@@ -15,6 +15,7 @@ Build-Depends: bison,
1515 libmaxminddb-dev | libgeoip-dev (>= 1.4.4),
1616 libhiredis-dev,
1717 libjson-c-dev,
18+ libjwt-dev,
1819 libldap2-dev,
1920 liblua5.1-0-dev,
2021 libmemcached-dev,
@@ -47,7 +48,8 @@ Package: opensips
4748Architecture: any
4849Multi-Arch: foreign
4950Depends: adduser, python, ${misc:Depends}, ${shlibs:Depends}
50- Suggests: opensips-b2bua-module,
51+ Suggests: opensips-auth-jwt-module,
52+ opensips-b2bua-module,
5153 opensips-berkeley-module,
5254 opensips-carrierroute-module,
5355 opensips-cgrates-module,
@@ -653,3 +655,27 @@ Description: STIR/SHAKEN support for OpenSIPS
653655 .
654656 This module adds support for implementing STIR/SHAKEN (RFC 8224, RFC 8588)
655657 Authentication and Verification services in OpenSIPS.
658+
659+ Package: opensips-auth-jwt-module
660+ Architecture: any
661+ Multi-Arch: same
662+ Depends: opensips (= ${binary:Version}),
663+ ${misc:Depends},
664+ ${shlibs:Depends}
665+ Description: JSON Web Tokens authentication module for OpenSIPS
666+ OpenSIPS is a very fast and flexible SIP (RFC3261)
667+ server. Written entirely in C, OpenSIPS can handle thousands calls
668+ per second even on low-budget hardware.
669+ .
670+ The module implements authentication over JSON Web Tokens. In
671+ some cases ( ie. WebRTC ) the user authenticates on another
672+ layer ( other than SIP ), so it makes no sense to
673+ double-authenticate it on the SIP layer. Thus, the SIP client
674+ will simply present the JWT auth token it received from the
675+ server, and pass it on to OpenSIPS which will use that for
676+ authentication purposes. It relies on two DB tables, one
677+ containing JWT profiles ( a profile name and it's SIP username
678+ associated to it ) and one containing JWT secrets. Each secret
679+ has a corresponding profile, the KEY used for signing the JWT
680+ and two timestamps describing a validation interval. Multiple
681+ JWT secrets can point to the same JWT profile.
0 commit comments