@dynamicu/chromedebug-mcp 2.2.0

package/src/firebase-license-manager.js

@@ -0,0 +1,462 @@
+/**
+ * Firebase License Manager
+ *
+ * Handles license validation and management with Firebase
+ *
+ * Features:
+ * - Server-side license validation via Cloud Functions
+ * - Offline caching (24 hour default)
+ * - Grace period (7 days default)
+ * - Privacy guard integration (NO recording data to Firebase)
+ * - Instance tracking for anti-sharing
+ */
+
+import admin from 'firebase-admin';
+import { FirebasePrivacyGuard } from './firebase-privacy-guard.js';
+import crypto from 'crypto';
+import fs from 'fs';
+import path from 'path';
+import { fileURLToPath } from 'url';
+
+const __filename = fileURLToPath(import.meta.url);
+const __dirname = path.dirname(__filename);
+
+/**
+ * License cache for offline operation
+ */
+class LicenseCache {
+  constructor(cacheDurationHours = 24) {
+    this.cachePath = path.join(__dirname, '../data/license-cache.json');
+    this.cacheDurationMs = cacheDurationHours * 60 * 60 * 1000;
+    this.cache = this.loadCache();
+  }
+
+  loadCache() {
+    try {
+      if (fs.existsSync(this.cachePath)) {
+        const data = fs.readFileSync(this.cachePath, 'utf8');
+        return JSON.parse(data);
+      }
+    } catch (error) {
+      console.error('Error loading license cache:', error);
+    }
+    return {};
+  }
+
+  saveCache() {
+    try {
+      const dir = path.dirname(this.cachePath);
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+      }
+      fs.writeFileSync(this.cachePath, JSON.stringify(this.cache, null, 2));
+    } catch (error) {
+      console.error('Error saving license cache:', error);
+    }
+  }
+
+  get(licenseKey) {
+    const entry = this.cache[licenseKey];
+    if (!entry) return null;
+
+    const age = Date.now() - entry.timestamp;
+    if (age > this.cacheDurationMs) {
+      // Cache expired
+      delete this.cache[licenseKey];
+      this.saveCache();
+      return null;
+    }
+
+    return entry.data;
+  }
+
+  set(licenseKey, data) {
+    this.cache[licenseKey] = {
+      data,
+      timestamp: Date.now()
+    };
+    this.saveCache();
+  }
+
+  clear() {
+    this.cache = {};
+    this.saveCache();
+  }
+
+  isExpired(licenseKey) {
+    const entry = this.cache[licenseKey];
+    if (!entry) return true;
+
+    const age = Date.now() - entry.timestamp;
+    return age > this.cacheDurationMs;
+  }
+}
+
+/**
+ * Firebase License Manager
+ */
+export class FirebaseLicenseManager {
+  constructor(config = {}) {
+    // Initialize Firebase Admin if not already initialized
+    if (!admin.apps.length) {
+      const firebaseConfig = {
+        projectId: process.env.FIREBASE_PROJECT_ID,
+        credential: admin.credential.cert({
+          projectId: process.env.FIREBASE_PROJECT_ID,
+          privateKey: process.env.FIREBASE_PRIVATE_KEY?.replace(/\\n/g, '\n'),
+          clientEmail: process.env.FIREBASE_CLIENT_EMAIL
+        })
+      };
+
+      admin.initializeApp(firebaseConfig);
+    }
+
+    this.db = admin.firestore();
+    this.cache = new LicenseCache(config.cacheDurationHours || 24);
+    this.gracePeriodDays = config.gracePeriodDays || 7;
+    this.instanceId = this.getOrCreateInstanceId();
+
+    // Cloud Functions base URL
+    this.functionsUrl = process.env.FIREBASE_FUNCTIONS_URL ||
+      `https://us-central1-${process.env.FIREBASE_PROJECT_ID}.cloudfunctions.net`;
+  }
+
+  /**
+   * Get or create unique instance ID for this installation
+   */
+  getOrCreateInstanceId() {
+    const instancePath = path.join(__dirname, '../data/instance-id.txt');
+
+    try {
+      if (fs.existsSync(instancePath)) {
+        return fs.readFileSync(instancePath, 'utf8').trim();
+      }
+    } catch (error) {
+      console.error('Error reading instance ID:', error);
+    }
+
+    // Create new instance ID
+    const instanceId = `inst_${crypto.randomBytes(16).toString('hex')}`;
+
+    try {
+      const dir = path.dirname(instancePath);
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+      }
+      fs.writeFileSync(instancePath, instanceId);
+    } catch (error) {
+      console.error('Error saving instance ID:', error);
+    }
+
+    return instanceId;
+  }
+
+  /**
+   * Validate license key
+   *
+   * @param {string} licenseKey - License key to validate
+   * @param {boolean} forceRefresh - Force refresh from server
