1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
import { basename } from 'path'
import { Segment } from '@peertube/p2p-media-loader-core'
import { logger } from '@root-helpers/logger'
import { wait } from '@root-helpers/utils'
import { isSameOrigin } from '../common'
type SegmentsJSON = { [filename: string]: string | { [byterange: string]: string } }
const maxRetries = 3
function segmentValidatorFactory (options: {
serverUrl: string
segmentsSha256Url: string
isLive: boolean
authorizationHeader: () => string
requiresAuth: boolean
}) {
const { serverUrl, segmentsSha256Url, isLive, authorizationHeader, requiresAuth } = options
let segmentsJSON = fetchSha256Segments({ serverUrl, segmentsSha256Url, authorizationHeader, requiresAuth })
const regex = /bytes=(\d+)-(\d+)/
return async function segmentValidator (segment: Segment, _method: string, _peerId: string, retry = 1) {
// Wait for hash generation from the server
if (isLive) await wait(1000)
const filename = basename(segment.url)
const segmentValue = (await segmentsJSON)[filename]
if (!segmentValue && retry > maxRetries) {
throw new Error(`Unknown segment name ${filename} in segment validator`)
}
if (!segmentValue) {
logger.info(`Refetching sha segments for ${filename}`)
await wait(1000)
segmentsJSON = fetchSha256Segments({ serverUrl, segmentsSha256Url, authorizationHeader, requiresAuth })
await segmentValidator(segment, _method, _peerId, retry + 1)
return
}
let hashShouldBe: string
let range = ''
if (typeof segmentValue === 'string') {
hashShouldBe = segmentValue
} else {
const captured = regex.exec(segment.range)
range = captured[1] + '-' + captured[2]
hashShouldBe = segmentValue[range]
}
if (hashShouldBe === undefined) {
throw new Error(`Unknown segment name ${filename}/${range} in segment validator`)
}
const calculatedSha = await sha256Hex(segment.data)
if (calculatedSha !== hashShouldBe) {
throw new Error(
`Hashes does not correspond for segment ${filename}/${range}` +
`(expected: ${hashShouldBe} instead of ${calculatedSha})`
)
}
}
}
// ---------------------------------------------------------------------------
export {
segmentValidatorFactory
}
// ---------------------------------------------------------------------------
function fetchSha256Segments (options: {
serverUrl: string
segmentsSha256Url: string
authorizationHeader: () => string
requiresAuth: boolean
}) {
const { serverUrl, segmentsSha256Url, requiresAuth, authorizationHeader } = options
const headers = requiresAuth && isSameOrigin(serverUrl, segmentsSha256Url)
? { Authorization: authorizationHeader() }
: {}
return fetch(segmentsSha256Url, { headers })
.then(res => res.json() as Promise<SegmentsJSON>)
.catch(err => {
logger.error('Cannot get sha256 segments', err)
return {}
})
}
async function sha256Hex (data?: ArrayBuffer) {
if (!data) return undefined
if (window.crypto.subtle) {
return window.crypto.subtle.digest('SHA-256', data)
.then(data => bufferToHex(data))
}
// Fallback for non HTTPS context
const shaModule = (await import('sha.js') as any).default
// eslint-disable-next-line new-cap
return new shaModule.sha256().update(Buffer.from(data)).digest('hex')
}
// Thanks: https://stackoverflow.com/a/53307879
function bufferToHex (buffer?: ArrayBuffer) {
if (!buffer) return ''
let s = ''
const h = '0123456789abcdef'
const o = new Uint8Array(buffer)
o.forEach((v: any) => {
s += h[v >> 4] + h[v & 15]
})
return s
}
|