Custom Authentication

Joan Pujol
Added about 3 years ago

I will need to authenticate users using JWT token from Google SignIn.

After looking at documentation and source code I've seen that possibly the easiest way is to use EXTERNAL SASL Auth putting the token as the certificate and then register a custom CallBackHandler that will be similar to @CertBasedCallBackHandler@.

Is this a good way to go?

One doubt I've is what I'm retturning from getAuthorizationID() must be the authorization from a previous DB stored user, musn't be?

Replies (2)


Added by Bartosz Małkowski TigaseTeam almost 3 years ago

getAuthorizationID() returns JID used by user in session. If JID is returned, then user session will be created with this JID. If given JID doesn't exists in Tigase DB, then it will be created. So you can authenticate user in any method you want. It is independent from DB.

I don't know how Google JWT token works. You have to decide yourself.

Added by Joan Pujol almost 3 years ago

Thanks Bartosz,

I didn't know what happened if JID wasn't present. With that behaviour I think that will be easy to implement in my part.