+   * @returns {Promise<Object>} Validation result
+   */
+  async validateLicense(licenseKey, forceRefresh = false) {
+    // Sanitize input to prevent any data leakage
+    const sanitizedInput = FirebasePrivacyGuard.sanitize({
+      licenseKey,
+      instanceId: this.instanceId
+    }, 'validateLicense');
+
+    // Check cache first (unless forced refresh)
+    if (!forceRefresh) {
+      const cached = this.cache.get(licenseKey);
+      if (cached) {
+        console.log('[License] Using cached validation result');
+        return {
+          ...cached,
+          fromCache: true
+        };
+      }
+    }
+
+    try {
+      // Call Cloud Function for server-side validation
+      const response = await fetch(`${this.functionsUrl}/validateLicense`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({
+          licenseKey: sanitizedInput.licenseKey,
+          instanceId: sanitizedInput.instanceId,
+          platform: process.platform,
+          deviceName: require('os').hostname()
+        })
+      });
+
+      const result = await response.json();
+
+      // Sanitize response before storing
+      const sanitizedResult = FirebasePrivacyGuard.sanitize(result, 'validateLicenseResponse');
+
+      if (result.valid) {
+        // Cache valid result
+        this.cache.set(licenseKey, sanitizedResult);
+      }
+
+      return {
+        ...sanitizedResult,
+        fromCache: false
+      };
+    } catch (error) {
+      console.error('[License] Validation error:', error);
+
+      // Check if we have a cached result (even if expired)
+      const cached = this.cache.get(licenseKey);
+      if (cached) {
+        // Check grace period
+        const cacheAge = Date.now() - (this.cache.cache[licenseKey]?.timestamp || 0);
+        const gracePeriodMs = this.gracePeriodDays * 24 * 60 * 60 * 1000;
+
+        if (cacheAge <= gracePeriodMs) {
+          console.log('[License] Using grace period validation');
+          return {
+            ...cached,
+            fromCache: true,
+            gracePeriod: true,
+            gracePeriodEndsAt: new Date(
+              (this.cache.cache[licenseKey]?.timestamp || 0) + gracePeriodMs
+            ).toISOString()
+          };
+        }
+      }
+
+      return {
+        valid: false,
+        error: 'License validation failed and no cached result available',
+        networkError: true
+      };
+    }
+  }
+
+  /**
+   * Check usage limit for user
+   *
+   * @param {string} userId - User ID
+   * @returns {Promise<Object>} Usage status
+   */
+  async checkUsageLimit(userId) {
+    // Sanitize input
+    const sanitizedInput = FirebasePrivacyGuard.sanitize({ userId }, 'checkUsageLimit');
+
+    try {
+      const response = await fetch(`${this.functionsUrl}/checkUsageLimit`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify(sanitizedInput)
+      });
+
+      const result = await response.json();
+      return FirebasePrivacyGuard.sanitize(result, 'checkUsageLimitResponse');
+    } catch (error) {
+      console.error('[License] Usage check error:', error);
+      return {
+        withinLimit: false,
+        error: 'Usage check failed',
+        networkError: true
+      };
+    }
+  }
+
+  /**
+   * Increment usage counter
+   *
+   * @param {string} userId - User ID
+   * @param {number} count - Count to increment
+   * @returns {Promise<Object>} Result
+   */
+  async incrementUsage(userId, count = 1) {
+    // Sanitize input
+    const sanitizedInput = FirebasePrivacyGuard.sanitize({
+      userId,
+      count
+    }, 'incrementUsage');
+
+    try {
+      const response = await fetch(`${this.functionsUrl}/incrementUsage`, {
+        method: 'POST',
+        headers: {
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify(sanitizedInput)
+      });
+
+      const result = await response.json();
+      return FirebasePrivacyGuard.sanitize(result, 'incrementUsageResponse');
+    } catch (error) {
+      console.error('[License] Usage increment error:', error);
+      return {
+        success: false,
+        error: 'Usage increment failed',
+        networkError: true
+      };
+    }
+  }
+
+  /**
+   * Get user license information
+   *
+   * @param {string} userId - User ID
+   * @returns {Promise<Object>} License info
+   */
+  async getUserLicense(userId) {
+    // Sanitize input
+    const sanitizedUserId = FirebasePrivacyGuard.sanitize({ userId }, 'getUserLicense').userId;
