Adds "maximumOpenMediaKeySessions" to Settings for configurable maximum number of KeySessions (Dash-Industry-Forum#4817)

gorkemg · web-flow · commit d9836b5834b8 · 2025-08-25T10:54:15.000+02:00
* Added "maximumOpenMediaKeySessions" to Settings under protection

* If keepProtectionMediaKeys is enabled and the maximumOpenMediaKeySessions setting has a valid number, then the oldest MediaKeySession will be closed when the maximum number of sessions is reached.

* Added check if "settings" is available

* Added tests for new maximumOpenMediaKeySessions setting. ProtectionModelMock gained mock session handling functions.

* Renamed maximumOpenMediaKeySessions to keepProtectionMediaKeysMaximumOpenSessions and Default value now is -1. Additionally, a warning is logged, when keepProtectionMediaKeysMaximumOpenSessions is set, but keepProtectionMediaKeys is disabled.

* Added "keepProtectionMediaKeysMaximumOpenSessions" to index.d.ts and fixed description of keepProtectionMediaKeys in Settings. Additionally, moved implementation to limit MediaKeySessions to a new function called "_enforceMediaKeySessionLimit()" in ProtectionController.
diff --git a/index.d.ts b/index.d.ts
@@ -1673,6 +1673,7 @@ declare namespace dashjs {
             },
             protection?: {
                 keepProtectionMediaKeys?: boolean,
+                keepProtectionMediaKeysMaximumOpenSessions?: number,
                 ignoreEmeEncryptedEvent?: boolean,
                 detectPlayreadyMessageFormat?: boolean,
                 ignoreKeyStatuses?: boolean,
diff --git a/src/core/Settings.js b/src/core/Settings.js
@@ -103,6 +103,7 @@ import Events from './events/Events.js';
  *            },
  *            protection: {
  *                keepProtectionMediaKeys: false,
+ *                keepProtectionMediaKeysMaximumOpenSessions: -1,
  *                ignoreEmeEncryptedEvent: false,
  *                detectPlayreadyMessageFormat: true,
  *                ignoreKeyStatuses: false
@@ -689,8 +690,11 @@ import Events from './events/Events.js';
  * @typedef {Object} Protection
  * @property {boolean} [keepProtectionMediaKeys=false]
  * Set the value for the ProtectionController and MediaKeys life cycle.
- *
  * If true, the ProtectionController and then created MediaKeys and MediaKeySessions will be preserved during the MediaPlayer lifetime.
+ *
+ * @property {number} [keepProtectionMediaKeysMaximumOpenSessions=-1]
+ * Maximum number of open MediaKeySessions, when keepProtectionMediaKeys is enabled. If set, dash.js will close the oldest sessions when the limit is exceeded. -1 means unlimited.
+ * 
  * @property {boolean} [ignoreEmeEncryptedEvent=false]
  * If set to true the player will ignore "encrypted" and "needkey" events thrown by the EME.
  *
@@ -1144,6 +1148,7 @@ function Settings() {
             },
             protection: {
                 keepProtectionMediaKeys: false,
+                keepProtectionMediaKeysMaximumOpenSessions: -1,
                 ignoreEmeEncryptedEvent: false,
                 detectPlayreadyMessageFormat: true,
                 ignoreKeyStatuses: false
diff --git a/src/streaming/protection/controllers/ProtectionController.js b/src/streaming/protection/controllers/ProtectionController.js
@@ -384,6 +384,9 @@ function ProtectionController(config) {
             return;
         }
 
+        // Enforce maximum number of open MediaKeySessions, if settings are provided
+        _enforceMediaKeySessionLimit();
+
         const initDataForKS = CommonEncryption.getPSSHForKeySystem(selectedKeySystem, keySystemMetadata ? keySystemMetadata.initData : null);
         if (initDataForKS) {
 
