Browse code

secsipid: docs for secsipid_check(...) function

Daniel-Constantin Mierla authored on 18/06/2021 12:06:42
Showing 1 changed files
... ...
@@ -266,6 +266,45 @@ request_route {
266 266
 </programlisting>
267 267
 		</example>
268 268
 	</section>
269
+	<section id="secsipid.f.secsipid_check">
270
+		<title>
271
+		<function moreinfo="none">secsipid_check(sIdentity, keyPath)</function>
272
+		</title>
273
+		<para>
274
+			Check the validity of the "sIdentity" parameter using the keys stored
275
+			in the file specified by "keyPath". If the keyPath parameter is empty,
276
+			the function is downloading the key using the URL from "info"
277
+			parameter of the sIdentity, using the value of "timeout"
278
+			parameter to limit the download time. The validity of the JWT
279
+			in the sIdentity value is also checked against the "expire"
280
+			parameter.
281
+		</para>
282
+		<para>
283
+		The parameters can contain pseudo-variables.
284
+		</para>
285
+		<para>
286
+		This function can be used from ANY_ROUTE.
287
+		</para>
288
+		<example>
289
+		<title><function>secsipid_check</function> usage</title>
290
+		<programlisting format="linespecific">
291
+...
292
+request_route {
293
+    ...
294
+	if(secsipid_check_identity("...", "/secsipid/$si/cert.pem")) { ... }
295
+    ...
296
+	if(secsipid_check_identity("...", "")) { ... }
297
+    ...
298
+}
299
+...
300
+</programlisting>
301
+		</example>
302
+		<para>
303
+			Further checks can be done with config operations, decoding the JWT header
304
+			and payload using {s.select} and {s.decode.base64t} transformations
305
+			together with jansson module.
306
+		</para>
307
+	</section>
269 308
 	<section id="secsipid.f.secsipid_get_url">
270 309
 		<title>
271 310
 		<function moreinfo="none">secsipid_get_url(url, ovar)</function>