WIP - marionette updates part 1

.gitignore

@@ -2,3 +2,5 @@ server/virtualenv
 .*
 *.pyc
 server/secret.key
+server/config.conf
+server/robots.json

README.md

@@ -1,13 +1,23 @@
 # Marionette
 Twitch extension for controlling robots remotely
 
+### Warning: This code only supports one streamer with one robot per server
 
 # Installation
 
-    cd server
-    virtualenv virtualenv
-    pip3 install -r requirements.txt
+```
+$ git clone https://github.com/strangeparts/marionette
+$ cd marionette/server
+$ virtualenv virtualenv
+```
+On linux do: `$ source virtualenv/bin/activate`
+```
+(virtualenv)$ pip3 install -r requirements.txt
+```
 
 # Run development server
 
-    gunicorn -k flask_sockets.worker --threads 5 --workers 5 -b '0.0.0.0:8000' app:app
+On linux do: `$ source virtualenv/bin/activate`
+```
+(virtualenv)$ QUART_DEBUG=1 QUART_APP=quartapp.py quart run --host 0.0.0.0 --port 8000
+```

frontend/viewer.js

@@ -2,7 +2,8 @@ let token = '';
 let tuid = '';
 
 const twitch = window.Twitch.ext;
-const buttons = ['l', 'r', 'f', 'b', 'tl', 'tr', 'CAMDOWN', 'CAMRESET', 'CAMUP'];
+const buttons = ['f', 'b', 'tl', 'tr', 'CAMDOWN', 'CAMRESET', 'CAMUP'];
+const server = location.protocol + '//localhost:8000'
 
 twitch.onContext(function (context) {
   twitch.rig.log(context);
@@ -30,7 +31,7 @@ function createRequest (type, command) {
   twitch.rig.log('createRequest(' + type + ", " + command + ")");
   return {
     type: type,
-    url: location.protocol + '//localhost:8000/command?command=' + command,
+    url: server + '/command?command=' + command,
     headers: { 'Authorization': 'Bearer ' + token },
     success: logSuccess,
     error: logError

server/TODO

@@ -1,6 +1,9 @@
 X Make buttons bigger
 X Add client authentication
-Add basic robot authentication
+X Add basic robot authentication
+X Emulate remo.tv auth sequence (make robot trust server)
+  Add support for the TTS
+  Add the capability to gate a command to only people with certain roles
 
 Deploy server to cloud
 Get the extension running on Twitch

server/config.sample.conf

@@ -0,0 +1,9 @@
+[server]
+# secret key used to sign an validate the robot tokens
+#   if this is not set correctly token-gen.py will generate one
+#   if this is set correctly token-gen.py will use it
+secret_key = put_key_generated_by_token-gen.py_here
+
+[twitch]
+#The Twitch extension secret Key
+ext_secret = put_Twitch_extension_key_here

server/quartapp.py

@@ -5,18 +5,55 @@
 import os
 
 import jwt
+from jwt.exceptions import ExpiredSignatureError, InvalidSignatureError, InvalidTokenError, MissingRequiredClaimError
+
 from quart import websocket, Quart, request, Response
 from quart_cors import cors
 
+import sys
+from configparser import ConfigParser, NoSectionError, NoOptionError
+
+
 app = Quart(__name__)
 app = cors(app)
 
 connected_websockets = set()
-
-secret = os.getenv("TWITCH_SECRET_KEY", None)
-if secret is None:
-  secret_file_path = os.path.join(os.getcwd(), "secret.key")
-  secret = base64.b64decode(open(secret_file_path).read().strip())
+# robots_con = {}
+robots_config = {}
+
+# config start
+config = ConfigParser()
+try:
+  with open('config.conf', 'r') as filepointer:
+    config.read_file(filepointer)
+  filepointer.close()
+except(IOError, FileNotFoundError):
+  print("Unable to read config.conf, check that it exists and that the program has permission to read it.")
+  sys.exit()
+
+try:
+  with open('robots.json', 'r') as filepointer:
+    robots_config = json.load(filepointer)
+  filepointer.close()
+except(IOError, FileNotFoundError):
+  print("Unable to read robots.json, check that it exists and that the program has permission to read it.")
+  sys.exit()
+
+try:
+  # To read values from config:
+  # value = config.get('section', 'key')
+
+  twitch_ext_secret = os.getenv("TWITCH_SECRET_KEY", None)
+  if twitch_ext_secret is None:
+    twitch_ext_secret = base64.b64decode(config.get('twitch', 'ext_secret'))
+    # twitch_ext_secret = base64.b64decode(open(os.path.join(os.getcwd(), "secret.key")).read().strip())
+
+  secret_key = config.get('server', 'secret_key')
+
+except(NoSectionError, NoOptionError):
+  print("Error in config.conf:", sys.exc_info()[1])
+  sys.exit()
+# config end
 
 
 def collect_websocket(func):
@@ -31,65 +68,149 @@ async def wrapper(*args, **kwargs):
       connected_websockets.remove(queue)
   return wrapper
 
+
 async def sending(queue):
   while True:
     data = await queue.get()
     await websocket.send(data)
 
