How to authenticate into jitsi-meet with jitsi-meet-tokens

Hi, I read a lot of previous posts and I didn’t found an answer. That is the reason I’m writing this one.

I want to configure my server with auth token in order to the moderator wants to create the room visiting the meet.domain.com/someroom?jwt=token after guests enter the same room without token or password.

I followed the documentation

I installed from prosody-trunk prosody-trunk_1nightly1275-1~bionic_amd64.deb in order to install jitsi-meet-token

then I installed jitsi-meet-tokens from linux packages with

apt install jitsi-meet-tokens

I wrote in to /etc/prosody/prosody.cfg.lua

Include "conf.d/*.cfg.lua"

And change this to false

c2s_require_encryption=false

I didn’t add this

asap_accepted_issuers = { "jitsi", "some-other-issuer" }
asap_accepted_audiences = { "jitsi", "some-other-audience" }

Once installed it I descomment the app_id and app_secret and put the application id and secret created when ran jitsi-meet-tokens installation.
I have modules_enabled with this (just I added presence_identity)

{
            "bosh";
            "pubsub";
            "ping"; -- Enable mod_ping
            "speakerstats";
            "turncredentials";
            "conference_duration";
            "presence_identity";
}
VirtualHost "jitmeet.example.com"
    authentication = "token";
    app_id = "example_app_id";             -- application identifier
    app_secret = "example_app_secret";     -- application secret known only to your token
    									   -- generator and the plugin
    allow_empty_token = false; 

Into this I just uncomment one token_verification line, now it looks like this

Component "conference.virtuals.thundertix.ga" "muc"
    storage = "none"
    modules_enabled = {
        "muc_meeting_id";
        "muc_domain_mapper";
        "token_verification";
    }
    admins = { "focus@auth.virtuals.thundertix.ga" }
    muc_room_locking = false
    muc_room_default_public_jids = true

But It doesn’t work

My prosody.err log shows this

May 13 22:23:35 c2s55a90e2f5cd0 error   Traceback[c2s]: /usr/share/lua/5.1/prosody/util/cache.lua:66: table index is nil
stack traceback:
        /usr/share/lua/5.1/prosody/util/cache.lua:66: in function 'set'
        /usr/lib/prosody/modules/muc/mod_muc.lua:185: in function 'track_room'
        /usr/lib/prosody/modules/muc/mod_muc.lua:213: in function </usr/lib/prosody/modules/muc/mod_muc.lua:200>
        (tail call): ?
        /usr/lib/prosody/modules/muc/mod_muc.lua:446: in function '?'
        /usr/share/lua/5.1/prosody/util/events.lua:79: in function </usr/share/lua/5.1/prosody/util/events.lua:75>
        (tail call): ?
        /usr/share/lua/5.1/prosody/core/stanza_router.lua:188: in function 'core_post_stanza'
        /usr/share/lua/5.1/prosody/core/stanza_router.lua:128: in function 'core_process_stanza'
        /usr/lib/prosody/modules/mod_c2s.lua:294: in function 'func'
        /usr/share/lua/5.1/prosody/util/async.lua:127: in function </usr/share/lua/5.1/prosody/util/async.lua:125>

My prosody.log log shows this

warn    No available SASL mechanisms, verify that the configured authentication module 'token' is loaded and configured correctly 

Thank you so much!

Now I have the this same error

But I didn’t fix it with their solution

Actually, I can enter to the room with valid token but it ends every 10 - 20 seconds
My prosody.log says this if someone has an idea I’ll be thankful

May 14 02:09:09 c2s55eccf83c0a0 error   Traceback[c2s]: /usr/share/lua/5.1/prosody/util/cache.lua:66: table index is nil
stack traceback:
        /usr/share/lua/5.1/prosody/util/cache.lua:66: in function 'set'
        /usr/lib/prosody/modules/muc/mod_muc.lua:185: in function 'track_room'
        /usr/lib/prosody/modules/muc/mod_muc.lua:213: in function </usr/lib/prosody/modules/muc/mod_muc.lua:200>
        (tail call): ?
        /usr/lib/prosody/modules/muc/mod_muc.lua:446: in function '?'
        /usr/share/lua/5.1/prosody/util/events.lua:79: in function </usr/share/lua/5.1/prosody/util/events.lua:75>
        (tail call): ?
        /usr/share/lua/5.1/prosody/core/stanza_router.lua:188: in function 'core_post_stanza'
        /usr/share/lua/5.1/prosody/core/stanza_router.lua:128: in function 'core_process_stanza'
        /usr/lib/prosody/modules/mod_c2s.lua:294: in function 'func'
        /usr/share/lua/5.1/prosody/util/async.lua:127: in function </usr/share/lua/5.1/prosody/util/async.lua:125>

finally!!! I put storage = “memory”

Now I have other problem I can not enter with other user using token both session was closed.

any help? thank you!

Hi! Again me!

I noticed the room key into the token doesn’t work I can enter anywhere with a token marked to a specific room.

This is my token’s example:

{
“alg”: “HS256”,
“typ”: “JWT”
}
{
“aud”: “my_app_id”,
“iss”: “my_app_id”,
“sub”: “virtuals.domain.ga”,
“room”: “tested”,
“exp”: 1595506000
}
{
VERIFY SIGNATURE
}

BTW, What is aud and iss ?

How I can include guess into this configuration?
Can you help me, please?

Since I found docker jitsi meet, I switched to use it and I fall in love with it, now I have installed jitsi with JWT working.

I made a video about it

thanks for the great community and job!

1 Like