COTURN credentials lifecycle

openvidu-browser/src/OpenVidu/OpenVidu.ts

@@ -56,6 +56,14 @@ export class OpenVidu {
    * @hidden
    */
   recorder = false;
+  /**
+   * @hidden
+   */
+  turnCredentials: RTCIceServer;
+  /**
+   * @hidden
+   */
+  role: string;
   /**
    * @hidden
    */
@@ -490,7 +498,7 @@ export class OpenVidu {
         onreconnected: this.reconnectedCallback.bind(this)
       },
       rpc: {
-        requestTimeout: 15000,
+        requestTimeout: 10000,
         participantJoined: this.session.onParticipantJoined.bind(this.session),
         participantPublished: this.session.onParticipantPublished.bind(this.session),
         participantUnpublished: this.session.onParticipantUnpublished.bind(this.session),

openvidu-browser/src/OpenVidu/Session.ts

@@ -934,6 +934,9 @@ export class Session implements EventDispatcher {
         this.sessionId = <string>url.searchParams.get('sessionId');
         const secret = url.searchParams.get('secret');
         const recorder = url.searchParams.get('recorder');
+        const turnUsername = url.searchParams.get('turnUsername');
+        const turnCredential = url.searchParams.get('turnCredential');
+        const role = url.searchParams.get('role');
 
         if (!!secret) {
             this.openvidu.secret = secret;
@@ -941,6 +944,13 @@ export class Session implements EventDispatcher {
         if (!!recorder) {
             this.openvidu.recorder = true;
         }
+        if (!!turnUsername && !!turnCredential) {
+            const turnUrl = 'turn:' + url.hostname + ':3478';
+            this.openvidu.turnCredentials = { urls: [turnUrl], username: turnUsername, credential: turnCredential };
+        }
+        if (!!role) {
+            this.openvidu.role = role;
+        }
 
         this.openvidu.wsUri = 'wss://' + url.host + '/openvidu';
     }

openvidu-browser/src/OpenVidu/Stream.ts

@@ -359,6 +359,14 @@ export class Stream {
         this.speechEvent = undefined;
     }
 
+    /**
+     * @hidden
+     */
+    isLocal(): boolean {
+        // inbound options undefined and outbound options defined
+        return (!this.inboundStreamOpts && !!this.outboundStreamOpts);
+    }
+
 
     /* Private methods */
 
@@ -374,7 +382,7 @@ export class Stream {
                 videoStream: this.mediaStream,
                 mediaConstraints: userMediaConstraints,
                 onicecandidate: this.connection.sendIceCandidate.bind(this.connection),
-                iceServers: this.session.openvidu.advancedConfiguration.iceServers
+                iceServers: this.getIceServersConf()
             };
 
             const successCallback = (error, sdpOfferParam, wp) => {
@@ -444,7 +452,8 @@ export class Stream {
                 offerConstraints);
             const options = {
                 onicecandidate: this.connection.sendIceCandidate.bind(this.connection),
-                mediaConstraints: offerConstraints
+                mediaConstraints: offerConstraints,
+                iceServers: this.getIceServersConf()
             };
 
             const successCallback = (error, sdpOfferParam, wp) => {
@@ -525,12 +534,12 @@ export class Stream {
         }
     }
 
-    /**
+    private getIceServersConf(): RTCIceServer[] | undefined {
-     * @hidden
+        return !!this.session.openvidu.advancedConfiguration.iceServers ?
-     */
+            this.session.openvidu.advancedConfiguration.iceServers :
-    isLocal(): boolean {
+            !!this.session.openvidu.turnCredentials ?
-        // inbound options undefined and outbound options defined
+                [this.session.openvidu.turnCredentials] :
-        return (!this.inboundStreamOpts && !!this.outboundStreamOpts);
+                undefined;
     }
 
 }

openvidu-server/src/main/java/io/openvidu/server/CommandExecutor.java

@@ -26,7 +26,6 @@ public class CommandExecutor {
 	public static String execCommand(String... command) throws IOException, InterruptedException {
 
 		ProcessBuilder processBuilder = new ProcessBuilder(command);
-
 		processBuilder.redirectErrorStream(true);
 
 		Process process = processBuilder.start();
@@ -34,20 +33,15 @@ public class CommandExecutor {
 
 		try (BufferedReader processOutputReader = new BufferedReader(
 				new InputStreamReader(process.getInputStream()));) {
-			String readLine;
 
+			String readLine;
 			while ((readLine = processOutputReader.readLine()) != null) {
 				processOutput.append(readLine + System.lineSeparator());
 			}
-
 			process.waitFor();
 		}
 
 		return processOutput.toString().trim();
 	}
-	
-	public static void main(String[] args) throws IOException, InterruptedException {
-		System.out.println(execCommand("/bin/sh","-c","hostname -i | awk '{print $1}'"));
-	}
 
