ambient-display 1.1.0

package/server/index.js

@@ -0,0 +1,155 @@
+import { SpotifyApi } from '@spotify/web-api-ts-sdk';
+
+import express from 'express';
+import cors from 'cors';
+import { createServer } from 'node:http';
+import { Server } from 'socket.io';
+
+import { ERROR, EVENT } from './constants.js';
+import * as Types from './types/options.js';
+import { events } from './events.js';
+import { comms } from './comms.js';
+
+import ApiRoutes from './api/index.js';
+import SpotifyRoutes from './spotify/index.js';
+import { SpotifyInteract } from './api/interact.js';
+import { OPTIONS } from './config.js';
+import { CommandHistory } from './history.js';
+
+const URL = `${OPTIONS.origin}:${OPTIONS.port}`;
+
+const app = express();
+const server = createServer(app);
+const io = new Server(server, {
+	cors: {
+		origin: '*'
+	}
+});
+const commsObject = comms(io);
+
+app.use(express.json());
+app.use(cors());
+
+/**
+ * A mutable object, to which we can attach the spotify instance onto
+ */
+const sdk = {
+	/** @type {SpotifyApi | null} */
+	current: null
+};
+
+const history = CommandHistory();
+
+const { plugins, ...config } = OPTIONS;
+const inject = {
+	io,
+	comms: commsObject,
+	server: app,
+	events,
+	sdk,
+	spotify: SpotifyInteract,
+	config,
+	history,
+	info: {
+		url: URL,
+		player: [URL, OPTIONS.playerRoute].join('')
+	}
+};
+
+if (OPTIONS.plugins.length > 0) {
+	if (OPTIONS.verbose) {
+		console.log('Starting to initialise plugins');
+	}
+
+	await Promise.all(
+		OPTIONS.plugins
+			.filter((plugin) => {
+				if (plugin.skip && OPTIONS.verbose) {
+					console.log(`Skipping plugin: ${plugin.name ?? 'Unnamed'}`);
+				}
+				return !plugin.skip;
+			})
+			.map((plugin) => Promise.resolve().then(() => plugin.handler(inject)))
+	);
+	if (OPTIONS.verbose) {
+		console.log('Finished initialising plugins');
+	}
+} else if (OPTIONS.verbose) {
+	console.log('No plugins listed');
+}
+
+/**
+ * Middleware which attachs the spotify intance and the socket io instance
+ */
+app.use((req, res, next) => {
+	req.history = history;
+	req.sdk = sdk.current;
+	req.io = io;
+	req.comms = commsObject;
+	next();
+});
+
+/**
+ * A middleware for routes that require the spotify sdk
+ *
+ * @param {import('express').Request} req
+ * @param {import('express').Response} res
+ * @param {import('express').NextFunction} next
+ * @returns {void}
+ */
+const sdkProtect = (req, res, next) => {
+	if (!req.sdk) {
+		return res.json({
+			error: true,
+			message: ERROR.UNAUTHENTICATED
+		});
+	}
+
+	next();
+};
+
+// Mount the spotify sub app
+const spotify = await SpotifyRoutes(sdk, OPTIONS);
+app.use('/spotify', spotify);
+
+// Mount the api sub app
+app.use('/api', sdkProtect, ApiRoutes(io, sdk, OPTIONS.api ?? {}));
+
+// If the app is running in development mode, catch the player redirect and redirect to the sveltekit route instead
+if (process.env.NODE_ENV === 'development') {
+	app.get(OPTIONS.playerRoute, (req, res) => res.redirect('http://localhost:5173/player'));
+} else {
+	// If its production mount the built sveltekit app
+	const { handler } = await import('../build/handler.js');
+	app.use(handler);
+}
+
+app.use((err, req, res, next) => {
+	// events.error(ERROR.GENERAL, err);
+
+	return res.json({
+		error: true,
+		message: ERROR.GENERAL
+	});
+});
+
+events.on(EVENT.APP_ERROR, ({ message }) => {
+	if (!OPTIONS.suppressErrors.includes(message)) {
+		commsObject.error(message);
+	}
+});
+
+events.on(`system:authenticated`, () => {
+	io.emit('reload');
+});
+
+export default {
+	inject,
+	server,
+	start() {
+		server.listen(OPTIONS.port, () => {
+			console.log(`App running on port ${URL}`);
+			events.system('start');
+		});
+	}
+};

