Another token expiration fix.

* Playlist icons working as rendered by ND

* remove duplication in cover art image url creation

* Remove unused ability to create collages of images

.devcontainer/Dockerfile

@@ -0,0 +1,16 @@
+FROM node:22-bullseye
+
+LABEL maintainer=simojenki
+
+ENV JEST_TIMEOUT=60000
+EXPOSE 4534
+
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get -y install --no-install-recommends \
+        libvips-dev \
+        python3 \
+        make \
+        git \
+        g++ \
+        vim

.devcontainer/devcontainer.json

@@ -0,0 +1,28 @@
+{
+    "name": "bonob",
+    "build": { 
+        "dockerfile": "Dockerfile" 
+    },
+    "containerEnv": {
+        // these env vars need to be configured appropriately for your local dev env
+        "BNB_DEV_SONOS_DEVICE_IP": "${localEnv:BNB_DEV_SONOS_DEVICE_IP}",
+        "BNB_DEV_HOST_IP": "${localEnv:BNB_DEV_HOST_IP}",
+        "BNB_DEV_SUBSONIC_URL": "${localEnv:BNB_DEV_SUBSONIC_URL}"
+    },
+    "remoteUser": "node",
+    "forwardPorts": [4534],
+    "features": {
+        "ghcr.io/devcontainers/features/docker-in-docker:2": {
+            "version": "latest",
+            "moby": true
+        }
+    },
+    "customizations": {
+        "vscode": {
+          "extensions": [
+            "esbenp.prettier-vscode",
+            "redhat.vscode-xml"
+        ]
+        }
+    }
+}

.dockerignore

@@ -0,0 +1,6 @@
+.devcontainer
+.github
+.yarn/cache
+.yarn/install-state.gz
+build
+node_modules

.github/workflows/ci.yml

@@ -17,45 +17,60 @@ jobs:
     steps:
       -
         name: Check out the repo
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       -
-        uses: actions/setup-node@v1
+        uses: actions/setup-node@v3
         with:
-          node-version: 16.6.x
+          node-version: 20
       -
-        run: yarn install
+        run: npm install
       -
-        run: yarn test
+        run: npm test
 
 
   push_to_registry:
-    name: Push Docker image to Docker Hub
+    name: Push Docker image to Docker registries
     needs: build_and_test
     runs-on: ubuntu-latest
     steps:
       -
         name: Check out the repo
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
       -
         name: Docker meta
         id: meta
-        uses: docker/metadata-action@v3
+        uses: docker/metadata-action@v5
         with:
-          images: simojenki/bonob
+          images: |
+            simojenki/bonob
+            ghcr.io/simojenki/bonob
       -
         name: Login to DockerHub
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
       -
-        name: Push to Docker Hub
-        uses: docker/build-push-action@v2
+        name: Log in to GitHub Container registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      -
+        name: Push image
+        uses: docker/build-push-action@v6
         with:
           context: .
-          push: ${{ github.event_name != 'pull_request' }}
+          platforms: linux/amd64,linux/arm/v7,linux/arm64
+          push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}

.gitignore

@@ -2,6 +2,7 @@
 .vscode
 build
 ignore
+.ignore
 node_modules
 .yarn/*
 !.yarn/patches
@@ -10,3 +11,6 @@ node_modules
 !.yarn/sdks
 !.yarn/versions
 .pnp.*
+log.txt
+navidrome.txt
+bonob.txt

.npmrc

@@ -0,0 +1 @@
+fetch-timeout=60000

.nvmrc

@@ -1 +0,0 @@
-16.6.2

.yarnrc.yml

@@ -1,3 +0,0 @@
-nodeLinker: node-modules
-
-yarnPath: .yarn/releases/yarn-berry.cjs

CLAUDE.md

@@ -0,0 +1,187 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+bonob is a Sonos SMAPI (Sonos Music API) implementation that bridges Subsonic API clones (like Navidrome and Gonic) with Sonos devices. It acts as a middleware service that translates between the Subsonic API and Sonos's proprietary music service protocol, allowing users to stream their personal music libraries to Sonos speakers.
+
+## Development Commands
+
+### Building and Running
+```bash
+# Build TypeScript to JavaScript
+npm run build
+
+# Development mode with auto-reload (requires environment variables)
+npm run dev
+# OR with auto-registration
+npm run devr
+
+# Register bonob service with Sonos devices
+npm run register-dev
+```
+
+### Testing
+```bash
+# Run all tests
+npm test
+
+# Run tests in watch mode
+npm run testw
+
+# Set custom test timeout (default: 5000ms)
+JEST_TIMEOUT=10000 npm test
+```
+
+### Environment Variables for Development
+When running locally, you need to set several environment variables:
+- `BNB_DEV_HOST_IP`: Your machine's IP address (so Sonos can reach bonob)
+- `BNB_DEV_SONOS_DEVICE_IP`: IP address of a Sonos device for discovery
+- `BNB_DEV_SUBSONIC_URL`: URL of your Subsonic API server (e.g., Navidrome)
+
+## Architecture
+
+### Core Components
+
+**`src/app.ts`** - Application entry point
+- Reads configuration from environment variables
+- Initializes all services (Subsonic, Sonos, authentication)
+- Wires together the Express server with appropriate dependencies
+- Handles SIGTERM for graceful shutdown
+
+**`src/server.ts`** - Express HTTP server
+- Serves web UI for service registration and login
+- Handles music streaming (`/stream/track/:id`)
+- Generates icons and cover art (`/icon/...`, `/art/...`)
+- Serves Sonos-specific XML files (strings, presentation map)
+- Binds SOAP service for Sonos SMAPI communication
+
+**`src/smapi.ts`** - Sonos SMAPI SOAP implementation (1200+ lines)
+- Implements the Sonos Music API Protocol via SOAP/XML
+- Core operations: `getMetadata`, `getMediaURI`, `search`, `getExtendedMetadata`
+- Handles authentication flow with link codes and device auth tokens
+- Manages token refresh and session management
+- Maps music library concepts to Sonos browse hierarchy
+
+**`src/subsonic.ts`** - Subsonic API client
+- Implements `MusicService` and `MusicLibrary` interfaces
+- Handles authentication with Subsonic servers using token-based auth
+- Translates between Subsonic data models and bonob's domain types
+- Supports custom player configurations for transcoding
+- Special handling for Navidrome (bearer token authentication)
+- Implements artist image fetching with optional caching
+
+**`src/music_service.ts`** - Core domain types and interfaces
+- Defines `MusicService` interface (auth and login)
+- Defines `MusicLibrary` interface (browsing, search, streaming, rating, scrobbling)
+- Domain types: `Artist`, `Album`, `Track`, `Playlist`, `Genre`, `Rating`, etc.
+- Uses `fp-ts` for functional programming patterns (`TaskEither`, `Option`, `Either`)
+
+**`src/sonos.ts`** - Sonos device discovery and registration
+- Discovers Sonos devices on the network using SSDP/UPnP
+- Registers/unregisters bonob as a music service with Sonos systems
+- Supports both auto-discovery and seed-host based discovery
+- Uses `@svrooij/sonos` library for device communication
+
+**`src/smapi_auth.ts`** - Authentication token management
+- Implements JWT-based SMAPI tokens (token + key pairs)
+- Handles token verification and expiry
+- Token refresh flow using `fp-ts` `TaskEither`
+
+**`src/config.ts`** - Configuration management
+- Reads and validates environment variables (all prefixed with `BNB_`)
+- Legacy environment variable support (BONOB_ prefix)
+- Type-safe configuration with defaults
+
+### Key Abstractions
+
+**BUrn (Bonob URN)** - Resource identifier system (`src/burn.ts`)
+- Format: `{ system: string, resource: string }`
+- Systems: `subsonic` (for cover art), `external` (for URLs like Spotify images)
+- Used for abstracting art/image sources across different backends
+
+**URL Builder** (`src/url_builder.ts`)
+- Wraps URL manipulation with a builder pattern
+- Handles context path for reverse proxy deployments
+- Used throughout for generating URLs that Sonos devices can access
+
+**Custom Players** (`src/subsonic.ts`)
+- Allows mime-type specific transcoding configurations
+- Maps source mime types to transcoded types
+- Creates custom "client" names in Subsonic (e.g., "bonob+audio/flac")
+- Example: `BNB_SUBSONIC_CUSTOM_CLIENTS="audio/flac>audio/mp3"`
+
+### Data Flow
+
+1. **Sonos App Request** → SOAP endpoint (`/ws/sonos`)
+2. **SOAP Service** → Verifies auth token, calls `MusicLibrary` methods
+3. **MusicLibrary** → Makes Subsonic API calls, transforms data
+4. **SOAP Response** → Returns XML formatted for Sonos
+
+For streaming:
+1. **Sonos Device** → `GET /stream/track/:id` with custom headers (bnbt, bnbk)
+2. **Stream Handler** → Verifies token, calls `MusicLibrary.stream()`
+3. **Subsonic Stream** → Proxies audio with proper mime-type handling
+4. **Response** → Streams audio to Sonos, reports "now playing"
+
+### Icon System (`src/icon.ts`)
+- SVG-based icon generation with dynamic colors
+- Supports foreground/background color customization via `BNB_ICON_FOREGROUND_COLOR` and `BNB_ICON_BACKGROUND_COLOR`
+- Genre-specific icons
+- Text overlay support (e.g., year icons like "1984")
+- Holiday/festival decorations (auto-applied based on date)
+- Legacy mode: renders to 80x80 PNG for older Sonos systems
+
+### Authentication Flow
+1. Sonos app requests link code via `getAppLink()`
+2. User visits login URL with link code
+3. User enters Subsonic credentials
+4. bonob validates with Subsonic, generates service token
+5. bonob associates link code with service token
+6. Sonos polls `getDeviceAuthToken()` with link code
+7. bonob returns SMAPI token (JWT) to Sonos
+8. Subsequent requests use SMAPI token, which maps to service token
+
+### Testing Philosophy
+- Jest with ts-jest preset
+- In-memory implementations for `LinkCodes`, `APITokens` for testing
+- Mocking with `ts-mockito`
+- Test helpers in `tests/` directory
+- Console.log suppressed in tests (see `tests/setup.js`)
+
+## Common Patterns
+
+### Error Handling
+- Use `fp-ts` `TaskEither<AuthFailure, T>` for async operations that can fail with auth errors
+- SOAP faults for Sonos-specific errors (see SMAPI_FAULT_* constants)
+- Promise-based error handling with `.catch()` for most async operations
+
+### Type Safety
+- Strict TypeScript (`strict: true`, `noImplicitAny: true`, `noUncheckedIndexedAccess: true`)
+- Extensive use of discriminated unions
+- Interface-based design for pluggable services
+
+### Logging
+- Winston-based logger (`src/logger.ts`)
+- Log level controlled by `BNB_LOG_LEVEL`
+- Request logging optional via `BNB_SERVER_LOG_REQUESTS`
+
+### Functional Programming
+- Heavy use of `fp-ts` for `Option`, `Either`, `TaskEither`
+- Pipe-based composition (`pipe(data, fn1, fn2, ...)`)
+- Immutable data transformations
+
+## File Organization
+- `src/` - TypeScript source code
+- `tests/` - Jest test files (mirrors src/ structure)
+- `build/` - Compiled JavaScript (gitignored)
+- `web/` - HTML templates (Eta templating) and static assets
+- `typings/` - Custom TypeScript definitions
+
+## Important Constraints
+- bonob must be accessible from Sonos devices at `BNB_URL`
+- `BNB_URL` cannot contain "localhost" (validation error)
+- Sonos requires specific XML formats (SMAPI WSDL v1.19.6)
+- Streaming must handle HTTP range requests for seek functionality
+- Token lifetime (`BNB_AUTH_TIMEOUT`) should be less than Subsonic session timeout

DOCUMENTATION.md

@@ -0,0 +1,91 @@
+# Bonob Source Code Documentation
+
+This document provides an overview of the source files in the `src` directory, explaining the purpose and functionality of each.
+
+### `api_tokens.ts`
+
+Manages API tokens for authentication. It includes an in-memory implementation for storing and retrieving tokens, using SHA256 to mint new tokens.
+
+### `app.ts`
+
+This is the main entry point of the application. It initializes the server, configures the music service (Subsonic), and sets up the integration with Sonos. It reads the application config, sets up the Subsonic connection, and starts the Express server.
+
+### `b64.ts`
+
+Provides simple utility functions for Base64 encoding and decoding of strings.
+
+### `burn.ts`
+
+Handles the creation and parsing of "Bonob URNs" (BURNs), which are unique resource identifiers used within the system. It supports encryption and shorthand notations for more compact URNs.
+
+### `clock.ts`
+
+Provides an abstraction for time-related functions, which is useful for testing. It includes a `SystemClock` that uses the actual system time and a `FixedClock` for tests. It also contains logic for detecting special dates like Christmas and Halloween for seasonal features.
+
+### `config.ts`
+
+Manages the application's configuration by reading environment variables. It defines settings for the server, Sonos integration, Subsonic connection, and other features like scrobbling.
+
+### `encryption.ts`
+
+Implements encryption and decryption functionality using JSON Web Signatures (JWS). It provides a simple interface for encrypting and decrypting strings.
+
+### `i8n.ts`
+
+Handles internationalization (i18n) by providing translations for different languages supported by the Sonos app. It includes translations for UI elements and messages.
+
+### `icon.ts`
+
+Manages SVG icons used in the Sonos app. It allows for transformations like changing colors and applying special styles for festivals and holidays.
+
+### `link_codes.ts`
+
+Implements a system for linking Sonos devices with user accounts. It generates temporary codes that users can use to log in and associate their accounts.
+
+### `logger.ts`
+
+Configures the application-wide logger using Winston. It sets up logging levels and formats.
+
+### `music_service.ts`
+
+Defines the interfaces for a generic music service. This includes methods for authentication, browsing content (artists, albums, tracks), streaming audio, and managing playlists.
+
+### `register.ts`
+
+A command-line script used to register the Bonob service with Sonos devices on the local network.
+
+### `registrar.ts`
+
+Contains the core logic for registering the Bonob service with Sonos devices. It fetches service details from the Bonob server and sends the registration request to a Sonos device.
+
+### `server.ts`
+
+Sets up the Express web server. It defines the routes for the web interface, the Sonos Music API (SMAPI) endpoints, and audio streaming. It also handles user authentication and session management.
+
+### `smapi_auth.ts`
+
+Handles authentication for the Sonos Music API (SMAPI). It is responsible for issuing and verifying JWTs (JSON Web Tokens) that secure the communication between Sonos devices and the Bonob server.
+
+### `smapi_token_store.ts`
+
+Provides an interface and two implementations (in-memory and file-based) for storing SMAPI authentication tokens. This allows the server to persist user sessions.
+
+### `smapi.ts`
+
+Implements the Sonos Music API (SMAPI) using SOAP. This file is responsible for handling all the requests from Sonos devices, such as browsing music, searching, and getting track metadata.
+
+### `sonos.ts`
+
+Manages interactions with Sonos devices on the local network. This includes device discovery and service registration.
+
+### `subsonic.ts`
+
+Implements the `MusicService` interface for Subsonic-compatible media servers (like Navidrome). It handles all communication with the Subsonic API to fetch music data and stream audio.
+
+### `url_builder.ts`
+
+A utility class for building and manipulating URLs in a structured way.
+
+### `utils.ts`
+
+Contains miscellaneous utility functions used throughout the application, such as a function for tidying up XML strings.

Dockerfile

@@ -1,4 +1,4 @@
-FROM node:16.6-alpine as build
+FROM node:22-trixie-slim AS build
 
 WORKDIR /bonob
 
@@ -9,46 +9,69 @@ COPY typings ./typings
 COPY web ./web
 COPY tests ./tests
 COPY jest.config.js .
-COPY package.json .
 COPY register.js .
+COPY .npmrc .
 COPY tsconfig.json .
-COPY yarn.lock .
-COPY .yarnrc.yml .
-COPY .yarn/releases ./.yarn/releases
+COPY package.json .
+COPY package-lock.json .
 
-RUN apk add --no-cache --update --virtual .gyp \
-        vips-dev \
+ENV JEST_TIMEOUT=60000
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get -y install --no-install-recommends \
+        libvips-dev \
         python3 \
         make \
         git \
         g++ && \
-    yarn install --immutable && \
-    yarn gitinfo && \
-    yarn test --no-cache && \
-    yarn build
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/* && \
+    npm install && \
+    npm test && \
+    npm run gitinfo && \
+    npm run build && \
+    rm -Rf node_modules && \
+    NODE_ENV=production npm install --omit=dev
 
 
+FROM node:22-trixie-slim
 
-FROM node:16.6-alpine
+LABEL maintainer="simojenki" \
+      org.opencontainers.image.source="https://github.com/simojenki/bonob" \
+      org.opencontainers.image.description="bonob SONOS SMAPI implementation" \
+      org.opencontainers.image.licenses="GPLv3"
 
 ENV BNB_PORT=4534
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TZ=UTC
 
 EXPOSE $BNB_PORT
 
 WORKDIR /bonob
 
 COPY package.json .
-COPY yarn.lock .
+COPY package-lock.json .
 
 COPY --from=build /bonob/build/src ./src
 COPY --from=build /bonob/node_modules ./node_modules
 COPY --from=build /bonob/.gitinfo ./
 COPY web ./web
-COPY src/Sonoswsdl-1.19.4-20190411.142401-3.wsdl ./src/Sonoswsdl-1.19.4-20190411.142401-3.wsdl
+COPY src/Sonoswsdl-1.19.6-20231024.wsdl ./src/Sonoswsdl-1.19.6-20231024.wsdl
 
-RUN apk add --no-cache --update vips
+RUN apt-get update && \
+    apt-get -y upgrade && \
+    apt-get -y install --no-install-recommends \
+        libvips \
+        tzdata \
+        wget && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/*
 
 USER nobody 
 WORKDIR /bonob/src
 
+HEALTHCHECK CMD wget -O- http://localhost:${BNB_PORT}/about || exit 1   
+
 CMD ["node", "app.js"]

README.md

@@ -9,23 +9,40 @@ Support for Subsonic API clones (tested against Navidrome and Gonic).
 ## Features
 
 - Integrates with Subsonic API clones (Navidrome, Gonic)
-- Browse by Artist, Albums, Random, Favourites, Top Rated, Playlist, Genres, Recently Added Albums, Recently Played Albums, Most Played Albums
+- Browse by Artist, Albums, Random, Favourites, Top Rated, Playlist, Genres, Years, Recently Added Albums, Recently Played Albums, Most Played Albums
 - Artist & Album Art
 - View Related Artists via Artist -> '...' -> Menu -> Related Arists
 - Now playing & Track Scrobbling
 - Search by Album, Artist, Track
 - Playlist editing through sonos app.
 - Marking of songs as favourites and with ratings through the sonos app.
-- Localization (only en-US & nl-NL supported currently, require translations for other languages).  [Sonos localization and supported languages](https://developer.sonos.com/build/content-service-add-features/strings-and-localization/)
+- Localization (only en-US, da-DK, nl-NL & fr-FR supported currently, require translations for other languages).  [Sonos localization and supported languages](https://docs.sonos.com/docs/localization)
 - Auto discovery of sonos devices
 - Discovery of sonos devices using seed IP address
 - Auto registration with sonos on start
 - Multiple registrations within a single household.
-- Transcoding support for flacs using a specific player for the flac mimeType bonob/sonos
+- Transcoding within subsonic clone
+- Custom players by mime type, allowing custom transcoding rules for different file types
 
 ## Running
 
-bonob is ditributed via docker and can be run in a number of ways
+bonob is packaged as an OCI image to both the docker hub registry and github registry.
+
+ie. 
+```bash
+docker pull docker.io/simojenki/bonob
+```
+or
+```bash
+docker pull ghcr.io/simojenki/bonob
+```
+
+tag | description
+--- | ---
+latest | Latest release, intended to be stable
+master | Lastest build from master, probably works, however is currently under test
+vX.Y.Z | Fixed release versions from tags, for those that want to pin to a specific release
+
 
 ### Full sonos device auto-discovery and auto-registration using docker --network host
 
@@ -126,14 +143,18 @@ services:
       # ip address of your machine running bonob
       BNB_URL: http://192.168.1.111:4534  
       BNB_SECRET: changeme
-      BNB_SONOS_AUTO_REGISTER: true
-      BNB_SONOS_DEVICE_DISCOVERY: true
+      BNB_SONOS_AUTO_REGISTER: "true"
+      BNB_SONOS_DEVICE_DISCOVERY: "true"
       BNB_SONOS_SERVICE_ID: 246
       # ip address of one of your sonos devices
       BNB_SONOS_SEED_HOST: 192.168.1.121
       BNB_SUBSONIC_URL: http://navidrome:4533
 ```
 
+### Running bonob on synology
+
+[See this issue](https://github.com/simojenki/bonob/issues/15)
+
 ## Configuration
 
 item | default value | description
@@ -141,18 +162,22 @@ item | default value | description
 BNB_PORT | 4534 | Default http port for bonob to listen on
 BNB_URL | http://$(hostname):4534 | URL (including path) for bonob so that sonos devices can communicate. **This must be either the public IP or DNS entry of the bonob instance so that the sonos devices can communicate with it.**
 BNB_SECRET | bonob | secret used for encrypting credentials
+BNB_AUTH_TIMEOUT | 1h | Timeout for the sonos auth token, described in the format [ms](https://github.com/vercel/ms), ie. '5s' == 5 seconds, '11h' == 11 hours.  In the case of using Navidrome this should be less than the value for ND_SESSIONTIMEOUT
+BNB_LOG_LEVEL | info | Log level. One of ['debug', 'info', 'warn', 'error']
+BNB_SERVER_LOG_REQUESTS | false | Whether or not to log http requests
 BNB_SONOS_AUTO_REGISTER | false | Whether or not to try and auto-register on startup
 BNB_SONOS_DEVICE_DISCOVERY | true | Enable/Disable sonos device discovery entirely.  Setting this to 'false' will disable sonos device search, regardless of whether a seed host is specified.
 BNB_SONOS_SEED_HOST | undefined | sonos device seed host for discovery, or ommitted for for auto-discovery
 BNB_SONOS_SERVICE_NAME | bonob | service name for sonos
 BNB_SONOS_SERVICE_ID | 246 | service id for sonos
 BNB_SUBSONIC_URL | http://$(hostname):4533 | URL for subsonic clone
-BNB_SUBSONIC_CUSTOM_CLIENTS | undefined | Comma delimeted mime types for custom subsonic clients when streaming. ie. "audio/flac,audio/ogg" would use client = 'bonob+audio/flac' for flacs, and 'bonob+audio/ogg' for oggs.
-BNB_SUBSONIC_ARTIST_IMAGE_CACHE | undefined | Path for caching of artist images as are sourced externally.  ie. Navidrome provides spotify URLs
+BNB_SUBSONIC_CUSTOM_CLIENTS | undefined | Comma delimeted mime types for custom subsonic clients when streaming. <P>Must specify the source mime type and optionally the transcoded mime type. <p>For example; <p>If you want to simply re-encode some flacs, then you could specify just "audio/flac".  <p>However; <p>if your subsonic server will transcode the track then you need to specify the resulting mime type, ie. "audio/flac>audio/mp3" <p>If you want to specify many something like; "audio/flac>audio/mp3,audio/ogg" would use client = 'bonob+audio/flac' for flacs, and 'bonob+audio/ogg' for oggs.  <p>Disclaimer: Getting this configuration wrong will cause sonos to refuse to play your music, by all means experiment, however know that this may well break your setup.
+BNB_SUBSONIC_ARTIST_IMAGE_CACHE | undefined | Path for caching of artist images that are sourced externally. ie. Navidrome provides spotify URLs. Remember to provide a volume-mapping for Docker, when enabling this cache.
 BNB_SCROBBLE_TRACKS | true | Whether to scrobble the playing of a track if it has been played for >30s
 BNB_REPORT_NOW_PLAYING | true | Whether to report a track as now playing
 BNB_ICON_FOREGROUND_COLOR | undefined | Icon foreground color in sonos app, must be a valid [svg color](https://www.december.com/html/spec/colorsvg.html)
 BNB_ICON_BACKGROUND_COLOR | undefined | Icon background color in sonos app, must be a valid [svg color](https://www.december.com/html/spec/colorsvg.html)
+TZ | UTC | Your timezone from the [tz database](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) ie. 'Australia/Melbourne'
 
 ## Initialising service within sonos app
 
@@ -168,36 +193,72 @@ BNB_ICON_BACKGROUND_COLOR | undefined | Icon background color in sonos app, must
 - You should now be able to play music on your sonos devices from you subsonic clone
 - Within the subsonic clone a new player will be created, 'bonob (username)', so you can configure transcoding specifically for sonos
 
+## Re-registering your bonob service with sonos App
+
+Generally speaking you will not need to do this very often.  However on occassion bonob will change the implementation of the authentication between sonos and bonob, which will require a re-registration.  Your sonos app will complain about not being able to browse the service, to re-register execute the following steps (taken from the iOS app);
+
+- Open the sonos app
+- Settings -> Services & Voice
+- Your bonob service, will likely have name of either 'bonob' or $BNB_SONOS_SERVICE_NAME
+- Reauthorize Account
+- Authorize
+- Enter credentials, you should see 'Login Successful!'
+- Done
+
+Service should now be registered and everything should work as expected.
+
+## Multiple registrations within a single household.
+
+It's possible to register multiple Subsonic clone users for the bonob service in Sonos.
+Basically this consist of repeating the Sonos app ["Add a service"](#initialising-service-within-sonos-app) steps for each additional user.
+Afterwards the Sonos app displays a dropdown underneath the service, allowing to switch between users.
+
 ## Implementing a different music source other than a subsonic clone
 
 - Implement the MusicService/MusicLibrary interface
 - Startup bonob with your new implementation.
 
-## A note on transcoding
+## Transcoding
 
-tldr; Transcoding to mp3/m4a is not supported as sonos devices will not play the track.  Transcoding to flac works however, use BNB_SUBSONIC_CUSTOM_CLIENTS=audio/flac if you want to transcode flac->flac ie. to downsample HD flacs (see below).
+### Transcode everything
 
-Sonos devices are very particular about how audio streams are presented to them, see [streaming basics](https://developer.sonos.com/build/content-service-add-features/streaming-basics/).  When using transcoding both Navidrome and Gonic report no 'content-length', nor do they support range queries, this will cause the sonos device to fail to play the track.
+The simplest transcoding solution is to simply change the player ('bonob') in your subsonic server to transcode all content to something sonos supports (ie. mp3 & flac)
 
-## Cusomisation
+### Audio file type specific transcoding
 
-### Audio File type specific transcoding options within Subsonic
+Disclaimer: The following configuration is more complicated, and if you get the configuration wrong sonos will refuse to play your content.
 
-In some situations you may wish to have different 'Players' within you Subsonic server so that you can configure different transcoding options depending on the file type.  For example if you have flacs with a mixture of frequency formats where not all are supported by sonos [See issue #52](https://github.com/simojenki/bonob/issues/52) & [Sonos supported audio formats](https://developer.sonos.com/build/content-service-add-features/supported-audio-formats/)
+In some situations you may wish to have different 'Players' within your Subsonic server so that you can configure different transcoding options depending on the file type.  For example if you have flacs with a mixture of frequency formats where not all are supported by sonos [See issue #52](https://github.com/simojenki/bonob/issues/52) & [Sonos supported audio formats](https://docs.sonos.com/docs/supported-audio-formats)
 
 In this case you could set;
 
 ```bash
+# This is equivalent to setting BNB_SUBSONIC_CUSTOM_CLIENTS="audio/flac>audio/flac"
 BNB_SUBSONIC_CUSTOM_CLIENTS="audio/flac"
 ```
 
-This would result in 2 players in Navidrome, one called 'bonob', the other called 'bonob+audio/flac'.  You could then configure a custom flac transcoder in Navidrome that re-samples the flacs to a sonos supported format, ie [Using something like this](https://stackoverflow.com/questions/41420391/ffmpeg-flac-24-bit-96khz-to-16-bit-48khz);
+This would result in 2 players in Navidrome, one called 'bonob', the other called 'bonob+audio/flac'.  You could then configure a custom flac transcoder in Navidrome that re-samples the flacs to a sonos supported format, ie [Using something like this](https://stackoverflow.com/questions/41420391/ffmpeg-flac-24-bit-96khz-to-16-bit-48khz) or [this](https://stackoverflow.com/questions/52119489/ffmpeg-limit-audio-sample-rate):
 
 ```bash
-ffmpeg -i %s -af aresample=resampler=soxr:out_sample_fmt=s16:out_sample_rate=48000 -f flac -
+ffmpeg -i %s -af aformat=sample_fmts=s16|s32:sample_rates=8000|11025|16000|22050|24000|32000|44100|48000 -f flac -
 ```
 
-### Changing Icon colors
+**Note for Sonos S1:** [24-bit depth is only supported by Sonos S2](https://support.sonos.com/s/article/79?language=en_US), so if your system is still on Sonos S1, transcoding should convert all FLACs to 16-bit:
+
+```bash
+ffmpeg -i %s -af aformat=sample_fmts=s16:sample_rates=8000|11025|16000|22050|24000|32000|44100|48000 -f flac -
+```
+
+Alternatively perhaps you have some aac (audio/mpeg) files that will not play in sonos (ie. voice recordings from an iPhone), however you do not want to transcode all everything, just those audio/mpeg files.  Let's say you want to transcode them to mp3s, you could set the following;
+
+```bash
+BNB_SUBSONIC_CUSTOM_CLIENTS="audio/mpeg>audio/mp3"
+```
+
+And then configure the 'bonob+audio/mpeg' player in your subsonic server.
+
+
+## Changing Icon colors
 
