      if (
+        this.serverToUserChannel &&
+        this.serverToUserChannel.name === event.channel
+      ) {
+        this.serverToUserChannel.handleEvent(event);
+      }
+    });
+  }
+
+  public signin() {
+    if (this.signin_requested) {
+      return;
+    }
+
+    this.signin_requested = true;
+    this._signin();
+  }
+
+  private _signin() {
+    if (!this.signin_requested) {
+      return;
+    }
+
+    if (this.pusher.connection.state !== 'connected') {
+      // Signin will be attempted when the connection is connected
+      return;
+    }
+
+    const onAuthorize: UserAuthenticationCallback = (
+      err,
+      authData: UserAuthenticationData
+    ) => {
+      if (err) {
+        Logger.warn(`Error during signin: ${err}`);
+        return;
+      }
+
+      this.pusher.send_event('pusher:signin', {
+        auth: authData.auth,
+        user_data: authData.user_data
+      });
+
+      // Later when we get pusher:singin_success event, the user will be marked as signed in
+    };
+
+    this.pusher.config.userAuthenticator(
+      {
+        socketId: this.pusher.connection.socket_id
+      },
+      onAuthorize
+    );
+  }
+
+  private _onSigninSuccess(data: any) {
+    try {
+      this.user_data = JSON.parse(data.user_data);
+    } catch (e) {
+      Logger.error(`Failed parsing user data after signin: ${data.user_data}`);
+      return;
+    }
+
+    if (typeof this.user_data.id !== 'string' || this.user_data.id === '') {
+      Logger.error(
+        `user_data doesn't contain an id. user_data: ${this.user_data}`
+      );
+      return;
+    }
+
+    this._subscribeChannels();
+  }
+
+  private _subscribeChannels() {
+    const ensure_subscribed = channel => {
+      if (channel.subscriptionPending && channel.subscriptionCancelled) {
+        channel.reinstateSubscription();
+      } else if (
+        !channel.subscriptionPending &&
+        this.pusher.connection.state === 'connected'
+      ) {
+        channel.subscribe();
+      }
+    };
+
+    this.serverToUserChannel = new Channel(
+      `#server-to-user-${this.user_data.id}`,
+      this.pusher
+    );
+    this.serverToUserChannel.bind_global((eventName, data) => {
+      if (
+        eventName.indexOf('pusher_internal:') === 0 ||
+        eventName.indexOf('pusher:') === 0
+      ) {
+        // ignore internal events
+        return;
+      }
+      this.emit(eventName, data);
+    });
+    ensure_subscribed(this.serverToUserChannel);
+  }
+
+  private _disconnect() {
+    this.user_data = null;
+    if (this.serverToUserChannel) {
+      this.serverToUserChannel.unbind_all();
+      this.serverToUserChannel.disconnect();
+      this.serverToUserChannel = null;
+    }
+  }
+}

package/src/core/utils/factory.ts

@@ -6,8 +6,7 @@ import Handshake from '../connection/handshake';
 import TransportConnection from '../transports/transport_connection';
 import SocketHooks from '../http/socket_hooks';
 import HTTPSocket from '../http/http_socket';
-import { AuthorizerOptions, Authorizer } from '../auth/options';
-import PusherAuthorizer from '../auth/pusher_authorizer';
+
 import Timeline from '../timeline/timeline';
 import {
   default as TimelineSender,
@@ -61,14 +60,6 @@ var Factory = {
     return new TimelineSender(timeline, options);
   },
 
-  createAuthorizer(channel: Channel, options: AuthorizerOptions): Authorizer {
-    if (options.authorizer) {
-      return options.authorizer(channel, options);
-    }
-
-    return new PusherAuthorizer(channel, options);
-  },
-
   createHandshake(
     transport: TransportConnection,
     callback: (HandshakePayload) => void

package/src/core/utils/url_store.ts

@@ -6,7 +6,10 @@ const urlStore = {
   baseUrl: 'https://pusher.com',
   urls: {
     authenticationEndpoint: {
-      path: '/docs/authenticating_users'
+      path: '/docs/channels/server_api/authenticating_users'
+    },
+    authorizationEndpoint: {
+      path: '/docs/channels/server_api/authorizing-users/'
     },
     javascriptQuickStart: {
       path: '/docs/javascript_quick_start'

package/src/runtimes/isomorphic/auth/xhr_auth.ts

@@ -5,24 +5,27 @@ import Runtime from 'runtime';
 import { AuthTransport } from 'core/auth/auth_transports';
 import AbstractRuntime from 'runtimes/interface';
 import UrlStore from 'core/utils/url_store';
-import { AuthorizerCallback } from 'core/auth/options';
+import {
+  AuthRequestType,
+  AuthTransportCallback,
+  InternalAuthOptions
+} from 'core/auth/options';
 import { HTTPAuthError } from 'core/errors';
 
