Add wallet_revokePermissions RPC method (#1889)

## Explanation

Adds a `wallet_revokePermissions` RPC method that can be used to revoke
permissions that a subject has been granted in the PermissionController.
This initial version does not support revoking caveats and will revoke
the entire requested permission key.

## References

<!--
Are there any issues that this pull request is tied to? Are there other
links that reviewers should consult to understand these changes better?

For example:

* Fixes #12345
* Related to #67890
-->

## Changelog

<!--
If you're making any consumer-facing changes, list those changes here as
if you were updating a changelog, using the template below as a guide.

(CATEGORY is one of BREAKING, ADDED, CHANGED, DEPRECATED, REMOVED, or
FIXED. For security-related issues, follow the Security Advisory
process.)

Please take care to name the exact pieces of the API you've added or
changed (e.g. types, interfaces, functions, or methods).

If there are any breaking changes, make sure to offer a solution for
consumers to follow once they upgrade to the changes.

Finally, if you're only making changes to development scripts or tests,
you may replace the template below with "None".
-->

### `@metamask/permission-controller`

- **Added**: Added `wallet_revokePermissions` RPC method

## Checklist

- [x] I've updated the test suite for new or updated code as appropriate
- [x] I've updated documentation (JSDoc, Markdown, etc.) for new or
updated code as appropriate
- [x] I've highlighted breaking changes using the "BREAKING" category
above as appropriate

---------

Co-authored-by: Shane <[email protected]>
Co-authored-by: Alex Donesky <[email protected]>

Author: 3 people

packages/permission-controller/src/rpc-methods/index.ts

@@ -2,11 +2,15 @@ import type { GetPermissionsHooks } from './getPermissions';
 import { getPermissionsHandler } from './getPermissions';
 import type { RequestPermissionsHooks } from './requestPermissions';
 import { requestPermissionsHandler } from './requestPermissions';
+import type { RevokePermissionsHooks } from './revokePermissions';
+import { revokePermissionsHandler } from './revokePermissions';
 
 export type PermittedRpcMethodHooks = RequestPermissionsHooks &
-  GetPermissionsHooks;
+  GetPermissionsHooks &
+  RevokePermissionsHooks;
 
 export const handlers = [
   requestPermissionsHandler,
   getPermissionsHandler,
+  revokePermissionsHandler,
 ] as const;

packages/permission-controller/src/rpc-methods/revokePermissions.test.ts

@@ -0,0 +1,170 @@
+import { JsonRpcEngine } from '@metamask/json-rpc-engine';
+import { rpcErrors } from '@metamask/rpc-errors';
+
+import { revokePermissionsHandler } from './revokePermissions';
+
+describe('revokePermissionsHandler', () => {
+  it('has the expected shape', () => {
+    expect(revokePermissionsHandler).toStrictEqual({
+      methodNames: ['wallet_revokePermissions'],
+      implementation: expect.any(Function),
+      hookNames: {
+        revokePermissionsForOrigin: true,
+      },
+    });
+  });
+});
+
+describe('revokePermissions RPC method', () => {
+  it('revokes permissions using revokePermissionsForOrigin', async () => {
+    const { implementation } = revokePermissionsHandler;
+    const mockRevokePermissionsForOrigin = jest.fn();
+
+    const engine = new JsonRpcEngine();
+    engine.push((req, res, next, end) =>
+      implementation(req as any, res as any, next, end, {
+        revokePermissionsForOrigin: mockRevokePermissionsForOrigin,
+      }),
+    );
+
+    const response: any = await engine.handle({
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'wallet_revokePermissions',
+      params: [
+        {
+          snap_dialog: {},
+        },
+      ],
+    });
+
+    expect(response.result).toBeNull();
+    expect(mockRevokePermissionsForOrigin).toHaveBeenCalledTimes(1);
+    expect(mockRevokePermissionsForOrigin).toHaveBeenCalledWith([
+      'snap_dialog',
+    ]);
+  });
+
+  it('returns an error if the request params is a plain object', async () => {
+    const { implementation } = revokePermissionsHandler;
+    const mockRevokePermissionsForOrigin = jest.fn();
+
+    const engine = new JsonRpcEngine();
+    engine.push((req, res, next, end) =>
+      implementation(req as any, res as any, next, end, {
+        revokePermissionsForOrigin: mockRevokePermissionsForOrigin,
+      }),
+    );
+
+    const req = {
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'wallet_revokePermissions',
+      params: {},
+    };
+
+    const expectedError = rpcErrors
+      .invalidParams({
+        data: { request: { ...req } },
+      })
+      .serialize();
+    delete expectedError.stack;
+
+    const response: any = await engine.handle(req as any);
+    delete response.error.stack;
+    expect(response.error).toStrictEqual(expectedError);
+    expect(mockRevokePermissionsForOrigin).not.toHaveBeenCalled();
+  });
+
+  it('returns an error if the permissionKeys is a plain object', async () => {
+    const { implementation } = revokePermissionsHandler;
+    const mockRevokePermissionsForOrigin = jest.fn();
+
+    const engine = new JsonRpcEngine();
+    engine.push((req, res, next, end) =>
+      implementation(req as any, res as any, next, end, {
+        revokePermissionsForOrigin: mockRevokePermissionsForOrigin,
+      }),
+    );
+
+    const req = {
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'wallet_revokePermissions',
+      params: [{}],
+    };
+
+    const expectedError = rpcErrors
+      .invalidParams({
+        data: { request: { ...req } },
+      })
+      .serialize();
+    delete expectedError.stack;
+
+    const response: any = await engine.handle(req as any);
+    delete response.error.stack;
+    expect(response.error).toStrictEqual(expectedError);
+    expect(mockRevokePermissionsForOrigin).not.toHaveBeenCalled();
+  });
+
+  it('returns an error if the params are not set', async () => {
+    const { implementation } = revokePermissionsHandler;
+    const mockRevokePermissionsForOrigin = jest.fn();
+
+    const engine = new JsonRpcEngine();
+    engine.push((req, res, next, end) =>
+      implementation(req as any, res as any, next, end, {
+        revokePermissionsForOrigin: mockRevokePermissionsForOrigin,
+      }),
+    );
+
+    const req = {
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'wallet_revokePermissions',
+    };
+
+    const expectedError = rpcErrors
+      .invalidParams({
+        data: { request: { ...req } },
+      })
+      .serialize();
+    delete expectedError.stack;
+
+    const response: any = await engine.handle(req as any);
+    delete response.error.stack;
+    expect(response.error).toStrictEqual(expectedError);
+    expect(mockRevokePermissionsForOrigin).not.toHaveBeenCalled();
+  });
+
+  it('returns an error if the request params is an empty array', async () => {
+    const { implementation } = revokePermissionsHandler;
+    const mockRevokePermissionsForOrigin = jest.fn();
+
+    const engine = new JsonRpcEngine();
+    engine.push((req, res, next, end) =>
+      implementation(req as any, res as any, next, end, {
+        revokePermissionsForOrigin: mockRevokePermissionsForOrigin,
+      }),
+    );
+
+    const req = {
+      jsonrpc: '2.0',
+      id: 1,
+      method: 'wallet_revokePermissions',
+      params: [],
+    };
+
+    const expectedError = rpcErrors
+      .invalidParams({
+        data: { request: { ...req } },
+      })
+      .serialize();
+    delete expectedError.stack;
+
+    const response: any = await engine.handle(req as any);
+    delete response.error.stack;
+    expect(response.error).toStrictEqual(expectedError);
+    expect(mockRevokePermissionsForOrigin).not.toHaveBeenCalled();
+  });
+});