 ```bash
 -e BNB_ICON_FOREGROUND_COLOR=white \
@@ -213,7 +274,21 @@ ffmpeg -i %s -af aresample=resampler=soxr:out_sample_fmt=s16:out_sample_rate=480
 
 ![Chartreuse & Fuchsia](https://github.com/simojenki/bonob/blob/master/docs/images/chartreuseFuchsia.png?raw=true)
 
+```bash
+-e BNB_ICON_FOREGROUND_COLOR=lime \
+-e BNB_ICON_BACKGROUND_COLOR=aliceblue
+```
+
+![Lime & Alice Blue](https://github.com/simojenki/bonob/blob/master/docs/images/limeAliceBlue.png?raw=true)
+
+```bash
+-e 'BNB_ICON_FOREGROUND_COLOR=#1db954' \
+-e 'BNB_ICON_BACKGROUND_COLOR=#121212'
+```
+
+![Spotify-ish](https://github.com/simojenki/bonob/blob/master/docs/images/spotify-ish.png?raw=true)
+
+
 ## Credits
 
 - Icons courtesy of: [Navidrome](https://www.navidrome.org/), [Vectornator](https://www.vectornator.io/icons), and @jicho
-

UPDATES.adoc

@@ -0,0 +1,68 @@
+= Updates for SMAPI
+
+Run Bonob on your server.
+
+== Updates made to original code
+
+* Proper Token handling after login. Also handling of periodic token refresh.
+* Store Tokens in an SQLite database (in mounted `/config` directory).
+* Added variable `BNB_TOKEN_CLEANUP_INTERVAL` with a default of `60` (minutes) to set how often expired tokens should be cleaned up out of the database.
+* Multi-account logins. Register one Bonob and log in with multiple Navidrome users for easy account switching in the Sonos app.
+* Global Search integration (Artist, Album, Track)
+* Scrobbling support to Navidrome. After one song has been completely played the album will show up in the "Recently played" section.
+* Playlist support. It shows both public and private (for the current account) playlists.
+* Modernized Login page.
+
+== To be done
+
+* Remove all now unnecessary logic:
+** Handling of `BNB_SONOS_SEED_HOST`
+** Autoregistration with Sonos devices (`BNB_SONOS_AUTO_REGISTER`)
+** Handling of `BNB_SONOS_DEVICE_DISCOVERY`
+* Implement Thumbs Up/Down or Star ratings (this is probably a Sonos Service configuration thing - with maybe some code changes).
+* Implement Playlist editing
+
+== Running Bonob
+
+Bonob now needs a volume to store the token database. In the example below that directory is `/var/containers/bonob`. Adapt as needed.
+Also the example below uses a `bonob` user on the system with ID `1210` and group `100`. The database directory should be owned by that user.
+
+.Example systemd file (`/usr/lib/systemd/system/bonob.service`)
+[source]
+----
+[Unit]
+Description=Bonob container service
+Wants=network.target
+After=network-online.target
+
+[Service]
+Environment=PODMAN_SYSTEMD_UNIT=%n
+Restart=always
+ExecStartPre=-/usr/bin/podman rm -f bonob
+ExecStart=/usr/bin/podman run --rm \
+  --name bonob \
+  --label "io.containers.autoupdate=image" \
+  --user 1210:100 \
+  --env BNB_SONOS_SERVICE_NAME="Navidrome" \
+  --env BNB_PORT=8200 \
+  --env BNB_URL="https://bonob.mydomain.com" \
+  --env BNB_SECRET="Some random string" \
+  --env BNB_SONOS_SERVICE_ID=Your Sonos ID \
+  --env BNB_SUBSONIC_URL=https://music.mydomain.com \
+  --env BNB_ICON_FOREGROUND_COLOR="black" \
+  --env BNB_ICON_BACKGROUND_COLOR="#65d7f4" \
+  --env BNB_SONOS_AUTO_REGISTER=false \
+  --env BNB_SONOS_DEVICE_DISCOVERY=false \
+  --env BNB_LOG_LEVEL="info" \
+  --env TZ="Europe/Vienna" \
+  --volume /var/containers/bonob:/config:Z \
+  --publish 8200:8200 \
+  quay.io/wkulhanek/bonob:latest
+ExecStop=/usr/bin/podman rm -f bonob
+StandardOutput=syslog
+StandardError=syslog
+SyslogIdentifier=bonob
+
+[Install]
+WantedBy=multi-user.target default.target
+----

jest.config.js

@@ -5,5 +5,6 @@ module.exports = {
   modulePathIgnorePatterns: [
     '<rootDir>/node_modules',
     '<rootDir>/build',
-    ],
+  ],
+  testTimeout: Number.parseInt(process.env["JEST_TIMEOUT"] || "5000")
 };

package.json

@@ -6,57 +6,72 @@
   "author": "simojenki <simojenki@users.noreply.github.com>",
   "license": "GPL-3.0-only",
   "dependencies": {
-    "@svrooij/sonos": "^2.4.0",
-    "@types/express": "^4.17.13",
-    "@types/fs-extra": "^9.0.13",
-    "@types/morgan": "^1.9.3",
-    "@types/node": "^16.7.13",
-    "@types/sharp": "^0.28.6",
-    "@types/underscore": "^1.11.3",
-    "@types/uuid": "^8.3.1",
-    "axios": "^0.21.4",
-    "dayjs": "^1.10.6",
-    "eta": "^1.12.3",
-    "express": "^4.17.1",
-    "fp-ts": "^2.11.1",
-    "fs-extra": "^10.0.0",
-    "libxmljs2": "^0.28.0",
+    "@svrooij/sonos": "^2.6.0-beta.11",
+    "@types/express": "^4.17.21",
+    "@types/fs-extra": "^11.0.4",
+    "@types/jsonwebtoken": "^9.0.7",
+    "@types/jws": "^3.2.10",
+    "@types/morgan": "^1.9.9",
+    "@types/node": "^20.11.5",
+    "@types/randomstring": "^1.3.0",
+    "@types/underscore": "^1.13.0",
+    "@types/uuid": "^10.0.0",
+    "@types/xmldom": "^0.1.34",
+    "@xmldom/xmldom": "^0.9.7",
+    "axios": "^1.7.8",
+    "better-sqlite3": "^12.4.1",
+    "dayjs": "^1.11.13",
+    "eta": "^2.2.0",
+    "express": "^4.18.3",
+    "fp-ts": "^2.16.9",
+    "fs-extra": "^11.2.0",
+    "jsonwebtoken": "^9.0.2",
+    "jws": "^4.0.0",
     "morgan": "^1.10.0",
-    "node-html-parser": "^4.1.4",
-    "sharp": "^0.29.1",
-    "soap": "^0.42.0",
-    "ts-md5": "^1.2.9",
-    "typescript": "^4.4.2",
-    "underscore": "^1.13.1",
-    "uuid": "^8.3.2",
-    "winston": "^3.3.3"
+    "node-html-parser": "^6.1.13",
+    "randomstring": "^1.3.0",
+    "sharp": "^0.33.5",
+    "soap": "^1.1.6",
+    "ts-md5": "^1.3.1",
+    "typescript": "^5.7.2",
+    "underscore": "^1.13.7",
+    "urn-lib": "^2.0.0",
+    "uuid": "^11.0.3",
+    "winston": "^3.17.0",
+    "xmldom-ts": "^0.3.1",
+    "xpath": "^0.0.34"
   },
   "devDependencies": {
-    "@types/chai": "^4.2.21",
-    "@types/jest": "^27.0.1",
-    "@types/mocha": "^9.0.0",
-    "@types/supertest": "^2.0.11",
-    "@types/tmp": "^0.2.1",
-    "chai": "^4.3.4",
-    "get-port": "^5.1.1",
-    "image-js": "^0.33.0",
-    "jest": "^27.1.0",
-    "nodemon": "^2.0.12",
-    "supertest": "^6.1.6",
-    "tmp": "^0.2.1",
-    "ts-jest": "^27.0.5",
+    "@types/better-sqlite3": "^7.6.13",
+    "@types/chai": "^5.0.1",
+    "@types/jest": "^29.5.14",
+    "@types/mocha": "^10.0.10",
+    "@types/supertest": "^6.0.2",
+    "@types/tmp": "^0.2.6",
+    "chai": "^5.1.2",
+    "get-port": "^7.1.0",
+    "image-js": "^0.35.6",
+    "jest": "^29.7.0",
+    "nodemon": "^3.1.7",
+    "supertest": "^7.0.0",
+    "tmp": "^0.2.3",
+    "ts-jest": "^29.2.5",
     "ts-mockito": "^2.6.1",
-    "ts-node": "^10.2.1",
-    "xmldom-ts": "^0.3.1",
+    "ts-node": "^10.9.2",
     "xpath-ts": "^1.3.13"
   },
+  "overrides": {
+    "axios-ntlm": "npm:dry-uninstall",
+    "axios": "$axios"
+  },
   "scripts": {
     "clean": "rm -Rf build node_modules",
     "build": "tsc",
-    "dev": "BNB_DEBUG=true BNB_SCROBBLE_TRACKS=false BNB_REPORT_NOW_PLAYING=false BNB_ICON_FOREGROUND_COLOR=white BNB_ICON_BACKGROUND_COLOR=darkgrey BNB_SONOS_SERVICE_NAME=bonobDev BNB_SONOS_DEVICE_DISCOVERY=true nodemon -V ./src/app.ts",
-    "devr": "BNB_DEBUG=true BNB_SCROBBLE_TRACKS=false BNB_REPORT_NOW_PLAYING=false BNB_ICON_FOREGROUND_COLOR=white BNB_ICON_BACKGROUND_COLOR=darkgrey BNB_SONOS_SERVICE_NAME=bonobDev BNB_SONOS_DEVICE_DISCOVERY=true BNB_SONOS_AUTO_REGISTER=true nodemon -V ./src/app.ts",
-    "register-dev": "ts-node ./src/register.ts http://$(hostname):4534",
+    "dev": "BNB_SUBSONIC_CUSTOM_CLIENTS1=audio/flac,audio/mpeg,audio/mp4\\>audio/flac BNB_LOG_LEVEL=debug BNB_DEBUG=true BNB_SCROBBLE_TRACKS=false BNB_REPORT_NOW_PLAYING=false BNB_SONOS_SEED_HOST=$BNB_DEV_SONOS_DEVICE_IP BNB_SONOS_SERVICE_NAME=z_bonobDev BNB_URL=\"http://${BNB_DEV_HOST_IP}:4534\" BNB_SUBSONIC_URL=\"${BNB_DEV_SUBSONIC_URL}\" nodemon -V ./src/app.ts",
+    "devr": "BNB_LOG_LEVEL=debug BNB_DEBUG=true BNB_ICON_FOREGROUND_COLOR=deeppink BNB_ICON_BACKGROUND_COLOR=darkslategray BNB_SCROBBLE_TRACKS=false BNB_REPORT_NOW_PLAYING=false BNB_SONOS_SEED_HOST=$BNB_DEV_SONOS_DEVICE_IP BNB_SONOS_SERVICE_NAME=z_bonobDev BNB_SONOS_DEVICE_DISCOVERY=true BNB_SONOS_AUTO_REGISTER=true BNB_URL=\"http://${BNB_DEV_HOST_IP}:4534\" BNB_SUBSONIC_URL=\"${BNB_DEV_SUBSONIC_URL}\" nodemon -V ./src/app.ts",
+    "register-dev": "ts-node ./src/register.ts http://${BNB_DEV_HOST_IP}:4534",
     "test": "jest",
+    "testw": "jest --watch",
     "gitinfo": "git describe --tags > .gitinfo"
   }
 }

sonos_service/SONOS_SERVICE.adoc

@@ -0,0 +1,85 @@
+= Setting up Sonos Service
+
+== Prerequisites
+* In your Sonos App get your Sonos ID (About my Sonos System)
++
+image::images/about.png[]
+
+* Navidrome running and available from the Internet. E.g. via https://music.mydomain.com
+* Bonob running and available from the Internet. E.g. via https://bonob.mydomain.com
+
+You can use any method to make these URLs available. Cloudflare Tunnels, Pangolin, reverse proxy, etc.
+
+== Sonos Service Integration
+
+* Log into https://play.sonos.com
+* Once logged in go to https://developer.sonos.com/s/integrations
+
+* Create a *New Content Integration*
+
+** General Information
+*** Service Name: Navidrome
+*** Service Availability: Global
+*** Checkbox checked
+*** Website/Social Media URLs: https://music.mydomain.com (Some URL - e.g. your Navidrome server)
+
+** Sonos Music API
+*** Integration ID: com.mydomain.music (your domain in reverse)
+*** Configuration Label: 1.0
+*** SMAPI Endpoint: https://bonob.mydomain.com/ws/sonos
+*** SMAPI Endpoint Version: 1.1
+*** Radio Endpoint: empty
+*** Reporting Endpoint: https://bonob.mydomain.com/report/v1
+*** Reporting Endpoint Version: 2.3
+*** Authentication Method: OAuth
+*** Redirect: https://bonob.mydomain.com/login
+*** Auth Token Time To Life: Empty
+*** Browse/Search Results Page Size: 100
+*** Polling Interval: 60
+
+** Brand Assets
+
+*** Just upload the various assets from the `sonos_artwork` directory.
+
+** Localization Resources
+
+*** Write something about your service in the various fields (except Explicit Filter Description).
+
+** Integration Capabilities
+
+*** Check the first two (*Enable Extended Metadata* and *Enable Extended Metadata for Playlists*) and nothing else.
+
+** Image Replacement Rules
+
+*** No changes
+
+** Browse Options
+
+*** No changes
+
+** Search Capabilities
+
+*** API Catalog Type: SMAPI Catalog
+*** Catalog Title: Music
+*** Catalog Type: GLOBAL
+
+*** Add Three Categories with ID and Mapped ID:
++
+Albums - albums
+Artists - artists
+Tracks - tracks
+
+** Content Actions
+
+*** No changes
+
+** Service Deployment Settings
+
+*** Sonos ID: Your Sonos ID (from About my system). This is how only your controller sees the new service.
+*** System Name: Whatever you want
+
+** Service Configuration
+
+*** Click on *Refresh* and then *Send*. You should get a success message that you can dismiss with *Done*.
+
+* In your app search for your service name and add Service in your app as usual.

sonos_service/sonos_artwork/service_logo_200x800.svg

@@ -0,0 +1,18 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="800" height="200" viewBox="0 0 800 200" role="img" aria-labelledby="title desc">
+  <title id="title">Bonob Subsonic Logo</title>
+  <desc id="desc">A blue music-note icon with family dots on the left, followed by stacked text Bonob Navidrome in blue.</desc>
+
+  <!-- Icon (scaled and positioned) -->
+  <g transform="translate(20,20) scale(4)">
+    <rect x="0" y="0" width="40" height="40" rx="6" ry="6" fill="#1976d2"/>
+    <circle cx="11.5" cy="15.5" r="1.6" fill="#ffffff"/>
+    <circle cx="11.5" cy="22.5" r="1.6" fill="#ffffff"/>
+    <circle cx="22" cy="26" r="4" fill="#ffffff"/>
+    <rect x="24" y="10" width="1.6" height="16" rx="0.8" fill="#ffffff"/>
+    <path d="M25.6 11.2 C29.0 10.6 30.2 13.6 27.4 14.6 C29.2 15.4 27.6 16.6 25.6 15.8 Z" fill="#ffffff"/>
+  </g>
+
+  <!-- Text stacked in two lines -->
+  <text x="240" y="90" font-family="Arial, Helvetica, sans-serif" font-size="80" fill="#1976d2">Bonob</text>
+  <text x="240" y="160" font-family="Arial, Helvetica, sans-serif" font-size="80" fill="#1976d2">Navidrome</text>
+</svg>

sonos_service/sonos_artwork/service_logo_20x180.svg

@@ -0,0 +1,19 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="180" height="20" viewBox="0 0 180 20" role="img" aria-labelledby="title desc">
+  <title id="title">Bonob Subsonic Logo</title>
+  <desc id="desc">A blue music-note icon with family dots, followed by the text Bonob Subsonic in blue.</desc>
+
+  <!-- Icon scaled down to fit height -->
+  <g transform="scale(0.45) translate(0,0)">
+    <rect x="0" y="0" width="40" height="40" rx="6" ry="6" fill="#1976d2"/>
+    <circle cx="11.5" cy="15.5" r="1.6" fill="#ffffff"/>
+    <circle cx="11.5" cy="22.5" r="1.6" fill="#ffffff"/>
+    <circle cx="22" cy="26" r="4" fill="#ffffff"/>
+    <rect x="24" y="10" width="1.6" height="16" rx="0.8" fill="#ffffff"/>
+    <path d="M25.6 11.2 C29.0 10.6 30.2 13.6 27.4 14.6 C29.2 15.4 27.6 16.6 25.6 15.8 Z" fill="#ffffff"/>
+  </g>
+
+  <!-- Text -->
+  <text x="28" y="15" font-family="Arial, Helvetica, sans-serif" font-size="12" fill="#1976d2">
+    Bonob Subsonic
+  </text>
+</svg>

sonos_service/sonos_artwork/service_logo_40x40.svg

@@ -0,0 +1,20 @@
+<svg xmlns="http://www.w3.org/2000/svg" width="40" height="40" viewBox="0 0 40 40" role="img" aria-labelledby="title desc">
+  <title id="title">Bonob Navidrome Music Server</title>
+  <desc id="desc">Blue rounded square with a white music note and two small circles representing family.</desc>
+
+  <!-- Blue rounded background -->
+  <rect x="0" y="0" width="40" height="40" rx="6" ry="6" fill="#1976d2"/>
+
+  <!-- Family dots (simple, symbolic) -->
+  <circle cx="11.5" cy="15.5" r="1.6" fill="#ffffff"/>
+  <circle cx="11.5" cy="22.5" r="1.6" fill="#ffffff"/>
+
+  <!-- Note head -->
+  <circle cx="22" cy="26" r="4" fill="#ffffff"/>
+
+  <!-- Note stem -->
+  <rect x="24" y="10" width="1.6" height="16" rx="0.8" fill="#ffffff"/>
+
+  <!-- Note flag (simple, filled shape) -->
+  <path d="M25.6 11.2 C29.0 10.6 30.2 13.6 27.4 14.6 C29.2 15.4 27.6 16.6 25.6 15.8 Z" fill="#ffffff"/>
+</svg>

src/Sonoswsdl-1.19.6-20231024.wsdl

@@ -97,7 +97,7 @@
                 <xs:complexType>
                     <xs:sequence>
                         <xs:element name="token" type="xs:string"/>
-                        <xs:element name="key" type="xs:string"/>
+                        <xs:element name="key" type="xs:string" minOccurs="0"/>
                         <xs:element name="householdId" type="xs:string"/>
                     </xs:sequence>
                 </xs:complexType>
@@ -111,11 +111,12 @@
                 </xs:simpleType>
             </xs:element>
 
-            <xs:simpleType name="userAccountType">
+            <xs:simpleType name="userAccountTier">
                 <xs:restriction base="xs:string">
-                    <xs:enumeration value="premium"/>
-                    <xs:enumeration value="trial"/>
+                    <xs:enumeration value="paidPremium"/>
+                    <xs:enumeration value="paidLimited"/>
                     <xs:enumeration value="free"/>
+                    <xs:enumeration value="none"/>
                 </xs:restriction>
             </xs:simpleType>
 
@@ -239,6 +240,12 @@
                 </xs:simpleContent>
             </xs:complexType>
 
+            <xs:complexType name="contentKeys">
+                <xs:sequence>
+                    <xs:element name="contentKey" type="tns:contentKey" maxOccurs="8"/>
+                </xs:sequence>
+            </xs:complexType>
+
             <xs:simpleType name="mediaUriAction">
                 <xs:restriction base="xs:string">
                     <xs:enumeration value="IMPLICIT"/>
@@ -355,13 +362,11 @@
 
             <xs:complexType name="userInfo">
                 <xs:sequence>
-                    <!-- Everything except userIdHashCode and nickname are for future use -->
+                    <!--  accountStatus potentially for future use -->
                     <xs:element name="userIdHashCode" type="xs:string" minOccurs="1"/>
-                    <xs:element name="accountType" type="tns:userAccountType" minOccurs="0"/>
+                    <xs:element name="accountTier" type="tns:userAccountTier" minOccurs="0"/>
                     <xs:element name="accountStatus" type="tns:userAccountStatus" minOccurs="0"/>
                     <xs:element ref="tns:nickname" minOccurs="0"/>
-                    <xs:element name="profileUrl" type="tns:sonosUri" minOccurs="0"/>
-                    <xs:element name="pictureUrl" type="tns:sonosUri" minOccurs="0"/>
                 </xs:sequence>
             </xs:complexType>
 
@@ -888,7 +893,10 @@
                         <xs:element name="getMediaURIResult" type="xs:anyURI"/>
                         <xs:element name="deviceSessionToken" type="tns:deviceSessionToken" minOccurs="0" maxOccurs="1"/>
                         <xs:element name="deviceSessionKey" type="tns:encryptionContext" minOccurs="0" maxOccurs="1"/>
-                        <xs:element name="contentKey" type="tns:encryptionContext" minOccurs="0" maxOccurs="1"/>
+                        <xs:choice minOccurs="0">
+                            <xs:element name="contentKey" type="tns:encryptionContext" minOccurs="0" maxOccurs="1"/>
+                            <xs:element name="contentKeys" type="tns:contentKeys" minOccurs="0" maxOccurs="1"/>
+                        </xs:choice>
                         <xs:element name="httpHeaders" type="tns:httpHeaders" minOccurs="0" maxOccurs="1"/>
                         <xs:element name="uriTimeout" type="xs:int" minOccurs="0" maxOccurs="1"/>
                         <xs:element name="positionInformation" type="tns:positionInformation" minOccurs="0" maxOccurs="1"/>
@@ -2059,7 +2067,7 @@
 
     <wsdl:service name="Sonos">
         <wsdl:port name="SonosSoap" binding="tns:SonosSoap">
-		<soap:address location="/about"/>
+		<soap:address location="http://moapi.sonos.com/Test/TestService.php"/>
         </wsdl:port>
     </wsdl:service>
 

src/access_tokens.ts

@@ -1,116 +0,0 @@
-import { Dayjs } from "dayjs";
-import { v4 as uuid } from "uuid";
-import crypto from "crypto";
-
-import { Encryption } from "./encryption";
-import logger from "./logger";
-import { Clock, SystemClock } from "./clock";
-import { b64Encode, b64Decode } from "./b64";
-
-type AccessToken = {
-  value: string;
-  authToken: string;
-  expiry: Dayjs;
-};
-
-export interface AccessTokens {
-  mint(authToken: string): string;
-  authTokenFor(value: string): string | undefined;
-}
-
-export class ExpiringAccessTokens implements AccessTokens {
-  tokens = new Map<string, AccessToken>();
-  clock: Clock;
-
-  constructor(clock: Clock = SystemClock) {
-    this.clock = clock;
-  }
-
-  mint(authToken: string): string {
-    this.clearOutExpired();
-    const accessToken = {
-      value: uuid(),
-      authToken,
-      expiry: this.clock.now().add(12, "hours"),
-    };
-    this.tokens.set(accessToken.value, accessToken);
-    return accessToken.value;
-  }
-
-  authTokenFor(value: string): string | undefined {
-    this.clearOutExpired();
-    return this.tokens.get(value)?.authToken;
-  }
-
-  clearOutExpired() {
-    Array.from(this.tokens.values())
-      .filter((it) => it.expiry.isBefore(this.clock.now()))
-      .forEach((expired) => {
-        this.tokens.delete(expired.value);
-      });
-  }
-
-  count = () => this.tokens.size;
-}
-
-export class EncryptedAccessTokens implements AccessTokens {
-  encryption: Encryption;
-
-  constructor(encryption: Encryption) {
-    this.encryption = encryption;
-  }
-
-  mint = (authToken: string): string =>
-    b64Encode(JSON.stringify(this.encryption.encrypt(authToken)));
-
-  authTokenFor(value: string): string | undefined {
-    try {
-      return this.encryption.decrypt(
-        JSON.parse(b64Decode(value))
-      );
-    } catch {
-      logger.warn("Failed to decrypt access token...");
-      return undefined;
-    }
-  }
-}
-
-export class AccessTokenPerAuthToken implements AccessTokens {
-  authTokenToAccessToken = new Map<string, string>();
-  accessTokenToAuthToken = new Map<string, string>();
-
-  mint = (authToken: string): string => {
-    if (this.authTokenToAccessToken.has(authToken)) {
-      return this.authTokenToAccessToken.get(authToken)!;
-    } else {
-      const accessToken = uuid();
-      this.authTokenToAccessToken.set(authToken, accessToken);
-      this.accessTokenToAuthToken.set(accessToken, authToken);
-      return accessToken;
-    }
-  };
-
-  authTokenFor = (value: string): string | undefined => this.accessTokenToAuthToken.get(value);
-}
-
-export const sha256 = (salt: string) => (authToken: string) => crypto
-  .createHash("sha256")
-  .update(`${authToken}${salt}`)
-  .digest("hex")
-
-export class InMemoryAccessTokens implements AccessTokens {
-  tokens = new Map<string, string>();
-  minter;
-
-  constructor(minter: (authToken: string) => string) {
-    this.minter = minter
-  }
-
-  mint = (authToken: string): string => {
-    const accessToken = this.minter(authToken);
-    this.tokens.set(accessToken, authToken);
-    return accessToken;
-  }
-
-  authTokenFor = (value: string): string | undefined => this.tokens.get(value);
-}

src/api_tokens.ts

@@ -0,0 +1,30 @@
+import crypto from "crypto";
+
+export interface APITokens {
+  mint(authToken: string): string;
+  authTokenFor(apiToken: string): string | undefined;
+}
+
+
+export const sha256 = (salt: string) => (value: string) => crypto
+  .createHash("sha256")
+  .update(`${value}${salt}`)
+  .digest("hex")
+
+
+export class InMemoryAPITokens implements APITokens {
+  tokens = new Map<string, string>();
+  minter;
+
+  constructor(minter: (authToken: string) => string = sha256('bonob')) {
+    this.minter = minter
+  }
+
+  mint = (authToken: string): string => {
+    const accessToken = this.minter(authToken);
+    this.tokens.set(accessToken, authToken);
+    return accessToken;
+  }
+
+  authTokenFor = (apiToken: string): string | undefined => this.tokens.get(apiToken);
+}

src/app.ts

@@ -2,24 +2,28 @@ import path from "path";
 import fs from "fs";
 import server from "./server";
 import logger from "./logger";
+
 import {
-  appendMimeTypeToClientFor,
   axiosImageFetcher,
   cachingImageFetcher,
-  DEFAULT,
-  Subsonic,
+  SubsonicMusicService,
+  TranscodingCustomPlayers,
+  NO_CUSTOM_PLAYERS,
+  Subsonic
 } from "./subsonic";
-import encryption from "./encryption";
-import { InMemoryAccessTokens, sha256 } from "./access_tokens";
+import { InMemoryAPITokens, sha256 } from "./api_tokens";
 import { InMemoryLinkCodes } from "./link_codes";
 import readConfig from "./config";
 import sonos, { bonobService } from "./sonos";
 import { MusicService } from "./music_service";
 import { SystemClock } from "./clock";
+import { JWTSmapiLoginTokens } from "./smapi_auth";
+import { SQLiteSmapiTokenStore } from "./smapi_token_store";
 
 const config = readConfig();
+const clock = SystemClock;
 
-logger.info(`Starting bonob with config ${JSON.stringify(config)}`);
+logger.info(`Starting bonob with config ${JSON.stringify({ ...config, secret: "*******" })}`);
 
 const bonob = bonobService(
   config.sonos.serviceName,
@@ -30,25 +34,28 @@ const bonob = bonobService(
 
 const sonosSystem = sonos(config.sonos.discovery);
 
-const streamUserAgent = config.subsonic.customClientsFor
-  ? appendMimeTypeToClientFor(config.subsonic.customClientsFor.split(","))
-  : DEFAULT;
+const customPlayers = config.subsonic.customClientsFor
+  ? TranscodingCustomPlayers.from(config.subsonic.customClientsFor)
+  : NO_CUSTOM_PLAYERS;
 
 const artistImageFetcher = config.subsonic.artistImageCache
   ? cachingImageFetcher(config.subsonic.artistImageCache, axiosImageFetcher)
   : axiosImageFetcher;
 
-const subsonic = new Subsonic(
-  config.subsonic.url,
-  encryption(config.secret),
-  streamUserAgent,
-  artistImageFetcher
+const subsonic = new SubsonicMusicService(
+  new Subsonic(
+    config.subsonic.url,
+    customPlayers,
+    artistImageFetcher
+  ),
+  customPlayers
 );
 
 const featureFlagAwareMusicService: MusicService = {
   generateToken: subsonic.generateToken,
-  login: (authToken: string) =>
-    subsonic.login(authToken).then((library) => {
+  refreshToken: subsonic.refreshToken,
+  login: (serviceToken: string) =>
+    subsonic.login(serviceToken).then((library) => {
       return {
         ...library,
         scrobble: (id: string) => {
@@ -75,6 +82,16 @@ const version = fs.existsSync(GIT_INFO)
   ? fs.readFileSync(GIT_INFO).toString().trim()
   : "v??";
 
