further subspace fixes

* initial changes for microsoft speech support

* remove very wordy log message

.dockerignore

@@ -0,0 +1 @@
+node_modules

Dockerfile

@@ -1,16 +1,10 @@
-FROM node:alpine as builder
-RUN apk update && apk add --no-cache python make g++
+FROM node:16
 WORKDIR /opt/app/
 COPY package.json ./
 RUN npm install
 RUN npm prune
-
-FROM node:alpine as app
-WORKDIR /opt/app
 COPY . /opt/app
-COPY --from=builder /opt/app/node_modules ./node_modules
-
 ARG NODE_ENV
 ENV NODE_ENV $NODE_ENV
 
-CMD [ "npm", "start" ]
+CMD [ "npm", "start" ]

Dockerfile.db-create

@@ -0,0 +1,10 @@
+FROM node:16
+WORKDIR /opt/app/
+COPY package.json ./
+RUN npm install
+RUN npm prune
+COPY . /opt/app
+ARG NODE_ENV
+ENV NODE_ENV $NODE_ENV
+
+CMD [ "npm", "run", "upgrade-db" ]

db/jambones-sql.sql

@@ -28,6 +28,8 @@ DROP TABLE IF EXISTS account_offers;
 
 DROP TABLE IF EXISTS products;
 
+DROP TABLE IF EXISTS schema_version;
+
 DROP TABLE IF EXISTS api_keys;
 
 DROP TABLE IF EXISTS sbc_addresses;
@@ -190,6 +192,11 @@ stripe_product_id VARCHAR(56) NOT NULL,
 PRIMARY KEY (account_offer_sid)
 );
 
+CREATE TABLE schema_version
+(
+version VARCHAR(16)
+);
+
 CREATE TABLE api_keys
 (
 api_key_sid CHAR(36) NOT NULL UNIQUE ,
@@ -411,6 +418,10 @@ disable_cdrs BOOLEAN NOT NULL DEFAULT 0,
 trial_end_date DATETIME,
 deactivated_reason VARCHAR(255),
 device_to_call_ratio INTEGER NOT NULL DEFAULT 5,
+subspace_client_id VARCHAR(255),
+subspace_client_secret VARCHAR(255),
+subspace_sip_teleport_id VARCHAR(255),
+subspace_sip_teleport_destinations VARCHAR(255),
 PRIMARY KEY (account_sid)
 ) COMMENT='An enterprise that uses the platform for comm services';
 
@@ -565,4 +576,4 @@ ALTER TABLE accounts ADD FOREIGN KEY queue_event_hook_sid_idxfk (queue_event_hoo
 
 ALTER TABLE accounts ADD FOREIGN KEY device_calling_application_sid_idxfk (device_calling_application_sid) REFERENCES applications (application_sid);
 
-SET FOREIGN_KEY_CHECKS=1;
+SET FOREIGN_KEY_CHECKS=0;

