@live-change/peer-connection-service 0.2.28

package/definition.js

@@ -0,0 +1,11 @@
+const App = require("@live-change/framework")
+const app = App.app()
+
+const relationsPlugin = require('@live-change/relations-plugin')
+
+const definition = app.createServiceDefinition({
+  name: "peerConnection",
+  use: [ relationsPlugin ]
+})
+
+module.exports = definition

package/experiments/turnAuth.js

@@ -0,0 +1,35 @@
+const crypto = require("crypto")
+
+const config = {
+  TURN_URLS: 'turn:turn1.xaos.ninja:4433',//;turn:turn2.xaos.ninja:4433',
+  TURN_SECRET: 'c1e3705c2'
+}
+
+const urls = config.TURN_URLS
+const secret = config.TURN_SECRET
+
+function randomHexString(size) {
+  return new Promise((resolve, reject) => {
+    crypto.randomBytes(size / 2, function(err, res) {
+      if (err) return reject(err)
+      resolve(res.toString('hex'))
+    })
+  })
+}
+async function genTurnAuth() {
+    const expire = (Date.now() / 1000 + 1 * 60 * 60) | 0 // 1 hour
+    const username = await randomHexString(10)
+    const rusername = expire + ':' + username
+    const password = crypto
+    .createHmac('sha1', secret)
+    .update(rusername)
+    .digest('base64')
+  /// TODO: select nearest servers by geoip
+  console.dir({
+    urls,
+    username: rusername,
+    credential: password
+  })
+}
+
+genTurnAuth()

package/index.js

@@ -0,0 +1,9 @@
+const App = require("@live-change/framework")
+const app = App.app()
+
+const definition = require('./definition.js')
+
+require('./turn.js')
+require('./peer.js')
+
+module.exports = definition

