Software /
code /
prosody
File
plugins/mod_turn_external.lua @ 12913:012fa81d1f5d
mod_tokenauth: Add 'purpose' constraint
This allows tokens to be tied to specific purposes/protocols. For example, we
shouldn't (without specific consideration) allow an OAuth token to be dropped
into a slot expecting a FAST token.
While FAST doesn't currently use mod_tokenauth, it and others may do in the
future. It's better to be explicit about what kind of token code is issuing or
expecting.
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Wed, 01 Mar 2023 13:01:21 +0000 |
parent | 12437:9f5d0b77e3df |
child | 12977:74b9e05af71e |
line wrap: on
line source
local set = require "util.set"; local secret = module:get_option_string("turn_external_secret"); local host = module:get_option_string("turn_external_host", module.host); local user = module:get_option_string("turn_external_user"); local port = module:get_option_number("turn_external_port", 3478); local ttl = module:get_option_number("turn_external_ttl", 86400); local tcp = module:get_option_boolean("turn_external_tcp", false); local tls_port = module:get_option_number("turn_external_tls_port"); if not secret then module:log_status("error", "Failed to initialize: the 'turn_external_secret' option is not set in your configuration"); return; end local services = set.new({ "stun-udp"; "turn-udp" }); if tcp then services:add("stun-tcp"); services:add("turn-tcp"); end if tls_port then services:add("turns-tcp"); end module:depends "external_services"; for _, type in ipairs({ "stun"; "turn"; "turns" }) do for _, transport in ipairs({"udp"; "tcp"}) do if services:contains(type .. "-" .. transport) then module:add_item("external_service", { type = type; transport = transport; host = host; port = type == "turns" and tls_port or port; username = type == "turn" and user or nil; secret = type == "turn" and secret or nil; ttl = type == "turn" and ttl or nil; }) end end end