zishuo/rtsp-simple-server
1
0
Fork 0
mirror of https://github.com/aler9/rtsp-simple-server synced 2025-10-28 18:01:54 +08:00
Code Issues Packages Projects Releases Wiki Activity

External authentication support send url raw query

Browse Source 
Do some dynamic authentication, such as token
This commit is contained in:
ShiBen
2022-01-11 11:21:18 +08:00
committed by Alessandro Ros
parent b8bf747796
commit e3f63a43c9
6 changed files with 21 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/core/externalauth.go
View File

@@ -14,6 +14,7 @@ func externalAuth(
password string, password string,
path string, path string,
action string, action string,
query string,
) error { ) error {
enc, _ := json.Marshal(struct { enc, _ := json.Marshal(struct {
IP string `json:"ip"` IP string `json:"ip"`
@@ -21,12 +22,14 @@ func externalAuth(
Password string `json:"password"` Password string `json:"password"`
Path string `json:"path"` Path string `json:"path"`
Action string `json:"action"` Action string `json:"action"`
Query string `json:"query"`
}{ }{
IP: ip, IP: ip,
User: user, User: user,
Password: password, Password: password,
Path: path, Path: path,
Action: action, Action: action,
Query: query,
}) })
res, err := http.Post(ur, "application/json", bytes.NewReader(enc)) res, err := http.Post(ur, "application/json", bytes.NewReader(enc))
if err != nil { if err != nil {

3
internal/core/hls_muxer.go
View File

@@ -496,7 +496,8 @@ func (m *hlsMuxer) authenticate(req *http.Request) error {
user, user,
pass, pass,
m.pathName, m.pathName,
"read") "read",
req.URL.RawQuery)
if err != nil { if err != nil {
return pathErrAuthCritical{ return pathErrAuthCritical{
message: fmt.Sprintf("external authentication failed: %s", err), message: fmt.Sprintf("external authentication failed: %s", err),

16
internal/core/rtmp_conn.go
View File

@@ -29,12 +29,12 @@ const (
rtmpConnPauseAfterAuthError = 2 * time.Second rtmpConnPauseAfterAuthError = 2 * time.Second
) )
func pathNameAndQuery(inURL *url.URL) (string, url.Values) { func pathNameAndQuery(inURL *url.URL) (string, url.Values, string) {
// remove leading and trailing slashes inserted by OBS and some other clients // remove leading and trailing slashes inserted by OBS and some other clients
tmp := strings.TrimRight(inURL.String(), "/") tmp := strings.TrimRight(inURL.String(), "/")
ur, _ := url.Parse(tmp) ur, _ := url.Parse(tmp)
pathName := strings.TrimLeft(ur.Path, "/") pathName := strings.TrimLeft(ur.Path, "/")
return pathName, ur.Query() return pathName, ur.Query(), ur.RawQuery
} }
type rtmpConnTrackIDPayloadPair struct { type rtmpConnTrackIDPayloadPair struct {
@@ -217,7 +217,7 @@ func (c *rtmpConn) runInner(ctx context.Context) error {
} }
func (c *rtmpConn) runRead(ctx context.Context) error { func (c *rtmpConn) runRead(ctx context.Context) error {
pathName, query := pathNameAndQuery(c.conn.URL()) pathName, query, rawQuery := pathNameAndQuery(c.conn.URL())
res := c.pathManager.onReaderSetupPlay(pathReaderSetupPlayReq{ res := c.pathManager.onReaderSetupPlay(pathReaderSetupPlayReq{
author: c, author: c,
@@ -226,7 +226,7 @@ func (c *rtmpConn) runRead(ctx context.Context) error {
pathIPs []interface{}, pathIPs []interface{},
pathUser conf.Credential, pathUser conf.Credential,
pathPass conf.Credential) error { pathPass conf.Credential) error {
return c.authenticate(pathName, pathIPs, pathUser, pathPass, "read", query) return c.authenticate(pathName, pathIPs, pathUser, pathPass, "read", query, rawQuery)
}, },
}) })
@@ -462,7 +462,7 @@ func (c *rtmpConn) runPublish(ctx context.Context) error {
tracks = append(tracks, audioTrack) tracks = append(tracks, audioTrack)
} }
pathName, query := pathNameAndQuery(c.conn.URL()) pathName, query, rawQuery := pathNameAndQuery(c.conn.URL())
res := c.pathManager.onPublisherAnnounce(pathPublisherAnnounceReq{ res := c.pathManager.onPublisherAnnounce(pathPublisherAnnounceReq{
author: c, author: c,
@@ -471,7 +471,7 @@ func (c *rtmpConn) runPublish(ctx context.Context) error {
pathIPs []interface{}, pathIPs []interface{},
pathUser conf.Credential, pathUser conf.Credential,
pathPass conf.Credential) error { pathPass conf.Credential) error {
return c.authenticate(pathName, pathIPs, pathUser, pathPass, "publish", query) return c.authenticate(pathName, pathIPs, pathUser, pathPass, "publish", query, rawQuery)
}, },
}) })
@@ -599,6 +599,7 @@ func (c *rtmpConn) authenticate(
pathPass conf.Credential, pathPass conf.Credential,
action string, action string,
query url.Values, query url.Values,
rawQuery string,
) error { ) error {
if c.externalAuthenticationURL != "" { if c.externalAuthenticationURL != "" {
err := externalAuth( err := externalAuth(
@@ -607,7 +608,8 @@ func (c *rtmpConn) authenticate(
query.Get("user"), query.Get("user"),
query.Get("pass"), query.Get("pass"),
pathName, pathName,
action) action,
rawQuery)
if err != nil { if err != nil {
return pathErrAuthCritical{ return pathErrAuthCritical{
message: fmt.Sprintf("external authentication failed: %s", err), message: fmt.Sprintf("external authentication failed: %s", err),

