diff options
-rw-r--r-- | Makefile | 21 | ||||
-rw-r--r-- | api/user.go | 12 | ||||
-rw-r--r-- | api/webrtc.go | 103 | ||||
-rw-r--r-- | api/webrtc_test.go | 37 | ||||
-rw-r--r-- | einterfaces/webrtc.go | 23 | ||||
-rw-r--r-- | i18n/en.json | 20 | ||||
-rw-r--r-- | model/license.go | 6 | ||||
-rw-r--r-- | model/webrtc.go | 21 | ||||
-rw-r--r-- | utils/config.go | 6 | ||||
-rw-r--r-- | utils/license.go | 1 | ||||
-rw-r--r-- | webapp/components/admin_console/admin_sidebar.jsx | 27 | ||||
-rw-r--r-- | webapp/components/channel_header.jsx | 3 | ||||
-rw-r--r-- | webapp/components/user_profile.jsx | 3 | ||||
-rw-r--r-- | webapp/components/user_settings/user_settings_advanced.jsx | 3 |
14 files changed, 180 insertions, 106 deletions
@@ -77,6 +77,14 @@ start-docker: docker start mattermost-postgres > /dev/null; \ fi + @if [ $(shell docker ps -a | grep -ci mattermost-webrtc) -eq 0 ]; then \ + echo starting mattermost-webrtc; \ + docker run --name mattermost-webrtc -p 7088:7088 -p 7089:7089 -p 8188:8188 -p 8189:8189 -d mattermost/webrtc:latest > /dev/null; \ + elif [ $(shell docker ps | grep -ci mattermost-webrtc) -eq 0 ]; then \ + echo restarting mattermost-webrtc; \ + docker start mattermost-webrtc > /dev/null; \ + fi + ifeq ($(BUILD_ENTERPRISE_READY),true) @echo Ldap test user test.one @if [ $(shell docker ps -a | grep -ci mattermost-openldap) -eq 0 ]; then \ @@ -99,14 +107,6 @@ ifeq ($(BUILD_ENTERPRISE_READY),true) docker start mattermost-openldap > /dev/null; \ sleep 10; \ fi - - @if [ $(shell docker ps -a | grep -ci mattermost-webrtc) -eq 0 ]; then \ - echo starting mattermost-webrtc; \ - docker run --name mattermost-webrtc -p 7088:7088 -p 7089:7089 -p 8188:8188 -p 8189:8189 -d mattermost/webrtc:latest > /dev/null; \ - elif [ $(shell docker ps | grep -ci mattermost-webrtc) -eq 0 ]; then \ - echo restarting mattermost-webrtc; \ - docker start mattermost-webrtc > /dev/null; \ - fi endif stop-docker: @@ -209,7 +209,6 @@ ifeq ($(BUILD_ENTERPRISE_READY),true) $(GO) test $(GOFLAGS) -run=$(TESTS) -covermode=count -c ./enterprise/saml && ./saml.test -test.v -test.timeout=60s -test.coverprofile=csaml.out || exit 1 $(GO) test $(GOFLAGS) -run=$(TESTS) -covermode=count -c ./enterprise/cluster && ./cluster.test -test.v -test.timeout=60s -test.coverprofile=ccluster.out || exit 1 $(GO) test $(GOFLAGS) -run=$(TESTS) -covermode=count -c ./enterprise/account_migration && ./account_migration.test -test.v -test.timeout=60s -test.coverprofile=caccount_migration.out || exit 1 - $(GO) test $(GOFLAGS) -run=$(TESTS) -covermode=count -c ./enterprise/webrtc && ./webrtc.test -test.v -test.timeout=60s -test.coverprofile=cwebrtc.out || exit 1 tail -n +2 cldap.out >> ecover.out tail -n +2 ccompliance.out >> ecover.out @@ -218,8 +217,7 @@ ifeq ($(BUILD_ENTERPRISE_READY),true) tail -n +2 csaml.out >> ecover.out tail -n +2 ccluster.out >> ecover.out tail -n +2 caccount_migration.out >> ecover.out - tail -n +2 cwebrtc.out >> ecover.out - rm -f cldap.out ccompliance.out cmfa.out cemoji.out csaml.out ccluster.out caccount_migration.out cwebrtc.out + rm -f cldap.out ccompliance.out cmfa.out cemoji.out csaml.out ccluster.out caccount_migration.out rm -r ldap.test rm -r compliance.test rm -r mfa.test @@ -227,7 +225,6 @@ ifeq ($(BUILD_ENTERPRISE_READY),true) rm -r saml.test rm -r cluster.test rm -r account_migration.test - rm -r webrtc.test rm -f config/*.crt rm -f config/*.key endif diff --git a/api/user.go b/api/user.go index e0507f399..b961aa609 100644 --- a/api/user.go +++ b/api/user.go @@ -750,9 +750,7 @@ func RevokeSessionById(c *Context, sessionId string) { } } - if webrtcInterface := einterfaces.GetWebrtcInterface(); webrtcInterface != nil { - webrtcInterface.RevokeToken(session.Id) - } + RevokeWebrtcToken(session.Id) } } @@ -776,9 +774,7 @@ func RevokeAllSession(c *Context, userId string) { } } - if webrtcInterface := einterfaces.GetWebrtcInterface(); webrtcInterface != nil { - webrtcInterface.RevokeToken(session.Id) - } + RevokeWebrtcToken(session.Id) } } } @@ -801,9 +797,7 @@ func RevokeAllSessionsNoContext(userId string) *model.AppError { } } - if webrtcInterface := einterfaces.GetWebrtcInterface(); webrtcInterface != nil { - webrtcInterface.RevokeToken(session.Id) - } + RevokeWebrtcToken(session.Id) } } return nil diff --git a/api/webrtc.go b/api/webrtc.go index ba6054125..0ccbd8be1 100644 --- a/api/webrtc.go +++ b/api/webrtc.go @@ -4,11 +4,18 @@ package api import ( + "crypto/hmac" + "crypto/sha1" + "crypto/tls" + "encoding/base64" l4g "github.com/alecthomas/log4go" - "github.com/mattermost/platform/einterfaces" "github.com/mattermost/platform/model" "github.com/mattermost/platform/utils" + "io/ioutil" "net/http" + "strconv" + "strings" + "time" ) func InitWebrtc() { @@ -20,18 +27,26 @@ func InitWebrtc() { } func webrtcToken(c *Context, w http.ResponseWriter, r *http.Request) { - webrtcInterface := einterfaces.GetWebrtcInterface() - - if webrtcInterface == nil { - c.Err = model.NewLocAppError("webrtcToken", "api.webrtc.not_available.app_error", nil, "") - c.Err.StatusCode = http.StatusNotImplemented - return - } - - if result, err := webrtcInterface.Token(c.Session.Id); err != nil { + if token, err := getWebrtcToken(c.Session.Id); err != nil { c.Err = err return } else { + result := make(map[string]string) + result["token"] = token + result["gateway_url"] = *utils.Cfg.WebrtcSettings.GatewayWebsocketUrl + + if len(*utils.Cfg.WebrtcSettings.StunURI) > 0 { + result["stun_uri"] = *utils.Cfg.WebrtcSettings.StunURI + } + + if len(*utils.Cfg.WebrtcSettings.TurnURI) > 0 { + timestamp := strconv.FormatInt(utils.EndOfDay(time.Now().AddDate(0, 0, 1)).Unix(), 10) + username := timestamp + ":" + *utils.Cfg.WebrtcSettings.TurnUsername + + result["turn_uri"] = *utils.Cfg.WebrtcSettings.TurnURI + result["turn_password"] = generateTurnPassword(username, *utils.Cfg.WebrtcSettings.TurnSharedKey) + result["turn_username"] = username + } w.Write([]byte(model.MapToJson(result))) } } @@ -49,3 +64,71 @@ func webrtcMessage(req *model.WebSocketRequest) (map[string]interface{}, *model. return nil, nil } + +func getWebrtcToken(sessionId string) (string, *model.AppError) { + if !*utils.Cfg.WebrtcSettings.Enable { + return "", model.NewLocAppError("WebRTC.getWebrtcToken", "api.webrtc.disabled.app_error", nil, "") + } + + token := base64.StdEncoding.EncodeToString([]byte(sessionId)) + + data := make(map[string]string) + data["janus"] = "add_token" + data["token"] = token + data["transaction"] = model.NewId() + data["admin_secret"] = *utils.Cfg.WebrtcSettings.GatewayAdminSecret + + rq, _ := http.NewRequest("POST", *utils.Cfg.WebrtcSettings.GatewayAdminUrl, strings.NewReader(model.MapToJson(data))) + rq.Header.Set("Content-Type", "application/json") + + tr := &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: *utils.Cfg.ServiceSettings.EnableInsecureOutgoingConnections}, + } + httpClient := &http.Client{Transport: tr} + if rp, err := httpClient.Do(rq); err != nil { + return "", model.NewLocAppError("WebRTC.Token", "model.client.connecting.app_error", nil, err.Error()) + } else if rp.StatusCode >= 300 { + defer closeBody(rp) + return "", model.AppErrorFromJson(rp.Body) + } else { + janusResponse := model.GatewayResponseFromJson(rp.Body) + if janusResponse.Status != "success" { + return "", model.NewLocAppError("getWebrtcToken", "api.webrtc.register_token.app_error", nil, "") + } + } + + return token, nil +} + +func generateTurnPassword(username string, secret string) string { + key := []byte(secret) + h := hmac.New(sha1.New, key) + h.Write([]byte(username)) + return base64.StdEncoding.EncodeToString(h.Sum(nil)) +} + +func closeBody(r *http.Response) { + if r.Body != nil { + ioutil.ReadAll(r.Body) + r.Body.Close() + } +} + +func RevokeWebrtcToken(sessionId string) { + token := base64.StdEncoding.EncodeToString([]byte(sessionId)) + data := make(map[string]string) + data["janus"] = "remove_token" + data["token"] = token + data["transaction"] = model.NewId() + data["admin_secret"] = *utils.Cfg.WebrtcSettings.GatewayAdminSecret + + rq, _ := http.NewRequest("POST", *utils.Cfg.WebrtcSettings.GatewayAdminUrl, strings.NewReader(model.MapToJson(data))) + rq.Header.Set("Content-Type", "application/json") + + // we do not care about the response + tr := &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: *utils.Cfg.ServiceSettings.EnableInsecureOutgoingConnections}, + } + httpClient := &http.Client{Transport: tr} + httpClient.Do(rq) +} diff --git a/api/webrtc_test.go b/api/webrtc_test.go index d6a690407..953333b09 100644 --- a/api/webrtc_test.go +++ b/api/webrtc_test.go @@ -3,16 +3,41 @@ package api -import "testing" +import ( + "fmt" + "github.com/mattermost/platform/model" + "github.com/mattermost/platform/utils" + "testing" +) func TestWebrtcToken(t *testing.T) { th := Setup().InitBasic() - if _, err := th.BasicClient.GetWebrtcToken(); err != nil { - if err.Id != "api.webrtc.not_available.app_error" { - t.Fatal("Should have fail, webrtc not availble") - } + *utils.Cfg.WebrtcSettings.Enable = false + if _, err := th.BasicClient.GetWebrtcToken(); err == nil { + t.Fatal("should have failed") + } + + *utils.Cfg.WebrtcSettings.Enable = true + *utils.Cfg.WebrtcSettings.GatewayAdminUrl = "https://dockerhost:7089/admin" + *utils.Cfg.WebrtcSettings.GatewayWebsocketUrl = "wss://dockerhost:8189" + *utils.Cfg.WebrtcSettings.GatewayAdminSecret = "janusoverlord" + *utils.Cfg.WebrtcSettings.StunURI = "stun:dockerhost:5349" + *utils.Cfg.WebrtcSettings.TurnURI = "turn:dockerhost:5349" + *utils.Cfg.WebrtcSettings.TurnUsername = "test" + *utils.Cfg.WebrtcSettings.TurnSharedKey = "mattermost" + *utils.Cfg.ServiceSettings.EnableInsecureOutgoingConnections = true + sessionId := model.NewId() + if result, err := th.BasicClient.GetWebrtcToken(); err != nil { + t.Fatal(err) } else { - t.Fatal("Should have fail, webrtc not availble") + fmt.Println("Token", result["token"]) + fmt.Println("Gateway Websocket", result["gateway_url"]) + fmt.Println("Stun URI", result["stun_uri"]) + fmt.Println("Turn URI", result["turn_uri"]) + fmt.Println("Turn Username", result["turn_username"]) + fmt.Println("Turn Password", result["turn_password"]) } + + RevokeWebrtcToken(sessionId) } diff --git a/einterfaces/webrtc.go b/einterfaces/webrtc.go deleted file mode 100644 index 97850643f..000000000 --- a/einterfaces/webrtc.go +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright (c) 2016 Mattermost, Inc. All Rights Reserved. -// See License.txt for license information. - -package einterfaces - -import ( - "github.com/mattermost/platform/model" -) - -type WebrtcInterface interface { - Token(sessionId string) (map[string]string, *model.AppError) - RevokeToken(sessionId string) -} - -var theWebrtcInterface WebrtcInterface - -func RegisterWebrtcInterface(newInterface WebrtcInterface) { - theWebrtcInterface = newInterface -} - -func GetWebrtcInterface() WebrtcInterface { - return theWebrtcInterface -} diff --git a/i18n/en.json b/i18n/en.json index 31063739f..726059c5c 100644 --- a/i18n/en.json +++ b/i18n/en.json @@ -2528,12 +2528,16 @@ "translation": "Inappropriate permissions to regenerate outcoming webhook token" }, { + "id": "api.webrtc.disabled.app_error", + "translation": "WebRTC