KAM26-25: set Referred-By params from authz

When `REFER` is challenged and authz'd by Kazoo via AMQP, treat the req as if it were a registered endpoint. Centralize setting of $xavp(authz) at end of `AUTHORIZATION_CHECK`. (cherry picked from commit 95ef250)
2600hz · Jun 1, 2024 · 263f0ea · 263f0ea
1 parent 9130282
commit 263f0ea
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 10 deletions.
diff --git a/kamailio/authorization.cfg b/kamailio/authorization.cfg
@@ -74,6 +74,10 @@ route[AUTHORIZATION_CHECK]
 {
  route(KZ_AUTHORIZATION_SETUP);
  routes(AUTHORIZATION_CHECK);
+
+ if (isflagset(FLAG_REGISTERED_ENDPOINT)) {
+ route(AUTHORIZATION_SET_AUTHZ);
+ }
 }
 
 route[AUTHORIZATION_CHECK_TRUSTED]
@@ -87,6 +91,13 @@ route[AUTHORIZATION_CHECK_TRUSTED]
  }
 }
 
+route[AUTHORIZATION_SET_AUTHZ]
+{
+ $xavp(authz=>token) = $xavp(ulattrs=>token);
+ $xavp(authz[0]=>endpoint_id) = $(xavp(ulattrs=>token){re.subst,/(.*)@(.*)/\1/});
+ $xavp(authz[0]=>account_id) = $(xavp(ulattrs=>token){re.subst,/(.*)@(.*)/\2/});
+}
+
 route[HANDLE_AUTHORIZATION_KAZOO]
 {
  $var(amqp_payload_request) = $_s({"Event-Category" : "directory" , "Event-Name" : "authn_req", "Method" : "$avp(auth-method)", "Auth-Nonce" : "$adn", "Auth-Realm" : "$avp(auth-domain)", "Auth-User" : "$avp(auth-user)", "From" : "$fu", "To" : "$tu", "Orig-IP" : "$si", "Orig-Port" : "$sp", "User-Agent" : "$avp(auth-ua)", "Contact" : "$avp(auth-contact)", "Call-ID" : "$ci" });
@@ -170,6 +181,8 @@ route[KZ_AUTHORIZATION_CHECK_RESPONSE]
  $xavp(hf[0]=>X-AUTH-Token) = $xavp(authz=>token);
 
  setflag(FLAG_AUTHORIZED);
+ # treat req as if it was from a reg'd endpoint despite absent location record
+ setflag(FLAG_REGISTERED_ENDPOINT);
 
  # flag that contact alias needs to be added for subscribe
  setflag(FLAG_MANUAL_ALIAS);

diff --git a/kamailio/default.cfg b/kamailio/default.cfg
@@ -421,7 +421,7 @@ route[HANDLE_REFER]
 
  if(!isflagset(FLAG_INTERNALLY_SOURCED)) {
  if(isflagset(FLAG_REGISTERED_ENDPOINT)) {
- $var(referred_by) = $_s($var(referred_by);endpoint_id=$(xavp(ulattrs=>token){re.subst,/(.*)@(.*)/\1/});account_id=$(xavp(ulattrs=>token){re.subst,/(.*)@(.*)/\2/}));
+ $var(referred_by) = $_s($var(referred_by);endpoint_id=$xavp(authz=>endpoint_id));
  }
  routes(HANDLE_EXTERNAL_REFER);
  append_hf("Referred-By: $var(referred_by)\r\n");

diff --git a/kamailio/registrar-role.cfg b/kamailio/registrar-role.cfg
@@ -425,7 +425,7 @@ route[SAVE_LOCATION]
  $var(AdvIP) = "[" + $RAi + "]";
  }
 
- route(REGISTRAR_SET_AUTHZ);
+ route(AUTHORIZATION_SET_AUTHZ);
  route(PUBLISH_REGISTRATION);
  routes(ON_REGISTRATION);
 
@@ -815,15 +815,7 @@ route[AUTHORIZATION_CHECK_REGISTERED]
  $xavp(hf[0]=>X-AUTH-Token) = $xavp(ulattrs=>token);
  setflag(FLAG_AUTHORIZED);
  setflag(FLAG_REGISTERED_ENDPOINT);
- route(REGISTRAR_SET_AUTHZ);
  }
 }
 
-route[REGISTRAR_SET_AUTHZ]
-{
- $xavp(authz=>token) = $xavp(ulattrs=>token);
- $xavp(authz[0]=>endpoint_id) = $(xavp(ulattrs=>token){re.subst,/(.*)@(.*)/\1/});
- $xavp(authz[0]=>account_id) = $(xavp(ulattrs=>token){re.subst,/(.*)@(.*)/\2/});
-}
-
 # vim: tabstop=4 softtabstop=4 shiftwidth=4 expandtab