Briq
/
multiparty-meeting
7
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #95 from havfo/feat/spdy 

http2
master
Stefan Otto 2019-05-15 15:41:14 +02:00 committed by GitHub
parent 88386e5697 01967ccffd
commit e9b946ba93
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 282 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/src/RoomClient.js
View File

@ -253,14 +253,14 @@ export default class RoomClient
login() login()
{ {
const url = `/login?roomId=${this._room.roomId}&peerName=${this._peerName}`; const url = `/auth/login?roomId=${this._room.roomId}&peerName=${this._peerName}`;
this._loginWindow = window.open(url, 'loginWindow'); this._loginWindow = window.open(url, 'loginWindow');
} }
logout() logout()
{ {
window.location = '/logout'; window.location = '/auth/logout';
} }
closeLoginWindow() closeLoginWindow()

22
server/config/config.example.js
View File

@ -1,12 +1,26 @@
module.exports = module.exports =
{ {
// oAuth2 conf // oAuth2 conf
oauth2 : auth :
{ {
clientID : '', /*
clientSecret : '', The issuer URL for OpenID Connect discovery
callbackURL : 'https://mYDomainName:port/auth-callback' The OpenID Provider Configuration Document
could be discovered on:
issuerURL + '/.well-known/openid-configuration'
*/
issuerURL : 'https://example.com'
clientOptions :
{
client_id : '',
client_secret : '',
scope : 'openid email profile'
// where client.example.com is your multiparty meeting server
redirect_uri : 'https://client.example.com/auth/callback'
}
}, },
// session cookie secret
cookieSecret : 'T0P-S3cR3t_cook!e',
// Listening hostname for `gulp live|open`. // Listening hostname for `gulp live|open`.
domain : 'localhost', domain : 'localhost',
tls : tls :

7
server/package.json
View File

@ -12,9 +12,12 @@
"compression": "^1.7.3", "compression": "^1.7.3",
"debug": "^4.1.0", "debug": "^4.1.0",
"express": "^4.16.3", "express": "^4.16.3",
"express-session": "^1.16.1",
"mediasoup": "^2.6.11", "mediasoup": "^2.6.11",
"passport-dataporten": "^1.3.0", "openid-client": "^2.5.0",
"socket.io": "^2.1.1" "passport": "^0.4.0",
"socket.io": "^2.1.1",
"spdy": "^4.0.0"
}, },
"devDependencies": { "devDependencies": {
"gulp": "^4.0.0", "gulp": "^4.0.0",

