[SR-Users] implementing custom authentication method

Walter.Martín Villalba wvillalba at gmail.com
Fri May 3 19:32:27 CEST 2019


Dear list,

I'm implementing a custom method for user authentication and would like to
kindly ask for some guidance regarding the server side changes that may be
needed in order to keep things running smoothly.

The idea is to replace the standard user/pass-based digest authentication
with a custom one based on Open ID Connect (OIDC) access tokens. I already
have some pieces working (receiving access token in REGISTER message,
validating the token by calling custom python routine, etc.), but I'm
missing the bits needed to keep track of users who have successfully
authenticated.

While looking at sipcomm.cfg I found calls to *www_authenticate* (defined in
modules/auth_db/authorize.c), which in turn calls to *mark_authorized_cred*,
*check_auth_hr* (or *auth_check_hdr_md5*), and
*generate_avps*,.  Some of these functions are indeed changing some
values in the DB and/or in memory, and this is where I would like some
guidance.

Is there any documentation I could look at which hopefully explains what DB
values and/or data structures in memory need to be updated in order to keep
track of successfully authenticated users? I believe with this last piece
I'd be able to wrap up my custom authentication implementation.

Thanks in advance!

Regards,
Walter Martín.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20190503/b481700e/attachment.html>


More information about the sr-users mailing list