[SOLVED] How to create room with jwt in authentication token mode?

Then how to resolve this, please let me know if there is anything wrong in token generation. As I told you I do not have any domain so I am using IP in the URL as well as in the sub.

Also I have done the set up using https://github.com/christiancuri/Docs/blob/master/Jitsi%20Meet%20Installation.md document. Please guide me to solve this.

How do you create your jwt token, what is the prosody settings dor the token?

I have created the the token using https://www.jsonwebtoken.io/ this website.
Also please refer below the prosody settings for token.
Prosody version:0.11.6

/etc/prosody/conf.avail/172.20.7.224.cfg.lua

plugin_paths = { “/usr/share/jitsi-meet/prosody-plugins/” }

asap_accepted_issuers = { “jitsi”, “some-other-issuer” }
asap_accepted_audiences = { “jitsi”, “some-other-audience” }

VirtualHost “172.20.7.224”
– enabled = false – Remove this line to enable this host
authentication = “token”
– Properties below are modified by jitsi-meet-tokens package config
– and authentication above is switched to “token”
app_id=“20D55”
app_secret=“806A9461C03ED8379FE02B8CC26B846F”
allow_empty_token = false;
modules_enabled = {
“bosh”;
“pubsub”;
“ping”; – Enable mod_ping
“speakerstats”;
“turncredentials”;
“conference_duration”;
“muc_lobby_rooms”;
“presence_identity”;
– other modules…
“conversejs”;
}
c2s_require_encryption = false

Component “conference.172.20.7.224” “muc”
storage = “memory”
modules_enabled = {
“muc_meeting_id”;
“muc_domain_mapper”;
“token_verification”;
}
admins = { “focus@auth.172.20.7.224” }
muc_room_locking = false
muc_room_default_public_jids = true

VirtualHost “guest.172.20.7.224”
authentication = “token”;
app_id = “20D55”;
app_secret = “806A9461C03ED8379FE02B8CC26B846F”;
c2s_require_encryption = true;
allow_empty_token = true;

Not sure … Something around signing …

Hi I have integrated with JWT and it was running also properly but today when i entered into room i got message “Authentication failed”.When i checked the error log i found in prosody log i.e:-“General warn Error verifing token error not-allowed reason:not acceptable by exp”.Please help me regrading this.

exp is the expire time. Seems that the token is expired. Create a new one

Okay . Thank you.

@emrah
jwt token integration failed with this error

Oct 01 18:04:06 modulemanager error Error initializing module ‘token_verification’ on ‘conference.meet.raleaa.com’: /usr/lib/prosody/util/startup.lua:199: module ‘basexx’ not found:Failed loading module basexx in LuaRocks rock basexx 0.4.1-1
no field package.preload[‘basexx’]
no file ‘/usr/lib/prosody/basexx.lua’
no file ‘/usr/local/share/lua/5.2/basexx.lua’
no file ‘/usr/local/share/lua/5.2/basexx/init.lua’
no file ‘/usr/local/lib/lua/5.2/basexx.lua’
no file ‘/usr/local/lib/lua/5.2/basexx/init.lua’
no file ‘/usr/share/lua/5.2/basexx.lua’
no file ‘/usr/share/lua/5.2/basexx/init.lua’
no file ‘/var/lib/prosody/.luarocks/share/lua/5.2/basexx.lua’
no file ‘/var/lib/prosody/.luarocks/share/lua/5.2/basexx/init.lua’
no file ‘/usr/lib/prosody/basexx.so’
no file ‘/usr/local/lib/lua/5.2/basexx.so’
no file ‘/usr/lib/x86_64-linux-gnu/lua/5.2/basexx.so’
no file ‘/usr/lib/lua/5.2/basexx.so’
no file ‘/usr/local/lib/lua/5.2/loadall.so’
no file ‘/var/lib/prosody/.luarocks/lib/lua/5.2/basexx.so’
stack traceback:
[C]: in function ‘_real_require’
/usr/lib/prosody/util/startup.lua:199: in function ‘require’
/usr/share/jitsi-meet/prosody-plugins/token/util.lib.lua:4: in main chunk
(…tail calls…)
…re/jitsi-meet/prosody-plugins/mod_token_verification.lua:24: in main chunk
[C]: in function ‘xpcall’
/usr/lib/prosody/core/modulemanager.lua:183: in function ‘do_load_module’
/usr/lib/prosody/core/modulemanager.lua:261: in function ‘load’
/usr/lib/prosody/core/modulemanager.lua:83: in function ‘?’
/usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
(…tail calls…)
/usr/lib/prosody/core/hostmanager.lua:108: in function ‘activate’
/usr/lib/prosody/core/hostmanager.lua:58: in function ‘?’
/usr/lib/prosody/util/events.lua:79: in function </usr/lib/prosody/util/events.lua:75>
(…tail calls…)
/usr/lib/prosody/util/startup.lua:391: in function ‘prepare_to_start’
/usr/lib/prosody/util/startup.lua:613: in function ‘f’
/usr/lib/prosody/util/async.lua:139: in function ‘func’
/usr/lib/prosody/util/async.lua:127: in function </usr/lib/prosody/util/async.lua:125>

Installation issue… Check this post if this is a Debian Buster server

@emrah

I have installed those plugin and restarted services, removed log files.

