Secret based streams authorization without rest api calls

[Stinkie]

General idea is to provide a hash from client which will be checked on ams side to authorize a user

Hashing algorithm looks like this

sha256(STREAM_ID + ROLE + SECRET) - hash of 3 concatenated strings

STREAM_ID - just the stream name - self explanatory
ROLE - string which values are ‘publish’ or ‘play’.
SECRET - random string which is shared by ams (via config) and party generating hash

So basically auth flow looks the same as for current implementation but token which is being sent through signaling looks like above

Should be an option to enable described logic via config.
Other thing is that we should be able to enable auth for each server and role independently - it means we can enable auth for publish and disable for subscribers. Each node should have it’s own config and perform auth accordingly.

There is no need for us to have logic above configurable via web interface but highly likely you’ll do it anyway for other customers