package/message.js

@@ -0,0 +1,158 @@
+const Peer = require('./peer.js')
+
+const messageFields = {
+  to: {
+    type: Peer
+  },
+  from: {
+    type: Peer
+  },
+  type: {
+    type: String
+  },
+  data: {
+    type: Object
+  }
+}
+
+const Message = definition.model({
+  name: "Message",
+  properties: {
+    timestamp: {
+      type: Date,
+      validation: ['nonEmpty']
+    },
+    ...messageFields
+  },
+  indexes: {
+    /*byToTimestamp: {
+      property: ['to', 'timestamp']
+    },*/
+  },
+  crud: {
+    deleteTrigger: true,
+    writeOptions: {
+      access: (params, {client, service}) => {
+        return client.roles.includes('admin')
+      }
+    }
+  }
+})
+
+definition.view({
+  name: "messages",
+  properties: {
+    peer: {
+      type: Peer
+    },
+    gt: {
+      type: String,
+    },
+    lt: {
+      type: String,
+    },
+    gte: {
+      type: String,
+    },
+    lte: {
+      type: String,
+    },
+    limit: {
+      type: Number
+    },
+    reverse: {
+      type: Boolean
+    }
+  },
+  returns: {
+    type: Array,
+    of: {
+      type: Message
+    }
+  },
+  access: async({ peer }, { client, service, visibilityTest }) => {
+    if(visibilityTest) return true
+    if(!peer) throw new Error("peer parameter is required")
+    const publicSessionInfo = await getPublicInfo(client.sessionId)
+    //console.log('MESSAGES ACCESS', peer.split('_'), "[2] == ", publicSessionInfo.id)
+    return peer.split('_')[2] == publicSessionInfo.id
+  },
+  async daoPath({ peer, gt, lt, gte, lte, limit, reverse }, { client, service }, method) {
+    const channelId = peer
+    if(!Number.isSafeInteger(limit)) limit = 100
+    const range = {
+      gt: gt ? `${channelId}_${gt.split('_').pop()}` : (gte ? undefined : `${channelId}_`),
+      lt: lt ? `${channelId}_${lt.split('_').pop()}` : undefined,
+      gte: gte ? `${channelId}_${gte.split('_').pop()}` : undefined,
+      lte: lte ? `${channelId}_${lte.split('_').pop()}` : ( lt ? undefined : `${channelId}_\xFF\xFF\xFF\xFF`),
+      limit,
+      reverse
+    }
+    const messages = await Message.rangeGet(range)
+    console.log("MESSAGES RANGE", JSON.stringify({ peer, gt, lt, gte, lte, limit, reverse }) ,
+        "\n  TO", JSON.stringify(range),
+        "\n  RESULTS", messages.length, messages.map(m => m.id))
+
+    /* console.log("MESSAGES RANGE", range, "RESULTS", messages.length)*/
+    return Message.rangePath(range)
+  }
+})
+
+let lastMessageTime = new Map()
+
+async function postMessage(props, { client, service }, emit, conversation) {
+  console.log("POST MESSAGE", props)
+  const channelId = props.to
+  let lastTime = lastMessageTime.get(channelId)
+  const now = new Date()
+  if(lastTime && now.toISOString() <= lastTime.toISOString()) {
+    lastTime.setTime(lastTime.getTime() + 1)
+  } else {
+    lastTime = now
+  }
+  if(lastTime.getTime() > now.getTime() + 100) { /// Too many messages per second, drop message
+    return;
+  }
+  lastMessageTime.set(channelId, lastTime)
+  const message = `${channelId}_${lastTime.toISOString()}`
+  let data = {}
+  for(const key in messageFields) {
+    data[key] = props[key]
+  }
+  data.timestamp = now
+  if(!data.user) {
+    const publicInfo = await getPublicInfo(client.sessionId)
+    data.session = publicInfo.id
+  }
+  emit({
+    type: "MessageCreated",
+    message,
+    data
+  })
+}
+
+definition.action({
+  name: "postMessage",
+  properties: {
+    ...messageFields
+  },
+  //queuedBy: (command) => `${command.toType}_${command.toId})`,
+  access: async ({ from, to }, context) => {
+    const { client, service, visibilityTest } = context
+    if(visibilityTest) return true
+    const [fromType, fromId, fromSession] = from.split('_')
+    const [toType, toId, toSession] = to.split('_')
+    if(toType != fromType) return false
+    if(toId != fromId) return false
+    const publicSessionInfo = await getPublicInfo(client.sessionId)
+    if(publicSessionInfo.id != fromSession) return false
+    return toType.split('.')[0] == 'priv'
+        ? checkPrivAccess(toId, context)
+        : checkIfRole(toType.split('.')[0], toId, ['speaker', 'vip', 'moderator', 'owner'], context)
+  },
+  async execute(props, { client, service }, emit) {
+    const result = await postMessage(props, { client, service }, emit)
+    console.log("MESSAGE POSTED!")
+    return result
+  }
+})

package/package.json

@@ -0,0 +1,14 @@
+{
+  "name": "@live-change/peer-connection-service",
+  "version": "0.2.28",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "start": "node index.js",
+    "setup": "INSTALL=true node index.js",
+    "test": "NODE_ENV=test blue-tape tests/*"
+  },
+  "author": "Michał Łaszczewski <michal@emikse.com>",
+  "license": "BSD-3-Clause",
+  "gitHead": "34309fef58572e1a8794b52438430dd421c57d65"
+}