db/upgrade-jambonz-db.js

@@ -0,0 +1,74 @@
+#!/usr/bin/env node
+const assert = require('assert');
+const mysql = require('mysql2/promise');
+const {readFile} = require('fs/promises');
+const {execSync} = require('child_process');
+const {version:desiredVersion} = require('../package.json');
+const logger = require('pino')();
+
+logger.info(`upgrade-jambonz-db: desired version ${desiredVersion}`);
+
+assert.ok(process.env.JAMBONES_MYSQL_HOST, 'missing env JAMBONES_MYSQL_HOST');
+assert.ok(process.env.JAMBONES_MYSQL_DATABASE, 'missing env JAMBONES_MYSQL_DATABASE');
+assert.ok(process.env.JAMBONES_MYSQL_PASSWORD, 'missing env JAMBONES_MYSQL_PASSWORD');
+assert.ok(process.env.JAMBONES_MYSQL_USER, 'missing env JAMBONES_MYSQL_USER');
+
+const opts = {
+  host: process.env.JAMBONES_MYSQL_HOST,
+  user: process.env.JAMBONES_MYSQL_USER,
+  password: process.env.JAMBONES_MYSQL_PASSWORD,
+  database: process.env.JAMBONES_MYSQL_DATABASE,
+  port: process.env.JAMBONES_MYSQL_PORT || 3306,
+  multipleStatements: true
+};
+
+const doIt = async() => {
+  let connection;
+  try {
+    logger.info({opts}, 'connecting to mysql database..');
+    connection = await mysql.createConnection(opts);
+  } catch (err) {
+    logger.error({err}, 'Error connecting to database with provided env vars');
+    process.exit(1);
+  }
+
+  try {
+    /* does the schema exist at all ? */
+    const [r] = await connection.execute('SELECT version from schema_version');
+    if (r.length) {
+      //TODO: check against desired version and perform upgrades
+      logger.info(`current version is ${r[0].version}, no upgrade will be performed`);
+      await connection.end();
+      return;
+    }
+  } catch (err) {
+  }
+  try {
+    await createSchema(connection);
+    await seedDatabase(connection);
+    logger.info('reset admin password..');
+    execSync(`${__dirname}/../db/reset_admin_password.js`);
+    await connection.query(`INSERT into schema_version (version) values('${desiredVersion}')`);
+    logger.info('database install/upgrade complete.');
+    await connection.end();
+  } catch (err) {
+    logger.error({err}, 'Error seeding database');
+    process.exit(1);
+  }
+};
+
+const createSchema = async(connection) => {
+  logger.info('reading schema..');
+  const sql = await readFile(`${__dirname}/../db/jambones-sql.sql`, {encoding: 'utf8'});
+  logger.info('creating schema..');
+  await connection.query(sql);
+};
+
+const seedDatabase = async(connection) => {
+  const sql = await readFile(`${__dirname}/../db/seed-production-database-open-source.sql`, {encoding: 'utf8'});
+  logger.info('seeding data..');
+  await connection.query(sql);
+};
+
+doIt();
+

lib/models/account.js

@@ -296,7 +296,23 @@ Account.fields = [
   {
     name: 'disable_cdrs',
     type: 'number',
-  }
+  },
+  {
+    name: 'subspace_client_id',
+    type: 'string',
+  },
+  {
+    name: 'subspace_client_secret',
+    type: 'string',
+  },
+  {
+    name: 'subspace_sip_teleport_id',
+    type: 'string',
+  },
+  {
+    name: 'subspace_sip_teleport_destinations',
+    type: 'string',
+  },
 ];
 
 module.exports = Account;

lib/routes/api/accounts.js

@@ -12,7 +12,7 @@ const uuidv4 = require('uuid/v4');
 const snakeCase = require('../../utils/snake-case');
 const sysError = require('../error');
 const {promisePool} = require('../../db');
-const {hasAccountPermissions, parseAccountSid} = require('./utils');
+const {hasAccountPermissions, parseAccountSid, enableSubspace, disableSubspace} = require('./utils');
 const short = require('short-uuid');
 const VoipCarrier = require('../../models/voip-carrier');
 const translator = short();
@@ -371,6 +371,58 @@ router.get('/:sid/WebhookSecret', async(req, res) => {
   }
 });
 
+router.post('/:sid/SubspaceTeleport', async(req, res) => {
+  const logger = req.app.locals.logger;
+  try {
+    const service_provider_sid = req.user.hasServiceProviderAuth ? req.user.service_provider_sid : null;
+    const results = await Account.retrieve(req.params.sid, service_provider_sid);
+    if (results.length === 0) return res.status(404).end();
+    const {subspace_client_id, subspace_client_secret} = results[0];
+    const {destination} = req.body;
+    const arr = /^(.*):\d+$/.exec(destination);
+    const dest = arr ? `sip:${arr[1]}` : `sip:${destination}`;
+
+    const teleport = await enableSubspace({
+      subspace_client_id,
+      subspace_client_secret,
+      destination: `sip:${dest}`
+    });
+    logger.info({destination, teleport}, 'SubspaceTeleport - create teleport');
+    await Account.update(req.params.sid, {
+      subspace_sip_teleport_id: teleport.id,
+      subspace_sip_teleport_destinations: JSON.stringify(teleport.teleport_entry_points)//hacky
+    });
+
+    return res.status(200).json({
+      subspace_sip_teleport_id: teleport.id,
+      subspace_sip_teleport_destinations: teleport.teleport_entry_points
+    });
+  }
+  catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
+router.delete('/:sid/SubspaceTeleport', async(req, res) => {
+  const logger = req.app.locals.logger;
+  try {
+    const service_provider_sid = req.user.hasServiceProviderAuth ? req.user.service_provider_sid : null;
+    const results = await Account.retrieve(req.params.sid, service_provider_sid);
+    if (results.length === 0) return res.status(404).end();
+    const {subspace_client_id, subspace_client_secret, subspace_sip_teleport_id} = results[0];
+
+    await disableSubspace({subspace_client_id, subspace_client_secret, subspace_sip_teleport_id});
+    await Account.update(req.params.sid, {
+      subspace_sip_teleport_id: null,
+      subspace_sip_teleport_destinations: null
+    });
+    return res.sendStatus(204);
+  }
+  catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
 /* update */
 router.put('/:sid', async(req, res) => {
   const sid = req.params.sid;

