implement voip/turnServer API endpoint (#323)
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
This commit is contained in:
parent
b7cfc2e057
commit
90396b5620
|
@ -54,6 +54,24 @@ media:
|
||||||
height: 600
|
height: 600
|
||||||
method: scale
|
method: scale
|
||||||
|
|
||||||
|
# The config for the TURN server
|
||||||
|
turn:
|
||||||
|
# Whether or not guests can request TURN credentials
|
||||||
|
turn_allow_guests: true
|
||||||
|
# How long the authorization should last
|
||||||
|
turn_user_lifetime: "1h"
|
||||||
|
# The list of TURN URIs to pass to clients
|
||||||
|
turn_uris: []
|
||||||
|
|
||||||
|
# Authorization via Shared Secret
|
||||||
|
# The shared secret from coturn
|
||||||
|
turn_shared_secret: "<SECRET STRING GOES HERE>"
|
||||||
|
|
||||||
|
# Authorization via Static Username & Password
|
||||||
|
# Hardcoded Username and Password
|
||||||
|
turn_username: ""
|
||||||
|
turn_password: ""
|
||||||
|
|
||||||
# The config for communicating with kafka
|
# The config for communicating with kafka
|
||||||
kafka:
|
kafka:
|
||||||
# Where the kafka servers are running.
|
# Where the kafka servers are running.
|
||||||
|
|
|
@ -284,12 +284,8 @@ func Setup(
|
||||||
).Methods("PUT", "OPTIONS")
|
).Methods("PUT", "OPTIONS")
|
||||||
|
|
||||||
r0mux.Handle("/voip/turnServer",
|
r0mux.Handle("/voip/turnServer",
|
||||||
common.MakeExternalAPI("turn_server", func(req *http.Request) util.JSONResponse {
|
common.MakeAuthAPI("turn_server", deviceDB, func(req *http.Request, device *authtypes.Device) util.JSONResponse {
|
||||||
// TODO: Return credentials for a turn server if one is configured.
|
return RequestTurnServer(req, device, cfg)
|
||||||
return util.JSONResponse{
|
|
||||||
Code: 200,
|
|
||||||
JSON: struct{}{},
|
|
||||||
}
|
|
||||||
}),
|
}),
|
||||||
).Methods("GET")
|
).Methods("GET")
|
||||||
|
|
||||||
|
|
85
src/github.com/matrix-org/dendrite/clientapi/routing/voip.go
Normal file
85
src/github.com/matrix-org/dendrite/clientapi/routing/voip.go
Normal file
|
@ -0,0 +1,85 @@
|
||||||
|
// Copyright 2017 Michael Telatysnki <7t3chguy@gmail.com>
|
||||||
|
//
|
||||||
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
||||||
|
// you may not use this file except in compliance with the License.
|
||||||
|
// You may obtain a copy of the License at
|
||||||
|
//
|
||||||
|
// http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
//
|
||||||
|
// Unless required by applicable law or agreed to in writing, software
|
||||||
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
||||||
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||||
|
// See the License for the specific language governing permissions and
|
||||||
|
// limitations under the License.
|
||||||
|
|
||||||
|
package routing
|
||||||
|
|
||||||
|
import (
|
||||||
|
"net/http"
|
||||||
|
|
||||||
|
"crypto/hmac"
|
||||||
|
"crypto/sha1"
|
||||||
|
"encoding/base64"
|
||||||
|
"fmt"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
||||||
|
"github.com/matrix-org/dendrite/common/config"
|
||||||
|
"github.com/matrix-org/util"
|
||||||
|
"github.com/matrix-org/dendrite/clientapi/httputil"
|
||||||
|
)
|
||||||
|
|
||||||
|
type turnServerResponse struct {
|
||||||
|
Username string `json:"username"`
|
||||||
|
Password string `json:"password"`
|
||||||
|
URIs []string `json:"uris"`
|
||||||
|
TTL int `json:"ttl"`
|
||||||
|
}
|
||||||
|
|
||||||
|
// RequestTurnServer implements:
|
||||||
|
// GET /voip/turnServer
|
||||||
|
func RequestTurnServer(req *http.Request, device *authtypes.Device, cfg config.Dendrite) util.JSONResponse {
|
||||||
|
turnConfig := cfg.TURN
|
||||||
|
|
||||||
|
// TODO Guest Support
|
||||||
|
if len(turnConfig.URIs) == 0 || turnConfig.UserLifetime == "" {
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: 200,
|
||||||
|
JSON: struct{}{},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Duration checked at startup, err not possible
|
||||||
|
duration, _ := time.ParseDuration(turnConfig.UserLifetime)
|
||||||
|
|
||||||
|
resp := turnServerResponse{
|
||||||
|
