<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">This is incorrect.. as I said you can handle the login via a dynamic directory lookup. There is no reason or need to do anything like dynamically changing the password.<div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On May 3, 2016, at 4:08 PM, Gregor Nanger <<a href="mailto:gregor@infomedia.si" class="">gregor@infomedia.si</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><p dir="ltr" class="">Well, somwhere you have to pass username an password in client when calling login procedure in javascript. And if it is in client side, then user can see it, either by monitoring network in browser or see source code of page. In voip phone, password is hidden in password textbox for example and it is not easy accessible as from Web client. Hope you understand what I mean. </p><p dir="ltr" class="">Maybe as Michael said. If you put token as loginparam, but still there is no way in xml_curl to say, oh you are verto user with this token and token is ok, so you are logged in, although you didn't send password from client side.</p><p dir="ltr" class=""> The best what I think of is to automatically change password on some period and client should retrieve it when login expire. This way you can use it like token. Real authorization is anyway first on your Web app. </p><p dir="ltr" class="">Please correct me if I'm wrong, but from Fs side, login procedure is same for sip client or verto client?</p><p dir="ltr" class="">Best regards, Gregor </p>
<br class=""><div class="gmail_quote"><div dir="ltr" class="">On Tue, May 3, 2016, 20:17 Michael Jerris <<a href="mailto:mike@jerris.com" class="">mike@jerris.com</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div style="word-wrap:break-word" class="">You may have to pass it in <span style="color:rgb(175,95,0);font-family:Monaco;font-size:13px;background-color:rgb(0,0,0)" class="">loginParams</span> but i think it should be possible from looking at the code. Double check what all you get in the code.</div><div style="word-wrap:break-word" class=""><div class=""><br class=""><div class=""><blockquote type="cite" class=""><div class="">On May 3, 2016, at 1:25 PM, Colin Morelli <<a href="mailto:colin.morelli@gmail.com" target="_blank" class="">colin.morelli@gmail.com</a>> wrote:</div><br class=""><div class=""><div dir="ltr" class="">Michael,<div class=""><br class=""></div><div class="">Is that actually possible? I have an application using mod_xml_curl but FS doesn't send passwords as part of the directory request (as far as I can tell). I actually wanted to do something very similar to this.</div><div class=""><br class=""></div><div class="">Colin</div></div><br class=""><div class="gmail_quote"><div dir="ltr" class="">On Tue, May 3, 2016 at 1:07 PM Tristan Mahé <<a href="mailto:gled@remote-shell.net" target="_blank" class="">gled@remote-shell.net</a>> wrote:<br class=""></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<br class="">
<br class="">
AFAIK, there is no module handling JWT at the moment, but you can do<br class="">
pretty much anything you can think of using lua, or any other langage<br class="">
supported by freeswitch.<br class="">
<br class="">
Best,<br class="">
<br class="">
Tristan.<br class="">
<br class="">
On 05/03/2016 07:12 AM, Oivvio Polite wrote:<br class="">
> Can FreeSwitch handle JSON Web Tokens natively or be made to handle JWT<br class="">
> through one of the available scripting languages?<br class="">
><br class="">
> Oivvio<br class="">
></blockquote></div></div></blockquote></div></div></div></blockquote></div></div></blockquote></div><br class=""></div></body></html>