 }

openvidu-server/src/main/java/io/openvidu/server/OpenViduServer.java

@@ -47,6 +47,8 @@ import com.google.gson.JsonParser;
 import io.openvidu.server.cdr.CallDetailRecord;
 import io.openvidu.server.config.OpenviduConfig;
 import io.openvidu.server.core.SessionManager;
+import io.openvidu.server.coturn.CoturnCredentialsService;
+import io.openvidu.server.coturn.CoturnCredentialsServiceFactory;
 import io.openvidu.server.kurento.AutodiscoveryKurentoClientProvider;
 import io.openvidu.server.kurento.KurentoClientProvider;
 import io.openvidu.server.kurento.core.KurentoSessionEventsHandler;
@@ -74,7 +76,7 @@ public class OpenViduServer implements JsonRpcConfigurer {
 	public static final String KMSS_URIS_PROPERTY = "kms.uris";
 
 	public static String publicUrl;
-	
+
 	private String ngrokAppUrl = "";
 
 	@Bean
@@ -131,19 +133,24 @@ public class OpenViduServer implements JsonRpcConfigurer {
 	public CallDetailRecord cdr() {
 		return new CallDetailRecord();
 	}
-	
+
 	@Bean
 	@ConditionalOnMissingBean
 	public OpenviduConfig openviduConfig() {
 		return new OpenviduConfig();
 	}
-	
+
 	@Bean
 	@ConditionalOnMissingBean
 	public ComposedRecordingService composedRecordingService() {
 		return new ComposedRecordingService();
 	}
 
+	@Bean
+	public CoturnCredentialsService coturnCredentialsService() {
+		return new CoturnCredentialsServiceFactory(openviduConfig()).getCoturnCredentialsService();
+	}
+
 	@Override
 	public void registerJsonRpcHandlers(JsonRpcHandlerRegistry registry) {
 		registry.addHandler(rpcHandler().withPingWatchdog(true), "/openvidu");
@@ -152,13 +159,13 @@ public class OpenViduServer implements JsonRpcConfigurer {
 	private static String getContainerIp() throws IOException, InterruptedException {
 		return CommandExecutor.execCommand("/bin/sh", "-c", "hostname -i | awk '{print $1}'");
 	}
-	
+
 	public static void main(String[] args) throws Exception {
 		log.info("Using /dev/urandom for secure random generation");
 		System.setProperty("java.security.egd", "file:/dev/./urandom");
 		SpringApplication.run(OpenViduServer.class, args);
 	}
-	
+
 	@PostConstruct
     public void init() throws MalformedURLException, InterruptedException {
 		OpenviduConfig openviduConf = openviduConfig();
@@ -174,13 +181,13 @@ public class OpenViduServer implements JsonRpcConfigurer {
 				if (ngrokAppUrl.isEmpty()) {
 					ngrokAppUrl = "(No tunnel 'app' found in ngrok.yml)";
 				}
-				
+
 				// For frontend-only applications overriding openvidu-server dashboard...
 				String ngrokServerUrl = ngrok.getNgrokServerUrl();
 				if (ngrokServerUrl.isEmpty()) {
 					ngrokServerUrl = ngrok.getNgrokAppUrl();
 				}
-				
+
 				OpenViduServer.publicUrl = ngrokServerUrl.replaceFirst("https://", "wss://");
 				openviduConf.setFinalUrl(ngrokServerUrl);
 
@@ -288,7 +295,7 @@ public class OpenViduServer implements JsonRpcConfigurer {
 		}
 		log.info("OpenVidu Server using " + type + " URL: [" + OpenViduServer.publicUrl + "]");
 	}
-	
+
 	@EventListener(ApplicationReadyEvent.class)
 	public void printNgrokUrl() {
 	    if (!this.ngrokAppUrl.isEmpty()) {

openvidu-server/src/main/java/io/openvidu/server/config/OpenviduConfig.java

@@ -58,6 +58,9 @@ public class OpenviduConfig {
 	@Value("#{'${spring.profiles.active:}'.length() > 0 ? '${spring.profiles.active:}'.split(',') : \"default\"}")
 	private String springProfile;
 
+	@Value("${coturn.sqlite}")
+	private String coturnSqlite;
+
 	private String finalUrl;
 
 	public String getOpenViduPublicUrl() {
@@ -119,6 +122,10 @@ public class OpenviduConfig {
 	public String getSpringProfile() {
 		return springProfile;
 	}
+	
+	public String getCoturnSqlite() {
+		return coturnSqlite;
+	}
 
 	public ParticipantRole[] getRolesFromRecordingNotification() {
 		ParticipantRole[] roles;

