zishuo/rtsp-simple-server
1
0
Fork 0
mirror of https://github.com/aler9/rtsp-simple-server synced 2025-10-08 17:10:18 +08:00
Code Issues Packages Projects Releases Wiki Activity

Send additional fields to the external authentication URL (#1408)

Browse Source 
* send 'protocol' to the external authentication URL

* send session ID to the external authentication URL
This commit is contained in:
Alessandro Ros
2023-01-22 19:48:33 +01:00
committed by GitHub
parent ef214b7649
commit b02d3b83c7
10 changed files with 53 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@@ -264,7 +264,10 @@ Each time a user needs to be authenticated, the specified URL will be requested
"user": "user",
"password": "password",
"path": "path",
"action": "read|publish"
"protocol": "rtsp|rtmp|hls|webrtc",
"id": "id",
"action": "read|publish",
"query": "query"
}
```

32
internal/core/externalauth.go
View File

@@ -5,6 +5,17 @@ import (
"encoding/json"
"fmt"
"net/http"
"github.com/google/uuid"
)
type externalAuthProto string
const (
externalAuthProtoRTSP externalAuthProto = "rtsp"
externalAuthProtoRTMP externalAuthProto = "rtmp"
externalAuthProtoHLS externalAuthProto = "hls"
externalAuthProtoWebRTC externalAuthProto = "webrtc"
)
func externalAuth(
@@ -13,23 +24,28 @@ func externalAuth(
user string,
password string,
path string,
isPublishing bool,
protocol externalAuthProto,
id *uuid.UUID,
publish bool,
query string,
) error {
enc, _ := json.Marshal(struct {
IP string `json:"ip"`
User string `json:"user"`
Password string `json:"password"`
Path string `json:"path"`
Action string `json:"action"`
Query string `json:"query"`
IP string `json:"ip"`
User string `json:"user"`
Password string `json:"password"`
Path string `json:"path"`
Protocol string `json:"protocol"`
ID *uuid.UUID `json:"id"`
Action string `json:"action"`
Query string `json:"query"`
}{
IP: ip,
User: user,
Password: password,
Path: path,
Protocol: string(protocol),
Action: func() string {
if isPublishing {
if publish {
return "publish"
}
return "read"

2
internal/core/hls_muxer.go
View File

@@ -570,6 +570,8 @@ func (m *hlsMuxer) authenticate(ctx *gin.Context) error {
user,
pass,
m.pathName,
externalAuthProtoHLS,
nil,
false,
ctx.Request.URL.RawQuery)
if err != nil {

10
internal/core/hls_server_test.go
View File

@@ -12,19 +12,21 @@ import (
)
type testHTTPAuthenticator struct {
action string
protocol string
action string
s *http.Server
}
func newTestHTTPAuthenticator(action string) (*testHTTPAuthenticator, error) {
func newTestHTTPAuthenticator(protocol string, action string) (*testHTTPAuthenticator, error) {
ln, err := net.Listen("tcp", "127.0.0.1:9120")
if err != nil {
return nil, err
}
ts := &testHTTPAuthenticator{
action: action,
protocol: protocol,
action: action,
}
router := gin.New()
@@ -46,6 +48,7 @@ func (ts *testHTTPAuthenticator) onAuth(ctx *gin.Context) {
User string `json:"user"`
Password string `json:"password"`
Path string `json:"path"`
Protocol string `json:"protocol"`
Action string `json:"action"`
Query string `json:"query"`
}
@@ -66,6 +69,7 @@ func (ts *testHTTPAuthenticator) onAuth(ctx *gin.Context) {
in.User != user ||
in.Password != "testpass" ||
in.Path != "teststream" ||
in.Protocol != ts.protocol ||
in.Action != ts.action ||
(in.Query != "user=testreader&pass=testpass&param=value" &&
in.Query != "user=testpublisher&pass=testpass&param=value" &&

2
internal/core/rtmp_conn.go
View File

@@ -640,6 +640,8 @@ func (c *rtmpConn) authenticate(
query.Get("user"),
query.Get("pass"),
pathName,
externalAuthProtoRTMP,
&c.uuid,
isPublishing,
rawQuery)
if err != nil {

6
internal/core/rtmp_server_test.go
View File

@@ -176,7 +176,7 @@ func TestRTMPServerAuth(t *testing.T) {
var a *testHTTPAuthenticator
if ca == "external" {
var err error
a, err = newTestHTTPAuthenticator("publish")
a, err = newTestHTTPAuthenticator("rtmp", "publish")
require.NoError(t, err)
}
@@ -211,7 +211,7 @@ func TestRTMPServerAuth(t *testing.T) {
if ca == "external" {
a.close()
a, err = newTestHTTPAuthenticator("read")
a, err = newTestHTTPAuthenticator("rtmp", "read")
require.NoError(t, err)
defer a.close()
}
@@ -296,7 +296,7 @@ func TestRTMPServerAuthFail(t *testing.T) {
require.Equal(t, true, ok)
defer p.Close()
a, err := newTestHTTPAuthenticator("publish")
a, err := newTestHTTPAuthenticator("rtmp", "publish")
require.NoError(t, err)
defer a.close()

2
internal/core/rtsp_conn.go
View File

@@ -139,6 +139,8 @@ func (c *rtspConn) authenticate(
username,
password,
path,
externalAuthProtoRTSP,
&c.uuid,
isPublishing,
query)
if err != nil {

6
internal/core/rtsp_server_test.go
View File

@@ -42,7 +42,7 @@ func TestRTSPServerAuth(t *testing.T) {
var a *testHTTPAuthenticator
if ca == "external" {
var err error
a, err = newTestHTTPAuthenticator("publish")
a, err = newTestHTTPAuthenticator("rtsp", "publish")
require.NoError(t, err)
}
@@ -59,7 +59,7 @@ func TestRTSPServerAuth(t *testing.T) {
if ca == "external" {
a.close()
var err error
a, err = newTestHTTPAuthenticator("read")
a, err = newTestHTTPAuthenticator("rtsp", "read")
require.NoError(t, err)
defer a.close()
}
@@ -226,7 +226,7 @@ func TestRTSPServerAuthFail(t *testing.T) {
require.Equal(t, true, ok)
defer p.Close()
a, err := newTestHTTPAuthenticator("publish")
a, err := newTestHTTPAuthenticator("rtsp", "publish")
require.NoError(t, err)
defer a.close()

2
internal/core/webrtc_server.go
View File

@@ -436,6 +436,8 @@ func (s *webRTCServer) authenticate(pa *path, ctx *gin.Context) error {
user,
pass,
pa.name,
externalAuthProtoWebRTC,
nil,
false,
ctx.Request.URL.RawQuery)
if err != nil {

6
rtsp-simple-server.yml
View File

@@ -25,8 +25,10 @@ readBufferCount: 512
# "user": "user",
# "password": "password",
# "path": "path",
# "action": "read|publish"
# "query": "url's raw query"
# "protocol": "rtsp|rtmp|hls|webrtc",
# "id": "id",
# "action": "read|publish",
# "query": "query"
# }
# If the response code is 20x, authentication is accepted, otherwise
# it is discarded.