[sr-dev] git:master:6822bde4: secsipid: docs for secsipid_check(...) function

Daniel-Constantin Mierla miconda at gmail.com
Fri Jun 18 14:07:41 CEST 2021 

Module: kamailio
Branch: master
Commit: 6822bde4dc4715043d3d416b710664e5b14637b8
URL: https://github.com/kamailio/kamailio/commit/6822bde4dc4715043d3d416b710664e5b14637b8

Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2021-06-18T14:06:42+02:00

secsipid: docs for secsipid_check(...) function

---

Modified: src/modules/secsipid/doc/secsipid_admin.xml

---

Diff:  https://github.com/kamailio/kamailio/commit/6822bde4dc4715043d3d416b710664e5b14637b8.diff
Patch: https://github.com/kamailio/kamailio/commit/6822bde4dc4715043d3d416b710664e5b14637b8.patch

---

diff --git a/src/modules/secsipid/doc/secsipid_admin.xml b/src/modules/secsipid/doc/secsipid_admin.xml
index bc1a8ac332..28f3dce68a 100644
--- a/src/modules/secsipid/doc/secsipid_admin.xml
+++ b/src/modules/secsipid/doc/secsipid_admin.xml
@@ -266,6 +266,45 @@ request_route {
 </programlisting>
 		</example>
 	</section>
+	<section id="secsipid.f.secsipid_check">
+		<title>
+		<function moreinfo="none">secsipid_check(sIdentity, keyPath)</function>
+		</title>
+		<para>
+			Check the validity of the "sIdentity" parameter using the keys stored
+			in the file specified by "keyPath". If the keyPath parameter is empty,
+			the function is downloading the key using the URL from "info"
+			parameter of the sIdentity, using the value of "timeout"
+			parameter to limit the download time. The validity of the JWT
+			in the sIdentity value is also checked against the "expire"
+			parameter.
+		</para>
+		<para>
+		The parameters can contain pseudo-variables.
+		</para>
+		<para>
+		This function can be used from ANY_ROUTE.
+		</para>
+		<example>
+		<title><function>secsipid_check</function> usage</title>
+		<programlisting format="linespecific">
+...
+request_route {
+    ...
+	if(secsipid_check_identity("...", "/secsipid/$si/cert.pem")) { ... }
+    ...
+	if(secsipid_check_identity("...", "")) { ... }
+    ...
+}
+...
+</programlisting>
+		</example>
+		<para>
+			Further checks can be done with config operations, decoding the JWT header
+			and payload using {s.select} and {s.decode.base64t} transformations
+			together with jansson module.
+		</para>
+	</section>
 	<section id="secsipid.f.secsipid_get_url">
 		<title>
 		<function moreinfo="none">secsipid_get_url(url, ovar)</function>

More information about the sr-dev mailing list