+// Initialize SQLite token store
+const smapiTokenStore = new SQLiteSmapiTokenStore(config.tokenStore.dbPath);
+
+// Migrate existing JSON tokens if they exist
+const legacyJsonPath = "/config/tokens.json";
+if (fs.existsSync(legacyJsonPath)) {
+  logger.info(`Found legacy JSON token file at ${legacyJsonPath}, attempting migration...`);
+  smapiTokenStore.migrateFromJSON(legacyJsonPath);
+}
+
 const app = server(
   sonosSystem,
   bonob,
@@ -82,16 +99,20 @@ const app = server(
   featureFlagAwareMusicService,
   {
     linkCodes: () => new InMemoryLinkCodes(),
-    accessTokens: () => new InMemoryAccessTokens(sha256(config.secret)),
-    clock: SystemClock,
+    apiTokens: () => new InMemoryAPITokens(sha256(config.secret)),
+    clock,
     iconColors: config.icons,
     applyContextPath: true,
-    logRequests: true,
+    logRequests: config.logRequests,
     version,
+    smapiAuthTokens: new JWTSmapiLoginTokens(clock, config.secret, config.authTimeout),
+    externalImageResolver: artistImageFetcher,
+    smapiTokenStore,
+    tokenCleanupIntervalMinutes: config.tokenStore.cleanupIntervalMinutes
   }
 );
 
-app.listen(config.port, () => {
+const expressServer = app.listen(config.port, () => {
   logger.info(`Listening on ${config.port} available @ ${config.bonobUrl}`);
 });
 
@@ -109,6 +130,16 @@ if (config.sonos.autoRegister) {
       logger.info(`Found device ${d.name}(${d.group}) @ ${d.ip}:${d.port}`);
     });
   });
-}
+};
+
+process.on('SIGTERM', () => {
+  logger.info('SIGTERM signal received: closing HTTP server');
+  expressServer.close(() => {
+    logger.info('HTTP server closed');
+  });
+  smapiTokenStore.close();
+  process.exit(0);
+});
+
 
 export default app;

src/burn.ts

@@ -0,0 +1,98 @@
+import _ from "underscore";
+import { createUrnUtil } from "urn-lib";
+import randomstring from "randomstring";
+import { pipe } from "fp-ts/lib/function";
+import { either as E } from "fp-ts";
+
+import jwsEncryption from "./encryption";
+
+const BURN = createUrnUtil("bnb", {
+  components: ["system", "resource"],
+  separator: ":",
+  allowEmpty: false,
+});
+
+export type BUrn = {
+  system: string;
+  resource: string;
+};
+
+const DEFAULT_FORMAT_OPTS = {
+  shorthand: false,
+  encrypt: false,
+}
+
+const SHORTHAND_MAPPINGS: Record<string, string> = {
+  "internal" : "i",
+  "external": "e",
+  "subsonic": "s",
+  "navidrome": "n",
+  "encrypted": "x"
+}
+const REVERSE_SHORTHAND_MAPPINGS: Record<string, string> = Object.keys(SHORTHAND_MAPPINGS).reduce((ret, key) => {
+  ret[SHORTHAND_MAPPINGS[key] as unknown as string] = key;
+  return ret;
+}, {} as Record<string, string>)
+if(SHORTHAND_MAPPINGS.length != REVERSE_SHORTHAND_MAPPINGS.length) {
+  throw `Invalid SHORTHAND_MAPPINGS, must be duplicate!`
+}
+
+export const BURN_SALT = randomstring.generate(5);
+const encryptor = jwsEncryption(BURN_SALT);
+
+export const format = (
+  burn: BUrn,
+  opts: Partial<{ shorthand: boolean; encrypt: boolean }> = {}
+): string => {
+  const o = { ...DEFAULT_FORMAT_OPTS, ...opts }
+  let toBurn = burn;
+  if(o.shorthand) {
+    toBurn = {
+      ...toBurn,
+      system: SHORTHAND_MAPPINGS[toBurn.system] || toBurn.system
+    }
+  }
+  if(o.encrypt) {
+    const encryptedToBurn = {
+      system: "encrypted",
+      resource: encryptor.encrypt(BURN.format(toBurn))
+    }
+    return format(encryptedToBurn, { ...opts, encrypt: false })
+  } else {
+    return BURN.format(toBurn);
+  }
+};
+
+export const formatForURL = (burn: BUrn) => {
+  if(burn.system == "external") return format(burn, { shorthand: true, encrypt: true })
+  else return format(burn, { shorthand: true })
+}
+
+export const parse = (burn: string): BUrn => {
+  const result = BURN.parse(burn)!;
+  const validationErrors = BURN.validate(result) || [];
+  if (validationErrors.length > 0) {
+    throw new Error(`Invalid burn: '${burn}'`);
+  }
+  const system = result.system as string;
+  const x = {
+    system: REVERSE_SHORTHAND_MAPPINGS[system] || system,
+    resource: result.resource as string,
+  };
+  if(x.system == "encrypted") {
+    return pipe(
+      encryptor.decrypt(x.resource),
+      E.match(
+        (err) => { throw new Error(err) },
+        (z) => parse(z)
+      )
+    );
+  } else {
+    return x;
+  }
+}
+
+export function assertSystem(urn: BUrn, system: string): BUrn {
+  if (urn.system != system) throw `Unsupported urn: '${format(urn)}'`;
+  else return urn;
+}

src/clock.ts

@@ -1,16 +1,54 @@
 import dayjs, { Dayjs } from "dayjs";
 
-export const isChristmas = (clock: Clock = SystemClock) => clock.now().month() == 11 && clock.now().date() == 25;
-export const isMay4 = (clock: Clock = SystemClock) => clock.now().month() == 4 && clock.now().date() == 4;
-export const isHalloween = (clock: Clock = SystemClock) => clock.now().month() == 9 && clock.now().date() == 31
-export const isHoli = (clock: Clock = SystemClock) => ["2022/03/18", "2023/03/07", "2024/03/25", "2025/03/14"].map(dayjs).find(it => it.isSame(clock.now())) != undefined
-export const isCNY = (clock: Clock = SystemClock) => ["2022/02/01", "2023/01/22", "2024/02/10", "2025/02/29"].map(dayjs).find(it => it.isSame(clock.now())) != undefined
-export const isCNY_2022 = (clock: Clock = SystemClock) => clock.now().isSame(dayjs("2022/02/01"))
-export const isCNY_2023 = (clock: Clock = SystemClock) => clock.now().isSame(dayjs("2023/01/22"))
-export const isCNY_2024 = (clock: Clock = SystemClock) => clock.now().isSame(dayjs("2024/02/10"))
+function fixedDateMonthEvent(dateMonth: string) {
+  const date = Number.parseInt(dateMonth.split("/")[0]!);
+  const month = Number.parseInt(dateMonth.split("/")[1]!);
+  return (clock: Clock = SystemClock) => {
+    return clock.now().date() == date && clock.now().month() == month - 1;
+  };
+}
+
+function fixedDateEvent(date: string) {
+  const dayjsDate = dayjs(date);
+  return (clock: Clock = SystemClock) => {
+    return clock.now().isSame(dayjsDate, "day");
+  };
+}
+
+function anyOf(rules: ((clock: Clock) => boolean)[]) {
+  return (clock: Clock = SystemClock) => {
+    return rules.find((rule) => rule(clock)) != undefined;
+  };
+}
+
+export const isChristmas = fixedDateMonthEvent("25/12");
+export const isMay4 = fixedDateMonthEvent("04/05");
+export const isHalloween = fixedDateMonthEvent("31/10");
+export const isHoli = anyOf(
+  ["2022/03/18", "2023/03/07", "2024/03/25", "2025/03/14"].map(fixedDateEvent)
+)
+
+export const isCNY_2022 = fixedDateEvent("2022/02/01");
+export const isCNY_2023 = fixedDateEvent("2023/01/22");
+export const isCNY_2024 = fixedDateEvent("2024/02/10");
+export const isCNY_2025 = fixedDateEvent("2025/02/29");
+export const isCNY = anyOf([isCNY_2022, isCNY_2023, isCNY_2024, isCNY_2025]);
 
 export interface Clock {
   now(): Dayjs;
 }
 
 export const SystemClock = { now: () => dayjs() };
+
+export class FixedClock implements Clock {
+  time: Dayjs;
+
+  constructor(time: Dayjs = dayjs()) {
+    this.time = time;
+  }
+
+  add = (t: number, unit: dayjs.UnitTypeShort) =>
+    (this.time = this.time.add(t, unit));
+
+  now = () => this.time;
+}

src/config.ts

@@ -3,21 +3,24 @@ import logger from "./logger";
 import url from "./url_builder";
 
 export const WORD = /^\w+$/;
+export const COLOR = /^#?\w+$/;
 
-type EnvVarOpts = {
-  default: string | undefined;
+type EnvVarOpts<T> = {
+  default: T | undefined;
   legacy: string[] | undefined;
   validationPattern: RegExp | undefined;
+  parser: ((value: string) => T) | undefined
 };
 
-export function envVar(
+export function envVar<T>(
   name: string,
-  opts: Partial<EnvVarOpts> = {
+  opts: Partial<EnvVarOpts<T>> = {
     default: undefined,
     legacy: undefined,
     validationPattern: undefined,
+    parser: undefined
   }
-) {
+): T {
   const result = [name, ...(opts.legacy || [])]
     .map((it) => ({ key: it, value: process.env[it] }))
     .find((it) => it.value);
@@ -35,17 +38,28 @@ export function envVar(
     logger.warn(`Configuration key '${result.key}' is deprecated, replace with '${name}'`)
   }
 
-  return result?.value || opts.default;
+  let value: T | undefined = undefined;
+
+  if(result?.value && opts.parser) {
+    value = opts.parser(result?.value)
+  } else if(result?.value)
+    value = result?.value as any as T
+
+  return value == undefined ? opts.default as T : value;
 }
 
-export const bnbEnvVar = (key: string, opts: Partial<EnvVarOpts> = {}) =>
+export const bnbEnvVar = <T>(key: string, opts: Partial<EnvVarOpts<T>> = {}) =>
   envVar(`BNB_${key}`, {
     ...opts,
     legacy: [`BONOB_${key}`, ...(opts.legacy || [])],
   });
 
+const asBoolean = (value: string) => value == "true";
+
+const asInt = (value: string) => Number.parseInt(value);
+
 export default function () {
-  const port = +bnbEnvVar("PORT", { default: "4534" })!;
+  const port = bnbEnvVar<number>("PORT", { default: 4534, parser: asInt })!;
   const bonobUrl = bnbEnvVar("URL", {
     legacy: ["BONOB_WEB_ADDRESS"],
     default: `http://${hostname()}:${port}`,
@@ -61,33 +75,39 @@ export default function () {
   return {
     port,
     bonobUrl: url(bonobUrl),
-    secret: bnbEnvVar("SECRET", { default: "bonob" })!,
+    secret: bnbEnvVar<string>("SECRET", { default: "bonob" })!,
+    authTimeout: bnbEnvVar<string>("AUTH_TIMEOUT", { default: "1h" })!,
     icons: {
-      foregroundColor: bnbEnvVar("ICON_FOREGROUND_COLOR", {
-        validationPattern: WORD,
+      foregroundColor: bnbEnvVar<string>("ICON_FOREGROUND_COLOR", {
+        validationPattern: COLOR,
       }),
-      backgroundColor: bnbEnvVar("ICON_BACKGROUND_COLOR", {
-        validationPattern: WORD,
+      backgroundColor: bnbEnvVar<string>("ICON_BACKGROUND_COLOR", {
+        validationPattern: COLOR,
       }),
     },
+    logRequests: bnbEnvVar<boolean>("SERVER_LOG_REQUESTS", { default: false, parser: asBoolean }),
     sonos: {
-      serviceName: bnbEnvVar("SONOS_SERVICE_NAME", { default: "bonob" })!,
+      serviceName: bnbEnvVar<string>("SONOS_SERVICE_NAME", { default: "bonob" })!,
       discovery: {
         enabled:
-          bnbEnvVar("SONOS_DEVICE_DISCOVERY", { default: "true" }) == "true",
-        seedHost: bnbEnvVar("SONOS_SEED_HOST"),
+          bnbEnvVar<boolean>("SONOS_DEVICE_DISCOVERY", { default: true, parser: asBoolean }),
+        seedHost: bnbEnvVar<string>("SONOS_SEED_HOST"),
       },
       autoRegister:
-        bnbEnvVar("SONOS_AUTO_REGISTER", { default: "false" }) == "true",
-      sid: Number(bnbEnvVar("SONOS_SERVICE_ID", { default: "246" })),
+        bnbEnvVar<boolean>("SONOS_AUTO_REGISTER", { default: false, parser: asBoolean }),
+      sid: bnbEnvVar<number>("SONOS_SERVICE_ID", { default: 246, parser: asInt }),
     },
     subsonic: {
-      url: bnbEnvVar("SUBSONIC_URL", { legacy: ["BONOB_NAVIDROME_URL"], default: `http://${hostname()}:4533` })!,
-      customClientsFor: bnbEnvVar("SUBSONIC_CUSTOM_CLIENTS", { legacy: ["BONOB_NAVIDROME_CUSTOM_CLIENTS"] }),
-      artistImageCache: bnbEnvVar("SUBSONIC_ARTIST_IMAGE_CACHE"),
+      url: url(bnbEnvVar("SUBSONIC_URL", { legacy: ["BONOB_NAVIDROME_URL"], default: `http://${hostname()}:4533` })!),
+      customClientsFor: bnbEnvVar<string>("SUBSONIC_CUSTOM_CLIENTS", { legacy: ["BONOB_NAVIDROME_CUSTOM_CLIENTS"] }),
+      artistImageCache: bnbEnvVar<string>("SUBSONIC_ARTIST_IMAGE_CACHE"),
     },
-    scrobbleTracks: bnbEnvVar("SCROBBLE_TRACKS", { default: "true" }) == "true",
+    scrobbleTracks: bnbEnvVar<boolean>("SCROBBLE_TRACKS", { default: true, parser: asBoolean }),
     reportNowPlaying:
-      bnbEnvVar("REPORT_NOW_PLAYING", { default: "true" }) == "true",
+      bnbEnvVar<boolean>("REPORT_NOW_PLAYING", { default: true, parser: asBoolean }),
+    tokenStore: {
+      dbPath: bnbEnvVar<string>("TOKEN_DB_PATH", { default: "/config/tokens.db" })!,
+      cleanupIntervalMinutes: bnbEnvVar<number>("TOKEN_CLEANUP_INTERVAL", { default: 60, parser: asInt })!,
+    },
   };
 }

src/encryption.ts

@@ -1,33 +1,78 @@
-import { createCipheriv, createDecipheriv, randomBytes, createHash } from "crypto";
+import {
+  createCipheriv,
+  createDecipheriv,
+  randomBytes,
+  createHash,
+} from "crypto";
+import { option as O, either as E } from "fp-ts";
+import { Either, left, right } from 'fp-ts/Either'
+import { pipe } from "fp-ts/lib/function";
+import jws from "jws";
 
-const ALGORITHM = "aes-256-cbc"
+const ALGORITHM = "aes-256-cbc";
 const IV = randomBytes(16);
 
 export type Hash = {
-  iv: string,
-  encryptedData: string
-}
+  iv: string;
+  encryptedData: string;
+};
 
 export type Encryption = {
-  encrypt: (value:string) => Hash
-  decrypt: (hash: Hash) => string
-}
+  encrypt: (value: string) => string;
+  decrypt: (value: string) => Either<string, string>;
+};
 
-const encryption = (secret: string): Encryption => {
-  const key = createHash('sha256').update(String(secret)).digest('base64').substr(0, 32);
+export const jwsEncryption = (secret: string): Encryption => {
   return {
-    encrypt: (value: string) => {
-      const cipher = createCipheriv(ALGORITHM, key, IV);
-      return { 
-        iv: IV.toString("hex"), 
-        encryptedData: Buffer.concat([cipher.update(value), cipher.final()]).toString("hex") 
-      };
-    },
-    decrypt: (hash: Hash) => {
-      const decipher = createDecipheriv(ALGORITHM, key, Buffer.from(hash.iv, 'hex'));
-      return Buffer.concat([decipher.update(Buffer.from(hash.encryptedData, 'hex')), decipher.final()]).toString();
-    }
+    encrypt: (value: string) => jws.sign({
+      header: { alg: 'HS256' },
+      payload: value,
+      secret: secret,
+    }),
+    decrypt: (value: string) => pipe(
+      jws.decode(value),
+      O.fromNullable,
+      O.map(it => it.payload),
+      O.match(
+        () => left("Failed to decrypt jws"),
+        (payload) => right(payload)
+      )
+    )
   }
 }
 
-export default encryption;
+export const cryptoEncryption = (secret: string): Encryption => {
+  const key = createHash("sha256")
+    .update(String(secret))
+    .digest("base64")
+    .substring(0, 32);
+
+  return {
+    encrypt: (value: string) => {
+      const cipher = createCipheriv(ALGORITHM, key, IV);
+      return `${IV.toString("hex")}.${Buffer.concat([
+        cipher.update(value),
+        cipher.final(),
+      ]).toString("hex")}`;
+    },
+    decrypt: (value: string) => pipe(
+      right(value),
+      E.map(it => it.split(".")),
+      E.flatMap(it => it.length == 2 ? right({ iv: it[0]!, data: it[1]! }) : left("Invalid value to decrypt")),
+      E.map(it => ({
+        hash: it,
+        decipher: createDecipheriv(
+          ALGORITHM,
+          key,
+          Buffer.from(it.iv, "hex")
+        )
+      })),
+      E.map(it => Buffer.concat([
+        it.decipher.update(Buffer.from(it.hash.data, "hex")),
+        it.decipher.final(),
+      ]).toString())
+    ),
+  };
+};
+
+export default jwsEncryption;

src/i8n.ts

@@ -4,11 +4,12 @@ import { option as O } from "fp-ts";
 import _ from "underscore";
 
 export type LANG = "en-US" | "da-DK" | "de-DE" | "es-ES" | "fr-FR" | "it-IT" | "ja-JP" | "nb-NO" | "nl-NL" | "pt-BR" | "sv-SE" | "zh-CN"
-export type SUPPORTED_LANG = "en-US" | "nl-NL";
+export type SUPPORTED_LANG = "en-US" | "da-DK" | "fr-FR" | "nl-NL";
 export type KEY =
   | "AppLinkMessage"
   | "artists"
   | "albums"
+  | "internetRadio"  
   | "playlists"
   | "genres"
   | "random"
@@ -39,6 +40,7 @@ export type KEY =
   | "loginFailed" 
   | "noSonosDevices" 
   | "favourites"
+  | "years"
   | "LOVE"
   | "LOVE_SUCCESS"
   | "STAR" 
@@ -51,6 +53,7 @@ const translations: Record<SUPPORTED_LANG, Record<KEY, string>> = {
     AppLinkMessage: "Linking sonos with $BNB_SONOS_SERVICE_NAME",
     artists: "Artists",
     albums: "Albums",
+    internetRadio: "Internet Radio",
     tracks: "Tracks",
     playlists: "Playlists",
     genres: "Genres",
@@ -81,6 +84,7 @@ const translations: Record<SUPPORTED_LANG, Record<KEY, string>> = {
     loginFailed: "Login failed!",
     noSonosDevices: "No sonos devices",
     favourites: "Favourites",
+    years: "Years",
     STAR: "Star",
     UNSTAR: "Un-star",
     STAR_SUCCESS: "Track starred",
@@ -88,10 +92,97 @@ const translations: Record<SUPPORTED_LANG, Record<KEY, string>> = {
     LOVE: "Love",
     LOVE_SUCCESS: "Track loved"
   },
+  "da-DK": {
+    AppLinkMessage: "Forbinder Sonos med $BNB_SONOS_SERVICE_NAME",
+    artists: "Kunstnere",
+    albums: "Album",
+    internetRadio: "Internet Radio",
+    tracks: "Numre",
+    playlists: "Afspilningslister",
+    genres: "Genre",
+    random: "Tilfældig",
+    topRated: "Højst vurderet",
+    recentlyAdded: "Senest tilføjet",
+    recentlyPlayed: "Senest afspillet",
+    mostPlayed: "Flest afspilninger",
+    success: "Succes",
+    failure: "Fejl",
+    expectedConfig: "Forventet konfiguration",
+    existingServiceConfig: "Eksisterende tjeneste konfiguration",
+    noExistingServiceRegistration: "Ingen eksisterende tjeneste registrering",
+    register: "Registrer",
+    removeRegistration: "Fjern registrering",
+    devices: "Enheder",
+    services: "Tjenester",
+    login: "Log på",
+    logInToBonob: "Log på $BNB_SONOS_SERVICE_NAME",
+    username: "Brugernavn",
+    password: "Adgangskode",
+    successfullyRegistered: "Registreret med succes",
+    registrationFailed: "Registrering fejlede!",
+    successfullyRemovedRegistration: "Registrering fjernet med succes",
+    failedToRemoveRegistration: "FJernelse af registrering fejlede!",
+    invalidLinkCode: "Ugyldig linkCode!",
+    loginSuccessful: "Log på succes!",
+    loginFailed: "Log på fejlede!",
+    noSonosDevices: "Ingen Sonos enheder",
+    favourites: "Favoritter",
+    years: "Flere år",
+    STAR: "Tilføj stjerne",
+    UNSTAR: "Fjern stjerne",
+    STAR_SUCCESS: "Stjerne tilføjet",
+    UNSTAR_SUCCESS: "Stjerne fjernet",
+    LOVE: "Synes godt om",
+    LOVE_SUCCESS: "Syntes godt om"
+  },
+  "fr-FR": {
+    AppLinkMessage: "Associer Sonos à $BNB_SONOS_SERVICE_NAME",
+    artists: "Artistes",
+    albums: "Albums",
+    internetRadio: "Radio Internet",
+    tracks: "Pistes",
+    playlists: "Playlists",
+    genres: "Genres",
+    random: "Aléatoire",
+    topRated: "Les mieux notés",
+    recentlyAdded: "Récemment ajouté",
+    recentlyPlayed: "Récemment joué",
+    mostPlayed: "Les plus joué",
+    success: "Succès",
+    failure: "Échec",
+    expectedConfig: "Configuration attendue",
+    existingServiceConfig: "La configuration de service existe",
+    noExistingServiceRegistration: "Aucun enregistrement de service existant",
+    register: "Inscription",
+    removeRegistration: "Supprimer l'inscription",
+    devices: "Appareils",
+    services: "Services",
+    login: "Se connecter",
+    logInToBonob: "Se connecter à $BNB_SONOS_SERVICE_NAME",
+    username: "Nom d'utilisateur",
+    password: "Mot de passe",
+    successfullyRegistered: "Connecté avec succès",
+    registrationFailed: "Échec de la connexion !",
+    successfullyRemovedRegistration: "Inscription supprimée avec succès",
+    failedToRemoveRegistration: "Échec de la suppression de l'inscription !",
+    invalidLinkCode: "Code non valide !",
+    loginSuccessful: "Connexion réussie !",
+    loginFailed: "La connexion a échoué !",
+    noSonosDevices: "Aucun appareil Sonos",
+    favourites: "Favoris",
+    years: "Années",
+    STAR: "Suivre",
+    UNSTAR: "Ne plus suivre",
+    STAR_SUCCESS: "Piste suivie",
+    UNSTAR_SUCCESS: "Piste non suivie",
+    LOVE: "Aimer",
+    LOVE_SUCCESS: "Pistes aimée"
+  },
   "nl-NL": {
     AppLinkMessage: "Sonos koppelen aan $BNB_SONOS_SERVICE_NAME",
     artists: "Artiesten",
     albums: "Albums",
+    internetRadio: "Internet Radio",
     tracks: "Nummers",
     playlists: "Afspeellijsten",
     genres: "Genres",
@@ -122,6 +213,7 @@ const translations: Record<SUPPORTED_LANG, Record<KEY, string>> = {
     loginFailed: "Inloggen mislukt!",
     noSonosDevices: "Geen Sonos-apparaten",
     favourites: "Favorieten",
+    years: "Jaren",
     STAR: "Ster ",
     UNSTAR: "Een ster",
     STAR_SUCCESS: "Nummer met ster",

src/icon.ts

@@ -1,4 +1,5 @@
-import libxmljs, { Element, Attribute } from "libxmljs2";
+import * as xpath from "xpath";
+import { DOMParser, Node } from '@xmldom/xmldom';
 import _ from "underscore";
 import fs from "fs";
 
@@ -13,11 +14,10 @@ import {
   isMay4,
   SystemClock,
 } from "./clock";
+import { xmlTidy } from "./utils";
 import path from "path";
 
-const SVG_NS = {
-  svg: "http://www.w3.org/2000/svg",
-};
+const SVG_NS = "http://www.w3.org/2000/svg";
 
 class ViewBox {
   minX: number;
@@ -48,8 +48,16 @@ export type IconFeatures = {
   viewPortIncreasePercent: number | undefined;
   backgroundColor: string | undefined;
   foregroundColor: string | undefined;
+  text: string | undefined;
 };
 
+export const NO_FEATURES: IconFeatures = {
+  viewPortIncreasePercent: undefined,
+  backgroundColor: undefined,
+  foregroundColor: undefined,
+  text: undefined
+}
+
 export type IconSpec = {
   svg: string | undefined;
   features: Partial<IconFeatures> | undefined;
@@ -93,17 +101,11 @@ export class SvgIcon implements Icon {
 
   constructor(
     svg: string,
-    features: Partial<IconFeatures> = {
-      viewPortIncreasePercent: undefined,
-      backgroundColor: undefined,
-      foregroundColor: undefined,
-    }
+    features: Partial<IconFeatures> = {}
   ) {
     this.svg = svg;
     this.features = {
-      viewPortIncreasePercent: undefined,
-      backgroundColor: undefined,
-      foregroundColor: undefined,
+      ...NO_FEATURES,
       ...features,
     };
   }
@@ -117,38 +119,44 @@ export class SvgIcon implements Icon {
     });
 
   public toString = () => {
-    const xml = libxmljs.parseXmlString(this.svg, {
-      noblanks: true,
-      net: false,
-    });
-    const viewBoxAttr = xml.get("//svg:svg/@viewBox", SVG_NS) as Attribute;
-    let viewBox = new ViewBox(viewBoxAttr.value());
+    const doc = new DOMParser().parseFromString(this.svg, 'text/xml') as unknown as Document;
+    const select = xpath.useNamespaces({ svg: SVG_NS });
+
+    const elements = (path: string) => (select(path, doc) as Element[])
+    const element = (path: string) => elements(path)[0]!
+
+    let viewBox = new ViewBox(select("string(//svg:svg/@viewBox)", doc) as string);
     if (
       this.features.viewPortIncreasePercent &&
       this.features.viewPortIncreasePercent > 0
     ) {
       viewBox = viewBox.increasePercent(this.features.viewPortIncreasePercent);
-      viewBoxAttr.value(viewBox.toString());
+      element("//svg:svg").setAttribute("viewBox", viewBox.toString());
     }
-    if (this.features.backgroundColor) {
-      (xml.get("//svg:svg/*[1]", SVG_NS) as Element).addPrevSibling(
-        new Element(xml, "rect").attr({
-          x: `${viewBox.minX}`,
-          y: `${viewBox.minY}`,
-          width: `${Math.abs(viewBox.minX) + viewBox.width}`,
-          height: `${Math.abs(viewBox.minY) + viewBox.height}`,
-          fill: this.features.backgroundColor,
-        })
-      );
-    }
-    if (this.features.foregroundColor) {
-      (xml.find("//svg:path", SVG_NS) as Element[]).forEach((path) => {
-        if (path.attr("fill"))
-          path.attr({ stroke: this.features.foregroundColor! });
-        else path.attr({ fill: this.features.foregroundColor! });
+    if(this.features.text) {
+      elements("//svg:text").forEach((text) => {
+        text.textContent = this.features.text!
       });
     }
-    return xml.toString();
+    if (this.features.foregroundColor) {
+      elements("//svg:path|//svg:text").forEach((path) => {
+        if (path.getAttribute("fill")) path.setAttribute("stroke", this.features.foregroundColor!);
+        else path.setAttribute("fill", this.features.foregroundColor!);
+      });
+    }
+    if (this.features.backgroundColor) {
+      const rect = doc.createElementNS(SVG_NS, "rect");
+      rect.setAttribute("x", `${viewBox.minX}`);
+      rect.setAttribute("y", `${viewBox.minY}`);
+      rect.setAttribute("width", `${Math.abs(viewBox.minX) + viewBox.width}`);
+      rect.setAttribute("height", `${Math.abs(viewBox.minY) + viewBox.height}`);
+      rect.setAttribute("fill", this.features.backgroundColor);
+      
+      const svg = element("//svg:svg")
+      svg.insertBefore(rect, svg.childNodes[0]!);
+    }
+    
+    return xmlTidy(doc as unknown as Node);
   };
 }
 
@@ -163,6 +171,7 @@ export const HOLI_COLORS = [
 export type ICON =
   | "artists"
   | "albums"
+  | "radio"
   | "playlists"
   | "genres"
   | "random"
@@ -228,19 +237,24 @@ export type ICON =
   | "yoda" 
   | "heart"
   | "star" 
-  | "solidStar";
+  | "solidStar"
+  | "yy"
+  | "yyyy";
 
-const iconFrom = (name: string) =>
+const svgFrom = (name: string) =>
   new SvgIcon(
     fs
       .readFileSync(path.resolve(__dirname, "..", "web", "icons", name))
       .toString()
   );
 
