OLD | NEW |
(Empty) | |
| 1 (function(){ |
| 2 // Expect utf8decoder and utf8decoder to be TextEncoder('utf-8') and TextDecoder
('utf-8') respectively |
| 3 // |
| 4 // drmconfig format: |
| 5 // { <keysystem> : { "serverURL" : <the url for the server>, |
| 6 // "httpRequestHeaders" : <map of HTTP request headers>, |
| 7 // "servertype" : "microsoft" | "drmtoday",
// affects how request parameters are formed |
| 8 // "certificate" : <base64 encoded server certifi
cate> } } |
| 9 // |
| 10 |
| 11 drmtodaysecret = Uint8Array.from( [144, 34, 109, 76, 134, 7, 97, 107, 98, 251, 1
40, 28, 98, 79, 153, 222, 231, 245, 154, 226, 193, 1, 213, 207, 152, 204, 144, 1
5, 13, 2, 37, 236] ); |
| 12 |
| 13 drmconfig = { |
| 14 "com.widevine.alpha": [ { |
| 15 "serverURL": "https://lic.staging.drmtoday.com/license-proxy-widevine/ce
nc/", |
| 16 "servertype" : "drmtoday", |
| 17 "merchant" : "w3c-eme-test", |
| 18 "secret" : drmtodaysecret |
| 19 } ], |
| 20 "com.microsoft.playready": [ { |
| 21 "serverURL": "http://playready-testserver.azurewebsites.net/rightsmanage
r.asmx", |
| 22 "servertype": "microsoft", |
| 23 "sessionTypes" : [ "persistent-usage-record" ], |
| 24 "certificate" : "Q0hBSQAAAAEAAAUEAAAAAAAAAAJDRVJUAAAAAQAAAfQAAAFkAAEAAQA
AAFjt9G6KdSncCkrjbTQPN+/2AAAAAAAAAAAAAAAJIPbrW9dj0qydQFIomYFHOwbhGZVGP2ZsPwcvjh+
NFkP/////AAAAAAAAAAAAAAAAAAAAAAABAAoAAABYxw6TjIuUUmvdCcl00t4RBAAAADpodHRwOi8vcGx
heXJlYWR5LmRpcmVjdHRhcHMubmV0L3ByL3N2Yy9yaWdodHNtYW5hZ2VyLmFzbXgAAAAAAQAFAAAADAA
AAAAAAQAGAAAAXAAAAAEAAQIAAAAAADBRmRRpqV4cfRLcWz9WoXIGZ5qzD9xxJe0CSI2mXJQdPHEFZlt
rTkZtdmurwVaEI2etJY0OesCeOCzCqmEtTkcAAAABAAAAAgAAAAcAAAA8AAAAAAAAAAVEVEFQAAAAAAA
AABVNZXRlcmluZyBDZXJ0aWZpY2F0ZQAAAAAAAAABAAAAAAABAAgAAACQAAEAQGHic/IPbmLCKXxc/MH
20X/RtjhXH4jfowBWsQE1QWgUUBPFId7HH65YuQJ5fxbQJCT6Hw0iHqKzaTkefrhIpOoAAAIAW+uRUsd
aChtq/AMUI4qPlK2Bi4bwOyjJcSQWz16LAFfwibn5yHVDEgNA4cQ9lt3kS4drx7pCC+FR/YLlHBAV7EN
FUlQAAAABAAAC/AAAAmwAAQABAAAAWMk5Z0ovo2X0b2C9K5PbFX8AAAAAAAAAAAAAAARTYd1EkpFovPA
ZUjOj2doDLnHiRSfYc89Fs7gosBfar/////8AAAAAAAAAAAAAAAAAAAAAAAEABQAAAAwAAAAAAAEABgA
AAGAAAAABAAECAAAAAABb65FSx1oKG2r8AxQjio+UrYGLhvA7KMlxJBbPXosAV/CJufnIdUMSA0DhxD2
W3eRLh2vHukIL4VH9guUcEBXsAAAAAgAAAAEAAAAMAAAABwAAAZgAAAAAAAAAgE1pY3Jvc29mdAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFB
sYXlSZWFkeSBTTDAgTWV0ZXJpbmcgUm9vdCBDQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAgDEuMC4wLjEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAEACAAAAJAAAQBArAKJsEIDWNG5ulOgLvSUb8I2zZ0c5lZGYvpIO56
Z0UNk/uC4Mq3jwXQUUN6m/48V5J/vuLDhWu740aRQc1dDDAAAAgCGTWHP8iVuQixWizwoABz7PhUnZYW
EugUht5sYKNk23h2Cao/D5uf6epDVyilG8fZKLvufXc/+fkNOtEKT+sWr" |
| 25 }, |
| 26 { |
| 27 "serverURL": "http://playready.directtaps.net/pr/svc/rightsmanager.asmx"
, |
| 28 "servertype": "microsoft", |
| 29 "sessionTypes" : [ "persistent-usage-record" ], |
