From 9bce0aea181c1ac26e33cfb6ff1340c09637e204 Mon Sep 17 00:00:00 2001 From: Neil Burrows Date: Sat, 7 Nov 2020 10:49:54 +0000 Subject: [PATCH 1/4] self.TextEncoder will never exist, so remove invalid check --- src/components/tvproviders/schedulesdirect.js | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/components/tvproviders/schedulesdirect.js b/src/components/tvproviders/schedulesdirect.js index de469e1845..87bf2c2980 100644 --- a/src/components/tvproviders/schedulesdirect.js +++ b/src/components/tvproviders/schedulesdirect.js @@ -84,9 +84,6 @@ export default function (page, providerId, options) { } function sha256(str) { - if (!self.TextEncoder) { - return Promise.resolve(''); - } const buffer = new TextEncoder('utf-8').encode(str); return crypto.subtle.digest('SHA-256', buffer).then(function (hash) { From 536effbc1a2a84421ab48e0ac62291255ddafba3 Mon Sep 17 00:00:00 2001 From: Neil Burrows Date: Sat, 7 Nov 2020 10:50:11 +0000 Subject: [PATCH 2/4] SchedulesDirect requires sha1 of password, not sha256 --- src/components/tvproviders/schedulesdirect.js | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/src/components/tvproviders/schedulesdirect.js b/src/components/tvproviders/schedulesdirect.js index 87bf2c2980..83e244b749 100644 --- a/src/components/tvproviders/schedulesdirect.js +++ b/src/components/tvproviders/schedulesdirect.js @@ -83,10 +83,9 @@ export default function (page, providerId, options) { loading.hide(); } - function sha256(str) { - + function sha1(str) { const buffer = new TextEncoder('utf-8').encode(str); - return crypto.subtle.digest('SHA-256', buffer).then(function (hash) { + return crypto.subtle.digest('SHA-1', buffer).then(function (hash) { return hex(hash); }); } @@ -107,13 +106,12 @@ export default function (page, providerId, options) { function submitLoginForm() { loading.show(); - sha256(page.querySelector('.txtPass').value).then(function (passwordHash) { + sha1(page.querySelector('.txtPass').value).then(function (passwordHash) { const info = { Type: 'SchedulesDirect', Username: page.querySelector('.txtUser').value, EnableAllTuners: true, - Password: passwordHash, - Pw: page.querySelector('.txtPass').value + Password: passwordHash }; const id = providerId; From adb9f209bbec20270aebaf8a8c4bdffe399f4caf Mon Sep 17 00:00:00 2001 From: Neil Burrows Date: Sun, 8 Nov 2020 12:32:35 +0000 Subject: [PATCH 3/4] Switch to sending plaintext password and remove Hashing code --- src/components/tvproviders/schedulesdirect.js | 59 ++++++++----------- 1 file changed, 25 insertions(+), 34 deletions(-) diff --git a/src/components/tvproviders/schedulesdirect.js b/src/components/tvproviders/schedulesdirect.js index 83e244b749..1050558808 100644 --- a/src/components/tvproviders/schedulesdirect.js +++ b/src/components/tvproviders/schedulesdirect.js @@ -83,13 +83,6 @@ export default function (page, providerId, options) { loading.hide(); } - function sha1(str) { - const buffer = new TextEncoder('utf-8').encode(str); - return crypto.subtle.digest('SHA-1', buffer).then(function (hash) { - return hex(hash); - }); - } - function hex(buffer) { const hexCodes = []; const view = new DataView(buffer); @@ -106,35 +99,33 @@ export default function (page, providerId, options) { function submitLoginForm() { loading.show(); - sha1(page.querySelector('.txtPass').value).then(function (passwordHash) { - const info = { - Type: 'SchedulesDirect', - Username: page.querySelector('.txtUser').value, - EnableAllTuners: true, - Password: passwordHash - }; - const id = providerId; + const info = { + Type: 'SchedulesDirect', + Username: page.querySelector('.txtUser').value, + EnableAllTuners: true, + Password: page.querySelector('.txtPass').value + }; + const id = providerId; - if (id) { - info.Id = id; - } + if (id) { + info.Id = id; + } - ApiClient.ajax({ - type: 'POST', - url: ApiClient.getUrl('LiveTv/ListingProviders', { - ValidateLogin: true - }), - data: JSON.stringify(info), - contentType: 'application/json', - dataType: 'json' - }).then(function (result) { - Dashboard.processServerConfigurationUpdateResult(); - providerId = result.Id; - reload(); - }, function () { - Dashboard.alert({ // ApiClient.ajax() error handler - message: globalize.translate('ErrorSavingTvProvider') - }); + ApiClient.ajax({ + type: 'POST', + url: ApiClient.getUrl('LiveTv/ListingProviders', { + ValidateLogin: true + }), + data: JSON.stringify(info), + contentType: 'application/json', + dataType: 'json' + }).then(function (result) { + Dashboard.processServerConfigurationUpdateResult(); + providerId = result.Id; + reload(); + }, function () { + Dashboard.alert({ // ApiClient.ajax() error handler + message: globalize.translate('ErrorSavingTvProvider') }); }); } From 3a1a47cb6c2c5a86c8ef2bec1bb76c034f350544 Mon Sep 17 00:00:00 2001 From: Neil Burrows Date: Sun, 8 Nov 2020 12:41:27 +0000 Subject: [PATCH 4/4] Removed another function that is no longer required `hex()` --- src/components/tvproviders/schedulesdirect.js | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/src/components/tvproviders/schedulesdirect.js b/src/components/tvproviders/schedulesdirect.js index 1050558808..80de91bd80 100644 --- a/src/components/tvproviders/schedulesdirect.js +++ b/src/components/tvproviders/schedulesdirect.js @@ -83,20 +83,6 @@ export default function (page, providerId, options) { loading.hide(); } - function hex(buffer) { - const hexCodes = []; - const view = new DataView(buffer); - - for (let i = 0; i < view.byteLength; i += 4) { - const value = view.getUint32(i); - const stringValue = value.toString(16); - const paddedValue = ('00000000' + stringValue).slice(-'00000000'.length); - hexCodes.push(paddedValue); - } - - return hexCodes.join(''); - } - function submitLoginForm() { loading.show(); const info = {