bigbluebutton-Github/bigbluebutton-html5/imports/utils/fetchStunTurnServers.js

import _ from 'lodash';

const MEDIA = Meteor.settings.public.media;
const STUN_TURN_FETCH_URL = MEDIA.stunTurnServersFetchAddress;
const CACHE_STUN_TURN = MEDIA.cacheStunTurnServers;
const FALLBACK_STUN_SERVER = MEDIA.fallbackStunServer;

let STUN_TURN_DICT;
let MAPPED_STUN_TURN_DICT;
let TURN_CACHE_VALID_UNTIL = Math.floor(Date.now() / 1000);
let HAS_SEEN_TURN_SERVER = false;

const fetchStunTurnServers = function (sessionToken) {
  const now = Math.floor(Date.now() / 1000);
  if (STUN_TURN_DICT && CACHE_STUN_TURN && now < TURN_CACHE_VALID_UNTIL) return Promise.resolve(STUN_TURN_DICT);

  const handleStunTurnResponse = ({ stunServers, turnServers }) => {
    if (!stunServers && !turnServers) {
      return Promise.reject(new Error('Could not fetch STUN/TURN servers'));
    }

    const turnReply = [];
    let max_ttl = null;
    _.each(turnServers, (turnEntry) => {
      const { password, url, username } = turnEntry;
      const valid_until = parseInt(username.split(':')[0]);
      if (!max_ttl) {
        max_ttl = valid_until;
      } else if (valid_until < max_ttl) {
        max_ttl = valid_until;
      }
      turnReply.push({
        urls: url,
        password,
        username,
      });
      HAS_SEEN_TURN_SERVER = true;
    });
    TURN_CACHE_VALID_UNTIL = max_ttl;

    const stDictionary = {
      stun: stunServers.map(server => server.url),
      turn: turnReply,
    };

    STUN_TURN_DICT = stDictionary;

    return Promise.resolve(stDictionary);
  };

  const url = `${STUN_TURN_FETCH_URL}?sessionToken=${sessionToken}`;
  return fetch(url, { credentials: 'include' })
    .then(res => res.json())
    .then(handleStunTurnResponse);
};

const mapStunTurn = ({ stun, turn }) => {
  const rtcStuns = stun.map(url => ({ urls: url }));
  const rtcTurns = turn.map(t => ({ urls: t.urls, credential: t.password, username: t.username }));
  return rtcStuns.concat(rtcTurns);
};

const getFallbackStun = () => {
  const stun = FALLBACK_STUN_SERVER ? [FALLBACK_STUN_SERVER] : [];
  return { stun, turn: [] };
};

const getMappedFallbackStun = () => (FALLBACK_STUN_SERVER ? [{ urls: FALLBACK_STUN_SERVER }] : []);

const fetchWebRTCMappedStunTurnServers = function (sessionToken) {
  return new Promise(async (resolve, reject) => {
    try {
      const now = Math.floor(Date.now() / 1000);
      if (MAPPED_STUN_TURN_DICT && CACHE_STUN_TURN && now < TURN_CACHE_VALID_UNTIL) {
        return resolve(MAPPED_STUN_TURN_DICT);
      }

      const stDictionary = await fetchStunTurnServers(sessionToken);

      MAPPED_STUN_TURN_DICT = mapStunTurn(stDictionary);
      return resolve(MAPPED_STUN_TURN_DICT);
    } catch (error) {
      return reject(error);
    }
  });
};

const hasTurnServer = () => {
  return HAS_SEEN_TURN_SERVER;
}

export {
  fetchStunTurnServers,
  fetchWebRTCMappedStunTurnServers,
  getFallbackStun,
  getMappedFallbackStun,
  hasTurnServer,
};
explicitly import lodash where it is used 2020-02-27 03:48:40 +08:00			`import _ from 'lodash';`

Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`const MEDIA = Meteor.settings.public.media;`
			`const STUN_TURN_FETCH_URL = MEDIA.stunTurnServersFetchAddress;`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`const CACHE_STUN_TURN = MEDIA.cacheStunTurnServers;`
			`const FALLBACK_STUN_SERVER = MEDIA.fallbackStunServer;`