| 30 "certificate" : "Q0hBSQAAAAEAAAUEAAAAAAAAAAJDRVJUAAAAAQAAAfQAAAFkAAEAAQA
AAFjt9G6KdSncCkrjbTQPN+/2AAAAAAAAAAAAAAAJIPbrW9dj0qydQFIomYFHOwbhGZVGP2ZsPwcvjh+
NFkP/////AAAAAAAAAAAAAAAAAAAAAAABAAoAAABYxw6TjIuUUmvdCcl00t4RBAAAADpodHRwOi8vcGx
heXJlYWR5LmRpcmVjdHRhcHMubmV0L3ByL3N2Yy9yaWdodHNtYW5hZ2VyLmFzbXgAAAAAAQAFAAAADAA
AAAAAAQAGAAAAXAAAAAEAAQIAAAAAADBRmRRpqV4cfRLcWz9WoXIGZ5qzD9xxJe0CSI2mXJQdPHEFZlt
rTkZtdmurwVaEI2etJY0OesCeOCzCqmEtTkcAAAABAAAAAgAAAAcAAAA8AAAAAAAAAAVEVEFQAAAAAAA
AABVNZXRlcmluZyBDZXJ0aWZpY2F0ZQAAAAAAAAABAAAAAAABAAgAAACQAAEAQGHic/IPbmLCKXxc/MH
20X/RtjhXH4jfowBWsQE1QWgUUBPFId7HH65YuQJ5fxbQJCT6Hw0iHqKzaTkefrhIpOoAAAIAW+uRUsd
aChtq/AMUI4qPlK2Bi4bwOyjJcSQWz16LAFfwibn5yHVDEgNA4cQ9lt3kS4drx7pCC+FR/YLlHBAV7EN
FUlQAAAABAAAC/AAAAmwAAQABAAAAWMk5Z0ovo2X0b2C9K5PbFX8AAAAAAAAAAAAAAARTYd1EkpFovPA
ZUjOj2doDLnHiRSfYc89Fs7gosBfar/////8AAAAAAAAAAAAAAAAAAAAAAAEABQAAAAwAAAAAAAEABgA
AAGAAAAABAAECAAAAAABb65FSx1oKG2r8AxQjio+UrYGLhvA7KMlxJBbPXosAV/CJufnIdUMSA0DhxD2
W3eRLh2vHukIL4VH9guUcEBXsAAAAAgAAAAEAAAAMAAAABwAAAZgAAAAAAAAAgE1pY3Jvc29mdAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgFB
sYXlSZWFkeSBTTDAgTWV0ZXJpbmcgUm9vdCBDQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAgDEuMC4wLjEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAEACAAAAJAAAQBArAKJsEIDWNG5ulOgLvSUb8I2zZ0c5lZGYvpIO56
Z0UNk/uC4Mq3jwXQUUN6m/48V5J/vuLDhWu740aRQc1dDDAAAAgCGTWHP8iVuQixWizwoABz7PhUnZYW
EugUht5sYKNk23h2Cao/D5uf6epDVyilG8fZKLvufXc/+fkNOtEKT+sWr" |
| 31 }, |
| 32 { |
| 33 "serverURL": "https://lic.staging.drmtoday.com/license-proxy-headerauth/
drmtoday/RightsManager.asmx", |
| 34 "servertype" : "drmtoday", |
| 35 "sessionTypes" : [ "temporary", "persistent-usage-record", "persistent-l
icense" ], |
| 36 "merchant" : "w3c-eme-test", |
| 37 "secret" : drmtodaysecret |
| 38 } ] |
| 39 }; |
| 40 |
| 41 |
| 42 var keySystemWrappers = { |
| 43 // Key System wrappers map messages and pass to a handler, then map the resp
onse and return to caller |
| 44 // |
| 45 // function wrapper(handler, messageType, message, params) |
| 46 // |
| 47 // where: |
| 48 // Promise<response> handler(messageType, message, responseType, header
s, params); |
| 49 // |
| 50 |
| 51 'com.widevine.alpha': function(handler, messageType, message, params) { |
| 52 return handler.call(this, messageType, new Uint8Array(message), 'json',
null, params).then(function(response){ |
| 53 return base64DecodeToUnit8Array(response.license); |
| 54 }); |
| 55 }, |
| 56 |
| 57 'com.microsoft.playready': function(handler, messageType, message, params) { |
| 58 var msg, xmlDoc; |
| 59 var licenseRequest = null; |
| 60 var headers = {}; |
| 61 var parser = new DOMParser(); |
| 62 var dataview = new Uint16Array(message); |
| 63 |
| 64 msg = String.fromCharCode.apply(null, dataview); |
| 65 xmlDoc = parser.parseFromString(msg, 'application/xml'); |
