pubnub · kleewho · Dec 16, 2021 · Nov 15, 2021 · Nov 16, 2021 · Nov 16, 2021
@@ -25,10 +25,10 @@ jobs:
           sudo gem install bundler &&
           bundle install
       - name: Run acceptance tests (optional)
-        run: bundle exec cucumber sdk-specifications/features/ -p mock -p run_beta -p report_beta
+        run: bundle exec cucumber sdk-specifications/features/ -p mock -p run_beta -p report_beta -f pretty
         continue-on-error: true
       - name: Run acceptance tests (required)
-        run: bundle exec cucumber sdk-specifications/features/ -p mock -p run_main -p report_main
+        run: bundle exec cucumber sdk-specifications/features/ -p mock -p run_main -p report_main -f pretty
       - name: Combine test results
         if: always()
         run: |

@@ -403,6 +403,10 @@ features:
   access:
     - ACCESS-GRANT
     - ACCESS-SECRET-KEY-ALL-ACCESS
+    - ACCESS-GRANT-TOKEN
+    - ACCESS-PARSE-TOKEN
+    - ACCESS-SET-TOKEN
+    - ACCESS-REVOKE-TOKEN
   channel-groups:
     - CHANNEL-GROUPS-ADD-CHANNELS
     - CHANNEL-GROUPS-REMOVE-CHANNELS

@@ -16,6 +16,18 @@
   @pubnub = Pubnub.new(@pn_configuration)
 end
 
+Given('I have a keyset with access manager enabled - without secret key') do
+  expect(ENV['PAM_SUB_KEY']).not_to be_nil
+  expect(ENV['PAM_PUB_KEY']).not_to be_nil
+  @pn_configuration['subscribe_key'] = ENV['PAM_SUB_KEY']
+  @pn_configuration['publish_key'] = ENV['PAM_PUB_KEY']
+  logger = Logger.new(STDOUT)
+  logger.level = Logger::DEBUG
+  @pn_configuration['logger'] = logger
+
+  @pubnub = Pubnub.new(@pn_configuration)
+end
+
 Given('the authorized UUID {string}') do |uuid|
   @grant_token_state[:authorized_uuid] = uuid
 end
@@ -48,17 +60,56 @@
   }
 end
 
+Given('a valid token with permissions to publish with channel {string}') do |string|
+  @grant_token_state[:token] = token_with_all
+end
+
+Given('a token') do
+  @grant_token_state[:token] = token_with_all
+end
+
+Given('an expired token with permissions to publish with channel {string}') do |string|
+  @grant_token_state[:token] = token_with_all
+end
+
 And('grant pattern permission {permissionType}') do |permission_type|
   current_pattern = @grant_token_state[:current_pattern]
   @grant_token_state[:current_grant][current_pattern][:permission_type].push(permission_type)
 end
 
-
 When('I grant a token specifying those permissions') do
   res = call_grant_token(@pubnub, @grant_token_state)
   @grant_token_state[:parsed_token] = @pubnub.parse_token(res.result[:data]["token"])
 end
 
+When('I publish a message using that auth token with channel {string}') do |channel|
+  @pubnub.set_token(@grant_token_state[:token])
+  res = @pubnub.publish(
+    message: "This is message",
+    channel: channel,
+    http_sync: true
+  )
+  @global_state[:last_call_res] = res
+end
+
+When('I attempt to publish a message using that auth token with channel {string}') do |channel|
+  @pubnub.set_token(@grant_token_state[:token])
+  res = @pubnub.publish(
+    message: "This is message",
+    channel: channel,
+    http_sync: true
+  )
+  @global_state[:last_call_res] = res
+end
+
+When('I revoke a token') do
+  res = @pubnub.revoke_token(
+    token: @grant_token_state[:token],
+    http_sync: true
+  )
+  @global_state[:last_call_res] = res
+end
+
 Then('the token contains the authorized UUID {string}') do |expected_uuid|
   expect(@grant_token_state[:parsed_token]["uuid"]).to eq expected_uuid
 end
@@ -115,35 +166,37 @@
 end
 
 When('I attempt to grant a token specifying those permissions') do
-  @grant_token_state[:error_response] = call_grant_token(@pubnub, @grant_token_state)
+  @global_state[:last_call_res] = call_grant_token(@pubnub, @grant_token_state)
 end
 
