<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Mangal;
panose-1:2 4 5 3 5 2 3 3 2 2;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Courier New";}
span.typ
{mso-style-name:typ;}
span.pun
{mso-style-name:pun;}
span.pln
{mso-style-name:pln;}
span.com
{mso-style-name:com;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style></head><body lang=EN-IN link=blue vlink="#954F72" style='word-wrap:break-word'><div class=WordSection1><p class=MsoNormal>Hello All, </p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I was working to use stir shaken module. The certificates are put in place and Identity Header is also created. However the Identity when tried to put on JWT.io for validation , I can observe that the payload is not good. </p><pre style='margin-top:16.8pt;background:#272727'><span style='color:white'><br>Here is the identity Header <br><br></span><span class=typ><span style='color:#EFBDEF'>Identity</span></span><span class=pun><span style='color:#E8E86F'>:</span></span><span class=pln><span style='color:#DADADA'> eyJhbGciOiJFUzI1NiIsInBwdCI6InNoYWtlbiIsInR5cCI6InBhc3Nwb3J0IiwieDV1IjoiaHR0cHM6Ly9hcHBzLnNhbWVzcGFjZS5jb20vc2VydmVyLmNydCJ9</span></span><span class=pun><span style='color:#E8E86F'>.</span></span><span class=pln><span style='color:#DADADA'>eyJhdHRlc3QiOCIiwiZGVzdCI6eyJ0biI6WyI5MTk1MDMzMzgyNzUiXX0sImlhdCI6MTYyMDkxMDc3Nywib3JpZyI6eyJ0biI6IjkxOTUwMzMzODI3NiJ9LCJvcmlnaWQiOiJkc2FkYXNhc2Zkcy1kc2FkYXNkLXNWRzIn0</span></span><span class=pun><span style='color:#E8E86F'>.</span></span><span class=typ><span style='color:#EFBDEF'>JzYHlbStXK7gpmRWVZY_IC8VmeZfaKWBzGTOfGU82OQ3w28lctaYv</span></span><span class=pun><span style='color:#E8E86F'>-</span></span><span class=typ><span style='color:#EFBDEF'>YAzBdjqjUGJKISid327KSzUGGvpXYBSg</span></span><span class=pun><span style='color:#E8E86F'>;</span></span><span class=pln><span style='color:#DADADA'>info</span></span><span class=pun><span style='color:#E8E86F'>=<</span></span><span class=pln><span style='color:#DADADA'>https</span></span><span class=pun><span style='color:#E8E86F'>:</span></span><span class=com><span style='color:#FF7C7C'>//apps.samespace.com/server.crt>;ppt="shaken"</span></span><span style='font-family:Consolas;color:#DADADA'><o:p></o:p></span></pre><p class=MsoNormal><br>After JWT.io <br>Header for algorithm and token type looks ok ..<br>{</p><p class=MsoNormal> "alg": "ES256",</p><p class=MsoNormal> "ppt": "shaken",</p><p class=MsoNormal> "typ": "passport",</p><p class=MsoNormal> "x5u": "https://apps.samespace.com/server.crt"</p><p class=MsoNormal>}<br><br></p><p class=MsoNormal>However payload looks like this which is probably some invalid JSON, I am not sure what could cause this.<br><br>"{\"attest\"8\"\"�&FW7B#��'F�#��#�\u0013�S\u0003333�#sR%���&�\u0017B#�\u0013c#\u0003�\u0013\u0003ssr�&�&�r#��'F�#�#�\u0013�S\u0003333�#sb'��&�&�v�B#�&G6\u0016F\u00176\u00176fG2�G6\u0016F\u00176B�5ds\"}"<br><br></p><p class=MsoNormal>Here is the code snippet used .</p><p class=MsoNormal><o:p> </o:p></p><div><div><p class=MsoNormal style='line-height:14.25pt;background:#1E1E1E'><span style='font-size:10.5pt;font-family:Consolas;color:#D4D4D4'>stir_shaken_auth(</span><span style='font-size:10.5pt;font-family:Consolas;color:#CE9178'>"B"</span><span style='font-size:10.5pt;font-family:Consolas;color:#D4D4D4'>, $var(origid),$var(cert), $var(privKey),</span><span style='font-size:10.5pt;font-family:Consolas;color:#CE9178'>"https://apps.samespace.com/server.crt"</span><span style='font-size:10.5pt;font-family:Consolas;color:#D4D4D4'>,</span><span style='font-size:10.5pt;font-family:Consolas;color:#CE9178'>"919503338276"</span><span style='font-size:10.5pt;font-family:Consolas;color:#D4D4D4'>,</span><span style='font-size:10.5pt;font-family:Consolas;color:#CE9178'>"919503338275"</span><span style='font-size:10.5pt;font-family:Consolas;color:#D4D4D4'>)</span><span style='font-size:10.5pt;font-family:Consolas;color:#6A9955'>;</span><span style='font-size:10.5pt;font-family:Consolas;color:#D4D4D4'><o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I am using opensips version as below </p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>version: opensips 3.1.1 (x86_64/linux)</p><p class=MsoNormal>flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC, FAST_LOCK-ADAPTIVE_WAIT</p><p class=MsoNormal>ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535</p><p class=MsoNormal>poll method support: poll, epoll, sigio_rt, select.</p><p class=MsoNormal>git revision: 229ec0793</p><p class=MsoNormal>main.c compiled on 11:50:44 Jan 15 2021 with gcc 7</p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Kindly let me know if there is something wrong that I could be doing. I checked the sample from <b><a href="https://transnexus.com/whitepapers/understanding-stir-shaken/">https://transnexus.com/whitepapers/understanding-stir-shaken/</a><o:p></o:p></b></p><p class=MsoNormal>The Identity from this example shows a good payload. </p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Regards,</p><p class=MsoNormal>Sunil More</p><p class=MsoNormal>Phone : 919503338275</p><p class=MsoNormal>Sent from <a href="https://go.microsoft.com/fwlink/?LinkId=550986">Mail</a> for Windows 10</p><p class=MsoNormal><o:p> </o:p></p></div></body></html>