-async def receiving(queue):
+
+async def receiving():
   while True:
     data = await websocket.receive()
-    await process_message(websocket, data)
+    await process_message(data)
+
 
 async def broadcast(message):
   for queue in connected_websockets:
     await queue.put(message)
 
+
 @app.websocket('/')
 @collect_websocket
 async def ws(queue):
   producer = asyncio.create_task(sending(queue))
-  consumer = asyncio.create_task(receiving(queue))
+  consumer = asyncio.create_task(receiving())
   await asyncio.gather(producer, consumer)
 
+
 @app.route('/')
 async def root():
   return 'OK'
 
+
+@app.route('/api/dev/channels/list/<host>')
+async def channels_list(host):
+  chanlist = []
+  try:
+    for rid in robots_config[host]:
+      chanlist.append({
+        "name": robots_config[host][rid]["info"]["name"],
+        "id": rid,
+        "chat": robots_config[host][rid]['info']['chat']
+      })
+  except KeyError:
+    response = Response('')
+    response.status_code = 404
+    response.headers['Access-Control-Allow-Origin'] = '*'
+    return response
+  return {"channels": chanlist}
+
+
 @app.route('/command')
 async def command():
   c = request.args.get('command')
 
   auth = request.headers.get('Authorization', '').replace('Bearer ', '')
 
-  r = jwt.decode(auth, secret, algorithms=['HS256'])
-
-  j = json.dumps({
-    'e': 'BUTTON_COMMAND',
-    'd': {
-      'button': {
-        'command': c,
-      },
-      'user': {
-        'username': 'NONEUSER',
-      },
-    },
-  })
-  await broadcast(j)
+  try:
+    t_jwt = jwt.decode(auth, twitch_ext_secret, algorithms=['HS256'],
+                       options={"require": ["channel_id", "opaque_user_id", "role"]})
+  except(InvalidSignatureError, ExpiredSignatureError, InvalidTokenError, MissingRequiredClaimError):
+    response = Response('')
+    response.status_code = 403
+    response.headers['Access-Control-Allow-Origin'] = '*'
+    return response
+
+  if t_jwt:
+    if t_jwt.get('opaque_user_id', '')[0] == 'U':
+      j = json.dumps({
+        'e': 'BUTTON_COMMAND',
+        'd': {
+          'button': {
+            'command': c,
+          },
+          'user': {
+            'username': 'NONEUSER',
+          },
+        },
+      })
+    else:
+      app.logger.debug("JWT: " + str(t_jwt))
+      response = Response('')
+      response.status_code = 403
+      response.headers['Access-Control-Allow-Origin'] = '*'
+      return response
+  else:
+    app.logger.debug("JWT: " + str(t_jwt))
+    response = Response('')
+    response.status_code = 403
+    response.headers['Access-Control-Allow-Origin'] = '*'
+    return response
+
+  await broadcast(j)  # after the websockets context issue is solved change this to send message only to target robot
   response = Response('OK')
   response.headers['Access-Control-Allow-Origin'] = '*'
   return response
 
-async def process_message(websocket, message):
+
+async def process_message(message):
+  app.logger.debug(message)
   m = json.loads(message)
   if m.get('e', '') == 'AUTHENTICATE_ROBOT':
+    try:
+      r_jwt = jwt.decode(m['d']['token'], secret_key, algorithms=['HS256'])
+    except(InvalidSignatureError, ExpiredSignatureError, InvalidTokenError):
+      e = json.dumps({
+        'e': 'INVALID_TOKEN',
+        'd': "token did not validate, check that it's correct",
+      })
+
+      await websocket.send(e)
+      # await websocket.close(1000)  not available on a quart release yet
+      return None
+
     j = json.dumps({
       'e': 'ROBOT_VALIDATED',
       'd': {
-        'host': '192.168.0.136:8000',
+        'host': r_jwt["host"],
+        'stream_key': robots_config[r_jwt["host"]][r_jwt["id"]]["info"]["stream_key"],
       },
     })
+
+    await websocket.send(j)
+    return None
+
+  # future code to copy websockets context for use to send websockets messages
+  # if m.get('e', '') == 'JOIN_CHANNEL':
+  #   robots_con[m.get('d', '')] = webaocket_context_copy
+  #   app.logger.debug(robots)
+
+  if m.get('e', '') == 'ERROR':
+    j = json.dumps({
+      'e': 'ERROR',
+      'd': m.get('d', '')
+    })
+
     await websocket.send(j)
+    # await websocket.close(1000)  not available on a quart release yet
+    return None
+
+
+# @app.cli.command('run')
+# def run():
+#   app.run(host='0.0.0.0', port=8000)  # , certfile='cert.pem', keyfile='key.pem'
+
 
 if __name__ == "__main__":
-  app.run(host='0.0.0.0')
+  app.run(host='0.0.0.0', port=8000)  # , certfile='cert.pem', keyfile='key.pem'

server/requirements.txt

@@ -2,3 +2,4 @@ quart
 quart-cors
 pyjwt
 websocket_client
+configparser