Mode to use the private and public keys. If set to 0, they are read always from the disk. If set to 1, they are cached in memory with the first use (no reload support yet).

Default value is 0.

Example 1.1. Set key_mode parameter

...
modparam("jwt", "key_mode", 1)
...

4. Functions

4.1. `jwt_generate(prvkey, alg, claims[, headers])`

Generate the JWT, its value can be retrieved in the variable $jwt(val).

The parameters are:

prvkey - path to private key
alg - the algorithm to build the signature, as supported by the libjwt (e.g., RS256, HS256, ES256, ...)
claims - the list of claims to be added to JWT, in the format "name1=value1;name2=value2;..." (same as the SIP parameters format). The string values can be enclosed in single or double quotes. If a value is not eclosed in between quotes, it is added as numeric value if it is successfully converted to a long value, otherwise is added as string value.
headers - the list of headers to be added to JWT, in the format "name1=value1;name2=value2;..." (same as the SIP parameters format). The string values can be enclosed in single or double quotes. If a value is not eclosed in between quotes, it is added as numeric value if it is successfully converted to a long value, otherwise is added as string value.

This function can be used from ANY_ROUTE.

Example 1.2. jwt_generate usage

...
  jwt_generate("/path/to/prvkey.pem", "RS256",
        "caller='$fU';callee='$tU';callid='$ci';index=100");
...

4.2. `jwt_verify(pubkeypath, alg, claims, jwtval)`

Verify the JWT.

The parameters are:

pubkeypath - path to public key file
alg - the algorithm to build the signature, as supported by the libjwt (e.g., RS256, HS256, ES256, ...)
claims - the list of claims to be checked they are in the JWT, in the format "name1=value1;name2=value2;..." (same as the SIP parameters format, see also the description of claims parameter for jwt_generate()).
jwtval - the value of the JWT to verify

This function can be used from ANY_ROUTE.

Example 1.3. jwt_verify usage

...
  if(!jwt_verify("/path/to/pubkey.pem", "RS256",
         "caller='$fU';callee='$tU';callid='$ci';index=100",
        "$var(jwt)") {
    xwarn("failed to verify jwt\n");
  }
...

4.3. `jwt_verify_key(pubkeyval, alg, claims, jwtval)`

Verify the JWT.

The parameters are:

pubkeyval - public key value
alg - the algorithm to build the signature, as supported by the libjwt (e.g., RS256, HS256, ES256, ...)
claims - the list of claims to be checked they are in the JWT, in the format "name1=value1;name2=value2;..." (same as the SIP parameters format, see also the description of claims parameter for jwt_generate()).
jwtval - the value of the JWT to verify

This function can be used from ANY_ROUTE.

Example 1.4. jwt_verify_key usage

...
  if(!jwt_verify_key("...", "RS256",
         "caller='$fU';callee='$tU';callid='$ci';index=100",
        "$var(jwt)") {
    xwarn("failed to verify jwt\n");
  }
...

5. Variables

5.1. `$jwt(key)`

Get the values and attributes after using JWT functions.

The key can be:

val - the value of JWT after a successful jwt_generate().
status - the status of verification after a failed jwt_verify().

Example 1.5. $jwt(name) usage

...
  jwt_generate("/path/to/prvkey.pem", "RS256",
        "caller='$fU';callee='$tU';callid='$ci';index=100");
  xinfo("jwt is: $jwt(val)");
...

JWT Module

Daniel-Constantin Mierla

Edited by

Daniel-Constantin Mierla

Chapter 1. Admin Guide

1. Overview

2. Dependencies

2.1. Kamailio Modules

2.2. External Libraries or Applications

3. Parameters

3.1. key_mode (int)

4. Functions

4.1. jwt_generate(prvkey, alg, claims[, headers])

4.2. jwt_verify(pubkeypath, alg, claims, jwtval)

4.3. jwt_verify_key(pubkeyval, alg, claims, jwtval)

5. Variables

5.1. $jwt(key)

3.1. `key_mode` (int)

4.1. `jwt_generate(prvkey, alg, claims[, headers])`

4.2. `jwt_verify(pubkeypath, alg, claims, jwtval)`

4.3. `jwt_verify_key(pubkeyval, alg, claims, jwtval)`

5.1. `$jwt(key)`