I am using the web SDK, in which setting the client role as host or audience seems to have no effect. I have tried setting it before and after joining the channel. Contrary to the behavior described in the Android SDK docs, where setting the role as audience makes Agora automatically unpublish the stream.
Also, peer-online event seems to fire only when a stream is published. To be very specific when rtc.client.publish() is called and not otherwise.
This is all on temp token generated on the console.
Is this intended behavior for the Web SDK ? Are we, devs, supposed to disable the stream using the stream spec object on client side if audience ?
The two available roles are: host and audience. I think you may have used the role client in setClientRole which doesn't really exist.
You need to set the role just before joining the channel as per normal convention.
Check out these files for sample working code:
Broadcast client code - host
Broadcast audience code
Sample app
The SDK triggers the peer-online callback under one of the following circumstances:
A remote user/host joins the channel by calling the Client.join method.
A remote user switches the user role to the host by calling the Client.setClientRole method after joining the channel.
A remote user/host rejoins the channel after a network interruption.
The host injects an online media stream into the channel by calling the Client.addInjectStreamUrl method.
Agora Documentation Link: https://docs.agora.io/en/Interactive%20Broadcast/API%20Reference/web/interfaces/agorartc.client.html
Related
Is there a maximum limit of client credentials my control integration can use ?
I would like to control the sonos devices via a small IOT device that has it's own event callback URL without using an external server.
Is this possible ?
In the client credentials I can only configure one event callback url.
I would build a tiny webservice in the IOT device that receives event callbacks for status changes. (Volume changes / Playback states / group states)
Every IOT device needs a different callback url (and different client credentials).
Is this possible ?
If this is possible can we use a self-signed certificate for our IOT webservice ?
Is there a maximum limit of client credentials my control integration
can use?
There's no maximum limit. But note that your application uses the API key and secret, not the customer, therefore you should not need more than one. You don't need to create a unique API key and secret for each customer. You may need to create multiple credentials if you wish to have a one for your development app and one for your production app.
I would like to control the sonos devices via a small IOT device that
has it's own event callback URL without using an external server. Is
this possible?
We do not currently support a redirect URI to a local device or app (for example - a Redirect URI that opens an app on the device).
I'm new to microservice architecture. I was reading about it and start to be interested in developing website using the architecture. I've used Lumen micro framework.
What I am going to ask you has been browsed on the internet and I couldn't find the way. So, I finally reached out to stackoverflow. Below is the overview of my current implementation.
Up until this point, I am able to request user, patient, treatment, etc.. data from the api gateway and get the response data properly.
When client requests user data like name, department, client requests this route, http://localhost:8000/users/1, (port 8000 is for api gateway and 8001 for user service, let's say) and gateway goes to 8001 and grab the user data.
I've also enabled the authorization between api gateway and individual services in order to prevent separately perform CRUD operatons to the individual services - when request goes from gateway to service, I have put the pregenerated token (which is also predefined in the service) in the header and when it reaches the service, the service validates if the token is equal by comparing its predefined one. So, it's working.
But to be able to request from api gateway to services, I've used client credentials grant type. So, here is my question.
How can I implement the login and register? Does client credentials
grant type enable to do so? If not, what is the appropriate one? What
is the right way to implement the system? Could you please kindly explain in
advance? Thank you so much.
Updated
In conclusion, I want to know how to configure authentication between front-end and api gateway.
Your API architecture looks good - nothing there needs to change. However there are 3 parts to the architecture:
APIs (done)
UIs (to do)
Authorization Server (maybe use a free cloud one?)
As a next step maybe focus on login. My tutorial will help you to understand the interaction and what needs to be coded in UIs. Or if you prefer just view the message workflow.
Registering users can be a more complex topic and depends on the type of system. Happy to answer follow up questions if it helps.
I am using the Pubnub library (Pubnub-CodeNameOne-3.7.8.cn1lib) in my social app project (which includes a real-time chat that I implemented with your great tutorial: https://www.codenameone.com/blog/building-a-chat-app-with-codename-one-part-5.html).
