[OpenSIPS-Users] Rest client for auth

Tito Cumpen tito at xsvoce.com
Thu Jun 22 23:49:09 EDT 2017


Hey Bogdan,


I see that the module params define the spec variables now and I tried the
following in my register method block

 exec("php /etc/opensips/authenticate.php $var(input)","" , "$var(out)",
"$var(err)", "$avp(env)");

this returns the text password

 $var(username)= $fu;
                 $avp(password)= $var(out);


 if (!pv_www_authorize(""))
                 {
                                                  xlog("new challenger
 $tU\n");

                 # $var(rc) = www_authorize("", "subscriber");
                  $var(rc) = pv_www_authorize("");
         xlog("Return code is $var(rc) \n");

        switch ( $var(rc) ) {
     case 1 :
                 if (!save("location","f"))
                          sl_reply_error();

                 exit;
         # success
         break;
      case -1:
        sl_send_reply("404","User not found");
       exit;
        break;
      case -2:
          sl_send_reply("403","Forbidden (Bad auth)");
                  exit;
          break;
           case -3:
                                                www_challenge("", "0");
          exit;

      default:
                               www_challenge("", "0");
                  exit;

  }
 }


but I am not able to authenticate I keep getting  -1 as if the user didn't
exist although the script is returning a value and casting it to

On Wed, Jun 21, 2017 at 1:59 PM, Tito Cumpen <tito at xsvoce.com> wrote:

> Bogdan,
>
>
> would I have to use the exec module to cast the into the username and
> password variables? Also I am not sure how the function expects those
> variables to be passed to it ? It is based on variables with these two
> names to be set prior to being called?
>
> $var(username)="abc";
> $avp(password)="xyz";
>
> Thanks,
> Tito
>
> On Fri, May 26, 2017 at 7:21 AM, Bogdan-Andrei Iancu <bogdan at opensips.org>
> wrote:
>
>> Hi Tito,
>>
>> You can do that by fetching the password via an explicit DB query from
>> script and pushing it for auth check using pv_www_authorize():
>>     http://www.opensips.org/html/docs/modules/2.3.x/auth.html#idp5590848
>>
>> Best regards,
>>
>> Bogdan-Andrei Iancu
>>   OpenSIPS Founder and Developer
>>   http://www.opensips-solutions.com
>>
>> OpenSIPS Bootcamp 2017, Huston, US
>>   http://opensips.org/training/OpenSIPS_Bootcamp_2017.html
>>
>> On 05/25/2017 04:51 PM, Tito Cumpen wrote:
>>
>> Group,
>>
>> Is it possible to use a rest api for auth_db? Meaning can opensips
>> authenticate a user based on a rest query against a rest api? I thought
>> about using db http by fronting the request with a local http server but I
>> don't see a way to pass a custom headers to the query. This custom header
>> would contain the auth session token.
>>
>>
>> Thanks,
>> Tito
>>
>>
>> _______________________________________________
>> Users mailing listUsers at lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20170622/855c3fe4/attachment.html>


More information about the Users mailing list