WIP - kick-support

[Zibbp]

Publishing some ground work for Kick I worked on a few months ago. This is not functional at all. Maybe I'll pick this up again in the future.

[gemini-code-assist]

Summary of Changes

Hello @Zibbp, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request lays the groundwork for integrating Kick as a supported streaming platform. It extends the application's data models, backend services, and frontend interface to recognize and interact with Kick, enabling future features like archiving Kick live streams and their associated chat. While marked as 'Work In Progress' and not yet fully functional, it establishes the necessary infrastructure for comprehensive Kick support.

Highlights

• Kick Platform Integration: Introduced foundational support for the Kick streaming platform across the application, enabling future archiving capabilities.
• Database Schema Update: The platform enum in the database schema (ent/migrate/schema.go) and its validator (ent/vod/vod.go) have been updated to include 'kick' as a supported video platform.
• Frontend UI Enhancements: The archive page (frontend/app/archive/page.tsx) now includes a platform selection dropdown, allowing users to choose between Twitch and Kick for archiving. The container size was also increased for better layout.
• Backend Service Extension: The archive service (internal/archive/archive.go) and ytdlp service (internal/exec/ytdlp/ytdlp.go) have been modified to handle Kick-specific logic for retrieving live stream information and processing video details. New environment variables (KICK_CLIENT_ID, KICK_CLIENT_SECRET) have been added for Kick API authentication.
• Kick-Specific Video and Chat Downloaders: New execution functions (internal/exec/exec_kick.go) have been added to handle downloading live video streams using yt-dlp and live chat via WebSocket for the Kick platform. Dedicated Kick API structures and connection logic (internal/platform/kick.go, internal/platform/kick_api.go, internal/platform/kick_connection.go) are also introduced.
• Task Worker Updates: The chat, live_chat, and live_video workers (internal/tasks/chat.go, internal/tasks/live_chat.go, internal/tasks/live_video.go) now dynamically select the appropriate platform service based on the video's platform, allowing for Kick-specific download and conversion processes. The PlatformFromContext utility has been updated to support this.
• Chat Conversion for Kick: A new utility function (internal/utils/tdl.go) has been implemented to convert Kick WebSocket chat data into the TDL (TwitchDownloader) chat format for rendering, including handling of emotes.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

General fix:
User-controlled file paths must be validated before being used in any filesystem operations, to avoid unauthorized file access or modification. This can be achieved by checking that the user-supplied file path is within a "safe" (whitelisted) directory.

Detailed fix:

• Clearly define a safe directory (e.g., a temp or uploads folder) in configuration, and ensure all file inputs must reside within that directory.
• Before using the path, combine it with the safe directory, normalize and resolve it using filepath.Abs/filepath.Clean, and ensure the result actually remains within the safe root.
• Reject any input not confined to the safe directory.
• Implement this check at the entry point—most robustly in ConvertKickWebSocketChatToTDLChat—before passing the path along, but you could also defensively check in ConvertNDJSONToJSONArrayInPlace.
• You will need to import path/filepath and strings (if not already present in the target file).

Specific changes:

• Edit internal/utils/tdl.go, in the function ConvertKickWebSocketChatToTDLChat (lines 345–352), to validate the path argument before using it. You might add new parameters like a safe root or retrieve it from config.
• Alternatively, do the validation at the start of ConvertNDJSONToJSONArrayInPlace in internal/utils/chat.go, but to match best practice, validate as early as possible.

---

To safely use user-provided paths in filesystem operations, the code must strictly validate or restrict the user input. The most broadly-applicable method is to ensure that any path provided:

• Is a filename only (no slashes or ".." segments, if that is the intended use), or
• If it is a path, it must always be resolved within a safe directory.

