[sr-dev] git:master:dd1ddf0a: secsipid: docs for secsipid_verify(...)

Module: kamailio Branch: master Commit: dd1ddf0a5ad57395bc6aa7c71b47e43d1c7c5542 URL: https://github.com/kamailio/kamailio/commit/dd1ddf0a5ad57395bc6aa7c71b47e43… Author: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Committer: Daniel-Constantin Mierla &lt;miconda(a)gmail.com&gt; Date: 2024-03-14T12:15:16+01:00 secsipid: docs for secsipid_verify(...) --- Modified: src/modules/secsipid/doc/secsipid_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/dd1ddf0a5ad57395bc6aa7c71b47e43… Patch: https://github.com/kamailio/kamailio/commit/dd1ddf0a5ad57395bc6aa7c71b47e43… --- diff --git a/src/modules/secsipid/doc/secsipid_admin.xml b/src/modules/secsipid/doc/secsipid_admin.xml index 7ea74f525a0..c43ccf3c637 100644 --- a/src/modules/secsipid/doc/secsipid_admin.xml +++ b/src/modules/secsipid/doc/secsipid_admin.xml @@ -297,6 +297,52 @@ request_route { ... } ... +</programlisting> + </example> + <para> + Further checks can be done with config operations, decoding the JWT header + and payload using {s.select} and {s.decode.base64t} transformations + together with jansson module. + </para> + </section> + <section id="secsipid.f.secsipid_verify"> + <title> + <function moreinfo="none">secsipid_verify(sIdentity, keyVal, opts)</function> + </title> + <para> + Check the validity of the "sIdentity" parameter using the key value + given in the parameter "keyVal". The validity of the JWT + in the sIdentity value is also checked against the "expire" + parameter. + </para> + <para> + The "opts" parameter provides the verify options: + <itemizedlist> + <listitem> + <para> + <emphasis>A</emphasis> (uppercase) - skip verifying the attributes + in the JWT header. + </para> + </listitem> + </itemizedlist> + </para> + <para> + The parameters can contain pseudo-variables. + </para> + <para> + This function can be used from ANY_ROUTE. + </para> + <example> + <title><function>secsipid_verify</function> usage</title> + <programlisting format="linespecific"> +... +request_route { + ... + http_client_query("https://provider.com/stir-shaken/cert.pem", "$var(pubkey)"); + if(secsipid_verify("$hdr(Identity)", "$var(pubkey)", "A")) { ... } + ... +} +... </programlisting> </example> <para> @@ -541,4 +587,3 @@ make install </section> </chapter> -