Wowza Logo Wowza Icon
Wowza Video Sign Out
Talk to an Expert Free Trial
Wowza Video Sign Out

Wowza Community

SecureToken - Custom parameters how to

Wowza Streaming Engine
#1

I find this: “You can add a unique customer-specific hash parameter to ensure that a unique SecureToken hash is generated per customer”. link Does anyone have ready in PHP? What do I need to do to add this parameter? Thanks

#2

That is the sample we share to be able to generate the correct security token hash using the example PHP code. If you have an issue, please submit a support ticket and we’ll take a look why it didn’t work. Hopefully it works though!

#3

<?php

/*

* Modify the following variables as needed

*/

/*

$clientIP = null; // provide client IP optionally

// $clientIP = $_SERVER[‘REMOTE_ADDR’];

$host = “[REPLACE-WITH-HOST-IP]”; // your ip/host

$url= “http://”.$host.":1935/";

$stream = “[replace-with-app-name]/[replace-with-stream-name]”; // your stream

$start = time();

$end = strtotime("+30 minutes"); //time() + $validity;

$secret = “[replace-with-secret]”; // your secret

$tokenName = “[replace-with-token-name]”;

*/

$clientIP = null; // provide client IP optionally

// $clientIP = $_SERVER[‘REMOTE_ADDR’];

$host = “yourserver.com”; // your ip/host

$url= “http://”.$host**.**":1935/";

$stream = “live/myStream”; // your stream

$start = time();

$validity = 1000; // validity in seconds

$end = time() + $validity;

$secret = “coolSecret”; // your secret

$tokenName = “wowzatoken”;

$params = array("{$tokenName}starttime=".$start, “{$tokenName}endtime=”.$end, $secret);

if(!is_null($clientIP)){

$params[] = $clientIP;

}

sort($params);

$string4Hashing = $stream**.**"?";

foreach($params as $entry){

$string4Hashing .= $entry**.**"&";

}

$string4Hashing = preg_replace("/(&)$/","", $string4Hashing);

$hash = hash(‘sha256’, $string4Hashing, true); // generate the hash string

echo $string4Hashing;

echo
”;

$base64Hash = strtr(base64_encode($hash), ‘+/’, ‘-_’); // Base64 encode the hashed string

$playbackURL = $url**.$stream."/playlist.m3u8?".$tokenName.“starttime=”.$start."&".$tokenName.“endtime=”.$end."&".$tokenName.“hash=”.**$base64Hash;

echo $base64Hash;

echo
”;

echo $playbackURL;

echo
”;

?>

#4

ok… I know it

first:

when I determine this:

$ clientIP = null;

it works.

when I determine this:

$ clientIP = $ _SERVER [‘REMOTE_ADDR’];

…did not work…

Secondly:

the information I found is about Custom Parameters:

“You can add a unique customer-specific hash parameter to ensure that a unique SecureToken hash is generated per customer”

What do I have to do to generate a token for a specific IP of the viewer? Is it possible?

Copying the stream address and running it on another computer under VLC is possible. Is there a way to prevent direct stream playback without a browser?

Thank you.

#5

The IP of the viewer is the same as the clientIP, so for the one you said was working, you’re good to go.

You just have to be able to populate this variable correctly; You need to figure out how to obtain this via php. I don’t have info here in our docs on how to get that, but I guess there is a lot of info online according to the engineers. Feel free to submit a support ticket if you’d like an engineer to work directly with you on this.

© 2007–2024 Wowza Media Systems, LLC. All rights reserved.   Security & Privacy PolicyLegalSystem Status