[英]How can I implement the jwt token prosody plugin in my Docker self-hosted Jitsi server for my Android application?
我正在尝试开发一个 Android 应用程序,它集成了 Jitsi 以进行视频会议。 通常,选择房间名称并创建房间。 但是,任何知道或猜到房间名称的人都可以加入通话。 为了防止这种情况,我想为会议室放置一个 jwt 令牌。 我找到了一个解释 jitsi-meet 的 jwt 令牌过程的链接。
链接是这样的: https : //github.com/jitsi/lib-jitsi-meet/blob/master/doc/tokens.md在这个链接中我不明白三个概念:
手动插件配置通过以下三个步骤修改您的 Prosody 配置:
\1. Adjust plugin_paths to contain the path pointing to jitsi meet Prosody plugins location. That's where plugins are copied on jitsi-meet-token package install. This should be included in global config section(possibly at the beginning of your host config file).
plugin_paths = { "/usr/share/jitsi-meet/prosody-plugins/" }
Also optionally set the global settings for key authorization. Both these options default to the '*' parameter which means accept any issuer or audience string in incoming tokens
asap_accepted_issuers = { "jitsi", "some-other-issuer" }
asap_accepted_audiences = { "jitsi", "some-other-audience" }
\2. Under you domain config change authentication to "token" and provide application ID, secret and optionally token lifetime:
VirtualHost "jitmeet.example.com"
authentication = "token";
app_id = "example_app_id"; -- application identifier
app_secret = "example_app_secret"; -- application secret known only to your token
-- generator and the plugin
allow_empty_token = false; -- tokens are verified only if they are supplied by the client
Alternately instead of using a shared secret you can set an asap_key_server to the base URL where valid/accepted public keys can be found by taking a sha256() of the 'kid' field in the JWT token header, and appending .pem to the end
VirtualHost "jitmeet.example.com"
authentication = "token";
app_id = "example_app_id"; -- application identifier
asap_key_server = "https://keyserver.example.com/asap"; -- URL for public keyserver storing keys by kid
allow_empty_token = false; -- tokens are verified only if they are supplied
\3. Enable room name token verification plugin in your MUC component config section:
Component "conference.jitmeet.example.com" "muc"
modules_enabled = { "token_verification" }
在这三个指令中,“主机配置文件”、“域配置文件”和“MUC组件配置部分”这三个字。 这些是什么? 我不知道在哪里做这些更改。
我想我的回复来得有点晚,但我尝试同样做出我的贡献:)
如果您以“经典”方式安装了 Jitsi(没有 docker):
/etc/prosody/prosody.cfg.lua/etc/prosody/conf.d/<your_domain_name>.cfg.lua/etc/prosody/conf.d/<your_domain_name>.cfg.lua搜索以Component "conference.<your_domain_name>" "muc"开头的部分我希望你已经解决了你的疑惑:)
如何为我在Google App Engine上部署的应用程序的Chrome插件绑定插件令牌
[英]How can I bind plugin token with my chrome plugin for the application deployed on Google App Engine
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.