+const iconFrom = (name: string) => svgFrom(name).with({ features: { viewPortIncreasePercent: 80 } });
+    
 export const ICONS: Record<ICON, SvgIcon> = {
   artists: iconFrom("navidrome-artists.svg"),
   albums: iconFrom("navidrome-all.svg"),
-  blank: iconFrom("blank.svg"),
+  radio: iconFrom("navidrome-radio.svg"),
+  blank: svgFrom("blank.svg"),
   playlists: iconFrom("navidrome-playlists.svg"),
   genres: iconFrom("Theatre-Mask-111172.svg"),
   random: iconFrom("navidrome-random.svg"),
@@ -305,7 +319,9 @@ export const ICONS: Record<ICON, SvgIcon> = {
   yoda: iconFrom("Yoda-68107.svg"),
   heart: iconFrom("Heart-85038.svg"),
   star: iconFrom("Star-16101.svg"),
-  solidStar: iconFrom("Star-43879.svg")
+  solidStar: iconFrom("Star-43879.svg"),
+  yy: svgFrom("yy.svg"),
+  yyyy: svgFrom("yyyy.svg"),
 };
 
 export const STAR_WARS = [ICONS.c3po, ICONS.chewy, ICONS.darth, ICONS.skywalker, ICONS.leia, ICONS.r2d2, ICONS.yoda];

src/link_codes.ts

@@ -2,7 +2,7 @@ import { v4 as uuid } from 'uuid';
 
 
 export type Association = {
-  authToken: string
+  serviceToken: string
   userId: string
   nickname: string  
 }

src/logger.ts

@@ -6,7 +6,7 @@ export function debugIt<T>(thing: T): T {
 }
 
 const logger = createLogger({
-    level: 'debug',
+    level: process.env["BNB_LOG_LEVEL"] || 'info',
     format: format.combine(
       format.timestamp({
         format: 'YYYY-MM-DD HH:mm:ss'

src/music_service.ts

@@ -1,48 +1,29 @@
+import { BUrn } from "./burn";
+import { taskEither as TE } from "fp-ts";
+
 export type Credentials = { username: string; password: string };
 
-export function isSuccess(
-  authResult: AuthSuccess | AuthFailure
-): authResult is AuthSuccess {
-  return (authResult as AuthSuccess).authToken !== undefined;
-}
-
-export function isFailure(
-  authResult: any | AuthFailure
-): authResult is AuthFailure {
-  return (authResult as AuthFailure).message !== undefined;
-}
-
 export type AuthSuccess = {
-  authToken: string;
+  serviceToken: string;
   userId: string;
   nickname: string;
 };
 
-export type AuthFailure = {
-  message: string;
+export class AuthFailure extends Error {
+  constructor(message: string) {
+    super(message);
+  }
 };
 
 export type ArtistSummary = {
-  id: string;
+  id: string | undefined;
   name: string;
-};
-
-export type Images = {
-  small: string | undefined;
-  medium: string | undefined;
-  large: string | undefined;
-};
-
-export const NO_IMAGES: Images = {
-  small: undefined,
-  medium: undefined,
-  large: undefined,
+  image: BUrn | undefined;
 };
 
 export type SimilarArtist = ArtistSummary & { inLibrary: boolean };
 
 export type Artist = ArtistSummary & {
-  image: Images
   albums: AlbumSummary[];
   similarArtists: SimilarArtist[]
 };
@@ -52,7 +33,7 @@ export type AlbumSummary = {
   name: string;
   year: string | undefined;
   genre: Genre | undefined;
-  coverArt: string | undefined;
+  coverArt: BUrn | undefined;
 
   artistName: string | undefined;
   artistId: string | undefined;
@@ -65,24 +46,40 @@ export type Genre = {
   id: string;
 }
 
+export type Year = {
+  year: string;
+}
+
 export type Rating = {
   love: boolean;
   stars: number;
 }
 
+export type Encoding = {
+  player: string,
+  mimeType: string
+}
+
 export type Track = {
   id: string;
   name: string;
-  mimeType: string;
+  encoding: Encoding,
   duration: number;
   number: number | undefined;
   genre: Genre | undefined;
-  coverArt: string | undefined;
+  coverArt: BUrn | undefined;
   album: AlbumSummary;
   artist: ArtistSummary;
   rating: Rating;
 };
 
+export type RadioStation = {
+  id: string,
+  name: string,
+  url: string,
+  homePage?: string
+}
+
 export type Paging = {
   _index: number;
   _count: number;
@@ -107,16 +104,19 @@ export const asResult = <T>([results, total]: [T[], number]) => ({
 
 export type ArtistQuery = Paging;
 
-export type AlbumQueryType = 'alphabeticalByArtist' | 'alphabeticalByName' | 'byGenre' | 'random' | 'recentlyPlayed' | 'mostPlayed' | 'recentlyAdded' | 'favourited' | 'starred';
+export type AlbumQueryType = 'alphabeticalByArtist' | 'alphabeticalByName' | 'byGenre' | 'byYear' | 'random' | 'recentlyPlayed' | 'mostPlayed' | 'recentlyAdded' | 'favourited' | 'starred';
 
 export type AlbumQuery = Paging & {
   type: AlbumQueryType;
   genre?: string;
+  fromYear?: string;
+  toYear?: string;
 };
 
 export const artistToArtistSummary = (it: Artist): ArtistSummary => ({
   id: it.id,
   name: it.name,
+  image: it.image
 });
 
 export const albumToAlbumSummary = (it: Album): AlbumSummary => ({
@@ -131,7 +131,8 @@ export const albumToAlbumSummary = (it: Album): AlbumSummary => ({
 
 export const playlistToPlaylistSummary = (it: Playlist): PlaylistSummary => ({
   id: it.id,
-  name: it.name
+  name: it.name,
+  coverArt: it.coverArt
 })
 
 export type StreamingHeader = "content-type" | "content-length" | "content-range" | "accept-ranges";
@@ -149,7 +150,8 @@ export type CoverArt = {
 
 export type PlaylistSummary = {
   id: string,
-  name: string
+  name: string,
+  coverArt?: BUrn | undefined
 }
 
 export type Playlist = PlaylistSummary & {
@@ -164,8 +166,9 @@ export const asArtistAlbumPairs = (artists: Artist[]): [Artist, Album][] =>
   );
 
 export interface MusicService {
-  generateToken(credentials: Credentials): Promise<AuthSuccess | AuthFailure>;
-  login(authToken: string): Promise<MusicLibrary>;
+  generateToken(credentials: Credentials): TE.TaskEither<AuthFailure, AuthSuccess>;
+  refreshToken(serviceToken: string): TE.TaskEither<AuthFailure, AuthSuccess>;
+  login(serviceToken: string): Promise<MusicLibrary>;
 }
 
 export interface MusicLibrary {
@@ -176,6 +179,7 @@ export interface MusicLibrary {
   tracks(albumId: string): Promise<Track[]>;
   track(trackId: string): Promise<Track>;
   genres(): Promise<Genre[]>;
+  years(): Promise<Year[]>;
   stream({
     trackId,
     range,
@@ -184,7 +188,7 @@ export interface MusicLibrary {
     range: string | undefined;
   }): Promise<TrackStream>;
   rate(trackId: string, rating: Rating): Promise<boolean>;
-  coverArt(id: string, size?: number): Promise<CoverArt | undefined>;
+  coverArt(coverArtURN: BUrn, size?: number): Promise<CoverArt | undefined>;
   nowPlaying(id: string): Promise<boolean>
   scrobble(id: string): Promise<boolean>
   searchArtists(query: string): Promise<ArtistSummary[]>;
@@ -198,4 +202,6 @@ export interface MusicLibrary {
   removeFromPlaylist(playlistId: string, indicies: number[]): Promise<boolean>
   similarSongs(id: string): Promise<Track[]>;
   topSongs(artistId: string): Promise<Track[]>;
+  radioStation(id: string): Promise<RadioStation>
+  radioStations(): Promise<RadioStation[]>
 }

src/random_string.ts

@@ -1,6 +0,0 @@
-import { randomBytes } from "crypto";
-
-const randomString = () => randomBytes(32).toString('hex')
-
-export default randomString
-

src/server.ts

@@ -1,4 +1,4 @@
-import { option as O } from "fp-ts";
+import { either as E, taskEither as TE } from "fp-ts";
 import express, { Express, Request } from "express";
 import * as Eta from "eta";
 import path from "path";
@@ -22,21 +22,46 @@ import {
   ratingAsInt,
 } from "./smapi";
 import { LinkCodes, InMemoryLinkCodes } from "./link_codes";
-import { MusicService, isSuccess } from "./music_service";
+import { MusicService, AuthFailure, AuthSuccess } from "./music_service";
 import bindSmapiSoapServiceToExpress from "./smapi";
-import { AccessTokens, AccessTokenPerAuthToken } from "./access_tokens";
+import { APITokens, InMemoryAPITokens } from "./api_tokens";
 import logger from "./logger";
 import { Clock, SystemClock } from "./clock";
 import { pipe } from "fp-ts/lib/function";
 import { URLBuilder } from "./url_builder";
 import makeI8N, { asLANGs, KEY, keys as i8nKeys, LANG } from "./i8n";
 import { Icon, ICONS, festivals, features } from "./icon";
-import _, { shuffle } from "underscore";
+import _ from "underscore";
 import morgan from "morgan";
-import { takeWithRepeats } from "./utils";
+import { parse } from "./burn";
+import { axiosImageFetcher, ImageFetcher } from "./subsonic";
+import {
+  JWTSmapiLoginTokens,
+  SmapiAuthTokens,
+} from "./smapi_auth";
+import { SmapiTokenStore, InMemorySmapiTokenStore } from "./smapi_token_store";
 
 export const BONOB_ACCESS_TOKEN_HEADER = "bat";
 
+// Session storage for tracking active streams (for scrobbling)
+type StreamSession = {
+  serviceToken: string;
+  trackId: string;
+  timestamp: number;
+};
+
+const streamSessions = new Map<string, StreamSession>();
+
+// Clean up old sessions (older than 1 hour)
+setInterval(() => {
+  const oneHourAgo = Date.now() - (60 * 60 * 1000);
+  for (const [sid, session] of streamSessions.entries()) {
+    if (session.timestamp < oneHourAgo) {
+      streamSessions.delete(sid);
+    }
+  }
+}, 5 * 60 * 1000).unref(); // Run every 5 minutes, but don't prevent process exit
+
 interface RangeFilter extends Transform {
   range: (length: number) => string;
 }
@@ -76,7 +101,7 @@ export class RangeBytesFromFilter extends Transform {
 
 export type ServerOpts = {
   linkCodes: () => LinkCodes;
-  accessTokens: () => AccessTokens;
+  apiTokens: () => APITokens;
   clock: Clock;
   iconColors: {
     foregroundColor: string | undefined;
@@ -85,16 +110,28 @@ export type ServerOpts = {
   applyContextPath: boolean;
   logRequests: boolean;
   version: string;
+  smapiAuthTokens: SmapiAuthTokens;
+  externalImageResolver: ImageFetcher;
+  smapiTokenStore: SmapiTokenStore;
+  tokenCleanupIntervalMinutes: number;
 };
 
 const DEFAULT_SERVER_OPTS: ServerOpts = {
   linkCodes: () => new InMemoryLinkCodes(),
-  accessTokens: () => new AccessTokenPerAuthToken(),
+  apiTokens: () => new InMemoryAPITokens(),
   clock: SystemClock,
   iconColors: { foregroundColor: undefined, backgroundColor: undefined },
   applyContextPath: true,
   logRequests: false,
   version: "v?",
+  smapiAuthTokens: new JWTSmapiLoginTokens(
+    SystemClock,
+    `bonob-${uuid()}`,
+    "1m"
+  ),
+  externalImageResolver: axiosImageFetcher,
+  smapiTokenStore: new InMemorySmapiTokenStore(),
+  tokenCleanupIntervalMinutes: 60,
 };
 
 function server(
@@ -107,7 +144,8 @@ function server(
   const serverOpts = { ...DEFAULT_SERVER_OPTS, ...opts };
 
   const linkCodes = serverOpts.linkCodes();
-  const accessTokens = serverOpts.accessTokens();
+  const smapiAuthTokens = serverOpts.smapiAuthTokens;
+  const apiTokens = serverOpts.apiTokens();
   const clock = serverOpts.clock;
 
   const startUpTime = dayjs();
@@ -119,6 +157,7 @@ function server(
     app.use(morgan("combined"));
   }
   app.use(express.urlencoded({ extended: false }));
+  app.use(express.json());
 
   app.use(express.static(path.resolve(__dirname, "..", "web", "public")));
   app.engine("eta", Eta.renderFile);
@@ -154,7 +193,7 @@ function server(
           removeRegistrationRoute: bonobUrl
             .append({ pathname: REMOVE_REGISTRATION_ROUTE })
             .pathname(),
-          version: opts.version,
+          version: serverOpts.version || DEFAULT_SERVER_OPTS.version,
         });
       }
     );
@@ -216,28 +255,41 @@ function server(
     const lang = langFor(req);
     const { username, password, linkCode } = req.body;
     if (!linkCodes.has(linkCode)) {
-      res.status(400).render("failure", {
+      return res.status(400).render("failure", {
         lang,
         message: lang("invalidLinkCode"),
       });
     } else {
-      const authResult = await musicService.generateToken({
-        username,
-        password,
-      });
-      if (isSuccess(authResult)) {
-        linkCodes.associate(linkCode, authResult);
-        res.render("success", {
-          lang,
-          message: lang("loginSuccessful"),
-        });
-      } else {
-        res.status(403).render("failure", {
-          lang,
-          message: lang("loginFailed"),
-          cause: authResult.message,
-        });
-      }
+      return pipe(
+        musicService.generateToken({
+          username,
+          password,
+        }),
+        TE.match(
+          (e: AuthFailure) => ({
+            status: 403,
+            template: "failure",
+            params: {
+              lang,
+              message: lang("loginFailed"),
+              cause: e.message,
+            },
+          }),
+          (success: AuthSuccess) => {
+            linkCodes.associate(linkCode, success);
+            return {
+              status: 200,
+              template: "success",
+              params: {
+                lang,
+                message: lang("loginSuccessful"),
+              },
+            };
+          }
+        )
+      )().then(({ status, template, params }) =>
+        res.status(status).render(template, params)
+      );
     }
   });
 
@@ -262,32 +314,46 @@ function server(
     const nowPlayingRatingsMatch = (value: number) => {
       const rating = ratingFromInt(value);
       const nextLove = { ...rating, love: !rating.love };
-      const nextStar = { ...rating, stars: (rating.stars === 5 ? 0 : rating.stars + 1) }
+      const nextStar = {
+        ...rating,
+        stars: rating.stars === 5 ? 0 : rating.stars + 1,
+      };
 
-      const loveRatingIcon = bonobUrl.append({pathname: rating.love ? '/love-selected.svg' : '/love-unselected.svg'}).href();
-      const starsRatingIcon = bonobUrl.append({pathname: `/star${rating.stars}.svg`}).href();
+      const loveRatingIcon = bonobUrl
+        .append({
+          pathname: rating.love ? "/love-selected.svg" : "/love-unselected.svg",
+        })
+        .href();
+      const starsRatingIcon = bonobUrl
+        .append({ pathname: `/star${rating.stars}.svg` })
+        .href();
 
       return `<Match propname="rating" value="${value}">
         <Ratings>
-          <Rating Id="${ratingAsInt(nextLove)}" AutoSkip="NEVER" OnSuccessStringId="LOVE_SUCCESS" StringId="LOVE">
+          <Rating Id="${ratingAsInt(
+        nextLove
+      )}" AutoSkip="NEVER" OnSuccessStringId="LOVE_SUCCESS" StringId="LOVE">
             <Icon Controller="universal" LastModified="${LastModified}" Uri="${loveRatingIcon}" />
           </Rating>
-          <Rating Id="${-ratingAsInt(nextStar)}" AutoSkip="NEVER" OnSuccessStringId="STAR_SUCCESS" StringId="STAR">
+          <Rating Id="${-ratingAsInt(
+        nextStar
+      )}" AutoSkip="NEVER" OnSuccessStringId="STAR_SUCCESS" StringId="STAR">
             <Icon Controller="universal" LastModified="${LastModified}" Uri="${starsRatingIcon}" />
           </Rating>
         </Ratings>
-      </Match>`
-    }
+      </Match>`;
+    };
 
     res.type("application/xml").send(`<?xml version="1.0" encoding="utf-8" ?>
     <Presentation>
+      <BrowseOptions PageSize="30" />
       <PresentationMap type="ArtWorkSizeMap">
         <Match>
           <imageSizeMap>
             ${SONOS_RECOMMENDED_IMAGE_SIZES.map(
-              (size) =>
-                `<sizeEntry size="${size}" substitution="/size/${size}"/>`
-            ).join("")}
+      (size) =>
+        `<sizeEntry size="${size}" substitution="/size/${size}"/>`
+    ).join("")}
           </imageSizeMap>
         </Match>
       </PresentationMap>
@@ -296,9 +362,9 @@ function server(
           <browseIconSizeMap>
               <sizeEntry size="0" substitution="/size/legacy"/>
               ${SONOS_RECOMMENDED_IMAGE_SIZES.map(
-                (size) =>
-                  `<sizeEntry size="${size}" substitution="/size/${size}"/>`
-              ).join("")}
+      (size) =>
+        `<sizeEntry size="${size}" substitution="/size/${size}"/>`
+    ).join("")}
             </browseIconSizeMap>
         </Match>
       </PresentationMap>
@@ -332,42 +398,64 @@ function server(
     const id = req.params["id"]!;
     const trace = uuid();
 
-    logger.info(
-      `${trace} bnb<- ${req.method} ${req.path}?${
-        JSON.stringify(req.query)
-      }, headers=${JSON.stringify(req.headers)}`
+    logger.debug(
+      `${trace} bnb<- ${req.method} ${req.path}?${JSON.stringify(
+        req.query
+      )}, headers=${JSON.stringify({ ...req.headers, "bnbt": "*****", "bnbk": "*****" })}`
     );
-    const authToken = pipe(
-      req.query[BONOB_ACCESS_TOKEN_HEADER] as string,
-      O.fromNullable,
-      O.map((accessToken) => accessTokens.authTokenFor(accessToken)),
-      O.getOrElseW(() => undefined)
-    );
-    if (!authToken) {
+
+    const serviceToken = pipe(
+      E.fromNullable("Missing bnbt header")(req.headers["bnbt"] as string),
+      E.chain(token => pipe(
+        E.fromNullable("Missing bnbk header")(req.headers["bnbk"] as string),
+        E.map(key => ({ token, key }))
+      )),
+      E.chain((auth) =>
+        pipe(
+          smapiAuthTokens.verify(auth),
+          E.mapLeft((_) => "Auth token failed to verify")
+        )
+      ),
+      E.getOrElseW(() => undefined)
+    )
+
+    if (!serviceToken) {
       return res.status(401).send();
     } else {
+      // Store session for scrobbling later (when Sonos reports playback)
+      streamSessions.set(id, {
+        serviceToken,
+        trackId: id,
+        timestamp: Date.now(),
+      });
+      logger.debug(`Stored stream session for track ${id}`);
+
       return musicService
-        .login(authToken)
+        .login(serviceToken)
         .then((it) =>
           it
             .stream({
               trackId: id,
               range: req.headers["range"] || undefined,
             })
+            .then((stream) => {
+              res.on('close', () => {
+                stream.stream.destroy()
+              });
+              return stream;
+            })
             .then((stream) => ({ musicLibrary: it, stream }))
         )
-        .then(({ stream }) => {
-          logger.info(
-            `${trace} bnb<- stream response from music service for ${id}, status=${
-              stream.status
-            }, headers=(${JSON.stringify(stream.headers)})`
+        .then(({ musicLibrary, stream }) => {
+          logger.debug(
+            `${trace} bnb<- stream response from music service for ${id}, status=${stream.status}, headers=(${JSON.stringify(stream.headers)})`
           );
 
           const sonosisfyContentType = (contentType: string) =>
             contentType
               .split(";")
               .map((it) => it.trim())
-              .map((it) => sonosifyMimeType(it))
+              .map(sonosifyMimeType)
               .join("; ");
 
           const respondWith = ({
@@ -375,25 +463,30 @@ function server(
             filter,
             headers,
             sendStream,
+            nowPlaying,
           }: {
             status: number;
             filter: Transform;
             headers: Record<string, string>;
             sendStream: boolean;
+            nowPlaying: boolean;
           }) => {
-            logger.info(
-              `${trace} bnb-> ${
-                req.path
-              }, status=${status}, headers=${JSON.stringify(headers)}`
+            logger.debug(
+              `${trace} bnb-> ${req.path}, status=${status}, headers=${JSON.stringify(headers)}`
             );
-            res.status(status);
-            Object.entries(headers)
-              .filter(([_, v]) => v !== undefined)
-              .forEach(([header, value]) => {
-                res.setHeader(header, value!);
-              });
-            if (sendStream) stream.stream.pipe(filter).pipe(res);
-            else res.send();
+            (nowPlaying
+              ? musicLibrary.nowPlaying(id)
+              : Promise.resolve(true)
+            ).then((_) => {
+              res.status(status);
+              Object.entries(headers)
+                .filter(([_, v]) => v !== undefined)
+                .forEach(([header, value]) => {
+                  res.setHeader(header, value!);
+                });
+              if (sendStream) stream.stream.pipe(filter).pipe(res)
+              else res.send()
+            });
           };
 
           if (stream.status == 200) {
@@ -408,6 +501,7 @@ function server(
                 "accept-ranges": stream.headers["accept-ranges"],
               },
               sendStream: req.method == "GET",
+              nowPlaying: req.method == "GET",
             });
           } else if (stream.status == 206) {
             respondWith({
@@ -422,6 +516,7 @@ function server(
                 "accept-ranges": stream.headers["accept-ranges"],
               },
               sendStream: req.method == "GET",
+              nowPlaying: req.method == "GET",
             });
           } else {
             respondWith({
@@ -429,44 +524,47 @@ function server(
               filter: new PassThrough(),
               headers: {},
               sendStream: req.method == "GET",
+              nowPlaying: false,
             });
           }
         });
     }
   });
 
-  app.get("/icon/:type/size/:size", (req, res) => {
-    const type = req.params["type"]!;
+  app.get("/icon/:type_text/size/:size", (req, res) => {
+    const match = (req.params["type_text"] || "")!.match("^([A-Za-z0-9]+)(?:\:([A-Za-z0-9]+))?$")
+    if (!match)
+      return res.status(400).send();
+    
+    const type = match[1]!
+    const text = match[2]
     const size = req.params["size"]!;
 
     if (!Object.keys(ICONS).includes(type)) {
       return res.status(404).send();
-    } else if (
-      size != "legacy" &&
-      !SONOS_RECOMMENDED_IMAGE_SIZES.includes(size)
-    ) {
+    } else if (size != "legacy" && !SONOS_RECOMMENDED_IMAGE_SIZES.includes(size)) {
       return res.status(400).send();
     } else {
       let icon = (ICONS as any)[type]! as Icon;
       const spec =
         size == "legacy"
           ? {
-              mimeType: "image/png",
-              responseFormatter: (svg: string): Promise<Buffer | string> =>
-                sharp(Buffer.from(svg)).resize(80).png().toBuffer(),
-            }
+            mimeType: "image/png",
+            responseFormatter: (svg: string): Promise<Buffer | string> =>
+              sharp(Buffer.from(svg)).resize(80).png().toBuffer(),
+          }
           : {
-              mimeType: "image/svg+xml",
-              responseFormatter: (svg: string): Promise<Buffer | string> =>
-                Promise.resolve(svg),
-            };
+            mimeType: "image/svg+xml",
+            responseFormatter: (svg: string): Promise<Buffer | string> =>
+              Promise.resolve(svg),
+          };
 
       return Promise.resolve(
         icon
           .apply(
             features({
-              viewPortIncreasePercent: 80,
               ...serverOpts.iconColors,
+              text: text
             })
           )
           .apply(festivals(clock))
@@ -494,87 +592,165 @@ function server(
     });
   });
 
-  const GRAVITY_9 = [
-    "north",
-    "northeast",
-    "east",
-    "southeast",
-    "south",
-    "southwest",
-    "west",
-    "northwest",
-    "centre",
-  ];
-
-  app.get("/art/:ids/size/:size", (req, res) => {
-    const authToken = accessTokens.authTokenFor(
+  app.get("/art/:burn/size/:size", (req, res) => {
+    const serviceToken = apiTokens.authTokenFor(
       req.query[BONOB_ACCESS_TOKEN_HEADER] as string
     );
-    const ids = req.params["ids"]!.split("&");
+    const urn = parse(req.params["burn"]!);
     const size = Number.parseInt(req.params["size"]!);
 
-    if (!authToken) {
+    if (!serviceToken) {
       return res.status(401).send();
     } else if (!(size > 0)) {
       return res.status(400).send();
     }
 
     return musicService
-      .login(authToken)
-      .then((it) => Promise.all(ids.map((id) => it.coverArt(id, size))))
-      .then((coverArts) => coverArts.filter((it) => it))
-      .then(shuffle)
-      .then((coverArts) => {
-        if (coverArts.length == 1) {
-          const coverArt = coverArts[0]!;
+      .login(serviceToken)
+      .then((musicLibrary) => {
+        if (urn.system == "external") {
+          return serverOpts.externalImageResolver(urn.resource);
+        } else {
+          return musicLibrary.coverArt(urn, size);
+        }
+      })
+      .then((coverArt) => {
+        if(coverArt) {
           res.status(200);
           res.setHeader("content-type", coverArt.contentType);
           return res.send(coverArt.data);
-        } else if (coverArts.length > 1) {
-          const gravity = [...GRAVITY_9];
-          return sharp({
-            create: {
-              width: size * 3,
-              height: size * 3,
-              channels: 3,
-              background: { r: 255, g: 255, b: 255 },
-            },
-          })
-            .composite(
-              takeWithRepeats(coverArts, 9).map((art) => ({
-                input: art?.data,
-                gravity: gravity.pop(),
-              }))
-            )
-            .png()
-            .toBuffer()
-            .then((image) => sharp(image).resize(size).png().toBuffer())
-            .then((image) => {
-              res.status(200);
-              res.setHeader("content-type", "image/png");
-              return res.send(image);
-            });
         } else {
           return res.status(404).send();
         }
-      })
+    })
       .catch((e: Error) => {
-        logger.error(`Failed fetching image ${ids.join("&")}/size/${size}`, {
+        logger.error(`Failed fetching image ${urn}/size/${size}`, {
           cause: e,
         });
         return res.status(500).send();
       });
   });
 
