From 31444033d3967f2e0ec41fca7480d4e7bbb62c13 Mon Sep 17 00:00:00 2001 From: Renan Dincer Date: Mon, 15 Jul 2024 21:04:38 -0400 Subject: [PATCH] Add callback for TURN authentication success --- internal/server/server.go | 1 + internal/server/turn_test.go | 12 +++++++++++- internal/server/util.go | 4 ++++ server.go | 1 + server_config.go | 3 +++ 5 files changed, 20 insertions(+), 1 deletion(-) diff --git a/internal/server/server.go b/internal/server/server.go index ad27f45b..485a092c 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -28,6 +28,7 @@ type Request struct { // User Configuration AuthHandler func(username string, realm string, srcAddr net.Addr) (key []byte, ok bool) + OnAuthSuccess func(username string, realm string, srcAddr net.Addr) Log logging.LeveledLogger Realm string ChannelBindTimeout time.Duration diff --git a/internal/server/turn_test.go b/internal/server/turn_test.go index 2590ab6e..07424be2 100644 --- a/internal/server/turn_test.go +++ b/internal/server/turn_test.go @@ -84,6 +84,8 @@ func TestAllocationLifeTime(t *testing.T) { staticKey, err := nonceHash.Generate() assert.NoError(t, err) + authSuccessCallbackTimes := 0 + r := Request{ AllocationManager: allocationManager, NonceHash: nonceHash, @@ -93,13 +95,16 @@ func TestAllocationLifeTime(t *testing.T) { AuthHandler: func(string, string, net.Addr) (key []byte, ok bool) { return []byte(staticKey), true }, + + OnAuthSuccess: func(username string, realm string, srcAddr net.Addr) { + authSuccessCallbackTimes++ + }, } fiveTuple := &allocation.FiveTuple{SrcAddr: r.SrcAddr, DstAddr: r.Conn.LocalAddr(), Protocol: allocation.UDP} _, err = r.AllocationManager.CreateAllocation(fiveTuple, r.Conn, 0, time.Hour) assert.NoError(t, err) - assert.NotNil(t, r.AllocationManager.GetAllocation(fiveTuple)) m := &stun.Message{} @@ -109,7 +114,12 @@ func TestAllocationLifeTime(t *testing.T) { assert.NoError(t, (stun.Realm(staticKey)).AddTo(m)) assert.NoError(t, (stun.Username(staticKey)).AddTo(m)) + assert.NoError(t, handleCreatePermissionRequest(r, m)) + assert.Equal(t, 1, authSuccessCallbackTimes) + assert.NoError(t, handleRefreshRequest(r, m)) + assert.Equal(t, 2, authSuccessCallbackTimes) + assert.Nil(t, r.AllocationManager.GetAllocation(fiveTuple)) }) } diff --git a/internal/server/util.go b/internal/server/util.go index 97f01c01..efbcedb4 100644 --- a/internal/server/util.go +++ b/internal/server/util.go @@ -97,6 +97,10 @@ func authenticateRequest(r Request, m *stun.Message, callingMethod stun.Method) return nil, false, buildAndSendErr(r.Conn, r.SrcAddr, err, badRequestMsg...) } + if r.OnAuthSuccess != nil { + r.OnAuthSuccess(usernameAttr.String(), realmAttr.String(), r.SrcAddr) + } + return stun.MessageIntegrity(ourKey), true, nil } diff --git a/server.go b/server.go index 91d7b1d5..eb10b31e 100644 --- a/server.go +++ b/server.go @@ -24,6 +24,7 @@ const ( type Server struct { log logging.LeveledLogger authHandler AuthHandler + authSuccess AuthCallback realm string channelBindTimeout time.Duration nonceHash *server.NonceHash diff --git a/server_config.go b/server_config.go index eaa7a258..cb24094f 100644 --- a/server_config.go +++ b/server_config.go @@ -96,6 +96,9 @@ func (c *ListenerConfig) validate() error { // AuthHandler is a callback used to handle incoming auth requests, allowing users to customize Pion TURN with custom behavior type AuthHandler func(username, realm string, srcAddr net.Addr) (key []byte, ok bool) +// AuthCallback is a callback used to inform users about the success of authentication events to the server +type AuthCallback func(username, realm string, srcAddr net.Addr) + // GenerateAuthKey is a convenience function to easily generate keys in the format used by AuthHandler func GenerateAuthKey(username, realm, password string) []byte { // #nosec