0
Kamailio integration with Sansay NSS
Integration
This integration guide explains the necessary steps to use Sansay NSS to obtain a SHAKEN PASSPorT and inject a SIP Identity header on your calls.
Kamailio Configuration
Kamailio is configured to make synchronous query NSS STI interface via REST. The returned Identity value is added to the egress INVITE. The configuration was performed in Kamailio 5.7.4 (x86_64/linux). This configuration works for ANI/DNIS formatted as: “+1NXXNXXXXXX”, “1NXXNXXXXXX” or “NXXNXXXXXX”. If another format is in use, the ANI/DNIS will have to be adjusted to match the previous formats.
Kamailio.cfg
Replace YOUR_NSS_IP-DOMAIN with your NSS IP or domain.
... # If using TLS, this line must come after TLS is loaded loadmodule "http_client.so" ... # Set timeout to 2 seconds modparam("http_client", "connection_timeout", 2) # OPTIONAL - Use if the NSS doesn't have a CA-issued SSL cert installed in the REST interface modparam("http_client", "verify_host", 0) ... request_route { ... # Request to STI-AS if (is_method("INVITE")) { route(SANSAY_STI_AS); } ... } ... route[ SANSAY_STI_AS ] { # Extract ANI and DNIS from the SIP message $var(ani) = $fU; $var(dnis) = $tU; # Get Call-ID to use as X-RequestID $var(x_request_id) = $ci; # Using Call-ID as X-RequestID # Get the current timestamp $var(iat) = $Ts; # Get the current timestamp # HTTP POST variables $var(url) = "https://YOUR_NSS_IP-DOMAIN:3334/stir/v1/signing"; $var(headers) = "Content-Type: application/json\n" "Accept: application/json\n" "X-RequestID: " + $var(x_request_id) ; $var(body) = "{\"signingRequest\":{\"orig\":{\"tn\":\"" + $var(ani) + "\"}," "\"dest\":{\"tn\":[\"" + $var(dnis) + "\"]}," "\"iat\":" + $var(iat) + "}}"; # Log for debugging #xlog("L_INFO", "HTTP Request URL: $var(url)\n"); #xlog("L_INFO", "HTTP Request Body: $var(body)\n"); #xlog("L_INFO", "HTTP Request Headers: $var(headers)\n"); # Send the HTTP POST request http_client_query("$var(url)", "$var(body)", "$var(headers)", "$var(json_data)"); #xlog("L_INFO", "HTTP Response: $var(json_data)\n"); if ($rc == "200") { # Extract identity value $var(remove) = "{\"signingResponse\":{\"identity\":\""; $var(remove1) = "\"}}"; $var(identity_value) = $(var(json_data){s.rm,$var(remove)}); $var(identity_value) = $(var(identity_value){s.rm,$var(remove1)}); #xlog("L_INFO", "Identity: $var(identity_value)\n"); # Add Identity to INVITE append_hf("Identity: $var(identity_value)\r\n", "Call-ID"); } }
...
Reply
Content aside
Related Articles