Hi Henning,
On Dec 15, 2022, at 11:51 AM, Henning Westerholt hw@gilawa.com wrote:
Hi Alex, it might not help you much, but recently I was implementing a similar structure in one larger migration project, and it seems to work fine. I am not using any special flags for the challenge etc.. It’s basically like this (pseudo-code) route{ if no auth user -> auth_challenge() else -> http_async_query(API, AUTH) } route[AUTH] { get API result for password if API failure -> auth_challenge() else -> pv_auth_check(..) route(next steps) }
Yeah, that's more or less what I've got, except the first part.
I don't auth_challenge() every request because some requests are allowed by static IP, and I don't know whether to auth_challenge() them unless I am already in the async resume context.
I have eliminated the independent credentials query. At this point my process is more:
request_route { ...
http_async_query(API, RESUME) }
route[RESUME] { if(method == "INVITE") { if(has_auth_attrib()) { if(!pv_auth_check(...)) { auth_challenge("realm", "1"); exit; } }
# Get more routing info. http_async_query(API, RESUME2) return; } }
route[RESUME2} { t_relay() etc }
-- Alex