Added JWT authentication

avstack · Jun 16, 2023 · a3c567d · a3c567d
1 parent 315cc4b
commit a3c567d
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 2 deletions.
diff --git a/gst-meet/src/main.rs b/gst-meet/src/main.rs
@@ -56,6 +56,12 @@ struct Opt {
   #[structopt(long)]
   xmpp_password: Option<String>,
 
+  #[structopt(
+    long,
+    help = "The JWT token for Jitsi JWT authentication"
+  )]
+  xmpp_jwt: Option<String>,
+
   #[structopt(
     long,
     default_value = "vp9",
@@ -258,8 +264,12 @@ async fn main_inner() -> Result<()> {
         username,
         password: opt.xmpp_password.context("if xmpp-username is provided, xmpp-password must also be provided")?,
       },
-      None => Authentication::Anonymous,
+      None => match opt.xmpp_jwt {
+          Some(token) => Authentication::Jwt { token },
+          None => Authentication::Anonymous,
+      },
     },
+    &opt.room_name,
     #[cfg(feature = "tls-insecure")]
     opt.tls_insecure,
     #[cfg(not(feature = "tls-insecure"))]

diff --git a/lib-gst-meet/src/xmpp/connection.rs b/lib-gst-meet/src/xmpp/connection.rs
@@ -65,19 +65,29 @@ pub struct Connection {
   pub(crate) tls_insecure: bool,
 }
 
+#[derive(Debug, Clone)]
 pub enum Authentication {
   Anonymous,
   Plain { username: String, password: String },
+  Jwt { token: String },
 }
 
 impl Connection {
   pub async fn new(
     websocket_url: &str,
     xmpp_domain: &str,
     authentication: Authentication,
+    room_name: &str,
     tls_insecure: bool,
   ) -> Result<(Self, impl Future<Output = ()>)> {
-    let websocket_url: Uri = websocket_url.parse().context("invalid WebSocket URL")?;
+    let websocket_url: Uri = match authentication.clone() {
+        Authentication::Plain { .. } => websocket_url.parse().context("invalid WebSocket URL")?,
+        Authentication::Jwt { token } => format!(
+          "{}?room={}&token={}",
+          websocket_url.clone(), room_name.clone(), token.clone()
+        ).parse().context("invalid WebSocket URL")?,
+        Authentication::Anonymous => websocket_url.parse().context("invalid WebSocket URL")?,
+    };
     let xmpp_domain: BareJid = xmpp_domain.parse().context("invalid XMPP domain")?;
 
     info!("Connecting XMPP WebSocket to {}", websocket_url);
@@ -255,6 +265,10 @@ impl Connection {
                 data,
               }
             },
+            Authentication::Jwt { .. } => Auth {
+              mechanism: Mechanism::Anonymous,
+              data: vec![],
+            },
           };
           tx.send(auth.into()).await?;
           locked_inner.state = Authenticating;
@@ -271,6 +285,7 @@ impl Connection {
           match &locked_inner.authentication {
             Authentication::Anonymous => info!("Logged in anonymously"),
             Authentication::Plain { .. } => info!("Logged in with PLAIN"),
+            Authentication::Jwt { .. } => info!("Logged in with JWT"),
           }
           locked_inner.state = ReceivingFeaturesPostAuthentication;
         },