DEV Community

Masui Masanori
Masui Masanori

Posted on

[coTurn] Add TURN users into a database


I used to connect to coTurn using a static user.
I will add user into a Database file(SQLite) in this time.

Add users

I can add users by "turnadmin", but before I can do so, I must modify "turnserver.conf".

The default database file for Ubuntu is located in "/var/lib/turn/turndb".
I have to specify that coTurn reads that database file.


# SQLite database file name.
# The default file name is /var/db/turndb or /usr/local/var/db/turndb or
# /var/lib/turn/turndb.
Enter fullscreen mode Exit fullscreen mode

The schema of the coTurn database is here.

To add a user, I use "turnadmin" command.

sudo turnadmin -a -u username2 -p password2 -r 192.168.XX.YYY --db /var/lib/turn/turndb 
Enter fullscreen mode Exit fullscreen mode

"SQLite connection was closed" ?

After executing the command, the terminal showed these two lines.

0: : SQLite connection was closed.
0: : log file opened: /var/log/turn_41547_2022-09-10.log
Enter fullscreen mode Exit fullscreen mode

Because I thought the command was failed, I searched how to resolve it.
Finally I found that these outputs do not represent command success or failure.

So I could get result by this command.

sqlite3 /var/lib/turn/turndb "SELECT * FROM turnusers_lt"
Enter fullscreen mode Exit fullscreen mode

Now I can connect with coTurn using the user.


        this.peerConnection = new RTCPeerConnection({
            iceServers: [{
                urls: "",
                username: "username2",
                credential: "password2",
            // Force using STUN or TURN servers. 
            iceTransportPolicy: "relay"
Enter fullscreen mode Exit fullscreen mode

OAuth (Failed)

I also tried using OAuth to connect coTurn.
This time, I decided to add Authorize server functionality to my web application.

First I enabled OAuth in my coTurn config file.


# Server name used for
# the oAuth authentication purposes.
# The default value is the realm name.

# Flag that allows oAuth authentication.
Enter fullscreen mode Exit fullscreen mode

And I added an OAuth key into the database.

sqlite3 /var/lib/turn/turndb "INSERT INTO oauth_key (kid,ikm_key,timestamp,lifetime,as_rs_alg,realm) values('north','MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTIzNDU2Nzg5MDEK',0,0,'A256GCM','192.168.XX.YYY')"
Enter fullscreen mode Exit fullscreen mode

But I couldn't find how to use OAuth key from JavaScript.

I couldn't write like this post, because "credential" must be a string value and "credentialType" must be "password".
And I couldn't omit the "username" and "credential".

Because TURN has a specification to use third-party authorization, I will continue to look for solutions.

Top comments (0)