0.1.8 • Published 4 years ago

drachtio-http-authenticator v0.1.8

Weekly downloads
1
License
MIT
Repository
github
Last release
4 years ago

drachtio-http-authenticator

drachtio middleware that delegates sip authentication to an http api. This allows, for instance, a multi-tenant sip application server to delegate authentication to a customer api.

The middleware-returning function can be invoked with the HTTP URL to call (and optionally, a username and password if HTTP Basic Authentication is being used to protect the endpoint), or a function that returns a Promise resolving to the same.

An HTTP POST will be made to the specified URL with a JSON body containing the sip method and the components from the Authorization header. The HTTP server should return a status code of 200 in all cases, containing a JSON body with instructions on whether to admit the request.

To admit the request, send a 200 response with a status of ok, e.g.

{"status": "ok"}

To deny the request, send a 200 response with a status of fail. The status field MUST be provided. Optionally, a response MAY include a msg attribute, an expires attribute, and/or a blacklist attribute.

  • The msg property is simply a human-readable description of why an authentication failed.
  • The expires value provides a value in seconds for the duration of a granted registration. This value, if provided, must be less than the requested expiration. If not provided, the requested expires value is granted.
  • The blacklist property shall contain a number indicating a period of time, in seconds, that the source IP address should be blocked. A value of -1 means forever.
{"status": "fail"}

or

{"status": "fail", "msg": "unknown user"}
{"status": "fail", "blaclist": 3600}

Additionally, for admitted requests, the middleware adds a req.authorization object which contains two properties:

  • challengeResponse - an object containing the parsed elements of the sip Authorization header, and
  • grant - an object containing the json response received in the 200 OK to the POST request.
const authenticator = require('drachtio-http-authenticator')({
  url: 'https://example.com/auth',
  auth: {
    username: 'foo',
    password: 'bar'
  }
});

srf.use('invite', authenticator);
drachtiosip
debugdrachtio-srfnoncerequestrequest-debug
@infinitebrahmanuniverse/nolb-drac@everything-registry/sub-chunk-1512@zalastax/nolb-dracsbc-registrar
0.1.8

4 years ago

0.1.7

4 years ago

0.1.6

4 years ago

0.1.5

4 years ago

0.1.4

4 years ago

0.1.3

4 years ago

0.1.2

4 years ago

0.1.1

4 years ago

0.1.0

4 years ago

0.0.6

4 years ago

0.0.5

5 years ago

0.0.4

5 years ago

0.0.3

5 years ago

0.0.2

5 years ago

0.0.1

5 years ago