ApsaraVideo Live allows you to configure a stream ingest callback URL and authenticate the callback URL. This helps prevent live streaming exceptions that are caused by unauthorized access. This topic describes how to configure a stream ingest callback URL and how to authenticate the callback URL.
Procedure
If you want to receive callback messages related to stream ingest, perform the following steps to configure a stream ingest callback URL and authenticate the callback URL.
For more information about the callback logic and callback authentication, see Callback logic and Callback authentication.
- Log on to the ApsaraVideo Live console.
In the left-side navigation pane, click Domain Names. The Domain Management page appears.
Find the ingest domain that you want to configure and click Domain Settings in the Actions column.
Choose . On the page that appears, click the Stream Ingest Information tab.
Click the Edit icon next to Callback URL. The Configure Callback URL dialog box appears.
In the Configure Callback URL dialog box, configure the settings.
Specify a stream ingest callback URL.
Select whether to enable authentication for the callback URL.
If you require authentication, turn on Authentication, specify Cryptographic Key, and then click OK.
If you do not require authentication, simply click OK.
Callback logic
Callback logic
During stream ingest over Real-Time Messaging Protocol (RTMP), ApsaraVideo Live checks whether the stream ingest client closes the connection within 2 seconds after ApsaraVideo Live receives an OnPublish message. If the stream ingest client does not close the connection, ApsaraVideo Live sends a callback notification about the successful stream ingest.
Assume that you have Ingest Domain A and Streaming Domain B that are associated with each other, and you configure regular stream pulling and triggered stream pulling for Streaming Domain B. If you want to receive callback notifications about the stream pulling status, configure stream ingest callbacks for Ingest Domain A. After the configuration, the same callback logic as the preceding applies to stream pulling under Streaming Domain B. By default, stream pulling is considered successful if the client does not close the connection within 2 seconds.
We recommend that you issue the streaming URL after you confirm that the stream ingest or pulling is successful based on callback notifications and the response to your call of the DescribeLiveStreamsOnlineList operation.
Callback authentication
By default, authentication for stream ingest callbacks is disabled. You can enable the feature when you specify the stream ingest callback URL. After you enable the feature, the following authentication logic applies:
When ApsaraVideo Live initiates a callback request, it includes the
ALI-LIVE-TIMESTAMPandALI-LIVE-SIGNATUREheaders in the HTTP or HTTPS request so that the callback message receiving server can authenticate the signature. The value ofALI-LIVE-SIGNATUREis calculated based on the following formula:ALI-LIVE-SIGNATURE = MD5SUM (MD5CONTENT)MD5CONTENT = Domain name|ALI-LIVE-TIMESTAMP value|Cryptographic keyNoteDomain name is the ingest domain for which you configure the callback URL. Cryptographic key is the cryptographic key that you specify for the callback URL.
After receiving a callback message, the callback message receiving server concatenates the domain name of the callback, value of the
ALI-LIVE-TIMESTAMPheader, and cryptographic key in the preceding format. The server calculates the MD5 value of the string to obtain an encrypted string. Then, the server compares the encrypted string with the value of theALI-LIVE-SIGNATUREheader in the HTTP or HTTPS request initiated by ApsaraVideo Live. If the two values are different, the request is invalid.