How to add and handle extra fields in JWT token


I created a custom prosody plugin that should handle some extra fields/claims in JWT token. The fields will be stored under “context”: {“room”: {“new_field1”:“”,“new_field2”:“”}}. I checked in the util.lib.lua the fields are properly extracted into session.jitsi_meet_context_room . The debug messages show the values of the fields.
Now in my custom prosody plugin I create the following hook
module:hook(“muc-occupant-pre-join”, function (event)
local session = event.origin;
– handles session
end, 10);
And I added my plugin to modules_enabled of the Component “muc”.
The problem is that session does not contain jitsi_meet_context_room nor jitsi_meet_context_user. I also tried to change that priority 10 by any value up to but less than 99 and got the same nil results.
I see in the mod_token_verification the same approach and it uses the event.origin data.jitsi_meet_context_room[“regex”] and also mod_token_affiliation uses jitsi_meet_context_user but in the “muc-occupant-joined” and it works. So my questions are:

  1. Why in my plugin event.origin.jitsi_meet_context_room and event.origin.jitsi_meet_context_user are nil?
  2. Do I have to re-parse or call again Util:process_and_verify_token?
  3. In case I fixed the issue I have now and my plugin handles those extra values properly - in case of the values being wrong or nil how to I redirect web page to /static/authError.html?
  4. What executes first module:hook(event, handler, 10) or module:hook(event, handler, 100)?
  5. Is there anywhere I can read more about the internal event/stanza flow between web and prosody?

Thank You.
Best Regards.

Try loading jitsi_sssion in your module.

You need to handle it the same way mod_token_verification handles it: jitsi-meet/mod_token_verification.lua at bcc5beb73d7b045d5857ed7c4613325f252a123b · jitsi/jitsi-meet · GitHub

The 100. Checkout the hook method documentation at Prosody module API – Prosody IM

What exactly do you want to know … So it is the client that establishes xmpp connection via bosh or websocket to prosody and then sends an IQ to jicofo and then joins the room. Everything is standard XMPP XEP-0045: Multi-User Chat

Hi @damencho ,

What I noticed, is that event.origin.jitsi_meet_context_room becomes NOT NIL only when a second person joins a meeting room, is this correct?

BTW, where I can see the list of all the properties of event.origin?


Add inspect lua dependency and print inspect(event.origin).

Humm… I confused that with jitsi-meet/mod_jitsi_session.lua at 70fa44f85fa6fd010a96a22308064ea15f784162 · jitsi/jitsi-meet · GitHub
So that is set here:
jitsi-meet/util.lib.lua at 079a2a505d30cab8070060a6d002c8889d0cad33 · jitsi/jitsi-meet · GitHub
Which is invoked here: jitsi-meet/mod_auth_token.lua at c7f96de787cce94b53a78cf07f1e9dca222a3ef4 · jitsi/jitsi-meet · GitHub
That is when connection is established and jwt was provided.

Thank you @damencho.

We’ve handled the case where jitsi_meet_context_room is nil. It happens only on the pre-join event and when the script is executed subsequently, this parameter already has a room context. Seems that Lua script is executed multiple times on the pre-join event and at some moments there is no available context.

The one more thing we would like to check is if the moderator is currently in on the other meeting. This is a zoom case when a user is a moderator in two planned meetings, where one of them is still ongoing, and the participant wants to join another one, but the moderator is not there.

How can we achieve this, may be by getting list of active meetings of a user? How can we do it?


You can get inspired from this jitsi-meet/mod_filter_iq_rayo.lua at 48efe36cdfc04507762eebfb725d53fd9b1c124b · jitsi/jitsi-meet · GitHub
Checks whether a user has another outgoing calls in other meetings.

Thank you for the reply @damencho

As @Fikret_Huseynkhanov already wrote we managed to fix the issue - it wasn’t an issue actually but an “an extra check” to know when exactly to make session verification. Priority had nothing to do with that )

Hello again @damencho ,

One question - in order for this “mod_filter_iq_rayo” to work it has to be enabled in our host config isn’t it? Or is it already somehow included by default? I’m asking because in the function “get_concurrent_outgoing_count” it uses the header tag’s attribute “X-outbound-call-initiator-user” that is set on “pre-iq/full”. The value of that attribute is compared to context user id.
Can we avoid using “mod_filter_iq_rayo” and setup that tag ourselves in another event like “muc-occupant-pre-join”? And can we use different name for a child and not “dial”? Will that work? Sorry if my questions are nonsensical I haven’t mastered XMPP yet.

Thank You.
Best Regards.

Nope, I gave that as an example of how you can do it. To be able to check is the moderator in another meeting.