certain domain setting
- Thread starter jamesChoi
- Start date
Do you mean play video from a page with domain name like https://mydomain.com/player.html ?
Or do you mean restrict player for particular domain and reject unauthorized access?
If second, you have to use REST Hooks for authentication: https://docs.flashphoner.com/display/WCS5EN/REST+Hooks
Or do you mean restrict player for particular domain and reject unauthorized access?
If second, you have to use REST Hooks for authentication: https://docs.flashphoner.com/display/WCS5EN/REST+Hooks
You have to use REST hooks
Please check REST hooks docs and let us know if you have any particular questions
https://docs.flashphoner.com/display/WCS5EN/REST+Hooks
1. You have to implement REST hook /connect
2. Configure WCS server with your REST hook URL, example http://your-hook-server/api
3. Then WCS will call your hook as example http://your-hook-server/api/connect
4. You can return HTTP 403 Forbidden to reject access based on 'origin' field of the REST hook request.
The 'origin' field contains domain name.
Please check REST hooks docs and let us know if you have any particular questions
https://docs.flashphoner.com/display/WCS5EN/REST+Hooks
1. You have to implement REST hook /connect
2. Configure WCS server with your REST hook URL, example http://your-hook-server/api
3. Then WCS will call your hook as example http://your-hook-server/api/connect
4. You can return HTTP 403 Forbidden to reject access based on 'origin' field of the REST hook request.
The 'origin' field contains domain name.
As an option you can setup HAProxy or Nginx server which will listen 443 port and parse HTTP headers.
If HTTP origin is allowed you authorize the websocket connection.
Some information about HAProxy and WCS:
https://docs.flashphoner.com/display/WCS5EN/HAProxy
If HTTP origin is allowed you authorize the websocket connection.
Some information about HAProxy and WCS:
https://docs.flashphoner.com/display/WCS5EN/HAProxy
First of all you have to implement REST Hooks
1. It should be availabale on your web host as:
Code:
http://host/rest-hooks/connect
http://host/rest-hooks/ConnectionStatusEvent3. It should return exactly the same body as received (mirroring).
4. Once it is done, you can setup WCS for working with your hooks:
Code:
ssh -p 2000 admin@localhost
>update app defaultApp -l http://host/rest-hooks
Code:
tail -f WCS_HOME/logs/flashphoner_manager.loghttps://flashphoner.com/downloads/REST_application_PHP_example.zip
Hello
We have added a doc for domain based authentication:
https://docs.flashphoner.com/display/WCS5EN/Using+REST+hook+to+authorize+user+by+domain
We have added a doc for domain based authentication:
https://docs.flashphoner.com/display/WCS5EN/Using+REST+hook+to+authorize+user+by+domain
ssh -p 2000 admin @ localhost
> update app defaultApp -l http: // host / "rest-hooks or rest?"
(download example.zip folder name = rest)
How do I check for updates?
And where should I specify the server location after downloading example.zip?
Download api.php
<?php
$api_method = array_pop(explode("/", $_SERVER['REQUEST_URI']));
$incoming_data = json_decode(file_get_contents('php://input'), true);
//enable IP authentication
#$ip_auth = 1;
$domain = "you-end.com";
//process method
switch($api_method) {
case"connect":
$origin = $incoming_data['origin'];
#$userIP = parseIP($incoming_data['sessionId']);
error_log("sessionId: " . $incoming_data['sessionId']);
error_log("origin: " . $origin);
//logs
#error_log("sessionId: " . $incoming_data['sessionId']);
#error_log("userIP: " . $userIP);
$rest_client_config = json_decode(file_get_contents('rest_client_config.json'), true);
$incoming_data['restClientConfig'] = $rest_client_config;
//find db record by IP
if ($ip_auth){
$token = $userIP;
//find db record by token
}else{
$token = $incoming_data['token'];
}
