GstRtspServer.RTSPAuth¶

Subclasses:: None

Methods¶

Inherited:: GObject.Object (37)
Structs:: GObject.ObjectClass (5)

class	`check` (check)
class	`make_basic` (user, pass_)
class	`new` ()
	`add_basic` (basic, token)
	`add_digest` (user, pass_, token)
	`get_default_token` ()
	`get_realm` ()
	`get_supported_methods` ()
	`get_tls_authentication_mode` ()
	`get_tls_certificate` ()
	`get_tls_database` ()
	`parse_htdigest` (path, token)
	`remove_basic` (basic)
	`remove_digest` (user)
	`set_default_token` (token)
	`set_realm` (realm)
	`set_supported_methods` (methods)
	`set_tls_authentication_mode` (mode)
	`set_tls_certificate` (cert)
	`set_tls_database` (database)

Virtual Methods¶

Inherited:: GObject.Object (7)

	`do_accept_certificate` (connection, peer_cert, errors)
	`do_authenticate` (ctx)
	`do_check` (ctx, check)
	`do_generate_authenticate_header` (ctx)

Properties¶

None

Signals¶

Inherited:: GObject.Object (1)

Name	Short Description
`accept-certificate`	Emitted during the TLS handshake after the client certificate has been received.

Fields¶

Inherited:: GObject.Object (1)

Name	Type	Access	Description
parent	`GObject.Object`	r

Class Details¶

class GstRtspServer.RTSPAuth(**kwargs)¶

Bases:: GObject.Object
Abstract:: No
Structure:: GstRtspServer.RTSPAuthClass

The authentication structure.

classmethod check(check)[source]¶

Parameters:: check (str) – the item to check
Returns:: False if check failed.
Return type:: bool

Check if check is allowed in the current context.

classmethod make_basic(user, pass_)[source]¶

Parameters:

user (str) – a userid
pass (str) – a password

Returns:

the base64 encoding of the string user:pass. GLib.free() after usage.

Return type:

str

Construct a Basic authorisation token from user and pass.

classmethod new()[source]¶

Returns:: a new GstRtspServer.RTSPAuth
Return type:: GstRtspServer.RTSPAuth

Create a new GstRtspServer.RTSPAuth instance.

add_basic(basic, token)[source]¶

Parameters:

basic (str) – the basic token
token (GstRtspServer.RTSPToken) – authorisation token

Add a basic token for the default authentication algorithm that enables the client with privileges listed in token.

add_digest(user, pass_, token)[source]¶

Parameters:

user (str) – the digest user name
pass (str) – the digest password
token (GstRtspServer.RTSPToken) – authorisation token

Add a digest user and pass for the default authentication algorithm that enables the client with privileges listed in token.

New in version 1.12.

get_default_token()[source]¶

Returns:: the GstRtspServer.RTSPToken of self. gst_rtsp_token_unref() after usage.
Return type:: GstRtspServer.RTSPToken or None

Get the default token for self. This token will be used for unauthenticated users.

get_realm()[source]¶

Returns:: the realm of self
Return type:: str or None

New in version 1.16.

get_supported_methods()[source]¶

Returns:: The supported authentication methods
Return type:: GstRtsp.RTSPAuthMethod

Gets the supported authentication methods of self.

New in version 1.12.

get_tls_authentication_mode()[source]¶

Returns:: the Gio.TlsAuthenticationMode.
Return type:: Gio.TlsAuthenticationMode

Get the Gio.TlsAuthenticationMode.

get_tls_certificate()[source]¶

Returns:: the Gio.TlsCertificate of self. GObject.Object.unref() after usage.
Return type:: Gio.TlsCertificate or None

Get the Gio.TlsCertificate used for negotiating TLS self.

get_tls_database()[source]¶

Returns:: the Gio.TlsDatabase of self. GObject.Object.unref() after usage.
Return type:: Gio.TlsDatabase or None

Get the Gio.TlsDatabase used for verifying client certificate.