+  // Sonos Reporting Endpoint for playback analytics
+  app.post("/report/:version/timePlayed", async (req, res) => {
+    const version = req.params["version"];
+    logger.debug(`Received Sonos reporting event (v${version}): ${JSON.stringify(req.body)}`);
+
+    try {
+      // Sonos may send an array of reports or a single report with items array
+      const reports = Array.isArray(req.body) ? req.body : [req.body];
+
+      for (const report of reports) {
+        // Handle both direct report format and items array format
+        const items = report.items || [report];
+
+        for (const item of items) {
+          const {
+            reportId,
+            mediaUrl,
+            durationPlayedMillis,
+            positionMillis,
+            type,
+          } = item;
+
+        // Extract track ID from mediaUrl (format: /stream/track/{id} or x-sonos-http:track%3a{id}.mp3)
+        let trackId: string | undefined;
+
+        if (mediaUrl) {
+          // Try standard URL format first
+          const standardMatch = mediaUrl.match(/\/stream\/track\/([^?]+)/);
+          if (standardMatch) {
+            trackId = standardMatch[1];
+          } else {
+            // Try x-sonos-http format (track%3a{id}.mp3)
+            const sonosMatch = mediaUrl.match(/track%3[aA]([^.?&]+)/);
+            if (sonosMatch) {
+              trackId = sonosMatch[1];
+            }
+          }
+        }
+
+        if (!trackId) {
+          logger.warn(`Could not extract track ID from mediaUrl: ${mediaUrl}, full report: ${JSON.stringify(report)}`);
+          continue; // Skip this report, process next one
+        }
+
+        const durationPlayedSeconds = Math.floor((durationPlayedMillis || 0) / 1000);
+
+        logger.info(
+          `Sonos reporting: type=${type}, trackId=${trackId}, reportId=${reportId}, ` +
+          `durationPlayed=${durationPlayedSeconds}s, position=${positionMillis}ms`
+        );
+
+        // For "final" reports, determine if we should scrobble
+        if (type === "final" && durationPlayedSeconds > 0) {
+          // Retrieve authentication from stream session storage
+          const session = streamSessions.get(trackId!);
+          let serviceToken: string | undefined = session?.serviceToken;
+
+          if (!serviceToken) {
+            // Fallback: try to extract from Authorization header (if present)
+            const authHeader = req.headers["authorization"];
+            if (authHeader && authHeader.startsWith("Bearer ")) {
+              const token = authHeader.substring(7);
+              const smapiToken = serverOpts.smapiTokenStore.get(token);
+              if (smapiToken) {
+                serviceToken = pipe(
+                  smapiAuthTokens.verify({ token, key: smapiToken.key }),
+                  E.getOrElseW(() => undefined)
+                );
+              }
+            }
+          }
+
+          if (serviceToken) {
+            await musicService.login(serviceToken).then((musicLibrary) => {
+              // Get track duration to determine scrobbling threshold
+              return musicLibrary.track(trackId!).then((track) => {
+                const shouldScrobble =
+                  (track.duration < 30 && durationPlayedSeconds >= 10) ||
+                  (track.duration >= 30 && durationPlayedSeconds >= 30);
+
+                if (shouldScrobble) {
+                  logger.info(`Scrobbling track ${trackId} after ${durationPlayedSeconds}s playback`);
+                  return musicLibrary.scrobble(trackId!);
+                } else {
+                  logger.debug(
+                    `Not scrobbling track ${trackId}: duration=${track.duration}s, played=${durationPlayedSeconds}s`
+                  );
+                  return Promise.resolve(false);
+                }
+              });
+            }).catch((e) => {
+              logger.error(`Failed to process scrobble for track ${trackId}`, { error: e });
+            });
+          } else {
+            logger.debug("No authentication available for reporting endpoint scrobble");
+          }
+        }
+        }
+      }
+
+      return res.status(200).json({ status: "ok" });
+    } catch (error) {
+      logger.error("Error processing Sonos reporting event", { error });
+      return res.status(500).json({ status: "error" });
+    }
+  });
+
   bindSmapiSoapServiceToExpress(
     app,
     SOAP_PATH,
     bonobUrl,
     linkCodes,
     musicService,
-    accessTokens,
+    apiTokens,
     clock,
-    i8n
+    i8n,
+    serverOpts.smapiAuthTokens,
+    serverOpts.smapiTokenStore,
+    serverOpts.logRequests,
+    serverOpts.tokenCleanupIntervalMinutes
   );
 
   if (serverOpts.applyContextPath) {

src/smapi_auth.ts

@@ -0,0 +1,192 @@
+import { either as E } from "fp-ts";
+import jwt from "jsonwebtoken";
+import { v4 as uuid } from "uuid";
+import { b64Decode, b64Encode } from "./b64";
+import { Clock } from "./clock";
+
+import logger from "./logger";
+
+export type SmapiFault = { Fault: { faultcode: string; faultstring: string } };
+export type SmapiRefreshTokenResultFault = SmapiFault & {
+  Fault: {
+    detail: {
+      refreshAuthTokenResult: { authToken: string; privateKey: string };
+    };
+  };
+};
+
+function isError(thing: any): thing is Error {
+  logger.debug("isError check", { thing });
+  return thing.name && thing.message;
+}
+
+export function isSmapiRefreshTokenResultFault(
+  fault: SmapiFault
+): fault is SmapiRefreshTokenResultFault {
+  return (fault.Fault as any).detail?.refreshAuthTokenResult != undefined;
+}
+
+export type SmapiToken = {
+  token: string;
+  key: string;
+};
+
+export interface ToSmapiFault {
+  _tag: string;
+  toSmapiFault(): SmapiFault
+}
+
+export const SMAPI_FAULT_LOGIN_UNAUTHORIZED = {
+  Fault: {
+    faultcode: "Client.LoginUnauthorized",
+    faultstring:
+      "Failed to authenticate, try Re-Authorising your account in the sonos app",
+  },
+};
+
+export const SMAPI_FAULT_LOGIN_UNSUPPORTED = {
+  Fault: {
+    faultcode: "Client.LoginUnsupported",
+    faultstring: "Missing credentials...",
+  },
+};
+
+export class MissingLoginTokenError extends Error implements ToSmapiFault {
+  _tag = "MissingLoginTokenError";
+
+  constructor() {
+    super("Missing Login Token");
+  }
+
+  toSmapiFault = () => SMAPI_FAULT_LOGIN_UNSUPPORTED;
+}
+
+
+export class InvalidTokenError extends Error implements ToSmapiFault {
+  _tag = "InvalidTokenError";
+
+  constructor(message: string) {
+    super(message);
+  }
+
+  toSmapiFault = () => SMAPI_FAULT_LOGIN_UNAUTHORIZED;
+}
+
+export function isExpiredTokenError(thing: any): thing is ExpiredTokenError {
+  return thing._tag == "ExpiredTokenError";
+}
+
+export class ExpiredTokenError extends Error implements ToSmapiFault {
+  _tag = "ExpiredTokenError";
+  expiredToken: string;
+
+  constructor(expiredToken: string) {
+    super("SMAPI token has expired");
+    this.expiredToken = expiredToken;
+  }
+
+  toSmapiFault = () => ({
+    Fault: {
+      faultcode: "Client.TokenRefreshRequired",
+      faultstring: "Token has expired",
+    },
+  });
+}
+
+export type SmapiAuthTokens = {
+  issue: (serviceToken: string) => SmapiToken;
+  verify: (smapiToken: SmapiToken) => E.Either<ToSmapiFault, string>;
+};
+
+type TokenExpiredError = {
+  name: string;
+  message: string;
+  expiredAt: number;
+};
+
+function isTokenExpiredError(thing: any): thing is TokenExpiredError {
+  return thing.name == "TokenExpiredError";
+}
+
+export const smapiTokenAsString = (smapiToken: SmapiToken) =>
+  b64Encode(
+    JSON.stringify({
+      token: smapiToken.token,
+      key: smapiToken.key,
+    })
+  );
+export const smapiTokenFromString = (smapiTokenString: string): SmapiToken =>
+  JSON.parse(b64Decode(smapiTokenString));
+
+export const SMAPI_TOKEN_VERSION = 2;
+
+export class JWTSmapiLoginTokens implements SmapiAuthTokens {
+  private readonly clock: Clock;
+  private readonly secret: string;
+  private readonly expiresIn: string;
+  private readonly version: number;
+  private readonly keyGenerator: () => string;
+
+  constructor(
+    clock: Clock,
+    secret: string,
+    expiresIn: string,
+    keyGenerator: () => string = uuid,
+    version: number = SMAPI_TOKEN_VERSION
+  ) {
+    this.clock = clock;
+    this.secret = secret;
+    this.expiresIn = expiresIn;
+    this.version = version;
+    this.keyGenerator = keyGenerator;
+  }
+
+  issue = (serviceToken: string) => {
+    const key = this.keyGenerator();
+    return {
+      token: jwt.sign(
+        { serviceToken, iat: this.clock.now().unix() },
+        this.secret + this.version + key,
+        { expiresIn: this.expiresIn }
+      ),
+      key,
+    };
+  };
+
+  verify = (smapiToken: SmapiToken): E.Either<ToSmapiFault, string> => {
+    logger.debug("Verifying JWT", {
+      token: smapiToken.token,
+      key: smapiToken.key,
+      secret: this.secret,
+      version: this.version,
+      secretKey: this.secret + this.version + smapiToken.key,
+    });
+    try {
+      return E.right(
+        (
+          jwt.verify(
+            smapiToken.token,
+            this.secret + this.version + smapiToken.key
+          ) as any
+        ).serviceToken
+      );
+    } catch (e) {
+      const err = e as Error;
+      if (isTokenExpiredError(e)) {
+        logger.debug("JWT token expired, will attempt refresh", { expiredAt: (e as TokenExpiredError).expiredAt });
+        const serviceToken = (
+          jwt.verify(
+            smapiToken.token,
+            this.secret + this.version + smapiToken.key,
+            { ignoreExpiration: true }
+          ) as any
+        ).serviceToken;
+        return E.left(new ExpiredTokenError(serviceToken));
+      } else {
+        logger.warn("JWT verification failed - token may be invalid or from different secret", { message: err.message });
+        if (isError(e)) return E.left(new InvalidTokenError(err.message));
+        else return E.left(new InvalidTokenError("Failed to verify token"));
+      }
+    }
+  };
+}

src/smapi_token_store.ts

@@ -0,0 +1,166 @@
+import fs from "fs";
+import path from "path";
+import logger from "./logger";
+import { SmapiToken, SmapiAuthTokens } from "./smapi_auth";
+import { either as E } from "fp-ts";
+
+export { SQLiteSmapiTokenStore } from "./sqlite_smapi_token_store";
+
+export interface SmapiTokenStore {
+  get(token: string): SmapiToken | undefined;
+  set(token: string, fullSmapiToken: SmapiToken): void;
+  delete(token: string): void;
+  getAll(): { [tokenKey: string]: SmapiToken };
+  cleanupExpired(smapiAuthTokens: SmapiAuthTokens): number;
+}
+
+export class InMemorySmapiTokenStore implements SmapiTokenStore {
+  private tokens: { [tokenKey: string]: SmapiToken } = {};
+
+  get(token: string): SmapiToken | undefined {
+    return this.tokens[token];
+  }
+
+  set(token: string, fullSmapiToken: SmapiToken): void {
+    this.tokens[token] = fullSmapiToken;
+  }
+
+  delete(token: string): void {
+    delete this.tokens[token];
+  }
+
+  getAll(): { [tokenKey: string]: SmapiToken } {
+    return this.tokens;
+  }
+
+  cleanupExpired(smapiAuthTokens: SmapiAuthTokens): number {
+    const tokenKeys = Object.keys(this.tokens);
+    let deletedCount = 0;
+
+    for (const tokenKey of tokenKeys) {
+      const smapiToken = this.tokens[tokenKey];
+      if (smapiToken) {
+        const verifyResult = smapiAuthTokens.verify(smapiToken);
+        // Only delete if token verification fails with InvalidTokenError
+        // Do NOT delete ExpiredTokenError as those can still be refreshed
+        if (E.isLeft(verifyResult)) {
+          const error = verifyResult.left;
+          // Delete both invalid and expired tokens to prevent accumulation
+          if (error._tag === 'InvalidTokenError' || error._tag === 'ExpiredTokenError') {
+            logger.debug(`Deleting ${error._tag} token from in-memory store`);
+            delete this.tokens[tokenKey];
+            deletedCount++;
+          }
+        }
+      }
+    }
+
+    if (deletedCount > 0) {
+      logger.info(`Cleaned up ${deletedCount} invalid token(s) from in-memory store`);
+    }
+
+    return deletedCount;
+  }
+}
+
+export class FileSmapiTokenStore implements SmapiTokenStore {
+  private tokens: { [tokenKey: string]: SmapiToken } = {};
+  private readonly filePath: string;
+
+  constructor(filePath: string) {
+    this.filePath = filePath;
+    this.loadFromFile();
+  }
+
+  private loadFromFile(): void {
+    try {
+      // Ensure the directory exists
+      const dir = path.dirname(this.filePath);
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+        logger.info(`Created token storage directory: ${dir}`);
+      }
+
+      // Load existing tokens if file exists
+      if (fs.existsSync(this.filePath)) {
+        const data = fs.readFileSync(this.filePath, "utf8");
+        this.tokens = JSON.parse(data);
+        logger.info(
+          `Loaded ${Object.keys(this.tokens).length} token(s) from ${this.filePath}`
+        );
+      } else {
+        logger.info(`No existing token file found at ${this.filePath}, starting fresh`);
+        this.tokens = {};
+        this.saveToFile();
+      }
+    } catch (error) {
+      logger.error(`Failed to load tokens from ${this.filePath}`, { error });
+      this.tokens = {};
+    }
+  }
+
+  private saveToFile(): void {
+    try {
+      // Ensure the directory exists before writing
+      const dir = path.dirname(this.filePath);
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+        logger.info(`Created token storage directory: ${dir}`);
+      }
+
+      const data = JSON.stringify(this.tokens, null, 2);
+      fs.writeFileSync(this.filePath, data, "utf8");
+      logger.debug(`Saved ${Object.keys(this.tokens).length} token(s) to ${this.filePath}`);
+    } catch (error) {
+      logger.error(`Failed to save tokens to ${this.filePath}`, { error });
+    }
+  }
+
+  get(token: string): SmapiToken | undefined {
+    return this.tokens[token];
+  }
+
+  set(token: string, fullSmapiToken: SmapiToken): void {
+    this.tokens[token] = fullSmapiToken;
+    this.saveToFile();
+  }
+
+  delete(token: string): void {
+    delete this.tokens[token];
+    this.saveToFile();
+  }
+
+  getAll(): { [tokenKey: string]: SmapiToken } {
+    return this.tokens;
+  }
+
+  cleanupExpired(smapiAuthTokens: SmapiAuthTokens): number {
+    const tokenKeys = Object.keys(this.tokens);
+    let deletedCount = 0;
+
+    for (const tokenKey of tokenKeys) {
+      const smapiToken = this.tokens[tokenKey];
+      if (smapiToken) {
+        const verifyResult = smapiAuthTokens.verify(smapiToken);
+        // Only delete if token verification fails with InvalidTokenError
+        // Do NOT delete ExpiredTokenError as those can still be refreshed
+        if (E.isLeft(verifyResult)) {
+          const error = verifyResult.left;
+          // Delete both invalid and expired tokens to prevent accumulation
+          if (error._tag === 'InvalidTokenError' || error._tag === 'ExpiredTokenError') {
+            logger.debug(`Deleting ${error._tag} token from file store`);
+            delete this.tokens[tokenKey];
+            deletedCount++;
+          }
+        }
+      }
+    }
+
+    if (deletedCount > 0) {
+      logger.info(`Cleaned up ${deletedCount} invalid token(s) from file store`);
+      this.saveToFile();
+    }
+
+    return deletedCount;
+  }
+}

src/sonos.ts

@@ -176,7 +176,7 @@ export function autoDiscoverySonos(sonosSeedHost?: string): Sonos {
         }
       })
       .catch((e) => {
-        logger.error(`Failed looking for sonos devices`, { cause: e });
+        logger.error(`Failed looking for sonos devices - ${e}`, { cause: e });
         return [];
       });
   };

src/sqlite_smapi_token_store.ts

@@ -0,0 +1,200 @@
+import Database from "better-sqlite3";
+import path from "path";
+import fs from "fs";
+import logger from "./logger";
+import { SmapiToken, SmapiAuthTokens } from "./smapi_auth";
+import { either as E } from "fp-ts";
+import { SmapiTokenStore } from "./smapi_token_store";
+
+export class SQLiteSmapiTokenStore implements SmapiTokenStore {
+  private db!: Database.Database;
+  private readonly dbPath: string;
+
+  constructor(dbPath: string) {
+    this.dbPath = dbPath;
+    this.initializeDatabase();
+  }
+
+  private initializeDatabase(): void {
+    try {
+      // Ensure the directory exists
+      const dir = path.dirname(this.dbPath);
+      if (!fs.existsSync(dir)) {
+        fs.mkdirSync(dir, { recursive: true });
+        logger.info(`Created token storage directory: ${dir}`);
+      }
+
+      // Open database connection
+      this.db = new Database(this.dbPath);
+
+      // Create table if it doesn't exist
+      this.db.exec(`
+        CREATE TABLE IF NOT EXISTS smapi_tokens (
+          token_key TEXT PRIMARY KEY,
+          token TEXT NOT NULL,
+          key TEXT NOT NULL,
+          created_at INTEGER NOT NULL DEFAULT (strftime('%s', 'now'))
+        )
+      `);
+
+      // Create index for faster lookups
+      this.db.exec(`
+        CREATE INDEX IF NOT EXISTS idx_created_at ON smapi_tokens(created_at)
+      `);
+
+      const count = this.db.prepare("SELECT COUNT(*) as count FROM smapi_tokens").get() as { count: number };
+      logger.info(`SQLite token store initialized at ${this.dbPath} with ${count.count} token(s)`);
+    } catch (error) {
+      logger.error(`Failed to initialize SQLite token store at ${this.dbPath}`, { error });
+      throw error;
+    }
+  }
+
+  get(tokenKey: string): SmapiToken | undefined {
+    try {
+      const stmt = this.db.prepare("SELECT token, key FROM smapi_tokens WHERE token_key = ?");
+      const row = stmt.get(tokenKey) as { token: string; key: string } | undefined;
+
+      if (!row) {
+        return undefined;
+      }
+
+      return {
+        token: row.token,
+        key: row.key,
+      };
+    } catch (error) {
+      logger.error(`Failed to get token from SQLite store`, { error });
+      return undefined;
+    }
+  }
+
+  set(tokenKey: string, fullSmapiToken: SmapiToken): void {
+    try {
+      const stmt = this.db.prepare(`
+        INSERT OR REPLACE INTO smapi_tokens (token_key, token, key)
+        VALUES (?, ?, ?)
+      `);
+      stmt.run(tokenKey, fullSmapiToken.token, fullSmapiToken.key);
+      logger.debug(`Saved token to SQLite store`);
+    } catch (error) {
+      logger.error(`Failed to save token to SQLite store`, { error });
+    }
+  }
+
+  delete(tokenKey: string): void {
+    try {
+      const stmt = this.db.prepare("DELETE FROM smapi_tokens WHERE token_key = ?");
+      stmt.run(tokenKey);
+      logger.debug(`Deleted token from SQLite store`);
+    } catch (error) {
+      logger.error(`Failed to delete token from SQLite store`, { error });
+    }
+  }
+
+  getAll(): { [tokenKey: string]: SmapiToken } {
+    try {
+      const stmt = this.db.prepare("SELECT token_key, token, key FROM smapi_tokens");
+      const rows = stmt.all() as Array<{ token_key: string; token: string; key: string }>;
+
+      const tokens: { [tokenKey: string]: SmapiToken } = {};
+      for (const row of rows) {
+        tokens[row.token_key] = {
+          token: row.token,
+          key: row.key,
+        };
+      }
+
+      return tokens;
+    } catch (error) {
+      logger.error(`Failed to get all tokens from SQLite store`, { error });
+      return {};
+    }
+  }
+
+  cleanupExpired(smapiAuthTokens: SmapiAuthTokens): number {
+    try {
+      const tokens = this.getAll();
+      const tokenKeys = Object.keys(tokens);
+      let deletedCount = 0;
+
+      for (const tokenKey of tokenKeys) {
+        const smapiToken = tokens[tokenKey];
+        if (smapiToken) {
+          const verifyResult = smapiAuthTokens.verify(smapiToken);
+          // Only delete if token verification fails with InvalidTokenError
+          // Do NOT delete ExpiredTokenError as those can still be refreshed
+          if (E.isLeft(verifyResult)) {
+            const error = verifyResult.left;
+            // Delete both invalid and expired tokens to prevent accumulation
+            if (error._tag === 'InvalidTokenError' || error._tag === 'ExpiredTokenError') {
+              logger.debug(`Deleting ${error._tag} token from SQLite store`);
+              this.delete(tokenKey);
+              deletedCount++;
+            }
+          }
+        }
+      }
+
+      if (deletedCount > 0) {
+        logger.info(`Cleaned up ${deletedCount} invalid token(s) from SQLite store`);
+      }
+
+      return deletedCount;
+    } catch (error) {
+      logger.error(`Failed to cleanup expired tokens from SQLite store`, { error });
+      return 0;
+    }
+  }
+
+  /**
+   * Migrate tokens from a JSON file to the SQLite database
+   * @param jsonFilePath Path to the JSON file containing tokens
+   * @returns Number of tokens migrated
+   */
+  migrateFromJSON(jsonFilePath: string): number {
+    try {
+      if (!fs.existsSync(jsonFilePath)) {
+        logger.info(`No JSON token file found at ${jsonFilePath}, skipping migration`);
+        return 0;
+      }
+
+      const data = fs.readFileSync(jsonFilePath, "utf8");
+      const tokens: { [tokenKey: string]: SmapiToken } = JSON.parse(data);
+      const tokenKeys = Object.keys(tokens);
+
+      let migratedCount = 0;
+      for (const tokenKey of tokenKeys) {
+        const token = tokens[tokenKey];
+        if (token) {
+          this.set(tokenKey, token);
+          migratedCount++;
+        }
+      }
+
+      logger.info(`Migrated ${migratedCount} token(s) from ${jsonFilePath} to SQLite`);
+
+      // Optionally rename the old JSON file to .bak
+      const backupPath = `${jsonFilePath}.bak`;
+      fs.renameSync(jsonFilePath, backupPath);
+      logger.info(`Backed up original JSON file to ${backupPath}`);
+
+      return migratedCount;
+    } catch (error) {
+      logger.error(`Failed to migrate tokens from JSON file ${jsonFilePath}`, { error });
+      return 0;
+    }
+  }
+
+  /**
+   * Close the database connection
+   */
+  close(): void {
+    try {
+      this.db.close();
+      logger.info("SQLite token store connection closed");
+    } catch (error) {
+      logger.error("Failed to close SQLite token store connection", { error });
+    }
+  }
+}

src/utils.ts

@@ -1,3 +1,5 @@
+import { DOMParser, XMLSerializer, Node } from '@xmldom/xmldom';
+
 export function takeWithRepeats<T>(things:T[], count: number) {
   const result = [];
   for(let i = 0; i < count; i++) {
@@ -5,3 +7,28 @@ export function takeWithRepeats<T>(things:T[], count: number) {
   }
   return result;
 }
+
+function xmlRemoveWhitespaceNodes(node: Node) {
+  let child = node.firstChild;
+  while (child) {
+      const nextSibling = child.nextSibling;
+      if (child.nodeType === 3 && !child.nodeValue?.trim()) {
+          // Remove empty text nodes
+          node.removeChild(child);
+      } else {
+          // Recursively process child nodes
+          xmlRemoveWhitespaceNodes(child);
+      }
+      child = nextSibling;
+  }
+}
+
+export function xmlTidy(xml: string | Node) {
+  const xmlToString = new XMLSerializer().serializeToString
+
+  const xmlString = xml instanceof Node ? xmlToString(xml as any) : xml
+  const doc = new DOMParser().parseFromString(xmlString, 'text/xml') as unknown as Node;
+  xmlRemoveWhitespaceNodes(doc);
+  return xmlToString(doc as any);
+}
+

tests/access_tokens.test.ts

@@ -1,273 +0,0 @@
-import { v4 as uuid } from "uuid";
-import dayjs from "dayjs";
-
-import {
-  AccessTokenPerAuthToken,
-  EncryptedAccessTokens,
-  ExpiringAccessTokens,
-  InMemoryAccessTokens,
-  sha256
-} from "../src/access_tokens";
-import { Encryption } from "../src/encryption";
-
-describe("ExpiringAccessTokens", () => {
-  let now = dayjs();
-
-  const accessTokens = new ExpiringAccessTokens({ now: () => now });
-
-  describe("tokens", () => {
-    it("they should be unique", () => {
-      const authToken = uuid();
-      expect(accessTokens.mint(authToken)).not.toEqual(
-        accessTokens.mint(authToken)
-      );
-    });
-  });
-
-  describe("tokens that dont exist", () => {
-    it("should return undefined", () => {
-      expect(accessTokens.authTokenFor("doesnt exist")).toBeUndefined();
-    });
-  });
-
-  describe("tokens that have not expired", () => {
-    it("should be able to return them", () => {
-      const authToken = uuid();
-
-      const accessToken = accessTokens.mint(authToken);
-
-      expect(accessTokens.authTokenFor(accessToken)).toEqual(authToken);
-    });
-
-    it("should be able to have many per authToken", () => {
-      const authToken = uuid();
-
-      const accessToken1 = accessTokens.mint(authToken);
-      const accessToken2 = accessTokens.mint(authToken);
-
-      expect(accessTokens.authTokenFor(accessToken1)).toEqual(authToken);
-      expect(accessTokens.authTokenFor(accessToken2)).toEqual(authToken);
-    });
-  });
-
-  describe("tokens that have expired", () => {
-    describe("retrieving it", () => {
-      it("should return undefined", () => {
-        const authToken = uuid();
-
-        now = dayjs();
-        const accessToken = accessTokens.mint(authToken);
-
-        now = now.add(12, "hours").add(1, "second");
-
-        expect(accessTokens.authTokenFor(accessToken)).toBeUndefined();
-      });
-    });
-
-    describe("should be cleared out", () => {
-      const authToken1 = uuid();
-      const authToken2 = uuid();
-
-      now = dayjs();
-
-      const accessToken1_1 = accessTokens.mint(authToken1);
-      const accessToken2_1 = accessTokens.mint(authToken2);
-
-      expect(accessTokens.count()).toEqual(2);
-      expect(accessTokens.authTokenFor(accessToken1_1)).toEqual(authToken1);
-      expect(accessTokens.authTokenFor(accessToken2_1)).toEqual(authToken2);
-
-      now = now.add(12, "hours").add(1, "second");
-
-      const accessToken1_2 = accessTokens.mint(authToken1);
-
-      expect(accessTokens.count()).toEqual(1);
-      expect(accessTokens.authTokenFor(accessToken1_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken2_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken1_2)).toEqual(authToken1);
-
-      now = now.add(6, "hours");
-
-      const accessToken2_2 = accessTokens.mint(authToken2);
-
-      expect(accessTokens.count()).toEqual(2);
-      expect(accessTokens.authTokenFor(accessToken1_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken2_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken1_2)).toEqual(authToken1);
-      expect(accessTokens.authTokenFor(accessToken2_2)).toEqual(authToken2);
-
-      now = now.add(6, "hours").add(1, "minute");
-
-      expect(accessTokens.authTokenFor(accessToken1_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken2_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken1_2)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken2_2)).toEqual(authToken2);
-      expect(accessTokens.count()).toEqual(1);
-
-      now = now.add(6, "hours").add(1, "minute");
-
-      expect(accessTokens.authTokenFor(accessToken1_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken2_1)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken1_2)).toBeUndefined();
-      expect(accessTokens.authTokenFor(accessToken2_2)).toBeUndefined();
-      expect(accessTokens.count()).toEqual(0);
-    });
-  });
-});
-
-describe("EncryptedAccessTokens", () => {
-  const encryption = {
-    encrypt: jest.fn(),
-    decrypt: jest.fn(),
-  };
-
-  const accessTokens = new EncryptedAccessTokens(
-    (encryption as unknown) as Encryption
-  );
-
-  beforeEach(() => {
-    jest.clearAllMocks();
-    jest.resetAllMocks();
-  });
-
-  describe("encrypt and decrypt", () => {
-    it("should be able to round trip the token", () => {
-      const authToken = `the token - ${uuid()}`;
-      const hash = {
-        encryptedData: "the encrypted token",
-        iv: "vi",
-      };
-
-      encryption.encrypt.mockReturnValue(hash);
-      encryption.decrypt.mockReturnValue(authToken);
-
-      const accessToken = accessTokens.mint(authToken);
-
-      expect(accessToken).not.toContain(authToken);
-      expect(accessToken).toEqual(
-        Buffer.from(JSON.stringify(hash)).toString("base64")
-      );
-
-      expect(accessTokens.authTokenFor(accessToken)).toEqual(authToken);
-
-      expect(encryption.encrypt).toHaveBeenCalledWith(authToken);
-      expect(encryption.decrypt).toHaveBeenCalledWith(hash);
-    });
-  });
-
-  describe("when the token is a valid Hash but doesnt decrypt", () => {
-    it("should return undefined", () => {
-      const hash = {
-        encryptedData: "valid hash",
-        iv: "vi",
-      };
-      encryption.decrypt.mockImplementation(() => {
-        throw "Boooooom decryption failed!!!";
-      });
-      expect(
-        accessTokens.authTokenFor(
-          Buffer.from(JSON.stringify(hash)).toString("base64")
-        )
-      ).toBeUndefined();
-    });
-  });
-
-  describe("when the token is not even a valid hash", () => {
-    it("should return undefined", () => {
-      encryption.decrypt.mockImplementation(() => {
-        throw "Boooooom decryption failed!!!";
-      });
-      expect(accessTokens.authTokenFor("some rubbish")).toBeUndefined();
-    });
-  });
-});
-
-describe("AccessTokenPerAuthToken", () => {
-  const accessTokens = new AccessTokenPerAuthToken();
-
-  it("should return the same access token for the same auth token", () => {
-    const authToken = "token1";
-    
-    const accessToken1 = accessTokens.mint(authToken);
-    const accessToken2 = accessTokens.mint(authToken);
-
-    expect(accessToken1).not.toEqual(authToken);
-    expect(accessToken1).toEqual(accessToken2);
-  });
-
-  describe("when there is an auth token for the access token", () => {
-    it("should be able to retrieve it", () => {
-      const authToken = uuid();
-      const accessToken = accessTokens.mint(authToken);
-
-      expect(accessTokens.authTokenFor(accessToken)).toEqual(authToken);
-    });
-  });
-
-  describe("when there is no auth token for the access token", () => {
-    it("should return undefined", () => {
-      expect(accessTokens.authTokenFor(uuid())).toBeUndefined();
-    });
-  });
-});
-
-describe('sha256 minter', () => {
-  it('should return the same value for the same salt and authToken', () => {
-    const authToken = uuid();
-    const token1 = sha256("salty")(authToken);
-    const token2 = sha256("salty")(authToken);
-
-    expect(token1).not.toEqual(authToken);
-    expect(token1).toEqual(token2);
-  });
-
-  it('should returrn different values for the same salt but different authTokens', () => {
-    const authToken1 = uuid();
-    const authToken2 = uuid();
-
-    const token1 = sha256("salty")(authToken1);
-    const token2= sha256("salty")(authToken2);
-
-    expect(token1).not.toEqual(token2);
-  });
-
-  it('should return different values for the same authToken but different salts', () => {
-    const authToken = uuid();
-
-    const token1 = sha256("salt1")(authToken);
-    const token2= sha256("salt2")(authToken);
-
-    expect(token1).not.toEqual(token2);
-  });
-});
-
-describe("InMemoryAccessTokens", () => {
-  const reverseAuthToken = (authToken: string) => authToken.split("").reverse().join("");
-
-  const accessTokens = new InMemoryAccessTokens(reverseAuthToken);
-
-  it("should return the same access token for the same auth token", () => {
-    const authToken = "token1";
-    
-    const accessToken1 = accessTokens.mint(authToken);
-    const accessToken2 = accessTokens.mint(authToken);
-
-    expect(accessToken1).not.toEqual(authToken);
-    expect(accessToken1).toEqual(accessToken2);
-  });
-
-  describe("when there is an auth token for the access token", () => {
-    it("should be able to retrieve it", () => {
-      const authToken = uuid();
-      const accessToken = accessTokens.mint(authToken);
-
-      expect(accessTokens.authTokenFor(accessToken)).toEqual(authToken);
-    });
-  });
-
-  describe("when there is no auth token for the access token", () => {
-    it("should return undefined", () => {
-      expect(accessTokens.authTokenFor(uuid())).toBeUndefined();
-    });
-  });
-});

tests/api_tokens.test.ts

@@ -0,0 +1,67 @@
+import { v4 as uuid } from "uuid";
+
+import {
+  InMemoryAPITokens,
+  sha256
+} from "../src/api_tokens";
+
+describe('sha256 minter', () => {
+  it('should return the same value for the same salt and authToken', () => {
+    const authToken = uuid();
+    const token1 = sha256("salty")(authToken);
+    const token2 = sha256("salty")(authToken);
+
+    expect(token1).not.toEqual(authToken);
+    expect(token1).toEqual(token2);
+  });
+
+  it('should returrn different values for the same salt but different authTokens', () => {
+    const authToken1 = uuid();
+    const authToken2 = uuid();
+
+    const token1 = sha256("salty")(authToken1);
+    const token2= sha256("salty")(authToken2);
+
+    expect(token1).not.toEqual(token2);
+  });
+
+  it('should return different values for the same authToken but different salts', () => {
+    const authToken = uuid();
+
+    const token1 = sha256("salt1")(authToken);
+    const token2= sha256("salt2")(authToken);
+
+    expect(token1).not.toEqual(token2);
+  });
+});
+
+describe("InMemoryAPITokens", () => {
+  const reverseAuthToken = (authToken: string) => authToken.split("").reverse().join("");
+
+  const accessTokens = new InMemoryAPITokens(reverseAuthToken);
+
+  it("should return the same access token for the same auth token", () => {
+    const authToken = "token1";
+    
+    const accessToken1 = accessTokens.mint(authToken);
+    const accessToken2 = accessTokens.mint(authToken);
+
+    expect(accessToken1).not.toEqual(authToken);
+    expect(accessToken1).toEqual(accessToken2);
+  });
+
+  describe("when there is an auth token for the access token", () => {
+    it("should be able to retrieve it", () => {
+      const authToken = uuid();
+      const accessToken = accessTokens.mint(authToken);
+
+      expect(accessTokens.authTokenFor(accessToken)).toEqual(authToken);
+    });
+  });
+
+  describe("when there is no auth token for the access token", () => {
+    it("should return undefined", () => {
+      expect(accessTokens.authTokenFor(uuid())).toBeUndefined();
+    });
+  });
+});

tests/builders.ts

@@ -1,7 +1,8 @@
 import { SonosDevice } from "@svrooij/sonos/lib";
 import { v4 as uuid } from "uuid";
-import { Credentials } from "../src/smapi";
+import randomstring from "randomstring";
 
