Introducing self revoke

Author: perki

docs/hds-lib.js

@@ -320,6 +320,28 @@ class Collector {
     return newSharingApiEndpoint;
   }
 
+  /**
+   * @private
+   * @param {CollectorInvite} invite
+   * @returns {CollectorInvite}
+   */
+  async revokeInvite (invite) {
+    // invalidate this access
+    const updateInvite = {
+      id: invite.eventData.id,
+      update: {
+        content: structuredClone(invite.eventData.content),
+        streamIds: [this.streamIdFor(Collector.STREAMID_SUFFIXES.error)]
+      }
+    };
+    // TODO revoke updateInvite.apiEndPoint
+
+    updateInvite.update.content.errorType = 'revoked';
+    const eventData = await this.appManaging.connection.apiOne('events.update', updateInvite, 'event');
+    invite.eventData = eventData;
+    return invite;
+  }
+
   /**
    * check if required streams are present, if not create them
    */

docs/hds-lib.js.map

@@ -43,7 +43,7 @@ class CollectorClient {
   /** @property {string} - one of 'Incoming', 'Active', 'Deactivated', 'Refused' */
   get status () {
     const eventStatus = this.eventData.content.status;
-    if (eventStatus === 'Deactivated' || eventStatus === 'Refused') {
+    if (eventStatus === CollectorClient.STATUSES.deactivated || eventStatus === CollectorClient.STATUSES.refused) {
       if (!this.accessData?.deleted) {
         logger.error('>> CollectorClient.status TODO check consitency when access is still valid and deactivated or refused', this.accessData);
       }
@@ -188,6 +188,27 @@ class CollectorClient {
     return null;
   }
 
+  async revoke () {
+    if (!this.accessData) {
+      throw new HDSLibError('Cannot revoke if no accessData');
+    }
+    if (this.accessData.deleted && this.status === CollectorClient.STATUSES.deactivated) {
+      throw new HDSLibError('Already revoked');
+    }
+    // revoke access
+    await this.app.connection.apiOne('accesses.delete', { id: this.accessData.id }, 'accessDeletion');
+    // lazyly flag currentAccess as deleted
+    this.accessData.deleted = Date.now() / 1000;
+
+    const responseContent = { };
+    const requesterEvent = await this.#updateRequester('revoke', responseContent);
+    if (requesterEvent != null) {
+      await this.#updateStatus(CollectorClient.STATUSES.deactivated);
+      return { requesterEvent };
+    }
+    return null;
+  }
+
   async refuse () {
     const responseContent = { };
 

src/appTemplates/Collector.js

@@ -22,6 +22,8 @@ class CollectorInvite {
   eventData;
   /** @type {pryv.Connection} */
   #connection;
+  /** @type {Object} accessInfo from account */
+  #accessInfo;
 
   get key () {
     return CollectorInvite.getKeyForEvent(this.eventData);
@@ -51,6 +53,26 @@ class CollectorInvite {
     return this.#connection;
   }
 
+  /**
+   * Check if connection is valid. (only if active)
+   * If result is "forbidden" update and set as revoked
+   * @returns {Object} accessInfo if valid.
+   */
+  async checkAndGetAccessInfo (forceRefresh = false) {
+    if (!forceRefresh && this.#accessInfo) return this.#accessInfo;
+    try {
+      this.#accessInfo = await this.connection.accessInfo();
+      return this.#accessInfo;
+    } catch (e) {
+      this.#accessInfo = null;
+      if (e.response?.body?.error?.id === 'invalid-access-token') {
+        await this.collector.revokeInvite(this);
+        return null;
+      }
+      throw e;
+    }
+  }
+
   get displayName () {
     return this.eventData.content.name;
   }

src/appTemplates/CollectorClient.js

@@ -261,6 +261,27 @@ describe('[APTX] appTemplates', function () {
     assert.equal(invitesFromInbox[0].errorType, 'refused');
   });
 
+  it('[APCR] Collector invite revoke', async () => {
+    const { collector, collectorClient, invite } = await helperNewInvite(appManaging, appClient, 'APCR');
+    await collectorClient.accept();
+
+    // check collector
+    const invitesFromInbox1 = await collector.checkInbox();
+    assert.equal(invitesFromInbox1[0], invite);
+    assert.equal(invite.status, 'active');
+
+    // client revoke
+    await collectorClient.revoke();
+    assert.equal(collectorClient.status, 'Deactivated');
+    assert.ok(collectorClient.accessData.deleted);
+
+    // check collector
+    const invitesFromInbox2 = await collector.checkInbox();
+    assert.equal(invitesFromInbox2[0], invite);
+    assert.equal(invite.status, 'error');
+    assert.equal(invite.errorType, 'revoked');
+  });
+
   describe('[APCX] app Templates Client', function () {
     it('[APCE] Should throw error if not initialized with a personal or master token', async () => {
       const permissionsDummy = [{ streamId: 'dummy', level: 'manage' }];