 Then('an error is returned') do
-  expect(@grant_token_state[:error_response]).not_to eq nil
+  envelope = @global_state[:last_call_res]
+  expect(envelope).not_to eq nil
+  expect(envelope.is_a?(Pubnub::ErrorEnvelope)).to eq true
 end
 
 Then('the error status code is {int}') do |code|
-  expect(@grant_token_state[:error_response].status[:code]).to eq code
+  expect(@global_state[:last_call_res].status[:code]).to eq code
 end
 
 Then('the error message is {string}') do |error_message|
-  expect(parse_error_body(@grant_token_state[:error_response])["error"]["message"]).to eq error_message
+  expect(parse_error_body(@global_state[:last_call_res])["error"]["message"]).to eq error_message
 end
 
 Then('the error source is {string}') do |error_source|
-  expect(parse_error_body(@grant_token_state[:error_response])["error"]["source"]).to eq error_source
+  expect(parse_error_body(@global_state[:last_call_res])["error"]["source"]).to eq error_source
 end
 
 Then('the error detail message is {string}') do |details_message|
-  expect(parse_error_body(@grant_token_state[:error_response])["error"]["details"][0]["message"]).to eq details_message
+  expect(parse_error_body(@global_state[:last_call_res])["error"]["details"][0]["message"]).to eq details_message
 end
 
 Then('the error detail location is {string}') do |details_location|
-  expect(parse_error_body(@grant_token_state[:error_response])["error"]["details"][0]["location"]).to eq details_location
+  expect(parse_error_body(@global_state[:last_call_res])["error"]["details"][0]["location"]).to eq details_location
 end
 
 Then('the error detail location type is {string}') do |location_type|
-  expect(parse_error_body(@grant_token_state[:error_response])["error"]["details"][0]["locationType"]).to eq location_type
+  expect(parse_error_body(@global_state[:last_call_res])["error"]["details"][0]["locationType"]).to eq location_type
 end
 
 Given('I have a known token containing an authorized UUID') do
@@ -165,3 +218,39 @@
 Given('I have a known token containing UUID pattern Permissions') do
   @grant_token_state[:token] = token_with_all
 end
+
+Given('the token string {string}') do |token|
+  @grant_token_state[:token] = token
+end
+
+Then('the result is successful') do
+  envelope = @global_state[:last_call_res]
+  expect(envelope.is_a?(Pubnub::ErrorEnvelope)).to eq false
+  expect(envelope.status[:code]).to eq 200
+end
+
+Then('an auth error is returned') do
+  envelope = @global_state[:last_call_res]
+  expect(envelope).not_to eq nil
+  expect(envelope.is_a?(Pubnub::ErrorEnvelope)).to eq true
+end
+
+Then('the auth error message is {string}') do |error_message|
+  expect(parse_error_body(@global_state[:last_call_res])["message"]).to eq error_message
+end
+
+Then('the error service is {string}') do |service|
+  expect(parse_error_body(@global_state[:last_call_res])["service"]).to eq service
+end
+
+Then('I get confirmation that token has been revoked') do
+  envelope = @global_state[:last_call_res]
+  expect(envelope.is_a?(Pubnub::ErrorEnvelope)).to eq false
+  expect(envelope.status[:code]).to eq 200
+end
+
+Then('the error detail message is not empty') do
+  expect(parse_error_body(@global_state[:last_call_res])["error"]["message"].empty?).to eq false
+end
+
+
@@ -3,6 +3,7 @@
 
 Before do |scenario|
   @grant_token_state = {}
+  @global_state = {}
   @grant_token_state[:current_grant] = {}
   @pn_configuration = {}
 

@@ -37,6 +37,7 @@
 require 'pubnub/validators/channel_registration'
 require 'pubnub/validators/grant'
 require 'pubnub/validators/grant_token'
+require 'pubnub/validators/revoke_token'
 require 'pubnub/validators/heartbeat'
 require 'pubnub/validators/here_now'
 require 'pubnub/validators/history'

@@ -4,7 +4,7 @@ module Pubnub
   class Client
     # Module that holds generator for all events
     module Events
-      EVENTS = %w[publish subscribe presence leave history here_now audit grant grant_token delete_messages
+      EVENTS = %w[publish subscribe presence leave history here_now audit grant grant_token revoke_token delete_messages
                   revoke time heartbeat where_now set_state state channel_registration message_counts signal
                   add_channels_to_push list_push_provisions remove_channels_from_push remove_device_from_push
                   set_uuid_metadata set_channel_metadata remove_uuid_metadata remove_channel_metadata

