[Freeswitch-users] JSON Web Tokens

Michael Jerris mike at jerris.com
Wed May 4 02:29:02 MSD 2016


In the case of sip, I think you can just return blank password to auth it.

> On May 3, 2016, at 5:48 PM, Colin Morelli <colin.morelli at gmail.com> wrote:
> 
> Got it. The part that I missed was loginParams from verto. I'm not using verto in my case (actually using PJSIP). However yes, I could include custom headers in the register request to make this work. I was just hoping for something that would work in the password.
> 
> Thanks,
> Colin
> 
> On Tue, May 3, 2016 at 5:44 PM Michael Jerris <mike at jerris.com <mailto:mike at jerris.com>> wrote:
> Any mod_xml_curl user directory lookup example would do.
> 
>> On May 3, 2016, at 4:31 PM, Colin Morelli <colin.morelli at gmail.com <mailto:colin.morelli at gmail.com>> wrote:
>> 
>> Michael can you provide an example of how you'd get the password portion (or the token) to a process via xml curl?
>> 
>> I haven't been able to figure it out
>> 
>> Thanks in advance 
>> On Tue, May 3, 2016 at 4:29 PM Michael Jerris <mike at jerris.com <mailto:mike at jerris.com>> wrote:
>> This is incorrect.. as I said you can handle the login via a dynamic directory lookup.  There is no reason or need to do anything like dynamically changing the password.
>> 
>>> On May 3, 2016, at 4:08 PM, Gregor Nanger <gregor at infomedia.si <mailto:gregor at infomedia.si>> wrote:
>>> 
>>> Well, somwhere you have to pass username an password in client when calling login procedure in javascript. And if it is in client side, then user can see it, either by monitoring network in browser or see source code of page. In voip phone,  password is hidden in password textbox for example and it is not easy accessible as from Web client. Hope you understand what I mean.
>>> 
>>> Maybe as Michael said. If you put token as loginparam, but still there is no way in xml_curl to say, oh you are verto user with this token and token is ok, so you are logged in, although you didn't send password from client side.
>>> 
>>> The best what I think of is to automatically change password on some period and client should retrieve it when login expire. This way you can use it like token. Real authorization is anyway first on your Web app.
>>> 
>>> Please correct me if I'm wrong, but from Fs side, login procedure is same for sip client or verto client?
>>> 
>>> Best regards, Gregor
>>> 
>>> 
>>> On Tue, May 3, 2016, 20:17 Michael Jerris <mike at jerris.com <mailto:mike at jerris.com>> wrote:
>>> You may have to pass it in loginParams  but i think it should be possible from looking at the code.  Double check what all you get in the code.
>>> 
>>>> On May 3, 2016, at 1:25 PM, Colin Morelli <colin.morelli at gmail.com <mailto:colin.morelli at gmail.com>> wrote:
>>>> 
>>>> Michael,
>>>> 
>>>> Is that actually possible? I have an application using mod_xml_curl but FS doesn't send passwords as part of the directory request (as far as I can tell). I actually wanted to do something very similar to this.
>>>> 
>>>> Colin
>>>> 
>>>> On Tue, May 3, 2016 at 1:07 PM Tristan Mahé <gled at remote-shell.net <mailto:gled at remote-shell.net>> wrote:
>>>> Hi,
>>>> 
>>>> AFAIK, there is no module handling JWT at the moment, but you can do
>>>> pretty much anything you can think of using lua, or any other langage
>>>> supported by freeswitch.
>>>> 
>>>> Best,
>>>> 
>>>> Tristan.
>>>> 
>>>> On 05/03/2016 07:12 AM, Oivvio Polite wrote:
>>>> > Can FreeSwitch handle JSON Web Tokens natively or be made to handle JWT
>>>> > through one of the available scripting languages?
>>>> >
>>>> > Oivvio
>>>> >

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160503/3b8a70d5/attachment.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list