Fix TURN credential generation.

The temporary username must consist of the timestamp and a random username,
see https://github.com/coturn/coturn/wiki/turnserver#turn-rest-api for
details on the format.

Signed-off-by: Joachim Bauch <bauch@struktur.de>

lib/Config.php

@@ -131,12 +131,14 @@ public function getTurnSettings() {
 
 		// Credentials are valid for 24h
 		// FIXME add the TTL to the response and properly reconnect then
-		$username = $this->timeFactory->getTime() + 86400;
+		$timestamp = $this->timeFactory->getTime() + 86400;
+		$rnd = $this->secureRandom->generate(16);
+		$username = (string) $timestamp . ':' . $rnd;
 		$password = base64_encode(hash_hmac('sha1', $username, $server['secret'], true));
 
 		return array(
 			'server' => $server['server'],
-			'username' => (string) $username,
+			'username' => $username,
 			'password' => $password,
 			'protocols' => $server['protocols'],
 		);

tests/php/ConfigTest.php

@@ -80,22 +80,27 @@ public function testGenerateTurnSettings() {
 
 		/** @var \PHPUnit_Framework_MockObject_MockObject|ISecureRandom $secureRandom */
 		$secureRandom = $this->createMock(ISecureRandom::class);
+		$secureRandom
+			->expects($this->once())
+			->method('generate')
+			->with(16)
+			->willReturn('abcdefghijklmnop');
 		$helper = new Config($config, $secureRandom, $timeFactory);
 
 		//
 		$server = $helper->getTurnSettings();
 		if ($server['server'] === 'turn.example.org') {
 			$this->assertSame([
 				'server' => 'turn.example.org',
-				'username' => '1479829425',
-				'password' => 'ZY8fZQxAw/24gT0XYnMlcepUFlI=',
+				'username' => '1479829425:abcdefghijklmnop',
+				'password' => 'eibuiLbHf+0lk9jnmP8fTXjgcCc=',
 				'protocols' => 'udp,tcp',
 			], $server);
 		} else {
 			$this->assertSame([
 				'server' => 'turn2.example.com',
-				'username' => '1479829425',
-				'password' => 'VoqRpE4ktQ85TqFps8Qt+scEEvE=',
+				'username' => '1479829425:abcdefghijklmnop',
+				'password' => 'r0RrWWnxAj622i0gHrCwcKoi6aA=',
 				'protocols' => 'tcp',
 			], $server);
 		}