##
$found = strpos($origin, $domain);
if ($found !== false){
error_log("User authorized by domain " . $domain);
}else{
error_log("User not authorized by domain: " . $domain . " Connection failed with 403 status.");
ubnormalResponse(403);
}
break;
}
##
$db = fopen("sip_login.db", "r");
$found=0;
while(!feof($db)) {
$str = fgets($db);
if(strpos($str, $token) !== false) {
$tmp = explode(";", $str);
$incoming_data['sipDomain'] = $tmp[1];
$incoming_data['sipOutboundProxy'] = $tmp[1];
$incoming_data['sipLogin'] = $tmp[2];
$incoming_data['sipAuthenticationName'] = $tmp[2];
$incoming_data['sipPassword'] = $tmp[3];
$incoming_data['sipPort'] = $tmp[4];
$incoming_data['sipRegisterRequired'] = true;
$found=1;
break;
}
}
if ($found){
error_log("Record found by " . $token);
}else{
error_log("Record not found by token: " . $token . " Connection failed with 403 status.");
ubnormalResponse(403);
}
break;
case"ConnectionStatusEvent":
break;
case"RegistrationStatusEvent":
break;
case"sendXcapRequest":
break;
case"XcapStatusEvent":
break;
case"sendDtmf":
break;
case"call":
break;
case"OnCallEvent":
break;
case"answer":
break;
case"hangup":
//ubnormalResponse(403);
break;
case"hold":
break;
case"unhold":
break;
case"transfer":
break;
case"OnTransferEvent":
//ubnormalResponse(403);
break;
case"TransferStatusEvent":
if ($incoming_data['status'] == "PENDING") {
//ubnormalResponse(403);
}
break;
case"CallStatusEvent":
break;
case"sendMessage":
//ubnormalResponse(403);
break;
case"OnMessageEvent":
break;
case"MessageStatusEvent":
break;
case"publishStream":
break;
case"unPublishStream":
break;
case"playStream":
break;
case"stopStream":
break;
case"StreamStatusEvent":
break;
case"subscribe":
break;
case"SubscriptionStatusEvent":
break;
case"OnDataEvent":
break;
case"DataStatusEvent":
break;
case"submitBugReport":
break;
case"BugReportStatusEvent":
break;
case"pushLogs":
break;
case"RecordingStatusEvent":
break;
case"ErrorStatusEvent":
break;
case"disconnect":
break;
}
header('Content-Type: application/json');
echo json_encode($incoming_data);
function parseIP($sessionId){
//Example: "/192.168.250.8:52098/192.168.1.9:8080" --> 192.168.250.8
$colon_index = strpos($sessionId, ":");
return substr($sessionId,1,$colon_index-1);
}
function ubnormalResponse($code) {
if ($code == 403) {
header('HTTP/1.1 403 Forbidden', true, $code);
} else {
header(':', true, $code);
}
die();
}
?>
--------------------------------------
Is it possible to change the download api.php below?
<?php
$api_method = array_pop(explode("/", $_SERVER['REQUEST_URI']));
$incoming_data = json_decode(file_get_contents('php://input'), true);
$domain = "yourdomain.com";
"connect" method handling begins. Here "origin" field value is defined and "restClientConfig" field for answer is filled:
switch($api_method) {
case"connect":
$origin = $incoming_data['origin'];
//logs
error_log("sessionId: " . $incoming_data['sessionId']);
error_log("origin: " . $origin);
$rest_client_config = json_decode(file_get_contents('rest_client_config.json'), true);
$incoming_data['restClientConfig'] = $rest_client_config;
Domain checking. If domain is no found, the ubnormalResponse() function is called to form negative response 403:
$found = strpos($origin, $domain);
if ($found !== false){
error_log("User authorized by domain " . $domain);
}else{
error_log("User not authorized by domain: " . $domain . " Connection failed with 403 status.");
ubnormalResponse(403);
}
break;
}
------------------------------
web call server ip is 1.1.1.1:9091,
If the ip used by the web server is 2.2.2.2:80 (all other IPs are blocked)
To run the above
What command should I give?
> update app defaultApp -l http: // host / "rest-hooks or rest?"
(download example.zip folder name = rest)
How do I check for updates?
And where should I specify the server location after downloading example.zip?
