Skip to content

Commit

Permalink
Add callback for TURN authentication success
Browse files Browse the repository at this point in the history
  • Loading branch information
renandincer committed Aug 21, 2024
1 parent 50e1d52 commit c9d861e
Show file tree
Hide file tree
Showing 5 changed files with 25 additions and 1 deletion.
1 change: 1 addition & 0 deletions internal/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ type Request struct {

// User Configuration
AuthHandler func(username string, realm string, srcAddr net.Addr) (key []byte, ok bool)
AuthSuccess func(username string, realm string, srcAddr net.Addr)
Log logging.LeveledLogger
Realm string
ChannelBindTimeout time.Duration
Expand Down
12 changes: 11 additions & 1 deletion internal/server/turn_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,8 @@ func TestAllocationLifeTime(t *testing.T) {
staticKey, err := nonceHash.Generate()
assert.NoError(t, err)

authSuccessCallbackTimes := 0

r := Request{
AllocationManager: allocationManager,
NonceHash: nonceHash,
Expand All @@ -93,13 +95,16 @@ func TestAllocationLifeTime(t *testing.T) {
AuthHandler: func(string, string, net.Addr) (key []byte, ok bool) {
return []byte(staticKey), true
},

AuthSuccess: func(username string, realm string, srcAddr net.Addr) {
authSuccessCallbackTimes++
},
}

fiveTuple := &allocation.FiveTuple{SrcAddr: r.SrcAddr, DstAddr: r.Conn.LocalAddr(), Protocol: allocation.UDP}

_, err = r.AllocationManager.CreateAllocation(fiveTuple, r.Conn, 0, time.Hour)
assert.NoError(t, err)

assert.NotNil(t, r.AllocationManager.GetAllocation(fiveTuple))

m := &stun.Message{}
Expand All @@ -109,7 +114,12 @@ func TestAllocationLifeTime(t *testing.T) {
assert.NoError(t, (stun.Realm(staticKey)).AddTo(m))
assert.NoError(t, (stun.Username(staticKey)).AddTo(m))

assert.NoError(t, handleCreatePermissionRequest(r, m))
assert.Equal(t, 1, authSuccessCallbackTimes)

assert.NoError(t, handleRefreshRequest(r, m))
assert.Equal(t, 2, authSuccessCallbackTimes)

assert.Nil(t, r.AllocationManager.GetAllocation(fiveTuple))
})
}
4 changes: 4 additions & 0 deletions internal/server/util.go
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,10 @@ func authenticateRequest(r Request, m *stun.Message, callingMethod stun.Method)
return nil, false, buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...)
}

if r.AuthSuccess != nil {
r.AuthSuccess(usernameAttr.String(), realmAttr.String(), r.SrcAddr)
}

return stun.MessageIntegrity(ourKey), true, nil
}

Expand Down
3 changes: 3 additions & 0 deletions server.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ const (
type Server struct {
log logging.LeveledLogger
authHandler AuthHandler
authSuccess AuthCallback
realm string
channelBindTimeout time.Duration
nonceHash *server.NonceHash
Expand Down Expand Up @@ -60,6 +61,7 @@ func NewServer(config ServerConfig) (*Server, error) {
s := &Server{
log: loggerFactory.NewLogger("turn"),
authHandler: config.AuthHandler,
authSuccess: config.AuthSuccess,
realm: config.Realm,
channelBindTimeout: config.ChannelBindTimeout,
packetConnConfigs: config.PacketConnConfigs,
Expand Down Expand Up @@ -221,6 +223,7 @@ func (s *Server) readLoop(p net.PacketConn, allocationManager *allocation.Manage
Buff: buf[:n],
Log: s.log,
AuthHandler: s.authHandler,
AuthSuccess: s.authSuccess,
Realm: s.realm,
AllocationManager: allocationManager,
ChannelBindTimeout: s.channelBindTimeout,
Expand Down
6 changes: 6 additions & 0 deletions server_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,6 +96,9 @@ func (c *ListenerConfig) validate() error {
// AuthHandler is a callback used to handle incoming auth requests, allowing users to customize Pion TURN with custom behavior
type AuthHandler func(username, realm string, srcAddr net.Addr) (key []byte, ok bool)

// AuthCallback is a callback used to inform users about the success of authentication events to the server
type AuthCallback func(username, realm string, srcAddr net.Addr)

// GenerateAuthKey is a convenience function to easily generate keys in the format used by AuthHandler
func GenerateAuthKey(username, realm, password string) []byte {
// #nosec
Expand All @@ -120,6 +123,9 @@ type ServerConfig struct {
// AuthHandler is a callback used to handle incoming auth requests, allowing users to customize Pion TURN with custom behavior
AuthHandler AuthHandler

// AuthCallback is a callback used to notify users of successful authentication to the TURN server
AuthSuccess AuthCallback

// ChannelBindTimeout sets the lifetime of channel binding. Defaults to 10 minutes.
ChannelBindTimeout time.Duration

Expand Down

0 comments on commit c9d861e

Please sign in to comment.