EasyDarwin实现RTSP播放动态认证的两种方式:Basic/Digest & Token

时间:2021-06-29 16:20:29

问题描述

目前为了能够方便开发者,我们将EasyDarwin中的RTSP认证过程直接忽略过了,如果要开启认证的方式,我们可以在代码中打开:

        case kRoutingRequest:
            {
                // Invoke router modules
                numModules = QTSServerInterface::GetNumModulesInRole(QTSSModule::kRTSPRouteRole);
                {
                    // Manipulation of the RTPSession from the point of view of
                    // a module is guaranteed to be atomic by the API.
                    Assert(fRTPSession != NULL);
                    OSMutexLocker   locker(fRTPSession->GetSessionMutex());

                    for (; (fCurrentModule < numModules) && ((!fRequest->HasResponseBeenSent()) || fModuleState.eventRequested); fCurrentModule++)
                    {
                        fModuleState.eventRequested = false;
                        fModuleState.idleTime = 0;
                        if (fModuleState.globalLockRequested)
                        {
                            fModuleState.globalLockRequested = false;
                            fModuleState.isGlobalLocked = true;
                        }
                        theModule = QTSServerInterface::GetModule(QTSSModule::kRTSPRouteRole, fCurrentModule);
                        (void)theModule->CallDispatch(QTSS_RTSPRoute_Role, &fRoleParams);
                        fModuleState.isGlobalLocked = false;

                        if (fModuleState.globalLockRequested) // call this request back locked
                            return this->CallLocked();

                        // If this module has requested an event, return and wait for the event to transpire
                        if (fModuleState.eventRequested)
                        {
                            this->ForceSameThread();    // We are holding mutexes, so we need to force
                                                        // the same thread to be used for next Run()
                            return fModuleState.idleTime; // If the module has requested idle time...
                        }
                    }
                }
                fCurrentModule = 0;

                // SetupAuthLocalPath must happen after kRoutingRequest and before kAuthenticatingRequest
                // placed here so that if the state is shifted to kPostProcessingRequest from a response being sent
                // then the AuthLocalPath will still be set.
                fRequest->SetupAuthLocalPath();

                if (fRequest->HasResponseBeenSent())
                {
                    fState = kPostProcessingRequest;
                    break;
                }

                //!!! 这里打开对RTSPSession进行授权认证的过程 !!!
                if (fRequest->SkipAuthorization())
                {
                    // Skip the authentication and authorization states

                    // The foll. normally gets executed at the end of the authorization state 
                    // Prepare for kPreprocessingRequest state.
                    fState = kPreprocessingRequest;

                    if (fRequest->GetMethod() == qtssSetupMethod)
                        // Make sure to erase the session ID stored in the request at this point.
                        // If we fail to do so, this same session would be used if another
                        // SETUP was issued on this same TCP connection.
                        fLastRTPSessionIDPtr.Len = 0;
                    else if (fLastRTPSessionIDPtr.Len == 0)
                        fLastRTPSessionIDPtr.Len = ::strlen(fLastRTPSessionIDPtr.Ptr);

                    break;
                }
                else
                    fState = kAuthenticatingRequest;
            }

这里将kAuthenticatingRequest流程打开就能够进行RTSP认证的验证过程了,那么还有一种Token验证的方式,这种方法就类似于RTMP里面的认证方式,在流名称后面增加认证的Token串作为请求URL的QueryString发送给服务器进行动态认证,那么这种方式,我们可以在RTSPSession::SetupRequest中进行Token的相关过滤:

void RTSPSession::SetupRequest()
{
    // First parse the request
    QTSS_Error theErr = fRequest->Parse();
    if (theErr != QTSS_NoErr)
        return;

    // 对RTSPRequest进行Token解析
    StrPtrLen *token = fRequest->GetValue(qtssRTSPReqQueryString);
    //TODO::对Token进行自定义验证,失败返回401等相应错误码
    //

    // let's also refresh RTP session timeout so that it's kept alive in sync with the RTSP session.
     //
     // Attempt to find the RTP session for this request.
    OSRefTable* theMap = QTSServerInterface::GetServer()->GetRTPSessionMap();
    theErr = this->FindRTPSession(theMap);

EasyDarwin RTSP认证方式

基于配置文件中用户名/密码认证的方法可参考:EasyDarwin开源流媒体服务器支持basic基本认证和digest摘要认证解析

RTSP动态认证的方式可以参考博客《EasyDarwin开源流媒体服务器支持basic基本认证和digest摘要自定义认证

EasyDarwin Token认证方式

我们可以自定义一个EasyDarwin的Module,再在上述中的RTSPSession::SetupRequest中,将token以参数的形式传递给Module进行认证处理,其处理流程可以模仿《EasyDarwin开源流媒体服务器支持basic基本认证和digest摘要自定义认证》中的流程进行;

Github

EasyDarwin开源流媒体服务器:https://github.com/EasyDarwin/EasyDarwin

获取更多信息

邮件:support@easydarwin.org

WEB:www.EasyDarwin.org

Copyright © EasyDarwin.org 2012-2016

EasyDarwin实现RTSP播放动态认证的两种方式:Basic/Digest & Token