packages/permission-controller/src/rpc-methods/revokePermissions.ts

@@ -0,0 +1,79 @@
+import type { JsonRpcEngineEndCallback } from '@metamask/json-rpc-engine';
+import {
+  isNonEmptyArray,
+  type Json,
+  type JsonRpcRequest,
+  type NonEmptyArray,
+  type PendingJsonRpcResponse,
+} from '@metamask/utils';
+
+import { invalidParams } from '../errors';
+import type { PermissionConstraint } from '../Permission';
+import type { PermittedHandlerExport } from '../utils';
+import { MethodNames } from '../utils';
+
+export const revokePermissionsHandler: PermittedHandlerExport<
+  RevokePermissionsHooks,
+  RevokePermissionArgs,
+  null
+> = {
+  methodNames: [MethodNames.revokePermissions],
+  implementation: revokePermissionsImplementation,
+  hookNames: {
+    revokePermissionsForOrigin: true,
+  },
+};
+
+type RevokePermissionArgs = Record<
+  PermissionConstraint['parentCapability'],
+  Json
+>;
+
+type RevokePermissions = (
+  permissions: NonEmptyArray<PermissionConstraint['parentCapability']>,
+) => void;
+
+export type RevokePermissionsHooks = {
+  revokePermissionsForOrigin: RevokePermissions;
+};
+
+/**
+ * Revoke Permissions implementation to be used in JsonRpcEngine middleware.
+ *
+ * @param req - The JsonRpcEngine request
+ * @param res - The JsonRpcEngine result object
+ * @param _next - JsonRpcEngine next() callback - unused
+ * @param end - JsonRpcEngine end() callback
+ * @param options - Method hooks passed to the method implementation
+ * @param options.revokePermissionsForOrigin - A hook that revokes given permission keys for an origin
+ * @returns A promise that resolves to nothing
+ */
+async function revokePermissionsImplementation(
+  req: JsonRpcRequest<RevokePermissionArgs>,
+  res: PendingJsonRpcResponse<null>,
+  _next: unknown,
+  end: JsonRpcEngineEndCallback,
+  { revokePermissionsForOrigin }: RevokePermissionsHooks,
+): Promise<void> {
+  const { params } = req;
+
+  const param = params?.[0];
+
+  if (!param) {
+    return end(invalidParams({ data: { request: req } }));
+  }
+
+  // For now, this API revokes the entire permission key
+  // even if caveats are specified.
+  const permissionKeys = Object.keys(param);
+
+  if (!isNonEmptyArray(permissionKeys)) {
+    return end(invalidParams({ data: { request: req } }));
+  }
+
+  revokePermissionsForOrigin(permissionKeys);
+
+  res.result = null;
+
+  return end();
+}

packages/permission-controller/src/utils.ts

@@ -21,6 +21,7 @@ import type {
 export enum MethodNames {
   requestPermissions = 'wallet_requestPermissions',
   getPermissions = 'wallet_getPermissions',
+  revokePermissions = 'wallet_revokePermissions',
 }
 
 /**