			`let STUN_TURN_DICT;`
			`let MAPPED_STUN_TURN_DICT;`
Only cache TURN Servers as long as credentials are valid TURN credentials were cached forever. However they expire. So refresh them when required. closes #16171 2022-12-17 06:14:28 +08:00			`let TURN_CACHE_VALID_UNTIL = Math.floor(Date.now() / 1000);`
Get rid of forceRelayOnFirefox Firefox has a buggy ICE implementation and needs WebRTC media traffic to be routed through a turn server to work reliably with mediasoup. Use the information fetched by the STUN API to determine if the operator has configured a turn server. If there is one force firefox to use it. Closes #16164 2022-12-19 06:09:30 +08:00			`let HAS_SEEN_TURN_SERVER = false;`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00
			`const fetchStunTurnServers = function (sessionToken) {`
Only cache TURN Servers as long as credentials are valid TURN credentials were cached forever. However they expire. So refresh them when required. closes #16171 2022-12-17 06:14:28 +08:00			`const now = Math.floor(Date.now() / 1000);`
			`if (STUN_TURN_DICT && CACHE_STUN_TURN && now < TURN_CACHE_VALID_UNTIL) return Promise.resolve(STUN_TURN_DICT);`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`const handleStunTurnResponse = ({ stunServers, turnServers }) => {`
			`if (!stunServers && !turnServers) {`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`return Promise.reject(new Error('Could not fetch STUN/TURN servers'));`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`}`

			`const turnReply = [];`
Only cache TURN Servers as long as credentials are valid TURN credentials were cached forever. However they expire. So refresh them when required. closes #16171 2022-12-17 06:14:28 +08:00			`let max_ttl = null;`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`_.each(turnServers, (turnEntry) => {`
			`const { password, url, username } = turnEntry;`
Only cache TURN Servers as long as credentials are valid TURN credentials were cached forever. However they expire. So refresh them when required. closes #16171 2022-12-17 06:14:28 +08:00			`const valid_until = parseInt(username.split(':')[0]);`
			`if (!max_ttl) {`
			`max_ttl = valid_until;`
			`} else if (valid_until < max_ttl) {`
			`max_ttl = valid_until;`
			`}`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`turnReply.push({`
			`urls: url,`
			`password,`
			`username,`
			`});`
Get rid of forceRelayOnFirefox Firefox has a buggy ICE implementation and needs WebRTC media traffic to be routed through a turn server to work reliably with mediasoup. Use the information fetched by the STUN API to determine if the operator has configured a turn server. If there is one force firefox to use it. Closes #16164 2022-12-19 06:09:30 +08:00			`HAS_SEEN_TURN_SERVER = true;`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`});`
Only cache TURN Servers as long as credentials are valid TURN credentials were cached forever. However they expire. So refresh them when required. closes #16171 2022-12-17 06:14:28 +08:00			`TURN_CACHE_VALID_UNTIL = max_ttl;`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`const stDictionary = {`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`stun: stunServers.map(server => server.url),`
			`turn: turnReply,`
			`};`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00
			`STUN_TURN_DICT = stDictionary;`

			`return Promise.resolve(stDictionary);`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`};`

