Requests authentication (headers) More...

#include <glib.h>
#include "plugins/plugin.h"

Include dependency graph for auth.h:

This graph shows which files directly or indirectly include this file:

Functions
void	janus_auth_init (gboolean enabled, const char *secret)
	Method to initializing the token based authentication.

gboolean	janus_auth_is_enabled (void)
	Method to check whether the mechanism is enabled or not.

gboolean	janus_auth_is_stored_mode (void)
	Method to check whether the mechanism is in stored-token mode or not.

gboolean	janus_auth_is_signed_mode (void)
	Method to check whether the mechanism is in signed-token mode or not.

void	janus_auth_deinit (void)
	Method to de-initialize the mechanism.

gboolean	janus_auth_check_signature (const char token, const char realm)
	Method to check whether a signed token is valid.

gboolean	janus_auth_check_signature_contains (const char token, const char realm, const char *desc)
	Method to verify a signed token contains a descriptor.

gboolean	janus_auth_add_token (const char *token)
	Method to add a new valid token for authenticating.

gboolean	janus_auth_check_token (const char *token)
	Method to check whether a provided token is valid or not.

GList *	janus_auth_list_tokens (void)
	Method to return a list of the tokens.

gboolean	janus_auth_remove_token (const char *token)
	Method to invalidate an existing token.

gboolean	janus_auth_allow_plugin (const char token, janus_plugin plugin)
	Method to allow a token to use a plugin.

gboolean	janus_auth_check_plugin (const char token, janus_plugin plugin)
	Method to check whether a provided token can access a specified plugin.

GList *	janus_auth_list_plugins (const char *token)
	Method to return a list of the plugins a specific token has access to.

gboolean	janus_auth_disallow_plugin (const char token, janus_plugin plugin)
	Method to disallow a token to use a plugin.

Detailed Description

Requests authentication (headers)

Author: Lorenzo Miniero loren.nosp@m.zo@m.nosp@m.eetec.nosp@m.ho.c.nosp@m.om

Copyright: GNU General Public License v3

Implementation of a simple mechanism for authenticating requests. If enabled (it's disabled by default), the Janus admin API can be used to specify valid tokens; each request must then contain a valid token string, or otherwise the request is rejected with an error. Whether tokens should be shared across users or not is completely up to the controlling application: these tokens are completely opaque to Janus, and treated as strings, which means Janus will only check if the token exists or not when asked.

Core

Function Documentation

◆ janus_auth_add_token()

gboolean janus_auth_add_token ( const char * token )

Method to add a new valid token for authenticating.

Parameters

[in] token The new valid token

Returns: TRUE if the operation was successful, FALSE otherwise

◆ janus_auth_allow_plugin()

gboolean janus_auth_allow_plugin	(	const char *	token,
		janus_plugin *	plugin )

Method to allow a token to use a plugin.

Parameters

[in]	token	The token that can now access this plugin
[in]	plugin	Opaque pointer to the janus_plugin instance this token can access

Returns: TRUE if the operation was successful, FALSE otherwise

◆ janus_auth_check_plugin()

gboolean janus_auth_check_plugin	(	const char *	token,
		janus_plugin *	plugin )

Method to check whether a provided token can access a specified plugin.

Note: verifies both token signatures and against stored tokens

Parameters

[in]	token	The token to check
[in]	plugin	The plugin to check as an opaque pointer to a janus_plugin instance

Returns: TRUE if the token is allowed to access the plugin, FALSE otherwise

◆ janus_auth_check_signature()

gboolean janus_auth_check_signature	(	const char *	token,
		const char *	realm )

Method to check whether a signed token is valid.

Parameters

[in]	token	The token to validate
[in]	realm	The token realm

Returns: TRUE if the signature is valid and not expired, FALSE otherwise

◆ janus_auth_check_signature_contains()

gboolean janus_auth_check_signature_contains	(	const char *	token,
		const char *	realm,
		const char *	desc )

Method to verify a signed token contains a descriptor.

Parameters

[in]	token	The token to validate
[in]	realm	The token realm
[in]	desc	The descriptor to search for

Returns: When the token based authentication is enabled: TRUE if the token is valid, not expired and contains the descriptor, FALSE otherwise. When the token based authentication is disabled: always TRUE.

◆ janus_auth_check_token()

gboolean janus_auth_check_token ( const char * token )

Method to check whether a provided token is valid or not.

Note: verifies both token signatures and against stored tokens

Parameters

[in] token The token to validate

Returns: TRUE if the token is valid, FALSE otherwise

◆ janus_auth_deinit()

void janus_auth_deinit ( void )

Method to de-initialize the mechanism.

◆ janus_auth_disallow_plugin()

gboolean janus_auth_disallow_plugin	(	const char *	token,
		janus_plugin *	plugin )

Method to disallow a token to use a plugin.

Parameters

[in]	token	The token this operation refers to
[in]	plugin	Opaque pointer to the janus_plugin instance this token can not access anymore

Returns: TRUE if the operation was successful, FALSE otherwise

◆ janus_auth_init()

void janus_auth_init	(	gboolean	enabled,
		const char *	secret )

Method to initializing the token based authentication.

Parameters

[in]	enabled	Whether the authentication mechanism should be enabled or not
[in]	secret	the secret to validate signed tokens against, or NULL to use stored tokens

◆ janus_auth_is_enabled()

gboolean janus_auth_is_enabled ( void )

Method to check whether the mechanism is enabled or not.

◆ janus_auth_is_signed_mode()

gboolean janus_auth_is_signed_mode ( void )

Method to check whether the mechanism is in signed-token mode or not.

◆ janus_auth_is_stored_mode()

gboolean janus_auth_is_stored_mode ( void )

Method to check whether the mechanism is in stored-token mode or not.

◆ janus_auth_list_plugins()

GList * janus_auth_list_plugins ( const char * token )

Method to return a list of the plugins a specific token has access to.

Note: It's the caller responsibility to free the list (but NOT the values)

Parameters

[in] token The token to get the list for

Returns: A pointer to a GList instance containing the liist

◆ janus_auth_list_tokens()

GList * janus_auth_list_tokens ( void )

Method to return a list of the tokens.

Note: It's the caller responsibility to free the list and its values

Returns: A pointer to a GList instance containing the tokens

◆ janus_auth_remove_token()

gboolean janus_auth_remove_token ( const char * token )

Method to invalidate an existing token.

Parameters

[in] token The valid to invalidate

Returns: TRUE if the operation was successful, FALSE otherwise

Functions

Detailed Description

Function Documentation

◆ janus_auth_add_token()

◆ janus_auth_allow_plugin()

◆ janus_auth_check_plugin()

◆ janus_auth_check_signature()

◆ janus_auth_check_signature_contains()

◆ janus_auth_check_token()

◆ janus_auth_deinit()

◆ janus_auth_disallow_plugin()

◆ janus_auth_init()

◆ janus_auth_is_enabled()

◆ janus_auth_is_signed_mode()

◆ janus_auth_is_stored_mode()

◆ janus_auth_list_plugins()

◆ janus_auth_list_tokens()

◆ janus_auth_remove_token()