+import { Credentials } from "../src/smapi";
 import { Service, Device } from "../src/sonos";
 import {
   Album,
@@ -11,9 +12,13 @@ import {
   artistToArtistSummary,
   PlaylistSummary,
   Playlist,
+  SimilarArtist,
+  AlbumSummary,
+  RadioStation
 } from "../src/music_service";
-import randomString from "../src/random_string";
+
 import { b64Encode } from "../src/b64";
+import { artistImageURN } from "../src/subsonic";
 
 const randomInt = (max: number) => Math.floor(Math.random() * Math.floor(max));
 const randomIpAddress = () => `127.0.${randomInt(255)}.${randomInt(255)}`;
@@ -42,7 +47,7 @@ export function aPlaylistSummary(
 ): PlaylistSummary {
   return {
     id: `playlist-${uuid()}`,
-    name: `playlistname-${randomString()}`,
+    name: `playlistname-${randomstring.generate()}`,
     ...fields,
   };
 }
@@ -50,7 +55,7 @@ export function aPlaylistSummary(
 export function aPlaylist(fields: Partial<Playlist> = {}): Playlist {
   return {
     id: `playlist-${uuid()}`,
-    name: `playlist-${randomString()}`,
+    name: `playlist-${randomstring.generate()}`,
     entries: [aTrack(), aTrack()],
     ...fields,
   };
@@ -86,10 +91,11 @@ export function getAppLinkMessage() {
   };
 }
 
-export function someCredentials(token: string): Credentials {
+export function someCredentials({ token, key } : { token: string, key: string }): Credentials {
   return {
     loginToken: {
       token,
+      key,
       householdId: "hh1",
     },
     deviceId: "d1",
@@ -97,21 +103,34 @@ export function someCredentials(token: string): Credentials {
   };
 }
 
+export function aSimilarArtist(
+  fields: Partial<SimilarArtist> = {}
+): SimilarArtist {
+  const id = fields.id || uuid();
+  return {
+    id,
+    name: `Similar Artist ${id}`,
+    image: artistImageURN({ artistId: id }),
+    inLibrary: true,
+    ...fields,
+  };
+}
+
 export function anArtist(fields: Partial<Artist> = {}): Artist {
-  const id = uuid();
+  const id = fields.id || uuid();
   const artist = {
     id,
     name: `Artist ${id}`,
     albums: [anAlbum(), anAlbum(), anAlbum()],
-    image: {
-      small: `/artist/art/${id}/small`,
-      medium: `/artist/art/${id}/small`,
-      large: `/artist/art/${id}/large`,
-    },
+    image: { system: "subsonic", resource: `art:${id}` },
     similarArtists: [
-      { id: uuid(), name: "Similar artist1", inLibrary: true },
-      { id: uuid(), name: "Similar artist2", inLibrary: true },
-      { id: "-1", name: "Artist not in library", inLibrary: false },
+      aSimilarArtist({ id: uuid(), name: "Similar artist1", inLibrary: true }),
+      aSimilarArtist({ id: uuid(), name: "Similar artist2", inLibrary: true }),
+      aSimilarArtist({
+        id: "-1",
+        name: "Artist not in library",
+        inLibrary: false,
+      }),
     ],
     ...fields,
   };
@@ -155,7 +174,10 @@ export function aTrack(fields: Partial<Track> = {}): Track {
   return {
     id,
     name: `Track ${id}`,
-    mimeType: `audio/mp3-${id}`,
+    encoding: {
+      player: "bonob",
+      mimeType: `audio/mp3-${id}`
+    },
     duration: randomInt(500),
     number: randomInt(100),
     genre,
@@ -163,11 +185,11 @@ export function aTrack(fields: Partial<Track> = {}): Track {
     album: albumToAlbumSummary(
       anAlbum({ artistId: artist.id, artistName: artist.name, genre })
     ),
-    coverArt: `coverArt:${uuid()}`,
+    coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     rating,
     ...fields,
   };
-};
+}
 
 export function anAlbum(fields: Partial<Album> = {}): Album {
   const id = uuid();
@@ -177,12 +199,37 @@ export function anAlbum(fields: Partial<Album> = {}): Album {
     genre: randomGenre(),
     year: `19${randomInt(99)}`,
     artistId: `Artist ${uuid()}`,
-    artistName: `Artist ${randomString()}`,
-    coverArt: `coverArt:${uuid()}`,
+    artistName: `Artist ${randomstring.generate()}`,
+    coverArt: { system: "subsonic", resource: `art:${uuid()}` },
     ...fields,
   };
+};
+
+export function aRadioStation(fields: Partial<RadioStation> = {}): RadioStation {
+  const id = uuid()
+  const name = `Station-${id}`;
+  return {
+    id,
+    name,
+    url: `http://example.com/${name}`,
+    ...fields
+  }
 }
 
+export function anAlbumSummary(fields: Partial<AlbumSummary> = {}): AlbumSummary {
+  const id = uuid();
+  return {
+    id,
+    name: `Album ${id}`,
+    year: `19${randomInt(99)}`,
+    genre: randomGenre(),
+    coverArt: { system: "subsonic", resource: `art:${uuid()}` },
+    artistId: `Artist ${uuid()}`,
+    artistName: `Artist ${randomstring.generate()}`,
+    ...fields
+  }
+};
+
 export const BLONDIE_ID = uuid();
 export const BLONDIE_NAME = "Blondie";
 export const BLONDIE: Artist = {
@@ -196,7 +243,7 @@ export const BLONDIE: Artist = {
       genre: NEW_WAVE,
       artistId: BLONDIE_ID,
       artistName: BLONDIE_NAME,
-      coverArt: `coverArt:${uuid()}`,
+      coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     },
     {
       id: uuid(),
@@ -205,14 +252,10 @@ export const BLONDIE: Artist = {
       genre: POP_ROCK,
       artistId: BLONDIE_ID,
       artistName: BLONDIE_NAME,
-      coverArt: `coverArt:${uuid()}`,
+      coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     },
   ],
-  image: {
-    small: undefined,
-    medium: undefined,
-    large: undefined,
-  },
+  image: { system: "external", resource: "http://localhost:1234/images/blondie.jpg" },
   similarArtists: [],
 };
 
@@ -229,7 +272,7 @@ export const BOB_MARLEY: Artist = {
       genre: REGGAE,
       artistId: BOB_MARLEY_ID,
       artistName: BOB_MARLEY_NAME,
-      coverArt: `coverArt:${uuid()}`,
+      coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     },
     {
       id: uuid(),
@@ -238,7 +281,7 @@ export const BOB_MARLEY: Artist = {
       genre: REGGAE,
       artistId: BOB_MARLEY_ID,
       artistName: BOB_MARLEY_NAME,
-      coverArt: `coverArt:${uuid()}`,
+      coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     },
     {
       id: uuid(),
@@ -247,14 +290,10 @@ export const BOB_MARLEY: Artist = {
       genre: SKA,
       artistId: BOB_MARLEY_ID,
       artistName: BOB_MARLEY_NAME,
-      coverArt: `coverArt:${uuid()}`,
+      coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     },
   ],
-  image: {
-    small: "http://localhost/BOB_MARLEY/sml",
-    medium: "http://localhost/BOB_MARLEY/med",
-    large: "http://localhost/BOB_MARLEY/lge",
-  },
+  image: { system: "subsonic", resource: BOB_MARLEY_ID },
   similarArtists: [],
 };
 
@@ -265,9 +304,8 @@ export const MADONNA: Artist = {
   name: MADONNA_NAME,
   albums: [],
   image: {
-    small: "http://localhost/MADONNA/sml",
-    medium: undefined,
-    large: "http://localhost/MADONNA/lge",
+    system: "external",
+    resource: "http://localhost:1234/images/madonna.jpg",
   },
   similarArtists: [],
 };
@@ -285,7 +323,7 @@ export const METALLICA: Artist = {
       genre: METAL,
       artistId: METALLICA_ID,
       artistName: METALLICA_NAME,
-      coverArt: `coverArt:${uuid()}`,
+      coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     },
     {
       id: uuid(),
@@ -294,18 +332,13 @@ export const METALLICA: Artist = {
       genre: METAL,
       artistId: METALLICA_ID,
       artistName: METALLICA_NAME,
-      coverArt: `coverArt:${uuid()}`,
+      coverArt: { system: "subsonic", resource: `art:${uuid()}`},
     },
   ],
-  image: {
-    small: "http://localhost/METALLICA/sml",
-    medium: "http://localhost/METALLICA/med",
-    large: "http://localhost/METALLICA/lge",
-  },
+  image: { system: "subsonic", resource: METALLICA_ID },
   similarArtists: [],
 };
 
 export const ALL_ARTISTS = [BOB_MARLEY, BLONDIE, MADONNA, METALLICA];
 
 export const ALL_ALBUMS = ALL_ARTISTS.flatMap((it) => it.albums || []);
-

tests/burn.test.ts

@@ -0,0 +1,114 @@
+import { assertSystem, BUrn, format, formatForURL, parse } from "../src/burn";
+
+type BUrnSpec = {
+  burn: BUrn;
+  asString: string;
+  shorthand: string;
+};
+
+describe("BUrn", () => {
+  describe("format", () => {
+    (
+      [
+        {
+          burn: { system: "internal", resource: "icon:error" },
+          asString: "bnb:internal:icon:error",
+          shorthand: "bnb:i:icon:error",
+        },
+        {
+          burn: {
+            system: "external",
+            resource: "http://example.com/widget.jpg",
+          },
+          asString: "bnb:external:http://example.com/widget.jpg",
+          shorthand: "bnb:e:http://example.com/widget.jpg",
+        },
+        {
+          burn: { system: "subsonic", resource: "art:1234" },
+          asString: "bnb:subsonic:art:1234",
+          shorthand: "bnb:s:art:1234",
+        },
+        {
+          burn: { system: "navidrome", resource: "art:1234" },
+          asString: "bnb:navidrome:art:1234",
+          shorthand: "bnb:n:art:1234",
+        },
+      ] as BUrnSpec[]
+    ).forEach(({ burn, asString, shorthand }) => {
+      describe(asString, () => {
+        it("can be formatted as string and then roundtripped back into BUrn", () => {
+          const stringValue = format(burn);
+          expect(stringValue).toEqual(asString);
+          expect(parse(stringValue)).toEqual(burn);
+        });
+
+        it("can be formatted as shorthand string and then roundtripped back into BUrn", () => {
+          const stringValue = format(burn, { shorthand: true });
+          expect(stringValue).toEqual(shorthand);
+          expect(parse(stringValue)).toEqual(burn);
+        });
+
+        describe(`encrypted ${asString}`, () => {
+          it("can be formatted as an encrypted string and then roundtripped back into BUrn", () => {
+            const stringValue = format(burn, { encrypt: true });
+            expect(stringValue.startsWith("bnb:encrypted:")).toBeTruthy();
+            expect(stringValue).not.toContain(burn.system);
+            expect(stringValue).not.toContain(burn.resource);
+            expect(parse(stringValue)).toEqual(burn);
+          });
+
+          it("can be formatted as an encrypted shorthand string and then roundtripped back into BUrn", () => {
+            const stringValue = format(burn, {
+              shorthand: true,
+              encrypt: true,
+            });
+            expect(stringValue.startsWith("bnb:x:")).toBeTruthy();
+            expect(stringValue).not.toContain(burn.system);
+            expect(stringValue).not.toContain(burn.resource);
+            expect(parse(stringValue)).toEqual(burn);
+          });
+        });
+      });
+    });
+  });
+
+  describe("formatForURL", () => {
+    describe("external", () => {
+      it("should be encrypted", () => {
+        const burn = {
+          system: "external",
+          resource: "http://example.com/foo.jpg",
+        };
+        const formatted = formatForURL(burn);
+        expect(formatted.startsWith("bnb:x:")).toBeTruthy();
+        expect(formatted).not.toContain("http://example.com/foo.jpg");
+
+        expect(parse(formatted)).toEqual(burn);
+      });
+    });
+
+    describe("not external", () => {
+      it("should be shorthand form", () => {
+        expect(formatForURL({ system: "internal", resource: "foo" })).toEqual(
+          "bnb:i:foo"
+        );
+        expect(
+          formatForURL({ system: "subsonic", resource: "foo:bar" })
+        ).toEqual("bnb:s:foo:bar");
+      });
+    });
+  });
+
+  describe("assertSystem", () => {
+    it("should fail if the system is not equal", () => {
+      const burn = { system: "external", resource: "something"};
+      expect(() => assertSystem(burn, "subsonic")).toThrow(`Unsupported urn: '${format(burn)}'`)
+    });
+
+    it("should pass if the system is equal", () => {
+      const burn = { system: "external", resource: "something"};
+      expect(assertSystem(burn, "external")).toEqual(burn);
+    });
+  });
+});
+

tests/clock.test.ts

@@ -1,58 +1,85 @@
-import dayjs from "dayjs";
-import { isChristmas, isCNY, isHalloween, isHoli } from "../src/clock";
+import { randomInt } from "crypto";
+import dayjs, { Dayjs } from "dayjs";
+import timezone from "dayjs/plugin/timezone";
+dayjs.extend(timezone);
 
-describe("isChristmas", () => {
-  ["2000/12/25", "2022/12/25", "2030/12/25"].forEach((date) => {
-    it(`should return true for ${date} regardless of year`, () => {
-      expect(isChristmas({ now: () => dayjs(date) })).toEqual(true);
+import { Clock, isChristmas, isCNY, isCNY_2022, isCNY_2023, isCNY_2024, isCNY_2025, isHalloween, isHoli, isMay4 } from "../src/clock";
+
+
+
+const randomDate = () => dayjs().subtract(randomInt(1, 1000), 'days');
+const randomDates = (count: number, exclude: string[]) => {
+  const result: Dayjs[] = [];
+  while(result.length < count) {
+    const next = randomDate();
+    if(!exclude.find(it => dayjs(it).isSame(next, 'date'))) {
+      result.push(next)
+    }
+  }
+  return result
+}
+
+function describeFixedDateMonthEvent(
+  name: string, 
+  dateMonth: string,
+  f: (clock: Clock) => boolean
+) {
+  const randomYear = randomInt(2020, 3000);
+  const date = dateMonth.split("/")[0];
+  const month = dateMonth.split("/")[1];
+
+  describe(name, () => {
+    it(`should return true for ${randomYear}-${month}-${date}T00:00:00 ragardless of year`, () => {
+      expect(f({ now: () => dayjs(`${randomYear}-${month}-${date}T00:00:00Z`) })).toEqual(true);
+    });
+  
+    it(`should return true for ${randomYear}-${month}-${date}T12:00:00 regardless of year`, () => {
+      expect(f({ now: () => dayjs(`${randomYear}-${month}-${date}T12:00:00Z`) })).toEqual(true);
+    });
+  
+    it(`should return true for ${randomYear}-${month}-${date}T23:59:00 regardless of year`, () => {
+      expect(f({ now: () => dayjs(`${randomYear}-${month}-${date}T23:59:00`) })).toEqual(true);
+    });
+  
+    ["2000/12/24", "2000/12/26", "2021/01/01"].forEach((date) => {
+      it(`should return false for ${date}`, () => {
+        expect(f({ now: () => dayjs(date) })).toEqual(false);
+      });
     });
   });
+}
 
-  ["2000/12/24", "2000/12/26", "2021/01/01"].forEach((date) => {
-    it(`should return false for ${date} regardless of year`, () => {
-      expect(isChristmas({ now: () => dayjs(date) })).toEqual(false);
+function describeFixedDateEvent(
+  name: string,
+  dates: string[],
+  f: (clock: Clock) => boolean
+) {
+  describe(name, () => {
+    dates.forEach((date) => {
+      it(`should return true for ${date}T00:00:00`, () => {
+        expect(f({ now: () => dayjs(`${date}T00:00:00`) })).toEqual(true);
+      });
+  
+      it(`should return true for ${date}T23:59:59`, () => {
+        expect(f({ now: () => dayjs(`${date}T23:59:59`) })).toEqual(true);
+      });
+    });
+    
+    randomDates(10, dates).forEach((date) => {
+      it(`should return false for ${date}`, () => {
+        expect(f({ now: () => dayjs(date) })).toEqual(false);
+      });
     });
   });
-});
+}
 
-describe("isHalloween", () => {
-  ["2000/10/31", "2022/10/31", "2030/10/31"].forEach((date) => {
-    it(`should return true for ${date} regardless of year`, () => {
-      expect(isHalloween({ now: () => dayjs(date) })).toEqual(true);
-    });
-  });
+describeFixedDateMonthEvent("christmas", "25/12", isChristmas);
+describeFixedDateMonthEvent("halloween", "31/10", isHalloween);
+describeFixedDateMonthEvent("may4", "04/05", isMay4);
 
-  ["2000/09/31", "2000/10/30", "2021/01/01"].forEach((date) => {
-    it(`should return false for ${date} regardless of year`, () => {
-      expect(isHalloween({ now: () => dayjs(date) })).toEqual(false);
-    });
-  });
-});
-
-describe("isHoli", () => {
-  ["2022/03/18", "2023/03/07", "2024/03/25", "2025/03/14"].forEach((date) => {
-    it(`should return true for ${date} regardless of year`, () => {
-      expect(isHoli({ now: () => dayjs(date) })).toEqual(true);
-    });
-  });
-
-  ["2000/09/31", "2000/10/30", "2021/01/01"].forEach((date) => {
-    it(`should return false for ${date} regardless of year`, () => {
-      expect(isHoli({ now: () => dayjs(date) })).toEqual(false);
-    });
-  });
-});
-
-describe("isCNY", () => {
-  ["2022/02/01", "2023/01/22", "2024/02/10", "2025/02/29"].forEach((date) => {
-    it(`should return true for ${date} regardless of year`, () => {
-      expect(isCNY({ now: () => dayjs(date) })).toEqual(true);
-    });
-  });
-
-  ["2000/09/31", "2000/10/30", "2021/01/01"].forEach((date) => {
-    it(`should return false for ${date} regardless of year`, () => {
-      expect(isCNY({ now: () => dayjs(date) })).toEqual(false);
-    });
-  });
-});
+describeFixedDateEvent("holi", ["2022-03-18", "2023-03-07", "2024-03-25", "2025-03-14"], isHoli);
+describeFixedDateEvent("cny", ["2022-02-01", "2023-01-22", "2024-02-10", "2025-02-29"], isCNY);
+describeFixedDateEvent("cny 2022", ["2022-02-01"], isCNY_2022);
+describeFixedDateEvent("cny 2023", ["2023/01/22"], isCNY_2023);
+describeFixedDateEvent("cny 2024", ["2024/02/10"], isCNY_2024);
+describeFixedDateEvent("cny 2025", ["2025/02/29"], isCNY_2025);

tests/config.test.ts

@@ -1,5 +1,5 @@
 import { hostname } from "os";
-import config, { envVar, WORD } from "../src/config";
+import config, { COLOR, envVar } from "../src/config";
 
 describe("envVar", () => {
   const OLD_ENV = process.env;
@@ -96,42 +96,35 @@ describe("config", () => {
     propertyGetter: (config: any) => any
   ) {
     describe(name, () => {
-      function expecting({
-        value,
-        expected,
-      }: {
-        value: string;
-        expected: boolean;
-      }) {
-        describe(`when value is '${value}'`, () => {
-          it(`should be ${expected}`, () => {
-            process.env[envVar] = value;
-            expect(propertyGetter(config())).toEqual(expected);
-          });
-        });
-      }
-
-      expecting({ value: "", expected: expectedDefault });
-      expecting({ value: "true", expected: true });
-      expecting({ value: "false", expected: false });
-      expecting({ value: "foo", expected: false });
+      it.each([
+        [expectedDefault, ""],
+        [expectedDefault, undefined],
+        [true, "true"],
+        [false, "false"],
+        [false, "foo"],
+      ])("should be %s when env var is '%s'", (expected, value) => {
+        process.env[envVar] = value;
+        expect(propertyGetter(config())).toEqual(expected);
+      })
     });
   }
 
   describe("bonobUrl", () => {
-    ["BNB_URL", "BONOB_URL", "BONOB_WEB_ADDRESS"].forEach((key) => {
-      describe(`when ${key} is specified`, () => {
+      describe.each([
+        "BNB_URL", 
+        "BONOB_URL", 
+        "BONOB_WEB_ADDRESS"
+      ])("when %s is specified", (k) => {
         it("should be used", () => {
           const url = "http://bonob1.example.com:8877/";
 
           process.env["BNB_URL"] = "";
           process.env["BONOB_URL"] = "";
           process.env["BONOB_WEB_ADDRESS"] = "";
-          process.env[key] = url;
+          process.env[k] = url;
 
           expect(config().bonobUrl.href()).toEqual(url);
         });
-      });
     });
 
     describe("when none of BNB_URL, BONOB_URL, BONOB_WEB_ADDRESS are specified", () => {
@@ -165,73 +158,89 @@ describe("config", () => {
 
   describe("icons", () => {
     describe("foregroundColor", () => {
-      ["BNB_ICON_FOREGROUND_COLOR", "BONOB_ICON_FOREGROUND_COLOR"].forEach(
-        (k) => {
-          describe(`when ${k} is not specified`, () => {
-            it(`should default to undefined`, () => {
-              expect(config().icons.foregroundColor).toEqual(undefined);
-            });
+      describe.each([
+        "BNB_ICON_FOREGROUND_COLOR",
+        "BONOB_ICON_FOREGROUND_COLOR",
+      ])("%s", (k) => {
+        describe(`when ${k} is not specified`, () => {
+          it(`should default to undefined`, () => {
+            expect(config().icons.foregroundColor).toEqual(undefined);
           });
+        });
 
-          describe(`when ${k} is ''`, () => {
-            it(`should default to undefined`, () => {
-              process.env[k] = "";
-              expect(config().icons.foregroundColor).toEqual(undefined);
-            });
+        describe(`when ${k} is ''`, () => {
+          it(`should default to undefined`, () => {
+            process.env[k] = "";
+            expect(config().icons.foregroundColor).toEqual(undefined);
           });
+        });
 
-          describe(`when ${k} is specified`, () => {
-            it(`should use it`, () => {
-              process.env[k] = "pink";
-              expect(config().icons.foregroundColor).toEqual("pink");
-            });
+        describe(`when ${k} is specified as a color`, () => {
+          it(`should use it`, () => {
+            process.env[k] = "pink";
+            expect(config().icons.foregroundColor).toEqual("pink");
           });
+        });
 
-          describe(`when ${k} is an invalid string`, () => {
-            it(`should blow up`, () => {
-              process.env[k] = "#dfasd";
-              expect(() => config()).toThrow(
-                `Invalid value specified for 'BNB_ICON_FOREGROUND_COLOR', must match ${WORD}`
-              );
-            });
+        describe(`when ${k} is specified as hex`, () => {
+          it(`should use it`, () => {
+            process.env[k] = "#1db954";
+            expect(config().icons.foregroundColor).toEqual("#1db954");
           });
-        }
-      );
+        });
+
+        describe(`when ${k} is an invalid string`, () => {
+          it(`should blow up`, () => {
+            process.env[k] = "!dfasd";
+            expect(() => config()).toThrow(
+              `Invalid value specified for 'BNB_ICON_FOREGROUND_COLOR', must match ${COLOR}`
+            );
+          });
+        });
+      });
     });
 
     describe("backgroundColor", () => {
-      ["BNB_ICON_BACKGROUND_COLOR", "BONOB_ICON_BACKGROUND_COLOR"].forEach(
-        (k) => {
-          describe(`when ${k} is not specified`, () => {
-            it(`should default to undefined`, () => {
-              expect(config().icons.backgroundColor).toEqual(undefined);
-            });
+      describe.each([
+        "BNB_ICON_BACKGROUND_COLOR",
+        "BONOB_ICON_BACKGROUND_COLOR",
+      ])("%s", (k) => {
+        describe(`when ${k} is not specified`, () => {
+          it(`should default to undefined`, () => {
+            expect(config().icons.backgroundColor).toEqual(undefined);
           });
+        });
 
-          describe(`when ${k} is ''`, () => {
-            it(`should default to undefined`, () => {
-              process.env[k] = "";
-              expect(config().icons.backgroundColor).toEqual(undefined);
-            });
+        describe(`when ${k} is ''`, () => {
+          it(`should default to undefined`, () => {
+            process.env[k] = "";
+            expect(config().icons.backgroundColor).toEqual(undefined);
           });
+        });
 
-          describe(`when ${k} is specified`, () => {
-            it(`should use it`, () => {
-              process.env[k] = "blue";
-              expect(config().icons.backgroundColor).toEqual("blue");
-            });
+        describe(`when ${k} is specified as a color`, () => {
+          it(`should use it`, () => {
+            process.env[k] = "blue";
+            expect(config().icons.backgroundColor).toEqual("blue");
           });
+        });
 
-          describe(`when ${k} is an invalid string`, () => {
-            it(`should blow up`, () => {
-              process.env[k] = "#red";
-              expect(() => config()).toThrow(
-                `Invalid value specified for 'BNB_ICON_BACKGROUND_COLOR', must match ${WORD}`
-              );
-            });
+        describe(`when ${k} is specified as hex`, () => {
+          it(`should use it`, () => {
+            process.env[k] = "#1db954";
+            expect(config().icons.backgroundColor).toEqual("#1db954");
           });
-        }
-      );
+        });
+
+        describe(`when ${k} is an invalid string`, () => {
+          it(`should blow up`, () => {
+            process.env[k] = "!red";
+            expect(() => config()).toThrow(
+              `Invalid value specified for 'BNB_ICON_BACKGROUND_COLOR', must match ${COLOR}`
+            );
+          });
+        });
+      });
     });
   });
 
@@ -240,105 +249,159 @@ describe("config", () => {
       expect(config().secret).toEqual("bonob");
     });
 
-    ["BNB_SECRET", "BONOB_SECRET"].forEach((key) => {
-      it(`should be overridable using ${key}`, () => {
-        process.env[key] = "new secret";
+    describe.each([
+      "BNB_SECRET", 
+      "BONOB_SECRET"
+    ])("%s", (k) => {
+      it(`should be overridable using ${k}`, () => {
+        process.env[k] = "new secret";
         expect(config().secret).toEqual("new secret");
       });
     });
   });
 
+  describe("authTimeout", () => {
+    it("should default to 1h", () => {
+      expect(config().authTimeout).toEqual("1h");
+    });
+
+    it(`should be overridable using BNB_AUTH_TIMEOUT`, () => {
+      process.env["BNB_AUTH_TIMEOUT"] = "33s";
+      expect(config().authTimeout).toEqual("33s");
+    });
+  });
+  
+  describe("logRequests", () => {
+    describeBooleanConfigValue(
+      "logRequests",
+      "BNB_SERVER_LOG_REQUESTS",
+      false,
+      (config) => config.logRequests
+    );
+  });
+
   describe("sonos", () => {
     describe("serviceName", () => {
       it("should default to bonob", () => {
         expect(config().sonos.serviceName).toEqual("bonob");
       });
 
