apps/core
1
0
Fork 0
mirror of https://github.com/datarhei/core.git synced 2025-10-06 00:17:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Loosen restrictions for IAM user names

Browse Source 
The only restriction for an IAM username is that it cannot start with
a '$'. An username that contains a ':' must escape it with another ':'
for use in a token for RTMP or SRT.
This commit is contained in:
Ingo Oppermann
2023-06-26 13:49:53 +02:00
parent 6f47f96f6e
commit abfe4918b4
8 changed files with 124 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
srt/srt.go
View File

@@ -10,6 +10,7 @@ import (
"time"
"github.com/datarhei/core/v16/cluster/proxy"
enctoken "github.com/datarhei/core/v16/encoding/token"
"github.com/datarhei/core/v16/iam"
iamidentity "github.com/datarhei/core/v16/iam/identity"
"github.com/datarhei/core/v16/log"
@@ -493,15 +494,11 @@ func (s *server) findIdentityFromToken(key string) (string, error) {
var identity iamidentity.Verifier
var err error
var token string
before, after, found := strings.Cut(key, ":")
if !found {
username, token := enctoken.Unmarshal(key)
if len(username) == 0 {
identity = s.iam.GetDefaultVerifier()
token = before
} else {
identity, err = s.iam.GetVerifier(before)
token = after
identity, err = s.iam.GetVerifier(username)
}
if err != nil {