Merge pull request #68 from IABTechLab/llp-uid2-2501-add-optout-support

Add support for optouts to refresh and CSTG calls.

Author: lionell-pack-ttd

src/Uid2Identity.ts

@@ -25,3 +25,11 @@ export function isValidIdentity(identity: Uid2Identity | unknown): identity is U
     'refresh_expires' in identity
   );
 }
+export interface OptoutIdentity extends Pick<Uid2Identity, 'refresh_expires' | 'identity_expires'> {
+  status: 'optout';
+}
+export function isOptoutIdentity(identity: OptoutIdentity | unknown): identity is OptoutIdentity {
+  if (identity === null || typeof identity !== 'object') return false;
+  const maybeIdentity = identity as OptoutIdentity;
+  return maybeIdentity.status === 'optout';
+}

src/integrationTests/autoRefresh.test.ts

@@ -172,7 +172,7 @@ testCookieAndLocalStorage(() => {
         }
       });
       test('getAdvertisingTokenPromise should reject', () => {
-        expect(exception).toEqual(new Error('UID2 SDK aborted.'));
+        expect(exception).toEqual(new Error('No identity available.'));
       });
       test('should invoke the callback', () => {
         expect(callback).toHaveBeenNthCalledWith(
@@ -185,7 +185,7 @@ testCookieAndLocalStorage(() => {
         );
       });
       test('should clear value', () => {
-        expect(getUid2(useCookie)).toBeNull();
+        expect(getUid2(useCookie)).toMatchObject({ status: 'optout' });
       });
       test('should not set refresh timer', () => {
         expect(setTimeout).not.toHaveBeenCalled();
@@ -425,7 +425,7 @@ testCookieAndLocalStorage(() => {
         }
       });
       test('getAdvertisingTokenPromise should reject', () => {
-        expect(exception).toEqual(new Error('UID2 SDK aborted.'));
+        expect(exception).toEqual(new Error('No identity available.'));
       });
       test('should invoke the callback', () => {
         expect(callback).toHaveBeenNthCalledWith(
@@ -437,8 +437,8 @@ testCookieAndLocalStorage(() => {
           })
         );
       });
-      test('should clear value', () => {
-        expect(getUid2(useCookie)).toBeNull();
+      test('should store optout', () => {
+        expect(getUid2(useCookie)).toMatchObject({ status: 'optout' });
       });
       test('should not set refresh timer', () => {
         expect(setTimeout).not.toHaveBeenCalled();

src/integrationTests/basic.test.ts

@@ -2,6 +2,7 @@ import { afterEach, beforeEach, describe, expect, jest, test } from '@jest/globa
 
 import * as mocks from '../mocks';
 import { sdkWindow, UID2 } from '../uid2Sdk';
+import { EventType } from '../uid2CallbackManager';
 
 let callback: any;
 let uid2: UID2;
@@ -335,6 +336,27 @@ testCookieAndLocalStorage(() => {
         expect(xhrMock.send).toHaveBeenLastCalledWith(identity.refresh_token);
         xhrMock.onreadystatechange();
         expect(cryptoMock.subtle.importKey).toHaveBeenCalledTimes(0);
+        mocks.resetCrypto(sdkWindow);
+      });
+    });
+    describe('when opted out identity is stored', () => {
+      let callback: ReturnType<typeof jest.fn>;
+      beforeEach(() => {
+        const optedOutIdentity = {
+          status: 'optout',
+          identity_expires: Date.now() + 10000,
+          refresh_expires: Date.now() + 10000,
+        };
+        callback = jest.fn();
+        uid2.callbacks.push(callback);
+        setUid2(optedOutIdentity, useCookie);
+        uid2.init({ useCookie });
+      });
+      test('hasOptedOut should be true', () => {
+        expect(uid2.hasOptedOut()).toBe(true);
+      });
+      test('the callback should be called with an opted out event', () => {
+        expect(callback).toBeCalledWith(EventType.OptoutReceived, { identity: null });
       });
     });
   });
@@ -457,6 +479,10 @@ testCookieAndLocalStorage(() => {
         identity: originalIdentity,
         useCookie: useCookie,
       });
+      let cryptoMock = new mocks.CryptoMock(sdkWindow);
+    });
+    afterEach(() => {
+      mocks.resetCrypto(sdkWindow);
     });
 
     describe('when token refresh succeeds', () => {
@@ -529,8 +555,8 @@ testCookieAndLocalStorage(() => {
           })
         );
       });
-      test('should not set cookie', () => {
-        expect(getUid2(useCookie)).toBeNull();
+      test('should set cookie to optout', () => {
+        expect(getUid2(useCookie)).toMatchObject({ status: 'optout' });
       });
       test('should not set refresh timer', () => {
         expect(setTimeout).not.toHaveBeenCalled();
@@ -729,6 +755,10 @@ testCookieAndLocalStorage(() => {
         identity: originalIdentity,
         useCookie: useCookie,
       });
+      let cryptoMock = new mocks.CryptoMock(sdkWindow);
+    });
+    afterEach(() => {
+      mocks.resetCrypto(sdkWindow);
     });
 
     describe('when token refresh succeeds', () => {
@@ -760,8 +790,15 @@ testCookieAndLocalStorage(() => {
     });
 
     describe('when token refresh returns optout', () => {
+      let handler: ReturnType<typeof jest.fn>;
       beforeEach(() => {
-        xhrMock.responseText = btoa(JSON.stringify({ status: 'optout' }));
+        handler = jest.fn();
+        uid2.callbacks.push(handler);
+        xhrMock.responseText = btoa(
+          JSON.stringify({
+            status: 'optout',
+          })
+        );
         xhrMock.onreadystatechange(new Event(''));
       });
 
