Mercurial > prosody-modules
annotate mod_turncredentials/mod_turncredentials.lua @ 1268:854a3933cfcd
mod_muc_log_http: URL-encode room names. This allows special characters in room names to work. Ideally this escaping shouldn’t be done in the user visible content, but the module’s template system doesn’t currently allow that.
| author | Waqas Hussain <waqas20@gmail.com> |
|---|---|
| date | Sat, 04 Jan 2014 16:50:57 -0500 |
| parents | a18effacd384 |
| children | 853a382c9bd6 |
| rev | line source |
|---|---|
|
1059
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
1 -- XEP-0215 implementation for time-limited turn credentials |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
2 -- Copyright (C) 2012-2013 Philipp Hancke |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
3 -- This file is MIT/X11 licensed. |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
4 |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
5 local st = require "util.stanza"; |
|
1108
2da546139cb5
mod_turncredentials: Import HMAC from util.hashes
Kim Alvefur <zash@zash.se>
parents:
1059
diff
changeset
|
6 local hmac_sha1 = require "util.hashes".hmac_sha1; |
|
1059
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
7 local base64 = require "util.encodings".base64; |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
8 local os_time = os.time; |
|
1169
0ae2c250f274
mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents:
1168
diff
changeset
|
9 local secret = module:get_option_string("turncredentials_secret"); |
|
0ae2c250f274
mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents:
1168
diff
changeset
|
10 local host = module:get_option_string("turncredentials_host"); -- use ip addresses here to avoid further dns lookup latency |
|
0ae2c250f274
mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents:
1168
diff
changeset
|
11 local port = module:get_option_number("turncredentials_port", 3478); |
|
0ae2c250f274
mod_turncredentials: Use type-specific get_option() methods where appropriate, and pass in default values
Matthew Wild <mwild1@gmail.com>
parents:
1168
diff
changeset
|
12 local ttl = module:get_option_number("turncredentials_ttl", 86400); |
|
1059
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
13 if not (secret and host) then |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
14 module:log("error", "turncredentials not configured"); |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
15 return; |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
16 end |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
17 |
|
1170
6695c3098025
mod_turncredentials: Use iq-get event, to save checking attr.type manually
Matthew Wild <mwild1@gmail.com>
parents:
1169
diff
changeset
|
18 module:hook("iq-get/host/urn:xmpp:extdisco:1:services", function(event) |
|
1059
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
19 local origin, stanza = event.origin, event.stanza; |
|
1171
a18effacd384
mod_turncredentials: No need to check tag name, we're already in the event handler for the 'services' tag
Matthew Wild <mwild1@gmail.com>
parents:
1170
diff
changeset
|
20 if origin.type ~= "c2s" then |
|
1059
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
21 return; |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
22 end |
|
1168
0b6b33688b75
mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
1108
diff
changeset
|
23 local now = os_time() + ttl; |
|
1059
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
24 local userpart = tostring(now); |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
25 local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false)); |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
26 origin.send(st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"}) |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
27 :tag("service", { type = "stun", host = host, port = port }):up() |
|
1168
0b6b33688b75
mod_turncredentials: use smarter timestamp expiry from draft-uberti-behave-turn-rest-00
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
1108
diff
changeset
|
28 :tag("service", { type = "turn", host = host, port = port, username = userpart, password = nonce, ttl = ttl}):up() |
|
1059
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
29 ); |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
30 return true; |
|
95ab35ef52ba
mod_turncredentials: XEP-0215 implementation for time-limited turn credentials
Philipp Hancke <fippo@goodadvice.pages.de>
parents:
diff
changeset
|
31 end); |