diff --git a/back/src/Services/SocketManager.ts b/back/src/Services/SocketManager.ts index 194080ec..3d6906ea 100644 --- a/back/src/Services/SocketManager.ts +++ b/back/src/Services/SocketManager.ts @@ -283,6 +283,12 @@ export class SocketManager { const webrtcSignalToClient = new WebRtcSignalToClientMessage(); webrtcSignalToClient.setUserid(user.id); webrtcSignalToClient.setSignal(data.getSignal()); + // TODO: only compute credentials if data.signal.type === "offer" + if (TURN_STATIC_AUTH_SECRET !== '') { + const {username, password} = this.getTURNCredentials(''+user.id, TURN_STATIC_AUTH_SECRET); + webrtcSignalToClient.setWebrtcusername(username); + webrtcSignalToClient.setWebrtcpassword(password); + } const serverToClientMessage = new ServerToClientMessage(); serverToClientMessage.setWebrtcsignaltoclientmessage(webrtcSignalToClient); @@ -303,6 +309,12 @@ export class SocketManager { const webrtcSignalToClient = new WebRtcSignalToClientMessage(); webrtcSignalToClient.setUserid(user.id); webrtcSignalToClient.setSignal(data.getSignal()); + // TODO: only compute credentials if data.signal.type === "offer" + if (TURN_STATIC_AUTH_SECRET !== '') { + const {username, password} = this.getTURNCredentials(''+user.id, TURN_STATIC_AUTH_SECRET); + webrtcSignalToClient.setWebrtcusername(username); + webrtcSignalToClient.setWebrtcpassword(password); + } const serverToClientMessage = new ServerToClientMessage(); serverToClientMessage.setWebrtcscreensharingsignaltoclientmessage(webrtcSignalToClient); diff --git a/docker-compose.yaml b/docker-compose.yaml index 9e9e0842..98071437 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -31,11 +31,12 @@ services: ADMIN_URL: workadventure.localhost STARTUP_COMMAND_1: ./templater.sh STARTUP_COMMAND_2: yarn install - TURN_SERVER: "turn:coturn.workadventu.re:443,turns:coturn.workadventu.re:443" + STUN_SERVER: "stun:stun.l.google.com:19302" + TURN_SERVER: "turn:coturn.workadventure.localhost:3478,turns:coturn.workadventure.localhost:5349" # Use TURN_USER/TURN_PASSWORD if your Coturn server is secured via hard coded credentials. # Advice: you should instead use Coturn REST API along the TURN_STATIC_AUTH_SECRET in the Back container - TURN_USER: - TURN_PASSWORD: + TURN_USER: "" + TURN_PASSWORD: "" START_ROOM_URL: "$START_ROOM_URL" command: yarn run start volumes: @@ -110,7 +111,7 @@ services: ADMIN_API_TOKEN: "$ADMIN_API_TOKEN" JITSI_URL: $JITSI_URL JITSI_ISS: $JITSI_ISS - TURN_STATIC_AUTH_SECRET: + TURN_STATIC_AUTH_SECRET: SomeStaticAuthSecret volumes: - ./back:/usr/src/app labels: @@ -152,3 +153,28 @@ services: - ./back:/usr/src/back - ./front:/usr/src/front - ./pusher:/usr/src/pusher + +# coturn: +# image: coturn/coturn:4.5.2 +# command: +# - turnserver +# #- -c=/etc/coturn/turnserver.conf +# - --log-file=stdout +# - --external-ip=$$(detect-external-ip) +# - --listening-port=3478 +# - --min-port=10000 +# - --max-port=10010 +# - --tls-listening-port=5349 +# - --listening-ip=0.0.0.0 +# - --realm=coturn.workadventure.localhost +# - --server-name=coturn.workadventure.localhost +# - --lt-cred-mech +# # Enable Coturn "REST API" to validate temporary passwords. +# #- --use-auth-secret +# #- --static-auth-secret=SomeStaticAuthSecret +# #- --userdb=/var/lib/turn/turndb +# - --user=workadventure:WorkAdventure123 +# # use real-valid certificate/privatekey files +# #- --cert=/root/letsencrypt/fullchain.pem +# #- --pkey=/root/letsencrypt/privkey.pem +# network_mode: host diff --git a/front/src/Connexion/ConnexionModels.ts b/front/src/Connexion/ConnexionModels.ts index 2e6451f3..a0ae3119 100644 --- a/front/src/Connexion/ConnexionModels.ts +++ b/front/src/Connexion/ConnexionModels.ts @@ -96,7 +96,9 @@ export interface WebRtcSignalSentMessageInterface { export interface WebRtcSignalReceivedMessageInterface { userId: number, - signal: SignalData + signal: SignalData, + webRtcUser: string | undefined, + webRtcPassword: string | undefined } export interface StartMapInterface { diff --git a/front/src/Connexion/RoomConnection.ts b/front/src/Connexion/RoomConnection.ts index 65d4b4dc..cebd7606 100644 --- a/front/src/Connexion/RoomConnection.ts +++ b/front/src/Connexion/RoomConnection.ts @@ -428,7 +428,7 @@ export class RoomConnection implements RoomConnection { userId: message.getUserid(), name: message.getName(), initiator: message.getInitiator(), - webRtcUser: message.getWebrtcpassword() ?? undefined, + webRtcUser: message.getWebrtcusername() ?? undefined, webRtcPassword: message.getWebrtcpassword() ?? undefined, }); }); @@ -438,7 +438,9 @@ export class RoomConnection implements RoomConnection { this.onMessage(EventMessage.WEBRTC_SIGNAL, (message: WebRtcSignalToClientMessage) => { callback({ userId: message.getUserid(), - signal: JSON.parse(message.getSignal()) + signal: JSON.parse(message.getSignal()), + webRtcUser: message.getWebrtcusername() ?? undefined, + webRtcPassword: message.getWebrtcpassword() ?? undefined, }); }); } @@ -447,7 +449,9 @@ export class RoomConnection implements RoomConnection { this.onMessage(EventMessage.WEBRTC_SCREEN_SHARING_SIGNAL, (message: WebRtcSignalToClientMessage) => { callback({ userId: message.getUserid(), - signal: JSON.parse(message.getSignal()) + signal: JSON.parse(message.getSignal()), + webRtcUser: message.getWebrtcusername() ?? undefined, + webRtcPassword: message.getWebrtcpassword() ?? undefined, }); }); } diff --git a/front/src/Enum/EnvironmentVariable.ts b/front/src/Enum/EnvironmentVariable.ts index 97d7fa52..844bf564 100644 --- a/front/src/Enum/EnvironmentVariable.ts +++ b/front/src/Enum/EnvironmentVariable.ts @@ -4,9 +4,9 @@ const API_URL = (process.env.API_PROTOCOL || (typeof(window) !== 'undefined' ? w const UPLOADER_URL = (process.env.API_PROTOCOL || (typeof(window) !== 'undefined' ? window.location.protocol : 'http:')) + '//' + (process.env.UPLOADER_URL || 'uploader.workadventure.localhost'); const ADMIN_URL = (process.env.API_PROTOCOL || (typeof(window) !== 'undefined' ? window.location.protocol : 'http:')) + '//' + (process.env.ADMIN_URL || "workadventure.localhost"); const STUN_SERVER: string = process.env.STUN_SERVER || "stun:stun.l.google.com:19302"; -const TURN_SERVER: string = process.env.TURN_SERVER || "turn:numb.viagenie.ca"; -const TURN_USER: string = process.env.TURN_USER || 'g.parant@thecodingmachine.com'; -const TURN_PASSWORD: string = process.env.TURN_PASSWORD || 'itcugcOHxle9Acqi$'; +const TURN_SERVER: string = process.env.TURN_SERVER || ""; +const TURN_USER: string = process.env.TURN_USER || ''; +const TURN_PASSWORD: string = process.env.TURN_PASSWORD || ''; const JITSI_URL : string|undefined = (process.env.JITSI_URL === '') ? undefined : process.env.JITSI_URL; const JITSI_PRIVATE_MODE : boolean = process.env.JITSI_PRIVATE_MODE == "true"; const RESOLUTION = 2; diff --git a/front/src/WebRtc/ScreenSharingPeer.ts b/front/src/WebRtc/ScreenSharingPeer.ts index 1c67e519..62f3079c 100644 --- a/front/src/WebRtc/ScreenSharingPeer.ts +++ b/front/src/WebRtc/ScreenSharingPeer.ts @@ -28,12 +28,12 @@ export class ScreenSharingPeer extends Peer { { urls: STUN_SERVER.split(',') }, - { + TURN_SERVER !== '' ? { urls: TURN_SERVER.split(','), username: user.webRtcUser || TURN_USER, credential: user.webRtcPassword || TURN_PASSWORD - }, - ] + } : undefined, + ].filter((value) => value !== undefined) } }); diff --git a/front/src/WebRtc/SimplePeer.ts b/front/src/WebRtc/SimplePeer.ts index e1486b46..34e4b3f8 100644 --- a/front/src/WebRtc/SimplePeer.ts +++ b/front/src/WebRtc/SimplePeer.ts @@ -103,7 +103,7 @@ export class SimplePeer { // This would be symmetrical to the way we handle disconnection. //start connection - console.log('receiveWebrtcStart. Initiator: ', user.initiator) + //console.log('receiveWebrtcStart. Initiator: ', user.initiator) if(!user.initiator){ return; } diff --git a/front/src/WebRtc/VideoPeer.ts b/front/src/WebRtc/VideoPeer.ts index 350b046f..416a17c9 100644 --- a/front/src/WebRtc/VideoPeer.ts +++ b/front/src/WebRtc/VideoPeer.ts @@ -34,14 +34,15 @@ export class VideoPeer extends Peer { { urls: STUN_SERVER.split(',') }, - { + TURN_SERVER !== '' ? { urls: TURN_SERVER.split(','), username: user.webRtcUser || TURN_USER, credential: user.webRtcPassword || TURN_PASSWORD - }, - ] + } : undefined, + ].filter((value) => value !== undefined) } }); + this.userId = user.userId; this.userName = user.name || ''; diff --git a/messages/protos/messages.proto b/messages/protos/messages.proto index a1e7688e..54b425f9 100644 --- a/messages/protos/messages.proto +++ b/messages/protos/messages.proto @@ -179,6 +179,8 @@ message WebRtcDisconnectMessage { message WebRtcSignalToClientMessage { int32 userId = 1; string signal = 2; + string webrtcUserName = 4; + string webrtcPassword = 5; } message TeleportMessageMessage{