package/server/logs.js

@@ -0,0 +1,15 @@
+import bunyan from 'bunyan';
+
+export const log = bunyan.createLogger({
+	name: 'SpotifyParty',
+	streams: [
+		// {
+		// 	level: 'debug',
+		// 	stream: process.stdout // log INFO and above to stdout
+		// },
+		{
+			level: 'error',
+			path: './error.logs.json' // log ERROR and above to a file
+		}
+	]
+});

package/server/memo.js

@@ -0,0 +1,63 @@
+export const memo = {
+	items: {},
+
+	/**
+	 *
+	 * @param {string} key
+	 * @param {number} cacheTime
+	 * @returns {boolean}
+	 */
+	exists(key, cacheTime = 1000 * 60 * 60) {
+		return key in this.items && Date.now() - this.items[key].cacheTime < cacheTime;
+	},
+
+	/**
+	 *
+	 * @param {string} key
+	 * @returns {any}
+	 */
+	get(key) {
+		return this.items[key].data;
+	},
+
+	/**
+	 *
+	 * @param {string} key
+	 * @param {any} data
+	 */
+	save(key, data) {
+		this.items[key] = {
+			cacheTime: Date.now(),
+			data
+		};
+
+		return () => this.delete(key);
+	},
+
+	delete(key) {
+		delete this.items[key];
+	},
+
+	/**
+	 * A utility that first checks the cache and if not runs the function and saved the return
+	 *
+	 * @param {string} key
+	 * @param {() => Promise<any>} memoFunc
+	 * @param {(data: any) => any} transform
+	 * @returns
+	 */
+	async use(key, memoFunc, transform = (value) => value) {
+		if (this.exists(key)) {
+			return this.get(key);
+		} else {
+			this.delete(key);
+			const resp = transform(await Promise.resolve().then(() => memoFunc()));
+			this.save(key, resp);
+			return resp;
+		}
+	},
+
+	key(...args) {
+		return args.join(':');
+	}
+};

package/server/run.js

@@ -0,0 +1,5 @@
+#!/usr/bin/env node
+
+import Server from './index.js';
+
+Server.start();

