Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Invalid Identity Header Value] #134

Open
bilalabbasi55 opened this issue Jun 20, 2023 · 1 comment
Open

[Invalid Identity Header Value] #134

bilalabbasi55 opened this issue Jun 20, 2023 · 1 comment

Comments

@bilalabbasi55
Copy link

Hi Team,
Thanks for adding ability for stirshaken inside FreeSWITCH, i tried to built FS with this library, and i can see that header value is generated under the SIP traces as well. However when i try to decode that via https://jwt.io/ its showing me that value is invalid.
My FS version is: FreeSWITCH Version 1.10.9-release+git20230203T200730Za615e85afc~64bit (git a615e85 2023-02-03 20:07:30Z 64bit)
Here is the Identity header value

eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9jci5zYW5zYXkuY29tLzI1OEtfQ0VSVCJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyI2NTA1OTM1NDAwIl19LCJpYXQiOjE2ODcxNjM4MTUsIm9yaWciOnsidG4iOiI3MDI3NDU4MxIn0sIm9yaWdpZCI6ImNlYTQ2NjI1LTcwY2MtNDc4ZC00NTUxLTdkZTE0YzFlOTFhZSJ9.-UhOy2RJohufc-9F8DKU1L0hAovq4KNBmJmGtAJK7hbp2bcPNYl8OSJE7-SCgfSIN_5WQJNnRmAA6CYkDIYJuA

Can someone please help me getting this fixed. Your help would be much appreciated.
Please find attached for details

Screenshot 2023-06-19 at 1 54 34 PM
Screenshot 2023-06-19 at 1 55 01 PM

Screenshot 2023-06-19 at 1 53 43 PM
@hizbi-github
Copy link

hizbi-github commented Mar 27, 2024

Hi @bilalabbasi55 :)

For verifying the JWT token in the SIP Identity header, you can use:
stirshaken jwt-key-check --vvv --jwt "your_token" --pubkey "path_to_the_public_key_file.pem"

Do note that the public key is different from the public cert that is used in the sofia.conf.xml file. Your output should be similar to the one in the 1st screenshot.

You can also verify the contents of the token by decoding it either online or using the same stirshaken application:
stirshaken jwt-dump --vvv --jwt "your_token"

You can see the output in the 2nd screenshot. You may also use something like:
https://dinochiesa.github.io/jwt/
or
https://jwt.io/ (you already tried this one)

Please make sure to select the exact algorithm when decoding, in my case it was ES256. You can see yours in the SIP Identity header in sngrep. Also when copying the token from the SIP header, copy it only till the semi-colon ";" (see 3rd screenshot).

image


image


image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants