ejabberd and JWT - jwt

I've been pounding at this for over a month following these:
https://www.process-one.net/blog/ejabberd-19-08/
https://docs.ejabberd.im/admin/configuration/authentication/#jwt-authentication
I've also been looking at posts like this one:
JWT secret to use with ejabberd?
I've tried decoding the "k" value in the generated jwk to sign the Token. Nothing is currently working. I'm not exactly sure what the log is telling me, for all I know its missing the module responsible for JWT authentication.
my distribution is Garuda:Arch
ejabberd: 21.07-1
I get a crashlog:
2021-10-28 08:45:10.146309-05:00 [error] <0.674.0> ** Generic server <0.674.0> terminating
** Last message in was {'$gen_event',
{xmlstreamelement,
{xmlel,<<"auth">>,
[{<<"xmlns">>,
<<"urn:ietf:params:xml:ns:xmpp-sasl">>},
{<<"mechanism">>,<<"PLAIN">>}],
[{xmlcdata,
<<"AGVyaWMAZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SnFhV1FpT2lKbGNtbGpRR3h2ZDJWa2IzZHVMblJySWl3aVpYaHdJam94TmpNMU5ETXdPVEF4ZlEuSUY0LTI4ME9hU1h5Tjl6Yl9jZkZiQk9jWjNEZTMzOV9Xa2JPUkRlbm0tQQ==">>}]}}}
** When Server state == #{mgmt_queue_type => ram,stream_header_sent => true,
mgmt_state => inactive,tls_verify => false,
stream_compressed => false,
stream_timeout => {30000,-576458460293},
mgmt_stanzas_req => 0,
codec_options => [ignore_els],
socket_monitor => #Ref<0.687724880.2890924033.7168>,
user => <<>>,
pres_a => {0,nil},
tls_options => [compression_none],
stream_state => wait_for_sasl_request,
xmlns => <<"jabber:client">>,shaper => c2s_shaper,
tls_required => false,stream_direction => in,
mgmt_max_queue => 5000,csi_state => active,
socket =>
{socket_state,ejabberd_http_ws,
{http_ws,<0.673.0>,
{{0,0,0,0,0,65535,32512,1},52662}},
262144,undefined,none,none},
server => <<"**SECURED.COM**">>,
csi_queue => {0,#{}},
lang => <<"en">>,access => c2s,mod => ejabberd_c2s,
tls_enabled => false,lserver => <<"**SECURED.COM**">>,
owner => <0.674.0>,mgmt_stanzas_in => 0,
stream_authenticated => false,
mgmt_max_timeout => 10800000,
stream_restarted => false,mgmt_ack_timeout => 60000,
zlib => false,resource => <<>>,
mgmt_resend => if_offline,
ip => {{0,0,0,0,0,65535,32512,1},52662},
stream_id => <<"9071053646738984762">>,
mgmt_timeout => 10800000,stream_encrypted => false,
stream_version => {1,0},
mgmt_stanzas_out => 0}
** Reason for termination ==
** {'function not exported',
[{crypto,hmac,
[sha256,
<<229,202,17,249,237,157,59,64,236,115,50,234,213,255,52,31,109,
41,169,46,98,176,188,245,108,155,161,54,88,230,126,175,76,111,
17,186,156,41,53,27,223,122,164,116,89,189,150,4,207,251,152,85,
18,80,49,19,137,243,49,205,5,134,110,182>>,
<<"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqaWQiOiJlcmljQGxvd2Vkb3duLnRrIiwiZXhwIjoxNjM1NDMwOTAxfQ">>],
[]},
{jose_jwk_kty_oct,verify,4,
[{file,"src/jose_jwk_kty_oct.erl"},{line,159}]},
{jose_jws,verify,2,[{file,"src/jose_jws.erl"},{line,379}]},
{jose_jwt,verify,2,[{file,"src/jose_jwt.erl"},{line,189}]},
{ejabberd_auth_jwt,check_jwt_token,3,
[{file,"src/ejabberd_auth_jwt.erl"},{line,117}]},
{ejabberd_auth_jwt,check_password,4,
[{file,"src/ejabberd_auth_jwt.erl"},{line,76}]},
{ejabberd_auth,db_check_password,7,
[{file,"src/ejabberd_auth.erl"},{line,691}]},
{ejabberd_auth,'-check_password_with_authmodule/6-fun-0-',8,
[{file,"src/ejabberd_auth.erl"},{line,248}]}]}
My tokens are manually generated on jwt.io and key file is generated using mkjwk.org.
I'm fully aware that I am probably missing something stupid, but like I previously stated, I've been pounding at this for quite some time, its time to ask for help.

