|
|
@@ -17,8 +17,9 @@ JWT token authentication currently works only with BOSH connections.
|
|
17
|
17
|
The following JWT claims are used in authentication token:
|
|
18
|
18
|
- 'iss' specifies *application ID* which identifies the client app connecting to the server
|
|
19
|
19
|
- 'room' contains the name of the room for which the token has been allocated. This is *NOT* full MUC room address. Example assuming that we have full MUC 'conference1@muc.server.net' then 'conference1' should be used here. Alternately, a '*' may be provided, allowing access to all rooms within the domain.
|
|
20
|
|
-- 'exp' token expiration timstamp as defined in the RFC
|
|
|
20
|
+- 'exp' token expiration timestamp as defined in the RFC
|
|
21
|
21
|
- 'sub' contains the name of the domain used when authenticating with this token. By default assuming that we have full MUC 'conference1@muc.server.net' then 'server.net' should be used here.
|
|
|
22
|
+- 'aud' application identifier. Star is supported (aud = '*') and can be used as default value.
|
|
22
|
23
|
|
|
23
|
24
|
Secret is used to compute HMAC hash value and verify the token.
|
|
24
|
25
|
|
damencho
8 年之前