But since Apple will no longer accept http URL connections from applications, I had to reinforce the security of my app, and so I decided to use HTTPS and activate the Access Manager feature in Pubnub dashboard (I followed the Pubnub tutorial https://www.pubnub.com/docs/codenameone-java/pam-security#understanding_access_manager_permissions_hierarchy).
So I changed the instantiation of Pubnub in my CN1 project like :
pb = new Pubnub(PUBNUB_PUB_KEY, PUBNUB_SUB_KEY, SECRET_KEY, true);//enable SSL
pb.setAuthKey(USER_UIID);
Unfortunately I still get an error when I subscribe/publish through Pubnub:
[Error 112-0] : Authentication Failure. Incorrect Authentication Key :
{"message":"Forbidden","payload":{"channels":["myChannelID"]},"error":true,"service":"Access
Manager","status":403}
Therefore, I would like to perform administrative PAM functions, such as granting or revoking, in order to solve the above error message problem.
But I don’t find the pubnub.pamGrant(), or pubnub.pamRevoke() methods which are mentioned in the Pubnub tutorial. So I am still stuck on this error.
Have you an idea about how I can resolve this? Thank you very much for your help.
PubNub Access Manager & SSL/TLS
While you should be using Access Manager to secure your channels on a per device/user basis, Access Manager is not required in order to use PubNub over TLS (SSL is the deprecated/vulnerable predecessor and often these terms are used interchangeably).
So your initialization code is correct to enable TLS (https connections) when PubNub operations are invoked.
pb = new Pubnub(PUBNUB_PUB_KEY, PUBNUB_SUB_KEY, SECRET_KEY, true);
But if you enable Access Manager on your key set (pub/sub keys), then you are required to grant permissions (read, write & manage) for channels on auth-keys. Each end user should have a unique auth-key that has the permissions for the channels that are required for that user to publish, subscribe, get history, presence, etc.
You grant permissions from your secure server which you initialize PubNub with the publish, subscribe and secret keys (secret key is required to execute the grant API). With v4 PubNub SDKs, the server has super admin permissions when it inits with the secret key. v3 SDKs require the server to grant itself access to its own auth-key but since Codename One is for mobile client apps, you don't need to wait for a v4 PubNub SDK for Codename One. And I would assume you would be using Java on your server and our v4 Java SDK v4 has the super admin permissions feature when initialized with the secret key. NOTE: the docs need to be updated as they still state that an auth-key is required even when secret key is used to init.
So my recommendation is, enable SSL (TLS) as you are already doing for your server and clients but disable Access Manager for the short term. Once you have your base functionality working, integrate the use of Access Manager and auth-keys into your server and clients.
I'd like to know if each time my application runs I need to get the token and pass it to the server, or if it's only necessary once to register the application. Thanks a lot.
You need a token to register the GCM(push notification) to the Google Server. Then this token is passed and used in the server to send subsequent notification. This token should be persisted by the server so that it can be used to make API calls to the Google server. With this approach, your server and the Android device do not need to create a persistent connection and the responsibility of queuing and relaying messages is all handled by Google's servers.
For more information visit the Registering Client Apps and also check this documentation.
i'm building a website that uses WebRTC to share audio and video. Now i'd like to access WebRTC features on Android devices so i can create an app that can receives audio and video streams from the website.
I've looked for a technology allowing me to do that and I've found SkylinkJS.
It looks great but i'm wondering something. Can i build a custom authentication system on top of SkylinkJS logic. What i mean is that i'd like to make sure the connection to SkylinkJS rooms are initiated by users actually authenticated on my platform.
At the moment, i do that using socket.io but i can do it since i'm using raw WebRTC. How can i do that using SkylinkJS? Using the REST API?
Thanks.
PS: i cannot tag this question with 'skylinkjs' since it's a new tag, but it mights be cool if someone could do it.
Yes you can integrate that with the REST API in this Applications REST API link here - . You can generate your own credentials.
You can generate the connecting credentials from your server and then when the User logs in, generate the credentials for Users to connect to the Room. See more in their support article.
SkylinkJS uses key based authentication mechanism to authenticate against the Temasys signaling servers. This ensures that any application using Skylink can only connect to calls in your application if the app can provide the same secure keys (from your Temasys developer account).
Your best bet in looping in Android would be to use the android counterpart. http://skylink.io/android/