@@ -774,8 +811,15 @@ testCookieAndLocalStorage(() => {
           })
         );
       });
-      test('should not set cookie', () => {
-        expect(getUid2(useCookie)).toBeNull();
+      test('should invoke the callback with no identity', () => {
+        expect(handler).toBeCalledWith(EventType.InitCompleted, { identity: null });
+      });
+      test('should invoke the callback with an optout event', () => {
+        expect(handler).toBeCalledWith(EventType.OptoutReceived, { identity: null });
+      });
+      test('should store the optout', () => {
+        const identity = getUid2(useCookie);
+        expect(identity).toMatchObject({ status: 'optout' });
       });
       test('should not set refresh timer', () => {
         expect(setTimeout).not.toHaveBeenCalled();

src/integrationTests/clientSideTokenGeneration.test.ts

@@ -164,6 +164,44 @@ describe('Client-side token generation Tests', () => {
             (expect(uid2) as any).toBeInUnavailableState();
           });
         });
+
+        describe('when optout response is received', () => {
+          beforeEach(() => {
+            xhrMock.send.mockImplementationOnce((body: string) => {
+              const requestBody = JSON.parse(body);
+              xhrMock.sendEncryptedCSTGResponse(
+                {
+                  clientPublicKey: base64ToBytes(requestBody.public_key),
+                  serverPrivateKey: serverKeyPair.privateKey,
+                },
+                { status: 'optout' }
+              );
+            });
+          });
+          test('UID2 should not be available', async () => {
+            await scenario.setIdentity(serverPublicKey);
+            (expect(uid2) as any).toBeInUnavailableState();
+          });
+
+          test('The callback should be called with no identity', (done) => {
+            uid2.callbacks.push((eventType, payload) => {
+              if (eventType === EventType.IdentityUpdated) {
+                expect(payload.identity).toBeNull();
+                done();
+              }
+            });
+            scenario.setIdentity(serverPublicKey);
+          });
+
+          test('The callback should be called with an optout event', (done) => {
+            uid2.callbacks.push((eventType, payload) => {
+              if (eventType === EventType.OptoutReceived) {
+                done();
+              }
+            });
+            scenario.setIdentity(serverPublicKey);
+          });
+        });
       });
     });
   });

src/sdkBase.ts

@@ -1,5 +1,5 @@
 import { version } from '../package.json';
-import { Uid2Identity } from './Uid2Identity';
+import { OptoutIdentity, Uid2Identity, isOptoutIdentity } from './Uid2Identity';
 import { IdentityStatus, notifyInitCallback } from './Uid2InitCallbacks';
 import { Uid2Options, isUID2OptionsOrThrow } from './Uid2Options';
 import { Logger, MakeLogger } from './sdk/logger';
@@ -56,7 +56,7 @@ export abstract class UID2SdkBase {
   // State
   private _product: ProductDetails;
   private _opts: Uid2Options = {};
-  private _identity: Uid2Identity | null | undefined;
+  private _identity: Uid2Identity | OptoutIdentity | null | undefined;
   private _initComplete = false;
 
   // Sets up nearly everything, but does not run SdkLoaded callbacks - derived classes must run them.
@@ -112,17 +112,23 @@ export abstract class UID2SdkBase {
     await this.callCstgAndSetIdentity({ emailHash: emailHash }, opts);
   }
 
-  public setIdentity(identity: Uid2Identity) {
+  public setIdentity(identity: Uid2Identity | OptoutIdentity) {
     if (this._apiClient) this._apiClient.abortActiveRequests();
     const validatedIdentity = this.validateAndSetIdentity(identity);
     if (validatedIdentity) {
-      this.triggerRefreshOrSetTimer(validatedIdentity);
+      if (isOptoutIdentity(validatedIdentity)) {
+        this._callbackManager.runCallbacks(EventType.OptoutReceived, {});
+      } else {
+        this.triggerRefreshOrSetTimer(validatedIdentity);
+      }
       this._callbackManager.runCallbacks(EventType.IdentityUpdated, {});
     }
   }
 
   public getIdentity(): Uid2Identity | null {
-    return this._identity && !this.temporarilyUnavailable() ? this._identity : null;
+    return this._identity && !this.temporarilyUnavailable() && !isOptoutIdentity(this._identity)
+      ? this._identity
+      : null;
   }
   // When the SDK has been initialized, this function should return the token
   // from the most recent refresh request, if there is a request, wait for the
@@ -144,6 +150,11 @@ export abstract class UID2SdkBase {
     return !(this.isLoggedIn() || this._apiClient?.hasActiveRequests());
   }
 
