Turn credentials generation (#102)

* abstract peer channel * remove wip code * refactor NewServer with Peer updates channel * feature: add TURN credentials manager * hmac logic * example test function * test: add TimeBasedAuthSecretsManager_GenerateCredentials test * test: make tests for now with hardcoded secret * test: add TimeBasedAuthSecretsManager_SetupRefresh test * test: add TimeBasedAuthSecretsManager_SetupRefresh test * test: add TimeBasedAuthSecretsManager_CancelRefresh test * feature: extract TURNConfig to the management config * feature: return hash based TURN credentials only on initial sync * feature: make TURN time based secret credentials optional Co-authored-by: mlsmaycon <mlsmaycon@gmail.com>
2026-04-22 02:06:39 +00:00 · 2021-09-02 14:41:54 +02:00
parent 86f3b1e5c8
commit b17424d630
11 changed files with 399 additions and 57 deletions
--- a/management/server/config.go
+++ b/management/server/config.go
@@ -1,5 +1,9 @@
 package server

+import (
+	"github.com/wiretrustee/wiretrustee/util"
+)
+
 type Protocol string

 const (
@@ -12,15 +16,23 @@ const (

 // Config of the Management service
 type Config struct {
-	Stuns  []*Host
-	Turns  []*Host
-	Signal *Host
+	Stuns      []*Host
+	TURNConfig *TURNConfig
+	Signal     *Host

 	Datadir string

 	HttpConfig *HttpServerConfig
 }

+// TURNConfig is a config of the TURNCredentialsManager
+type TURNConfig struct {
+	TimeBasedCredentials bool
+	CredentialsTTL       util.Duration
+	Secret               []byte
+	Turns                []*Host
+}
+
 // HttpServerConfig is a config of the HTTP Management service server
 type HttpServerConfig struct {
 	LetsEncryptDomain string