pusher 5.1.1-beta → 5.1.3

package/.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,14 @@
+## What does this PR do?
+
+[Description here]
+
+## Checklist
+
+- [ ] All new functionality has tests.
+- [ ] All tests are passing.
+- [ ] New or changed API methods have been documented.
+- [ ] `npm run format` has been run
+
+## CHANGELOG
+
+- [CHANGED] Describe your change here. Look at CHANGELOG.md to see the format.

package/.github/workflows/release.yml

@@ -0,0 +1,82 @@
+on:
+  push:
+    branches: [master]
+
+jobs:
+  check-release-tag:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+      - name: Prepare tag
+        id: prepare_tag
+        continue-on-error: true
+        run: |
+          export TAG=v$(jq -r '.version' package.json)
+          echo "TAG=$TAG" >> $GITHUB_ENV
+
+          export CHECK_TAG=$(git tag | grep $TAG)
+          if [[ $CHECK_TAG ]]; then
+            echo "Skipping because release tag already exists"
+            exit 1
+          fi
+      - name: Output
+        id: release_output
+        if: ${{ steps.prepare_tag.outcome == 'success' }}
+        run: |
+          echo "::set-output name=tag::${{ env.TAG }}"
+    outputs:
+      tag: ${{ steps.release_output.outputs.tag }}
+
+  create-github-release:
+    runs-on: ubuntu-latest
+    needs: check-release-tag
+    if: ${{ needs.check-release-tag.outputs.tag }}
+    steps:
+      - uses: actions/checkout@v2
+      - name: Prepare tag
+        run: |
+          export TAG=v$(jq -r '.version' package.json)
+          echo "TAG=$TAG" >> $GITHUB_ENV
+      - name: Setup git
+        run: |
+          git config user.email "pusher-ci@pusher.com"
+          git config user.name "Pusher CI"
+      - name: Prepare description
+        run: |
+          csplit -s CHANGELOG.md "/##/" {1}
+          cat xx01 > CHANGELOG.tmp
+      - name: Create Release
+        uses: actions/create-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: ${{ env.TAG }}
+          release_name: ${{ env.TAG }}
+          body_path: CHANGELOG.tmp
+          draft: false
+          prerelease: false
+
+  publish-to-npm:
+    runs-on: ubuntu-latest
+    needs: create-github-release
+    steps:
+      - uses: actions/checkout@v2
+      - uses: flood-io/is-published-on-npm@8478347e2650eb228d303975415458183d0a37e4
+        id: is-published
+      - run: echo "This version is already published on NPM"
+        if: ${{ steps.is-published.outputs.published == 'true' }}
+      - uses: actions/setup-node@v2
+        if: ${{ steps.is-published.outputs.published == 'false' }}
+        with:
+          node-version: "14"
+          registry-url: https://registry.npmjs.org/
+      - run: npm install
+        if: ${{ steps.is-published.outputs.published == 'false' }}
+      - run: npm publish --access public
+        if: ${{ steps.is-published.outputs.published == 'false' }}
+        env:
+          NODE_AUTH_TOKEN: ${{ secrets.NPM_TOKEN }}
+          NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

package/.github/workflows/release_pr.yml

@@ -0,0 +1,40 @@
+name: release
+
+on:
+  pull_request:
+    types: [labeled]
+    branches:
+      - master
+
+jobs:
+  prepare-release:
+    name: Prepare release
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Get current version
+        shell: bash
+        run: |
+          CURRENT_VERSION=$(jq -r '.version' package.json)
+          echo "CURRENT_VERSION=$CURRENT_VERSION" >> $GITHUB_ENV
+      - uses: actions/checkout@v2
+        with:
+          repository: pusher/actions
+          token: ${{ secrets.PUSHER_CI_GITHUB_PRIVATE_TOKEN }}
+          path: .github/actions
+      - uses: ./.github/actions/prepare-version-bump
+        id: bump
+        with:
+          current_version: ${{ env.CURRENT_VERSION }}
+      - uses: actions/setup-node@v2
+        with:
+          node-version: "14"
+      - run: npm install
+      - name: Push
+        shell: bash
+        run: |
+          echo "$(jq '.version = "${{ steps.bump.outputs.new_version }}"' package.json)" > package.json
+
+          git add package.json CHANGELOG.md
+          git commit -m "Bump to version ${{ steps.bump.outputs.new_version }}"
+          git push

package/CHANGELOG.md

@@ -1,3 +1,13 @@
+# Changelog
+
+## 5.1.3
+
+[FIXED] Parsing of the extraTokens in webhook's isValid method
+
+## 5.1.2
+
+- [CHANGED] Add types/node-fetch to dependencies.
+
 ## 5.1.1-beta (2022-06-01)
 
