Browse code

Merge 29b993147b318bfaf6e870c1d28ab6e8262d326b into 824920d5b159d80ce3c241313bf647b5dbbf6661

Frédéric Gaisnon authored on 01/05/2021 21:04:36 • GitHub committed on 01/05/2021 21:04:36
Showing 3 changed files
... ...
@@ -23,11 +23,20 @@
23 23
 		<surname>Mierla</surname>
24 24
 		<email>miconda@gmail.com</email>
25 25
 	    </editor>
26
+            <editor>
27
+                <firstname>Frederic</firstname>
28
+                <surname>Gaisnon</surname>
29
+                <email>frederic.gaisnon@gmail.com</email>
30
+            </editor>
26 31
 	</authorgroup>
27 32
 	<copyright>
28 33
 	    <year>2021</year>
29 34
 	    <holder>asipto.com</holder>
30 35
 	</copyright>
36
+        <copyright>
37
+            <year>2021</year>
38
+            <holder>MomentTech</holder>
39
+        </copyright>
31 40
     </bookinfo>
32 41
     <toc></toc>
33 42
 
... ...
@@ -111,6 +111,11 @@ modparam("jwt", "key_mode", 1)
111 111
 			"name1=value1;name2=value2;..." (same as the SIP parameters format).
112 112
 			</para>
113 113
 			</listitem>
114
+			<listitem>
115
+			<para>
116
+			validity - the token validity period (number of seconds)
117
+			</para>
118
+			</listitem>
114 119
 		</itemizedlist>
115 120
 		<para>
116 121
 		This function can be used from ANY_ROUTE.
... ...
@@ -41,7 +41,7 @@ static int  mod_init(void);
41 41
 static int  child_init(int);
42 42
 static void mod_destroy(void);
43 43
 
44
-static int w_jwt_generate(sip_msg_t* msg, char* pkey, char* palg, char* pclaims);
44
+static int w_jwt_generate(sip_msg_t* msg, char* pkey, char* palg, char* pclaims, int validity);
45 45
 static int w_jwt_verify(sip_msg_t* msg, char* pkey, char* palg, char* pclaims,
46 46
 		char *pjwtval);
47 47
 
... ...
@@ -171,13 +171,14 @@ static int jwt_fcache_add(str *key, str *kdata)
171 171
 /**
172 172
  *
173 173
  */
174
-static int ki_jwt_generate(sip_msg_t* msg, str *key, str *alg, str *claims)
174
+static int ki_jwt_generate(sip_msg_t* msg, str *key, str *alg, str *claims, int validity)
175 175
 {
176 176
 	str dupclaims = STR_NULL;
177 177
 	str sparams = STR_NULL;
178 178
 	str kdata = STR_NULL;
179 179
 	jwt_alg_t valg = JWT_ALG_NONE;
180 180
 	time_t iat;
181
+	time_t exp;
181 182
 	FILE *fpk = NULL;
182 183
 	unsigned char keybuf[10240];
183 184
 	size_t keybuf_len = 0;
... ...
@@ -241,7 +242,15 @@ static int ki_jwt_generate(sip_msg_t* msg, str *key, str *alg, str *claims)
241 242
 
242 243
 	iat = time(NULL);
243 244
 
245
+	if (validity > 0) {
246
+		exp = time(NULL) + validity;
247
+	}
248
+	else if (validity < 0) {
249
+		LM_ERR("negative validity value is not authorized, so token has no expiration\n");
250
+	}
251
+
244 252
 	ret = jwt_add_grant_int(jwt, "iat", iat);
253
+	ret = jwt_add_grant_int(jwt, "exp", exp);
245 254
 	for (pit = params_list; pit; pit=pit->next) {
246 255
 		if(pit->name.len>0 && pit->body.len>0) {
247 256
 			pit->name.s[pit->name.len] = '\0';
... ...
@@ -281,7 +290,7 @@ error:
281 290
 /**
282 291
  *
283 292
  */
284
-static int w_jwt_generate(sip_msg_t* msg, char* pkey, char* palg, char* pclaims)
293
+static int w_jwt_generate(sip_msg_t* msg, char* pkey, char* palg, char* pclaims, int validity)
285 294
 {
286 295
 	str skey = STR_NULL;
287 296
 	str salg = STR_NULL;
... ...
@@ -301,7 +310,7 @@ static int w_jwt_generate(sip_msg_t* msg, char* pkey, char* palg, char* pclaims)
301 310
 		return -1;
302 311
 	}
303 312
 
304
-	return ki_jwt_generate(msg, &skey, &salg, &sclaims);
313
+	return ki_jwt_generate(msg, &skey, &salg, &sclaims, validity);
305 314
 }
306 315
 
307 316
 /**