bandshell 0.0.20 → 0.0.21

data/lib/bandshell/application/config.ru

@@ -1,2 +1,5 @@
+path= File.join(File.dirname(__FILE__), '..', '..')
+$LOAD_PATH.unshift(path)
+
 require './app.rb'
-run Sinatra::Application
+run ConcertoConfigServer

data/lib/bandshell/application/public/authenticate.js

@@ -0,0 +1,134 @@
+/* Concerto Authentication Javascript
+ * Handles authenticating the player browser to Concerto and sending it
+ * to the frontend.
+ *
+ * Basic workflow:
+ *  - If the screen does not yet have a valid token:
+ *     + displays the temporary token
+ *     + polls the local server until the local server has a permanent token
+ *     + continues to the next section:
+ *  - If the screen has a valid token:
+ *     + requests the relevant data from the local server
+ *     + performs a one-time authenticated request to concerto to get
+ *       an authentication cookie for the browser
+ *     + redirects to the frontend
+ */
+
+var checkIntHandle; // Handle for the polling event
+var verbose = false;
+
+window.arrify = function(args) {
+  return (args.length == 1) ? args[0] : Array.prototype.slice.call(args);
+}
+
+// usage: log('inside coolFunc',this,arguments);
+// http://paulirish.com/2009/log-a-lightweight-wrapper-for-consolelog/
+window.log = function(){
+  if(this.console) console.log( arrify(arguments) );
+};
+window.error = function(){
+  // we'll use warn for "errors" so we can clarify between
+  // logistical problems and actual JS errors.
+  if(this.console) console.warn( arrify(arguments) );
+};
+window.debug = function(){
+  if(this.console && verbose) console.debug( arrify(arguments));
+};
+
+function update_status(statstring) {
+    var stat=document.getElementById("status");
+    stat.innerHTML=statstring;
+}
+
+function check_token() {
+  // make a request to localhost to see if we are ready to redirect
+  var req = new XMLHttpRequest();
+  req.addEventListener("load", function() {
+    if (req.status != 200) {
+      update_status("Error! Something went wrong with Bandshell.");
+      error("Recieved an unexpected response from Bandshell, "+
+        "status = "+req.status+" ("+req.statusText+")");
+    } else {
+      update_status("");
+      try {
+        data = JSON.parse(this.responseText);
+      } catch (e) {
+        update_status("Error: Bad data from Bandshell.");
+        error("There was a problem with the JSON response from Bandshell:\n"+
+          "   "+e.toString()+"\n"+
+          "The text in question was:\n"+
+          "   "+this.responseText);
+        return;
+      }
+      if (data.accepted==1) {
+        update_status("Success!");
+        log("Temporary token accepted by the server.");
+        redirect_with_auth(data.url, data.user, data.pass);
+      } else {
+        update_status("");
+        debug("Token request declined.");
+      }
+    }
+  });
+  req.addEventListener("error", function() {
+    update_status("Error! Bandshell is not responding.");
+    error("Request to Bandshell failed. "+
+      "status = "+req.status+".");
+  });
+  req.open("GET", "authenticate.json", true);
+  req.send();
+}
+
+/* Basic theory of operation:
+ * We use a complicated CORs setup to login to the frontend with an XHR
+ * request. Normally frontend API requests should be stateless, but if
+ * we pass ?request_cookie the frontend will assign a cookie with the
+ * screen token, under Concerto's domain, to the client browser (important
+ * because redirecting with basic auth is flaky). Now when we redirect to
+ * the frontend, the cookie is used and the screen is authenticated.
+ */
+function redirect_with_auth(url,user,pass) {
+  log("Attempting pre-authorization for redirect to "+url+".");
+  var req = new XMLHttpRequest();
+  auth_url = url + "?request_cookie";
+  // Note: Firefox will prevent creating the request object for
+  // cross-site requests if user and pass are given to open
+  req.open("GET", auth_url, true);
+  req.setRequestHeader("Authorization", "Basic " + btoa(user+":"+pass))
+  req.withCredentials = true;
+  req.addEventListener("load", function() {
+    if (req.status == 200) {
+      log("Pre-authorization appears successful.");
+      log("Redirecting to "+url+".");
+      document.location=url;
+    } else {
+      update_status("Error authenticating. Please ensuring Concerto is "+
+        "running properly.");
+      error("Pre-authorization request resulted in status "+req.status+
+        " from Concerto.");
+    }
+  });
+  req.addEventListener("error", function() {
+    update_status("Concerto Server Inaccessible. Make sure it is up.");
+    error("Pre-authentication request to Concerto errored out.");
+  });
+  req.send();
+}
+
+window.onload = function () {
+  log("Authentication Script Initializing");
+  var nojs=document.getElementById("no-js");
+  nojs.parentNode.removeChild(nojs);
+
+  // perform the first request ASAP
+  update_status("");
+  check_token();
+
+  // schedule polling in such a way that the user can see what's going on
+  checkIntHandle = window.setInterval(function(){ 
+    update_status("Updating...");
+    setTimeout(function() {
+      check_token()
+    },500);
+  }, 5000);
+}

