Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NEW] Jitsi meet login credentials issue (append token auth in jitsi videoconference) #12259

Open

Conversation

@alonelion1987
Copy link

commented Oct 4, 2018

Hello team!

closes #7611

This solves the problem with external JWT- authorization. If the application Jitsi-Meet is configured on your server with mandatory authorization through JWT- tokens, then in your RocketChat, in the settings, you can specify your domain, enable JWT- authorization, specify the application identifier ("iss") and the secret key application. When creating a videoconference in your RocketChat through Jitsi, a one-hour token will be created with the context of this authorized user in your RocketChat and authorized in your Jitsi-Meet app. You can read more about JWT- authorization here https://github.com/jitsi/lib-jitsi-meet/blob/master/doc/tokens.md.

1538557130558

In the admin panel, in the Video conferencing tab, the "Enable JWT-authorization" section and two fields appear. In order to create the correct token, you need a special application identifier and a secret which is needed to verify the signature (you get these two parameters when you configure your server Jitsi to authenticate through tokens).

Thus, you can specify your server Jitsi ("domain" field) and these special parameters in order to create only your own truly closed conference!

@pokrak
Copy link

left a comment

I can not wait for this functionality. It is very important to me

@tassoevan tassoevan requested review from rodrigok and ggazzo Dec 7, 2018

@sebathi

This comment has been minimized.

Copy link

commented Jan 18, 2019

It will be nice to have this implemented! Thanks for your great work!!

strima added a commit to strima/Rocket.Chat that referenced this pull request Feb 12, 2019

@julienmoinard

This comment has been minimized.

Copy link

commented Feb 19, 2019

It will be nice to have this implemented because I need this too 👍
Thanks a lot for your nice work!!

@litewhatever

This comment has been minimized.

Copy link
Contributor

commented Mar 1, 2019

👍

@geekgonecrazy

This comment has been minimized.

Copy link
Member

commented Mar 29, 2019

Do you know if jitsi’s mobile applications support this? We actually as of today have jitsi working inside of both iOS app and Android. This seems like a great and very simple way to control access to jitsi rooms on top of the obscure url

@engelgabriel engelgabriel added this to the 1.1.0 milestone Apr 2, 2019

@engelgabriel engelgabriel requested a review from Hudell Apr 2, 2019

@geekgonecrazy

This comment has been minimized.

Copy link
Member

commented Apr 9, 2019

@rafaelks what would make this easiest for mobile? Would it be easier if could request meeting url and it came to you fully built with jwt? From what I can tell right now are manually putting the url together

@rafaelks

This comment has been minimized.

Copy link
Collaborator

commented Apr 9, 2019

@rafaelks what would make this easiest for mobile? Would it be easier if could request meeting url and it came to you fully built with jwt? From what I can tell right now are manually putting the url together

@geekgonecrazy We are currently building the URL client-side, and we can keep doing that, but I know we have some ideas to generate a URL on an API call and use this result in all clients.

@geekgonecrazy

This comment has been minimized.

Copy link
Member

commented Apr 9, 2019

but I know we have some ideas to generate a URL on an API call and use this result in all clients.

@rafaelks exactly thats why I wonder if this would be best way to move this forward. Provide an endpoint mobile and web can both call to get the jitsi url and it can construct the url for you.

geekgonecrazy added some commits Apr 9, 2019

@geekgonecrazy

This comment has been minimized.

Copy link
Member

commented Apr 9, 2019

Ok fixed the major conflicts on this PR, as well as added a setting to limit token to the room as an option. So that a token can be made valid only for the room it was generated.

Since Rocket.Chat generates the token and no end users have this key... If you force token validation on the jitsi side... they will be unable to go into a room they haven't been explicitly allowed access to.

So Rocket.Chat's room membership can be used as criteria to join a jitsi meeting

@rodrigok rodrigok added this to PRs in 1.1.0 Review May 10, 2019

@SamuelMuloki

This comment has been minimized.

Copy link

commented May 14, 2019

@rodrigok Any updates on this pull request and when it will be merged??

@rodrigok rodrigok moved this from PRs to PRs Next in 1.1.0 Review May 15, 2019

@rodrigok rodrigok modified the milestones: 1.1.0, 1.2.0 May 15, 2019

@rodrigok rodrigok removed this from PRs Next in 1.1.0 Review May 15, 2019

@ArjonBu

This comment has been minimized.

Copy link

commented Jun 6, 2019

Any status on this?

@gerroon

This comment has been minimized.

Copy link

commented Jun 22, 2019

Is this implemented?

@engelgabriel engelgabriel modified the milestones: 1.2.0, 1.3.0 Jul 10, 2019

@raziel900

This comment has been minimized.

Copy link

commented Jul 15, 2019

is this still alive please? Would be great for our environment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.