I am wondering how should I add OAuth token and session key to the
peerconection iceServer config?
AFAIU OAuth has (according RFC 7635) the key id(kid) as username,
and has two "credential" information pieces, that are needed to
pass to the browser ICE agent:
- the Session Key(Message Integrity, HMAC key).
- the Access Token (SelfContaing token, e.g.
Authenticated-Encryption with Associated-Data(AEAD) encrypted
token.)
But in WebIDL I could find only one DOMString for Credential.
dictionary RTCIceServer {
required (DOMString or sequence<DOMString>) urls;
DOMString username;
DOMString credential;
RTCIceCredentialType
credentialType = "password";
};
And furthermore this credential field is normally in case of
"password" auth (Long Term Credential) contains the Session
Key(Message Integrity, HMAC key).
I am wondering what is the right way?
- Is it possible to add a new field for the OAuth token? (I
would prefer this way.)
- Or the intended method is to put both (the Session Key and
the OAuth token) somehow packed in one string.
e.g. put all in one JSON object, and add this way into the
credential field? (If so, is there any suggested format of the
JSON?)
Any comment highly appreciated!