mirror of https://github.com/OpenVidu/openvidu.git
Server security (de)activation by property
pabloFuente
parent
298428e5fa
commit
c19307e066
|
|
@ -10,6 +10,7 @@ import org.json.simple.JSONObject;
|
|||
import org.json.simple.parser.JSONParser;
|
||||
import org.openvidu.client.OpenVidu;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
|
|
@ -37,12 +38,12 @@ public class SessionController {
|
|||
private Map<Long, String> lessonIdSessionId = new ConcurrentHashMap<>();
|
||||
private Map<String, Map<Long, String>> sessionIdUserIdToken = new ConcurrentHashMap<>();
|
||||
|
||||
private HttpClient myHttpClient;
|
||||
|
||||
private final String OPENVIDU_URL = "https://localhost:8443/";
|
||||
private final String SECRET ="MY_SECRET";
|
||||
|
||||
public SessionController(){
|
||||
private String SECRET;
|
||||
|
||||
public SessionController(@Value("${openvidu.secret}") String secret){
|
||||
this.SECRET = secret;
|
||||
this.openVidu = new OpenVidu(OPENVIDU_URL, SECRET);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
spring.datasource.url=jdbc:mysql://localhost/full_teaching
|
||||
spring.datasource.username=ft-root
|
||||
spring.datasource.password=pass
|
||||
spring.datasource.driverClassName=com.mysql.jdbc.Driver
|
||||
server.port: 5000
|
||||
|
||||
spring.datasource.url: jdbc:mysql://localhost/full_teaching
|
||||
spring.datasource.username: ft-root
|
||||
spring.datasource.password: pass
|
||||
spring.datasource.driverClassName: com.mysql.jdbc.Driver
|
||||
spring.jpa.hibernate.ddl-auto: create-drop
|
||||
|
||||
server.port=5000
|
||||
openvidu.secret: MY_SECRET
|
||||
|
|
|
|||
|
|
@ -32,5 +32,10 @@
|
|||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="src" path=".apt_generated">
|
||||
<attributes>
|
||||
<attribute name="optional" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="output" path="target/classes"/>
|
||||
</classpath>
|
||||
|
|
|
|||
|
|
@ -1 +1,2 @@
|
|||
/target/
|
||||
*.factorypath
|
||||
|
|
|
|||
|
|
@ -2,4 +2,5 @@ eclipse.preferences.version=1
|
|||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
|
||||
org.eclipse.jdt.core.compiler.compliance=1.8
|
||||
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
|
||||
org.eclipse.jdt.core.compiler.processAnnotations=enabled
|
||||
org.eclipse.jdt.core.compiler.source=1.8
|
||||
|
|
|
|||
|
|
@ -24,7 +24,10 @@ import org.kurento.jsonrpc.internal.server.config.JsonRpcConfiguration;
|
|||
import org.kurento.jsonrpc.server.JsonRpcConfigurer;
|
||||
import org.kurento.jsonrpc.server.JsonRpcHandlerRegistry;
|
||||
import org.openvidu.server.core.NotificationRoomManager;
|
||||
import org.openvidu.server.core.RoomManager;
|
||||
import org.openvidu.server.core.api.KurentoClientProvider;
|
||||
import org.openvidu.server.core.api.NotificationRoomHandler;
|
||||
import org.openvidu.server.core.internal.DefaultNotificationRoomHandler;
|
||||
import org.openvidu.server.kms.FixedOneKmsManager;
|
||||
import org.openvidu.server.rpc.JsonRpcNotificationService;
|
||||
import org.openvidu.server.rpc.JsonRpcUserControl;
|
||||
|
|
@ -88,20 +91,32 @@ public class OpenViduServer implements JsonRpcConfigurer {
|
|||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public NotificationRoomManager roomManager() {
|
||||
return new NotificationRoomManager(notificationService(), kmsManager());
|
||||
public NotificationRoomHandler defaultNotificationRoomHandler() {
|
||||
return new DefaultNotificationRoomHandler(notificationService());
|
||||
}
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public RoomManager roomManager() {
|
||||
return new RoomManager();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public NotificationRoomManager notificationRoomManager() {
|
||||
return new NotificationRoomManager();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public JsonRpcUserControl userControl() {
|
||||
return new JsonRpcUserControl(roomManager());
|
||||
return new JsonRpcUserControl();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@ConditionalOnMissingBean
|
||||
public RoomJsonRpcHandler roomHandler() {
|
||||
return new RoomJsonRpcHandler(userControl(), notificationService());
|
||||
return new RoomJsonRpcHandler();
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -43,17 +43,14 @@ public class RoomJsonRpcHandler extends DefaultJsonRpcHandler<JsonObject> {
|
|||
private static final Logger log = LoggerFactory.getLogger(RoomJsonRpcHandler.class);
|
||||
|
||||
private static final String HANDLER_THREAD_NAME = "handler";
|
||||
|
||||
|
||||
@Autowired
|
||||
private JsonRpcUserControl userControl;
|
||||
|
||||
|
||||
@Autowired
|
||||
private JsonRpcNotificationService notificationService;
|
||||
|
||||
@Autowired
|
||||
public RoomJsonRpcHandler(JsonRpcUserControl userControl,
|
||||
