allow external authentication to return an error by using the HTTP body (#1546)

Co-authored-by: aler9 <46489434+aler9@users.noreply.github.com>
2 years ago · a918fae248
2 changed files with 7 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -330,7 +330,7 @@ Please be aware that it's perfectly normal for the authentication server to rece
				@@ -330,7 +330,7 @@ Please be aware that it's perfectly normal for the authentication server to rece
 }
 ```

-This happens because a RTSP client doesn't provide credentials until it is asked to. In order to receive the credentials, the authentication server must reply with status code `401` - the client will then send credentials.
+This happens because a RTSP client doesn't provide credentials until it is asked to. In order to receive the credentials, the authentication server must reply with status code `401`, then the client will send credentials.

 ### Encrypt the configuration

--- a/internal/core/external_auth.go
+++ b/internal/core/external_auth.go
@ -4,6 +4,7 @@ import (
				@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
+	"io"
 	"net/http"

 	"github.com/google/uuid"
@ -59,7 +60,11 @@ func externalAuth(
				@@ -59,7 +60,11 @@ func externalAuth(
 	defer res.Body.Close()

 	if res.StatusCode < 200 || res.StatusCode > 299 {
-		return fmt.Errorf("bad status code: %d", res.StatusCode)
+		if resBody, err := io.ReadAll(res.Body); err == nil {
+			return fmt.Errorf("external authentication replied with code %d: %s", res.StatusCode, resBody)
+		}
+
+		return fmt.Errorf("external authentication replied with code %d", res.StatusCode)
 	}

 	return nil