Hi,
I have self hosted Jitsi embedded in drupal 9. It used to work with token authentication, but after I upgraded the whole Jitsi server(apt upgrade) I can’t anymore enter to a video room and the JS console gives these errors:
index.js:154
[connection.js] <r.s>: CONNECTION FAILED: connection.passwordRequired
index.js:154
[features/base/conference] JWT error: Invalid or incorrect alg
index.js:154
[features/base/conference] JWT parsing error:
[‘- invalid nbf value’]
index.js:154
[features/base/connection] connection.passwordRequired
And the browser says to the user this:
authentication failed
sorry youre not allowed to join this call
So that token is not working when I upgrade the JITSI server, but is working with the old server.
And when upgrading the jitsi server (sudo apt upgrade) it will upgrade all these:
jicofo/stable 1.0-900-1 all [upgradable from: 1.0-846-1]
jitsi-meet-prosody/stable 1.0.6260-1 all [upgradable from: 1.0.5818-1]
jitsi-meet-tokens/stable 1.0.6260-1 all [upgradable from: 1.0.5818-1]
jitsi-meet-web-config/stable 1.0.6260-1 all [upgradable from: 1.0.5818-1]
jitsi-meet-web/stable 1.0.6260-1 all [upgradable from: 1.0.5818-1]
jitsi-meet/stable 2.0.7439-1 all [upgradable from: 2.0.6865-2]
jitsi-videobridge2/stable 2.2-9-g8cded16e-1 all [upgradable from: 2.1-617-ga8b39c3f-1]
After upgrading those, the authentication does not work.
So most probably, something has changed in the newer versions which my application does not support.
I am getting this same error while trying to integrate Keyclock with jitsi for JWT based authetication.
I am using RS256 algorithm only but still getting “JWT error: Invalid or incorrect alg”
Yeah I Used ‘signature_algorithm = “RS256”’ in prosody.cfg.lua file.
for asap_key_server, I am giving “JWT_ASAP_KEYSERVER = http://keyclock_server.com/realms/VC/” in .env file but it’s unable to fetch public key from keyclock server.
It is giving same error when I am using “HS256” algorithm in keyclock and prosody.cfg.lua file.
I had the same issue and it was caused by the difference between the alg sent with my token and the expected one by Jitsi
To fix this, we needed to add a new file under Prosody docker container in the following path : /config/conf.d/algorithm.cfg.lua that contained the signature algorithm . The content of the file is
-- Define the algorithm used for JWT signature
signature_algorithm = "HS384"