-
Notifications
You must be signed in to change notification settings - Fork 641
Time based One Time Password (TOTP)
The Time-based One-time Password algorithm (TOTP) is an extension of the HMAC-based One-time Password algorithm (HOTP) that generates a one-time password (OTP) by instead taking uniqueness from the current time.
We define a publisher or player as a subscriber. If time based token enabled, a subscriber should be created for the stream to able to publish or play. Each subscriber has an ID and a code. When a subscriber requests to publish or play a stream, he should provide his ID and time based token generated for his code. Otherwise server doesn't accept the publish or play request.
You can enable TOTP in application settings using Management Panel.
You can also set/change TOTP period in seconds in red5-web.proeprties file under /usr/local/antmedia/webapps/WebRTCAppEE/WEB-INF/ folder. By default this value is 60 seconds.
settings.timeTokenPeriod=60
After enabling TOP in the server the following operations should be performed to publish or play by using TOTP.
-
Admin creates a new subscriber (publisher or player) by using this REST Method. You should assign a base 32 secret to each subscriber at the creation. A secret should be in length of multiple of 8 characters.
Curl example for publisher type subscriber creation.
curl -X POST -H "Accept: Application/json" -H "Content-Type: application/json" http://localhost:5080/WebRTCAppEE/rest/v2/broadcasts/stream1/subscribers -d '{"subscriberId":"publisherA", "b32Secret":"mysecret", "type":"publish"}'
Curl example for player type subscriber creation.
curl -X POST -H "Accept: Application/json" -H "Content-Type: application/json" http://localhost:5080/WebRTCAppEE/rest/v2/broadcasts/stream1/subscribers -d '{"subscriberId":"playerB", "b32Secret":"mysecret", "type":"play"}'
-
Subscriber(Publisher or Player) needs to have a TOTP token to publish or play the stream. This token should be created using subscriber secret key. Here is an example page that creates TOTP.
-
Subscriber(Publisher or Player) can request publish or play using the created TOTP.
Example of a publish request:
http://localhost:5080/WebRTCAppEE/?name=streamId&subscriberId=publisherA&subscriberCode=440456
Example of a play request:
http://localhost:5080/WebRTCAppEE/play.html?name=streamId&subscriberId=playerB&subscriberCode=438610
You can find create, delete, list REST Methods references from REST API Reference
You can also get the some statistics like connection events, average bitrate for each subscriber with the following REST method.
curl -i -H "Accept: Application/json" -X GET "http://localhost:5080/WebRTCAppEE/rest/v2/broadcasts/stream1/subscriber-stats/list/0/5"
- Introduction
- Quick Start
- Installation
- Publishing Live Streams
- Playing Live Streams
- Conference Call
- Peer to Peer Call
- Adaptive Bitrate(Multi-Bitrate) Streaming
- Data Channel
- Video on Demand Streaming
- Simulcasting to Social Media Channels
- Clustering & Scaling
- Monitor Ant Media Servers with Apache Kafka and Grafana
- WebRTC SDKs
- Security
- Integration with your Project
- Advanced
- WebRTC Load Testing
- TURN Servers
- AWS Wavelength Deployment
- Multi-Tenancy Support
- Monitor Ant Media Server with Datadog
- Clustering in Alibaba
- Playlist
- Kubernetes
- Time based One Time Password
- Kubernetes Autoscaling
- Kubernetes Ingress
- How to Install Ant Media Server on EKS
- Release Tests
- Spaceport Volumetric Video
- WebRTC Viewers Info
- Webhook Authentication for Publishing Streams
- Recording Streams
- How to Update Ant Media Server with Cloudformation
- How to Install Ant Media Server on GKE
- Ant Media Server on Docker Swarm
- Developer Quick Start
- Recording HLS, MP4 and how to recover
- Re-streaming update
- Git Branching
- UML Diagrams