In the Media Server, when a HTTP request arrives, the HTTP side forwards the request to a AuthVerifier class, this class has control over an XMPP component, to send and receive packets in a synchronous way, via a SyncReplySend util class. Once the AuthVerifier class receives the request, it "asks" if the client has sent it, if yes, the request is authorized, if not, the HTTP side returns a 403 error.
Here is the sequence diagram:
- Via HTTP auth: Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
- Via URL: /email@example.com?auth=QWxhZGRpbjpvcGVuIHNlc2FtZQ==
In both ways, the client's JID and transaction id, are separated by a ; and are base 64 encoded.
This week, we hope to do the first deploy, to finally see the Media Server running in a production environment!