iobroker.motioneye 0.0.1

package/lib/motionEyeApi.js

@@ -0,0 +1,285 @@
+'use strict';
+
+const http = require('node:http');
+const crypto = require('node:crypto');
+
+const SIGNATURE_REGEX = new RegExp('[^a-zA-Z0-9/?_.=&{}\\[\\]":, -]', 'g');
+
+/** Default cache TTL for camera list (ms). */
+const LIST_CACHE_MS = 15000;
+
+/**
+ * @param {string} value
+ * @returns {string}
+ */
+function quoteParam(value) {
+	return encodeURIComponent(value).replace(/[!'()*~]/g, c => c);
+}
+
+/**
+ * Compute MotionEye API signature (SHA1).
+ *
+ * @param {string} method
+ * @param {string} requestPath
+ * @param {string} body
+ * @param {string} password Sign key (empty string when no password)
+ * @returns {string}
+ */
+function computeSignature(method, requestPath, body, password) {
+	const qIndex = requestPath.indexOf('?');
+	const pathname = qIndex >= 0 ? requestPath.slice(0, qIndex) : requestPath;
+	const queryString = qIndex >= 0 ? requestPath.slice(qIndex + 1) : '';
+	const params = [];
+
+	if (queryString) {
+		for (const part of queryString.split('&')) {
+			if (!part) {
+				continue;
+			}
+			const eq = part.indexOf('=');
+			const name = eq >= 0 ? decodeURIComponent(part.slice(0, eq)) : decodeURIComponent(part);
+			const value = eq >= 0 ? decodeURIComponent(part.slice(eq + 1)) : '';
+			if (name !== '_signature') {
+				params.push([name, value]);
+			}
+		}
+	}
+
+	params.sort((a, b) => a[0].localeCompare(b[0]));
+	const query = params.map(([name, value]) => `${name}=${quoteParam(value)}`).join('&');
+	let path = pathname + (query ? `?${query}` : '');
+	path = path.replace(SIGNATURE_REGEX, '-');
+
+	const key = String(password).replace(SIGNATURE_REGEX, '-');
+	let bodyStr = body || '';
+	if (bodyStr.startsWith('---')) {
+		bodyStr = '';
+	} else if (bodyStr) {
+		bodyStr = bodyStr.replace(SIGNATURE_REGEX, '-');
+	}
+
+	const signing = `${method}:${path}:${bodyStr}:${key}`;
+	return crypto.createHash('sha1').update(signing, 'utf8').digest('hex').toLowerCase();
+}
+
+/**
+ * @param {string} password Plain-text MotionEye password
+ * @returns {string} Sign key (empty when password is empty)
+ */
+function motionEyeSignKey(password) {
+	if (!password) {
+		return '';
+	}
+
+	return crypto.createHash('sha1').update(String(password), 'utf8').digest('hex').toLowerCase();
+}
+
+/**
+ * @param {string} path
+ * @param {string} method
+ * @param {string|null|undefined} body
+ * @param {string} username
+ * @param {string} signKey
+ * @returns {string}
+ */
+function buildAuthPath(path, method, body, username, signKey) {
+	const joiner = path.includes('?') ? '&' : '?';
+	const unsignedPath = `${path}${joiner}_username=${quoteParam(username)}`;
+	const signature = computeSignature(method, unsignedPath, body || '', signKey);
+	return `${unsignedPath}&_signature=${signature}`;
+}
+
+/**
+ * @typedef {object} MotionEyeApiOptions
+ * @property {string} host MotionEye host
+ * @property {number} [motionEyePort=8765]
+ * @property {string} [username='admin']
+ * @property {string} [password='']
+ * @property {number} [requestTimeoutMs=45000]
+ * @property {number} [listCacheMs=15000]
+ */
+
+/**
+ * @typedef {object} MotionEyeApiResult
+ * @property {number} status
+ * @property {unknown} data
+ * @property {string} body
+ */
+
+/**
+ * Create a MotionEye Config API client.