package/server/spotify/auth.js

@@ -0,0 +1,98 @@
+import fs from 'node:fs/promises';
+
+import * as Types from '../types/index.js';
+import * as OptionsTypes from '../types/options.js';
+import { expandAliases } from '../utils.js';
+
+export const SpotifyAuth = {
+	token: {
+		/**
+		 * Exchanges a refresh token for a new access token.
+		 *
+		 * Potentially doesnt return another refresh token, which documentation says to reuse the old one
+		 *
+		 * @param {string} refresh_token
+		 * @returns {Promise<Types.SpotifyAccessToken | {error: string}>}
+		 */
+		refresh(client_id, client_secret, refresh_token) {
+			return fetch('https://accounts.spotify.com/api/token', {
+				method: 'POST',
+				headers: {
+					'Content-Type': 'application/x-www-form-urlencoded'
+				},
+				body: new URLSearchParams({
+					grant_type: 'refresh_token',
+					refresh_token,
+					client_id,
+					client_secret
+				})
+			}).then((resp) => resp.json());
+		},
+
+		/**
+		 * Exchanges a code for an access token
+		 *
+		 * @param {string} code
+		 * @param {string} redirect_uri
+		 * @returns {Promise<Types.SpotifyAccessToken>}
+		 */
+		get(client_id, client_secret, code, redirect_uri) {
+			return fetch('https://accounts.spotify.com/api/token', {
+				body: new URLSearchParams({
+					code,
+					redirect_uri,
+					grant_type: 'authorization_code'
+				}),
+				method: 'POST',
+				headers: {
+					'content-type': 'application/x-www-form-urlencoded',
+					Authorization:
+						'Basic ' + new Buffer.from(client_id + ':' + client_secret).toString('base64')
+				}
+			}).then((resp) => resp.json());
+		}
+	}
+};
+
+/**
+ *
+ * @param {OptionsTypes.SpotifyOptions} options
+ * @returns {Promise<Types.SpotifyAccessToken | false>}
+ */
+export async function initialisePreviousAuth({
+	accessTokenJsonLocation,
+	client_id,
+	client_secret
+}) {
+	try {
+		// Attemps to read the json file of auth, will throw an error if it doesn't exist
+		const previousAuth = await fs.readFile(expandAliases(accessTokenJsonLocation), 'utf-8');
+
+		// Parse the object to utilise it
+		const previous = JSON.parse(previousAuth);
+
+		const { error, ...token } = await SpotifyAuth.token.refresh(
+			client_id,
+			client_secret,
+			previous.refresh_token,
+			previous.access_token
+		);
+
+		if (error) {
+			// This is a shot in the dark, but this was throwing sometimes in quick success of accessing, so wondered if its a rate limit thing
+			if (error === 'invalid_request') {
+				return previous;
+			}
+
+			throw new Error('Invalid token');
+		}
+
+		// Intialise the return with the refresh token, in case it didn't come in the refreshed call. Will get overwritten if it did
+		return {
+			refresh_token: previous.refresh_token,
+			...token
+		};
+	} catch {
+		return false;
+	}
+}

package/server/spotify/index.js

@@ -0,0 +1,105 @@
+import { Router } from 'express';
+
+import { ERROR } from '../constants.js';
+import { events } from '../events.js';
+import { initialisePreviousAuth, SpotifyAuth } from './auth.js';
+import { persistSdk } from './sdk.js';
+import { catchAndRetry } from '../utils.js';
+
+// These scoped items are fixed and necessary for the app to run
+const SCOPE = [
+	'user-read-currently-playing',
+	'user-read-playback-state',
+	'user-modify-playback-state'
+];
+
+/**
+ *
+ * @param {{current: null | import("@spotify/web-api-ts-sdk").SpotifyApi}} sdk
+ * @param {import("../types/options.js").SpotifyAmbientDisplayOptions} options
+ */
+const run = async (sdk, options) => {
+	// First check if there is previous auth that is valid
+	const refreshedAuth = await initialisePreviousAuth(options.spotify);
+
+	// If there is, initialise it while also persisting the auth
+	if (refreshedAuth) {
+		sdk.current = await persistSdk(refreshedAuth, options);
+	}
+
+	// Initalise a sub router
+	const app = Router();
+
+	// Construct the spotify redirect_uri
+	const redirect_uri = [
+		[options.protocol, [options.origin, options.port].join(':')].join(''),
+		options.spotify.routePrefix,
+		options.spotify.routeToken
+	].join('');
+
+	// Merge scopes, ensuring the necessary ones are applied and duplicates are removed
+	const scope = [...new Set([...SCOPE, options.spotify.scope])].join(' ');
+
+	/**
+	 * The start route, kicks off the authorisation process, by redirecting to the spotify authorise page
+	 */
+	app.get('/start', (req, res) => {
+		// If the SDK is already attached to the request object, assume its authenticated and bypass the start
+		if (req.sdk) {
+			res.redirect(`${options.spotify.authenticatedRedirect}?authenticated=true`);
+			return;
+		}
+
+		const url = new URL('https://accounts.spotify.com/authorize');
+		url.search = new URLSearchParams({
+			response_type: 'code',
+			client_id: options.spotify.client_id,
+			scope,
+			redirect_uri
+		});
+
+		res.redirect(url.toString());
+	});
+
+	/**
+	 * This route is the route that is redirected to after spotify has authed the user
+	 */
+	app.get(options.spotify.routeToken, async (req, res) => {
+		// If the SDK is already attached to the request object, assume its authenticated and bypass the start
+		if (req.sdk) {
+			res.redirect(`${options.spotify.authenticatedRedirect}?authenticated=true`);
+			return;
+		}
+
+		var code = req.query.code || null;
+		var error = req.query.error || null;
+
+		if (error) {
+			events.error(ERROR.SPOTIFY_UNAUTHENTICATED);
+
+			return res.json({
+				error: true,
+				message: ERROR.SPOTIFY_UNAUTHENTICATED
+			});
+		}
+
+		const accessTokenJson = await catchAndRetry(() => {
+			return SpotifyAuth.token.get(
+				options.spotify.client_id,
+				options.spotify.client_secret,
+				code,
+				redirect_uri
+			);
+		});
+
+		sdk.current = await persistSdk(accessTokenJson, options);
+
+		events.system('authenticated');
+
+		res.redirect(`${options.spotify.authenticatedRedirect}?authenticated=true`);
+	});
+
+	return app;
+};
+
+export default run;