-      ["BNB_SONOS_SERVICE_NAME", "BONOB_SONOS_SERVICE_NAME"].forEach((k) => {
-        it("should be overridable", () => {
-          process.env[k] = "foobar1000";
-          expect(config().sonos.serviceName).toEqual("foobar1000");
-        });
-      });
+      describe.each([
+        "BNB_SONOS_SERVICE_NAME", 
+        "BONOB_SONOS_SERVICE_NAME"
+      ])(
+        "%s",
+        (k) => {
+          it("should be overridable", () => {
+            process.env[k] = "foobar1000";
+            expect(config().sonos.serviceName).toEqual("foobar1000");
+          });
+        }
+      );
     });
 
-    ["BNB_SONOS_DEVICE_DISCOVERY", "BONOB_SONOS_DEVICE_DISCOVERY"].forEach(
-      (k) => {
-        describeBooleanConfigValue(
-          "deviceDiscovery",
-          k,
-          true,
-          (config) => config.sonos.discovery.enabled
-        );
-      }
-    );
+    describe.each([
+      "BNB_SONOS_DEVICE_DISCOVERY",
+      "BONOB_SONOS_DEVICE_DISCOVERY",
+    ])("%s", (k) => {
+      describeBooleanConfigValue(
+        "deviceDiscovery",
+        k,
+        true,
+        (config) => config.sonos.discovery.enabled
+      );
+    });
 
     describe("seedHost", () => {
       it("should default to undefined", () => {
         expect(config().sonos.discovery.seedHost).toBeUndefined();
       });
 
-      ["BNB_SONOS_SEED_HOST", "BONOB_SONOS_SEED_HOST"].forEach((k) => {
-        it("should be overridable", () => {
-          process.env[k] = "123.456.789.0";
-          expect(config().sonos.discovery.seedHost).toEqual("123.456.789.0");
-        });
-      });
-    });
-
-    ["BNB_SONOS_AUTO_REGISTER", "BONOB_SONOS_AUTO_REGISTER"].forEach((k) => {
-      describeBooleanConfigValue(
-        "autoRegister",
-        k,
-        false,
-        (config) => config.sonos.autoRegister
+      describe.each([
+        "BNB_SONOS_SEED_HOST", 
+        "BONOB_SONOS_SEED_HOST"
+      ])(
+        "%s",
+        (k) => {
+          it("should be overridable", () => {
+            process.env[k] = "123.456.789.0";
+            expect(config().sonos.discovery.seedHost).toEqual("123.456.789.0");
+          });
+        }
       );
     });
 
+    describe.each([
+      "BNB_SONOS_AUTO_REGISTER", 
+      "BONOB_SONOS_AUTO_REGISTER"
+    ])(
+      "%s",
+      (k) => {
+        describeBooleanConfigValue(
+          "autoRegister",
+          k,
+          false,
+          (config) => config.sonos.autoRegister
+        );
+      }
+    );
+
     describe("sid", () => {
       it("should default to 246", () => {
         expect(config().sonos.sid).toEqual(246);
       });
 
-      ["BNB_SONOS_SERVICE_ID", "BONOB_SONOS_SERVICE_ID"].forEach((k) => {
-        it("should be overridable", () => {
-          process.env[k] = "786";
-          expect(config().sonos.sid).toEqual(786);
-        });
-      });
+      describe.each([
+        "BNB_SONOS_SERVICE_ID", 
+        "BONOB_SONOS_SERVICE_ID"
+      ])(
+        "%s",
+        (k) => {
+          it("should be overridable", () => {
+            process.env[k] = "786";
+            expect(config().sonos.sid).toEqual(786);
+          });
+        }
+      );
     });
   });
 
   describe("subsonic", () => {
     describe("url", () => {
-      ["BNB_SUBSONIC_URL", "BONOB_SUBSONIC_URL", "BONOB_NAVIDROME_URL"].forEach(
-        (k) => {
-          describe(`when ${k} is not specified`, () => {
-            it(`should default to http://${hostname()}:4533`, () => {
-              expect(config().subsonic.url).toEqual(
-                `http://${hostname()}:4533`
-              );
-            });
+      describe.each([
+        "BNB_SUBSONIC_URL",
+        "BONOB_SUBSONIC_URL",
+        "BONOB_NAVIDROME_URL",
+      ])("%s", (k) => {
+        describe(`when ${k} is not specified`, () => {
+          it(`should default to http://${hostname()}:4533/`, () => {
+            expect(config().subsonic.url.href()).toEqual(`http://${hostname()}:4533/`);
           });
+        });
 
-          describe(`when ${k} is ''`, () => {
-            it(`should default to http://${hostname()}:4533`, () => {
-              process.env[k] = "";
-              expect(config().subsonic.url).toEqual(
-                `http://${hostname()}:4533`
-              );
-            });
+        describe(`when ${k} is ''`, () => {
+          it(`should default to http://${hostname()}:4533/`, () => {
+            process.env[k] = "";
+            expect(config().subsonic.url.href()).toEqual(`http://${hostname()}:4533/`);
           });
+        });
 
-          describe(`when ${k} is specified`, () => {
-            it(`should use it for ${k}`, () => {
-              const url = "http://navidrome.example.com:1234";
-              process.env[k] = url;
-              expect(config().subsonic.url).toEqual(url);
-            });
+        describe(`when ${k} is specified`, () => {
+          it(`should use it for ${k}`, () => {
+            const url = "http://navidrome.example.com:1234/some-context-path";
+            process.env[k] = url;
+            expect(config().subsonic.url.href()).toEqual(url);
           });
-        }
-      );
+        });
+
+        describe(`when ${k} is specified with trailing slash`, () => {
+          it(`should maintain the trailing slash as URLBuilder will remove it when required ${k}`, () => {
+            const url = "http://navidrome.example.com:1234/";
+            process.env[k] = url;
+            expect(config().subsonic.url.href()).toEqual(url);
+          });
+        });
+      });
     });
 
     describe("customClientsFor", () => {
@@ -346,11 +409,11 @@ describe("config", () => {
         expect(config().subsonic.customClientsFor).toBeUndefined();
       });
 
-      [
+      describe.each([
         "BNB_SUBSONIC_CUSTOM_CLIENTS",
         "BONOB_SUBSONIC_CUSTOM_CLIENTS",
         "BONOB_NAVIDROME_CUSTOM_CLIENTS",
-      ].forEach((k) => {
+      ])("%s", (k) => {
         it(`should be overridable for ${k}`, () => {
           process.env[k] = "whoop/whoop";
           expect(config().subsonic.customClientsFor).toEqual("whoop/whoop");
@@ -370,7 +433,10 @@ describe("config", () => {
     });
   });
 
-  ["BNB_SCROBBLE_TRACKS", "BONOB_SCROBBLE_TRACKS"].forEach((k) => {
+  describe.each([
+    "BNB_SCROBBLE_TRACKS", 
+    "BONOB_SCROBBLE_TRACKS"
+  ])("%s", (k) => {
     describeBooleanConfigValue(
       "scrobbleTracks",
       k,
@@ -379,12 +445,18 @@ describe("config", () => {
     );
   });
 
-  ["BNB_REPORT_NOW_PLAYING", "BONOB_REPORT_NOW_PLAYING"].forEach((k) => {
-    describeBooleanConfigValue(
-      "reportNowPlaying",
-      k,
-      true,
-      (config) => config.reportNowPlaying
-    );
-  });
+  describe.each([
+    "BNB_REPORT_NOW_PLAYING", 
+    "BONOB_REPORT_NOW_PLAYING"
+  ])(
+    "%s",
+    (k) => {
+      describeBooleanConfigValue(
+        "reportNowPlaying",
+        k,
+        true,
+        (config) => config.reportNowPlaying
+      );
+    }
+  );
 });

tests/encryption.test.ts

@@ -1,12 +1,53 @@
-import encryption from '../src/encryption';
+import { left, right } from 'fp-ts/Either'
 
-describe("encrypt", () => {
-  const e = encryption("secret squirrel");
+import { cryptoEncryption, jwsEncryption } from '../src/encryption';
 
+describe("jwsEncryption", () => {
   it("can encrypt and decrypt", () => {
+    const e = jwsEncryption("secret squirrel");
+
     const value = "bobs your uncle"
     const hash = e.encrypt(value)
-    expect(hash.encryptedData).not.toEqual(value);
-    expect(e.decrypt(hash)).toEqual(value);
+    expect(hash).not.toContain(value);
+    expect(e.decrypt(hash)).toEqual(right(value));
+  });
+
+  it("returns different values for different secrets", () => {
+    const e1 = jwsEncryption("e1");
+    const e2 = jwsEncryption("e2");
+
+    const value = "bobs your uncle"
+    const h1 = e1.encrypt(value)
+    const h2 = e2.encrypt(value)
+
+    expect(h1).not.toEqual(h2);
+  });
+})
+
+describe("cryptoEncryption", () => {
+  it("can encrypt and decrypt", () => {
+    const e = cryptoEncryption("secret squirrel");
+
+    const value = "bobs your uncle"
+    const hash = e.encrypt(value)
+    expect(hash).not.toContain(value);
+    expect(e.decrypt(hash)).toEqual(right(value));
+  });
+
+  it("returns different values for different secrets", () => {
+    const e1 = cryptoEncryption("e1");
+    const e2 = cryptoEncryption("e2");
+
+    const value = "bobs your uncle"
+    const h1 = e1.encrypt(value)
+    const h2 = e2.encrypt(value)
+
+    expect(h1).not.toEqual(h2);
+  });
+  
+  it("should return left on invalid value", () => {
+    const e = cryptoEncryption("secret squirrel");
+
+    expect(e.decrypt("not-valid")).toEqual(left("Invalid value to decrypt"));
   });
 })

tests/i8n.test.ts

@@ -34,7 +34,7 @@ describe("i8n", () => {
 
   describe("langs", () => {
     it("should be all langs that are explicitly defined", () => {
-      expect(langs()).toEqual(["en-US", "nl-NL"]);
+      expect(langs()).toEqual(["en-US", "da-DK", "fr-FR", "nl-NL"]);
     });
   });
 

tests/icon.test.ts

@@ -1,5 +1,6 @@
 import dayjs from "dayjs";
-import libxmljs from "libxmljs2";
+import { FixedClock } from "../src/clock";
+import { xmlTidy } from "../src/utils";
 
 import {
   contains,
@@ -19,17 +20,17 @@ import {
   allOf,
   features,
   STAR_WARS,
+  NO_FEATURES,
 } from "../src/icon";
 
 describe("SvgIcon", () => {
-  const xmlTidy = (xml: string) =>
-    libxmljs.parseXmlString(xml, { noblanks: true, net: false }).toString();
-
   const svgIcon24 = `<?xml version="1.0" encoding="UTF-8"?>
 <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
   <path d="path1"/>
   <path d="path2" fill="none" stroke="#000"/>
+  <text font-size="25" fill="none">80's</text>
   <path d="path3"/>
+  <text font-size="25">80's</text>
 </svg>
 `;
 
@@ -60,7 +61,9 @@ describe("SvgIcon", () => {
             <svg xmlns="http://www.w3.org/2000/svg" viewBox="-4 -4 32 32">
               <path d="path1"/>
               <path d="path2" fill="none" stroke="#000"/>
+              <text font-size="25" fill="none">80's</text>
               <path d="path3"/>
+              <text font-size="25">80's</text>
             </svg>
           `)
           );
@@ -109,7 +112,9 @@ describe("SvgIcon", () => {
               <rect x="0" y="0" width="24" height="24" fill="red"/>
               <path d="path1"/>
               <path d="path2" fill="none" stroke="#000"/>
+              <text font-size="25" fill="none">80's</text>
               <path d="path3"/>
+              <text font-size="25">80's</text>
             </svg>
         `)
         );
@@ -133,7 +138,9 @@ describe("SvgIcon", () => {
               <rect x="-4" y="-4" width="36" height="36" fill="pink"/>
               <path d="path1"/>
               <path d="path2" fill="none" stroke="#000"/>
+              <text font-size="25" fill="none">80's</text>
               <path d="path3"/>
+              <text font-size="25">80's</text>
             </svg>
         `)
         );
@@ -151,7 +158,9 @@ describe("SvgIcon", () => {
             <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
               <path d="path1"/>
               <path d="path2" fill="none" stroke="#000"/>
+              <text font-size="25" fill="none">80's</text>
               <path d="path3"/>
+              <text font-size="25">80's</text>
             </svg>
         `)
         );
@@ -171,7 +180,9 @@ describe("SvgIcon", () => {
               <rect x="0" y="0" width="24" height="24" fill="red"/>
               <path d="path1"/>
               <path d="path2" fill="none" stroke="#000"/>
+              <text font-size="25" fill="none">80's</text>
               <path d="path3"/>
+              <text font-size="25">80's</text>
             </svg>
         `)
         );
@@ -181,7 +192,7 @@ describe("SvgIcon", () => {
 
   describe("foreground color", () => {
     describe("with no viewPort increase", () => {
-      it("should add a rectangle the same size as the original viewPort", () => {
+      it("should change the fill values", () => {
         expect(
           new SvgIcon(svgIcon24)
             .with({ features: { foregroundColor: "red" } })
@@ -191,7 +202,9 @@ describe("SvgIcon", () => {
             <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
               <path d="path1" fill="red"/>
               <path d="path2" fill="none" stroke="red"/>
+              <text font-size="25" fill="none" stroke="red">80's</text>
               <path d="path3" fill="red"/>
+              <text font-size="25" fill="red">80's</text>
             </svg>
         `)
         );
@@ -199,7 +212,7 @@ describe("SvgIcon", () => {
     });
 
     describe("with a viewPort increase", () => {
-      it("should add a rectangle the same size as the original viewPort", () => {
+      it("should change the fill values", () => {
         expect(
           new SvgIcon(svgIcon24)
             .with({
@@ -214,7 +227,9 @@ describe("SvgIcon", () => {
             <svg xmlns="http://www.w3.org/2000/svg" viewBox="-4 -4 32 32">
               <path d="path1" fill="pink"/>
               <path d="path2" fill="none" stroke="pink"/>
+              <text font-size="25" fill="none" stroke="pink">80's</text>
               <path d="path3" fill="pink"/>
+              <text font-size="25" fill="pink">80's</text>
             </svg>
         `)
         );
@@ -232,7 +247,9 @@ describe("SvgIcon", () => {
             <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
               <path d="path1"/>
               <path d="path2" fill="none" stroke="#000"/>
+              <text font-size="25" fill="none">80's</text>              
               <path d="path3"/>
+              <text font-size="25">80's</text>              
             </svg>
         `)
         );
@@ -251,7 +268,9 @@ describe("SvgIcon", () => {
             <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
               <path d="path1" fill="red"/>
               <path d="path2" fill="none" stroke="red"/>
+              <text font-size="25" fill="none" stroke="red">80's</text>              
               <path d="path3" fill="red"/>
+              <text font-size="25" fill="red">80's</text>              
             </svg>
         `)
         );
@@ -259,6 +278,48 @@ describe("SvgIcon", () => {
     });
   });
 
+  describe("text", () => {
+    describe("when text value specified", () => {
+      it("should change the text values", () => {
+        expect(
+          new SvgIcon(svgIcon24)
+            .with({ features: { text: "yipppeeee" } })
+            .toString()
+        ).toEqual(
+          xmlTidy(`<?xml version="1.0" encoding="UTF-8"?>
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+  <path d="path1"/>
+  <path d="path2" fill="none" stroke="#000"/>
+  <text font-size="25" fill="none">yipppeeee</text>
+  <path d="path3"/>
+  <text font-size="25">yipppeeee</text>
+</svg>
+        `)
+        );
+      });
+    });
+
+    describe("of undefined", () => {
+      it("should not do anything", () => {
+        expect(
+          new SvgIcon(svgIcon24)
+            .with({ features: { text: undefined } })
+            .toString()
+        ).toEqual(
+          xmlTidy(`<?xml version="1.0" encoding="UTF-8"?>
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+  <path d="path1"/>
+  <path d="path2" fill="none" stroke="#000"/>
+  <text font-size="25" fill="none">80's</text>
+  <path d="path3"/>
+  <text font-size="25">80's</text>
+</svg>
+        `)
+        );
+      });
+    });
+  });
+
   describe("swapping the svg", () => {
     describe("with no other changes", () => {
       it("should swap out the svg, but maintain the IconFeatures", () => {
@@ -317,10 +378,14 @@ describe("SvgIcon", () => {
 
 class DummyIcon implements Icon {
   svg: string;
-  features: Partial<IconFeatures>;
+  features: IconFeatures;
+
   constructor(svg: string, features: Partial<IconFeatures>) {
     this.svg = svg;
-    this.features = features;
+    this.features = {
+      ...NO_FEATURES,
+      ...features
+    };
   }
 
   public apply = (transformer: Transformer): Icon => transformer(this);
@@ -349,6 +414,7 @@ describe("transform", () => {
             viewPortIncreasePercent: 100,
             foregroundColor: "blue",
             backgroundColor: "blue",
+            text: "a",
           },
         })
         .apply(
@@ -356,6 +422,7 @@ describe("transform", () => {
             features: {
               foregroundColor: "override1",
               backgroundColor: "override2",
+              text: "b",
             },
           })
         ) as DummyIcon;
@@ -365,6 +432,7 @@ describe("transform", () => {
         viewPortIncreasePercent: 100,
         foregroundColor: "override1",
         backgroundColor: "override2",
+        text: "b",
       });
     });
   });
@@ -381,6 +449,7 @@ describe("transform", () => {
             viewPortIncreasePercent: 100,
             foregroundColor: "blue",
             backgroundColor: "blue",
+            text: "bob",
           },
         })
         .apply(
@@ -394,6 +463,7 @@ describe("transform", () => {
         viewPortIncreasePercent: 100,
         foregroundColor: "blue",
         backgroundColor: "blue",
+        text: "bob"
       });
     });
   });
@@ -410,6 +480,7 @@ describe("features", () => {
         viewPortIncreasePercent: 100,
         foregroundColor: "blue",
         backgroundColor: "blue",
+        text: "foobar"
       })
     ) as DummyIcon;
 
@@ -417,6 +488,7 @@ describe("features", () => {
       viewPortIncreasePercent: 100,
       foregroundColor: "blue",
       backgroundColor: "blue",
+      text: "foobar"
     });
   });
 });
@@ -556,12 +628,11 @@ describe("festivals", () => {
     backgroundColor: "black",
     foregroundColor: "black",
   });
-  let now = dayjs();
-  const clock = { now: () => now };
+  const clock = new FixedClock(dayjs());
 
   describe("on a day that isn't festive", () => {
     beforeEach(() => {
-      now = dayjs("2022/10/12");
+      clock.time = dayjs("2022/10/12");
     });
 
     it("should use the given colors", () => {
@@ -587,7 +658,7 @@ describe("festivals", () => {
 
   describe("on christmas day", () => {
     beforeEach(() => {
-      now = dayjs("2022/12/25");
+      clock.time = dayjs("2022/12/25");
     });
 
     it("should use the christmas theme colors", () => {
@@ -613,7 +684,7 @@ describe("festivals", () => {
 
   describe("on halloween", () => {
     beforeEach(() => {
-      now = dayjs("2022/10/31");
+      clock.time = dayjs("2022/10/31");
     });
 
     it("should use the given colors", () => {
@@ -638,7 +709,7 @@ describe("festivals", () => {
 
   describe("on may 4", () => {
     beforeEach(() => {
-      now = dayjs("2022/5/4");
+      clock.time = dayjs("2022/5/4");
     });
 
     it("should use the undefined colors, so no color", () => {
@@ -664,7 +735,7 @@ describe("festivals", () => {
   describe("on cny", () => {
     describe("2022", () => {
       beforeEach(() => {
-        now = dayjs("2022/02/01");
+        clock.time = dayjs("2022/02/01");
       });
 
       it("should use the cny theme", () => {
@@ -689,7 +760,7 @@ describe("festivals", () => {
 
     describe("2023", () => {
       beforeEach(() => {
-        now = dayjs("2023/01/22");
+        clock.time = dayjs("2023/01/22");
       });
 
       it("should use the cny theme", () => {
@@ -714,7 +785,7 @@ describe("festivals", () => {
 
     describe("2024", () => {
       beforeEach(() => {
-        now = dayjs("2024/02/10");
+        clock.time = dayjs("2024/02/10");
       });
 
       it("should use the cny theme", () => {
@@ -740,7 +811,7 @@ describe("festivals", () => {
 
   describe("on holi", () => {
     beforeEach(() => {
-      now = dayjs("2022/03/18");
+      clock.time = dayjs("2022/03/18");
     });
 
     it("should use the given colors", () => {

tests/in_memory_music_service.test.ts

@@ -1,6 +1,8 @@
+import { taskEither as TE } from "fp-ts";
+import { pipe } from "fp-ts/lib/function";
+
 import { InMemoryMusicService } from "./in_memory_music_service";
 import {
-  AuthSuccess,
   MusicLibrary,
   artistToArtistSummary,
   albumToAlbumSummary,
@@ -18,6 +20,7 @@ import {
 } from "./builders";
 import _ from "underscore";
 
+
 describe("InMemoryMusicService", () => {
   const service = new InMemoryMusicService();
 
@@ -27,12 +30,15 @@ describe("InMemoryMusicService", () => {
 
       service.hasUser(credentials);
 
-      const token = (await service.generateToken(credentials)) as AuthSuccess;
+      const token = await pipe(
+        service.generateToken(credentials),
+        TE.getOrElse(e => { throw e })
+      )();
 
       expect(token.userId).toEqual(credentials.username);
       expect(token.nickname).toEqual(credentials.username);
 
-      const musicLibrary = service.login(token.authToken);
+      const musicLibrary = service.login(token.serviceToken);
 
       expect(musicLibrary).toBeDefined();
     });
@@ -42,34 +48,19 @@ describe("InMemoryMusicService", () => {
 
       service.hasUser(credentials);
 
-      const token = (await service.generateToken(credentials)) as AuthSuccess;
+      const token = await pipe(
+        service.generateToken(credentials),
+        TE.getOrElse(e => { throw e })
+      )();
 
       service.clear();
 
-      return expect(service.login(token.authToken)).rejects.toEqual(
+      return expect(service.login(token.serviceToken)).rejects.toEqual(
         "Invalid auth token"
       );
     });
   });
   
-  describe("artistToArtistSummary", () => {
-    it("should map fields correctly", () => {
-      const artist = anArtist({
-        id: uuid(),
-        name: "The Artist",
-        image: {
-          small: "/path/to/small/jpg",
-          medium: "/path/to/medium/jpg",
-          large: "/path/to/large/jpg",
-        },
-      });
-      expect(artistToArtistSummary(artist)).toEqual({
-        id: artist.id,
-        name: artist.name,
-      });
-    });
-  });
-
   describe("Music Library", () => {
     const user = { username: "user100", password: "password100" };
     let musicLibrary: MusicLibrary;
@@ -79,8 +70,12 @@ describe("InMemoryMusicService", () => {
 
       service.hasUser(user);
 
-      const token = (await service.generateToken(user)) as AuthSuccess;
-      musicLibrary = (await service.login(token.authToken)) as MusicLibrary;
+      const token = await pipe(
+        service.generateToken(user),
+        TE.getOrElse(e => { throw e })
+      )();
+
+      musicLibrary = (await service.login(token.serviceToken)) as MusicLibrary;
     });
 
     describe("artists", () => {
@@ -143,8 +138,8 @@ describe("InMemoryMusicService", () => {
 
       describe("when it exists", () => {
         it("should provide an artist", async () => {
-          expect(await musicLibrary.artist(artist1.id)).toEqual(artist1);
-          expect(await musicLibrary.artist(artist2.id)).toEqual(artist2);
+          expect(await musicLibrary.artist(artist1.id!)).toEqual(artist1);
+          expect(await musicLibrary.artist(artist2.id!)).toEqual(artist2);
         });
       });
 

tests/in_memory_music_service.ts

@@ -1,4 +1,4 @@
-import { option as O } from "fp-ts";
+import { option as O, taskEither as TE } from "fp-ts";
 import * as A from "fp-ts/Array";
 import { fromEquals } from "fp-ts/lib/Eq";
 import { pipe } from "fp-ts/lib/function";
@@ -24,6 +24,7 @@ import {
   Genre,
   Rating,
 } from "../src/music_service";
+import { BUrn } from "../src/burn";
 
 export class InMemoryMusicService implements MusicService {
   users: Record<string, string> = {};
@@ -33,24 +34,29 @@ export class InMemoryMusicService implements MusicService {
   generateToken({
     username,
     password,
-  }: Credentials): Promise<AuthSuccess | AuthFailure> {
+  }: Credentials): TE.TaskEither<AuthFailure, AuthSuccess> {
     if (
       username != undefined &&
       password != undefined &&
       this.users[username] == password
     ) {
-      return Promise.resolve({
-        authToken: b64Encode(JSON.stringify({ username, password })),
+      return TE.right({
+        serviceToken: b64Encode(JSON.stringify({ username, password })),
         userId: username,
         nickname: username,
+        type: "in-memory"
       });
     } else {
-      return Promise.resolve({ message: `Invalid user:${username}` });
+      return TE.left(new AuthFailure(`Invalid user:${username}`));
     }
   }
 
-  login(token: string): Promise<MusicLibrary> {
-    const credentials = JSON.parse(b64Decode(token)) as Credentials;
+  refreshToken(serviceToken: string): TE.TaskEither<AuthFailure, AuthSuccess> {
+    return this.generateToken(JSON.parse(b64Decode(serviceToken)))
+  }
+
+  login(serviceToken: string): Promise<MusicLibrary> {
+    const credentials = JSON.parse(b64Decode(serviceToken)) as Credentials;
     if (this.users[credentials.username] != credentials.password)
       return Promise.reject("Invalid auth token");
 
@@ -131,8 +137,8 @@ export class InMemoryMusicService implements MusicService {
         ),
       stream: (_: { trackId: string; range: string | undefined }) =>
         Promise.reject("unsupported operation"),
-      coverArt: (id: string, size?: number) =>
-        Promise.reject(`Cannot retrieve coverArt for ${id}, size ${size}`),
+      coverArt: (coverArtURN: BUrn, size?: number) =>
+        Promise.reject(`Cannot retrieve coverArt for ${coverArtURN}, size ${size}`),
       scrobble: async (_: string) => {
         return Promise.resolve(true);
       },
@@ -155,6 +161,9 @@ export class InMemoryMusicService implements MusicService {
         Promise.reject("Unsupported operation"),
       similarSongs: async (_: string) => Promise.resolve([]),
       topSongs: async (_: string) => Promise.resolve([]),
+      radioStations: async () => Promise.resolve([]),
+      radioStation: async (_: string) => Promise.reject("Unsupported operation"),
+      years: async () => Promise.resolve([]),
     });
   }
 

tests/link_codes.test.ts

@@ -18,7 +18,7 @@ describe("InMemoryLinkCodes", () => {
     describe('when token is valid', () => {
       it('should associate the token', () => {
         const linkCode = linkCodes.mint();
-        const association = { authToken: "token123", nickname: "bob", userId: "1" };
+        const association = { serviceToken: "token123", nickname: "bob", userId: "1" };
 
         linkCodes.associate(linkCode, association);
 
@@ -29,7 +29,7 @@ describe("InMemoryLinkCodes", () => {
     describe('when token is valid', () => {
       it('should throw an error', () => {
         const invalidLinkCode = "invalidLinkCode";
-        const association = { authToken: "token456", nickname: "bob", userId: "1" };
+        const association = { serviceToken: "token456", nickname: "bob", userId: "1" };
 
         expect(() => linkCodes.associate(invalidLinkCode, association)).toThrow(`Invalid linkCode ${invalidLinkCode}`)
       }); 

tests/music_service.test.ts

@@ -0,0 +1,22 @@
+import { v4 as uuid } from "uuid";
+
+import { anArtist } from "./builders";
+import { artistToArtistSummary } from "../src/music_service";
+
+describe("artistToArtistSummary", () => {
+  it("should map fields correctly", () => {
+    const artist = anArtist({
+      id: uuid(),
+      name: "The Artist",
+      image: {
+        system: "external",
+        resource: "http://example.com:1234/image.jpg",
+      },
+    });
+    expect(artistToArtistSummary(artist)).toEqual({
+      id: artist.id,
+      name: artist.name,
+      image: artist.image,
+    });
+  });
+});

tests/random_string.test.ts

@@ -1,16 +0,0 @@
-import randomString from "../src/random_string";
-
-describe('randomString', () => {
-  it('should produce different strings...', () => {
-    const s1 = randomString()
-    const s2 = randomString()
-    const s3 = randomString()
-    const s4 = randomString()
-
-    expect(s1.length).toEqual(64)
-    
-    expect(s1).not.toEqual(s2);
-    expect(s1).not.toEqual(s3);
-    expect(s1).not.toEqual(s4);
-  });
-});

tests/scenarios.test.ts

@@ -33,9 +33,10 @@ class LoggedInSonosDriver {
     this.client = client;
     this.token = token;
     this.client.addSoapHeader({
-      credentials: someCredentials(
-        this.token.getDeviceAuthTokenResult.authToken
-      ),
+      credentials: someCredentials({
+        token: this.token.getDeviceAuthTokenResult.authToken,
+        key: this.token.getDeviceAuthTokenResult.privateKey
+      }),
     });
   }
 