Getting same error, please check

prosody.log (11.2 KB)

Probably your luarocks is installing the libs for lua5.1 where you are running lua5.2, check my other replay to your post.

@damencho

Thank you, module issue resolved as per reference link.

Getting another error now

|Oct 01 20:04:23 focus.meet.raleaa.com:component|info|External component successfully authenticated|
|—|---|—|
|Oct 01 20:05:12 conference.meet.raleaa.com:muc_domain_mapper|warn|Session filters applied|
|Oct 01 20:05:12 mod_bosh|info|New BOSH session, assigned it sid ‘49220ae5-1615-495a-b13f-d3d1e3ee397b’|
|Oct 01 20:05:12 general|warn|Error verifying token err:not-allowed, reason:token required|
|Oct 01 20:07:17 mod_bosh|info|Client tried to use sid ‘49220ae5-1615-495a-b13f-d3d1e3ee397b’ which we don’t know about|
|Oct 01 20:08:02 conference.meet.raleaa.com:muc_domain_mapper|warn|Session filters applied|
|Oct 01 20:08:02 mod_bosh|info|New BOSH session, assigned it sid ‘4efccc43-57d9-41bc-81f3-0d9b314d6549’|
|Oct 01 20:08:02 general|warn|Error verifying token err:not-allowed, reason:token required|

Frontend console error:

How are you passing the token?

@damencho

jwt token format used like this

https://meet.raleaa.com/test?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb250ZXh0Ijp7InVzZXIiOnsibmFtZSI6InJhamVzaCIsImVtYWlsIjoicmFqZXNoQGV4YW1wbGUuY29tIiwiaWQiOiJhYmNkOmExYjJjMy1kNGU1ZjYtMGFiYzEtMjNkZS1hYmNkZWYwMWZlZGNiYSJ9fSwiYXVkIjoiaml0c2kiLCJpc3MiOiIxM0NGRSIsInN1YiI6Im1lZXQucmFsZWFhLmNvbSIsInJvb20iOiIqIiwiZXhwIjoxNTAwMDA2OTIzfQ.7LukVg9dIGYY_hzqfsrhUoeL2PB9mEkK2eXPJwGPaqw

@damencho

Refereeing this link

Any configuration i need to update for this.

Sharing Jicofo logo

Jicofo 2020-10-01 21:06:33.647 SEVERE: [362] org.jivesoftware.whack.ExternalComponentManager.error()

java.net.SocketException: Broken pipe (Write failed)

at java.net.SocketOutputStream.socketWrite0(Native Method)

at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:111)

at java.net.SocketOutputStream.write(SocketOutputStream.java:155)

at sun.nio.cs.StreamEncoder.writeBytes(StreamEncoder.java:221)

at sun.nio.cs.StreamEncoder.implFlushBuffer(StreamEncoder.java:291)

at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:295)

at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:141)

at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:229)

at java.io.BufferedWriter.flush(BufferedWriter.java:254)

at org.dom4j.io.XMLWriter.flush(XMLWriter.java:272)

at org.jivesoftware.whack.ExternalComponent.send(ExternalComponent.java:371)

at org.jivesoftware.whack.ExternalComponentManager.sendPacket(ExternalComponentManager.java:269)

at org.xmpp.component.AbstractComponent.send(AbstractComponent.java:925)

at org.jitsi.xmpp.component.ComponentBase.access$400(ComponentBase.java:36)

at org.jitsi.xmpp.component.ComponentBase$PingTask.run(ComponentBase.java:577)

at java.util.TimerThread.mainLoop(Timer.java:555)

at java.util.TimerThread.run(Timer.java:505)

Jicofo 2020-10-01 21:06:38.658 SEVERE: [385] org.jitsi.xmpp.component.ComponentBase.log() Ping timeout for ID: kcxva-3241

Jicofo 2020-10-01 21:06:46.636 SEVERE: [380] org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.log() XMPP reconnection failed: No response received within reply timeout. Timeout was 15000ms (~15s). While waiting for establishing TLS