+ * @param {MotionEyeApiOptions} options
+ */
+function createMotionEyeApi(options) {
+	const host = options.host;
+	const motionEyePort = options.motionEyePort ?? 8765;
+	const username = options.username || 'admin';
+	const password = options.password || '';
+	const requestTimeoutMs = options.requestTimeoutMs ?? 45000;
+	const listCacheMs = options.listCacheMs ?? LIST_CACHE_MS;
+	const signKey = motionEyeSignKey(password);
+
+	let listCache = null;
+
+	/**
+	 * @param {string} path
+	 * @param {string} [method]
+	 * @param {string|null} [body]
+	 * @returns {Promise<{ status: number, body: string }>}
+	 */
+	function httpRequest(path, method = 'GET', body = null) {
+		return new Promise((resolve, reject) => {
+			const requestOptions = {
+				hostname: host,
+				port: motionEyePort,
+				path,
+				method,
+				timeout: requestTimeoutMs,
+				headers: {},
+			};
+
+			if (body) {
+				requestOptions.headers = {
+					'Content-Type': 'application/json',
+					'Content-Length': Buffer.byteLength(body, 'utf8'),
+				};
+			}
+
+			const req = http.request(requestOptions, res => {
+				let responseBody = '';
+				res.setEncoding('utf8');
+				res.on('data', chunk => {
+					responseBody += chunk;
+				});
+				res.on('end', () => {
+					resolve({
+						status: res.statusCode || 0,
+						body: responseBody.trim(),
+					});
+				});
+			});
+
+			req.on('timeout', () => {
+				req.destroy();
+				reject(new Error(`Timeout after ${requestTimeoutMs} ms: ${path}`));
+			});
+			req.on('error', reject);
+
+			if (body) {
+				req.write(body);
+			}
+			req.end();
+		});
+	}
+
+	/**
+	 * @param {string} path
+	 * @param {string} [method]
+	 * @param {Record<string, unknown>|null} [bodyObj]
+	 * @returns {Promise<MotionEyeApiResult>}
+	 */
+	async function call(path, method = 'GET', bodyObj = null) {
+		const body = bodyObj ? JSON.stringify(bodyObj) : null;
+		const authPath = buildAuthPath(path, method, body, username, signKey);
+		const result = await httpRequest(authPath, method, body);
+
+		let data = null;
+		if (result.body) {
+			try {
+				data = JSON.parse(result.body);
+			} catch {
+				data = result.body;
+			}
+		}
+
+		if (
+			result.status >= 400 ||
+			(data && typeof data === 'object' && data !== null && 'error' in data && data.error)
+		) {
+			const message =
+				(data && typeof data === 'object' && data !== null && 'error' in data && data.error) ||
+				result.body ||
+				`HTTP ${result.status}`;
+			throw new Error(String(message));
+		}
+
+		return { status: result.status, data, body: result.body };
+	}
+
+	/**
+	 * @returns {Promise<Record<string, unknown>[]>}
+	 */
+	async function getCameraList() {
+		const now = Date.now();
+		if (listCache && listCache.expires > now) {
+			return listCache.data;
+		}
+
+		const result = await call('/config/list', 'GET');
+		if (!result.data || typeof result.data !== 'object' || result.data === null || !('cameras' in result.data)) {
+			throw new Error('config/list: no cameras found');
+		}
+
+		const cameras = /** @type {Record<string, unknown>[]} */ (result.data.cameras);
+		listCache = { data: cameras, expires: now + listCacheMs };
+		return cameras;
+	}
+
+	/**
+	 * @param {number} cameraId
+	 * @returns {Promise<Record<string, unknown>>}
+	 */
+	async function getCameraConfig(cameraId) {
+		const cameras = await getCameraList();
+		const camera = cameras.find(entry => entry.id === cameraId);
+		if (!camera) {
+			throw new Error(`Camera ID ${cameraId} not found in MotionEye`);
+		}
+		return camera;
+	}
+
+	/**
+	 * @param {number} cameraId
+	 * @param {Record<string, unknown>} patch
+	 * @returns {Promise<{ changed: boolean, data: unknown }>}