package/server/spotify/sdk.js

@@ -0,0 +1,217 @@
+import { SpotifyApi } from '@spotify/web-api-ts-sdk';
+import fs from 'node:fs/promises';
+
+import { events } from '../events.js';
+import { log } from '../logs.js';
+import * as Types from '../types/index.js';
+import * as OptionTypes from '../types/options.js';
+import { SpotifyAuth } from './auth.js';
+import { ERROR } from '../constants.js';
+import path from 'node:path';
+import { expandAliases, __dirname } from '../utils.js';
+
+class FixedAccessTokenStrategy {
+	/**
+	 *
+	 * @param {Types.SpotifyAccessToken} item
+	 * @returns {number}
+	 */
+	static calculateExpiry(item) {
+		return Date.now() + item.expires_in * 1000;
+	}
+
+	/**
+	 * @param {string} clientId
+	 * @param {Types.SpotifyAccessToken} accessToken
+	 * @param {(clientId: string, token: Types.SpotifyAccessToken) => Promise<Types.SpotifyAccessToken>} refreshTokenAction
+	 */
+	constructor(clientId, accessToken, refreshTokenAction) {
+		this.clientId = clientId;
+		this.accessToken = accessToken;
+
+		this.refreshTokenAction = refreshTokenAction;
+
+		// If the raw token from the jwt response is provided here
+		// Calculate an absolute `expiry` value.
+		// Caveat: If this token isn't fresh, this value will be off.
+		// It's the responsibility of the calling code to either set a valid
+		// expires property, or ensure expires_in accounts for any lag between
+		// issuing and passing here.
+
+		if (!this.accessToken.expires) {
+			this.accessToken.expires = FixedAccessTokenStrategy.calculateExpiry(this.accessToken);
+		}
+	}
+
+	setConfiguration() {}
+
+	/**
+	 *
+	 * @returns {Types.SpotifyAccessToken}
+	 */
+	async getOrCreateAccessToken() {
+		if (this.accessToken.expires && this.accessToken.expires <= Date.now()) {
+			const refreshed = await this.refreshTokenAction(this.clientId, this.accessToken);
+			this.accessToken = refreshed;
+		}
+
+		return this.accessToken;
+	}
+
+	/**
+	 *
+	 * @returns {Types.SpotifyAccessToken | null}
+	 */
+	async getAccessToken() {
+		return this.accessToken;
+	}
+
+	removeAccessToken() {
+		this.accessToken = {
+			access_token: '',
+			token_type: '',
+			expires_in: 0,
+			refresh_token: '',
+			expires: 0
+		};
+	}
+}
+
+/**
+ *
+ * @param {Response} resp
+ */
+const safeBody = async (resp) => {
+	const text = await resp.text();
+
+	try {
+		return JSON.parse(text);
+	} catch {
+		return text;
+	}
+};
+
+/**
+ *
+ * @param {Types.SpotifyAccessToken} accessTokenData
+ * @param {OptionTypes.SpotifyAmbientDisplayOptions} opts
+ * @returns
+ */
+export async function persistSdk(
+	accessTokenData,
+	{ spotify: { client_id, client_secret, accessTokenJsonLocation }, verbose }
+) {
+	const p = path.resolve(expandAliases(accessTokenJsonLocation));
+
+	try {
+		await fs.access(path.dirname(p));
+	} catch (e) {
+		if (e.code === 'ENOENT') {
+			if (verbose) {
+				console.log('Creating the folder to store the credentials');
+			}
+
+			await fs.mkdir(path.dirname(p), { recursive: true });
+
+			if (verbose) {
+				console.log('Saving a config file in the folder too');