In this context, since the input is coming untrusted from the HTTP API and used directly, the correct fix is:

1. Restrict filePath in ConvertNDJSONToJSONArrayInPlace to ensure it is always within a designated "safe directory" (such as a temp directory or application-data directory).
2. Accomplish this by resolving the absolute location of the candidate file, and checking its prefix against the safe directory's absolute path. If the check fails, return an error and abort.
3. This check must be implemented at the entry-point function, before any sensitive file operations are performed.
4. This will require knowledge of the intended safe directory (this can be injected via parameter, or can be hardcoded/configured as required).

Because of the function signature, the cleanest fix is to add such a check into ConvertNDJSONToJSONArrayInPlace itself, perhaps using an environment variable or config for the safe directory.

Changes required:

• Add package import(s) for path/filepath and possibly os if not present.
• Define a safe base directory for all chat file operations. For demonstration, use os.TempDir() or, if available via config, the proper temp/work directory.
• In ConvertNDJSONToJSONArrayInPlace, resolve and check that filePath (and thus also tmpPath) both reside within the safe directory before further operations.
• Return an error if the check fails.

No change to functionality is made for legitimate (well-formed) user input, but malicious paths will now be rejected.

---

General approach:
User-controlled paths must never be used directly in filesystem operations without ensuring they cannot be manipulated to access or modify files outside of a safe directory. The best solution is to validate that the provided path is strictly within a designated temporary or upload folder (e.g., envConfig.TempDir), after resolving symlinks and normalizing the input. Reject any input that fails this check.

Detailed fix:

• In the handler (ConvertKickChat), validate that body.LiveChatPath does not contain any absolute or parent directory navigation, and that the resolved absolute path (when joined with the intended base directory) starts with the safe base directory. If the input fails this check, return an error.
• Only allow access to files inside a pre-configured directory such as envConfig.TempDir.
• No changes are needed in downstream functions (ConvertKickWebSocketChatToTDLChat, ConvertNDJSONToJSONArrayInPlace) as long as the input is validated up front.

Files/Regions to change:

• Edit internal/transport/http/archive.go, in the ConvertKickChat handler, immediately after extracting the body.LiveChatPath value, to validate and restrict it.
• Add necessary import lines if missing (e.g., path/filepath, strings).

---

To fix this issue, you must ensure that any path constructed from HTTP request data (here, body.LiveChatPath / path in subsequent calls) is validated before being used as a file path. The best way is to ensure the resolved absolute path is contained within an intended safe directory for chat files, using filepath.Abs and checking prefix with the safe directory’s absolute path (which must also be absolute). This check should be placed at the earliest opportunity before the path is passed to file APIs—in this case, within ConvertKickWebSocketChatToTDLChat just before any filesystem operations, since we’re limited to code in internal/utils/tdl.go and internal/utils/chat.go. Additionally, we should propagate the error up so the HTTP handler can report it as a bad request. You will need to:

• Choose (or determine from context) a safe base directory for chat files, and resolve paths relative to it.
• Import "path/filepath" and "strings" in internal/utils/tdl.go if needed.
• Validate that the requested path’s absolute path is within the safe directory.
• Return an error if validation fails.

To fix the problem, we must restrict the user-supplied path argument so that it cannot escape a "safe directory" intended for temporary chat files (as alluded to in other usages of envConfig.TempDir). The best way is to resolve the path with respect to the intended directory (e.g., the application's temp directory) and ensure the resulting path stays within that directory. This involves joining the provided relative path to the safe base directory, resolving the absolute path, and checking the prefix. If the base directory is not always absolute, resolve it first.

Edit regions:

• internal/utils/live_chat.go: Edit the OpenKickLiveChatFile function to take a baseDir argument and validate the user input. The path is always constructed by joining this directory with the filename.
• internal/utils/tdl.go: Update ConvertKickWebSocketChatToTDLChat and any callsites to pass the correct base directory to OpenKickLiveChatFile.
• Possibly update the HTTP handler to ensure the base directory is given.

Required:

• Import path/filepath and strings into files where used.
• Validation code to ensure the path stays within the intended directory.
• Change usages accordingly.