URIs: turnConfig.URIs,
|
||||||
|
TTL: int(duration.Seconds()),
|
||||||
|
}
|
||||||
|
|
||||||
|
if turnConfig.SharedSecret != "" {
|
||||||
|
expiry := time.Now().Add(duration).Unix()
|
||||||
|
mac := hmac.New(sha1.New, []byte(turnConfig.SharedSecret))
|
||||||
|
_, err := mac.Write([]byte(resp.Username))
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return httputil.LogThenError(req, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
resp.Username = fmt.Sprintf("%d:%s", expiry, device.UserID)
|
||||||
|
resp.Password = base64.StdEncoding.EncodeToString(mac.Sum(nil))
|
||||||
|
} else if turnConfig.Username != "" && turnConfig.Password != "" {
|
||||||
|
resp.Username = turnConfig.Username
|
||||||
|
resp.Password = turnConfig.Password
|
||||||
|
} else {
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: 200,
|
||||||
|
JSON: struct{}{},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return util.JSONResponse{
|
||||||
|
Code: 200,
|
||||||
|
JSON: resp,
|
||||||
|
}
|
||||||
|
}
|
|
@ -150,6 +150,26 @@ type Dendrite struct {
|
||||||
PublicRoomsAPI DataSource `yaml:"public_rooms_api"`
|
PublicRoomsAPI DataSource `yaml:"public_rooms_api"`
|
||||||
} `yaml:"database"`
|
} `yaml:"database"`
|
||||||
|
|
||||||
|
// TURN Server Config
|
||||||
|
TURN struct {
|
||||||
|
// TODO Guest Support
|
||||||
|
// Whether or not guests can request TURN credentials
|
||||||
|
//AllowGuests bool `yaml:"turn_allow_guests"`
|
||||||
|
// How long the authorization should last
|
||||||
|
UserLifetime string `yaml:"turn_user_lifetime"`
|
||||||
|
// The list of TURN URIs to pass to clients
|
||||||
|
URIs []string `yaml:"turn_uris"`
|
||||||
|
|
||||||
|
// Authorization via Shared Secret
|
||||||
|
// The shared secret from coturn
|
||||||
|
SharedSecret string `yaml:"turn_shared_secret"`
|
||||||
|
|
||||||
|
// Authorization via Static Username & Password
|
||||||
|
// Hardcoded Username and Password
|
||||||
|
Username string `yaml:"turn_username"`
|
||||||
|
Password string `yaml:"turn_password"`
|
||||||
|
}
|
||||||
|
|
||||||
// The internal addresses the components will listen on.
|
// The internal addresses the components will listen on.
|
||||||
// These should not be exposed externally as they expose metrics and debugging APIs.
|
// These should not be exposed externally as they expose metrics and debugging APIs.
|
||||||
Listen struct {
|
Listen struct {
|
||||||
|
@ -341,10 +361,20 @@ func (config *Dendrite) check(monolithic bool) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
checkValidDuration := func(key, value string) {
|
||||||
|
if _, err := time.ParseDuration(config.TURN.UserLifetime); err != nil {
|
||||||
|
problems = append(problems, fmt.Sprintf("invalid duration for config key %q: %s", key, value))
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
checkNotEmpty("matrix.server_name", string(config.Matrix.ServerName))
|
checkNotEmpty("matrix.server_name", string(config.Matrix.ServerName))
|
||||||
checkNotEmpty("matrix.private_key", string(config.Matrix.PrivateKeyPath))
|
checkNotEmpty("matrix.private_key", string(config.Matrix.PrivateKeyPath))
|
||||||
checkNotZero("matrix.federation_certificates", int64(len(config.Matrix.FederationCertificatePaths)))
|
checkNotZero("matrix.federation_certificates", int64(len(config.Matrix.FederationCertificatePaths)))
|
||||||
|
|
||||||
|
if config.TURN.UserLifetime != "" {
|
||||||
|
checkValidDuration("turn.turn_user_lifetime", config.TURN.UserLifetime)
|
||||||
|
}
|
||||||
|
|
||||||
checkNotEmpty("media.base_path", string(config.Media.BasePath))
|
checkNotEmpty("media.base_path", string(config.Media.BasePath))
|
||||||
checkPositive("media.max_file_size_bytes", int64(*config.Media.MaxFileSizeBytes))
|
checkPositive("media.max_file_size_bytes", int64(*config.Media.MaxFileSizeBytes))
|
||||||
checkPositive("media.max_thumbnail_generators", int64(config.Media.MaxThumbnailGenerators))
|
checkPositive("media.max_thumbnail_generators", int64(config.Media.MaxThumbnailGenerators))
|
||||||
|
|
Loading…
Reference in a new issue