[WIP] UniFFI trial

Cargo.toml

@@ -5,6 +5,7 @@ members = [
     "livekit-api",
     "livekit-protocol",
     "livekit-ffi",
+    "livekit-uniffi",
     "livekit-runtime",
     "libwebrtc",
     "soxr-sys",
@@ -25,7 +26,7 @@ members = [
     "examples/save_to_disk",
     "examples/send_bytes",
     "examples/webhooks",
-    "examples/wgpu_room",
+    "examples/wgpu_room"
 ]
 
 [workspace.dependencies]

licenserc.toml

@@ -13,10 +13,12 @@ excludes = [
     "NOTICE",
     ".github",
     "*.toml",
+    "!Makefile.toml",
     "*.txt",
     # Generated files
     "livekit-protocol/src/livekit.rs",
     "livekit-protocol/src/livekit.serde.rs",
+    "livekit-uniffi/packages"
 ]
 
 [mapping.DOUBLESLASH_STYLE]

livekit-api/src/access_token.rs

@@ -151,6 +151,24 @@ pub struct Claims {
     pub room_config: Option<livekit_protocol::RoomConfiguration>,
 }
 
+impl Claims {
+    pub fn from_unverified(token: &str) -> Result<Self, AccessTokenError> {
+        let mut validation = jsonwebtoken::Validation::new(jsonwebtoken::Algorithm::HS256);
+        validation.validate_exp = true;
+        validation.validate_nbf = true;
+        validation.set_required_spec_claims::<String>(&[]);
+        validation.insecure_disable_signature_validation();
+
+        let token = jsonwebtoken::decode::<Claims>(
+            token,
+            &DecodingKey::from_secret(&[]),
+            &validation,
+        )?;
+
+        Ok(token.claims)
+    }
+}
+
 #[derive(Clone)]
 pub struct AccessToken {
     api_key: String,
@@ -299,10 +317,6 @@ impl TokenVerifier {
     pub fn verify(&self, token: &str) -> Result<Claims, AccessTokenError> {
         let mut validation = jsonwebtoken::Validation::new(jsonwebtoken::Algorithm::HS256);
         validation.validate_exp = true;
-        #[cfg(test)] // FIXME: TEST_TOKEN is expired, TODO: generate TEST_TOKEN at test runtime
-        {
-            validation.validate_exp = false;
-        }
         validation.validate_nbf = true;
         validation.set_issuer(&[&self.api_key]);
 
@@ -320,7 +334,7 @@ impl TokenVerifier {
 mod tests {
     use std::time::Duration;
 
-    use super::{AccessToken, TokenVerifier, VideoGrants};
+    use super::{AccessToken, Claims, TokenVerifier, VideoGrants};
 
     const TEST_API_KEY: &str = "myapikey";
     const TEST_API_SECRET: &str = "thiskeyistotallyunsafe";
@@ -383,4 +397,44 @@ mod tests {
             claims
         );
     }
+
+    #[test]
+    fn test_unverified_token() {
+        let claims = Claims::from_unverified(TEST_TOKEN).expect("Failed to parse token");
+
+        assert_eq!(claims.sub, "identity");
+        assert_eq!(claims.name, "name");
+        assert_eq!(claims.iss, TEST_API_KEY);
+        assert_eq!(
+            claims.room_config,
+            Some(livekit_protocol::RoomConfiguration {
+                agents: vec![livekit_protocol::RoomAgentDispatch {
+                    agent_name: "test-agent".to_string(),
+                    metadata: "test-metadata".to_string(),
+                }],
+                ..Default::default()
+            })
+        );
+
+        let token = AccessToken::with_api_key(TEST_API_KEY, TEST_API_SECRET)
+            .with_ttl(Duration::from_secs(60))
+            .with_identity("test")
+            .with_name("test")
+            .with_grants(VideoGrants { room_join: true, room: "test-room".to_string(), ..Default::default() })
+            .to_jwt()
+            .unwrap();
+
+        let claims = Claims::from_unverified(&token).expect("Failed to parse fresh token");
+        assert_eq!(claims.sub, "test");
+        assert_eq!(claims.name, "test");
+        assert_eq!(claims.video.room, "test-room");
+        assert!(claims.video.room_join);
+
+        let parts: Vec<&str> = token.split('.').collect();
+        let malformed_token = format!("{}.{}.wrongsignature", parts[0], parts[1]);
+
+        let claims = Claims::from_unverified(&malformed_token).expect("Failed to parse token with wrong signature");
+        assert_eq!(claims.sub, "test");
+        assert_eq!(claims.name, "test");
+    }
 }

livekit-api/src/test_token.txt

@@ -1 +1 @@
-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoibmFtZSIsInZpZGVvIjp7InJvb21Kb2luIjp0cnVlLCJyb29tIjoibXktcm9vbSIsImNhblB1Ymxpc2giOnRydWUsImNhblN1YnNjcmliZSI6dHJ1ZSwiY2FuUHVibGlzaERhdGEiOnRydWV9LCJyb29tQ29uZmlnIjp7ImFnZW50cyI6W3siYWdlbnROYW1lIjoidGVzdC1hZ2VudCIsIm1ldGFkYXRhIjoidGVzdC1tZXRhZGF0YSJ9XX0sInN1YiI6ImlkZW50aXR5IiwiaXNzIjoibXlhcGlrZXkiLCJuYmYiOjE3NDE4Njk2NzksImV4cCI6MTc0MTg5MTI3OX0.9_eOcZ1RNaRXxwdU36LTYoxsHtv_IhfhLk-kTd8MDY4
+eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJuYW1lIjoibmFtZSIsInZpZGVvIjp7InJvb21Kb2luIjp0cnVlLCJyb29tIjoibXktcm9vbSIsImNhblB1Ymxpc2giOnRydWUsImNhblN1YnNjcmliZSI6dHJ1ZSwiY2FuUHVibGlzaERhdGEiOnRydWV9LCJyb29tQ29uZmlnIjp7ImFnZW50cyI6W3siYWdlbnROYW1lIjoidGVzdC1hZ2VudCIsIm1ldGFkYXRhIjoidGVzdC1tZXRhZGF0YSJ9XX0sInN1YiI6ImlkZW50aXR5IiwiaXNzIjoibXlhcGlrZXkiLCJuYmYiOjE3NDE4Njk2NzksImV4cCI6NDEwMjQ0NDgwMH0.hmKovgw6sDbQUFZxAQ9Xjb9-VUzeBw1A6URTXFuCLMU

livekit-uniffi/Cargo.toml

@@ -0,0 +1,26 @@
+[package]
+name = "livekit-uniffi"
+version = "0.1.0"
+edition = "2021"
+license = "Apache-2.0"
+description = "Experimental FFI interface using UniFFI"
+repository = "https://github.com/livekit/rust-sdks"
+readme = "README.md"
+
+[dependencies]
+livekit-protocol = { workspace = true }
+livekit-api = { workspace = true }
+uniffi = { version = "0.30.0", features = ["cli", "scaffolding-ffi-buffer-fns"] }
+log = "0.4.28"
+tokio = { version = "1.48.0", features = ["sync"] }
+once_cell = "1.21.3"
+
+[build-dependencies]
+uniffi = { version = "0.30.0", features = ["build", "scaffolding-ffi-buffer-fns"] }
+
+[lib]
+crate-type = ["cdylib", "staticlib"]
+
+[[bin]]
+name = "uniffi-bindgen"
+path = "bindgen.rs"