JsonRpcNotificationService notificationService) {
|
||||
this.userControl = userControl;
|
||||
this.notificationService = notificationService;
|
||||
}
|
||||
public RoomJsonRpcHandler() {}
|
||||
|
||||
@Override
|
||||
public List<String> allowedOrigins() {
|
||||
|
|
|
|||
|
|
@ -18,8 +18,6 @@ package org.openvidu.server.core;
|
|||
|
||||
import javax.annotation.PreDestroy;
|
||||
|
||||
import java.math.BigInteger;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.Set;
|
||||
|
||||
import org.kurento.client.MediaElement;
|
||||
|
|
@ -31,7 +29,6 @@ import org.openvidu.server.core.api.KurentoClientProvider;
|
|||
import org.openvidu.server.core.api.KurentoClientSessionInfo;
|
||||
import org.openvidu.server.core.api.MutedMediaType;
|
||||
import org.openvidu.server.core.api.NotificationRoomHandler;
|
||||
import org.openvidu.server.core.api.UserNotificationService;
|
||||
import org.openvidu.server.core.api.pojo.ParticipantRequest;
|
||||
import org.openvidu.server.core.api.pojo.UserParticipant;
|
||||
import org.openvidu.server.core.internal.DefaultKurentoClientSessionInfo;
|
||||
|
|
@ -39,6 +36,7 @@ import org.openvidu.server.core.internal.DefaultNotificationRoomHandler;
|
|||
import org.openvidu.server.security.ParticipantRole;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
||||
/**
|
||||
* The Kurento room manager represents an SDK for any developer that wants to implement the Room
|
||||
|
|
@ -52,36 +50,15 @@ import org.slf4j.LoggerFactory;
|
|||
*/
|
||||
public class NotificationRoomManager {
|
||||
private final Logger log = LoggerFactory.getLogger(NotificationRoomManager.class);
|
||||
|
||||
|
||||
@Autowired
|
||||
private NotificationRoomHandler notificationRoomHandler;
|
||||
|
||||
@Autowired
|
||||
private RoomManager internalManager;
|
||||
|
||||
/**
|
||||
* Provides an instance of the room manager by setting an user notification service that will be
|
||||
* used by the default event handler to send responses and notifications back to the clients.
|
||||
*
|
||||
* @param notificationService encapsulates the communication layer, used to instantiate
|
||||
* {@link DefaultNotificationRoomHandler}
|
||||
* @param kcProvider enables the manager to obtain Kurento Client instances
|
||||
*/
|
||||
public NotificationRoomManager(UserNotificationService notificationService,
|
||||
KurentoClientProvider kcProvider) {
|
||||
public NotificationRoomManager() {
|
||||
super();
|
||||
this.notificationRoomHandler = new DefaultNotificationRoomHandler(notificationService);
|
||||
this.internalManager = new RoomManager(notificationRoomHandler, kcProvider);
|
||||
}
|
||||
|
||||
/**
|
||||
* Provides an instance of the room manager by setting an event handler.
|
||||
*
|
||||
* @param notificationRoomHandler the room event handler implementation
|
||||
* @param kcProvider enables the manager to obtain Kurento Client instances
|
||||
*/
|
||||
public NotificationRoomManager(NotificationRoomHandler notificationRoomHandler,
|
||||
KurentoClientProvider kcProvider) {
|
||||
super();
|
||||
this.notificationRoomHandler = notificationRoomHandler;
|
||||
this.internalManager = new RoomManager(notificationRoomHandler, kcProvider);
|
||||
}
|
||||
|
||||
// ----------------- CLIENT-ORIGINATED REQUESTS ------------
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ import java.util.HashSet;
|
|||
import java.util.Set;
|
||||
import java.util.concurrent.ConcurrentHashMap;
|
||||
import java.util.concurrent.ConcurrentMap;
|
||||
import java.util.concurrent.ConcurrentSkipListSet;
|
||||
|
||||
import org.kurento.client.IceCandidate;
|
||||
import org.kurento.client.KurentoClient;
|
||||
|
|
@ -48,6 +47,8 @@ import org.openvidu.server.core.internal.Room;
|
|||
import org.openvidu.server.security.ParticipantRole;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
|
||||
/**
|
||||
* The Kurento room manager represents an SDK for any developer that wants to implement the Room
|
||||
|
|
@ -61,28 +62,24 @@ import org.slf4j.LoggerFactory;
|
|||
*/
|
||||
public class RoomManager {
|
||||
private final Logger log = LoggerFactory.getLogger(RoomManager.class);
|
||||
|
||||
|
||||
@Autowired
|
||||
private RoomHandler roomHandler;
|
||||
|
||||
@Autowired
|
||||
private KurentoClientProvider kcProvider;
|
||||
|
||||
private final ConcurrentMap<String, Room> rooms = new ConcurrentHashMap<String, Room>();
|
||||
|
||||
private final ConcurrentMap<String, ConcurrentHashMap<String, ParticipantRole>> sessionIdTokenRole = new ConcurrentHashMap<>();
|
||||
|
||||
|
||||
@Value("${openvidu.security}")
|
||||
private boolean SECURITY_ENABLED;
|
||||
|
||||
private volatile boolean closed = false;
|
||||
|
||||
/**
|
||||
* Provides an instance of the room manager by setting a room handler and the
|
||||
* {@link KurentoClient} provider.
