Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use JWT instead of requiring the HPB to check authentication of the user #7336

Closed
nickvergessen opened this issue May 6, 2022 · 4 comments
Closed

Use JWT instead of requiring the HPB to check authentication of the user #7336

nickvergessen opened this issue May 6, 2022 · 4 comments
Labels
1. to develop enhancement feature: signaling 📶 Internal and external signaling backends performance 🚀
Milestone
💔 Backlog

Comments

@nickvergessen
Copy link
Member

How to use GitHub

  • Please use the 👍 reaction to show that you are interested into the same feature.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Background numbers of a company call:

$ cat nextcloud.log | grep "nextcloud-spreed-signaling" | grep "Validated" | wc -l
395

We could save 395 requests hitting the server by using JWT as auth mechanism. Could use a private/public key model and expose the public key via capabilities which are checked by the HPB anyway already. This way the HPB could validate the signaling ticket directly without contacting the server again.
@nickvergessen nickvergessen added this to the 💔 Backlog milestone May 6, 2022
@fancycode fancycode mentioned this issue May 12, 2022
Merged
@fancycode
Copy link
Member

Implementation of the signaling server started in strukturag/nextcloud-spreed-signaling#251

I'll try to find some time to also look into the Talk side.

@fancycode fancycode changed the title Use JWT instead of requiring the HPB to check authenication of the user Use JWT instead of requiring the HPB to check authentication of the user May 12, 2022
@nickvergessen nickvergessen mentioned this issue May 16, 2022
Merged
@fancycode
Copy link
Member

Draft PR for the Talk side in #7472

@fancycode
Copy link
Member

We could even include the token of the room the user is currently joining in the JWT to get rid of the initial room join validation request.

@fancycode fancycode mentioned this issue Jun 10, 2022
Merged
2 tasks
@nickvergessen
Copy link
Member Author

Implemented

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1. to develop enhancement feature: signaling 📶 Internal and external signaling backends performance 🚀
Projects
None yet
Milestone
💔 Backlog
Development

No branches or pull requests
2 participants
@nickvergessen @fancycode