+	 */
+	async function saveCameraConfig(cameraId, patch) {
+		const uiConfig = await getCameraConfig(cameraId);
+		let changed = false;
+
+		for (const [key, value] of Object.entries(patch)) {
+			if (uiConfig[key] !== value) {
+				uiConfig[key] = value;
+				changed = true;
+			}
+		}
+
+		if (!changed) {
+			return { changed: false, data: null };
+		}
+
+		listCache = null;
+		const result = await call(`/config/${cameraId}/set/`, 'POST', uiConfig);
+		return { changed: true, data: result.data };
+	}
+
+	return {
+		call,
+		getCameraList,
+		getCameraConfig,
+		saveCameraConfig,
+		invalidateCache() {
+			listCache = null;
+		},
+	};
+}
+
+module.exports = {
+	SIGNATURE_REGEX,
+	quoteParam,
+	computeSignature,
+	motionEyeSignKey,
+	buildAuthPath,
+	createMotionEyeApi,
+	LIST_CACHE_MS,
+};

package/lib/motionEyeApi.test.js

@@ -0,0 +1,62 @@
+'use strict';
+
+const crypto = require('node:crypto');
+const { expect } = require('chai');
+const { quoteParam, computeSignature, motionEyeSignKey, buildAuthPath } = require('./motionEyeApi');
+
+describe('motionEyeApi signature', () => {
+	it('quoteParam should encode special characters', () => {
+		expect(quoteParam('hello world')).to.equal('hello%20world');
+		expect(quoteParam('a!b*c')).to.equal('a!b*c');
+	});
+
+	it('motionEyeSignKey should return empty string for empty password', () => {
+		expect(motionEyeSignKey('')).to.equal('');
+		expect(motionEyeSignKey(null)).to.equal('');
+		expect(motionEyeSignKey(undefined)).to.equal('');
+	});
+
+	it('motionEyeSignKey should return SHA1 hex of password', () => {
+		const expected = crypto.createHash('sha1').update('testpass', 'utf8').digest('hex').toLowerCase();
+		expect(motionEyeSignKey('testpass')).to.equal(expected);
+	});
+
+	it('computeSignature should be deterministic for GET /config/list without password', () => {
+		const path = '/config/list?_username=admin';
+		const sig1 = computeSignature('GET', path, '', '');
+		const sig2 = computeSignature('GET', path, '', '');
+		expect(sig1).to.equal(sig2);
+		expect(sig1).to.match(/^[a-f0-9]{40}$/);
+	});
+
+	it('computeSignature should differ when password sign key is set', () => {
+		const path = '/config/list?_username=admin';
+		const signKey = motionEyeSignKey('secret');
+		const withoutPassword = computeSignature('GET', path, '', '');
+		const withPassword = computeSignature('GET', path, '', signKey);
+		expect(withoutPassword).to.not.equal(withPassword);
+	});
+
+	it('computeSignature should sort query parameters before signing', () => {
+		const path = '/config/list?z=1&_username=admin&a=2';
+		const signature = computeSignature('GET', path, '', '');
+		const reordered = computeSignature('GET', '/config/list?a=2&_username=admin&z=1', '', '');
+		expect(signature).to.equal(reordered);
+	});
+
+	it('computeSignature should ignore existing _signature parameter', () => {
+		const withSig = computeSignature('GET', '/config/list?_username=admin&_signature=old', '', '');
+		const withoutSig = computeSignature('GET', '/config/list?_username=admin', '', '');
+		expect(withSig).to.equal(withoutSig);
+	});
+
+	it('buildAuthPath should append _username and _signature', () => {
+		const authPath = buildAuthPath('/config/list', 'GET', null, 'admin', '');
+		expect(authPath).to.match(/^\/config\/list\?_username=admin&_signature=[a-f0-9]{40}$/);
+	});
+
+	it('buildAuthPath should use & joiner when path already has query string', () => {
+		const authPath = buildAuthPath('/config/list?foo=bar', 'GET', null, 'admin', '');
+		expect(authPath).to.include('/config/list?foo=bar&_username=admin&_signature=');
+	});
+});