package/peer.js

@@ -0,0 +1,115 @@
+const definition = require('./definition.js')
+
+const { clientHasAccessRole } = require("../access-control-service/access.js")(definition)
+
+const Peer = definition.model({
+  name: "Peer",
+  itemOfAny: {
+    to: ['channel', 'session']
+  },
+  properties: {
+  }
+})
+
+definition.view({
+  name: "peers",
+  properties: {
+    channelType: {
+      type: String,
+      validation: ['nonEmpty']
+    },
+    channel: {
+      type: String,
+      validation: ['nonEmpty']
+    }
+  },
+  returns: {
+    type: Array,
+    of: {
+      type: Peer
+    }
+  },
+  access: (params, { client, visibilityTest }) => {
+    if(visibilityTest) return true
+    const { channelType, channel } = params
+    //console.log("CHECK PEERS ACCESS", params, client, visibilityTest)
+    return clientHasAccessRole(client, { objectType: channelType, object: channel },
+        ['reader', 'speaker', 'vip', 'moderator', 'owner'])
+  },
+  async daoPath({ channelType, channel }, { client, service }, method) {
+    return Peer.indexRangePath('byChannel', [ channelType, channel.split('.')[0] ])
+  }
+})
+
+definition.event({
+  name: "peerOnline",
+  async execute({ channelType, channel, sessionType, session, instance }) {
+    const peer = channelType + ':' + channel + ':' + sessionType + ':' + session + ':' + instance
+    await Peer.create({ id: peer, channelType, channel, instance, sessionType, session })
+  }
+})
+
+definition.event({
+  name: "peerOffline",
+  async execute({ channelType, channel, sessionType, session, instance }) {
+    const peer = channelType + ':' + channel + ':' + sessionType + ':' + session + ':' + instance
+    Peer.delete(peer)
+  }
+})
+
+definition.event({
+  name: "allOffline",
+  async execute() {
+    await app.dao.request(['database', 'query', app.databaseName, `(${
+        async (input, output, { table }) => {
+          await input.table(table).range({}).onChange(async obj => {
+            output.table(table).delete(obj.id)
+          })
+        }
+    })`, { table: Peer.tableName }])
+  }
+})
+
+definition.trigger({
+  name: "sessionPeerOnline",
+  properties: {
+  },
+  async execute({ session, peer }, context, emit) {
+    console.log("PEER ONLINE PARAMS", { session, peer })
+    const [ channelType, channel, sessionType, peerSession, instance ] = peer.split(':')
+    if(sessionType != 'session_Session') throw new Error('wrongSessionType')
+    if(peerSession != session) throw new Error('wrongSession')
+    /// TODO: check channel access
+    emit({
+      type: 'peerOnline',
+      channelType, channel, sessionType, session, instance
+    })
+  }
+})
+
+definition.trigger({
+  name: "sessionPeerOffline",
+  properties: {
+  },
+  async execute({ session, peer }, context, emit) {
+    console.log("PEER OFFLINE PARAMS", { session, peer })
+    const [ channelType, channel, sessionType, peerSession, instance ] = peer.split(':')
+    if(sessionType != 'session_Session') throw new Error('wrongSessionType')
+    if(peerSession != session) throw new Error('wrongSession')
+    emit({
+      type: 'peerOffline',
+      channelType, channel, sessionType, session, instance
+    })
+  }
+})
+
+definition.trigger({
+  name: "allOffline",
+  properties: {
+  },
+  async execute({ }, context, emit) {
+    emit({
+      type: "allOffline"
+    })
+  }
+})

package/peerState.js

@@ -0,0 +1,85 @@
+const definition = require('./definition.js')
+
+const { Peer } = require('./peer.js')
+
+const peerStateFields = {
+  audioState: {
+    type: String
+  },
+  videoState: {
+    type: String
+  }
+}
+
+const PeerState = definition.model({
+  name: "PeerState",
+  propertyOf: {
+    what: Peer
+  },
+  properties: {
+    ...peerStateFields
+  }
+})
+
+definition.event({
+  name: "peerStateSet",
+  async execute({ peer, data }) {
+    await PeerState.create({ ...data, id: peer })
+  }
+})
+
+definition.view({
+  name: "peerState",
+  properties: {
+    peer: {
+      type: Peer
+    }
+  },
+  returns: {
+    type: PeerState
+  },
+  access: async ({ peer }, context) => {
+    const { client, service, visibilityTest } = context
+    if(visibilityTest) return true
+    const [toType, toId, toSession] = peer.split('_')
+    return toType.split('.')[0] == 'priv'
+        ? checkPrivAccess(toId, context)
+        : checkIfRole(toType.split('.')[0], toId, ['speaker', 'vip', 'moderator', 'owner'], context)
+  },
+  async daoPath({ peer }, { client, service }, method) {
+    return PeerState.path(peer)
+  }
+})
+
+definition.action({
+  name: "setPeerState",
+  properties: {
+    peer: {
+      type: Peer
+    },
+    ...peerStateFields
+  },
+  //queuedBy: (command) => `${command.toType}_${command.toId})`,
+  access: async ({ peer }, context) => {
+    const { client, service, visibilityTest } = context
+    if(visibilityTest) return true
+    const [toType, toId, toSession] = peer.split('_')
+    const publicSessionInfo = await getPublicInfo(client.sessionId)
+    if(publicSessionInfo.id != toSession) return false
+    return toType.split('.')[0] == 'priv'
+        ? checkPrivAccess(toId, context)
+        : checkIfRole(toType.split('.')[0], toId, ['speaker', 'vip', 'moderator', 'owner'], context)
+  },
+  async execute(props, { client, service }, emit) {
+    let data = { }
+    for(const key in peerStateFields) {
+      data[key] = props[key]
+    }
+    emit({
+      type: 'peerStateSet',
+      peer: props.peer,
+      data
+    })
+    return 'ok'
+  }
+})

