Use AirPlay credentials to authenticate when streaming to an Apple TV (tvOS)

[postlund]

What feature would you like?
AirPlay and RAOP shares the same "connection" and uses the same crypto routines. So when streaming to an Apple TV running tvOS (older generations are not affected), the same verification process performed when using play_url needs to be done. A forbidden response is returned now:

2021-05-12 12:34:09 DEBUG [pyatv.raop.rtsp]: Got RTSP response to 0: RtspResponse(code=403, message='Forbidden', headers={'Content-Length': '0', 'Server': 'AirTunes/540.31.41', 'CSeq': '0'}, body=''):

Describe the solution you'd like
On one end, this should be pretty easy as all code is already in place. On another end, it's quite tricky as this means there will be a dependency on airplay for this. I will have to authenticate one connection and use that for RTSP afterwards (which doesn't match current design, but shouldn't be that hard to adhere to). Will have to think about this a bit.

Solution-wise, I would prefer if it just works assuming --airplay-credentials are provided with valid credentials.

Any other information to share?
No

[postlund]

By some happy-hacking, I've verified that the authentication performed in the AirPlay protocol also seems to work for RAOP. So I can use the same method to get that working, which is good. The not so nice thing though... In pyatv, I'm using aiohttp for HTTP requests. This works fine for AirPlay as that uses plain HTTP. It is however not possible to make custom requests with aiotthp, e.g. RTSP commands. So I'm stuck in the situation where I can do authentication but not RTSP or RTSP (with my own code) but not authentication (must happen on the same TCP connection, just to be clear). This is however fairly easy to fix as my RTSP implementation is good enough to handle the AirPlay commands. So I can basically rip out aiohttp and replace it with my RTSP implementation, assuming I generalize it a bit. It requires some additional work though.

Metadata generally seems to work fine, but like elsewhere it doesn't really care that a stream is playing. So it's stuck a 0 seconds in pause mode. Not sure if that is fixable or not.

One thing worth knowing is that playing something with play_url still breaks AirPlay beyond repair. RAOP streaming will fail with "Internal server error" after that command:

2021-05-21 13:36:28 DEBUG [pyatv.raop.rtsp]: Got RTSP response to 4: RtspResponse(code=500, message='Internal Server Error', headers={'Content-Length': '0', 'Server': 'AirTunes/540.31.41', 'CSeq': '4'}, body='', status=500, content_length=0):

Would be really nice to figure out why that is...

[postlund]

Not sure what to make out of this, but posting anyway:

fel	19:26:37.859478+0200	TVAirPlay	[AirPlayError] APReceiverSessionManagerAddSession:248: false condition
fel	19:26:37.859519+0200	TVAirPlay	[AirPlayError] airplayReqProcessor_requestProcessSetupSDPAudio:1712: got error -72241/0xFFFEE5CF
fel	19:26:37.859574+0200	TVAirPlay	[AirPlayError] _HTTPSetField:3609: got error -6705/0xFFFFE5CF kParamErr
fel	19:26:37.859616+0200	TVAirPlay	[AirPlayError] _ConvertReplyDictionaryToHTTPMessage:3683: got error -6705/0xFFFFE5CF kParamErr
fel	19:26:37.862996+0200	TVAirPlay	[AirPlayError] _RequestProcessorHandler:4154: got error 1/0x1 EPERM

Seems to complain about either some parameter or permission (EPERM).

[postlund]

I have no idea what to do, still feels like a bug in tvOS IMHO as MRP stops working after playing something with AirPlay. One thing to try is to implement transient pairing and see if that makes any difference.

[postlund]

Lots of hacking to get HomeKit in place for AirPlay and RAOP seems to suggest that it makes no difference. Need to do some additional tests though. Starting to suspect that the interface used for video playback via URL is considered deprecated/legacy and not very well maintained and/or properly regression tested by Apple...

[postlund]

Did another test (same one but rebooted the Apple TV to start plain) like this (always authed via HomeKit method):

• Streamed audio file
• Played a video from URL
• Streamed audio file again

The second time a streamed an audio file, I got the well-known "Internal server error" and MRP is broken again. I really don't like this...

[postlund]

Seems like other things stops working as well, like fetching app list. This is so broken.

[postlund]

I upgraded to tvOS 14.6, hoping for a change... At first try it seemed to work fine as I could use play_url followed by stream_url. But after calling play_url again it broke just like before. Same error in the log as well. So conclusion is that Apple didn't fix this in tvOS 14.5 or 14.6, so I'm staring to suspect they won't fix it all all. Not sure if anyone still uses this endpoint, so it's probably legacy enough for them to not care. It's too bad as the alternative is to stream video via RTSP, which most likely won't fly that good in python (would need bindings to some C implementation).

[postlund]

Despite the tiresome situation laid out above, I believe I have managed to refactor and implement support for the verification step in RAOP as well. So when AirPlay credentials are also passed to RAOP, the verification step will be performed and streaming will work on the Apple TV as well. I think I'm getting close enough for a proper release of 0.8.0 quite soon.