data/lib/bandshell/application/public/network.js

@@ -1,27 +1,27 @@
 function show_hide(id_to_show, where) {
-    $(where).each(function(k, el) {
-        if ($(el).attr('id') == id_to_show) {
-            $(el).show( );
-        } else {
-            $(el).hide( );
-        }
-    });
+  $(where).each(function(k, el) {
+    if ($(el).attr('id') == id_to_show) {
+      $(el).show( );
+    } else {
+      $(el).hide( );
+    }
+  });
 }
 
 function update_connection_type_fields() {
-    var id_to_show = $("#connection_type").val();
-    show_hide(id_to_show, "#connection div");
+  var id_to_show = $("#connection_type").val();
+  show_hide(id_to_show, "#connection div");
 }
 
 function update_address_type_fields() {
-    var id_to_show = $("#addressing_type").val();
-    show_hide(id_to_show, "#address div");
+  var id_to_show = $("#addressing_type").val();
+  show_hide(id_to_show, "#address div");
 }
 
 $(function() {
-    update_connection_type_fields( );
-    update_address_type_fields( );
+  update_connection_type_fields( );
+  update_address_type_fields( );
 
-    $("#connection_type").change(update_connection_type_fields);
-    $("#addressing_type").change(update_address_type_fields);
+  $("#connection_type").change(update_connection_type_fields);
+  $("#addressing_type").change(update_address_type_fields);
 });

data/lib/bandshell/application/public/problem.js

@@ -1,7 +1,7 @@
 function redirect() {
-    window.location = '/screen';
+  window.location = '/screen';
 }
 
 $(function() {
-    setTimeout(redirect, 5000);
+  setTimeout(redirect, 5000);
 })

data/lib/bandshell/application/views/authenticate.haml

@@ -0,0 +1,15 @@
+%script{:src=>"authenticate.js"}
+
+%h1 Concerto Player Authentication
+
+#no-js
+  It looks like Javascript is disabled. The Concerto Display will not work.
+
+- unless @display_temp_token.nil?
+  #instructions
+    Please enter the following token when setting up the screen in the 
+    Concerto Panel:
+    = @display_temp_token
+
+#status
+  Waiting for first update...

data/lib/bandshell/application/views/main.haml

@@ -1,4 +1,4 @@
-%htmlt
+%html
     %head
         %title="Concerto Player Network Configuration"
         %script{:src=>"https://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.js"}

data/lib/bandshell/application/views/player_status.haml

@@ -1,8 +1,11 @@
-System Uptime: #{Uptime.uptime}
+%p System Uptime: #{Uptime.uptime}
 
-System Processes:
-%br/
-- for p in @proctable
-  %b= p.comm
-  (PID #{p.pid.to_s})
-  %br/
+%p System Processes:
+%ul
+  - for p in @proctable
+    %li
+      %b= p.comm
+      (PID #{p.pid.to_s})
+
+%p Screen on/off rules:
+%pre= JSON.pretty_generate(@on_off_rules)

data/lib/bandshell/application/views/setup.haml

@@ -3,17 +3,22 @@
 	You're seeing this because your Concerto player has not yet been configured.
 	We need the URL of your Concerto instance before we can get up and running.
 