package/turn.js

@@ -0,0 +1,89 @@
+const crypto = require('crypto')
+const ReactiveDao = require('@live-change/dao')
+const definition = require('./definition.js')
+const config = definition.config
+
+const urls = config?.turn?.urls || process.env.TURN_URLS?.split(';')
+const secret = config?.turn?.secret || process.env.TURN_SECRET
+const turnExpireTime = config?.turn?.expire || (+process.env.TURN_EXPIRE) || (60 * 60) // 1 hour for default
+
+const { clientHasAccessRole } = require("../access-control-service/access.js")(definition)
+
+const { Peer } = require('./peer.js')
+
+function randomHexString(size) {
+  return new Promise((resolve, reject) => {
+    crypto.randomBytes(size / 2, function(err, res) {
+      if (err) return reject(err)
+      resolve(res.toString('hex'))
+    })
+  })
+}
+
+async function createTurnConfiguration({ client }) {
+  const expire = Date.now() / 1000 + turnExpireTime | 0
+  const username = await randomHexString(10)
+  const rusername = expire + ':' + username
+  const password = crypto
+    .createHmac('sha1', secret)
+    .update(rusername)
+    .digest('base64')
+  /// TODO: select nearest servers by geoip
+  return {
+    urls,
+    credentialType: 'password',
+    username: rusername,
+    credential: password,
+    clientIp: client.ip
+  }
+}
+
+async function releaseTurnConfiguration() {
+  /// not used in static shared secret configuration
+}
+
+definition.view({
+  name: "turnConfiguration",
+  properties: {
+    peer: {
+      type: Peer
+    }
+  },
+  access: async ({ peer },  { client, service, visibilityTest }) => {
+    if(visibilityTest) return true
+    const [ channelType, channel, sessionType, session, instance ] = peer.split(':')
+    if(sessionType != 'session_Session') throw new Error('wrongSessionType')
+    if(session != client.session) throw new Error('wrongSession')
+    return clientHasAccessRole(client, { objectType: channelType.split('.')[0], object: channel },
+        ['speaker', 'vip', 'moderator', 'owner'])
+  },
+  observable({ peer }, context) {
+    const observable = new ReactiveDao.ObservableValue()
+    let turnWorking = true
+    const refreshTurn = async () => {
+      if(observable.isDisposed()) {
+        turnWorking = false
+        return
+      }
+      try {
+        observable.set(await createTurnConfiguration(context))
+      } catch(error) {
+        observable.error(error)
+      }
+      const refreshDelay = turnExpireTime * 1000 / 2
+      setTimeout(refreshTurn, refreshDelay)
+    }
+    refreshTurn() // must be async!
+    const oldRespawn = observable.respawn
+    observable.respawn = () => {
+      oldRespawn.call(observable)
+      if(!turnWorking) refreshTurn() // must be async!
+    }
+    return observable
+  },
+  async get({ peer }, context) {
+    return await createTurnConfiguration(context)
+  }
+})
+
+module.exports = { createTurnConfiguration, releaseTurnConfiguration, turnExpireTime }