openvidu-server/src/main/java/io/openvidu/server/core/SessionManager.java

@@ -40,29 +40,34 @@ import io.openvidu.java.client.SessionProperties;
 import io.openvidu.server.OpenViduServer;
 import io.openvidu.server.cdr.CallDetailRecord;
 import io.openvidu.server.config.OpenviduConfig;
+import io.openvidu.server.coturn.CoturnCredentialsService;
+import io.openvidu.server.coturn.TurnCredentials;
 import io.openvidu.server.recording.ComposedRecordingService;
 
 public abstract class SessionManager {
 
 	private static final Logger log = LoggerFactory.getLogger(SessionManager.class);
-	
+
 	@Autowired
 	protected SessionEventsHandler sessionEventsHandler;
-	
+
 	@Autowired
 	protected ComposedRecordingService recordingService;
-	
+
 	@Autowired
 	protected CallDetailRecord CDR;
-	
+
 	@Autowired
 	protected OpenviduConfig openviduConfig;
 
+	@Autowired
+	protected CoturnCredentialsService coturnCredentialsService;
+
 	protected ConcurrentMap<String, Session> sessions = new ConcurrentHashMap<>();
 	protected ConcurrentMap<String, SessionProperties> sessionProperties = new ConcurrentHashMap<>();
-	protected ConcurrentMap<String, ConcurrentHashMap<String, Token>> sessionidTokenTokenobj = new ConcurrentHashMap<>();
 	protected ConcurrentMap<String, ConcurrentHashMap<String, Participant>> sessionidParticipantpublicidParticipant = new ConcurrentHashMap<>();
 	protected ConcurrentMap<String, Boolean> insecureUsers = new ConcurrentHashMap<>();
+	public ConcurrentMap<String, ConcurrentHashMap<String, Token>> sessionidTokenTokenobj = new ConcurrentHashMap<>();
 
 	private volatile boolean closed = false;
 
@@ -92,16 +97,7 @@ public abstract class SessionManager {
 	 */
 	public void evictParticipant(String participantPrivateId, String reason) throws OpenViduException {
 	}
-	
+
-	/**
-	 * Returns whether a sessionId already exists or not
-	 *
-	 * @return boolean
-	 */
-	public boolean sessionIdExists(String sessionId) {
-		return sessionidTokenTokenobj.containsKey(sessionId);
-	}
-	
 	/**
 	 * Returns a Session given its id
 	 *
@@ -190,29 +186,117 @@ public abstract class SessionManager {
 	}
 
 	public void storeSessionId(String sessionId, SessionProperties sessionProperties) {
-		this.sessionidTokenTokenobj.put(sessionId, new ConcurrentHashMap<>());
+		this.sessionidParticipantpublicidParticipant.putIfAbsent(sessionId, new ConcurrentHashMap<>());
-		this.sessionidParticipantpublicidParticipant.put(sessionId, new ConcurrentHashMap<>());
+		this.sessionProperties.putIfAbsent(sessionId, sessionProperties);
-		this.sessionProperties.put(sessionId, sessionProperties);
 		showTokens();
 	}
 