+- unless @errors.nil?
+	- @errors.each do |error|
+		%p{:style=>'color:red'}= error
+		
+
 %form{:method=>'post'}
 	%p
 		%label{:for=>'url'} URL
-		%input{:type=>'text', :name=>'url'}
+		%input{:type=>'text', :name=>'url', :value=>@url}
 		%input{:type=>'submit', :value=>'Here it is!'}
 
 %p
 	The IPv4 address of this screen appears to be:
 	=my_ip
 %p
-	==This page can be accessed remotely via http://#{my_ip}/setup
+	==This page can be accessed remotely via http://#{my_ip}:#{my_port}/setup
 %p
 	Username is root, default password is 'default'.
 %p 

data/lib/bandshell/config_store.rb

@@ -4,45 +4,45 @@ require 'fileutils'
 # A key/value store for strings.
 # Right now implemented as disk files.
 module Bandshell
-	module ConfigStore
-		@@path = nil
+  module ConfigStore
+    @@path = nil
 
-		def self.read_config(name, default='')
-			initialize_path if not @@path			
-			file = File.join(@@path, name)
-			rofile = File.join(@@ropath, name)
+    def self.read_config(name, default='')
+      initialize_path if not @@path      
+      file = File.join(@@path, name)
+      rofile = File.join(@@ropath, name)
 
-			# Check the read/write config location first. If nothing there,
-			# check the read-only location. If nothing is there, return default.
-			# This way writes can be made at runtime on read-only media while
-			# still allowing some settings to be "baked into" the media.
-			if File.exist?(file)
-				IO.read(file)
-			elsif File.exist?(rofile)
-				IO.read(rofile)
-			else
-				default
-			end
-		end
+      # Check the read/write config location first. If nothing there,
+      # check the read-only location. If nothing is there, return default.
+      # This way writes can be made at runtime on read-only media while
+      # still allowing some settings to be "baked into" the media.
+      if File.exist?(file)
+        IO.read(file)
+      elsif File.exist?(rofile)
+        IO.read(rofile)
+      else
+        default
+      end
+    end
 
-		# Write a config to the read/write configuration location.
-		def self.write_config(name, value)
-			initialize_path if not @@path
-			file = File.join(@@path, name)
+    # Write a config to the read/write configuration location.
+    def self.write_config(name, value)
+      initialize_path if not @@path
+      file = File.join(@@path, name)
 
-			File.open(file, 'w') do |f|
-				f.write value
-			end
-		end
+      File.open(file, 'w') do |f|
+        f.write value
+      end
+    end
 
-		def self.initialize_path
-			@@ropath = File.join(LiveImage.mountpoint, 'concerto', 'config')
-			if LiveImage.readonly?
-				@@path = '/tmp/concerto/config'
-			else
-				@@path = @@ropath
-			end
-			FileUtils.mkdir_p @@path
-		end
-	end
+    def self.initialize_path
+      @@ropath = File.join(LiveImage.mountpoint, 'concerto', 'config')
+      if LiveImage.readonly?
+        @@path = '/tmp/concerto/config'
+      else
+        @@path = @@ropath
+      end
+      FileUtils.mkdir_p @@path
+    end
+  end
 end

