MirrorMirror
/
Signal-Server
mirror of https://github.com/signalapp/Signal-Server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adding hostname property to cloudflare turn config

This commit is contained in:
Alan Liu 2024-05-02 12:35:32 -07:00 committed by GitHub
parent 854ab353b3
commit 843151859d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
8 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
service/config/sample.yml
View File

@ -457,6 +457,7 @@ turn:
password: secret://turn.cloudflare.password
urls:
- turns:turn.cloudflare.example.com:443?transport=tcp
hostname: turn.cloudflare.example.com
linkDevice:
secret: secret://linkDevice.secret

3
service/src/main/java/org/whispersystems/textsecuregcm/auth/TurnToken.java
View File

@ -10,7 +10,4 @@ import java.util.List;
public record TurnToken(String username, String password, List<String> urls, @Nullable List<String> urlsWithIps,
@Nullable String hostname) {
public TurnToken(String username, String password, List<String> urls) {
this(username, password, urls, null, null);
}
}

4
service/src/main/java/org/whispersystems/textsecuregcm/auth/TurnTokenGenerator.java
View File

@ -41,6 +41,7 @@ public class TurnTokenGenerator {
private final String cloudflareTurnUsername;
private final String cloudflareTurnPassword;
private final List<String> cloudflareTurnUrls;
private final String cloudflareTurnHostname;
public TurnTokenGenerator(final DynamicConfigurationManager<DynamicConfiguration> dynamicConfigurationManager,
final byte[] turnSecret, final CloudflareTurnConfiguration cloudflareTurnConfiguration) {
@ -51,6 +52,7 @@ public class TurnTokenGenerator {
this.cloudflareTurnUsername = cloudflareTurnConfiguration.username().value();
this.cloudflareTurnPassword = cloudflareTurnConfiguration.password().value();
this.cloudflareTurnUrls = cloudflareTurnConfiguration.urls();
this.cloudflareTurnHostname = cloudflareTurnConfiguration.hostname();
}
@Deprecated
@ -63,7 +65,7 @@ public class TurnTokenGenerator {
}
public TurnToken generateForCloudflareBeta() {
return new TurnToken(cloudflareTurnUsername, cloudflareTurnPassword, cloudflareTurnUrls);
return new TurnToken(cloudflareTurnUsername, cloudflareTurnPassword, cloudflareTurnUrls, null, cloudflareTurnHostname);
}
private TurnToken generateToken(String hostname, List<String> urlsWithIps, List<String> urlsWithHostname) {

2
service/src/main/java/org/whispersystems/textsecuregcm/configuration/CloudflareTurnConfiguration.java
View File

@ -12,6 +12,6 @@ import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotNull;
public record CloudflareTurnConfiguration(@NotNull SecretString username, @NotNull SecretString password,
@Valid @NotNull List<@NotBlank String> urls) {
@Valid @NotNull List<@NotBlank String> urls, @NotBlank String hostname) {
}

2
service/src/test/java/org/whispersystems/textsecuregcm/auth/TurnTokenGeneratorTest.java
View File

@ -20,7 +20,7 @@ import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
public class TurnTokenGeneratorTest {
private static final CloudflareTurnConfiguration CLOUDFLARE_TURN_CONFIGURATION = new CloudflareTurnConfiguration(
new SecretString("cf_username"), new SecretString("cf_password"), List.of("turn:cloudflare.example.com"));
new SecretString("cf_username"), new SecretString("cf_password"), List.of("turn:cloudflare.example.com"), "cloudflare.example.com");
@Test
public void testAlwaysSelectFirst() throws JsonProcessingException {

4
service/src/test/java/org/whispersystems/textsecuregcm/controllers/CallRoutingControllerTest.java
View File

@ -59,7 +59,7 @@ class CallRoutingControllerTest {
private static final TurnTokenGenerator turnTokenGenerator = new TurnTokenGenerator(dynamicConfigurationManager,
"bloop".getBytes(StandardCharsets.UTF_8),
new CloudflareTurnConfiguration(new SecretString("cf_username"), new SecretString("cf_password"),
List.of("turn:cf.example.com")));
List.of("turn:cf.example.com"), "cf.example.com"));
private static final TurnCallRouter turnCallRouter = mock(TurnCallRouter.class);
private static final ResourceExtension resources = ResourceExtension.builder()
@ -128,7 +128,7 @@ class CallRoutingControllerTest {
TurnToken token = response.readEntity(TurnToken.class);
assertThat(token.username()).isNotEmpty();
assertThat(token.password()).isNotEmpty();
assertThat(token.hostname()).isNull();
assertThat(token.hostname()).isNotEmpty();
assertThat(token.urlsWithIps()).isNull();
assertThat(token.urls()).isEqualTo(List.of("turn:cf.example.com"));
}

3
service/src/test/java/org/whispersystems/textsecuregcm/grpc/CallingGrpcServiceTest.java
View File

@ -48,9 +48,10 @@ class CallingGrpcServiceTest extends SimpleBaseGrpcTest<CallingGrpcService, Call
final String username = "test-username";
final String password = "test-password";
final List<String> urls = List.of("first", "second");
final String hostname = "hostname";
MockUtils.updateRateLimiterResponseToAllow(turnCredentialRateLimiter, AUTHENTICATED_ACI);
when(turnTokenGenerator.generate(any())).thenReturn(new TurnToken(username, password, urls));
when(turnTokenGenerator.generate(any())).thenReturn(new TurnToken(username, password, urls, null, hostname));
final GetTurnCredentialsResponse response = authenticatedServiceStub().getTurnCredentials(GetTurnCredentialsRequest.newBuilder().build());

1
service/src/test/resources/config/test.yml
View File

@ -448,6 +448,7 @@ turn:
password: secret://turn.cloudflare.password
urls:
- turns:turn.cloudflare.example.com:443?transport=tcp
hostname: turn.cloudflare.example.com
linkDevice:
secret: secret://linkDevice.secret