 	public String newToken(String sessionId, ParticipantRole role, String serverMetadata) throws OpenViduException {
-		if (this.sessionidParticipantpublicidParticipant.get(sessionId) != null
+
-				&& this.sessionidTokenTokenobj.get(sessionId) != null) {
+		/*if (!isMetadataFormatCorrect(serverMetadata)) {
-			if (isMetadataFormatCorrect(serverMetadata)) {
+			log.error("Data invalid format. Max length allowed is 10000 chars");
-				String token = OpenViduServer.publicUrl + "?sessionId=" + sessionId + "&token=";
+			throw new OpenViduException(Code.GENERIC_ERROR_CODE,
-				token += this.generateRandomChain();
+					"Data invalid format. Max length allowed is 10000 chars");
-				this.sessionidTokenTokenobj.get(sessionId).put(token, new Token(token, role, serverMetadata));
+		}
-				showTokens();
+
-				return token;
+		String token = OpenViduServer.publicUrl;
-			} else {
+		token += "?sessionId=" + sessionId;
+		token += "&token=" + this.generateRandomChain();
+		token += "&role=" + role.name();
+		TurnCredentials turnCredentials = null;
+		if (this.coturnCredentialsService.isCoturnAvailable()) {
+			turnCredentials = coturnCredentialsService.createUser();
+			if (turnCredentials != null) {
+				token += "&turnUsername=" + turnCredentials.getUsername();
+				token += "&turnCredential=" + turnCredentials.getCredential();
+			}
+		}
+		Token t = new Token(token, role, serverMetadata, turnCredentials);
+
+		final String finalToken = token;
+
+		ConcurrentHashMap<String, Token> tok = this.sessionidTokenTokenobj.computeIfPresent(sessionId, (key, value) -> {
+			value.putIfAbsent(finalToken, t);
+			return value;
+		});
+	
+		if (tok == null) {
+			log.error("sessionId [" + sessionId + "] is not valid");
+			throw new OpenViduException(Code.ROOM_NOT_FOUND_ERROR_CODE, "sessionId [" + sessionId + "] not found");
+		} else {
+			return tok.get(token).getToken();
+		}*/
+
+		
+		/*if (!isMetadataFormatCorrect(serverMetadata)) {
+			log.error("Data invalid format. Max length allowed is 10000 chars");
+			throw new OpenViduException(Code.GENERIC_ERROR_CODE,
+					"Data invalid format. Max length allowed is 10000 chars");
+		}
+		
+		final String[] tokenArray = {""};
+		
+		try {
+			sessionidTokenTokenobj.computeIfPresent(sessionId, (key, value) -> {
+				String token = OpenViduServer.publicUrl;
+				token += "?sessionId=" + sessionId;
+				token += "&token=" + this.generateRandomChain();
+				token += "&role=" + role.name();
+				TurnCredentials turnCredentials = null;
+				if (this.coturnCredentialsService.isCoturnAvailable()) {
+					turnCredentials = coturnCredentialsService.createUser();
+					if (turnCredentials != null) {
+						token += "&turnUsername=" + turnCredentials.getUsername();
+						token += "&turnCredential=" + turnCredentials.getCredential();
+					}
+				}
+				Token t = new Token(token, role, serverMetadata, turnCredentials);
+				value.putIfAbsent(token, t);
+				tokenArray[0] = token;
+				throw new RuntimeException();
+			});
+		} catch(RuntimeException e) {
+			log.info("Token succesfully created");
+		}
+		
+		if (tokenArray[0].isEmpty()) {
+			log.error("sessionId [" + sessionId + "] is not valid");
+			throw new OpenViduException(Code.ROOM_NOT_FOUND_ERROR_CODE, "sessionId [" + sessionId + "] not found");
+		}
+		
+		return tokenArray[0];*/
+
+		ConcurrentHashMap<String, Token> map = this.sessionidTokenTokenobj.putIfAbsent(sessionId, new ConcurrentHashMap<>());
+		if (map != null) {
+		
+			if (!isMetadataFormatCorrect(serverMetadata)) {
+				log.error("Data invalid format. Max length allowed is 10000 chars");
 				throw new OpenViduException(Code.GENERIC_ERROR_CODE,
 						"Data invalid format. Max length allowed is 10000 chars");
 			}
+		
+			String token = OpenViduServer.publicUrl;
+			token += "?sessionId=" + sessionId;
+			token += "&token=" + this.generateRandomChain();
+			token += "&role=" + role.name();
+			TurnCredentials turnCredentials = null;
+			if (this.coturnCredentialsService.isCoturnAvailable()) {
+				turnCredentials = coturnCredentialsService.createUser();
+				token += "&turnUsername=" + turnCredentials.getUsername();
+				token += "&turnCredential=" + turnCredentials.getCredential();
+			}
+			Token t = new Token(token, role, serverMetadata, turnCredentials);
+		
+			map.putIfAbsent(token, t);
+			showTokens();
+			return token;
+		
 		} else {
-			System.out.println("Error: the sessionId [" + sessionId + "] is not valid");
+			this.sessionidTokenTokenobj.remove(sessionId);
-			throw new OpenViduException(Code.ROOM_NOT_FOUND_ERROR_CODE, "[" + sessionId + "] is not a valid sessionId");
+			log.error("sessionId [" + sessionId + "] is not valid");
+			throw new OpenViduException(Code.ROOM_NOT_FOUND_ERROR_CODE, "sessionId [" + sessionId + "] not found");
 		}
+
 	}
 
 	public boolean isTokenValidInSession(String token, String sessionId, String participanPrivatetId) {
@@ -225,7 +309,9 @@ public abstract class SessionManager {
 		} else {
 			this.sessionidParticipantpublicidParticipant.putIfAbsent(sessionId, new ConcurrentHashMap<>());
 			this.sessionidTokenTokenobj.putIfAbsent(sessionId, new ConcurrentHashMap<>());
-			this.sessionidTokenTokenobj.get(sessionId).putIfAbsent(token, new Token(token, ParticipantRole.PUBLISHER, ""));
+			this.sessionidTokenTokenobj.get(sessionId).putIfAbsent(token,
+					new Token(token, ParticipantRole.PUBLISHER, "", 
+							this.coturnCredentialsService.isCoturnAvailable() ? this.coturnCredentialsService.createUser() : null));
 			return true;
 		}
 	}
@@ -273,14 +359,12 @@ public abstract class SessionManager {
 			String clientMetadata) {
 		if (this.sessionidParticipantpublicidParticipant.get(sessionId) != null) {
 			String participantPublicId = this.generateRandomChain();
-			ConcurrentHashMap<String, Participant> participantpublicidParticipant = this.sessionidParticipantpublicidParticipant
-					.get(sessionId);
-			while (participantpublicidParticipant.containsKey(participantPublicId)) {
-				// Avoid random 'participantpublicid' collisions
-				participantPublicId = this.generateRandomChain();
-			}
 			Participant p = new Participant(participantPrivatetId, participantPublicId, token, clientMetadata);
-			this.sessionidParticipantpublicidParticipant.get(sessionId).put(participantPublicId, p);
+			while (this.sessionidParticipantpublicidParticipant.get(sessionId).putIfAbsent(participantPublicId,
+					p) != null) {
+				participantPublicId = this.generateRandomChain();
+				p.setParticipantPublicId(participantPublicId);
+			}
 			return p;
 		} else {
 			throw new OpenViduException(Code.ROOM_NOT_FOUND_ERROR_CODE, sessionId);
@@ -322,7 +406,7 @@ public abstract class SessionManager {
 	public void showAllParticipants() {
 		log.info("<SESSIONID, PARTICIPANTS>: {}", this.sessionidParticipantpublicidParticipant.toString());
 	}
-	
+
 	public String generateRandomChain() {
 		return RandomStringUtils.randomAlphanumeric(16).toLowerCase();
 	}
@@ -393,11 +477,11 @@ public abstract class SessionManager {
 		sessionidTokenTokenobj.remove(sessionId);
 