+  public hasOptedOut() {
+    if (!this._initComplete) return undefined;
+    return isOptoutIdentity(this._identity);
+  }
+
   public disconnect() {
     this.abort(`${this._product.name} SDK disconnected.`);
     // Note: This silently fails to clear the cookie if init hasn't been called and a cookieDomain is used!
@@ -196,9 +207,11 @@ export abstract class UID2SdkBase {
       identity = this._storageManager.loadIdentityWithFallback();
     }
     const validatedIdentity = this.validateAndSetIdentity(identity);
-    if (validatedIdentity) this.triggerRefreshOrSetTimer(validatedIdentity);
+    if (validatedIdentity && !isOptoutIdentity(validatedIdentity))
+      this.triggerRefreshOrSetTimer(validatedIdentity);
     this._initComplete = true;
     this._callbackManager?.runCallbacks(EventType.InitCompleted, {});
+    if (this.hasOptedOut()) this._callbackManager.runCallbacks(EventType.OptoutReceived, {});
   }
 
   private isLoggedIn() {
@@ -216,7 +229,7 @@ export abstract class UID2SdkBase {
     return false;
   }
 
-  private getIdentityStatus(identity: Uid2Identity | null):
+  private getIdentityStatus(identity: Uid2Identity | OptoutIdentity | null):
     | {
         valid: true;
         identity: Uid2Identity;
@@ -227,7 +240,7 @@ export abstract class UID2SdkBase {
         valid: false;
         errorMessage: string;
         status: IdentityStatus;
-        identity: null;
+        identity: OptoutIdentity | null;
       } {
     if (!identity) {
       return {
@@ -237,6 +250,14 @@ export abstract class UID2SdkBase {
         identity: null,
       };
     }
+    if (isOptoutIdentity(identity)) {
+      return {
+        valid: false,
+        errorMessage: 'User has opted out',
+        status: IdentityStatus.OPTOUT,
+        identity: identity,
+      };
+    }
     if (!identity.advertising_token) {
       return {
         valid: false,
@@ -285,21 +306,25 @@ export abstract class UID2SdkBase {
   }
 
   private validateAndSetIdentity(
-    identity: Uid2Identity | null,
+    identity: Uid2Identity | OptoutIdentity | null,
     status?: IdentityStatus,
     statusText?: string
-  ): Uid2Identity | null {
+  ): Uid2Identity | OptoutIdentity | null {
     if (!this._storageManager) throw new Error('Cannot set identity before calling init.');
     const validity = this.getIdentityStatus(identity);
     if (
+      validity.valid &&
       validity.identity &&
+      !isOptoutIdentity(this._identity) &&
       validity.identity?.advertising_token === this._identity?.advertising_token
     )
       return validity.identity;
 
     this._identity = validity.identity;
-    if (validity.identity) {
-      this._storageManager.setValue(validity.identity);
+    if (validity.valid && validity.identity) {
+      this._storageManager.setIdentity(validity.identity);
+    } else if (validity.status === IdentityStatus.OPTOUT || status === IdentityStatus.OPTOUT) {
+      this._storageManager.setOptout();
     } else {
       this.abort();
       this._storageManager.removeValues();
@@ -334,7 +359,8 @@ export abstract class UID2SdkBase {
       const validatedIdentity = this.validateAndSetIdentity(
         this._storageManager?.loadIdentity() ?? null
       );
-      if (validatedIdentity) this.triggerRefreshOrSetTimer(validatedIdentity);
+      if (validatedIdentity && !isOptoutIdentity(validatedIdentity))
+        this.triggerRefreshOrSetTimer(validatedIdentity);
       this._refreshTimerId = null;
     }, timeout);
   }
@@ -358,6 +384,7 @@ export abstract class UID2SdkBase {
               break;
             case 'optout':
               this.validateAndSetIdentity(null, IdentityStatus.OPTOUT, 'User opted out');
+              this._callbackManager.runCallbacks(EventType.OptoutReceived, {});
               break;
             case 'expired_token':
               this.validateAndSetIdentity(
@@ -387,8 +414,17 @@ export abstract class UID2SdkBase {
     opts: ClientSideIdentityOptions
   ) {
     const cstgResult = await this._apiClient!.callCstgApi(request, opts);
-
-    this.setIdentity(cstgResult.identity);
+    if (cstgResult.status == 'success') {
+      this.setIdentity(cstgResult.identity);
+    } else if (cstgResult.status === 'optout') {
+      this.validateAndSetIdentity(null, IdentityStatus.OPTOUT);
+      this._callbackManager.runCallbacks(EventType.OptoutReceived, {});
+      this._callbackManager.runCallbacks(EventType.IdentityUpdated, {});
+    } else {
+      const errorText = 'Unexpected status received from CSTG endpoint.';
+      this._logger.warn(errorText);
+      throw new Error(errorText);
+    }
   }
 
   protected throwIfInitNotComplete(message: string) {