241
server/server.js
View File

@ -6,15 +6,18 @@ process.title = 'multiparty-meeting-server';
const config = require('./config/config'); const config = require('./config/config');
const fs = require('fs'); const fs = require('fs');
const https = require('https');
const http = require('http'); const http = require('http');
const spdy = require('spdy');
const express = require('express'); const express = require('express');
const compression = require('compression'); const compression = require('compression');
const Logger = require('./lib/Logger'); const Logger = require('./lib/Logger');
const Room = require('./lib/Room'); const Room = require('./lib/Room');
const Dataporten = require('passport-dataporten');
const utils = require('./util'); const utils = require('./util');
const base64 = require('base-64'); const base64 = require('base-64');
// auth
const passport = require('passport');
const { Issuer, Strategy } = require('openid-client');
const session = require('express-session')
/* eslint-disable no-console */ /* eslint-disable no-console */
console.log('- process.env.DEBUG:', process.env.DEBUG); console.log('- process.env.DEBUG:', process.env.DEBUG);
@ -37,58 +40,152 @@ const tls =
key : fs.readFileSync(config.tls.key) key : fs.readFileSync(config.tls.key)
}; };
const app = express(); let app = express();
let httpsServer;
let oidcClient;
let oidcStrategy;
app.use(compression()); passport.serializeUser(function(user, done)
const dataporten = new Dataporten.Setup(config.oauth2);
app.all('*', (req, res, next) =>
{ {
if (req.secure) done(null, user);
{
return next();
}
res.redirect(`https://${req.hostname}${req.url}`);
}); });
app.use(dataporten.passport.initialize()); passport.deserializeUser(function(user, done)
app.use(dataporten.passport.session());
app.get('/login', (req, res, next) =>
{ {
dataporten.passport.authenticate('dataporten', { done(null, user);
});
const auth=config.auth;
function setupAuth(oidcIssuer)
{
oidcClient = new oidcIssuer.Client(auth.clientOptions);
const params =
{
...auth.clientOptions
// ... any authorization request parameters go here
// client_id defaults to client.client_id
// redirect_uri defaults to client.redirect_uris[0]
// response type defaults to client.response_types[0], then 'code'
// scope defaults to 'openid'
};
// optional, defaults to false, when true req is passed as a first
// argument to verify fn
const passReqToCallback = false;
// optional, defaults to false, when true the code_challenge_method will be
// resolved from the issuer configuration, instead of true you may provide
// any of the supported values directly, i.e. "S256" (recommended) or "plain"
const usePKCE = false;
const client=oidcClient;
oidcStrategy = new Strategy(
{ client, params, passReqToCallback, usePKCE },
(tokenset, userinfo, done) =>
{
let user = {
id : tokenset.claims.sub,
provider : tokenset.claims.iss,
_userinfo : userinfo,
_claims : tokenset.claims,
};
if ( typeof(userinfo.picture) !== 'undefined' ){
if ( ! userinfo.picture.match(/^http/g) ) {
user.Photos = [ { value: `data:image/jpeg;base64, ${userinfo.picture}` } ];
} else {
user.Photos= [ { value: userinfo.picture } ];
}
}
if ( typeof(userinfo.nickname) !== 'undefined' ){
user.displayName=userinfo.nickname;
}
if ( typeof(userinfo.name) !== 'undefined' ){
user.displayName=userinfo.name;
}
if ( typeof(userinfo.email) !== 'undefined' ){
user.emails=[{value: userinfo.email}];
}
if ( typeof(userinfo.given_name) !== 'undefined' ){
user.name={givenName: userinfo.given_name};
}
if ( typeof(userinfo.family_name) !== 'undefined' ){
user.name={familyName: userinfo.family_name};
}
if ( typeof(userinfo.middle_name) !== 'undefined' ){
user.name={middleName: userinfo.middle_name};
}
return done(null, user);
}
);
passport.use('oidc', oidcStrategy);
app.use(session({
secret: config.cookieSecret,
resave: true,
saveUninitialized: true,
cookie: { secure: true }
}));
app.use(passport.initialize());
app.use(passport.session());
// login
app.get('/auth/login', (req, res, next) =>
{
passport.authenticate('oidc', {
state : base64.encode(JSON.stringify({ state : base64.encode(JSON.stringify({
roomId : req.query.roomId, roomId : req.query.roomId,
peerName : req.query.peerName, peerName : req.query.peerName,
code : utils.random(10) code : utils.random(10)
})) }))
})(req, res, next); })(req, res, next);
}); });
dataporten.setupLogout(app, '/logout'); // logout
app.get('/auth/logout', function(req, res)
app.get('/', (req, res) => {
{ req.logout();
res.sendFile(`${__dirname}/public/chooseRoom.html`); res.redirect('/');
}); }
);
app.get( // callback
'/auth-callback', app.get(
dataporten.passport.authenticate('dataporten', { failureRedirect: '/login' }), '/auth/callback',
passport.authenticate('oidc', { failureRedirect: '/auth/login' }),
(req, res) => (req, res) =>
{ {
const state = JSON.parse(base64.decode(req.query.state)); const state = JSON.parse(base64.decode(req.query.state));
if (rooms.has(state.roomId)) if (rooms.has(state.roomId))
{ {
let displayName,photo
if (typeof(req.user) !== 'undefined'){
if (typeof(req.user.displayName) !== 'undefined') displayName=req.user.displayName;
else displayName="";
if (
typeof(req.user.Photos) !== 'undefined' &&
typeof(req.user.Photos[0]) !== 'undefined' &&
typeof(req.user.Photos[0].value) !== 'undefined'
) photo=req.user.Photos[0].value;
else photo="/static/media/buddy.403cb9f6.svg";
}
const data = const data =
{ {
peerName : state.peerName, peerName : state.peerName,
name : req.user.data.displayName, name : displayName,
picture : req.user.data.photos[0] picture : photo
}; };
const room = rooms.get(state.roomId); const room = rooms.get(state.roomId);
@ -98,32 +195,53 @@ app.get(
res.send(''); res.send('');
} }
); );
}
// Serve all files in the public folder as static files. function setupWebServer() {
app.use(express.static('public')); app.use(compression());
app.use((req, res) => res.sendFile(`${__dirname}/public/index.html`)); app.all('*', (req, res, next) =>
{
if (req.secure)
{
return next();
}
const httpsServer = https.createServer(tls, app); res.redirect(`https://${req.hostname}${req.url}`);
});
httpsServer.listen(config.listeningPort, '0.0.0.0', () => app.get('/', (req, res) =>
{ {
res.sendFile(`${__dirname}/public/chooseRoom.html`);
});
// Serve all files in the public folder as static files.
app.use(express.static('public'));
app.use((req, res) => res.sendFile(`${__dirname}/public/index.html`));
httpsServer = spdy.createServer(tls, app);
httpsServer.listen(config.listeningPort, '0.0.0.0', () =>
{
logger.info('Server running on port: ', config.listeningPort); logger.info('Server running on port: ', config.listeningPort);
}); });
const httpServer = http.createServer(app); const httpServer = http.createServer(app);
httpServer.listen(config.listeningRedirectPort, '0.0.0.0', () => httpServer.listen(config.listeningRedirectPort, '0.0.0.0', () =>
{ {
logger.info('Server redirecting port: ', config.listeningRedirectPort); logger.info('Server redirecting port: ', config.listeningRedirectPort);
}); });
};
const io = require('socket.io')(httpsServer); function setupSocketIO(){
const io = require('socket.io')(httpsServer);
// Handle connections from clients. // Handle connections from clients.
io.on('connection', (socket) => io.on('connection', (socket) =>
{ {
const { roomId, peerName } = socket.handshake.query; const { roomId, peerName } = socket.handshake.query;
if (!roomId || !peerName) if (!roomId || !peerName)
@ -181,4 +299,27 @@ io.on('connection', (socket) =>
socket.room = roomId; socket.room = roomId;
room.handleConnection(peerName, socket); room.handleConnection(peerName, socket);
}); });
}
if (
typeof(auth) !== 'undefined' &&
typeof(auth.issuerURL) !== 'undefined' &&
typeof(auth.clientOptions) !== 'undefined'
)
{
Issuer.discover(auth.issuerURL).then((oidcIssuer) =>
{
setupAuth(oidcIssuer);
setupWebServer();
setupSocketIO();
}).catch((err) => {
logger.error(err);
}
);
} else
{
logger.error('Auth is not configure properly!');
setupWebServer();
setupSocketIO();
}