New in version 1.6.

parse_htdigest(path, token)[source]¶

Parameters:

path (str) – Path to the htdigest file
token (GstRtspServer.RTSPToken) – authorisation token

Returns:

True if the file was successfully parsed, False otherwise.

Return type:

bool

Parse the contents of the file at path and enable the privileges listed in token for the users it describes.

The format of the file is expected to match the format described by <https://en.wikipedia.org/wiki/Digest_access_authentication#The_.htdigest_file>, as output by the htdigest command.

New in version 1.16.

remove_basic(basic)[source]¶

Parameters:: basic (str) – the basic token

Removes basic authentication token.

remove_digest(user)[source]¶

Parameters:: user (str) – the digest user name

Removes a digest user.

New in version 1.12.

set_default_token(token)[source]¶

Parameters:: token (GstRtspServer.RTSPToken or None) – a GstRtspServer.RTSPToken

Set the default GstRtspServer.RTSPToken to token in self. The default token will be used for unauthenticated users.

set_realm(realm)[source]¶

Parameters:: realm (str or None) – The realm to set

Set the realm of self

New in version 1.16.

set_supported_methods(methods)[source]¶

Parameters:: methods (GstRtsp.RTSPAuthMethod) – supported methods

Sets the supported authentication methods for self.

New in version 1.12.

set_tls_authentication_mode(mode)[source]¶

Parameters:: mode (Gio.TlsAuthenticationMode) – a Gio.TlsAuthenticationMode

The Gio.TlsAuthenticationMode to set on the underlying Gio.TlsServerConnection. When set to another value than Gio.TlsAuthenticationMode.NONE, GstRtspServer.RTSPAuth ::accept-certificate signal will be emitted and must be handled.

New in version 1.6.

set_tls_certificate(cert)[source]¶

Parameters:: cert (Gio.TlsCertificate or None) – a Gio.TlsCertificate

Set the TLS certificate for the auth. Client connections will only be accepted when TLS is negotiated.

set_tls_database(database)[source]¶

Parameters:: database (Gio.TlsDatabase or None) – a Gio.TlsDatabase

Sets the certificate database that is used to verify peer certificates. If set to None (the default), then peer certificate validation will always set the Gio.TlsCertificateFlags.UNKNOWN_CA error.

New in version 1.6.

do_accept_certificate(connection, peer_cert, errors) virtual¶

Parameters:

connection (Gio.TlsConnection) –
peer_cert (Gio.TlsCertificate) –
errors (Gio.TlsCertificateFlags) –

Return type:

bool

do_authenticate(ctx) virtual¶

Parameters:: ctx (GstRtspServer.RTSPContext) –
Return type:: bool

check the authentication of a client. The default implementation checks if the authentication in the header matches one of the basic authentication tokens. This function should set the authgroup field in the context.

do_check(ctx, check) virtual¶

Parameters:

ctx (GstRtspServer.RTSPContext) –
check (str) –

Return type:

bool

check if a resource can be accessed. this function should call authenticate to authenticate the client when needed. The method should also construct and send an appropriate GstRtsp.response message on error.

do_generate_authenticate_header(ctx) virtual¶

Parameters:: ctx (GstRtspServer.RTSPContext) –

Signal Details¶

GstRtspServer.RTSPAuth.signals.accept_certificate(r_t_s_p_auth, connection, peer_cert, errors)¶

Signal Name:

accept-certificate

Flags:

RUN_LAST

Parameters:

r_t_s_p_auth (GstRtspServer.RTSPAuth) – The object which received the signal
connection (Gio.TlsConnection) – a Gio.TlsConnection
peer_cert (Gio.TlsCertificate) – the peer’s Gio.TlsCertificate
errors (Gio.TlsCertificateFlags) – the problems with peer_cert.

Returns:

True to accept peer_cert (which will also immediately end the signal emission). False to allow the signal emission to continue, which will cause the handshake to fail if no one else overrides it.

Return type:

bool

Emitted during the TLS handshake after the client certificate has been received. See also GstRtspServer.RTSPAuth.set_tls_authentication_mode().

New in version 1.6.