| 66 |
| 67 if (xmlDoc.getElementsByTagName('Challenge')[0]) { |
| 68 var challenge = xmlDoc.getElementsByTagName('Challenge')[0].childNod
es[0].nodeValue; |
| 69 if (challenge) { |
| 70 licenseRequest = atob(challenge); |
| 71 } |
| 72 } |
| 73 |
| 74 var headerNameList = xmlDoc.getElementsByTagName('name'); |
| 75 var headerValueList = xmlDoc.getElementsByTagName('value'); |
| 76 for (var i = 0; i < headerNameList.length; i++) { |
| 77 headers[headerNameList[i].childNodes[0].nodeValue] = headerValueList
[i].childNodes[0].nodeValue; |
| 78 } |
| 79 // some versions of the PlayReady CDM return 'Content' instead of 'Conte
nt-Type', |
| 80 // but the license server expects 'Content-Type', so we fix it up here. |
| 81 if (headers.hasOwnProperty('Content')) { |
| 82 headers['Content-Type'] = headers.Content; |
| 83 delete headers.Content; |
| 84 } |
| 85 |
| 86 return handler.call(this, messageType, licenseRequest, 'arraybuffer', he
aders, params).catch(function(response){ |
| 87 return response.text().then( function( error ) { throw error; } ); |
| 88 }); |
| 89 } |
| 90 }; |
| 91 |
| 92 const requestConstructors = { |
| 93 // Server request construction functions |
| 94 // |
| 95 // Promise<request> constructRequest(config, sessionType, content, messageTy
pe, message, params) |
| 96 // |
| 97 // request = { url: ..., headers: ..., body: ... } |
| 98 // |
| 99 // content = { assetId: ..., variantId: ..., key: ... } |
| 100 // params = { expiration: ... } |
| 101 |
| 102 'drmtoday': function(config, sessionType, content, messageType, message, hea
ders, params) { |
| 103 var optData = JSON.stringify({merchant: config.merchant, userId:"12345",
sessionId:""}); |
| 104 var crt = {}; |
| 105 if (messageType === 'license-request') { |
| 106 crt = {assetId: content.assetId, |
| 107 outputProtection: {digital : false, analogue: false, enforce
: false}, |
| 108 storeLicense: (sessionType === 'persistent-license')}; |
| 109 |
| 110 if (!params || params.expiration === undefined) { |
| 111 crt.profile = {purchase: {}}; |
| 112 } else { |
| 113 crt.profile = {rental: {absoluteExpiration: (new Date(params.exp
iration)).toISOString(), |
| 114 playDuration: 3600000 } }; |
| 115 } |
| 116 |
| 117 if (content.variantId !== undefined) { |
| 118 crt.variantId = content.variantId; |
| 119 } |
| 120 } |
| 121 |
| 122 return JWT.encode("HS256", {optData: optData, crt: JSON.stringify([crt])
}, config.secret).then(function(jwt){ |
| 123 headers = headers || {}; |
| 124 headers['x-dt-auth-token'] = jwt; |
| 125 return {url: config.serverURL, headers: headers, body: message}; |
| 126 }); |
| 127 }, |
| 128 |
| 129 'microsoft': function(config, sessionType, content, messageType, message, he
aders, params) { |
| 130 var url = config.serverURL; |