@@ -58,6 +58,7 @@ module Constants
     OPERATION_AUDIT = :audit
     OPERATION_GRANT = :grant
     OPERATION_GRANT_TOKEN = :grant_token
+    OPERATION_REVOKE_TOKEN = :revoke_token
     OPERATION_REVOKE = :revoke
     OPERATION_DELETE = :delete
     OPERATION_LIST_ALL_CHANNEL_GROUPS = :list_all_channel_groups

@@ -112,7 +112,8 @@ def enable_format_group?
 
     def operation_http_method
       case @event
-      when Pubnub::Constants::OPERATION_DELETE, Pubnub::Constants::OPERATION_REMOVE_CHANNEL_METADATA, Pubnub::Constants::OPERATION_REMOVE_UUID_METADATA
+      when Pubnub::Constants::OPERATION_DELETE, Pubnub::Constants::OPERATION_REMOVE_CHANNEL_METADATA,
+           Pubnub::Constants::OPERATION_REMOVE_UUID_METADATA, Pubnub::Constants::OPERATION_REVOKE_TOKEN
         "delete"
       when Pubnub::Constants::OPERATION_SET_UUID_METADATA, Pubnub::Constants::OPERATION_SET_CHANNEL_METADATA,
            Pubnub::Constants::OPERATION_SET_CHANNEL_MEMBERS, Pubnub::Constants::OPERATION_SET_MEMBERSHIPS,
@@ -174,6 +175,7 @@ def create_variables_from_options(options)
                      state channel_group channel_groups compressed meta customs include_token
                      replicate with_presence cipher_key_selector include_meta join update get
                      add remove push_token push_gateway environment topic authorized_uuid
+                     token
                    ]
 
       options = options.each_with_object({}) { |option, obj| obj[option.first.to_sym] = option.last }

@@ -0,0 +1,66 @@
+module Pubnub
+  # Holds revoke token functionality
+  class RevokeToken < SingleEvent
+    include Concurrent::Async
+    include Pubnub::Validator::RevokeToken
+
+    def initialize(options, app)
+      @event = :revoke_token
+      super
+      @token = @token.split(' ')
+            .map{ |part| CGI.escape(part) }
+            .join("%20")
+    end
+
+    private
+
+    def current_operation
+      Pubnub::Constants::OPERATION_GRANT_TOKEN
+    end
+
+    def valid_envelope(parsed_response, req_res_objects)
+      Pubnub::Envelope.new(
+        event: @event,
+        event_options: @given_options,
+        timetoken: nil,
+        status: {
+          code: req_res_objects[:response].code,
+          client_request: req_res_objects[:request],
+          server_response: req_res_objects[:response],
+          category: Pubnub::Constants::STATUS_ACK,
+          error: false,
+          auto_retried: false,
+
+          current_timetoken: nil,
+          last_timetoken: nil,
+          subscribed_channels: nil,
+          subscribed_channel_groups: nil,
+
+          data: nil,
+
+          config: get_config
+
+        },
+        result: {
+          code: req_res_objects[:response].code,
+          operation: current_operation,
+          client_request: req_res_objects[:request],
+          server_response: req_res_objects[:response],
+
+          data: parsed_response['data']
+        }
+      )
+    end
+
+
+    def path
+      '/' + [
+        'v3',
+        'pam',
+        @subscribe_key,
+        'grant',
+        @token
+      ].join('/')
+    end
+  end
+end
@@ -0,0 +1,31 @@
+# Toplevel Pubnub module.
+module Pubnub
+  # Validator module that holds all validators modules
+  module Validator
+    # Validator for Grant event
+    module RevokeToken
+      include CommonValidator
+
+      def validate!
+        validate_keys!
+        validate_token!
+      end
+
+      private
+
+      def validate_keys!
+        raise(
+          ArgumentError.new(object: self, message: ':subscribe_key is required for revoke token event.'),
+          ':subscribe_key is required for grant token event.'
+        ) if @subscribe_key.nil? || @subscribe_key.empty?
+      end
+
+      def validate_token!
+        raise(
+          ArgumentError.new(object: self, message: ':token is required for revoke token event.'),
+          ':token is required for revoke token event.'
+        ) if @token.nil? || @token.empty?
+      end
+    end
+  end
+end