hizbi-github
commented
8 months ago Hi @bilalabbasi55 :)
For verifying the JWT token in the SIP Identity header, you can use:
stirshaken jwt-key-check --vvv --jwt "your_token" --pubkey "path_to_the_public_key_file.pem"
Do note that the public key is different from the public cert that is used in the sofia.conf.xml file. Your output should be similar to the one in the 1st screenshot.
You can also verify the contents of the token by decoding it either online or using the same stirshaken application:
stirshaken jwt-dump --vvv --jwt "your_token"
You can see the output in the 2nd screenshot. You may also use something like: https://dinochiesa.github.io/jwt/ or https://jwt.io/ (you already tried this one)
Please make sure to select the exact algorithm when decoding, in my case it was ES256. You can see yours in the SIP Identity header in sngrep. Also when copying the token from the SIP header, copy it only till the semi-colon ";" (see 3rd screenshot).
Hi Team, Thanks for adding ability for stirshaken inside FreeSWITCH, i tried to built FS with this library, and i can see that header value is generated under the SIP traces as well. However when i try to decode that via https://jwt.io/ its showing me that value is invalid. My FS version is: FreeSWITCH Version 1.10.9-release+git~20230203T200730Z~a615e85afc~64bit (git a615e85 2023-02-03 20:07:30Z 64bit) Here is the Identity header value
eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9jci5zYW5zYXkuY29tLzI1OEtfQ0VSVCJ9.eyJhdHRlc3QiOiJBIiwiZGVzdCI6eyJ0biI6WyI2NTA1OTM1NDAwIl19LCJpYXQiOjE2ODcxNjM4MTUsIm9yaWciOnsidG4iOiI3MDI3NDU4MxIn0sIm9yaWdpZCI6ImNlYTQ2NjI1LTcwY2MtNDc4ZC00NTUxLTdkZTE0YzFlOTFhZSJ9.-UhOy2RJohufc-9F8DKU1L0hAovq4KNBmJmGtAJK7hbp2bcPNYl8OSJE7-SCgfSIN_5WQJNnRmAA6CYkDIYJuA
Can someone please help me getting this fixed. Your help would be much appreciated. Please find attached for details