<!-- Kamailio Pull Request Template -->
<!-- IMPORTANT: - for detailed contributing guidelines, read: https://github.com/kamailio/kamailio/blob/master/.github/CONTRIBUTING.md - pull requests must be done to master branch, unless they are backports of fixes from master branch to a stable branch - backports to stable branches must be done with 'git cherry-pick -x ...' - code is contributed under BSD for core and main components (tm, sl, auth, tls) - code is contributed GPLv2 or a compatible license for the other components - GPL code is contributed with OpenSSL licensing exception -->
#### Pre-Submission Checklist <!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply --> <!-- All points should be verified, otherwise, read the CONTRIBUTING guidelines from above--> <!-- If you're unsure about any of these, don't hesitate to ask on sr-dev mailing list --> - [x] Commit message has the format required by CONTRIBUTING guide - [x] Commits are split per component (core, individual modules, libs, utils, ...) - [x] Each component has a single commit (if not, squash them into one commit) - [x] No commits to README files for modules (changes must be done to docbook files in `doc/` subfolder, the README file is autogenerated)
#### Type Of Change - [ ] Small bug fix (non-breaking change which fixes an issue) - [x] New feature (non-breaking change which adds new functionality) - [ ] Breaking change (fix or feature that would change existing functionality)
#### Checklist: <!-- Go over all points below, and after creating the PR, tick all the checkboxes that apply --> - [x] PR should be backported to stable branches - [x] Tested changes locally - [ ] Related to issue #XXXX (replace XXXX with an open issue number)
#### Description <!-- Describe your changes in detail --> Add web3_auth module for blockchain-based authentication
This PR introduces a new authentication module that provides blockchain-powered digest authentication via Oasis Sapphire smart contracts while maintaining full compatibility with standard Kamailio auth module functions.
**Key Features:** - Blockchain-based digest authentication via Oasis Sapphire smart contracts - RFC2617 compliant MD5 and SHA-256 digest authentication - Full compatibility with standard auth functions (www_authenticate, proxy_authenticate) - Configurable parameters: web3_rpc_url, web3_contract_address, web3_debug_mode, web3_timeout - Comprehensive error handling for network failures and blockchain connectivity - Nonce management and replay protection identical to traditional auth
**Files Added:** - src/modules/web3_auth/ (complete module with 9 .c files and supporting headers) - Comprehensive documentation in doc/ subfolder - CMakeLists.txt with curl dependency handling
**Testing Summary:** - **Build Verification**: Module compiles successfully with curl dependency - **Load Testing**: Module loads without errors in Kamailio configuration - **Authentication Scenarios**: - Valid credentials: Successful authentication with correct blockchain credentials - Invalid credentials: Proper rejection of wrong passwords (tested with Zoiper) - Network failures: Graceful handling of blockchain RPC connectivity issues - Parameter validation: All module parameters properly validated - **Compatibility Testing**: Full compatibility with existing auth module functions - **Error Handling**: Comprehensive error logging and fallback behavior
**Documentation Status:** - Complete XML documentation in doc/ subfolder - Module parameters documented (web3_auth_params.xml) - Functions documented (web3_auth_functions.xml) - Configuration examples provided - Usage patterns and best practices included
**Limitations:** - Requires external blockchain RPC endpoint (Oasis Sapphire) - Network dependency for authentication (no offline fallback) - Requires curl library for HTTP requests to blockchain - Smart contract must be deployed on target blockchain network - Authentication speed depends on blockchain network response time
**Build System:** - Added to MOD_LIST_UTILS group for proper curl dependency handling - Includes CMakeLists.txt with find_package(CURL REQUIRED)
This module provides a drop-in replacement for traditional authentication while leveraging blockchain technology for credential verification. You can view, comment on, or merge this pull request online at:
https://github.com/kamailio/kamailio/pull/4326
-- Commit Summary --
* web3_auth: initial blockchain authentication module * cmake: add web3_auth to MOD_LIST_UTILS group
-- File Changes --
M cmake/groups.cmake (2) A src/modules/web3_auth (1)
-- Patch Links --
https://github.com/kamailio/kamailio/pull/4326.patch https://github.com/kamailio/kamailio/pull/4326.diff
henningw left a comment (kamailio/kamailio#4326)
Thanks for the PR. Please note that modules are not supposted to be included as a git "submodule". They should be included as normal files into a modules sub-directory. Can you add it as a normal commit instead, and do a git force-push? Alternatively you can also close this PR and create a new one.
miconda left a comment (kamailio/kamailio#4326)
Besides the other remarks for this PR, I think it is better to name the module auth_web3, so it has the same prefix with the common user authentication module.
Then, is `web3` suitable in the name? I mean, is this module usable only with Oasis Sapphire? Or it can be used with other services (it leverages a standard/common API)?
Ariana0699 left a comment (kamailio/kamailio#4326)
I created a new PR with adjustments according to your remarks
Closed #4326.
-
Ariana -
Daniel-Constantin Mierla
-
Henning Westerholt