Provisioning configuration key
This document describes the architecture of contact management in Liblinphone, and related configuration items for remote provisioning.
There are two distincts concepts for dealing with Contacts in Liblinphone:
- Remote contact directories: represented as RemoteContactDirectory object, these are used by the application through the MagicSearch object, that can also search through locally stored contacts (from chats, call history, friend lists)
- Contact lists, represented by the FriendList object, a container of Friend objects. The Core contains a list of FriendList objects, that are loaded from database
Remote contact directories (section [remote_contact_directory_N])
There are currently two kinds of remote contact directories:
- LDAP
- CardDav
Their role is not to present a permanent list of contacts to the user, but rather return, per a search request, a list of contacts that match the request.
The search request is transmitted through the protocol (LDAP or CardDav), and executed on the server. The server's response is analysed and search results are represented as a list of Friend objects.
LDAP connection configuration has it is own password key, and it is not relying at all on the AuthInfo objects, unlike all other liblinphone initiated connections.
The table below lists all remote contact directory parameters one may find under section [remote_contact_directory_N] of a Linphone RC file.
| Key | Value type | Possible values | Default value | Description |
|---|---|---|---|---|
| enabled | integer | 0 or 1 | 1 | Whether the remote contact directory is enabled |
| type | string | carddav or ldap | "" | The type (protocol) used by the remote contact directory |
| uri | string | a URI | "" | The server URI, typically ldap://example.org or https://carddav.example.org |
| min_characters | integer | any positive integer or 0 | 3 | The minimum number of characters needed to submit the request |
| results_limit | integer | any positive integer or 0 | 0 | Limit on the number of returned results. 0 means returns all results |
| timeout | integer | any positive integer or 0 | 5 | Request timeout in seconds |
| delay | integer | any positive integer or 0 | 500 | Delay in milliseconds before submitting the request |
| carddav_fields_for_user_input | string | "" | List of comma separated VCard fields to match with the user input | |
| carddav_fields_for_domain | string | "" | List of comma separated VCard fields to match for SIP domain | |
| carddav_use_exact_match_policy | integer | 0 or 1 | 0 | Whether the match must be exact or approximate (ignoring accents, case, ...) |
| ldap_bind_dn | string | "" | LDAP bind distinguished name | |
| ldap_auth_method | integer | 0: anonymous | 1 | LDAP authentication method |
| 1: simple | ||||
| ldap_base_object | string | "" | LDAP base object | |
| ldap_name_attribute | string | "sn" | LDAP attribute(s) to browse for contact names | |
| ldap_sip_attribute | string | "mobile,telephonenumber,homephone,sn" | LDAP attribute(s) to use to create SIP URIs associated with this remote contact directory | |
| ldap_sip_domain | string | "" | A SIP domain to filter results | |
| ldap_filter | string | "(sn=%s)" | A LDAP search filter |
Authentication (section [auth_info_N])
Both RemoteContactDirectory and FriendList objects may require authentication. Like all authentication information, they need to be supplied in the form of a AuthInfo object, whose configuration storage representation is of [auth_info_N] section, numbered from 0.
The table below lists all remote contact directory parameters one may find under section [auth_info_N] of a Linphone RC file.
| Key | Value type | Possible values | Default value | Description |
|---|---|---|---|---|
| username | string | anything | "" | The username to use for authenticating |
| domain | string | anything | "" | A SIP domain to which the use of thie @Linphone.AuthInfo is scoped to |
| passwd | string | anything | "" | The clear-text password |
| realm | string | anything | "" | The realm advertised by the server, it may be left empty if unknown |
| ha1 | string | anything | "" | A digest HA1 of the password |
| algorithm | string | MD5 | MD5 | The digest algorithm |
| SHA-256 | ||||
| authorization_server | string | any HTTP/HTTPS URI | "" | An OAUTH/OpenID connect authorization server URI to use to autheticate |
| token_endpoint | string | any HTTP/HTTPS URI | "" | URI of endpoint to refresh tokens |
| client_id | string | anything | "" | OAUTH client ID |
| client_secret | string | anything | "" | OAUTH client secret |