[Freeswitch-users] JSON Web Tokens

Michael Jerris mike at jerris.com
Sat May 7 00:02:17 MSD 2016


think that would work, yes.  Give it a try and let us know

On Friday, May 6, 2016, Gregor Nanger <gregor at infomedia.si> wrote:

> That's fantastic. I can send username and token in login parameters with
> empty password. Then validate token and if validated, return user conf with
> empty password.
>
> On Wed, May 4, 2016, 00:31 Michael Jerris <mike at jerris.com
> <javascript:_e(%7B%7D,'cvml','mike at jerris.com');>> wrote:
>
>> In the case of sip, I think you can just return blank password to auth it.
>>
>> On May 3, 2016, at 5:48 PM, Colin Morelli <colin.morelli at gmail.com
>> <javascript:_e(%7B%7D,'cvml','colin.morelli at gmail.com');>> wrote:
>>
>> Got it. The part that I missed was loginParams from verto. I'm not using
>> verto in my case (actually using PJSIP). However yes, I could include
>> custom headers in the register request to make this work. I was just hoping
>> for something that would work in the password.
>>
>> Thanks,
>> Colin
>>
>> On Tue, May 3, 2016 at 5:44 PM Michael Jerris <mike at jerris.com
>> <javascript:_e(%7B%7D,'cvml','mike at jerris.com');>> wrote:
>>
>>> Any mod_xml_curl user directory lookup example would do.
>>>
>>> On May 3, 2016, at 4:31 PM, Colin Morelli <colin.morelli at gmail.com
>>> <javascript:_e(%7B%7D,'cvml','colin.morelli at gmail.com');>> wrote:
>>>
>>> Michael can you provide an example of how you'd get the password portion
>>> (or the token) to a process via xml curl?
>>>
>>> I haven't been able to figure it out
>>>
>>> Thanks in advance
>>> On Tue, May 3, 2016 at 4:29 PM Michael Jerris <mike at jerris.com
>>> <javascript:_e(%7B%7D,'cvml','mike at jerris.com');>> wrote:
>>>
>>>> This is incorrect.. as I said you can handle the login via a dynamic
>>>> directory lookup.  There is no reason or need to do anything like
>>>> dynamically changing the password.
>>>>
>>>> On May 3, 2016, at 4:08 PM, Gregor Nanger <gregor at infomedia.si
>>>> <javascript:_e(%7B%7D,'cvml','gregor at infomedia.si');>> wrote:
>>>>
>>>> Well, somwhere you have to pass username an password in client when
>>>> calling login procedure in javascript. And if it is in client side, then
>>>> user can see it, either by monitoring network in browser or see source code
>>>> of page. In voip phone,  password is hidden in password textbox for example
>>>> and it is not easy accessible as from Web client. Hope you understand what
>>>> I mean.
>>>>
>>>> Maybe as Michael said. If you put token as loginparam, but still there
>>>> is no way in xml_curl to say, oh you are verto user with this token and
>>>> token is ok, so you are logged in, although you didn't send password from
>>>> client side.
>>>>
>>>> The best what I think of is to automatically change password on some
>>>> period and client should retrieve it when login expire. This way you can
>>>> use it like token. Real authorization is anyway first on your Web app.
>>>>
>>>> Please correct me if I'm wrong, but from Fs side, login procedure is
>>>> same for sip client or verto client?
>>>>
>>>> Best regards, Gregor
>>>>
>>>> On Tue, May 3, 2016, 20:17 Michael Jerris <mike at jerris.com
>>>> <javascript:_e(%7B%7D,'cvml','mike at jerris.com');>> wrote:
>>>>
>>>>> You may have to pass it in loginParams  but i think it should be
>>>>> possible from looking at the code.  Double check what all you get in the
>>>>> code.
>>>>>
>>>>> On May 3, 2016, at 1:25 PM, Colin Morelli <colin.morelli at gmail.com
>>>>> <javascript:_e(%7B%7D,'cvml','colin.morelli at gmail.com');>> wrote:
>>>>>
>>>>> Michael,
>>>>>
>>>>> Is that actually possible? I have an application using mod_xml_curl
>>>>> but FS doesn't send passwords as part of the directory request (as far as I
>>>>> can tell). I actually wanted to do something very similar to this.
>>>>>
>>>>> Colin
>>>>>
>>>>> On Tue, May 3, 2016 at 1:07 PM Tristan Mahé <gled at remote-shell.net
>>>>> <javascript:_e(%7B%7D,'cvml','gled at remote-shell.net');>> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> AFAIK, there is no module handling JWT at the moment, but you can do
>>>>>> pretty much anything you can think of using lua, or any other langage
>>>>>> supported by freeswitch.
>>>>>>
>>>>>> Best,
>>>>>>
>>>>>> Tristan.
>>>>>>
>>>>>> On 05/03/2016 07:12 AM, Oivvio Polite wrote:
>>>>>> > Can FreeSwitch handle JSON Web Tokens natively or be made to handle
>>>>>> JWT
>>>>>> > through one of the available scripting languages?
>>>>>> >
>>>>>> > Oivvio
>>>>>> >
>>>>>
>>>>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> <javascript:_e(%7B%7D,'cvml','consulting at freeswitch.org');>
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> <javascript:_e(%7B%7D,'cvml','FreeSWITCH-users at lists.freeswitch.org');>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
> --
> Gregor Nanger
>
> *CTO*
> t./f.: 00386 (0) 7 6000 308/309 • m:. 00386 (0)41 756485
> • Infomedia d.o.o. • Jerebova 3, Novo mesto, Slovenia
> • www.infomedia.si
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160506/7e806217/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list