Support RFC 7635 (TURN OAuth)
Categories
(Core :: WebRTC: Networking, enhancement, P3)
Tracking
()
backlog | webrtc/webaudio+ |
People
(Reporter: mreavy, Unassigned)
References
(Blocks 2 open bugs)
Details
(Whiteboard: dev-doc-needed)
This is similar to the Chromium issue https://bugs.chromium.org/p/webrtc/issues/detail?id=4907 Initial analysis for prioritization: The key purpose of this is to allow short-lived access to TURN resources without having a tight binding between the web server and the TURN server. The fact that it’s using a different STUN attribute (than password) to communicate the access token is really protocol hygiene. It doesn’t make anything possible that wouldn’t otherwise be possible. So early implementations can use the technique described in here, but with normal TURN passwords holding the tokens. For this reason, we are putting this on our longer term roadmap, not our short-term roadmap. If anyone feels this should be done on the short-term roadmap, please make the argument in this bug.
Reporter | ||
Updated•8 years ago
|
Comment 1•8 years ago
|
||
Until support for TURN OAuth is generally available in WebRTC browsers, implementors may wish to look at the technique described in https://tools.ietf.org/html/draft-uberti-behave-turn-rest-00 -- it requires no browser support, and only moderate coordination between the application (web) server and the TURN server.
Updated•8 years ago
|
Reporter | ||
Updated•8 years ago
|
Comment 2•7 years ago
|
||
Mass change P2->P3 to align with new Mozilla triage process.
I want to implement this feature..
To make it happen am I correct that I need
- Add two new STUN attribute(THIRD-PARTY-AUTHORIZATION, ACCESS-TOKEN) for the token and some logic to handle properly OAuth negotiation with turn server in nICEr.
- Extend nicerctx mtransport wrapper the NrIceTurnServer class and some logic in ToNicerTurnStruct function and in SetTurnServers function.
- Some changes in peerconnection.jsm in validation
Am I missed any other place where I should make changes?
Thanks
Comment 4•5 years ago
|
||
Byron, do you think you can give directions to Misi developing that feature?
Comment 5•5 years ago
|
||
That seems like the right approach to me, although you will also need to update testing/web-platform/meta/webrtc/RTCConfiguration-iceServers.html.ini to stop expecting failures on some of the test-cases.
Updated•5 years ago
|
I have a working Prof of Concept code, that Authenticated successfully against coTURN server and relayed media traffic.
There is a bug on coTURN side that I need to fix.
I will clean the code and submit for a review hopefully in this month..
Many thanks for the help and guidance to Alex & Byron
Comment 7•2 years ago
|
||
The bug assignee didn't login in Bugzilla in the last 7 months.
:bwc, could you have a look please?
For more information, please visit auto_nag documentation.
Updated•2 years ago
|
Updated•2 years ago
|
Updated•1 year ago
|
Description
•