Secret declared in insecure tutorials for better understanding

openvidu-getaroom/web/app.js

@@ -267,6 +267,7 @@ function updateLayout() {
  */
 
 var OPENVIDU_SERVER_URL = "https://" + location.hostname + ":4443";
+var OPENVIDU_SERVER_SECRET = "MY_SECRET";
 
 function getToken(mySessionId) {
 	return createSession(mySessionId).then(sId => createToken(sId));
@@ -279,7 +280,7 @@ function createSession(sId) {
 			url: OPENVIDU_SERVER_URL + "/api/sessions",
 			data: JSON.stringify({ customSessionId: sId }),
 			headers: {
-				"Authorization": "Basic " + btoa("OPENVIDUAPP:MY_SECRET"),
+				"Authorization": "Basic " + btoa("OPENVIDUAPP:" + OPENVIDU_SERVER_SECRET),
 				"Content-Type": "application/json"
 			},
 			success: response => resolve(response.id),
@@ -305,7 +306,7 @@ function createToken(sId) {
 			url: OPENVIDU_SERVER_URL + "/api/tokens",
 			data: JSON.stringify({ session: sId }),
 			headers: {
-				"Authorization": "Basic " + btoa("OPENVIDUAPP:MY_SECRET"),
+				"Authorization": "Basic " + btoa("OPENVIDUAPP:" + OPENVIDU_SERVER_SECRET),
 				"Content-Type": "application/json"
 			},
 			success: response => resolve(response.token),

openvidu-hello-world/web/app.js

@@ -54,6 +54,7 @@ window.onbeforeunload = function () {
  */
 
 var OPENVIDU_SERVER_URL = "https://" + location.hostname + ":4443";
+var OPENVIDU_SERVER_SECRET = "MY_SECRET";
 
 function getToken(mySessionId) {
 	return createSession(mySessionId).then(sessionId => createToken(sessionId));
@@ -66,7 +67,7 @@ function createSession(sessionId) {
 			url: OPENVIDU_SERVER_URL + "/api/sessions",
 			data: JSON.stringify({ customSessionId: sessionId }),
 			headers: {
-				"Authorization": "Basic " + btoa("OPENVIDUAPP:MY_SECRET"),
+				"Authorization": "Basic " + btoa("OPENVIDUAPP:" + OPENVIDU_SERVER_SECRET),
 				"Content-Type": "application/json"
 			},
 			success: response => resolve(response.id),
@@ -92,7 +93,7 @@ function createToken(sessionId) {
 			url: OPENVIDU_SERVER_URL + "/api/tokens",
 			data: JSON.stringify({ session: sessionId }),
 			headers: {
-				"Authorization": "Basic " + btoa("OPENVIDUAPP:MY_SECRET"),
+				"Authorization": "Basic " + btoa("OPENVIDUAPP:" + OPENVIDU_SERVER_SECRET),
 				"Content-Type": "application/json"
 			},
 			success: response => resolve(response.token),

openvidu-insecure-angular/src/app/app.component.ts

@@ -13,6 +13,7 @@ import { OpenVidu, Session, StreamManager, Publisher, Subscriber, StreamEvent }
 export class AppComponent implements OnDestroy {
 
   OPENVIDU_SERVER_URL = 'https://' + location.hostname + ':4443';
+  OPENVIDU_SERVER_SECRET = 'MY_SECRET';
 
   // OpenVidu objects
   OV: OpenVidu;
@@ -170,7 +171,7 @@ export class AppComponent implements OnDestroy {
       const body = JSON.stringify({ customSessionId: sessionId });
       const options = {
         headers: new HttpHeaders({
-          'Authorization': 'Basic ' + btoa('OPENVIDUAPP:MY_SECRET'),
+          'Authorization': 'Basic ' + btoa('OPENVIDUAPP:' + this.OPENVIDU_SERVER_SECRET),
           'Content-Type': 'application/json'
         })
       };
@@ -203,7 +204,7 @@ export class AppComponent implements OnDestroy {
       const body = JSON.stringify({ session: sessionId });
       const options = {
         headers: new HttpHeaders({
-          'Authorization': 'Basic ' + btoa('OPENVIDUAPP:MY_SECRET'),
+          'Authorization': 'Basic ' + btoa('OPENVIDUAPP:' + this.OPENVIDU_SERVER_SECRET),
           'Content-Type': 'application/json'
         })
       };

openvidu-insecure-js/web/app.js

@@ -187,6 +187,7 @@ function initMainVideo(videoElement, userData) {
  */
 
 var OPENVIDU_SERVER_URL = "https://" + location.hostname + ":4443";
+var OPENVIDU_SERVER_SECRET = "MY_SECRET";
 
 function getToken(mySessionId) {
 	return createSession(mySessionId).then(sessionId => createToken(sessionId));
@@ -199,7 +200,7 @@ function createSession(sessionId) {
 			url: OPENVIDU_SERVER_URL + "/api/sessions",
 			data: JSON.stringify({ customSessionId: sessionId }),
 			headers: {
-				"Authorization": "Basic " + btoa("OPENVIDUAPP:MY_SECRET"),
+				"Authorization": "Basic " + btoa("OPENVIDUAPP:" + OPENVIDU_SERVER_SECRET),
 				"Content-Type": "application/json"
 			},
 			success: response => resolve(response.id),
@@ -225,7 +226,7 @@ function createToken(sessionId) {
 			url: OPENVIDU_SERVER_URL + "/api/tokens",
 			data: JSON.stringify({ session: sessionId }),
 			headers: {
-				"Authorization": "Basic " + btoa("OPENVIDUAPP:MY_SECRET"),
+				"Authorization": "Basic " + btoa("OPENVIDUAPP:" + OPENVIDU_SERVER_SECRET),
 				"Content-Type": "application/json"
 			},
 			success: response => resolve(response.token),

openvidu-webcomponent/web/app.js

@@ -38,6 +38,7 @@ function joinSession() {
  */
 
 var OPENVIDU_SERVER_URL = 'https://' + location.hostname + ':4443';
+var OPENVIDU_SERVER_SECRET = "MY_SECRET";
 
 function getToken(sessionName) {
     return createSession(sessionName).then((sessionId) => createToken(sessionId));
@@ -50,7 +51,7 @@ function createSession(sessionName) {
             url: OPENVIDU_SERVER_URL + '/api/sessions',
             data: JSON.stringify({ customSessionId: sessionName }),
             headers: {
-                Authorization: 'Basic ' + btoa('OPENVIDUAPP:MY_SECRET'),
+                Authorization: 'Basic ' + btoa('OPENVIDUAPP:' + OPENVIDU_SERVER_SECRET),
                 'Content-Type': 'application/json',
             },
             success: (response) => resolve(response.id),
@@ -84,7 +85,7 @@ function createToken(sessionId) {
             url: OPENVIDU_SERVER_URL + '/api/tokens',
             data: JSON.stringify({ session: sessionId }),
             headers: {
-                Authorization: 'Basic ' + btoa('OPENVIDUAPP:MY_SECRET'),
+                Authorization: 'Basic ' + btoa('OPENVIDUAPP:' + OPENVIDU_SERVER_SECRET),
                 'Content-Type': 'application/json',
             },
             success: (response) => resolve(response.token),