 		log.warn("Session '{}' removed and closed", sessionId);
-		
+
 		if (recordingService.sessionIsBeingRecorded(session.getSessionId())) {
 			recordingService.stopRecording(session);
 		}
-		
+
 		return participants;
 	}
 

openvidu-server/src/main/java/io/openvidu/server/core/Token.java

@@ -17,20 +17,24 @@
 
 package io.openvidu.server.core;
 
+import io.openvidu.server.coturn.TurnCredentials;
+
 public class Token {
 
 	String token;
 	ParticipantRole role;
 	String serverMetadata = "";
+	TurnCredentials turnCredentials;
 
 	public Token(String token) {
 		this.token = token;
 	}
 
-	public Token(String token, ParticipantRole role, String serverMetadata) {
+	public Token(String token, ParticipantRole role, String serverMetadata, TurnCredentials turnCredentials) {
 		this.token = token;
 		this.role = role;
 		this.serverMetadata = serverMetadata;
+		this.turnCredentials = turnCredentials;
 	}
 
 	public String getToken() {
@@ -40,11 +44,15 @@ public class Token {
 	public ParticipantRole getRole() {
 		return role;
 	}
-	
+
 	public String getServerMetadata() {
 		return serverMetadata;
 	}
 
+	public TurnCredentials getTurnCredentials() {
+		return turnCredentials;
+	}
+
 	@Override
 	public String toString() {
 		if (this.role != null)

openvidu-server/src/main/java/io/openvidu/server/coturn/BashCoturnCredentialsService.java

@@ -0,0 +1,81 @@
+package io.openvidu.server.coturn;
+
+import java.io.File;
+import java.io.IOException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+
+import io.openvidu.server.CommandExecutor;
+import io.openvidu.server.config.OpenviduConfig;
+
+public class BashCoturnCredentialsService extends CoturnCredentialsService {
+
+	public BashCoturnCredentialsService(OpenviduConfig openviduConfig) {
+		super(openviduConfig);
+		File f = new File(this.openviduConfig.getCoturnSqlite());
+		if (f.exists()) {
+			f.delete();
+		}
+		this.coturnDatabaseLocation = this.openviduConfig.getCoturnSqlite();
+		try {
+			String response = CommandExecutor.execCommand("/bin/sh", "-c", "turnadmin -l -b " + this.coturnDatabaseLocation);
+			if (response.contains("turnadmin: not found")) {
+				// No coturn installed in the host machine
+				log.warn("No COTURN server is installed in the host machine");
+				this.coturnAvailable = false;
+			}
+			log.info("COTURN sqlite database location: " + this.openviduConfig.getCoturnSqlite());
+		} catch (IOException | InterruptedException e) {
+			e.printStackTrace();
+		}
+		log.info("Using COTURN credentials service for BASH environment");
+	}
+
+	@Override
+	public TurnCredentials createUser() {
+		TurnCredentials credentials = null;
+		log.info("Creating COTURN user");
+		String user = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
+		String pass = RandomStringUtils.randomAlphanumeric(8).toLowerCase();
+		String command = "turnadmin -a -b " + this.coturnDatabaseLocation + " -u " + user + " -r openvidu -p " + pass;
+		String users = "";
+		lock.lock();
+		try {
+			CommandExecutor.execCommand("/bin/sh", "-c", command);
+			users = CommandExecutor.execCommand("/bin/sh", "-c", "turnadmin -l -b " + this.coturnDatabaseLocation);
+		} catch (IOException | InterruptedException e) {
+			e.printStackTrace();
+		} finally {
+			lock.unlock();
+			if (users.contains(user + "[openvidu]")) {
+				credentials = new TurnCredentials(user, pass);
+				log.info("COTURN user created: true");
+			} else {
+				log.info("COTURN user created: false");
+			}
+		}
+		return credentials;
+	}
+
+	@Override
+	public boolean deleteUser(String user) {
+		boolean userRemoved = false;
+
+		log.info("Deleting COTURN user");
+		String command = "turnadmin -d -b " + this.coturnDatabaseLocation + " -u " + user + " -r openvidu";
+		String users = "";
+		lock.lock();
+		try {
+			CommandExecutor.execCommand("/bin/sh", "-c", command);
+			users = CommandExecutor.execCommand("/bin/sh", "-c", "turnadmin -l -b " + this.coturnDatabaseLocation);
+		} catch (IOException | InterruptedException e) {
+			e.printStackTrace();
+		} finally {
+			lock.unlock();
+		}
+		userRemoved = !users.contains(user + "[openvidu]");
+		log.info("COTURN user deleted: " + userRemoved);
+		return userRemoved;
+	}
+
+}

