Generate RTMP Authentication URL

[devilyn]

Hello All,

i need to generate an RTMP authentication URL with autoit using the following guidelines: - is this possible?

Authentication Flow

The authentication mechanism/process is a multistep synchronous handshake between the client and the server.

Connection

The client (encoder) connects to a Live ingest server using a server-specific URL such as

• rtmp://ingest01.pri.shortname.fmspush.llnw.net

Or

• rtmp://ingest01.bak.shortname.fmspush.llnw.net

Where shortname refers to the customer-specific account name.

Authentication Handshake

The examples in this section use the following data; substitutions for actual customer data should be made accordingly:

Customer = Acme Corp

Shortname = acme

Username = acme

Password = go!acme

Primary Connection URL = rtmp://ingest01.pri.acme.fmspush.llnw.net/acme

Backup Connection URL = rtmp://ingest01.bak.acme.fmspush.llnw.net/acme

Note: generally, the username allocated to an account will be identical to the shortname.

1) The client tries to connect:

a) rtmp://ingest01.pri.acme.fmspush.llnw.net/acme

rtmp://ingest01.bak.acme.fmspush.llnw.net/acme

2) The ingest server initially responds to the client with the following rejection code and detail message:

a) Rejection code: NetConnection.Connect.Rejected

Detail message: [ code=403 need auth; authmod=llnw ]

3) The client prompts the user for the username and password.

4) The user enters acme and go!acme.

5) The client tries to reconnect to the ingest server with a modified URL that contains query terms specifying the authentication module name and the username to authenticate:

• rtmp://ingest01.pri.acme.fmspush.llnw.net/acme?authmod=llnw&user=acme

6) On the second connection attempt, the ingest server once again rejects the client connection with the following response code and detail message that includes a nonce:

a) Rejection code: NetConnection.Connect.Rejected

Detail message: [ authmod=llnw ] : reason=needauth&user=acme&nonce=eb36ed37a9d08274ce30e42f5d8c5a1a

7) The client computes the final response to complete the authentication handshake (see Computing the Final Response).

8) The client reconnects to the ingest server using the computed final response URL.

a) If the final response computed by the client does not match what the ingest server independently computes the same algorithm used by the client in Computing the Final Response, the connection is rejected. The following response code and detail message are sent to the client:

i) Rejection code: NetConnection.Connect.Rejected

ii) Detail message: [ authmod=llnw ] : ?reason=authfail&detail=invalid_response

Otherwise, the connection is accepted with a response code of NetConnection.Connect.Success and the client proceeds to Publishing the Live Stream.

Computing the Final Response

To compute the final response, both the client and the server follow the same steps:

1) Parse the nonce value from the rejection information from the second attempt.

2) Generate a random eight-byte hexadecimal challenge string, known as the cnonce.

3) Create a nonce counter, nc, which is an eight-byte hexadecimal counter, initially set to 00000001. It must be incremented every time the nonce is reused.

Example:

nonce=eb36ed37a9d08274ce30e42f5d8c5a1a

cnonce=d5fca8e3

nc=00000001

4) Calculate the response hash value by using the H(A1) and H(A2) hash values.