Jicofo 2020-10-01 21:06:46.637 WARNING: [383] org.jivesoftware.smack.AbstractXMPPConnection.callConnectionClosedOnErrorListener() Connection XMPPTCPConnection[focus@auth.meet.raleaa.com/focus17169012708] (0) closed with error

java.io.EOFException: input contained no data

at org.xmlpull.mxp1.MXParser.fillBuf(MXParser.java:3003)

at org.xmlpull.mxp1.MXParser.more(MXParser.java:3046)

at org.xmlpull.mxp1.MXParser.parseProlog(MXParser.java:1410)

at org.xmlpull.mxp1.MXParser.nextImpl(MXParser.java:1395)

at org.xmlpull.mxp1.MXParser.next(MXParser.java:1093)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.parsePackets(XMPPTCPConnection.java:1248)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader.access$300(XMPPTCPConnection.java:1000)

at org.jivesoftware.smack.tcp.XMPPTCPConnection$PacketReader$1.run(XMPPTCPConnection.java:1016)

at java.lang.Thread.run(Thread.java:748)

Jicofo 2020-10-01 21:06:46.638 SEVERE: [383] org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.log() XMPP connection closed on error: input contained no data

Jicofo 2020-10-01 21:06:47.637 INFO: [380] org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.log() XMPP reconnecting in: 1

Jicofo 2020-10-01 21:06:48.637 INFO: [380] org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.log() XMPP reconnecting in: 0

Jicofo 2020-10-01 21:06:48.637 INFO: [380] org.jitsi.impl.protocol.xmpp.XmppProtocolProvider.log() XMPP reconnecting in: 0

Jicofo 2020-10-01 21:06:48.765 INFO: [380] org.jitsi.jicofo.ProtocolProviderHandler.log() XmppProtocolProvider(focus@auth.meet.raleaa.com/focus17169012708 (Jabber)): RegistrationStateChangeEvent[ oldState=Unregistered; newState=RegistrationState=Registered; reasonCode=-1; reason=null]

Jicofo 2020-10-01 21:06:48.782 INFO: [380] org.jitsi.jicofo.xmpp.BaseBrewery.log() Joined brewery room: JvbBrewery@internal.auth.meet.raleaa.com

Jicofo 2020-10-01 21:06:48.783 INFO: [29] org.jitsi.jicofo.xmpp.BaseBrewery.log() Added brewery instance: jvbbrewery@internal.auth.meet.raleaa.com/740bb53e-3dc9-44a0-b766-0a310b5c8994

Jicofo 2020-10-01 21:06:48.783 INFO: [29] org.jitsi.jicofo.bridge.BridgeSelector.log() Added new videobridge: Bridge[jid=jvbbrewery@internal.auth.meet.raleaa.com/740bb53e-3dc9-44a0-b766-0a310b5c8994, relayId=null, region=null, stress=0.00]

Jicofo 2020-10-01 21:06:48.783 INFO: [29] org.jitsi.jicofo.bridge.JvbDoctor.log() Scheduled health-check task for: jvbbrewery@internal.auth.meet.raleaa.com/740bb53e-3dc9-44a0-b766-0a310b5c8994

Jicofo 2020-10-01 21:06:48.787 WARNING: [380] org.jitsi.impl.protocol.xmpp.OpSetSimpleCapsImpl.log() Failed to discover features for speakerstats.meet.raleaa.com: XMPP error reply received from speakerstats.meet.raleaa.com: XMPPError: service-unavailable - cancel

Jicofo 2020-10-01 21:06:48.788 WARNING: [380] org.jitsi.impl.protocol.xmpp.OpSetSimpleCapsImpl.log() Failed to discover features for conferenceduration.meet.raleaa.com: XMPP error reply received from conferenceduration.meet.raleaa.com: XMPPError: service-unavailable - cancel

Jicofo 2020-10-01 21:06:48.790 INFO: [380] org.jitsi.jicofo.ComponentsDiscovery.log() New component discovered: guest.meet.raleaa.com, Prosody(0.11.5,Linux)

Jicofo 2020-10-01 21:06:48.798 INFO: [380] org.jitsi.jicofo.ComponentsDiscovery.log() New component discovered: focus.meet.raleaa.com, null

Jicofo 2020-10-01 21:06:48.799 INFO: [380] org.jitsi.jicofo.ComponentsDiscovery.log() New component discovered: auth.meet.raleaa.com, Prosody(0.11.5,Linux)

Jicofo 2020-10-01 21:06:48.799 INFO: [380] org.jitsi.jicofo.JitsiMeetServices.log() Detected XMPP server version: Prosody(0.11.5,Linux)

Jicofo 2020-10-01 21:06:48.800 INFO: [380] org.jitsi.jicofo.ComponentsDiscovery.log() New component discovered: conference.meet.raleaa.com, null

Jicofo 2020-10-01 21:06:48.801 INFO: [380] org.jitsi.jicofo.ComponentsDiscovery.log() New component discovered: lobby.meet.raleaa.com, null

Jicofo 2020-10-01 21:06:48.801 INFO: [380] org.jitsi.jicofo.ComponentsDiscovery.log() Service rediscovery disabled

Jicofo 2020-10-01 21:06:48.801 INFO: [380] org.jitsi.jicofo.FocusManager.log() XMPP provider reg state: RegistrationState=Registered

Are you using nginx with default nginx config? Someone is dropping the jwt on the way.