@@ -93,7 +94,7 @@ class SonosDriver {
       .get(this.bonobUrl.append({ pathname: "/" }).pathname())
       .expect(200)
       .then((response) => {
-        const m = response.text.match(/ action="(.*)" /i);
+        const m = response.text.match(/ action="([^"]+)"/i);
         return m![1]!;
       });
 
@@ -272,7 +273,7 @@ describe("scenarios", () => {
       bonobUrl,
       musicService,
       {
-        linkCodes: () => linkCodes
+        linkCodes: () => linkCodes,
       }
     );
 

tests/smapi_auth.test.ts

@@ -0,0 +1,188 @@
+import { v4 as uuid } from "uuid";
+import jwt from "jsonwebtoken";
+
+import {
+  ExpiredTokenError,
+  InvalidTokenError,
+  isSmapiRefreshTokenResultFault,
+  JWTSmapiLoginTokens,
+  smapiTokenAsString,
+  smapiTokenFromString,
+  SMAPI_TOKEN_VERSION,
+} from "../src/smapi_auth";
+import { either as E } from "fp-ts";
+import { FixedClock } from "../src/clock";
+import dayjs from "dayjs";
+import { b64Encode } from "../src/b64";
+
+describe("smapiTokenAsString", () => {
+  it("can round trip token to and from string", () => {
+    const smapiToken = { token: uuid(), key: uuid(), someOtherStuff: 'this needs to be explicitly ignored' };
+    const asString = smapiTokenAsString(smapiToken)
+
+    expect(asString).toEqual(b64Encode(JSON.stringify({
+      token: smapiToken.token,
+      key: smapiToken.key,
+    })));
+    expect(smapiTokenFromString(asString)).toEqual({
+      token: smapiToken.token,
+      key: smapiToken.key
+    });
+  });
+});
+
+describe("isSmapiRefreshTokenResultFault", () => {
+  it("should return true for a refreshAuthTokenResult fault", () => {
+    const faultWithRefreshAuthToken = {
+      Fault: {
+        faultcode: "",
+        faultstring: "",
+        detail: {
+          refreshAuthTokenResult: {
+            authToken: "x",
+            privateKey: "x",
+          },
+        },
+      },
+    };
+    expect(isSmapiRefreshTokenResultFault(faultWithRefreshAuthToken)).toEqual(
+      true
+    );
+  });
+
+  it("should return false when is not a refreshAuthTokenResult", () => {
+    expect(isSmapiRefreshTokenResultFault({ Fault: { faultcode: "", faultstring:" " }})).toEqual(
+      false
+    );
+  });
+});
+
+describe("auth", () => {
+  describe("JWTSmapiLoginTokens", () => {
+    const clock = new FixedClock(dayjs());
+
+    const expiresIn = "1h";
+    const secret = `secret-${uuid()}`;
+    const key = uuid();
+    const smapiLoginTokens = new JWTSmapiLoginTokens(clock, secret, expiresIn, () => key);
+
+    describe("issuing a new token", () => {
+      it("should issue a token that can then be verified", () => {
+        const serviceToken = `service-token-${uuid()}`;
+
+        const smapiToken = smapiLoginTokens.issue(serviceToken);
+
+        const expected = jwt.sign(
+          {
+            serviceToken,
+            iat: clock.now().unix(),
+          },
+          secret + SMAPI_TOKEN_VERSION + key,
+          { expiresIn }
+        );
+
+        expect(smapiToken.token).toEqual(expected);
+        expect(smapiToken.token).not.toContain(serviceToken);
+        expect(smapiToken.token).not.toContain(secret);
+        expect(smapiToken.token).not.toContain(":");
+
+        const roundTripped = smapiLoginTokens.verify(smapiToken);
+
+        expect(roundTripped).toEqual(E.right(serviceToken));
+      });
+    });
+
+    describe("when verifying the token fails", () => {
+      describe("due to the version changing", () => {
+        it("should return an error", () => {
+          const authToken = uuid();
+
+          const vXSmapiTokens = new JWTSmapiLoginTokens(
+            clock,
+            secret,
+            expiresIn,
+            uuid,
+            SMAPI_TOKEN_VERSION
+          );
+
+          const vXPlus1SmapiTokens = new JWTSmapiLoginTokens(
+            clock,
+            secret,
+            expiresIn,
+            () => uuid(),
+            SMAPI_TOKEN_VERSION + 1
+          );
+
+          const v1Token = vXSmapiTokens.issue(authToken);
+          expect(vXSmapiTokens.verify(v1Token)).toEqual(E.right(authToken));
+
+          const result = vXPlus1SmapiTokens.verify(v1Token);
+          expect(result).toEqual(
+            E.left(new InvalidTokenError("invalid signature"))
+          );
+        });
+      });
+      
+      describe("due to secret changing", () => {
+        it("should return an error", () => {
+          const authToken = uuid();
+
+          const smapiToken = new JWTSmapiLoginTokens(
+            clock,
+            "A different secret",
+            expiresIn
+          ).issue(authToken);
+
+          const result = smapiLoginTokens.verify(smapiToken);
+          expect(result).toEqual(
+            E.left(new InvalidTokenError("invalid signature"))
+          );
+        });
+      });
+
+      describe("due to key changing", () => {
+        it("should return an error", () => {
+          const authToken = uuid();
+
+          const smapiToken = smapiLoginTokens.issue(authToken);
+
+          const result = smapiLoginTokens.verify({
+            ...smapiToken,
+            key: "some other key",
+          });
+          expect(result).toEqual(
+            E.left(new InvalidTokenError("invalid signature"))
+          );
+        });
+      });
+    });
+
+    describe("when the token has expired", () => {
+      it("should return an ExpiredTokenError, with the authToken", () => {
+        const authToken = uuid();
+        const now = dayjs();
+        const tokenIssuedAt = now.subtract(31, "seconds");
+
+        const tokensWith30SecondExpiry = new JWTSmapiLoginTokens(
+          clock,
+          uuid(),
+          "30s"
+        );
+
+        clock.time = tokenIssuedAt;
+        const expiredToken = tokensWith30SecondExpiry.issue(authToken);
+
+        clock.time = now;
+
+        const result = tokensWith30SecondExpiry.verify(expiredToken);
+        expect(result).toEqual(
+          E.left(
+            new ExpiredTokenError(
+              authToken
+            )
+          )
+        );
+      });
+    });
+  });
+});

tests/sqlite_smapi_token_store.test.ts

@@ -0,0 +1,234 @@
+import fs from "fs";
+import path from "path";
+import { SQLiteSmapiTokenStore } from "../src/sqlite_smapi_token_store";
+import { SmapiToken } from "../src/smapi_auth";
+import { JWTSmapiLoginTokens } from "../src/smapi_auth";
+import { SystemClock } from "../src/clock";
+
+describe("SQLiteSmapiTokenStore", () => {
+  const testDbPath = path.join(__dirname, "test-tokens.db");
+  const testJsonPath = path.join(__dirname, "test-tokens.json");
+  let tokenStore: SQLiteSmapiTokenStore;
+
+  beforeEach(() => {
+    // Clean up any existing test files
+    if (fs.existsSync(testDbPath)) {
+      fs.unlinkSync(testDbPath);
+    }
+    if (fs.existsSync(testJsonPath)) {
+      fs.unlinkSync(testJsonPath);
+    }
+    if (fs.existsSync(`${testJsonPath}.bak`)) {
+      fs.unlinkSync(`${testJsonPath}.bak`);
+    }
+
+    tokenStore = new SQLiteSmapiTokenStore(testDbPath);
+  });
+
+  afterEach(() => {
+    tokenStore.close();
+
+    // Clean up test files
+    if (fs.existsSync(testDbPath)) {
+      fs.unlinkSync(testDbPath);
+    }
+    if (fs.existsSync(testJsonPath)) {
+      fs.unlinkSync(testJsonPath);
+    }
+    if (fs.existsSync(`${testJsonPath}.bak`)) {
+      fs.unlinkSync(`${testJsonPath}.bak`);
+    }
+  });
+
+  describe("Database Initialization", () => {
+    it("should create database file on initialization", () => {
+      expect(fs.existsSync(testDbPath)).toBe(true);
+    });
+
+    it("should create parent directory if it doesn't exist", () => {
+      const nestedPath = path.join(__dirname, "nested", "dir", "tokens.db");
+      const nestedStore = new SQLiteSmapiTokenStore(nestedPath);
+
+      expect(fs.existsSync(nestedPath)).toBe(true);
+
+      nestedStore.close();
+      fs.unlinkSync(nestedPath);
+      fs.rmdirSync(path.dirname(nestedPath));
+      fs.rmdirSync(path.dirname(path.dirname(nestedPath)));
+    });
+  });
+
+  describe("Token Operations", () => {
+    const testToken: SmapiToken = {
+      token: "test-jwt-token",
+      key: "test-key-123",
+    };
+
+    it("should set and get a token", () => {
+      tokenStore.set("token1", testToken);
+      const retrieved = tokenStore.get("token1");
+
+      expect(retrieved).toEqual(testToken);
+    });
+
+    it("should return undefined for non-existent token", () => {
+      const retrieved = tokenStore.get("non-existent");
+      expect(retrieved).toBeUndefined();
+    });
+
+    it("should update existing token", () => {
+      tokenStore.set("token1", testToken);
+
+      const updatedToken: SmapiToken = {
+        token: "updated-jwt-token",
+        key: "updated-key-456",
+      };
+
+      tokenStore.set("token1", updatedToken);
+      const retrieved = tokenStore.get("token1");
+
+      expect(retrieved).toEqual(updatedToken);
+    });
+
+    it("should delete a token", () => {
+      tokenStore.set("token1", testToken);
+      tokenStore.delete("token1");
+      const retrieved = tokenStore.get("token1");
+
+      expect(retrieved).toBeUndefined();
+    });
+
+    it("should get all tokens", () => {
+      const token1: SmapiToken = { token: "jwt1", key: "key1" };
+      const token2: SmapiToken = { token: "jwt2", key: "key2" };
+      const token3: SmapiToken = { token: "jwt3", key: "key3" };
+
+      tokenStore.set("tokenKey1", token1);
+      tokenStore.set("tokenKey2", token2);
+      tokenStore.set("tokenKey3", token3);
+
+      const allTokens = tokenStore.getAll();
+
+      expect(Object.keys(allTokens).length).toBe(3);
+      expect(allTokens["tokenKey1"]).toEqual(token1);
+      expect(allTokens["tokenKey2"]).toEqual(token2);
+      expect(allTokens["tokenKey3"]).toEqual(token3);
+    });
+
+    it("should return empty object when no tokens exist", () => {
+      const allTokens = tokenStore.getAll();
+      expect(allTokens).toEqual({});
+    });
+  });
+
+  describe("Token Cleanup", () => {
+    it("should cleanup invalid tokens", () => {
+      const smapiAuthTokens = new JWTSmapiLoginTokens(SystemClock, "test-secret", "1h");
+
+      // Create valid tokens
+      const validToken1 = smapiAuthTokens.issue("service-token-1");
+      const validToken2 = smapiAuthTokens.issue("service-token-2");
+
+      // Create invalid token (wrong secret)
+      const invalidAuthTokens = new JWTSmapiLoginTokens(SystemClock, "different-secret", "1h");
+      const invalidToken = invalidAuthTokens.issue("service-token-3");
+
+      tokenStore.set("valid1", validToken1);
+      tokenStore.set("valid2", validToken2);
+      tokenStore.set("invalid", invalidToken);
+
+      // Clean up
+      const deletedCount = tokenStore.cleanupExpired(smapiAuthTokens);
+
+      expect(deletedCount).toBe(1);
+      expect(tokenStore.get("valid1")).toBeDefined();
+      expect(tokenStore.get("valid2")).toBeDefined();
+      expect(tokenStore.get("invalid")).toBeUndefined();
+    });
+
+    it("should not cleanup expired tokens that can be refreshed", () => {
+      // Note: This test would require mocking time to create an expired token
+      // For now, we just verify the function runs without error
+      const smapiAuthTokens = new JWTSmapiLoginTokens(SystemClock, "test-secret", "1h");
+      const validToken = smapiAuthTokens.issue("service-token-1");
+
+      tokenStore.set("token1", validToken);
+      const deletedCount = tokenStore.cleanupExpired(smapiAuthTokens);
+
+      expect(deletedCount).toBe(0);
+      expect(tokenStore.get("token1")).toBeDefined();
+    });
+  });
+
+  describe("JSON Migration", () => {
+    it("should migrate tokens from JSON file", () => {
+      const jsonTokens = {
+        token1: { token: "jwt1", key: "key1" },
+        token2: { token: "jwt2", key: "key2" },
+        token3: { token: "jwt3", key: "key3" },
+      };
+
+      fs.writeFileSync(testJsonPath, JSON.stringify(jsonTokens, null, 2), "utf8");
+
+      const migratedCount = tokenStore.migrateFromJSON(testJsonPath);
+
+      expect(migratedCount).toBe(3);
+      expect(tokenStore.get("token1")).toEqual(jsonTokens.token1);
+      expect(tokenStore.get("token2")).toEqual(jsonTokens.token2);
+      expect(tokenStore.get("token3")).toEqual(jsonTokens.token3);
+    });
+
+    it("should create backup of original JSON file", () => {
+      const jsonTokens = {
+        token1: { token: "jwt1", key: "key1" },
+      };
+
+      fs.writeFileSync(testJsonPath, JSON.stringify(jsonTokens, null, 2), "utf8");
+      tokenStore.migrateFromJSON(testJsonPath);
+
+      expect(fs.existsSync(`${testJsonPath}.bak`)).toBe(true);
+      expect(fs.existsSync(testJsonPath)).toBe(false);
+    });
+
+    it("should return 0 when JSON file does not exist", () => {
+      const migratedCount = tokenStore.migrateFromJSON(testJsonPath);
+      expect(migratedCount).toBe(0);
+    });
+
+    it("should handle empty JSON file", () => {
+      fs.writeFileSync(testJsonPath, JSON.stringify({}), "utf8");
+      const migratedCount = tokenStore.migrateFromJSON(testJsonPath);
+
+      expect(migratedCount).toBe(0);
+    });
+  });
+
+  describe("Persistence", () => {
+    it("should persist tokens across instances", () => {
+      const testToken: SmapiToken = { token: "jwt1", key: "key1" };
+
+      tokenStore.set("token1", testToken);
+      tokenStore.close();
+
+      // Create new instance with same database
+      const newStore = new SQLiteSmapiTokenStore(testDbPath);
+      const retrieved = newStore.get("token1");
+
+      expect(retrieved).toEqual(testToken);
+
+      newStore.close();
+    });
+  });
+
+  describe("Close", () => {
+    it("should close database connection without error", () => {
+      expect(() => tokenStore.close()).not.toThrow();
+    });
+
+    it("should handle multiple close calls gracefully", () => {
+      tokenStore.close();
+      // Second close should not throw
+      expect(() => tokenStore.close()).not.toThrow();
+    });
+  });
+});

tests/tsconfig.json

@@ -1,23 +1,23 @@
 {
-    "extends": "../tsconfig.json",
-    "compilerOptions": {
-      "target": "es2019",
-      "baseUrl": "./",
-      "module": "commonjs",
-      "experimentalDecorators": true,
-      "strictPropertyInitialization": false,
-      "isolatedModules": false,
-      "strict": true,
-      "noImplicitAny": false,
-      "typeRoots" : [
-        "../typings",
-        "../node_modules/@types"
-      ]
-    },
-    "exclude": [
-      "../node_modules"
-    ],
-    "include": [
-      "./**/*.ts"
+  "extends": "../tsconfig.json",
+  "compilerOptions": {
+    "target": "es2019",
+    "baseUrl": "./",
+    "module": "commonjs",
+    "experimentalDecorators": true,
+    "strictPropertyInitialization": false,
+    "isolatedModules": false,
+    "strict": true,
+    "noImplicitAny": false,
+    "typeRoots" : [
+      "../typings",
+      "../node_modules/@types"
     ]
-  }
+  },
+  "exclude": [
+    "../node_modules"
+  ],
+  "include": [
+    "./**/*.ts"
+  ]
+}

tsconfig.json

@@ -50,11 +50,11 @@
     // "rootDirs": [],                        /* List of root folders whose combined content represents the structure of the project at runtime. */
     "typeRoots": [
       "./typings",
-      "node_modules/@types"
+      "./node_modules/@types"
     ]
      /* List of folders to include type definitions from. */,
     // "types": ["src/customTypes/scale-that-svg.d.ts"],                           /* Type declaration files to be included in compilation. */
-    // "allowSyntheticDefaultImports": true,  /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */
+    "allowSyntheticDefaultImports": true,  /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */
     "esModuleInterop": true /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */,
     // "preserveSymlinks": true,              /* Do not resolve the real path of symlinks. */
     // "allowUmdGlobalAccess": true,          /* Allow accessing UMD globals from modules. */

web/icons/navidrome-radio.svg

@@ -0,0 +1,4 @@
+<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24">
+    <path d="M20 6H8.3l8.26-3.34L15.88 1 3.24 6.15C2.51 6.43 2 7.17 2 8v12c0 1.1.89 2 2 2h16c1.11 0 2-.9 2-2V8c0-1.11-.89-2-2-2zm0 2v3h-2V9h-2v2H4V8h16zM4 20v-7h16v7H4z"></path>
+    <circle cx="8" cy="16.48" r="2.5"></circle>
+</svg>

web/icons/yy.svg

@@ -0,0 +1,3 @@
+<svg viewBox="0 0 100 100" xmlns="http://www.w3.org/2000/svg">
+  <text x="50" y="75" font-size="65" text-anchor="middle" font-family="Arial, sans-serif" font-weight="bold">80s</text>
+</svg>

web/icons/yyyy.svg

@@ -0,0 +1,3 @@
+<svg viewBox="0 0 100 100" xmlns="http://www.w3.org/2000/svg">
+  <text x="50" y="65" font-size="35" text-anchor="middle" font-family="Arial, sans-serif" font-weight="bold">1980</text>
+</svg>

web/views/failure.eta

@@ -1,6 +1,12 @@
 <% layout('./layout', { title: it.lang("failure") }) %>
 
 <div id="content">
-  <h1 class="failure"><%= it.message %></h1>
-  <h1 class="cause"><%= it.cause || "" %></h1>
+  <div class="message-container">
+    <div class="logo">✗</div>
+    <h1><%= it.message %></h1>
+    <% if (it.cause) { %>
+      <p style="color: #dc3545; margin-top: 15px;"><%= it.cause %></p>
+    <% } %>
+    <p style="color: #dc3545; font-weight: 600; margin-top: 10px;"><%= it.lang("failure") %></p>
+  </div>
 </div>

web/views/index.eta

@@ -1,45 +1,61 @@
 <% layout('./layout') %>
 
-<div id="content">
-  <div width="100%" style="text-align:right;color:grey"><%= it.version %></div>
-  <h1><%= it.bonobService.name %> (<%= it.bonobService.sid %>)</h1>
-  <h3><%= it.lang("expectedConfig") %></h3>
-  <div><%= JSON.stringify(it.bonobService) %></div>
-  <br/>
+<div id="content" class="index-content">
+  <div style="text-align:right;color:#999;font-size:0.85rem;margin-bottom:20px"><%= it.version %></div>
+  <div class="logo">🎵</div>
+  <h1><%= it.bonobService.name %></h1>
+  <p style="color:#999;margin-bottom:30px">Service ID: <%= it.bonobService.sid %></p>
+
   <% if(it.devices.length > 0) { %>
-  <form action="<%= it.createRegistrationRoute %>" method="POST">
-    <input type="submit" value="<%= it.lang("register") %>">
+  <form action="<%= it.createRegistrationRoute %>" method="POST" style="margin-bottom:30px">
+    <input type="submit" value="<%= it.lang("register") %>" id="submit">
   </form>
-  <br/>
   <% } else { %>
-  <h3><%= it.lang("noSonosDevices") %></h3>
-  <br/>
+  <p style="color:#dc3545;font-weight:600;margin:30px 0"><%= it.lang("noSonosDevices") %></p>
   <% } %>
 
   <% if(it.registeredBonobService) { %>
-    <h3><%= it.lang("existingServiceConfig") %></h3>
-    <div><%= JSON.stringify(it.registeredBonobService) %></div>
+    <div style="margin:20px 0;padding:15px;background:#f8f9fa;border-radius:8px">
+      <h3 style="font-size:1.1rem;margin-bottom:10px;color:#667eea"><%= it.lang("existingServiceConfig") %></h3>
+      <pre style="font-size:0.85rem;text-align:left;overflow-x:auto"><%= JSON.stringify(it.registeredBonobService, null, 2) %></pre>
+    </div>
   <% } else { %>
-    <h3><%= it.lang("noExistingServiceRegistration") %></h3>
+    <p style="color:#999;margin:20px 0"><%= it.lang("noExistingServiceRegistration") %></p>
   <% } %>
+
   <% if(it.registeredBonobService) { %>
-    <br/>
-    <form action="<%= it.removeRegistrationRoute %>" method="POST">
-      <input type="submit" value="<%= it.lang("removeRegistration") %>">
+    <form action="<%= it.removeRegistrationRoute %>" method="POST" style="margin:20px 0">
+      <input type="submit" value="<%= it.lang("removeRegistration") %>" id="submit" style="background:#dc3545">
     </form>
   <% } %>
 
-  <br/>
-  <h2><%= it.lang("devices") %> (<%= it.devices.length %>)</h2>
-  <ul>
-    <% it.devices.forEach(function(d){ %>
-      <li><%= d.name %> (<%= d.ip %>:<%= d.port %>)</li>
-    <% }) %>
-  </ul>
-  <h2><%= it.lang("services") %> (<%= it.services.length %>)</h2>
-  <ul>
-    <% it.services.forEach(function(s){ %>
-      <li><%= s.name %> (<%= s.sid %>)</li>
-    <% }) %>
-  </ul>
+  <div style="margin-top:40px;padding-top:30px;border-top:2px solid #e0e0e0">
+    <h2 style="font-size:1.5rem;margin-bottom:15px"><%= it.lang("devices") %> (<%= it.devices.length %>)</h2>
+    <% if(it.devices.length > 0) { %>
+    <ul style="list-style:none;text-align:left;padding:0">
+      <% it.devices.forEach(function(d){ %>
+        <li style="padding:10px;margin:5px 0;background:#f8f9fa;border-radius:6px">
+          <strong><%= d.name %></strong> <span style="color:#999">(<%= d.ip %>:<%= d.port %>)</span>
+        </li>
+      <% }) %>
+    </ul>
+    <% } else { %>
+    <p style="color:#999">No devices found</p>
+    <% } %>
+  </div>
+
+  <div style="margin-top:30px">
+    <h2 style="font-size:1.5rem;margin-bottom:15px"><%= it.lang("services") %> (<%= it.services.length %>)</h2>
+    <% if(it.services.length > 0) { %>
+    <ul style="list-style:none;text-align:left;padding:0">
+      <% it.services.forEach(function(s){ %>
+        <li style="padding:10px;margin:5px 0;background:#f8f9fa;border-radius:6px">
+          <strong><%= s.name %></strong> <span style="color:#999">(SID: <%= s.sid %>)</span>
+        </li>
+      <% }) %>
+    </ul>
+    <% } else { %>
+    <p style="color:#999">No services registered</p>
+    <% } %>
+  </div>
 </div>

web/views/layout.eta

@@ -1,46 +1,189 @@
 <!DOCTYPE html>
 <html lang="en">
   <head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title><%= it.title || "bonob" %></title>
     <style>
+* {
+  margin: 0;
+  padding: 0;
+  box-sizing: border-box;
+}
+
 body {
-  font-family: -apple-system,BlinkMacSystemFont,"Segoe UI","Roboto","Oxygen","Ubuntu","Cantarell","Fira Sans","Droid Sans","Helvetica Neue",sans-serif;
+  font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Cantarell", "Fira Sans", "Droid Sans", "Helvetica Neue", sans-serif;
+  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+  min-height: 100vh;
+  display: flex;
+  align-items: center;
+  justify-content: center;
+  padding: 20px;
 }
 
 div#content {
-  margin: auto;
-  width: 60%;
+  background: white;
+  border-radius: 20px;
+  box-shadow: 0 20px 60px rgba(0, 0, 0, 0.3);
+  padding: 50px 40px;
+  max-width: 450px;
+  width: 100%;
+  animation: slideIn 0.5s ease-out;
+}
+
+@keyframes slideIn {
+  from {
+    opacity: 0;
+    transform: translateY(-30px);
+  }
+  to {
+    opacity: 1;
+    transform: translateY(0);
+  }
 }
 
 h1 {
-  font-size: 700%;
+  font-size: 2.5rem;
+  font-weight: 700;
+  color: #333;
+  text-align: center;
+  margin-bottom: 40px;
+  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+  -webkit-background-clip: text;
+  -webkit-text-fill-color: transparent;
+  background-clip: text;
+}
+
+form {
+  display: flex;
+  flex-direction: column;
+  gap: 25px;
+}
+
+.form-group {
+  display: flex;
+  flex-direction: column;
+  gap: 8px;
 }
 
 label {
-  font-size: 300%;
+  font-size: 0.95rem;
+  font-weight: 600;
+  color: #555;
+  margin-left: 5px;
 }
 
-input {
-  font-size: 300%;
-  width: 80%;
+input[type="text"],
+input[type="password"] {
+  width: 100%;
+  padding: 15px 20px;
+  font-size: 1rem;
+  border: 2px solid #e0e0e0;
+  border-radius: 12px;
+  transition: all 0.3s ease;
+  background: #f8f9fa;
+}
+
+input[type="text"]:focus,
+input[type="password"]:focus {
+  outline: none;
+  border-color: #667eea;
+  background: white;
+  box-shadow: 0 0 0 4px rgba(102, 126, 234, 0.1);
+  transform: translateY(-2px);
 }
 
 input#submit {
-  margin-top: 100px
+  width: 100%;
+  padding: 16px;
+  font-size: 1.1rem;
+  font-weight: 600;
+  color: white;
+  background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
+  border: none;
+  border-radius: 12px;
+  cursor: pointer;
+  transition: all 0.3s ease;
+  margin-top: 10px;
+  box-shadow: 0 4px 15px rgba(102, 126, 234, 0.4);
 }
 
-.one-word-per-line {
-    word-spacing: 100000px; 
+input#submit:hover {
+  transform: translateY(-2px);
+  box-shadow: 0 6px 20px rgba(102, 126, 234, 0.5);
 }
 
-.login{
-    width: min-intrinsic;
-    width: -webkit-min-content;
-    width: -moz-min-content;
-    width: min-content;
-    display: table-caption;
-    display: -ms-grid;
-    -ms-grid-columns: min-content;
+input#submit:active {
+  transform: translateY(0);
+}
+
+.logo {
+  text-align: center;
+  margin-bottom: 20px;
+  font-size: 3rem;
+  opacity: 0.9;
+}
+
+/* Success and failure page styles */
+.message-container {
+  text-align: center;
+  padding: 20px 0;
+}
+
+.message-container h1 {
+  font-size: 2rem;
+  margin-bottom: 20px;
+}
+
+.message-container p {
+  font-size: 1.1rem;
+  color: #666;
+  line-height: 1.6;
+}
+
+/* Index page styles */
+.index-content {
+  text-align: center;
+}
+
+.index-content h1 {
+  font-size: 2.5rem;
+  margin-bottom: 20px;
+}
+
+.index-content p {
+  font-size: 1.1rem;
+  color: #666;
+  line-height: 1.8;
+  margin-bottom: 15px;
+}
+
+.index-content a {
+  color: #667eea;
+  text-decoration: none;
+  font-weight: 600;
+  transition: color 0.3s ease;
+}
+
+.index-content a:hover {
+  color: #764ba2;
+  text-decoration: underline;
+}
+
+/* Responsive design */
+@media (max-width: 500px) {
+  div#content {
+    padding: 40px 30px;
+  }
+
+  h1 {
+    font-size: 2rem;
+  }
+
+  input[type="text"],
+  input[type="password"] {
+    padding: 12px 16px;
+  }
 }
     </style>
   </head>

web/views/login.eta

@@ -1,12 +1,17 @@
 <% layout('./layout', { title: it.lang("login") }) %>
 
 <div id="content">
-  <h1 class="login one-word-per-line"><%= it.lang("logInToBonob") %></h1>
+  <div class="logo">🎵</div>
+  <h1><%= it.lang("logInToBonob") %></h1>
   <form action="<%= it.loginRoute %>" method="POST">
-    <label for="username"><%= it.lang("username") %>:</label><br>
-    <input type="text" id="username" name="username"><br><br>
-    <label for="password"><%= it.lang("password") %>:</label><br>
-    <input type="password" id="password" name="password"><br>
+    <div class="form-group">
+      <label for="username"><%= it.lang("username") %></label>
+      <input type="text" id="username" name="username" required autofocus>
+    </div>
+    <div class="form-group">
+      <label for="password"><%= it.lang("password") %></label>
+      <input type="password" id="password" name="password" required>
+    </div>
     <input type="hidden" name="linkCode" value="<%= it.linkCode %>">
     <input type="submit" value="<%= it.lang("login") %>" id="submit">
   </form>

web/views/success.eta

@@ -1,5 +1,9 @@
 <% layout('./layout', { title: it.lang("success") }) %>
 
 <div id="content">
-  <h1 class="success"><%= it.message %></h1>
+  <div class="message-container">
+    <div class="logo">✓</div>
+    <h1><%= it.message %></h1>
+    <p style="color: #28a745; font-weight: 600; margin-top: 10px;"><%= it.lang("success") %></p>
+  </div>
 </div>