1 files changed, 29 insertions, 1 deletions

diff --git a/backend/helpers.py b/backend/helpers.py
index c54139cc..0b6e7746 100644
--- a/backend/helpers.py
+++ b/backend/helpers.py
@@ -2,11 +2,15 @@ import re
 import ssl
 import subprocess
 import uuid
+import os
 from subprocess import check_output
 from time import sleep
+from hashlib import sha256
+from io import BytesIO
 
 import certifi
 from aiohttp.web import Response, middleware
+from aiohttp import ClientSession
 
 REMOTE_DEBUGGER_UNIT = "steam-web-debug-portforward.service"
 
@@ -27,7 +31,7 @@ def get_csrf_token():
 
 @middleware
 async def csrf_middleware(request, handler):
-    if str(request.method) == "OPTIONS" or request.headers.get('Authentication') == csrf_token or str(request.rel_url) == "/auth/token" or str(request.rel_url).startswith("/plugins/load_main/") or str(request.rel_url).startswith("/static/") or str(request.rel_url).startswith("/legacy/") or str(request.rel_url).startswith("/steam_resource/") or assets_regex.match(str(request.rel_url)) or frontend_regex.match(str(request.rel_url)):
+    if str(request.method) == "OPTIONS" or request.headers.get('Authentication') == csrf_token or str(request.rel_url) == "/auth/token" or str(request.rel_url).startswith("/plugins/load_main/") or str(request.rel_url).startswith("/static/") or str(request.rel_url).startswith("/legacy/") or str(request.rel_url).startswith("/steam_resource/") or str(request.rel_url).startswith("/frontend/") or assets_regex.match(str(request.rel_url)) or frontend_regex.match(str(request.rel_url)):
         return await handler(request)
     return Response(text='Forbidden', status='403')
 
@@ -83,6 +87,30 @@ def get_homebrew_path(home_path = None) -> str:
         return str(home_path+"/homebrew")
     # return str(home_path+"/homebrew")
 
+# Download Remote Binaries to local Plugin
+async def download_remote_binary_to_path(url, binHash, path) -> bool:
+    rv = False
+    try:
+        if os.access(os.path.dirname(path), os.W_OK):
+            async with ClientSession() as client:
+                res = await client.get(url, ssl=get_ssl_context())
+                if res.status == 200:
+                    data = BytesIO(await res.read())
+                    remoteHash = sha256(data.getbuffer()).hexdigest()
+                    if binHash == remoteHash:
+                        data.seek(0)
+                        with open(path, 'wb') as f:
+                            f.write(data.getbuffer())
+                            rv = True
+                    else:
+                        raise Exception(f"Fatal Error: Hash Mismatch for remote binary {path}@{url}")
+                else:
+                    rv = False
+    except:
+        rv = False
+
+    return rv
+
 async def is_systemd_unit_active(unit_name: str) -> bool:
     res = subprocess.run(["systemctl", "is-active", unit_name], stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL)
     return res.returncode == 0