+			}
+			await fs.copyFile(
+				path.join(__dirname(import.meta.url), '../../ambient.config.js.template'),
+				path.join(path.dirname(p), './ambient.config.js')
+			);
+		} else {
+			console.log('Error accessing credentials folder', e);
+		}
+	}
+
+	if (verbose) {
+		console.log('Persisting credentials in', p);
+	}
+
+	// Persist the access token data to disk
+	await fs.writeFile(p, JSON.stringify(accessTokenData), 'utf-8');
+
+	return new SpotifyApi(
+		new FixedAccessTokenStrategy(
+			client_id,
+			accessTokenData,
+			(_client_id, _client_secret, token) => {
+				SpotifyAuth.token.refresh(
+					client_id,
+					client_secret,
+					token.refresh_token,
+					token.access_token
+				);
+			}
+		),
+		{
+			deserializer: {
+				async deserialize(response) {
+					const text = await response.text();
+
+					const contentType = response.headers.get('content-type') ?? '';
+
+					if (text.length > 0 && contentType.includes('application/json')) {
+						const json = JSON.parse(text);
+						return json;
+					}
+
+					return null;
+				}
+			},
+			responseValidator: {
+				async validateResponse(response) {
+					switch (response.status) {
+						case 401:
+							events.error(ERROR.SPOTIFY_REAUTHENTICATE);
+
+							throw new Error(
+								'Bad or expired token. This can happen if the user revoked a token or the access token has expired. You should re-authenticate the user.'
+							);
+						case 403: {
+							const body = await safeBody(response);
+
+							if (typeof body === 'string') {
+								events.error(ERROR.SPOTIFY_UNAUTHENTICATED, {
+									message: body
+								});
+							} else {
+								if (body.error.message === 'Restricted device') {
+									events.error(ERROR.SPOTIFY_RESTRICTED);
+								} else {
+									events.error(ERROR.SPOTIFY_UNAUTHENTICATED, body);
+								}
+							}
+
+							throw new Error(
+								`Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here. Body: ${typeof body === 'string' ? body : JSON.stringify(body)}`
+							);
+						}
+						case 429:
+							events.error(ERROR.SPOTIFY_RATE_LIMIT, {
+								retry: parseInt(response.headers.get('Retry-After')),
+								retryString: `${Math.round((parseInt(response.headers.get('Retry-After')) / 60) * 10) / 10}s`
+							});
+
+							throw new Error('The app has exceeded its rate limits.');
+						default:
+							if (!response.status.toString().startsWith('20')) {
+								events.error(ERROR.SPOTIFY_ERROR);
+
+								const body = await response.text();
+								throw new Error(
+									`Unrecognised response code: ${response.status} - ${response.statusText}. Body: ${body}`
+								);
+							}
+					}
+				}
+			},
+			errorHandler: {
+				handleErrors(error) {
+					log.error(error);
+				}
+			}
+		}
+	);
+}

package/server/types/comms.js

@@ -0,0 +1,7 @@
+/**
+ * @typedef {object} Comms
+ * @property {(message: string, type: 'info' | 'error' | 'track') => void} message
+ * @property {(message: string) => void} error Emit an error message to sockets
+ */
+
+export const Types = {};