* Update room alias handling in token generation for LegacySfuRequest
* update test for room alias handling in token generation for LegacySfuRequest
* Update main.go
Co-authored-by: Timo <16718859+toger5@users.noreply.github.com>
* doc update
* rephrase doc
---------
Co-authored-by: Timo <16718859+toger5@users.noreply.github.com>
* Encode room alias as unpadded base64
As recommended by the latest version of MSC4195.
* Set participant ID to SHA-256 of user ID, device ID, and member ID
To match the latest version of MSC4195.
As we recently enforcing `DisallowUnknownFields()` while checking JSON input we need to add all required fields to `OpenIDTokenType` such as `expires_in`
* Add writeMatrixError function to unify error handling
* Refactor POST request handling in preparation to allow different request types:
- split out into two functions
- processSFURequest: main request handling
- createLiveKitRoom: utility function which will be used by all different request types
- applying previously added writeMatrixError func
* rename SFURequest into LegacySFURequest
* add Matrix2 SFURequest type
* Add interface as well as implementation of it to SFURequest data types for data validation
* linting
* Add process function for Matrix2 SFURequest type
* refactor /sfu/get "POST" handling:
- cache body request for later processing
- add mapSFURequest function to map the request into LegacySFURequest or Matrix2 SFURequest. Including request field validation
* comment about request validation validation
* add test for MapSFURequest
* license header upddate
* add test to check json parsing and processing wrt. memory leaks
* convert exchangeOpenIdUserInfo and createLiveKitRoom into function variables for better testability
* reorder tests in main_test.go
* Add test for ProcessSFURequest
* Add test for ProcessLegacySFURequest
* according the the MSC the request endpoint is `/get_token`. For smooth transition:
- Allow for a transition period the old endpoint `/get/sfu`
- This old endpoint does auto map according to request type (LegacySFURequest, SFURequest)
- Define related function to 'legacy` and add TODO to remove them in future
- implement the new endpoint `/get_token`
* add type to errCode
* add logline in case of error while getJoinToken
* Check if validated userInfo.Sub matches req.Member.ClaimedUserID in processSFURequest and adapt test case.
* Update main.go
Co-authored-by: Will Hunt <2072976+Half-Shot@users.noreply.github.com>
* Use correct err code M_INVALID_PARAM -> M_BAD_JSON
* renamed TestHandlePost -> TestLegacyHandlePost and readded TestHandlePost
* review comments
---------
Co-authored-by: Will Hunt <2072976+Half-Shot@users.noreply.github.com>
* README.md: add new default value column.
* refactor: split out config parsing in own function
* add tests for parseConfig
* more ideomatic order of functions in main.go
* fix(deps): update github.com/matrix-org/gomatrixserverlib digest to 6697d93 (#120)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* chore(deps): update dependency go to v1.25.3 (#121)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* fix espace pipe character
* add logging to indicate where the LiveKit API key and secrets are loaded from.
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* feat: allow binding of arbitrary addresses
This generally helps when the user wants to listen to [::1] or 127.0.0.0/8
Signed-off-by: Matthieu Pignolet <matthieu@puffer.fish>
* fix: update the documentation to reflect the environment variables changes
Signed-off-by: Matthieu Pignolet <matthieu@puffer.fish>
* feat: added `LIVEKIT_JWT_PORT` back for backwards-compatiblity (mutually exclusive with the `LIVEKIT_JWT_BIND` environment variable)
Signed-off-by: Matthieu Pignolet <matthieu@puffer.fish>
* feat: add a warning when using `LIVEKIT_JWT_PORT`
* feat: disallow using `LIVEKIT_JWT_BIND` and `LIVEKIT_JWT_PORT` together as they are mutually exclusive
---------
Signed-off-by: Matthieu Pignolet <matthieu@puffer.fish>
* add new ENV variable LIVEKIT_FULL_ACCESS_HOMESERVERS to allow different handling between full-access and restricted users
* full-access / restricted user detection
* Create LiveKit room on the SFU in case of a full-acceess user prior to issuing the JWT token
* Support full-access for all users via wildcard `*`for all homeservers
* make the wildcard '*' the default of LIVEKIT_FULL_ACCESS_HOMESERVERS to mimic the previous behaviour
* more idomatic variable nameing
* More ideomatic order for of functions in main.go
* Update golangci/golangci-lint-action action to v8
* fix ST1005: error strings should not be capitalized
* fix : QF1003: could use tagged switch on r.Method
* fix: QF1012: Use fmt.Fprintf(...) instead of Write([]byte(fmt.Sprintf(...)))
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: fkwp <github-fkwp@w4ve.de>
* Add LIVEKIT_KEY_SECRET_FILE and trim keys&secrets
* Rename env vars for consistency with livekit
* Add LIVEKIT_KEY_FILE variable in README
* comment readKeySecret logic
* reformat var names
* Make server port configurable through environment variable LK_JWT_PORT, default 8080
* Update readme to reflect usage of LK_JWT_PORT environment variable
* Start of support for openid tokens
* Perform the actual openid token lookup
* Make livekit url configurable
* Check json encode calls for errors (picked up by linter)
* Remove unused field
