|
This feature requires:
- That user's web browsers support the WebRTC API.
- That the connection with the server is done view the HTTPS protocol.
Callyou currently supports two options to host video calls: Jitsi and Twilio.
Jitsi is an open source project and may be used as an in premises server or as a SaaS solution (provided by 8x8).
This feature must be configured before using it. To configure the feature the developer must implement a few procedures.
The procedures return SDTs used by the module, whose fields are detailed below. The developer may load these SDTs as they see fit.
This procedure configures the submodule’s global configuration. In it the developer must load the following values:
-
Enabled: Determines if the submodule is active in this KB.
-
ImplementationWC: Determines which provider will be used, by specifying the name of the web component that will be used to show the meeting.
Supported values for this property are shown in this table:
| Provider |
Generator |
Property Value |
| Jitsi |
Java |
k2btools.meetings.meetingjitsiwc |
| Jitsi |
.Net |
k2btools.meetings.meetingjitsiwc.aspx |
| Twilio |
Java |
k2btools.meetings.meetingtwiliowc |
| Twilio |
.Net |
k2btools.meetings.meetingtwiliowc.aspx |
This procedure is used to configure meetings using Jitsi. If this provider is not used, the procedure may be left blank.
The parameters are shown below. They can be used to configure the connection with different types of Jitsi servers.
If you want to use the JaaS service provided by 8x8, see Using the 8x8 JaaS service for video calls.
| Property Name |
Description |
| Domain |
The domain name for the Jitsi server. |
| UsePassword |
Determines whether a password will be set to the Jitsi room. If set to true, the password will be generated and set automatically. |
| UseToken |
Determines if JWT tokens will be used to implement authentication. |
| TokenAlgorithm |
Determines which algorithm will be used to sign the JWT token. Supported values are: JWTAlgorithm.HS256 (symmetric keys) and JWTAlgorithm.RS256 (asymmetric keys). Only used if UseToken = True. |
| TokenKey |
Contains the token key used to sign the JWT tokens. Only used if the previous parameter is set to True. This value must be encoded as an hexadecimal value CallYou Jitsi and Twilio Configuration. Only used if UseToken = True and TokenAlgorithm = JWTAlgorithm.HS256. |
| Kid |
This parameter is optional. It may be used to tell the server which key was used to sign the token. Only used if UseToken = True. |
| Sub |
This parameter's value must be set as determined by the jitsi server. Only used if UseToken = True. |
| Iss |
This parameter's value must be set as determined by the jitsi server. Only used if UseToken = True. |
| TokenPrivateKeyFile |
This parameter contains the path to the file containing the private key in PKCS12 format. See Generating public/private key pairs for JWT tokens signed with the RS256 algorithm. Only used if UseToken = True and TokenAlgorithm = JWTAlgorithm.RS256. |
| TokenPrivateKeyAlias |
This parameter contains the alias of the private key inside the file. See Generating public/private key pairs for JWT tokens signed with the RS256 algorithm. Only used if UseToken = True and TokenAlgorithm = JWTAlgorithm.RS256. |
| TokenPrivateKeyPassword |
This parameter contains the password for the private key file. See Generating public/private key pairs for JWT tokens signed with the RS256 algorithm. Only used if UseToken = True and TokenAlgorithm = JWTAlgorithm.RS256. |
| TokenCertificateFile |
This parameter contains the path to the file containing the certificate in PKCS12 format. See Generating public/private key pairs for JWT tokens signed with the RS256 algorithm. Only used if UseToken = True and TokenAlgorithm = JWTAlgorithm.RS256. |
| TokenCertificateAlias |
This parameter contains the alias of the certificate inside the file. See Generating public/private key pairs for JWT tokens signed with the RS256 algorithm. Only used if UseToken = True and TokenAlgorithm = JWTAlgorithm.RS256. |
| TokenCertificatePassword |
This parameter contains the password for the certificate file. See Generating public/private key pairs for JWT tokens signed with the RS256 algorithm. Only used if UseToken = True and TokenAlgorithm = JWTAlgorithm.RS256. |
| UserControlNamePrefix |
Contains a prefix for the room name in the user control. Some servers require that the room name be prefixed by a tenant code. |
| RoomNameTemplate |
Contains a naming template for rooms. The value %ROOM_GUID% will be replaced by the meeting’s id. |
This procedure is used to configure meetings using Twilio. If this provider is not used, the procedure may be left blank.
The output fields are:
-
ApiKeySid: Twilio key identification. See this page for more information.
-
ApiKeySecret: Twilio key value. See this page for more information. This value must be encoded as an hexadecimal value (See this).
-
AccountSid: Twilio account identification. See this page for more information.
-
RoomNameTemplate: Contains a naming template for rooms. The value %ROOM_GUID% will be replaced by the meeting’s id.
When using the HS256 algrithm, the GeneXusJWT library expects keys to be a character value containing the hexadecimal representation of the key. Both Twilio and Jitsi provide the key as a string that is not encoded this way, and this can lead to errors if the developer does not encode the value when passing it to the JWTCreator.
To encode the key, you can use this Powershell command (replace <key> below with the key that should be encoded):
("<key>" | Format-Hex | Select-Object -Expand Bytes | ForEach-Object { '{0:x2}' -f $_ }) -join ''
Some Jitsi providers (por example, 8x8) use asymmetric keys to sign the JWT tokens used to authenticate the user. In that case, you should generate your keypair and send the public key to the server.
The following commands may be helpful to generate those pairs. These examples use the openssl command, easily found in unix distributions. If you are using windows, see this page.
Use the following command:
openssl req -x509 -sha256 -newkey rsa:4096 -keyout selfsigned.pem -out selfsigned.cer
Sample output:
$> openssl req -x509 -sha256 -newkey rsa:4096 -keyout selfsigned.pem -out selfsigned.cer
Generating a RSA private key
........++++
............................................................................................++++
writing new private key to 'selfsigned.pem'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:
Use the command:
openssl pkcs12 -export -inkey selfsigned.pem -in selfsigned.cer -out selfsigned.p12
Sample output:
$> openssl pkcs12 -export -inkey selfsigned.pem -in selfsigned.cer -out selfsigned.p12
Enter pass phrase for selfsigned.pem:
Enter Export Password:
Verifying - Enter Export Password:
The first password requested is the one set in the previous step. The other two are used in the exported file (the new password may be different from the previous one).
Use the command:
openssl rsa -in selfsigned.pem -pubout -outform PEM -out selfsigned.pub
Sample output:
$ openssl rsa -in selfsigned.pem -pubout -outform PEM -out selfsigned.pub
Enter pass phrase for selfsigned.pem:
writing RSA key
|