data/lib/bandshell/hardware_api.rb

@@ -0,0 +1,180 @@
+require 'bandshell/config_store'
+require 'net/http'
+require 'json'
+
+module Bandshell
+  module HardwareApi
+    class << self
+    def temp_token
+      Bandshell::ConfigStore.read_config('auth_temp_token')
+    end
+
+    def auth_token
+      Bandshell::ConfigStore.read_config('auth_token')
+    end
+
+    def concerto_url
+      Bandshell::ConfigStore.read_config('concerto_url', '')
+    end
+
+    def frontend_uri
+      URI::join(concerto_url,'frontend')
+    end
+
+    def frontend_api_uri
+      URI::join(concerto_url,'frontend.json')
+    end
+    
+    def have_temp_token?
+      !temp_token.empty?
+    end
+
+    def have_auth_token?
+      !auth_token.empty?
+    end
+
+    attr_reader :screen_id, :screen_url
+
+    def attempt_to_get_screen_data!
+      unless have_temp_token? or have_auth_token?
+        request_temp_token!
+      end
+
+      unless have_auth_token?
+        check_temp_token!
+      end
+
+      if have_auth_token?
+        status = fetch_screen_data
+        if status == :stat_badauth
+          ConfigStore.write_config('auth_token','')
+          request_temp_token!
+        end
+      else
+        status = :stat_err
+      end
+      status
+    end
+
+    private
+
+    def clear_screen_data
+      @status = nil
+      @screen_url = nil
+      @screen_id =nil
+    end
+      
+    # Get array of data about the screen from the server
+    # This can only succeed once we have obtained a valid auth token.
+    def fetch_screen_data
+      return nil if auth_token.empty?
+
+      response = get_with_auth(frontend_api_uri, 'screen', auth_token)
+      if response.nil?
+        clear_screen_data
+        return :stat_serverr
+      end
+        
+      if response.code != "200"
+        clear_screen_data
+        return :stat_serverr
+      end
+      
+      begin
+        data = JSON.parse(response.body)
+        if data.has_key? 'screen_id'
+          @screend_id = data['screen_id']
+          @screen_url = data['frontend_url']
+          return :stat_success
+        else
+          clear_screen_data
+          return :stat_badauth
+        end
+      rescue
+        clear_screen_data
+        return :stat_serverr
+      end
+    end
+
+
+    def get_with_auth(uri, user, pass)
+      begin
+        req = Net::HTTP::Get.new(uri.to_s)
+        req.basic_auth user, pass
+        res = Net::HTTP.start(uri.hostname, uri.port) { |http|
+          http.request(req)
+        }
+      rescue Errno::ECONNREFUSED
+        res = nil
+      end
+      res
+    end
+
+    def request_temp_token!
+      response = Net::HTTP.get_response(frontend_api_uri)
+      if response.code != "200"
+        return false
+      end
+
+      data=JSON.parse(response.body)
+      if data.has_key? 'screen_temp_token'
+        ConfigStore.write_config('auth_temp_token',data['screen_temp_token'])
+        return true
+      end
+      return false
+    end
+
+    def check_temp_token!
+      return false if temp_token.empty?
+
+      query = URI.join(frontend_api_uri,"?screen_temp_token="+temp_token)
+      response = Net::HTTP.get_response(query)
+      if response.code != "200"
+        return false
+      end
+
+      data=JSON.parse(response.body)
+      if data.has_key? 'screen_auth_token'
+        ConfigStore.write_config('auth_token',data['screen_auth_token'])
+        ConfigStore.write_config('auth_temp_token','')
+        return true
+      end
+      return false
+    end
+
+    public
+
+    # Fetch player settings from concerto-hardware
+    # TODO: clean up errors/ return values
+    def get_player_info
+      return nil if auth_token.empty?
+
+      # Try to do this in one GET.
+      player_info_uri = URI::join(concerto_url,'hardware/',
+                                 'players/','current.json')
+
+      response = get_with_auth(player_info_uri, 'screen', auth_token)
+      if response.nil?
+        return :stat_serverr
+      end
+        
+      if response.code != "200"
+        return :stat_serverr
+      end
+      
+      begin
+        data = JSON.parse(response.body)
+        if data.has_key? 'screen_on_off'
+          # We actually got some data
+          return data
+        else
+          return :stat_badauth
+        end
+      rescue
+        return :stat_serverr
+      end
+    end
+
+    end # class << self
+  end # module HardwareApi
+end # module Bandshell