search

mozilla / janus-plugin-sfu

Janus plugin to act as a kind of SFU for game networking data.
Mozilla Public License 2.0
135 stars 40 forks source link

Check security token in process_subscribe #83

Closed vincentfretin closed 1 year ago

vincentfretin commented 3 years ago

This is one of the point listed in #76 and discussed in https://github.com/mozilla/janus-plugin-sfu/pull/81#issuecomment-822847958

We need to check if the user is allowed to subscribe to a publisher UserId in process_subscribe similar to what we do in process_join by checking publisher.joined.room_id (later room_ids plural, see #55) is in the JWT room_ids. Even if the user have no publisher and have not joined any room, the user could subscribe to a publisher who has joined some room, as long as the user have a JWT with that room in the publisher room_ids.

We need to change the signature Subscribe { what: Subscription } to Subscribe { what: Subscription, token: String }

The publisher UserID we want to subscribe to is in the param what { media: UserID }

vincentfretin commented 2 years ago

I should be able to work on that Q1 2022, hopefully.

vincentfretin commented 1 year ago

This is implemented in this PR in the community fork https://github.com/networked-aframe/janus-plugin-sfu/pull/6