All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.antmedia.filter.TokenFilterManager Maven / Gradle / Ivy

Go to download

Ant Media Server supports RTMP, RTSP, MP4, HLS, WebRTC, Adaptive Streaming, etc.

There is a newer version: 2.10.0
Show newest version
package io.antmedia.filter;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.ApplicationContext;
import org.springframework.web.context.WebApplicationContext;

import io.antmedia.AppSettings;
import io.antmedia.datastore.db.types.Token;
import io.antmedia.muxer.MuxAdaptor;
import io.antmedia.security.ITokenService;

public class TokenFilterManager extends AbstractFilter   {

	private static final String REPLACE_CHARS_REGEX = "[\n|\r|\t]";
	protected static Logger logger = LoggerFactory.getLogger(TokenFilterManager.class);
	private ITokenService tokenService;


	@Override
	public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
			throws IOException, ServletException {

		boolean result = false;
		
		HttpServletRequest httpRequest =(HttpServletRequest)request;
		HttpServletResponse httpResponse = (HttpServletResponse)response;

		String method = httpRequest.getMethod();
		String tokenId = ((HttpServletRequest) request).getParameter("token");
		if (tokenId != null) {
			tokenId = tokenId.replaceAll(REPLACE_CHARS_REGEX, "_");
		}
		 
		String sessionId = httpRequest.getSession().getId();
		String streamId = getStreamId(httpRequest.getRequestURI());
		
		String clientIP = httpRequest.getRemoteAddr().replaceAll(REPLACE_CHARS_REGEX, "_");

		
		AppSettings appSettings = getAppSettings();
		if (appSettings == null) {
			httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN,"Server is getting initialized.");
			logger.warn("AppSettings not initialized. Server is getting started for stream id:{} from request: {}", streamId, clientIP);
			return;
		}


		logger.debug("Client IP: {}, request url:  {}, token:  {}, sessionId: {},streamId:  {} ",clientIP 
				,httpRequest.getRequestURI(), tokenId, sessionId, streamId);


		if ("GET".equals(method)) 
		{
			
			if(appSettings.isTokenControlEnabled()) 
			{
				
				ITokenService tokenServiceTmp = getTokenService();
				if (tokenServiceTmp != null) 
				{
					if (!tokenServiceTmp.checkToken(tokenId, streamId, sessionId, Token.PLAY_TOKEN)) {
						httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Invalid Token");
						logger.warn("token {} is not valid", tokenId);
						return; 
					}
				}
				else {
					httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Not initialized");
					logger.warn("Token service is not initialized. Server is getting started for stream id:{} from request: {}", streamId, clientIP);
					return;
				}
			}

			else if (appSettings.isHashControlPlayEnabled()) 
			{
				ITokenService tokenServiceTmp = getTokenService();
				if (tokenServiceTmp != null) 
				{
					if (!tokenServiceTmp.checkHash(tokenId, streamId, sessionId, Token.PLAY_TOKEN)) {
						httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN,"Invalid Hash");
						logger.warn("hash {} is not valid", tokenId);
						return; 
					}
				}
				else {
					httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Not initialized");
					logger.warn("Token service is not initialized. Server is getting started for stream id:{} from request: {}", streamId, clientIP);
					return;
				}
			}
			
		}
	
		chain.doFilter(request, response);

	}

	public ITokenService getTokenService() {
		if (tokenService == null) {
			ApplicationContext context = getAppContext();
			if (context != null) {
				tokenService = (ITokenService)context.getBean(ITokenService.BeanName.TOKEN_SERVICE.toString());
			}
		}
		return tokenService;
	}


	public void setTokenService(ITokenService tokenService) {
		this.tokenService = tokenService;
	}

	public static String getStreamId(String requestURI) {
		
		requestURI = requestURI.replaceAll(REPLACE_CHARS_REGEX, "_");
		
		int endIndex;
		int startIndex = requestURI.lastIndexOf('/');

		if(requestURI.contains("_")) {
			//if multiple files with same id requested such as : 541211332342978513714151_480p_1.mp4 
			return requestURI.split("_")[0].substring(startIndex+1);
		}

		//if mp4 file requested
		endIndex = requestURI.lastIndexOf(".mp4");
		if (endIndex != -1) {
			return requestURI.substring(startIndex+1, endIndex);
		}

		//if request is adaptive file ( ending with _adaptive.m3u8)
		endIndex = requestURI.lastIndexOf(MuxAdaptor.ADAPTIVE_SUFFIX + ".m3u8");
		if (endIndex != -1) {
			return requestURI.substring(startIndex+1, endIndex);
		}

		//if specific bitrate is requested
		String regex = "_[0-9]+p\\.m3u8$";  // matches ending with _[resolution]p.m3u8
		if (requestURI.matches(regex)) {
			endIndex = requestURI.lastIndexOf('_'); //because file format is [NAME]_[RESOLUTION]p.m3u8
			return requestURI.substring(startIndex+1, endIndex);
		}

		//if just the m3u8 file
		endIndex = requestURI.lastIndexOf(".m3u8");
		if (endIndex != -1) {
			return requestURI.substring(startIndex+1, endIndex);
		}


		return null;
	}

}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy