auth: add support for default token

The default token is used when the user is not authenticated and can be used to
give minimal permissions.
This commit is contained in:
Wim Taymans 2013-07-18 12:19:25 +02:00
parent 1a307c707d
commit 25547176be
3 changed files with 74 additions and 0 deletions

View file

@ -124,6 +124,13 @@ main (int argc, char *argv[])
/* make a new authentication manager */
auth = gst_rtsp_auth_new ();
/* make default token, it has the same permissions as admin2 */
token =
gst_rtsp_token_new (GST_RTSP_TOKEN_MEDIA_FACTORY_ROLE, G_TYPE_STRING,
"admin2", NULL);
gst_rtsp_auth_set_default_token (auth, token);
gst_rtsp_token_unref (token);
/* make user token */
token =
gst_rtsp_token_new (GST_RTSP_TOKEN_MEDIA_FACTORY_ROLE, G_TYPE_STRING,

View file

@ -60,6 +60,7 @@ struct _GstRTSPAuthPrivate
/* the TLS certificate */
GTlsCertificate *certificate;
GHashTable *basic; /* protected by lock */
GstRTSPToken *default_token;
GstRTSPMethod methods;
};
@ -230,6 +231,63 @@ gst_rtsp_auth_get_tls_certificate (GstRTSPAuth * auth)
return result;
}
/**
* gst_rtsp_auth_set_default_token:
* @auth: a #GstRTSPAuth
* @token: (allow none): a #GstRTSPToken
*
* Set the default #GstRTSPToken to @token in @auth. The default token will
* be used for unauthenticated users.
*/
void
gst_rtsp_auth_set_default_token (GstRTSPAuth * auth, GstRTSPToken * token)
{
GstRTSPAuthPrivate *priv;
GstRTSPToken *old;
g_return_if_fail (GST_IS_RTSP_AUTH (auth));
priv = auth->priv;
if (token)
gst_rtsp_token_ref (token);
g_mutex_lock (&priv->lock);
old = priv->default_token;
priv->default_token = token;
g_mutex_unlock (&priv->lock);
if (old)
gst_rtsp_token_unref (old);
}
/**
* gst_rtsp_auth_get_default_token:
* @auth: a #GstRTSPAuth
*
* Get the default token for @auth. This token will be used for unauthorized
* users.
*
* Returns: (transfer full): the #GstRTSPToken of @auth. gst_rtsp_token_unref() after
* usage.
*/
GstRTSPToken *
gst_rtsp_auth_get_default_token (GstRTSPAuth * auth)
{
GstRTSPAuthPrivate *priv;
GstRTSPToken *result;
g_return_val_if_fail (GST_IS_RTSP_AUTH (auth), NULL);
priv = auth->priv;
g_mutex_lock (&priv->lock);
if ((result = priv->default_token))
gst_rtsp_token_ref (result);
g_mutex_unlock (&priv->lock);
return result;
}
/**
* gst_rtsp_auth_add_basic:
@ -290,6 +348,12 @@ default_authenticate (GstRTSPAuth * auth, GstRTSPClientState * state)
GST_DEBUG_OBJECT (auth, "authenticate");
g_mutex_lock (&priv->lock);
/* FIXME, need to ref but we have no way to unref when the state is
* popped */
state->token = priv->default_token;
g_mutex_unlock (&priv->lock);
res =
gst_rtsp_message_get_header (state->request, GST_RTSP_HDR_AUTHORIZATION,
&authorization, 0);

View file

@ -79,6 +79,9 @@ GstRTSPAuth * gst_rtsp_auth_new (void);
void gst_rtsp_auth_set_tls_certificate (GstRTSPAuth *auth, GTlsCertificate *cert);
GTlsCertificate * gst_rtsp_auth_get_tls_certificate (GstRTSPAuth *auth);
void gst_rtsp_auth_set_default_token (GstRTSPAuth *auth, GstRTSPToken *token);
GstRTSPToken * gst_rtsp_auth_get_default_token (GstRTSPAuth *auth);
void gst_rtsp_auth_add_basic (GstRTSPAuth *auth, const gchar * basic,
GstRTSPToken *token);
void gst_rtsp_auth_remove_basic (GstRTSPAuth *auth, const gchar * basic);