Closed vincentfretin closed 3 years ago
That sounds like a totally reasonable thing to have.
I think I would prefer to implement it slightly differently. I would consider join_hub
and kick_users
"what you can do" fields, and room_ids
the "where you can do it" field, where the lack of room_ids
implies "everywhere". So the token you want would have both join_hub
and room_ids
specified. That seems like a simpler way to think about it.
That can work too. This is why I asked for opinion, thanks. ;-) I'll probably work on this next month.
Oops, I did it!
:D Thank you. I'll create more issues like this if you can't help yourself of implementing it. ;-)
I'm having fun working on this a little bit so go for it.
Related to the JWT (see https://github.com/mozilla/janus-plugin-sfu/issues/77). Currently the JWT content can contains
{ join_hub: true, kick_users: true }
because the security model of Hubs was giving access to all rooms in the Hubs Cloud instance. For my use case, I may need more security, only giving access to one or more rooms so I think it would make sense to add an additional optional room_ids parameter like this{ kick_users: true, room_ids: ["123", "456"] }
(make it plural to support main room with breakout rooms right away) room_ids and join_hub should be mutually exclusive, only one of this parameter should be in the JWT. Thoughts?