Make TURN configuration dynamic

Also enables conditionally including more TURN servers for gradual rollouts
2026-04-20 21:38:06 +01:00 · 2022-03-22 10:37:20 -05:00
parent 8541360bf3
commit c70d7535b9
14 changed files with 391 additions and 57 deletions
--- a/service/src/main/java/org/whispersystems/textsecuregcm/auth/TurnToken.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/auth/TurnToken.java
@@ -6,6 +6,7 @@
 package org.whispersystems.textsecuregcm.auth;

 import com.fasterxml.jackson.annotation.JsonProperty;
+import com.google.common.annotations.VisibleForTesting;

 import java.util.List;

@@ -25,4 +26,9 @@ public class TurnToken {
    this.password = password;
    this.urls     = urls;
  }
+
+  @VisibleForTesting
+  List<String> getUrls() {
+    return urls;
+  }
 }
--- a/service/src/main/java/org/whispersystems/textsecuregcm/auth/TurnTokenGenerator.java
+++ b/service/src/main/java/org/whispersystems/textsecuregcm/auth/TurnTokenGenerator.java
@@ -5,7 +5,12 @@

 package org.whispersystems.textsecuregcm.auth;

-import org.whispersystems.textsecuregcm.configuration.TurnConfiguration;
+import org.whispersystems.textsecuregcm.configuration.TurnUriConfiguration;
+import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicConfiguration;
+import org.whispersystems.textsecuregcm.configuration.dynamic.DynamicTurnConfiguration;
+import org.whispersystems.textsecuregcm.storage.DynamicConfigurationManager;
+import org.whispersystems.textsecuregcm.util.Pair;
+import org.whispersystems.textsecuregcm.util.WeightedRandomSelect;

 import javax.crypto.Mac;
 import javax.crypto.spec.SecretKeySpec;
@@ -14,20 +19,21 @@ import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.util.Base64;
 import java.util.List;
+import java.util.Optional;
 import java.util.concurrent.TimeUnit;

 public class TurnTokenGenerator {

-  private final byte[]       key;
-  private final List<String> urls;
+  private final DynamicConfigurationManager<DynamicConfiguration> dynamicConfiguration;

-  public TurnTokenGenerator(TurnConfiguration configuration) {
-    this.key  = configuration.getSecret().getBytes();
-    this.urls = configuration.getUris();
+  public TurnTokenGenerator(final DynamicConfigurationManager<DynamicConfiguration> config) {
+    this.dynamicConfiguration = config;
  }

-  public TurnToken generate() {
+  public TurnToken generate(final String e164) {
    try {
+      byte[] key                = dynamicConfiguration.getConfiguration().getTurnConfiguration().getSecret().getBytes();
+      List<String> urls         = urls(e164);
      Mac    mac                = Mac.getInstance("HmacSHA1");
      long   validUntilSeconds  = (System.currentTimeMillis() + TimeUnit.DAYS.toMillis(1)) / 1000;
      long   user               = Math.abs(new SecureRandom().nextInt());
@@ -41,4 +47,22 @@ public class TurnTokenGenerator {
      throw new AssertionError(e);
    }
  }
+
+  private List<String> urls(final String e164) {
+    final DynamicTurnConfiguration turnConfig = dynamicConfiguration.getConfiguration().getTurnConfiguration();
+
+    // Check if number is enrolled to test out specific turn servers
+    final Optional<TurnUriConfiguration> enrolled = turnConfig.getUriConfigs().stream()
+        .filter(config -> config.getEnrolledNumbers().contains(e164))
+        .findFirst();
+    if (enrolled.isPresent()) {
+      return enrolled.get().getUris();
+    }
+
+    // Otherwise, select from turn server sets by weighted choice
+    return WeightedRandomSelect.select(turnConfig
+        .getUriConfigs()
+        .stream()
+        .map(c -> new Pair<List<String>, Long>(c.getUris(), c.getWeight())).toList());
+  }
 }