|
||||
*
|
||||
* @param roomHandler the room handler implementation
|
||||
* @param kcProvider enables the manager to obtain Kurento Client instances
|
||||
*/
|
||||
public RoomManager(RoomHandler roomHandler, KurentoClientProvider kcProvider) {
|
||||
public RoomManager() {
|
||||
super();
|
||||
this.roomHandler = roomHandler;
|
||||
this.kcProvider = kcProvider;
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -942,11 +939,11 @@ public class RoomManager {
|
|||
}
|
||||
|
||||
public boolean isParticipantInRoom(String participantName, String roomName) {
|
||||
return this.sessionIdTokenRole.get(roomName).containsKey(participantName);
|
||||
return (this.sessionIdTokenRole.get(roomName).containsKey(participantName) || !SECURITY_ENABLED );
|
||||
}
|
||||
|
||||
public boolean isPublisherInRoom(String participantName, String roomName) {
|
||||
return this.sessionIdTokenRole.get(roomName).get(participantName).equals(ParticipantRole.PUBLISHER);
|
||||
return (this.sessionIdTokenRole.get(roomName).get(participantName).equals(ParticipantRole.PUBLISHER) || !SECURITY_ENABLED );
|
||||
}
|
||||
|
||||
public String newSessionId(){
|
||||
|
|
|
|||
|
|
@ -42,13 +42,11 @@ import com.google.gson.JsonObject;
|
|||
public class JsonRpcUserControl {
|
||||
|
||||
private static final Logger log = LoggerFactory.getLogger(JsonRpcUserControl.class);
|
||||
|
||||
|
||||
@Autowired
|
||||
protected NotificationRoomManager roomManager;
|
||||
|
||||
@Autowired
|
||||
public JsonRpcUserControl(NotificationRoomManager roomManager) {
|
||||
this.roomManager = roomManager;
|
||||
}
|
||||
public JsonRpcUserControl() {}
|
||||
|
||||
public void joinRoom(Transaction transaction, Request<JsonObject> request,
|
||||
ParticipantRequest participantRequest) throws IOException, InterruptedException,
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package org.openvidu.server.security;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
|
|
@ -13,7 +14,8 @@ import org.springframework.security.config.http.SessionCreationPolicy;
|
|||
@EnableGlobalAuthentication
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
private final String SECRET ="MY_SECRET";
|
||||
@Value("${openvidu.secret}")
|
||||
private String SECRET;
|
||||
|
||||
@Autowired
|
||||
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
|
||||
|
|
|
|||
|
|
@ -4,3 +4,6 @@ server.ssl.key-store: classpath:keystore.jks
|
|||
server.ssl.key-store-password: kurento
|
||||
server.ssl.keyStoreType: JKS
|
||||
server.ssl.keyAlias: kurento-selfsigned
|
||||
|
||||
openvidu.secret: MY_SECRET
|
||||
openvidu.security: true
|
||||
|
|
@ -96,7 +96,7 @@ public class RoomProtocolTest {
|
|||
public void init() {
|
||||
notificationService = new JsonRpcNotificationService();
|
||||
roomEventHandler = new DefaultNotificationRoomHandler(notificationService);
|
||||
roomJsonRpcHandler = new RoomJsonRpcHandler(userControl, notificationService);
|
||||
roomJsonRpcHandler = new RoomJsonRpcHandler();
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
|
|||
|
|
@ -144,7 +144,7 @@ public class NotificationRoomManagerWithDefaultHandlerTest {
|
|||
|
||||
@Before
|
||||
public void setup() {
|
||||
manager = new NotificationRoomManager(notificationService, kcProvider);
|
||||
manager = new NotificationRoomManager();
|
||||
|
||||
doAnswer(new Answer<KurentoClient>() {
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -207,7 +207,7 @@ public class RoomManagerTest {
|
|||
|
||||
@Before
|
||||
public void setup() {
|
||||
manager = new RoomManager(roomHandler, kcProvider);
|
||||
manager = new RoomManager();
|
||||
|
||||
when(kcProvider.getKurentoClient(any(KurentoClientSessionInfo.class)))
|
||||
.thenReturn(kurentoClient);
|
||||
|
|
|
|||
Loading…
Reference in New Issue