lib/routes/api/speech-credentials.js

@@ -8,12 +8,24 @@ const {
   testGoogleTts,
   testGoogleStt,
   testAwsTts,
-  testAwsStt
+  testAwsStt,
+  testMicrosoftStt,
+  testMicrosoftTts
 } = require('../../utils/speech-utils');
 
 router.post('/', async(req, res) => {
   const logger = req.app.locals.logger;
-  const {use_for_stt, use_for_tts, vendor, service_key, access_key_id, secret_access_key, aws_region} = req.body;
+  const {
+    use_for_stt,
+    use_for_tts,
+    vendor,
+    service_key,
+    access_key_id,
+    secret_access_key,
+    aws_region,
+    api_key,
+    region
+  } = req.body;
   const account_sid = req.user.account_sid || req.body.account_sid;
   let service_provider_sid;
   if (!account_sid) {
@@ -47,6 +59,13 @@ router.post('/', async(req, res) => {
       });
       encrypted_credential = encrypt(data);
     }
+    else if (vendor === 'microsoft') {
+      const data = JSON.stringify({
+        region,
+        api_key
+      });
+      encrypted_credential = encrypt(data);
+    }
     else throw new DbErrorBadRequest(`invalid speech vendor ${vendor}`);
     const uuid = await SpeechCredential.make({
       account_sid,
@@ -85,6 +104,11 @@ router.get('/', async(req, res) => {
         obj.access_key_id = o.access_key_id;
         obj.secret_access_key = o.secret_access_key;
       }
+      else if ('microsoft' === obj.vendor) {
+        const o = decrypt(credential);
+        obj.api_key = o.api_key;
+        obj.region = o.region;
+      }
       return obj;
     }));
   } catch (err) {
@@ -110,6 +134,11 @@ router.get('/:sid', async(req, res) => {
       obj.access_key_id = o.access_key_id;
       obj.secret_access_key = o.secret_access_key;
     }
+    else if ('microsoft' === obj.vendor) {
+      const o = JSON.parse(decrypt(credential));
+      obj.api_key = o.api_key;
+      obj.region = o.region;
+    }
     res.status(200).json(obj);
   } catch (err) {
     sysError(logger, res, err);
@@ -239,6 +268,29 @@ router.get('/:sid/test', async(req, res) => {
         }
       }
     }
+    else if (cred.vendor === 'microsoft') {
+      const {api_key, region} = credential;
+      if (cred.use_for_tts) {
+        try {
+          await testMicrosoftTts(logger, {api_key, region});
+          results.tts.status = 'ok';
+          SpeechCredential.ttsTestResult(sid, true);
+        } catch (err) {
+          results.tts = {status: 'fail', reason: err.message};
+          SpeechCredential.ttsTestResult(sid, false);
+        }
+      }
+      if (cred.use_for_stt) {
+        try {
+          await testMicrosoftStt(logger, {api_key, region});
+          results.stt.status = 'ok';
+          SpeechCredential.sttTestResult(sid, true);
+        } catch (err) {
+          results.stt = {status: 'fail', reason: err.message};
+          SpeechCredential.sttTestResult(sid, false);
+        }
+      }
+    }
     res.status(200).json(results);
   } catch (err) {
     sysError(logger, res, err);

