muks commented 8 months ago

Description

nbf and exp claims are used in the JWT payload.

When nbf is in the future, Jitsi Meet shows an "Authentication failed" dialog with the message "Sorry, you're not allowed to join this call. Possible reasons: The nbf value is in the future."
When exp is in the past, Jitsi Meet shows an "Authentication failed" dialog with the message "Sorry, you're not allowed to join this call. Possible reasons: Token is expired. "

In both cases, the participant appears to be stuck in the meeting itself, instead of getting redirected to an errorpage or the welcome page. This leaves the participant "hanging" (waiting) in what appears to be the meeting.

As an example of what should happen, Jitsi Meet could behave the same way it does when it pops up the login form dialog with title "Authentication required" with the "User" and "User password" fields. If the popup is cancelled, the user is redirected to the welcome page.

Current behavior

The participant is left waiting in the meeting when JWT token is not due or expired.

Expected Behavior

The participant ought to be redirected to the welcome page.

Possible Solution

N/A

Steps to reproduce

Join a meeting authenticated by a JWT token with an expired exp claim.

Environment details

Debian package versions:

ii  jitsi-meet                      2.0.9164-1                     all          WebRTC JavaScript video conferences
ii  jitsi-meet-web                  1.0.7712-1                     all          WebRTC JavaScript video conferences

saghul commented 8 months ago

I agree the UX is weird.

@quitrk We might want to show the dialog like we do when someone is kicked.

Can you pl sync with @yanas today about this?

github-actions[bot] commented 6 months ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

saghul commented 6 months ago

Ping @quitrk

github-actions[bot] commented 4 months ago