openvidu-server/src/main/java/io/openvidu/server/coturn/CoturnCredentialsService.java

@@ -0,0 +1,36 @@
+package io.openvidu.server.coturn;
+
+import java.util.concurrent.locks.ReentrantLock;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+import io.openvidu.server.config.OpenviduConfig;
+
+@Service
+public abstract class CoturnCredentialsService {
+
+	protected static final Logger log = LoggerFactory.getLogger(CoturnCredentialsService.class);
+
+	protected OpenviduConfig openviduConfig;
+
+	protected String coturnDatabaseLocation;
+	
+	protected boolean coturnAvailable = true;
+	
+	protected ReentrantLock lock = new ReentrantLock();
+
+	public CoturnCredentialsService(OpenviduConfig openviduConfig) {
+		this.openviduConfig = openviduConfig;
+	}
+
+	public abstract TurnCredentials createUser();
+
+	public abstract boolean deleteUser(String user);
+	
+	public boolean isCoturnAvailable() {
+		return this.coturnAvailable;
+	}
+
+}

openvidu-server/src/main/java/io/openvidu/server/coturn/CoturnCredentialsServiceFactory.java

@@ -0,0 +1,22 @@
+package io.openvidu.server.coturn;
+
+import io.openvidu.server.config.OpenviduConfig;
+
+public class CoturnCredentialsServiceFactory {
+
+	OpenviduConfig openviduConfig;
+
+	public CoturnCredentialsServiceFactory(OpenviduConfig openviduConfig) {
+		this.openviduConfig = openviduConfig;
+	}
+
+	public CoturnCredentialsService getCoturnCredentialsService() {
+		if (!"docker".equals(openviduConfig.getSpringProfile())) {
+			return new BashCoturnCredentialsService(this.openviduConfig);
+		} else {
+			// TODO: return other options
+			return new BashCoturnCredentialsService(this.openviduConfig);
+		}
+	}
+
+}

openvidu-server/src/main/java/io/openvidu/server/coturn/DockerCoturnCredentialsService.java

@@ -0,0 +1,24 @@
+package io.openvidu.server.coturn;
+
+import io.openvidu.server.config.OpenviduConfig;
+
+public class DockerCoturnCredentialsService extends CoturnCredentialsService {
+
+	public DockerCoturnCredentialsService(OpenviduConfig openviduConfig) {
+		super(openviduConfig);
+		// TODO Auto-generated constructor stub
+	}
+
+	@Override
+	public TurnCredentials createUser() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public boolean deleteUser(String user) {
+		// TODO Auto-generated method stub
+		return false;
+	}
+
+}

openvidu-server/src/main/java/io/openvidu/server/coturn/TurnCredentials.java

@@ -0,0 +1,21 @@
+package io.openvidu.server.coturn;
+
+public class TurnCredentials {
+
+	private String username;
+	private String credential;
+
+	public TurnCredentials(String username, String credential) {
+		this.username = username;
+		this.credential = credential;
+	}
+
+	public String getUsername() {
+		return username;
+	}
+
+	public String getCredential() {
+		return credential;
+	}
+
+}

openvidu-server/src/main/java/io/openvidu/server/kurento/core/KurentoSessionManager.java

@@ -104,7 +104,7 @@ public class KurentoSessionManager extends SessionManager {
 	}
 
 	@Override
-	public void leaveRoom(Participant participant, Integer transactionId, String reason) {
+	public synchronized void leaveRoom(Participant participant, Integer transactionId, String reason) {
 		log.debug("Request [LEAVE_ROOM] ({})", participant.getParticipantPublicId());
 
 		KurentoParticipant kParticipant = (KurentoParticipant) participant;
@@ -124,6 +124,11 @@ public class KurentoSessionManager extends SessionManager {
 		if (sessionidParticipantpublicidParticipant.get(sessionId) != null) {
 			Participant p = sessionidParticipantpublicidParticipant.get(sessionId)
 					.remove(participant.getParticipantPublicId());
+			
+			if (this.coturnCredentialsService.isCoturnAvailable()) {
+				this.coturnCredentialsService.deleteUser(p.getToken().getTurnCredentials().getUsername());
+			}
+
 			if (sessionidTokenTokenobj.get(sessionId) != null) {
 				sessionidTokenTokenobj.get(sessionId).remove(p.getToken().getToken());
 			}
@@ -147,7 +152,7 @@ public class KurentoSessionManager extends SessionManager {
 		try {
 			remainingParticipants = getParticipants(sessionId);
 		} catch (OpenViduException e) {
-			log.debug("Possible collision when closing the session '{}' (not found)");
+			log.info("Possible collision when closing the session '{}' (not found)", sessionId);
 			remainingParticipants = Collections.emptySet();
 		}
 

openvidu-server/src/main/java/io/openvidu/server/rest/SessionRestController.java

@@ -21,6 +21,7 @@ import java.util.Collection;
 import java.util.Map;
 import java.util.NoSuchElementException;
 import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
 
 import org.json.simple.JSONArray;
 import org.json.simple.JSONObject;
@@ -107,6 +108,9 @@ public class SessionRestController {
 				} else {
 					builder = builder.mediaMode(MediaMode.ROUTED);
 				}
+				if (customSessionId != null && !customSessionId.isEmpty()) {
+					builder = builder.customSessionId(customSessionId);
+				}
 				builder = builder.defaultCustomLayout((defaultCustomLayout != null) ? defaultCustomLayout : "");
 
 			} catch (IllegalArgumentException e) {
@@ -120,17 +124,16 @@ public class SessionRestController {
 
 		String sessionId;
 		if (customSessionId != null && !customSessionId.isEmpty()) {
-			if (sessionManager.sessionIdExists(customSessionId)) {
+			if (sessionManager.sessionidTokenTokenobj.putIfAbsent(customSessionId, new ConcurrentHashMap<>()) != null) {
 				return new ResponseEntity<JSONObject>(HttpStatus.CONFLICT);
-			} else {
-				sessionId = customSessionId;
-				sessionManager.storeSessionId(sessionId, sessionProperties);
 			}
+			sessionId = customSessionId;
 		} else {
 			sessionId = sessionManager.generateRandomChain();
-			sessionManager.storeSessionId(sessionId, sessionProperties);
+			sessionManager.sessionidTokenTokenobj.putIfAbsent(sessionId, new ConcurrentHashMap<>());
 		}
 
+		sessionManager.storeSessionId(sessionId, sessionProperties);
 		JSONObject responseJson = new JSONObject();
 		responseJson.put("id", sessionId);
 		return new ResponseEntity<>(responseJson, HttpStatus.OK);
@@ -167,9 +170,7 @@ public class SessionRestController {
 			return this.generateErrorResponse("Role " + params.get("role") + " is not defined", "/api/tokens",
 					HttpStatus.BAD_REQUEST);
 		} catch (OpenViduException e) {
-			return this.generateErrorResponse(
+			return this.generateErrorResponse(e.getMessage(), "/api/tokens", HttpStatus.BAD_REQUEST);
-					"Metadata [" + params.get("data") + "] unexpected format. Max length allowed is 10000 chars",
-					"/api/tokens", HttpStatus.BAD_REQUEST);
 		}
 	}
 

openvidu-server/src/main/resources/META-INF/additional-spring-configuration-metadata.json