lib/routes/api/utils.js

@@ -1,4 +1,5 @@
 const uuid = require('uuid').v4;
+const bent = require('bent');
 const Account = require('../../models/account');
 const {promisePool} = require('../../db');
 const {cancelSubscription, detachPaymentMethod} = require('../../utils/stripe-utils');
@@ -9,6 +10,8 @@ values (?, ?)`;
 const replaceOldSubscriptionSql = `UPDATE account_subscriptions 
 SET effective_end_date = CURRENT_TIMESTAMP, change_reason = ?  
 WHERE account_subscription_sid = ?`;
+//const request = require('request');
+//require('request-debug')(request);
 
 const setupFreeTrial = async(logger, account_sid, isReturningUser) => {
   const sid = uuid();
@@ -224,6 +227,51 @@ const checkLimits = async(req, res, next) => {
   next();
 };
 
+const getSubspaceJWT = async(id, secret) => {
+  const postJwt = bent('https://id.subspace.com', 'POST', 'json', 200);
+  const jwt = await postJwt('/oauth/token',
+    {
+      client_id: id,
+      client_secret: secret,
+      audience: 'https://api.subspace.com/',
+      grant_type: 'client_credentials',
+    }
+  );
+  return jwt.access_token;
+};
+
+const enableSubspace = async(opts) => {
+  const {subspace_client_id, subspace_client_secret, destination} = opts;
+  const accessToken = await getSubspaceJWT(subspace_client_id, subspace_client_secret);
+  const postTeleport = bent('https://api.subspace.com', 'POST', 'json', 200);
+
+  const teleport = await postTeleport('/v1/sipteleport',
+    {
+      destination,
+      name: 'Jambonz'
+    },
+    {
+      'Content-Type': 'application/json',
+      Authorization: `Bearer ${accessToken}`
+    }
+  );
+
+  return teleport;
+};
+
+const disableSubspace = async(opts) => {
+  const {subspace_client_id, subspace_client_secret, subspace_sip_teleport_id} = opts;
+  const accessToken = await getSubspaceJWT(subspace_client_id, subspace_client_secret);
+  const relativeUrl = `/v1/sipteleport/${subspace_sip_teleport_id}`;
+  const deleteTeleport = bent('https://api.subspace.com', 'DELETE', 'json', 200);
+  await deleteTeleport(relativeUrl, {},
+    {
+      Authorization: `Bearer ${accessToken}`
+    }
+  );
+  return;
+};
+
 module.exports = {
   setupFreeTrial,
   createTestCdrs,
@@ -232,5 +280,7 @@ module.exports = {
   parseServiceProviderSid,
   hasAccountPermissions,
   hasServiceProviderPermissions,
-  checkLimits
+  checkLimits,
+  enableSubspace,
+  disableSubspace
 };

lib/utils/encrypt-decrypt.js

@@ -1,5 +1,5 @@
 const crypto = require('crypto');
-const algorithm = 'aes-256-cbc';
+const algorithm = process.env.LEGACY_CRYPTO ? 'aes-256-ctr' : 'aes-256-cbc';
 const iv = crypto.randomBytes(16);
 const secretKey = crypto.createHash('sha256')
   .update(String(process.env.JWT_SECRET))

lib/utils/speech-utils.js

@@ -2,6 +2,7 @@ const ttsGoogle = require('@google-cloud/text-to-speech');
 const sttGoogle = require('@google-cloud/speech').v1p1beta1;
 const Polly = require('aws-sdk/clients/polly');
 const AWS = require('aws-sdk');
+const bent = require('bent');
 const fs = require('fs');
 
 const testGoogleTts = async(logger, credentials) => {
@@ -52,9 +53,33 @@ const testAwsStt = (logger, credentials) => {
   });
 };
 