			const url = `${STUN_TURN_FETCH_URL}?sessionToken=${sessionToken}`;
Allow BBB to run behind a proxy the avoid gUM permission queries per node The idea is to run a loadbalancer node which maps each BBB node to a path. That way each user gets only one gUM permission query for a cluster. The loadbalancer node only serves the html5 client, each BBB node will serve its own API and handle the websockets for freeswitch and bbb-webrtc-sfu. Configuring a cluster setup =========================== * let bbb-lb.example.com be the loadbalancer node * let bbb-01.eaxmple.com be a BBB node Loadbalancer ------------ On the loadbalancer node add an nginx configuration similar to this one for each BBB node: ``` location /bbb-01/html5client/ { proxy_pass https://bbb-01.example.com/bbb-01/html5client/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; } ``` BBB Node -------- On the BBB node add the following options to `/etc/bigbluebutton/bbb-web.properties`: ``` defaultHTML5ClientUrl=https://bbb-lb.example.com/bbb-01/html5client/join presentationBaseURL=https://bbb-01.example.com/bigbluebutton/presentation accessControlAllowOrigin=https://bbb-lb.example.com ``` Add the following options to `/etc/bigbluebutton/bbb-html5.yml`: ``` public: app: basename: '/bbb-01/html5client' bbbWebBase: 'https://bbb-01.eaxmple.com/bigbluebutton' learningDashboardBase: 'https://bbb-01.eaxmple.com/learning-dashboard' media: stunTurnServersFetchAddress: 'https://bbb-01.eaxmple.com/bigbluebutton/api/stuns' sip_ws_host: 'bbb-01.eaxmple.com' presentation: uploadEndpoint: 'https://bbb-01.eaxmple.com/bigbluebutton/presentation/upload' ``` Create the following unit file overrides: * `/etc/systemd/system/bbb-html5-frontend@.service.d/cluster.conf` * `/etc/systemd/system/bbb-html5-backend@.service.d/cluster.conf` with the following content: ``` [Service] Environment=ROOT_URL=https://127.0.0.1/bbb-01/html5client ``` Change the nginx `$bbb_loadbalancer_node` variable to the name of the load balancer node in `/etc/bigbluebutton/nginx/loadbalancer.nginx` to allow CORS requests: ``` set $bbb_loadbalancer_node https://bbb-lb.example.com ``` Prepend the mount point of bbb-html5 in all location sections except from the `location @html5client` section in `/etc/bigbluebutton/nginx/bbb-html5.nginx` ``` location @html5client { ... } location /bbb-01/html5client/locales { ... } ``` 2021-11-19 05:52:20 +08:00			`return fetch(url, { credentials: 'include' })`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`.then(res => res.json())`
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merge-2.2-into-develop 2020-05-26 01:32:24 +08:00			`.then(handleStunTurnResponse);`
explicitly import lodash where it is used 2020-02-27 03:48:40 +08:00			`};`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`const mapStunTurn = ({ stun, turn }) => {`
			`const rtcStuns = stun.map(url => ({ urls: url }));`
			`const rtcTurns = turn.map(t => ({ urls: t.urls, credential: t.password, username: t.username }));`
			`return rtcStuns.concat(rtcTurns);`
explicitly import lodash where it is used 2020-02-27 03:48:40 +08:00			`};`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`const getFallbackStun = () => {`
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merge-2.2-into-develop 2020-05-26 01:32:24 +08:00			`const stun = FALLBACK_STUN_SERVER ? [FALLBACK_STUN_SERVER] : [];`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`return { stun, turn: [] };`
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merge-2.2-into-develop 2020-05-26 01:32:24 +08:00			`};`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00
Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merge-2.2-into-develop 2020-05-26 01:32:24 +08:00			`const getMappedFallbackStun = () => (FALLBACK_STUN_SERVER ? [{ urls: FALLBACK_STUN_SERVER }] : []);`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`const fetchWebRTCMappedStunTurnServers = function (sessionToken) {`
			`return new Promise(async (resolve, reject) => {`
			`try {`
Only cache TURN Servers as long as credentials are valid TURN credentials were cached forever. However they expire. So refresh them when required. closes #16171 2022-12-17 06:14:28 +08:00			`const now = Math.floor(Date.now() / 1000);`
			`if (MAPPED_STUN_TURN_DICT && CACHE_STUN_TURN && now < TURN_CACHE_VALID_UNTIL) {`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`return resolve(MAPPED_STUN_TURN_DICT);`
			`}`

Merge branch 'v2.2.x-release' of github.com:bigbluebutton/bigbluebutton into merge-2.2-into-develop 2020-05-26 01:32:24 +08:00			`const stDictionary = await fetchStunTurnServers(sessionToken);`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00
			`MAPPED_STUN_TURN_DICT = mapStunTurn(stDictionary);`
			`return resolve(MAPPED_STUN_TURN_DICT);`
Propagating configs to WebRTC screenshare script and added support for STUN/TURN config to SFU components 2018-07-10 05:29:27 +08:00			`} catch (error) {`
			`return reject(error);`
			`}`
			`});`
			`};`

Get rid of forceRelayOnFirefox Firefox has a buggy ICE implementation and needs WebRTC media traffic to be routed through a turn server to work reliably with mediasoup. Use the information fetched by the STUN API to determine if the operator has configured a turn server. If there is one force firefox to use it. Closes #16164 2022-12-19 06:09:30 +08:00			`const hasTurnServer = () => {`
			`return HAS_SEEN_TURN_SERVER;`
			`}`

html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`export {`
			`fetchStunTurnServers,`
			`fetchWebRTCMappedStunTurnServers,`
			`getFallbackStun,`
			`getMappedFallbackStun,`
Get rid of forceRelayOnFirefox Firefox has a buggy ICE implementation and needs WebRTC media traffic to be routed through a turn server to work reliably with mediasoup. Use the information fetched by the STUN API to determine if the operator has configured a turn server. If there is one force firefox to use it. Closes #16164 2022-12-19 06:09:30 +08:00			`hasTurnServer,`
html5: refactor STUN/TURN fetch, add fallback STUN, fix deadlock in audio join Refactored STUN/TURN fetch to be done only once, when successful, per session and cache it in mem to avoid too many reqs. Current way is a bit dumb, this should increase reliability a bit more. The caching is configurable so folks who want to use very short lived TURN credentials can disable it Add a fallback STUN config option to be used when the default STUN/TURN fetch fails Clean the safari/no candidate generation pre flight check from 3rd party STUNs Fix deadlock in audio join when STUN/TURN fetch failed 2020-05-21 12:20:46 +08:00			`};`