+
+    try {
+      const licenseQuery = await this.db
+        .collection('licenses')
+        .where('userId', '==', sanitizedUserId)
+        .where('status', '==', 'active')
+        .limit(1)
+        .get();
+
+      if (licenseQuery.empty) {
+        return { error: 'No active license found' };
+      }
+
+      const licenseDoc = licenseQuery.docs[0];
+      const licenseData = licenseDoc.data();
+
+      // Sanitize response
+      return FirebasePrivacyGuard.sanitize({
+        id: licenseDoc.id,
+        ...licenseData
+      }, 'getUserLicenseResponse');
+    } catch (error) {
+      console.error('[License] Get user license error:', error);
+      return {
+        error: 'Failed to retrieve license',
+        networkError: true
+      };
+    }
+  }
+
+  /**
+   * List user's active instances
+   *
+   * @param {string} licenseKey - License key
+   * @returns {Promise<Array>} Active instances
+   */
+  async listInstances(licenseKey) {
+    // Sanitize input
+    const sanitizedKey = FirebasePrivacyGuard.sanitize({ licenseKey }, 'listInstances').licenseKey;
+
+    try {
+      const instancesQuery = await this.db
+        .collection('instances')
+        .where('licenseKey', '==', sanitizedKey)
+        .where('active', '==', true)
+        .get();
+
+      const instances = instancesQuery.docs.map(doc => {
+        const data = doc.data();
+        return FirebasePrivacyGuard.sanitize({
+          id: doc.id,
+          ...data,
+          createdAt: data.createdAt?.toDate().toISOString(),
+          lastSeen: data.lastSeen?.toDate().toISOString()
+        }, 'listInstancesResponse');
+      });
+
+      return instances;
+    } catch (error) {
+      console.error('[License] List instances error:', error);
+      return [];
+    }
+  }
+
+  /**
+   * Deactivate an instance
+   *
+   * @param {string} instanceId - Instance ID to deactivate
+   * @returns {Promise<Object>} Result
+   */
+  async deactivateInstance(instanceId) {
+    // Sanitize input
+    const sanitizedId = FirebasePrivacyGuard.sanitize({ instanceId }, 'deactivateInstance').instanceId;
+
+    try {
+      await this.db.collection('instances').doc(sanitizedId).update({
+        active: false,
+        deactivatedAt: admin.firestore.FieldValue.serverTimestamp()
+      });
+
+      return { success: true };
+    } catch (error) {
+      console.error('[License] Deactivate instance error:', error);
+      return {
+        success: false,
+        error: 'Failed to deactivate instance'
+      };
+    }
+  }
+
+  /**
+   * Clear license cache
+   */
+  clearCache() {
+    this.cache.clear();
+  }
+
+  /**
+   * Get cache status
+   */
+  getCacheStatus() {
+    return {
+      cacheSize: Object.keys(this.cache.cache).length,
+      instanceId: this.instanceId,
+      gracePeriodDays: this.gracePeriodDays
+    };
+  }
+
+  /**
+   * Privacy check - ensure NO recording data can be sent
+   *
+   * This method validates that any data being sent to Firebase
+   * is free of recording/sensitive data
+   */
+  static validateDataPrivacy(data, context = 'unknown') {
+    return FirebasePrivacyGuard.assertSafe(data, context);
+  }
+}
+
+// Export singleton instance
+let licenseManagerInstance = null;
+
+export function getLicenseManager(config = {}) {
+  // Check if Firebase is configured
+  if (!process.env.FIREBASE_PROJECT_ID) {
+    console.warn('[License] Firebase not configured - licensing disabled');
+    console.warn('[License] Set FIREBASE_PROJECT_ID to enable licensing');
+
+    // Return stub that allows all operations (development mode)
+    return {
+      isConfigured: false,
+      validateLicense: async () => ({ valid: true, tier: 'dev', dev: true }),
+      checkUsageLimit: async () => ({ allowed: true, unlimited: true, dev: true }),
+      incrementUsage: async () => ({ success: true, dev: true }),
+      activateLicense: async () => ({ success: true, dev: true }),
+      deactivateLicense: async () => ({ success: true, dev: true }),
+      deactivateInstance: async () => ({ success: true, dev: true }),
+      clearCache: () => {},
+      getCacheStatus: () => ({ dev: true, licensing: 'disabled' }),
+      validateDataPrivacy: () => true
+    };
+  }
+
+  if (!licenseManagerInstance) {
+    licenseManagerInstance = new FirebaseLicenseManager(config);
+  }
+  return licenseManagerInstance;
+}