Dear list,

I'm implementing a custom method for user authentication and would like to kindly ask for some guidance regarding the server side changes that may be needed in order to keep things running smoothly.

The idea is to replace the standard user/pass-based digest authentication with a custom one based on Open ID Connect (OIDC) access tokens. I already have some pieces working (receiving access token in REGISTER message, validating the token by calling custom python routine, etc.), but I'm missing the bits needed to keep track of users who have successfully authenticated. 

While looking at sipcomm.cfg I found calls to www_authenticate (defined in
modules/auth_db/authorize.c), which in turn calls to mark_authorized_cred, check_auth_hr (or auth_check_hdr_md5), and
generate_avps,.  Some of these functions are indeed changing some
values in the DB and/or in memory, and this is where I would like some guidance. 

Is there any documentation I could look at which hopefully explains what DB values and/or data structures in memory need to be updated in order to keep track of successfully authenticated users? I believe with this last piece I'd be able to wrap up my custom authentication implementation.

Thanks in advance!

Walter Martín.