Issue with User Avatars set via JWT

I’m running into another inconvenience. I’m setting a URL for an avatar image when I create my JWT token, and it displays fine for the user who joins with that JWT:

image

But the avatar image does not display from the client of any other user - only their own.

Both of these screenshots were taken in the same room of the same two users from opposite ends. I’ve looked around some, and I can’t see why this issue might be happening. In the developer console when the meeting loads I see this:

image
Which is odd because I have no references to Gravatar anywhere in my code.

Again, the images display as-expected on the client of the user who’s avatar it’s supposed to be, but it just looks like letters of their name like normal on the screens of other users. How do I fix this?

Gravatar with participant email is the fallback if participant avatar URL is not set or not loadable:

Any other errors in dev console related to the actual avatar URL?

Nope, none that I can see

I’ve tried setting this in various places, and the avatars just aren’t loading. Does anyone know what the issue could be?

Can you try to open the avatar link directly on the other user computer?

Yes, and it works fine. The image is being hosted on my site.

Maybe share the jwt you use, masking any private info …

jwt_data = {
                    "context": {
                        "user": {
                            "avatar": "https://otherpartofmy.domain.org/img/referee.png",
                            "name": f"{user.name} - Ref",
                            "email": "",
                            "id": "abcd:a1b2c3-d4e5f6-0abc1-23de-abcdef01fedcba"
                        }
                    },
                    "aud": "jitsi",
                    "iss": "eventconsole",
                    "sub": "https://my.domain.org/",
                    "room": "*"
                }

They may be a certificate issue

What kind of certificate issue? What do you mean by that? Remember that the avatar images display 100% fine for the user that uses the token to log in.

I just tested the same and it works here the remote user sees my avatar coming from the jwt.

I suppose the extra f here came from the pasting.

This is not correct. Should be just my.domain.org.

Maybe upload full js console logs from both sides…

The extra f is actually due to the fact that I’m using an f-string there. It’s my Python backend where I’m generating the JWT.

ref_client_console.log (30.5 KB) ep_client_log.log (59.1 KB)

Here these are. There’s no point in continuing my half-baked effort to hide my domain name, so have fun. You might find a token or something in there too if you look hard enough.


image

Again, the images load fine for the user themselves, but everyone else in the meeting just sees a circle with letters like normal.

Can you do the same thing with the token from http://jitok.emrah.com/

I took a sneaky look at your config.js and noticed that you have set disableThirdPartyRequests: true.

This has the unfortunate side-effect of also blocking avatar requests.

What I didn’t expect however is for the client to attempt loading from gravatar with that setting enabled. @damencho is blocking of avatar still an expected outcome of disableThirdPartyRequests, and if so then the gravatar access is a bug?

2 Likes

Yes, can you open an issues on GitHub in jitsi-meet, paste the link to this thread. Thank you.

Thanks! Do you mean in my configOverwrite, or in the config itself?

In the config itself. At https://<yourdomain>/config.js

1 Like

image

Eyyyyy, would you look at that, it works!

:grin: nice! BTW, apologies if I overstepped by peeking at your live deployment.


@damencho, I would except I cannot repro the issue on my deployment. When I set disableThirdPartyRequests, participant avatars drop off as expected but I don’t see any stray calls to gravatar. :confused:

@Taran what version of jitsi-meet are you running?