6
internal/core/rtsp_conn.go
View File

@@ -108,6 +108,7 @@ func (c *rtspConn) authenticate(
pathPass conf.Credential, pathPass conf.Credential,
action string, action string,
req *base.Request, req *base.Request,
query string,
) error { ) error {
if c.externalAuthenticationURL != "" { if c.externalAuthenticationURL != "" {
username := "" username := ""
@@ -126,7 +127,8 @@ func (c *rtspConn) authenticate(
username, username,
password, password,
pathName, pathName,
action) action,
query)
if err != nil { if err != nil {
c.authFailures++ c.authFailures++
@@ -247,7 +249,7 @@ func (c *rtspConn) onDescribe(ctx *gortsplib.ServerHandlerOnDescribeCtx,
pathIPs []interface{}, pathIPs []interface{},
pathUser conf.Credential, pathUser conf.Credential,
pathPass conf.Credential) error { pathPass conf.Credential) error {
return c.authenticate(ctx.Path, pathIPs, pathUser, pathPass, "read", ctx.Req) return c.authenticate(ctx.Path, pathIPs, pathUser, pathPass, "read", ctx.Req, ctx.Query)
}, },
}) })

4
internal/core/rtsp_session.go
View File

@@ -161,7 +161,7 @@ func (s *rtspSession) onAnnounce(c *rtspConn, ctx *gortsplib.ServerHandlerOnAnno
pathIPs []interface{}, pathIPs []interface{},
pathUser conf.Credential, pathUser conf.Credential,
pathPass conf.Credential) error { pathPass conf.Credential) error {
return c.authenticate(ctx.Path, pathIPs, pathUser, pathPass, "publish", ctx.Req) return c.authenticate(ctx.Path, pathIPs, pathUser, pathPass, "publish", ctx.Req, ctx.Query)
}, },
}) })
@@ -220,7 +220,7 @@ func (s *rtspSession) onSetup(c *rtspConn, ctx *gortsplib.ServerHandlerOnSetupCt
pathIPs []interface{}, pathIPs []interface{},
pathUser conf.Credential, pathUser conf.Credential,
pathPass conf.Credential) error { pathPass conf.Credential) error {
return c.authenticate(ctx.Path, pathIPs, pathUser, pathPass, "read", ctx.Req) return c.authenticate(ctx.Path, pathIPs, pathUser, pathPass, "read", ctx.Req, ctx.Query)
}, },
}) })

1
rtsp-simple-server.yml
View File

@@ -26,6 +26,7 @@ readBufferCount: 512
# "password": "password", # "password": "password",
# "path": "path", # "path": "path",
# "action": "read|publish" # "action": "read|publish"
# "query": "url's raw query"
# } # }
# If the response code is 20x, authentication is accepted, otherwise # If the response code is 20x, authentication is accepted, otherwise
# it is discarded. # it is discarded.