-var ajax: AuthTransport = function(
+const ajax: AuthTransport = function(
   context: AbstractRuntime,
-  socketId: string,
-  callback: AuthorizerCallback
+  query: string,
+  authOptions: InternalAuthOptions,
+  authRequestType: AuthRequestType,
+  callback: AuthTransportCallback
 ) {
-  var self = this,
-    xhr;
-
-  xhr = Runtime.createXHR();
-  xhr.open('POST', self.options.authEndpoint, true);
+  const xhr = Runtime.createXHR();
+  xhr.open('POST', authOptions.endpoint, true);
 
   // add request headers
   xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
-  for (var headerName in this.authOptions.headers) {
-    xhr.setRequestHeader(headerName, this.authOptions.headers[headerName]);
+  for (var headerName in authOptions.headers) {
+    xhr.setRequestHeader(headerName, authOptions.headers[headerName]);
   }
 
   xhr.onreadystatechange = function() {
@@ -38,10 +41,11 @@ var ajax: AuthTransport = function(
           callback(
             new HTTPAuthError(
               200,
-              'JSON returned from auth endpoint was invalid, yet status code was 200. Data was: ' +
+              `JSON returned from ${authRequestType.toString()} endpoint was invalid, yet status code was 200. Data was: ${
                 xhr.responseText
+              }`
             ),
-            { auth: '' }
+            null
           );
         }
 
@@ -50,21 +54,30 @@ var ajax: AuthTransport = function(
           callback(null, data);
         }
       } else {
-        var suffix = UrlStore.buildLogSuffix('authenticationEndpoint');
+        let suffix = '';
+        switch (authRequestType) {
+          case AuthRequestType.UserAuthentication:
+            suffix = UrlStore.buildLogSuffix('authenticationEndpoint');
+            break;
+          case AuthRequestType.ChannelAuthorization:
+            suffix = `Clients must be authenticated to join private or presence channels. ${UrlStore.buildLogSuffix(
+              'authorizationEndpoint'
+            )}`;
+            break;
+        }
         callback(
           new HTTPAuthError(
             xhr.status,
-            'Unable to retrieve auth string from auth endpoint - ' +
-              `received status: ${xhr.status} from ${self.options.authEndpoint}. ` +
-              `Clients must be authenticated to join private or presence channels. ${suffix}`
+            `Unable to retrieve auth string from ${authRequestType.toString()} endpoint - ` +
+              `received status: ${xhr.status} from ${authOptions.endpoint}. ${suffix}`
           ),
-          { auth: '' }
+          null
         );
       }
     }
   };
 
-  xhr.send(this.composeQuery(socketId));
+  xhr.send(query);
   return xhr;
 };
 

package/src/runtimes/web/auth/jsonp_auth.ts

@@ -3,16 +3,22 @@ import Logger from 'core/logger';
 import JSONPRequest from '../dom/jsonp_request';
 import { ScriptReceivers } from '../dom/script_receiver_factory';
 import { AuthTransport } from 'core/auth/auth_transports';
-import { AuthorizerCallback } from 'core/auth/options';
+import {
+  AuthRequestType,
+  AuthTransportCallback,
+  InternalAuthOptions
+} from 'core/auth/options';
 
 var jsonp: AuthTransport = function(
   context: Browser,
-  socketId: string,
-  callback: AuthorizerCallback
+  query: string,
+  authOptions: InternalAuthOptions,
+  authRequestType: AuthRequestType,
+  callback: AuthTransportCallback
 ) {
-  if (this.authOptions.headers !== undefined) {
+  if (authOptions.headers !== undefined) {
     Logger.warn(
-      'To send headers with the auth request, you must use AJAX, rather than JSONP.'
+      `To send headers with the ${authRequestType.toString()} request, you must use AJAX, rather than JSONP.`
     );
   }
 