| 131 if (messageType === 'license-request') { |
| 132 url += "?"; |
| 133 if (sessionType === 'temporary' || sessionType === 'persistent-usage
-record') { |
| 134 url += "UseSimpleNonPersistentLicense=1&"; |
| 135 } |
| 136 if (sessionType === 'persistent-usage-record') { |
| 137 url += "SecureStop=1&"; |
| 138 } |
| 139 url += "PlayEnablers=B621D91F-EDCC-4035-8D4B-DC71760D43E9&"; // d
isable output protection |
| 140 url += "ContentKey=" + btoa(String.fromCharCode.apply(null, content.
key)); |
| 141 return url; |
| 142 } |
| 143 |
| 144 // TODO: Include expiration time in URL |
| 145 return Promise.resolve({url: url, headers: headers, body: message}); |
| 146 } |
| 147 }; |
| 148 |
| 149 MessageHandler = function(keysystem, content, sessionType) { |
| 150 sessionType = sessionType || "temporary"; |
| 151 |
| 152 this._keysystem = keysystem; |
| 153 this._content = content; |
| 154 this._sessionType = sessionType; |
| 155 try { |
| 156 this._drmconfig = drmconfig[this._keysystem].filter(function(drmconfig)
{ |
| 157 return drmconfig.sessionTypes === undefined || (drmconfig.sessionTyp
es.indexOf(sessionType) !== -1); |
| 158 })[0]; |
| 159 this._requestConstructor = requestConstructors[this._drmconfig.servertyp
e]; |
| 160 |
| 161 this.messagehandler = keySystemWrappers[keysystem].bind(this, MessageHan
dler.prototype.messagehandler); |
| 162 |
| 163 if (this._drmconfig && this._drmconfig.certificate) { |
| 164 this.servercertificate = stringToUint8Array(atob(this._drmconfig.cer
tificate)); |
| 165 } |
| 166 } catch(e) { |
| 167 return null; |
| 168 } |
| 169 } |
| 170 |
| 171 MessageHandler.prototype.messagehandler = function messagehandler(messageType, m
essage, responseType, headers, params) { |
| 172 |
| 173 var variantId = params ? params.variantId : undefined; |
| 174 var key; |
| 175 if( variantId ) { |
| 176 var keys = this._content.keys.filter(function(k){return k.variantId ===
variantId;}); |
| 177 if (keys[0]) key = keys[0].key; |
| 178 } |
| 179 if (!key) { |
| 180 key = this._content.keys[0].key; |
| 181 } |
| 182 |
| 183 var content = {assetId: this._content.assetId, |
| 184 variantId: variantId, |
| 185 key: key}; |
| 186 |
| 187 return this._requestConstructor(this._drmconfig, this._sessionType, content,
messageType, message, headers, params).then(function(request){ |
| 188 return fetch(request.url, { |
| 189 method: 'POST', |
| 190 headers: request.headers, |
| 191 body: request.body }); |
| 192 }).then(function(fetchresponse){ |
| 193 if(fetchresponse.status !== 200) { |
| 194 throw fetchresponse; |
| 195 } |
| 196 |
| 197 if(responseType === 'json') { |
| 198 return fetchresponse.json(); |
| 199 } else if(responseType === 'arraybuffer') { |
| 200 return fetchresponse.arrayBuffer(); |
| 201 } |
| 202 }); |
| 203 } |
| 204 |
| 205 })(); |
| 206 |