@@ -411,6 +414,33 @@ function ProtectionController(config) {
         }
     }
 
+    /**
+     * Enforces the maximum number of open MediaKeySessions, if settings are provided.
+     * @description This method checks the current number of open sessions and closes the oldest session if the limit is reached.
+     * @requires keepProtectionMediaKeys is enabled and keepProtectionMediaKeysMaximumOpenSessions is set with a positive value.
+     * @private
+     */
+    function _enforceMediaKeySessionLimit() {
+        if (!settings) { return; }
+        const isKeepProtectionMediaKeysEnabled = settings.get().streaming.protection.keepProtectionMediaKeys;
+        const maxSessions = settings.get().streaming.protection.keepProtectionMediaKeysMaximumOpenSessions;
+        if (typeof maxSessions !== 'number' || maxSessions <= 0) { return; }
+        if (!isKeepProtectionMediaKeysEnabled) {
+            logger.warn('DRM: keepProtectionMediaKeysMaximumOpenSessions is set to ' + maxSessions + ', but keepProtectionMediaKeys is not enabled. Therefore, keepProtectionMediaKeysMaximumOpenSessions will be ignored.');
+            return;
+        }
+        // Ensure protectionModel is available before accessing sessions
+        if (!protectionModel || typeof protectionModel.getSessionTokens !== 'function') { return; }
+        const sessionTokens = protectionModel.getSessionTokens() || [];
+        if (sessionTokens.length < maxSessions) { return; }
+        // Limit reached. Close the oldest session to make room for a new one.
+        const oldestSession = sessionTokens[0];
+        if (oldestSession) {
+            logger.info('DRM: Maximum number of open MediaKeySessions reached (' + maxSessions + '), closing oldest session.');
+            closeKeySession(oldestSession);
+        }
+    }
+
     /**
      * Returns the protectionData for a specific keysystem as specified by the application.
      * @param {object} keySystem
diff --git a/test/unit/mocks/ProtectionModelMock.js b/test/unit/mocks/ProtectionModelMock.js
@@ -3,6 +3,9 @@ import DashJSError from '../../../src/streaming/vo/DashJSError.js';
 
 function ProtectionModelMock (config) {
 
+    let sessions = [];
+    let nextId = 0;
+
     this.setServerCertificate = function (/*elt*/) {
         config.eventBus.trigger(config.events.SERVER_CERTIFICATE_UPDATED, {error: new DashJSError(ProtectionErrors.SERVER_CERTIFICATE_UPDATED_ERROR_CODE, ProtectionErrors.SERVER_CERTIFICATE_UPDATED_ERROR_MESSAGE)});
     };
@@ -11,11 +14,38 @@ function ProtectionModelMock (config) {
     };
 
     this.reset = function () {
+        sessions = []; 
+        nextId = 0;
     };
 
     this.requestKeySystemAccess = function () {
         return Promise.resolve();
     };
+
+    this.getSessionTokens = function () { return sessions; };
+    this.createKeySession = function (keySystemMetadata) {
+        const keyId = keySystemMetadata && keySystemMetadata.keyId !== undefined ? keySystemMetadata.keyId : nextId;
+        const sessionType = keySystemMetadata && keySystemMetadata.sessionType ? keySystemMetadata.sessionType : 'temporary';
+        const sessionId = keySystemMetadata && keySystemMetadata.sessionId ? keySystemMetadata.sessionId : null;
+        const session = {
+            id: nextId++,
+            keyId: keyId,
+            initData: keySystemMetadata.initData,
+            sessionType: sessionType,
+            sessionId: sessionId,
+            hasTriggeredKeyStatusMapUpdate: false,
+            getKeyId: function() { return this.keyId; },
+            getSessionId: function() { return this.sessionId; },
+            getSessionType: function() { return this.sessionType; }
+        };
+        sessions.push(session);
+    };
+    this.closeKeySession = function (session) {
+        const idx = sessions.findIndex(s => s.id === session.id);
+        if (idx !== -1) {
+            sessions.splice(idx, 1);
+        }
+    };
 }
 
 export default ProtectionModelMock;
diff --git a/test/unit/test/streaming/streaming.protection.controllers.ProtectionController.js b/test/unit/test/streaming/streaming.protection.controllers.ProtectionController.js
@@ -6,6 +6,7 @@ import EventBus from '../../../../src/core/EventBus.js';
 import DebugMock from '../../mocks/DebugMock.js';
 import ProtectionKeyControllerMock from '../../mocks/ProtectionKeyControllerMock.js';
 import ProtectionModelMock from '../../mocks/ProtectionModelMock.js';
+import CommonEncryption from '../../../../src/streaming/protection/CommonEncryption.js';
 
 import {expect} from 'chai';
 const context = {};
@@ -66,15 +67,20 @@ describe('ProtectionController', function () {
     });
 
     describe('Well initialized', function () {
+        let protectionModelMock, settingsMock;
+
         beforeEach(function () {
             const protectionKeyControllerMock = new ProtectionKeyControllerMock();
+            settingsMock = { get: () => ({ streaming: { protection: {} } }) };
+            protectionModelMock = new ProtectionModelMock({ events: ProtectionEvents, eventBus: eventBus });
             protectionController = ProtectionController(context).create({
                 protectionKeyController: protectionKeyControllerMock,
                 events: ProtectionEvents,
                 debug: new DebugMock(),
-                protectionModel: new ProtectionModelMock({ events: ProtectionEvents, eventBus: eventBus }),
+                protectionModel: protectionModelMock,
                 eventBus: eventBus,
-                constants: Constants
+                constants: Constants,
+                settings: settingsMock
             });
         });
 