+const testMicrosoftTts = async(logger, credentials) => {
+  const {api_key, region} = credentials;
+
+  if (!api_key) throw new Error('testMicrosoftTts: credentials are missing api_key');
+  if (!region) throw new Error('testMicrosoftTts: credentials are missing region');
+  try {
+    const getJSON = bent('json', {
+      'Ocp-Apim-Subscription-Key': api_key
+    });
+    const response = await getJSON(`https://${region}.tts.speech.microsoft.com/cognitiveservices/voices/list`);
+    return response;
+  } catch (err) {
+    logger.info({err}, `testMicrosoftTts - failed to list voices for region ${region}`);
+    throw err;
+  }
+};
+
+const testMicrosoftStt = async(logger, credentials) => {
+  //TODO
+  return true;
+};
+
 module.exports = {
   testGoogleTts,
   testGoogleStt,
   testAwsTts,
-  testAwsStt
+  testAwsStt,
+  testMicrosoftTts,
+  testMicrosoftStt
 };

package.json

@@ -1,12 +1,13 @@
 {
   "name": "jambonz-api-server",
-  "version": "0.6.7-rc5",
+  "version": "v0.6.7-rc8",
   "description": "",
   "main": "app.js",
   "scripts": {
     "start": "node app.js",
     "test": "NODE_ENV=test APPLY_JAMBONZ_DB_LIMITS=1 JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_TIME_SERIES_HOST=127.0.0.1 JAMBONES_LOGLEVEL=error JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/ ",
     "integration-test": "NODE_ENV=test JAMBONES_TIME_SERIES_HOST=127.0.0.1 AWS_REGION='us-east-1' JAMBONES_CURRENCY=USD JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_LOGLEVEL=debug JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/serve-integration.js",
+    "upgrade-db": "node ./db/upgrade-jambonz-db.js",
     "coverage": "./node_modules/.bin/nyc --reporter html --report-dir ./coverage npm run test",
     "jslint": "eslint app.js lib"
   },
@@ -31,10 +32,12 @@
     "form-urlencoded": "^6.0.4",
     "jsonwebtoken": "^8.5.1",
     "mailgun.js": "^3.3.0",
+    "microsoft-cognitiveservices-speech-sdk": "^1.19.0",
     "mysql2": "^2.2.5",
     "passport": "^0.5.0",
     "passport-http-bearer": "^1.0.1",
     "pino": "^5.17.0",
+    "request-debug": "^0.2.0",
     "short-uuid": "^4.1.0",
     "stripe": "^8.138.0",
     "swagger-ui-express": "^4.1.6",

test/speech-credentials.js

@@ -7,6 +7,7 @@ const request = require('request-promise-native').defaults({
   baseUrl: 'http://127.0.0.1:3000/v1'
 });
 const {createServiceProvider, createAccount, deleteObjectBySid} = require('./utils');
+const { noopLogger } = require('@jambonz/realtimedb-helpers/lib/utils');
 
 process.on('unhandledRejection', (reason, p) => {
   console.log('Unhandled Rejection at: Promise', p, 'reason:', reason);
@@ -109,6 +110,37 @@ test('speech credentials tests', async(t) => {
     });
     t.ok(result.statusCode === 204, 'successfully deleted speech credential');
 
+    /* add a credential for microsoft */
+    if (process.env.MICROSOFT_API_KEY && process.env.MICROSOFT_REGION) {
+      result = await request.post(`/Accounts/${account_sid}/SpeechCredentials`, {
+        resolveWithFullResponse: true,
+        auth: authUser,
+        json: true,
+        body: {
+          vendor: 'microsoft',
+          use_for_tts: true,
+          api_key: process.env.MICROSOFT_API_KEY,
+          region: process.env.MICROSOFT_REGION
+        }
+      });
+      t.ok(result.statusCode === 201, 'successfully added speech credential');
+      const ms_sid = result.body.sid;
+
+      /* test the speech credential */
+      result = await request.get(`/Accounts/${account_sid}/SpeechCredentials/${ms_sid}/test`, {
+        resolveWithFullResponse: true,
+        auth: authUser,
+        json: true,   
+      });
+      console.log(JSON.stringify(result));
+
+      /* delete the credential */
+      result = await request.delete(`/Accounts/${account_sid}/SpeechCredentials/${ms_sid}`, {
+        auth: authUser,
+        resolveWithFullResponse: true,
+      });
+      t.ok(result.statusCode === 204, 'successfully deleted speech credential');
+    }
 
     await deleteObjectBySid(request, '/Accounts', account_sid);
     await deleteObjectBySid(request, '/ServiceProviders', service_provider_sid);