Download api.php
<?php
$api_method = array_pop(explode("/", $_SERVER['REQUEST_URI']));
$incoming_data = json_decode(file_get_contents('php://input'), true);
//enable IP authentication
#$ip_auth = 1;
$domain = "you-end.com";
//process method
switch($api_method) {
case"connect":
$origin = $incoming_data['origin'];
#$userIP = parseIP($incoming_data['sessionId']);
error_log("sessionId: " . $incoming_data['sessionId']);
error_log("origin: " . $origin);
//logs
#error_log("sessionId: " . $incoming_data['sessionId']);
#error_log("userIP: " . $userIP);
$rest_client_config = json_decode(file_get_contents('rest_client_config.json'), true);
$incoming_data['restClientConfig'] = $rest_client_config;
//find db record by IP
if ($ip_auth){
$token = $userIP;
//find db record by token
}else{
$token = $incoming_data['token'];
}
##
$found = strpos($origin, $domain);
if ($found !== false){
error_log("User authorized by domain " . $domain);
}else{
error_log("User not authorized by domain: " . $domain . " Connection failed with 403 status.");
ubnormalResponse(403);
}
break;
}
##
$db = fopen("sip_login.db", "r");
$found=0;
while(!feof($db)) {
$str = fgets($db);
if(strpos($str, $token) !== false) {
$tmp = explode(";", $str);
$incoming_data['sipDomain'] = $tmp[1];
$incoming_data['sipOutboundProxy'] = $tmp[1];
$incoming_data['sipLogin'] = $tmp[2];
$incoming_data['sipAuthenticationName'] = $tmp[2];
$incoming_data['sipPassword'] = $tmp[3];
$incoming_data['sipPort'] = $tmp[4];
$incoming_data['sipRegisterRequired'] = true;
$found=1;
break;
}
}
if ($found){
error_log("Record found by " . $token);
}else{
error_log("Record not found by token: " . $token . " Connection failed with 403 status.");
ubnormalResponse(403);
}
break;
case"ConnectionStatusEvent":
break;
case"RegistrationStatusEvent":
break;
case"sendXcapRequest":
break;
case"XcapStatusEvent":
break;
case"sendDtmf":
break;
case"call":
break;
case"OnCallEvent":
break;
case"answer":
break;
case"hangup":
//ubnormalResponse(403);
break;
case"hold":
break;
case"unhold":
break;
case"transfer":
break;
case"OnTransferEvent":
//ubnormalResponse(403);
break;
case"TransferStatusEvent":
if ($incoming_data['status'] == "PENDING") {
//ubnormalResponse(403);
}
break;
case"CallStatusEvent":
break;
case"sendMessage":
//ubnormalResponse(403);
break;
case"OnMessageEvent":
break;
case"MessageStatusEvent":
break;
case"publishStream":
break;
case"unPublishStream":
break;
case"playStream":
break;
case"stopStream":
break;
case"StreamStatusEvent":
break;
case"subscribe":
break;
case"SubscriptionStatusEvent":
break;
case"OnDataEvent":
break;
case"DataStatusEvent":
break;
case"submitBugReport":
break;
case"BugReportStatusEvent":
break;
case"pushLogs":
break;
case"RecordingStatusEvent":
break;
case"ErrorStatusEvent":
break;
case"disconnect":
break;
}
header('Content-Type: application/json');
echo json_encode($incoming_data);
function parseIP($sessionId){
//Example: "/192.168.250.8:52098/192.168.1.9:8080" --> 192.168.250.8
$colon_index = strpos($sessionId, ":");
return substr($sessionId,1,$colon_index-1);
}
function ubnormalResponse($code) {
if ($code == 403) {
header('HTTP/1.1 403 Forbidden', true, $code);
} else {
header(':', true, $code);
}
die();
}
?>
--------------------------------------
Is it possible to change the download api.php below?
<?php
$api_method = array_pop(explode("/", $_SERVER['REQUEST_URI']));
$incoming_data = json_decode(file_get_contents('php://input'), true);
$domain = "yourdomain.com";
"connect" method handling begins. Here "origin" field value is defined and "restClientConfig" field for answer is filled:
switch($api_method) {
case"connect":
$origin = $incoming_data['origin'];
//logs
error_log("sessionId: " . $incoming_data['sessionId']);
error_log("origin: " . $origin);
$rest_client_config = json_decode(file_get_contents('rest_client_config.json'), true);
$incoming_data['restClientConfig'] = $rest_client_config;
Domain checking. If domain is no found, the ubnormalResponse() function is called to form negative response 403:
$found = strpos($origin, $domain);
if ($found !== false){
error_log("User authorized by domain " . $domain);
}else{
error_log("User not authorized by domain: " . $domain . " Connection failed with 403 status.");
ubnormalResponse(403);
}
break;
}
------------------------------
web call server ip is 1.1.1.1:9091,
If the ip used by the web server is 2.2.2.2:80 (all other IPs are blocked)
To run the above
What command should I give?