Open neilyoung opened 2 years ago
Hello @neilyoung! :wave: we're sorry you found a bug... so first of all, thank you very much for reporting it.
To know about progress, check in Triage. All issues are considered Backlog Candidates until work priorities align and the issue is selected for development. It will then become part of our official Backlog.
The regexp does not cover the authentication case.
Too bad. I patched out the erroneous test in kms_is_valid_uri
. URI with credentials is accepted now, but authentication does not work. Even though my server rejects a request w/o credentials with 401, the request is neither repeated nor it contains the authentication header in the first call.
Strange. Close to version 7 and nobody noticed that?
Finally: curlhttpsink does obviously not support URL auth ala "http://username:password@..." in "location". There are two properties "user" and "passwd" which would have to be set. I can't see, how RecorderEndpoint would support that.
Hi @neilyoung , are you building Kurento 7 from sources? This looked like an easy enough addition and today I had a couple hours to look into it, so I made this patch that adds support for it:
it should be able to apply cleanly to Kurento 7 sources; something like:
cd ~/work/kurento/
git apply ~/downloads/recorder-auth.patch.txt
What it does is use the GstUri class of GStreamer, to extract the username:password
parts and apply them separately to the user
and passwd
properties of curlhttpsink
.
Right now, these fields are just extracted, but still kept as part of the URL. So I hope the curlhttpsink
is just ignoring that part, and doesn't cause an access error. Otherwise, maybe it would be also needed to actually remove those fields from the URL, after setting them as properties to the curlhttpsink object.
Also note an important limitation of GstUri as of GStreamer 1.16 (but fixed in newer versions which we don't support yet): it doesn't support user and pass with special characters. With current implementation, these are split at the first :
found, so long story short, the username cannot contain a :
.
Thanks for dealing with this. Meanwhile I'm using another approach. Are you still interested to know, how I build KMS 7? I'm having Ansible scripts for this, but I'm sure I can derive a 5 liner, which runs from command line
Prerequisites
These are MANDATORY, otherwise the issue will be automatically closed.
Issue description
Trying to make
curlhttpsink
run with an authenticated URL following the suggestion here: https://doc-kurento.readthedocs.io/en/latest/_static/client-javadoc/org/kurento/client/RecorderEndpoint.htmlI'm attempting to use this URL:
http://username:password@127.0.0.1:8080/api/record/abcde/1
It is rejected by the regex in
kms_is_valid_uri
(which is really wild).
This ends up in an error trace in KMS
Context
Authentication not working. Unauthenticated URL works
How to reproduce?
Just do it :)
Expected & current behavior
Should pass, since it complies to the pattern
(Optional) Possible solution
Info about your environment
About Kurento Media Server