@@ -28,11 +34,11 @@ var jsonp: AuthTransport = function(
 
   var callback_name = "Pusher.auth_callbacks['" + callbackName + "']";
   script.src =
-    this.options.authEndpoint +
+    authOptions.endpoint +
     '?callback=' +
     encodeURIComponent(callback_name) +
     '&' +
-    this.composeQuery(socketId);
+    query;
 
   var head =
     document.getElementsByTagName('head')[0] || document.documentElement;

package/src/runtimes/worker/auth/fetch_auth.ts

@@ -1,22 +1,28 @@
 import AbstractRuntime from 'runtimes/interface';
 import { AuthTransport } from 'core/auth/auth_transports';
-import { AuthorizerCallback, AuthData } from 'core/auth/options';
+import {
+  AuthRequestType,
+  AuthTransportCallback,
+  InternalAuthOptions
+} from 'core/auth/options';
 import { HTTPAuthError } from 'core/errors';
 
 var fetchAuth: AuthTransport = function(
   context: AbstractRuntime,
-  socketId: string,
-  callback: AuthorizerCallback
+  query: string,
+  authOptions: InternalAuthOptions,
+  authRequestType: AuthRequestType,
+  callback: AuthTransportCallback
 ) {
   var headers = new Headers();
   headers.set('Content-Type', 'application/x-www-form-urlencoded');
 
-  for (var headerName in this.authOptions.headers) {
-    headers.set(headerName, this.authOptions.headers[headerName]);
+  for (var headerName in authOptions.headers) {
+    headers.set(headerName, authOptions.headers[headerName]);
   }
 
-  var body = this.composeQuery(socketId);
-  var request = new Request(this.options.authEndpoint, {
+  var body = query;
+  var request = new Request(authOptions.endpoint, {
     headers,
     body,
     credentials: 'same-origin',
@@ -33,24 +39,23 @@ var fetchAuth: AuthTransport = function(
       }
       throw new HTTPAuthError(
         200,
-        `Could not get auth info from your auth endpoint, status: ${status}`
+        `Could not get ${authRequestType.toString()} info from your auth endpoint, status: ${status}`
       );
     })
     .then(data => {
-      let parsedData: AuthData;
+      let parsedData;
       try {
         parsedData = JSON.parse(data);
       } catch (e) {
         throw new HTTPAuthError(
           200,
-          'JSON returned from auth endpoint was invalid, yet status code was 200. Data was: ' +
-            data
+          `JSON returned from ${authRequestType.toString()} endpoint was invalid, yet status code was 200. Data was: ${data}`
         );
       }
       callback(null, parsedData);
     })
     .catch(err => {
-      callback(err, { auth: '' });
+      callback(err, null);
     });
 };
 

package/types/src/core/auth/auth_transports.d.ts

@@ -1,6 +1,7 @@
 import AbstractRuntime from '../../runtimes/interface';
+import { AuthRequestType, InternalAuthOptions } from './options';
 interface AuthTransport {
-    (context: AbstractRuntime, socketId: string, callback: Function): void;
+    (context: AbstractRuntime, query: string, authOptions: InternalAuthOptions, authRequestType: AuthRequestType, callback: Function): void;
 }
 interface AuthTransports {
     [index: string]: AuthTransport;

package/types/src/core/auth/channel_authorizer.d.ts

@@ -0,0 +1,3 @@
+import { InternalAuthOptions, ChannelAuthorizationHandler } from './options';
+declare const ChannelAuthorizer: (authOptions: InternalAuthOptions) => ChannelAuthorizationHandler;
+export default ChannelAuthorizer;

package/types/src/core/auth/deprecated_channel_authorizer.d.ts

@@ -0,0 +1,18 @@
+import Channel from '../channels/channel';
+import { ChannelAuthorizationCallback, ChannelAuthorizationHandler, InternalAuthOptions } from './options';
+export interface DeprecatedChannelAuthorizer {
+    authorize(socketId: string, callback: ChannelAuthorizationCallback): void;
+}
+export interface ChannelAuthorizerGenerator {
+    (channel: Channel, options: DeprecatedAuthorizerOptions): DeprecatedChannelAuthorizer;
+}
+export interface DeprecatedAuthOptions {
+    params?: any;
+    headers?: any;
+}
+export interface DeprecatedAuthorizerOptions {
+    authTransport: 'ajax' | 'jsonp';
+    authEndpoint: string;
+    auth?: DeprecatedAuthOptions;
+}
+export declare const ChannelAuthorizerProxy: (pusher: any, authOptions: InternalAuthOptions, channelAuthorizerGenerator: ChannelAuthorizerGenerator) => ChannelAuthorizationHandler;