Actually failing auth when usernames are mismatched (#537)

nishadmusthafa · web-flow · commit 7e6521efe1aa · 2025-12-04T10:02:35.000-08:00
diff --git a/pkg/sip/inbound.go b/pkg/sip/inbound.go
@@ -221,10 +221,8 @@ func (s *Server) handleInviteAuth(tid traceid.ID, log logger.Logger, req *sip.Re
 			"expectedUsername", username,
 			"receivedUsername", cred.Username,
 		)
-		// Commenting for now. Will check the number of occurences in production before
-		// uncommenting this.
-		// _ = tx.Respond(sip.NewResponseFromRequest(req, 401, "Unauthorized", nil))
-		// return false
+		_ = tx.Respond(sip.NewResponseFromRequest(req, 401, "Unauthorized", nil))
+		return false
 	}
 
 	// Check if we have a valid challenge state

Original file line number	Diff line number	Diff line change
`@@ -221,10 +221,8 @@ func (s Server) handleInviteAuth(tid traceid.ID, log logger.Logger, req sip.Re`
`221`	`221`	`"expectedUsername", username,`
`222`	`222`	`"receivedUsername", cred.Username,`
`223`	`223`	`)`
`224`		`- // Commenting for now. Will check the number of occurences in production before`
`225`		`- // uncommenting this.`
`226`		`- // _ = tx.Respond(sip.NewResponseFromRequest(req, 401, "Unauthorized", nil))`
`227`		`- // return false`
	`224`	`+ _ = tx.Respond(sip.NewResponseFromRequest(req, 401, "Unauthorized", nil))`
	`225`	`+ return false`
`228`	`226`	`}`
`229`	`227`
`230`	`228`	`// Check if we have a valid challenge state`