| 207 (function() { |
| 208 |
| 209 var subtlecrypto = window.crypto.subtle; |
| 210 |
| 211 // Encoding / decoding utilities |
| 212 function b64pad(b64) { return b64+"==".substr(0,(b64.length%4)?(4-b64
.length%4):0); } |
| 213 function str2b64url(str) { return btoa(str).replace(/=+$/g, '').replace(/
\+/g, "-").replace(/\//g, "_"); } |
| 214 function b64url2str(b64) { return atob(b64pad(b64.replace(/\-/g, "+").rep
lace(/\_/g, "/"))); } |
| 215 function str2ab(str) { return Uint8Array.from( str.split(''), functio
n(s){return s.charCodeAt(0)} ); } |
| 216 function ab2str(ab) { return String.fromCharCode.apply(null, new Uin
t8Array(ab)); } |
| 217 |
| 218 function jwt2webcrypto(alg) { |
| 219 if (alg === "HS256") return {name: "HMAC", hash: "SHA-256", length: 256}
; |
| 220 else if (alg === "HS384") return { name: "HMAC", hash: "SHA-384", length
: 384}; |
| 221 else if (alg === "HS512") return { name: "HMAC", hash: "SHA-512", length
: 512}; |
| 222 else throw new Error("Unrecognized JWT algorithm: " + alg); |
| 223 } |
| 224 |
| 225 JWT = { |
| 226 encode: function encode(alg, claims, secret) { |
| 227 var algorithm = jwt2webcrypto(alg); |
| 228 if (secret.byteLength !== algorithm.length / 8) throw new Error("Une
xpected secret length: " + secret.byteLength); |
| 229 |
| 230 if (!claims.iat) claims.iat = ((Date.now() / 1000) | 0) - 60; |
| 231 if (!claims.jti) { |
| 232 var nonce = new Uint8Array(16); |
| 233 window.crypto.getRandomValues(nonce); |
| 234 claims.jti = str2b64url( ab2str(nonce) ); |
| 235 } |
| 236 |
| 237 var header = {typ: "JWT", alg: alg}; |
| 238 var plaintext = str2b64url(JSON.stringify(header)) + '.' + str2b64ur
l(JSON.stringify(claims)); |
| 239 return subtlecrypto.importKey("raw", secret, algorithm, false, [ "si
gn" ]).then( function(key) { |
| 240 return subtlecrypto.sign(algorithm, key, str2ab(plaintext)); |
| 241 }).then(function(hmac){ |
| 242 return plaintext + '.' + str2b64url(ab2str(hmac)); |
| 243 }); |
| 244 }, |
| 245 |
| 246 decode: function decode(jwt, secret) { |
| 247 var jwtparts = jwt.split('.'); |
| 248 var header = JSON.parse( b64url2str(jwtparts[0])); |
| 249 var claims = JSON.parse( b64url2str(jwtparts[1])); |
| 250 var hmac = str2ab(b64url2str(jwtparts[2])); |
| 251 var algorithm = jwt2webcrypto(header.alg); |
| 252 if (secret.byteLength !== algorithm.length / 8) throw new Error("Une
xpected secret length: " + secret.byteLength); |
| 253 |
| 254 return subtlecrypto.importKey("raw", secret, algorithm, false, ["sig
n", "verify"]).then(function(key) { |
| 255 return subtlecrypto.verify(algorithm, key, hmac, str2ab(jwtparts
[0] + '.' + jwtparts[1])); |
| 256 }).then(function(success){ |
| 257 if (!success) throw new Error("Invalid signature"); |
| 258 return claims; |
| 259 }); |
| 260 } |
| 261 }; |
| 262 })(); |
OLD | NEW |