 [FIXED] Updated typescript types with new user features.
@@ -85,7 +95,7 @@ const pusher = new Pusher.forURL(process.env.PUSHER_URL, {
 
 ## 2.2.1 (2019-07-03)
 
-no-op release to fix the description on https://www.npmjs.com/package/pusher
+no-op release to fix the description on <https://www.npmjs.com/package/pusher>
 
 ## 2.2.0 (2018-11-26)
 

package/README.md

@@ -158,6 +158,14 @@ pusher.triggerBatch(events)
 
 You can trigger a batch of up to 10 events.
 
+#### Sending events to Authenticated Users
+
+Events can be triggered to [Authenticated Users](#Authenticating-users)
+
+```javascript
+pusher.sendToUser("user-1", "test_event", { message: "hello world" })
+```
+
 ### Excluding event recipients
 
 In order to avoid the client that triggered the event from also receiving it, a `socket_id` parameter can be added to the `params` object. For more information see: <http://pusher.com/docs/publisher_api_guide/publisher_excluding_recipients>.

package/lib/token.js

@@ -7,31 +7,31 @@ const util = require("./util")
  * @param {String} key app key
  * @param {String} secret app secret
  */
-function Token(key, secret) {
-  this.key = key
-  this.secret = secret
-}
-
-/** Signs the string using the secret.
- *
- * @param {String} string
- * @returns {String}
- */
-Token.prototype.sign = function (string) {
-  return crypto
-    .createHmac("sha256", this.secret)
-    .update(Buffer.from(string))
-    .digest("hex")
-}
-
-/** Checks if the string has correct signature.
- *
- * @param {String} string
- * @param {String} signature
- * @returns {Boolean}
- */
-Token.prototype.verify = function (string, signature) {
-  return util.secureCompare(this.sign(string), signature)
+class Token {
+  constructor(key, secret) {
+    this.key = key
+    this.secret = secret
+  }
+  /** Signs the string using the secret.
+   *
+   * @param {String} string
+   * @returns {String}
+   */
+  sign(string) {
+    return crypto
+      .createHmac("sha256", this.secret)
+      .update(Buffer.from(string))
+      .digest("hex")
+  }
+  /** Checks if the string has correct signature.
+   *
+   * @param {String} string
+   * @param {String} signature
+   * @returns {Boolean}
+   */
+  verify(string, signature) {
+    return util.secureCompare(this.sign(string), signature)
+  }
 }
 
 module.exports = Token

package/lib/webhook.js

@@ -1,4 +1,5 @@
 const errors = require("./errors")
+const Token = require("./token")
 
 /** Provides validation and access methods for a WebHook.
  *
@@ -46,7 +47,10 @@ WebHook.prototype.isValid = function (extraTokens) {
 
   const tokens = [this.token].concat(extraTokens)
   for (const i in tokens) {
-    const token = tokens[i]
+    let token = tokens[i]
+    if (token instanceof Token === false) {
+      token = new Token(token.key, token.secret)
+    }
     if (this.key == token.key && token.verify(this.body, this.signature)) {
       return true
     }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "pusher",
   "description": "Node.js client to interact with the Pusher Channels REST API",
-  "version": "5.1.1-beta",
+  "version": "5.1.3",
   "author": "Pusher <support@pusher.com>",
   "contributors": [
     {
@@ -26,11 +26,11 @@
     "is-base64": "^1.1.0",
     "node-fetch": "^2.6.1",
     "tweetnacl": "^1.0.0",
-    "tweetnacl-util": "^0.15.0"
+    "tweetnacl-util": "^0.15.0",
+    "@types/node-fetch": "^2.5.7"
   },
   "devDependencies": {
     "@types/node": "^14.14.6",
-    "@types/node-fetch": "^2.5.7",
     "eslint": "^7.11.0",
     "expect.js": "=0.3.1",
     "express": "^4.17.1",