Add support for jitsi-token-moderation-plugin

[ankar84]

Jitsi integration in Rocket.Chat with JWT authorization works very good!
But we need that only first user in call (actually user who creates the room) is granted moderator rights.
But with JWT authorization enabled in Jitsi all JWT authenticated users gets moderator permissions.
There is a nice jitsi-token-moderation-plugin lua module that can help.
All we need is first user who start the call use URL with moderator:true encrypted in JWT token and channel blue button Click to Join should open regular URL with JWT token without moderator in it.

@alonelion1987 Roman, can it be done?
@geekgonecrazy Aaron, can you take a look?

PS I also opened issue in Jitsi, but RC implementation could be more elegant, IMHO.

[geekgonecrazy]

Yup if you wanted to do this properly take a look at the code that generates the jwt. Then if user has a role of owner/moderator of channel or admin could add that property in.

PRs certainly welcome!

[alonelion1987]

Hi, I don’t know if this topic will help you? I have been asking a question about the moderator here for a long time:

https://community.jitsi.org/t/how-to-make-a-single-moderator/15332

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[ankar84]

Please don't close that issue.
Maybe someone from community will make a pr for that.

[geekgonecrazy]

Maybe this could be made more generic to do mapping of role and such to token. Something customizable enough to fit multiple cases. Especially since this particular solution proposed isn’t the only way you could do it

[github-actions]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[ankar84]

Please don't close that issue.
Maybe someone from community will make a pr for that.

[laliluna]

@ankar84, @alonelion1987 Having only the first user be the moderator can be configured on the Jitsi side. Have a look in the prosody configuration. There are modules loaded from a plugin directory and one module is "muc_allowners". In that case, you don't want this.

The lua plugins allows to configure rooms based on the token information. This is how usernames and the like and even the avatar is fetched. jitsi-token-moderation-plugin uses a flag, but to allow more flexible handling it would be better to include the user roles as well. This allows to configure the jitsi room very flexible.

I will have a look at the related code, to see if a pull request is easy to do.

[laliluna]

@geekgonecrazy a patch adding the field looks trivial. Is adding roles and the isModerator flag acceptable as default behaviour, or does this need to be configured.

[ankar84]

Having only the first user be the moderator can be configured on the Jitsi side. Have a look in the prosody configuration. There are modules loaded from a plugin directory and one module is "muc_allowners". In that case, you don't want this.

It's not quite true for secure domain (when using JWT tokens for authentications).
I just test it (removed muc_allowners from folder, restart prosody and jicofo and nothing changed).

So, a little enhancements are needed in RC to support jitsi-token-moderation-plugin

[ankar84]

I think with new Jitsi version 2.0.5765 (21-04-15) that feature implemented from Jitsi side.
I asked a question here but now all what I see is that only first call participant gets moderator role without any changes in Rocket Chat codebase.
I wait for Jitsi team answer, and if I'm right, I will close that issue.

[ankar84]

Solved that issue on Jitsi side with enable-auto-owner = true in conference section of jicofo.conf config.