Jibri is not sending webhook Authorization header

I have set webhooks jwt token but jibri is not sending on status update.

It looks like jwt is configured properly.

Logs from jibri.

MainKt.main#55: Jibri starting up with id i-0df5096ee9f8c0a2a
2022-09-12 15:37:56.504 INFO: [1] JwtInfo$Companion.fromConfig#176: got jwtConfig: {
    # /etc/jitsi/jibri/jibri.conf: 56
    "audience" : "aud1",
    # /etc/jitsi/jibri/jibri.conf: 55
    "issuer" : "jibri",
    # /etc/jitsi/jibri/jibri.conf: 54
    "kid" : "jibri/recorder",
    # /etc/jitsi/jibri/jibri.conf: 53
    "signing-key-path" : "/etc/jitsi/jibri/private.pem",
    # /etc/jitsi/jibri/jibri.conf: 57
    "ttl" : "10 minute"
}

I made sure that rsa key exists and valid.

Request made from jibri:

image

Send it where? How did you configure jibri?

To the webhooks subscriber endpoints.

Ref: jibri/reference.conf at 260cee3a118462aa419ff3b2e0ca2ac4645b7a92 · jitsi/jibri · GitHub

You can see my screenshot above jibri is posting its states to the /v1/status but authorization header is not present despite configured.

Hum, looks like that header should be there: jibri/WebhookClient.kt at 8f198ae2c7c44622ccca73914dcdce72c3162da8 · jitsi/jibri · GitHub

Yeah, sadly it is not. Logs also show jwt configurations are loaded properly.

@oianc any idea?

@deben Can you share the Jibri logs? Also, does the webhook work without Auth header?

yes, it is sending webhooks but without Auth header.

As I was pointing out these are the logs jibri supposed to be loading jwt config.


MainKt.main#55: Jibri starting up with id i-0df5096ee9f8c0a2a
2022-09-12 15:37:56.504 INFO: [1] JwtInfo$Companion.fromConfig#176: got jwtConfig: {
    # /etc/jitsi/jibri/jibri.conf: 56
    "audience" : "aud1",
    # /etc/jitsi/jibri/jibri.conf: 55
    "issuer" : "jibri",
    # /etc/jitsi/jibri/jibri.conf: 54
    "kid" : "jibri/recorder",
    # /etc/jitsi/jibri/jibri.conf: 53
    "signing-key-path" : "/etc/jitsi/jibri/private.pem",
    # /etc/jitsi/jibri/jibri.conf: 57
    "ttl" : "10 minute"
}

@oianc any update on this?

Hi! We were able to reproduce this issue. The problem is that even if the JwtInfo config is read correctly, it is read after the JWT used in the request was initialised. We don’t know yet why this happens, will look more into it in the following days.