Wowza Community

Secure Token not being able to make it work

Hello,

I have installed wowza in a test environment with a developer key to develop an application that will provide videos to the clients and I am testing wowza as adaptaive streaming engine for this application.

I’ve been able to configure the server and the client with jwplayer to play videos successfully. Now I want to use secure token to protect the playback of this videos to only approved customers, but I am unable to make it work, I always click to play to the player and nothing happens. Disabling secure token protection the video works again.

This is my Wowza configuration:

And I am generating the url with php using this code:

[PHP] $host = ‘rtmp://XX.XX.XXX.XXX:1935/’;

$file = ‘vod/definst/mp4:sample.mp4’;

$params = [

‘tkncustomparam=CustomValue’,

‘tknendtime=’.$endtime,

‘tknstarttime=’.$starttime

];

// add client IP and shared secret for hash calculation

$hashArray = array_merge($params, [$_SERVER[‘REMOTE_ADDR’], WOWZA_SHARED_SECRET]);

sort($hashArray);

$hash = hash(‘sha256’, $file.’?’.implode($hashArray, ‘&’));

echo ‘hash query string = ‘.$file.’?’.implode($hashArray, ‘&’).’
’;

echo ‘hash: ‘.$hash.’
’;

$params[] = ‘tknhash=’.urlencode(base64_encode($hash));

$url = $host.$file.’?’.implode($params, ‘&’);[/PHP]

I’ve also tried the library https://github.com/remiheens/WowzaSecureToken without any success.

And this is the javascript to generate the player

    jwplayer('my_video').setup({
        sources: [
            { file: '<?php echo $url ?>'}
        ],
        height: 360,
        width: 640
    });

This is the hash string passed to the hash function:

vod/definst/mp4:sample.mp4?XX.XX.XXX.XXX&87ac8f6081d****&tkncustomparam=CustomValue&tknendtime=1476292487&tknstarttime=1475428487

And this the url provide to the jwplayer

rtmp://XX.XX.XXX.XXX:1935/vod/definst/mp4:sample.mp4?tkncustomparam=CustomValue&tknendtime=1476292487&tknstarttime=1475428487&tknhash=NGVkNGI1OWMwNTFlNGI5M2ViYzIwMWNiYjNjNjk4MGMzNTlhNjg0NWE5N2U4ZGU2Nzc3YjhhOWE5NzgwYjA4MQ

Any help?

Thank you.

Hi,

Here’s a sample script that should work with IP address as part of the hash. Feel free to adapt to suit your own requirements

[php]

$clientIP = “192.168.1.4”; // specify an IP address if set in Secure Token in Engine

$host = “wowza-ip”; // your ip/host

$url= “rtmp://”.$host.":1935/"; // this is an example for RTMP streams

$stream = “vod/definst/mp4:sample.mp4”; // your stream

$start = time(); // token is valid from time of hash generation

$end = strtotime("+30 minutes"); // token will expire in 30 minutes

$secret = “abcde”; // secret as defined in Engine

$tokenName = “wowzatoken”; // token as defined in Engine

$hash = “”;

if(is_null($clientIP)){

$hash = hash(‘sha256’, $stream."?".$secret."&{$tokenName}endtime=".$end."&{$tokenName}starttime=".$start, true); // generate the hash string

}

else {

$hash = hash(‘sha256’, $stream."?".$clientIP."&".$secret."&{$tokenName}endtime=".$end."&{$tokenName}starttime=".$start, true); // generate the hash string

}

$base64Hash = strtr(base64_encode($hash), ‘+/’, ‘-_’); $params = array("{$tokenName}starttime=".$start, “{$tokenName}endtime=”.$end, “{$tokenName}hash=”.$base64Hash);

if(!is_null($clientIP)){

$params[] = $clientIP;

}

sort($params); $URL = $url.$stream."/playlist.m3u8?"; // determine if HLS or RTMP depending on $url

if(preg_match("/(rtmp)/",$url)){

$playbackURL = $url.$stream."?";

}

foreach($params as $entry){

$playbackURL.= $entry."&";

}

$URL = preg_replace("/(&)$/","", $playbackURL);

[/PHP]

Regards,

Paul