22 Jan
2015
22 Jan
'15
6:11 p.m.
Started creating a new module auth_jwt, which supports JSON Web Token for auth. Need to
access the database to validate some claims in the token. Wonder if I should just make a
function call to auth_db or copy the code from auth_db? Which approach is a better
approach? Thanks.
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/50
22 Jan
22 Jan
8:25 p.m.
New subject: [kamailio] Is cross module function call a good practice? (#50)
copying code is always bad. Many modules are just built to offer
functions for other modules.
regards
klaus
On 22.01.2015 17:11, mading087 wrote:
Started creating a new module auth_jwt, which supports
JSON Web Token
for auth. Need to access the database to validate some claims in the
token. Wonder if I should just make a function call to auth_db or copy
the code from auth_db? Which approach is a better approach? Thanks.
—
Reply to this email directly or view it on GitHub
<https://github.com/kamailio/kamailio/issues/50>.
_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
8:34 p.m.
New subject: [kamailio] Is cross module function call a good practice? (#50)
If you make a function call to auth_db, then you create an unnecessary
dependency on that module.
Copying code is not good.
The right solution here would be to create a library that will hold common
code for both auth_db and auth_jwt. The library will be automatically
loaded by both modules.
Take a look at the db_* modules that are using srdb1 and srdb2 libraries.
Regards,
Ovidiu Sas
On Thu, Jan 22, 2015 at 11:11 AM, mading087 <notifications(a)github.com>
wrote:
Started creating a new module auth_jwt, which supports
JSON Web Token for
auth. Need to access the database to validate some claims in the token.
Wonder if I should just make a function call to auth_db or copy the code
from auth_db? Which approach is a better approach? Thanks.
—
Reply to this email directly or view it on GitHub
<https://github.com/kamailio/kamailio/issues/50>.
_______________________________________________
sr-dev mailing list
sr-dev(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
--
VoIP Embedded, Inc.
http://www.voipembedded.com
23 Jan
23 Jan
11:27 a.m.
New subject: [kamailio] Is cross module function call a good practice? (#50)
What kind of token you need to validate using the same query as in auth_db? That is used
to fetch the password for WWW Digest authentication.
I am not sure what can be made a library from auth_db. Access to database is a library
already. I don't want to make auth_db more complex that it is now by adding other
layers of abstraction for getting a library out of it, I don't see how that can be
done given the existing functionality.
Maybe you can give more specific details about what you need and then you will get a
precise answer.
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/50#issuecomment-71167696
5:44 p.m.
New subject: [kamailio] Is cross module function call a good practice? (#50)
JSON Web Token usually has 3 parts: header, claim set, and signature. For example,
header: {"typ":"JWT", "alg":"RS256"}
claims:
{"iss":"joe","iss":http://id.server.com","sub":<user>@<sipdomain>",exp":1300819380,
"http://example.com/is_root":true}
signature: RSA signature on hash of {base64(header) ||"."||base64(claims)}
In addition to validate the signature, we'd also need to check the "sub"
(subject) to make sure the user is in the database (sip table). It seems the simplest way
is to check if the <user> and <sipdomain> from "sub" belong to a
valid record in sip table.
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/50#issuecomment-71212126
28 Jan
28 Jan
10:47 p.m.
New subject: [kamailio] Is cross module function call a good practice? (#50)
It doesn't look like a need to re-use code from auth_db in any way, you can make the
query from the new module (it will be simpler than what auth_db does) or rely on the
config file (e.g., is_subscriber() or use of sqlops). I am saying because the allowed user
identity can be also in uri table (see uri_db module).
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/50#issuecomment-71912539
29 Jan
29 Jan
12:27 a.m.
New subject: [kamailio] Is cross module function call a good practice? (#50)
Thanks for the help. Didn't use auth_db, just made query from new module,
the db access worked. The auth_jwt module is almost done. Did some test
with pjsip. Will have to go through some internal process before I can
share it. What is the process to ask Kamailio community to review a new
module?
On Wed, Jan 28, 2015 at 2:47 PM, Daniel-Constantin Mierla <
notifications(a)github.com> wrote:
It doesn't look like a need to re-use code from
auth_db in any way, you
can make the query from the new module (it will be simpler than what
auth_db does) or rely on the config file (e.g., is_subscriber() or use of
sqlops). I am saying because the allowed user identity can be also in uri
table (see uri_db module).
—
Reply to this email directly or view it on GitHub
<https://github.com/kamailio/kamailio/issues/50#issuecomment-71912539>.
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/50#issuecomment-71930260
12:33 a.m.
New subject: [kamailio] Is cross module function call a good practice? (#50)
Closed #50.
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/50#event-226445979
3616
days inactive
3622
days old
7 comments
4 participants
participants (4)
-
Daniel-Constantin Mierla -
Klaus Darilion -
mading087
-
Ovidiu Sas