TsgcTURNServer › Events › OnSTUNRequestAuthorization
Raised when an authenticated request arrives; supply the password associated with the incoming Username/Realm.
property OnSTUNRequestAuthorization: TsgcSTUNRequestAuthorizationEvent;
// TsgcSTUNRequestAuthorizationEvent = procedure(Sender: TObject; const aRequest: TsgcSTUN_Message; const aUsername, aRealm: string; var Password: string) of object—
Fired for every authenticated STUN Binding Request and every TURN method (ALLOCATE, REFRESH, CREATE-PERMISSION, CHANNEL-BIND, Send-Indication) once the incoming MESSAGE-INTEGRITY attribute has been parsed but before it is verified. aUsername and aRealm are decoded from the request; for TURN long-term credentials the realm matches TURNOptions.Authentication.LongTermCredentials.Realm. Assign the password associated with that user to the Password var-parameter; the server then computes the HMAC key and either accepts the request or answers with a 401 Unauthorized response when the computed integrity value does not match. Leave Password as an empty string to reject the user, which also yields a 401 response. This handler runs on the listener thread unless NotifyEvents selects another mode — keep it short and thread-safe.
procedure TForm1.OnSTUNRequestAuthorization(Sender: TObject;
const aRequest: TsgcSTUN_Message; const aUsername, aRealm: string;
var Password: string);
begin
if (aUsername = 'user') and (aRealm = 'esegece.com') then
Password := 'password'
else
Password := '';
end;