Not sure, how can i verify.

@damencho

Thank you so much for your kind support.

Token now working perfectly.

@damencho @emrah

When configure token in live it is not working, please help me.

Prosody log

Oct 03 14:00:57 c2s5627830006d0 info Client disconnected: closed
Oct 03 14:01:01 conference.online.connectz.ca:muc_domain_mapper warn Session filters applied
Oct 03 14:01:01 c2s5627834c1650 info Client connected
Oct 03 14:01:02 conference.online.connectz.ca:muc_domain_mapper warn Session filters applied
Oct 03 14:01:02 c2s562783077a20 info Client connected
Oct 03 14:01:04 c2s562783077a20 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Oct 03 14:01:04 c2s562783077a20 info Authenticated as jvb@auth.online.connectz.ca
Oct 03 14:01:04 c2s5627834c1650 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Oct 03 14:01:05 c2s5627834c1650 info Authenticated as focus@auth.online.connectz.ca
Oct 03 14:01:05 focus.online.connectz.ca:component warn Component not connected, bouncing error for:
Oct 03 14:01:11 conference.online.connectz.ca:muc_domain_mapper warn Session filters applied
Oct 03 14:01:11 mod_bosh info New BOSH session, assigned it sid ‘3b4374fe-c9f8-4dae-b4f8-95191637fd5a’
Oct 03 14:01:11 bosh3b4374fe-c9f8-4dae-b4f8-95191637fd5a warn No available SASL mechanisms, verify that the configured authentication module is working
Oct 03 14:01:35 bosh3b4374fe-c9f8-4dae-b4f8-95191637fd5a info BOSH client disconnected

Browser Log

Logger.js:154 2020-10-03T14:09:03.791Z [modules/xmpp/strophe.util.js] <Object.r.Strophe.log>: Strophe: Server did not yet offer a supported authentication mechanism. Sending a blank poll request.

I have tried to integrate same in Live server , but it not working. Please help.

Prosody Log

Oct 02 21:46:52 boshfb0a9092-3ab7-4aab-81e7-d58cdf54fa0a info BOSH client disconnected
Oct 03 06:52:36 conference.:muc_domain_mapper warn Session filters applied
Oct 03 06:52:36 mod_bosh info New BOSH session, assigned it sid ‘5fa6f72f-507f-450a-b9ce-dac910256146’
Oct 03 06:52:36 bosh5fa6f72f-507f-450a-b9ce-dac910256146 warn No available SASL mechanisms, verify that the configured authentication module is working
Oct 03 06:53:27 c2s560fa8e8af10 info Client disconnected: closed
Oct 03 06:53:32 conference.:muc_domain_mapper warn Session filters applied
Oct 03 06:53:32 c2s560fa8f1d170 info Client connected
Oct 03 06:53:33 c2s560fa8f1d170 info Stream encrypted (TLSv1.3 with TLS_AES_256_GCM_SHA384)
Oct 03 06:53:33 c2s560fa8f1d170 info Authenticated as jvb@auth.

Browser console Log

2020-10-03T07:03:00.451Z [modules/xmpp/strophe.util.js] <Object.r.Strophe.log>: Strophe: Server did not yet offer a supported authentication mechanism. Sending a blank poll request.
o @ Logger.js:154
r.Strophe.log @ strophe.util.js:77
warn @ strophe.umd.js:1382
_no_auth_received @ strophe.umd.js:4823
_connect_cb @ strophe.umd.js:3245
_onRequestStateChange @ strophe.umd.js:5012
XMLHttpRequest.send (async)
d @ strophe.umd.js:5123
_processRequest @ strophe.umd.js:5137
_throttledRequestHandler @ strophe.umd.js:5290
_no_auth_received @ strophe.umd.js:4835
_connect_cb @ strophe.umd.js:3245
_onRequestStateChange @ strophe.umd.js:5012
XMLHttpRequest.send (async)
d @ strophe.umd.js:5123
_processRequest @ strophe.umd.js:5137
_throttledRequestHandler @ strophe.umd.js:5290
_no_auth_received @ strophe.umd.js:4835
_connect_cb @ strophe.umd.js:3245
_onRequestStateChange @ strophe.umd.js:5012
Logger.js:154 2020-10-03T07:04:00.732Z [modules/xmpp/strophe.util.js] <Object.r.Strophe.log>: Strophe: Server did not yet offer a supported authentication mechanism. Sending a blank poll request.

hi bro @rajapulau . i have same problem. how you can fix it? thank you for sharing