is not enabled in this server." + }, + { "id": "api.webrtc.init.debug", "translation": "Initializing WebRTC api routes" }, { - "id": "api.webrtc.not_available.app_error", - "translation": "WebRTC is not available on this server." + "id": "api.webrtc.register_token.app_error", + "translation": "We encountered an error trying to register the WebRTC Token" }, { "id": "api.websocket_handler.invalid_param.app_error", @@ -2824,18 +2828,6 @@ "translation": "Unable to update existing SAML user. Allowing login anyway. err=%v" }, { - "id": "ent.webrtc.disabled.app_error", - "translation": "WebRTC is not enabled in this server." - }, - { - "id": "ent.webrtc.license_disable.app_error", - "translation": "Your license does not support using Mattermost WebRTC" - }, - { - "id": "ent.webrtc.register_token.app_error", - "translation": "We encountered an error trying to register the WebRTC Token" - }, - { "id": "error.generic.link_message", "translation": "Back to Mattermost" }, diff --git a/model/license.go b/model/license.go index ed38ea438..8d8d0068f 100644 --- a/model/license.go +++ b/model/license.go @@ -44,7 +44,6 @@ type Features struct { SAML *bool `json:"saml"` PasswordRequirements *bool `json:"password_requirements"` // after we enabled more features for webrtc we'll need to control them with this - Webrtc *bool `json:"webrtc"` FutureFeatures *bool `json:"future_features"` } @@ -124,11 +123,6 @@ func (f *Features) SetDefaults() { f.PasswordRequirements = new(bool) *f.PasswordRequirements = *f.FutureFeatures } - - if f.Webrtc == nil { - f.Webrtc = new(bool) - *f.Webrtc = *f.FutureFeatures - } } func (l *License) IsExpired() bool { diff --git a/model/webrtc.go b/model/webrtc.go new file mode 100644 index 000000000..e746d62a8 --- /dev/null +++ b/model/webrtc.go @@ -0,0 +1,21 @@ +package model + +import ( + "encoding/json" + "io" +) + +type GatewayResponse struct { + Status string `json:"janus"` +} + +func GatewayResponseFromJson(data io.Reader) *GatewayResponse { + decoder := json.NewDecoder(data) + var o GatewayResponse + err := decoder.Decode(&o) + if err == nil { + return &o + } else { + return nil + } +} diff --git a/utils/config.go b/utils/config.go index 819ce6185..0f5d69a13 100644 --- a/utils/config.go +++ b/utils/config.go @@ -292,6 +292,8 @@ func getClientConfig(c *model.Config) map[string]string { props["AndroidAppDownloadLink"] = *c.NativeAppSettings.AndroidAppDownloadLink props["IosAppDownloadLink"] = *c.NativeAppSettings.IosAppDownloadLink + props["EnableWebrtc"] = strconv.FormatBool(*c.WebrtcSettings.Enable) + if IsLicensed { if *License.Features.CustomBrand { props["EnableCustomBrand"] = strconv.FormatBool(*c.TeamSettings.EnableCustomBrand) @@ -342,10 +344,6 @@ func getClientConfig(c *model.Config) map[string]string { props["PasswordRequireNumber"] = strconv.FormatBool(*c.PasswordSettings.Number) props["PasswordRequireSymbol"] = strconv.FormatBool(*c.PasswordSettings.Symbol) } - - if *License.Features.Webrtc { - props["EnableWebrtc"] = strconv.FormatBool(*c.WebrtcSettings.Enable) - } } return props diff --git a/utils/license.go b/utils/license.go index ae27dbc88..4d6387788 100644 --- a/utils/license.go +++ b/utils/license.go @@ -125,7 +125,6 @@ func getClientLicense(l *model.License) map[string]string { props["Cluster"] = strconv.FormatBool(*l.Features.Cluster) props["GoogleOAuth"] = strconv.FormatBool(*l.Features.GoogleOAuth) props["Office365OAuth"] = strconv.FormatBool(*l.Features.Office365OAuth) - props["Webrtc"] = strconv.FormatBool(*l.Features.Webrtc) props["Compliance"] = strconv.FormatBool(*l.Features.Compliance) props["CustomBrand"] = strconv.FormatBool(*l.Features.CustomBrand) props["MHPNS"] = strconv.FormatBool(*l.Features.MHPNS) diff --git a/webapp/components/admin_console/admin_sidebar.jsx b/webapp/components/admin_console/admin_sidebar.jsx index 4de0cf007..f39bb8b6b 100644 --- a/webapp/components/admin_console/admin_sidebar.jsx +++ b/webapp/components/admin_console/admin_sidebar.jsx @@ -193,7 +193,6 @@ export default class AdminSidebar extends React.Component { let samlSettings = null; let clusterSettings = null; let complianceSettings = null; - let webrtcSettings = null; let license = null; let audits = null; @@ -270,20 +269,6 @@ export default class AdminSidebar extends React.Component { ); } - if (global.window.mm_license.Webrtc === 'true') { - webrtcSettings = ( - <AdminSidebarSection - name='webrtc' - title={ - <FormattedMessage - id='admin.sidebar.webrtc' - defaultMessage='WebRTC (Beta)' - /> - } - /> - ); - } - oauthSettings = ( <AdminSidebarSection name='oauth' @@ -370,6 +355,18 @@ export default class AdminSidebar extends React.Component { ); } + const webrtcSettings = ( + <AdminSidebarSection + name='webrtc' + title={ + <FormattedMessage + id='admin.sidebar.webrtc' + defaultMessage='WebRTC (Beta)' + /> + } + /> + ); + return ( <div className='admin-sidebar'> <AdminSidebarHeader/> diff --git a/webapp/components/channel_header.jsx b/webapp/components/channel_header.jsx index dd0fd5b70..1ce7b4a0e 100644 --- a/webapp/components/channel_header.jsx +++ b/webapp/components/channel_header.jsx @@ -290,8 +290,7 @@ export default class ChannelHeader extends React.Component { const teammateId = Utils.getUserIdFromChannelName(channel); channelTitle = Utils.displayUsername(teammateId); - const webrtcEnabled = global.mm_config.EnableWebrtc === 'true' && global.mm_license.Webrtc === 'true' && - global.mm_config.EnableDeveloper === 'true' && userMedia && Utils.isFeatureEnabled(PreReleaseFeatures.WEBRTC_PREVIEW); + const webrtcEnabled = global.mm_config.EnableWebrtc === 'true' && userMedia && Utils.isFeatureEnabled(PreReleaseFeatures.WEBRTC_PREVIEW); if (webrtcEnabled) { const isOffline = UserStore.getStatus(contact.id) === UserStatuses.OFFLINE; diff --git a/webapp/components/user_profile.jsx b/webapp/components/user_profile.jsx index 911ae63dd..e69d917a3 100644 --- a/webapp/components/user_profile.jsx +++ b/webapp/components/user_profile.jsx @@ -90,8 +90,7 @@ export default class UserProfile extends React.Component { let webrtc; const userMedia = navigator.getUserMedia || navigator.webkitGetUserMedia || navigator.mozGetUserMedia; - const webrtcEnabled = global.mm_config.EnableWebrtc === 'true' && global.mm_license.Webrtc === 'true' && - global.mm_config.EnableDeveloper === 'true' && userMedia && Utils.isFeatureEnabled(PreReleaseFeatures.WEBRTC_PREVIEW); + const webrtcEnabled = global.mm_config.EnableWebrtc === 'true' && userMedia && Utils.isFeatureEnabled(PreReleaseFeatures.WEBRTC_PREVIEW); if (webrtcEnabled && this.props.user.id !== this.state.currentUserId) { const isOnline = this.props.status !== UserStatuses.OFFLINE; diff --git a/webapp/components/user_settings/user_settings_advanced.jsx b/webapp/components/user_settings/user_settings_advanced.jsx index fe7b7bb5a..4346c952b 100644 --- a/webapp/components/user_settings/user_settings_advanced.jsx +++ b/webapp/components/user_settings/user_settings_advanced.jsx @@ -55,8 +55,7 @@ export default class AdvancedSettingsDisplay extends React.Component { let enabledFeatures = 0; for (const [name, value] of advancedSettings) { - const webrtcEnabled = global.mm_config.EnableWebrtc === 'true' && global.mm_license.Webrtc === 'true' && - global.mm_config.EnableDeveloper === 'true'; + const webrtcEnabled = global.mm_config.EnableWebrtc === 'true'; if (!webrtcEnabled) { preReleaseFeaturesKeys = preReleaseFeaturesKeys.filter((f) => f !== 'WEBRTC_PREVIEW'); |