@@ -129,5 +135,67 @@ describe('ProtectionController', function () {
             expect(keySystems).not.to.be.empty;
         });
 
+        // tests for keepProtectionMediaKeysMaximumOpenSessions feature
+        it('should close the oldest session when the maximum is reached and keepProtectionMediaKeys is true', function () {
+            settingsMock.get = () => ({
+                streaming: {
+                    protection: {
+                        keepProtectionMediaKeys: true,
+                        keepProtectionMediaKeysMaximumOpenSessions: 2
+                    }
+                }
+            });
+            CommonEncryption.getPSSHForKeySystem = (selectedKeySystem, initData) => initData;
+            protectionController.selectedKeySystem = { systemString: 'mock-system' };
+
+            protectionController.createKeySession({ initData: new ArrayBuffer(8), keyId: 'session-1', sessionType: 'temporary' });
+            protectionController.createKeySession({ initData: new ArrayBuffer(16), keyId: 'session-2', sessionType: 'temporary' });
+            // add third session, should close the first one
+            protectionController.createKeySession({ initData: new ArrayBuffer(24), keyId: 'session-3', sessionType: 'temporary' });
+
+            expect(protectionModelMock.getSessionTokens().length, 'Session count should still be 2').to.equal(2);
+            expect(protectionModelMock.getSessionTokens().map(s => s.keyId)).to.deep.equal(['session-2', 'session-3']);
+        });
+
+        it('should add a session if keepProtectionMediaKeys is false', function () {
+            settingsMock.get = () => ({
+                streaming: {
+                    protection: {
+                        keepProtectionMediaKeys: false,
+                        keepProtectionMediaKeysMaximumOpenSessions: 2
+                    }
+                }
+            });
+            CommonEncryption.getPSSHForKeySystem = (selectedKeySystem, initData) => initData;
+            protectionController.selectedKeySystem = { systemString: 'mock-system' };
+
+            expect(protectionModelMock.getSessionTokens().length).to.equal(0);
+            protectionController.createKeySession({ initData: new ArrayBuffer(8), keyId: 'session-1', sessionType: 'temporary' });
+            protectionController.createKeySession({ initData: new ArrayBuffer(16), keyId: 'session-2', sessionType: 'temporary' });
+            protectionController.createKeySession({ initData: new ArrayBuffer(24), keyId: 'session-3', sessionType: 'temporary' });
+            expect(protectionModelMock.getSessionTokens().length).to.equal(3);
+            expect(protectionModelMock.getSessionTokens().map(s => s.keyId)).to.deep.equal(['session-1', 'session-2', 'session-3']);
+        });
+
+        it('should not close any session if keepProtectionMediaKeys is true, but keepProtectionMediaKeysMaximumOpenSessions is not set', function () {
+            settingsMock.get = () => ({
+                streaming: {
+                    protection: {
+                        keepProtectionMediaKeys: true
+                        // keepProtectionMediaKeysMaximumOpenSessions is undefined
+                    }
+                }
+            });
+            CommonEncryption.getPSSHForKeySystem = (selectedKeySystem, initData) => initData;
+            protectionController.selectedKeySystem = { systemString: 'mock-system' };
+
+            expect(protectionModelMock.getSessionTokens().length).to.equal(0);
+            protectionController.createKeySession({ initData: new ArrayBuffer(8), keyId: 'session-1', sessionType: 'temporary' });
+            protectionController.createKeySession({ initData: new ArrayBuffer(16), keyId: 'session-2', sessionType: 'temporary' });
+            protectionController.createKeySession({ initData: new ArrayBuffer(24), keyId: 'session-3', sessionType: 'temporary' });
+            expect(protectionModelMock.getSessionTokens().length).to.equal(3);
+            expect(protectionModelMock.getSessionTokens().map(s => s.keyId)).to.deep.equal(['session-1', 'session-2', 'session-3']);
+        });
+
     });
 });
