SRS (RTMP) authentification with PHP error

Question

So I recently started to work with SRS (https://github.com/ossrs/srs) and I already had a lot of issues figuring out how to make FFMpeg work.

But now it's different I need to do basic authentification (https://github.com/ossrs/srs/wiki/v3_EN_HTTPCallback).

So I had the idea to do a PHP code that simply returns the code 200 and a value of 0 when the user is correct and 404 when it doesn't work.

For me, it isn't working and I am not able to get help for now in this repo did anyone here used it or have any idea on how I should do that?

Here is my PHP code (it's an example for the moment) :

<?php
$username = $_POST["name"]; # in our current example, this will be 'john'
$password = $_POST["psk"]; # in our current example, this will be 'supersecret'
$postdata = file_get_contents("php://input");

$valid_users = array("john" => "supersecret",
                     "winnie" => "thepooh",
                                         "batman" => "nananananananana");
$fp = fopen('test.txt', 'w');
fwrite($fp, "test $username $password posted data $postdata");
fclose($fp);
header('HTTP/1.0 404 Not Found');
if ($valid_users[$username] == $password) {
  http_response_code(200); # return 201 "Created"
        echo intval(false);
} else {
  http_response_code(404); # return 404 "Not Found"
}
?>

Here are the errors I get when I try to use it.

[2020-04-23 09:35:16.634][Trace][3921][473] connect app, tcUrl=rtmp://192.168.1.10:1935/live/livestream?name=john&psk=supersecret, pageUrl=, swfUrl=rtmp://192.168.1.10:1935/live/livestream?name=john&psk=supersecret, schema=rtmp, vhost=195.201.153.98, port=1935, app=live/livestream, args=null
[2020-04-23 09:35:16.634][Trace][3921][473] protocol in.buffer=0, in.ack=0, out.ack=0, in.chunk=4096, out.chunk=128
[2020-04-23 09:35:16.724][Trace][3921][473] client identified, type=fmle-publish, vhost=195.201.153.98, app=live/livestream, stream=, param=?name=john&psk=supersecret, duration=0ms
[2020-04-23 09:35:16.726][Warn][3921][473][11] use public address as ip: 192.168.1.10
[2020-04-23 09:35:16.728][Warn][3921][473][11] http: ignore on_close failed, client_id=473, url=http://195.201.153.97/test.php, request={"action":"on_close","client_id":473,"ip":"178.211.242.54","vhost":"__defaultVhost__","app":"live/livestream","send_bytes":3655,"recv_bytes":3430}, response=
, code=404, ret=4005
[2020-04-23 09:35:16.728][Error][3921][473][11] serve error code=4005 : service cycle : rtmp: stream service : check vhost : rtmp: callback on connect : rtmp on_connect http://192.168.1.10/test.php : http: on_connect failed, client_id=473, url=http://192.168.1.10/test.php, request={"action":"on_connect","client_id":473,"ip":"192.168.1.11","vhost":"__defaultVhost__","app":"live/livestream","tcUrl":"rtmp://192.168.1.10:1935/live/livestream?name=john&psk=supersecret","pageUrl":""}, response=
, code=404 : http: status 404
thread [3921][473]: do_cycle() [src/app/srs_app_rtmp_conn.cpp:210][errno=11]
thread [3921][473]: service_cycle() [src/app/srs_app_rtmp_conn.cpp:399][errno=11]
thread [3921][473]: stream_service_cycle() [src/app/srs_app_rtmp_conn.cpp:462][errno=11]
thread [3921][473]: check_vhost() [src/app/srs_app_rtmp_conn.cpp:586][errno=11]
thread [3921][473]: http_hooks_on_connect() [src/app/srs_app_rtmp_conn.cpp:1243][errno=11]
thread [3921][473]: on_connect() [src/app/srs_app_http_hooks.cpp:83][errno=11]
thread [3921][473]: do_post() [src/app/srs_app_http_hooks.cpp:504][errno=11](Resource temporarily unavailable)
[2020-04-23 09:38:40.582][Trace][3921][474] API server client, ip=187.8.182.21
[2020-04-23 09:38:40.582][Trace][3921][474] HTTP API GET http://192.168.1.10:9090/setup/index.jsp, content-length=-1, chunked=0/0
[2020-04-23 09:38:40.984][Warn][3921][474][104] client disconnect peer. ret=1007

Maybe you are better than me to understand the logs but I truly don't know what I am doing wrong.

Any idea?

Answer 1

So after digging during a lot of hours. This is the solution if finded (but i didn't finded a way to correctly say no) so if you enter anything else than 0 the server will do an error (not by crashing) and simply refuse the connection wich works but isn't clean.

<?php
echo "0";
$code = 200;
    // clear the old headers
    header_remove();
    // set the actual code
    http_response_code($code);
    // set the header to make sure cache is forced
    header("Cache-Control: no-transform,public,max-age=300,s-maxage=900");
    // treat this as json
    header('Content-Type: application/json');
    $status = array(
        200 => '200 OK',
        400 => '400 Bad Request',
        422 => 'Unprocessable Entity',
        500 => '500 Internal Server Error'
        );
    // ok, validation error, or failure
    header('Status: '.$status[$code]);
    // return the encoded json
    return json_encode(array(
        'status' => $code < 300, // success or not?
        'message' => $message
        ));
?>

Answer 2

Yes, in order to successfully identify a client, you must provide a specific something response, otherwise the SRS will reject the client. This allows you to filter out unauthorized clients. Please refer to the Callback Error Code documentation for more information.

Note: The on_publish callback can also be utilized for advanced security measures, enabling you to allow or deny clients based on their IP address, token in the request URL, or any other client-related information.

The term something in this context refers to:

• HTTP/200, which indicates a successful HTTP response.
• AND a response with an integer value of 0, or a JSON object containing a field with code 0.

For example:

HTTP/1.1 200 OK
Content-Length: 1
0

Or:

HTTP/1.1 200 OK
Content-Length: 11
{"code": 0}

You can run the sample HTTP callback server here by executing:

cd srs/trunk/research/api-server
go run . 8085

Note: There are other demo API servers available, such as Go, Node.js, and PHP.

By running the example, you will be able to determine the appropriate response format.