@@ -1,52 +1,69 @@
-{"properties": [
+{
-  {
+	"properties": [
-    "name": "kms.uris",
+		{
-    "type": "java.lang.String",
+			"name": "kms.uris",
-    "description": "KMS URL's to which OpenVidu Server will try to connect. They are tested in order until a valid one is found"
+			"type": "java.lang.String",
-  },
+			"description": "KMS URL's to which OpenVidu Server will try to connect. They are tested in order until a valid one is found",
-  {
+			"defaultValue": "[\"ws://localhost:8888/kurento\"]"
-    "name": "openvidu.secret",
+		},
-    "type": "java.lang.String",
+		{
-    "description": "Secret used to connect to OpenVidu Server. This value is required when using the REST API or any server client, as well as when connecting to openvidu-server dashboard"
+			"name": "openvidu.secret",
-  },
+			"type": "java.lang.String",
-  {
+			"description": "Secret used to connect to OpenVidu Server. This value is required when using the REST API or any server client, as well as when connecting to openvidu-server dashboard",
-    "name": "openvidu.publicurl",
+			"defaultValue": "MY_SECRET"
-    "type": "java.lang.String",
+		},
-    "description": "URL to connect clients to OpenVidu Server. This must be the full IP of your OpenVidu Server, including protocol, host and port (for example: https://my.openvidu.server.ip:4443). If no port argument is provided, 'server.port' param will be appended to it"
+		{
-  },
+			"name": "openvidu.publicurl",
-  {
+			"type": "java.lang.String",
-    "name": "openvidu.cdr",
+			"description": "URL to connect clients to OpenVidu Server. This must be the full IP of your OpenVidu Server, including protocol, host and port (for example: https://my.openvidu.server.ip:4443). If no port argument is provided, 'server.port' param will be appended to it",
-    "type": "java.lang.Boolean",
+			"defaultValue": "local"
-    "description": "Whether to enable Call Detail Record or not"
+		},
-  },
+		{
-  {
+			"name": "openvidu.cdr",
-    "name": "openvidu.recording",
+			"type": "java.lang.Boolean",
-    "type": "java.lang.Boolean",
+			"description": "Whether to enable Call Detail Record or not",
-    "description": "Whether to start OpenVidu Server with recording module service available or not (a Docker image will be downloaded during the first execution). Apart from setting this param to true, it is also necessary to explicitly configure sessions to be recorded"
+			"defaultValue": false
-  },
+		},
-  {
+		{
-    "name": "openvidu.recording.path",
+			"name": "openvidu.recording",
-    "type": "java.lang.String",
+			"type": "java.lang.Boolean",
-    "description": "Where to store the recorded video files"
+			"description": "Whether to start OpenVidu Server with recording module service available or not (a Docker image will be downloaded during the first execution). Apart from setting this param to true, it is also necessary to explicitly configure sessions to be recorded",
-  },
+			"defaultValue": false
-  {
+		},
-    "name": "openvidu.recording.public-access",
+		{
-    "type": "java.lang.Boolean",
+			"name": "openvidu.recording.path",
-    "description": "'true' to allow public access to the video files specified in 'openviu.recording.path'. 'false' to only allow access to authenticated users"
+			"type": "java.lang.String",
-  },
+			"description": "Where to store the recorded video files",
-  {
+			"defaultValue": "/opt/openvidu/recordings"
-    "name": "openvidu.recording.notification",
+		},
-    "type": "java.lang.String",
+		{
-    "description": "Which users will receive a notfication (client events 'recordingStarted' and 'recordingStopped') when recording starts and stops: 'none', 'publisher_moderator', 'all'"
+			"name": "openvidu.recording.public-access",
-  },
+			"type": "java.lang.Boolean",
-  {
+			"description": "'true' to allow public access to the video files specified in 'openviu.recording.path'. 'false' to only allow access to authenticated users",
-    "name": "openvidu.recording.custom-layout",
+			"defaultValue": false
-    "type": "java.lang.String",
+		},
-    "description": "Where should OpenVidu Server look for custom recording layouts"
+		{
-  },
+			"name": "openvidu.recording.notification",
-  {
+			"type": "java.lang.String",
-    "name": "openvidu.recording.version",
+			"description": "Which users will receive a notfication (client events 'recordingStarted' and 'recordingStopped') when recording starts and stops: 'none', 'publisher_moderator', 'all'",
-    "type": "java.lang.String",
+			"defaultValue": "publisher_moderator"
-    "description": "Tag for openvidu/openvidu-recording Docker image"
+		},
-  }
+		{
-]}
+			"name": "openvidu.recording.custom-layout",
+			"type": "java.lang.String",
+			"description": "Where should OpenVidu Server look for custom recording layouts",
+			"defaultValue": "/opt/openvidu/custom-layout"
+		},
+		{
+			"name": "openvidu.recording.version",
+			"type": "java.lang.String",
+			"description": "Tag for openvidu/openvidu-recording Docker image"
+		},
+		{
+			"name": "coturn.sqlite",
+			"type": "java.lang.String",
+			"description": "Path to COTURN sqlite database to add and remove TURN user credentials",
+			"defaultValue": "/opt/openvidu/coturn/turndb"
+		}
+	]
+}

openvidu-server/src/main/resources/application.properties

@@ -9,7 +9,6 @@ server.ssl.key-store: classpath:openvidu-selfsigned.jks
 server.ssl.key-store-password: openvidu
 server.ssl.key-store-type: JKS
 server.ssl.key-alias: openvidu-selfsigned
-kms.uris=[\"ws://localhost:8888/kurento\"]
 
 openvidu.secret: MY_SECRET
 openvidu.publicurl: local
@@ -18,4 +17,8 @@ openvidu.recording: false
 openvidu.recording.path: /opt/openvidu/recordings
 openvidu.recording.public-access: false
 openvidu.recording.notification: publisher_moderator
-openvidu.recording.custom-layout: /opt/openvidu/custom-layout
+openvidu.recording.custom-layout: /opt/openvidu/custom-layout
+
+kms.uris=[\"ws://localhost:8888/kurento\"]
+
+coturn.sqlite=/opt/openvidu/coturn/turndb