Related

How to modify Mediawiki Login form

I'm trying to add the attribute autocomplete="off" in mediawiki login form. Being completely new, I'm unable to find where the form is being built.
I'm using MediaWiki 1.29.1
Any help would be greatly appreciated.
Things I did to find it:
1. Added the following code in LocalSettings.php
$wgHooks['UserLoginForm'][] = 'modifyLoginForm';
function modifyLoginForm( &$template ) {
//Printed template and got the following
/*
UserloginTemplate Object
(
[data] => Array
(
[link] =>
[header] =>
[name] => Admin
[password] =>
[retype] =>
[email] =>
[realname] =>
[domain] =>
[reason] =>
[action] => /mediawiki/index.php?title=Special:UserLogin&action=submitlogin&type=login&returnto=Main+Page
[message] =>
[messagetype] => error
[createemail] =>
[userealname] => 1
[useemail] => 1
[emailrequired] =>
[emailothers] => 1
[canreset] => 1
[resetlink] => 1
[canremember] => 1
[usereason] =>
[remember] =>
[cansecurelogin] =>
[stickHTTPS] =>
[token] => 18955182baa69e0a66edefghi4e0ef
[loginend] =>
[signupend] =>
[usedomain] =>
)
*/
}
Tried to modify includes/templates/Userlogin.php . There is a login form, but it didn't get affected.
Checked LoginSignupSpecialPage.php, but not sure how to add the attribute.

Get PayPal transaction ID through data served by PayPal IPN (with REST API, not classic)

The PayPal IPN serves the following data:
'mc_gross' => '715.80',
'protection_eligibility' => 'Eligible',
'address_status' => 'unconfirmed',
'item_number1' => '',
'payer_id' => 'UCTG7GEULVxxx',
'tax' => '0.00',
'address_street' => 'Pl 2270',
'payment_date' => '00:35:08 Jul 31, 2014 PDT',
'payment_status' => 'Completed',
'charset' => 'windows-1252',
'address_zip' => '26492',
'mc_shipping' => '0.00',
'mc_handling' => '0.00',
'first_name' => 'Benny',
'mc_fee' => '8.94',
'address_country_code' => 'SE',
'address_name' => 'Benny Andersxxx',
'notify_version' => '3.8',
'custom' => '',
'payer_status' => 'verified',
'business' => 'paypal#xxx.com',
'address_country' => 'Sweden',
'num_cart_items' => '1',
'mc_handling1' => '0.00',
'address_city' => 'Klippan',
'verify_sign' => 'AiJvJDl-VyZzRT4Hq0qB1wSjgCgGAvdLxvQHk79AHsO0AjdeWvSwxxx',
'payer_email' => 'benny.anderxxx#xxx.com',
'mc_shipping1' => '0.00',
'tax1' => '0.00',
'txn_id' => '1M112630L55146xxx',
'payment_type' => 'instant',
'last_name' => 'Andersxxx',
'address_state' => '_0_',
'item_name1' => 'Order xxx.com 2014-07-31',
'receiver_email' => 'paypal#xxx.com',
'payment_fee' => '',
'quantity1' => '1',
'receiver_id' => '4AMCEP9BMPxxx',
'txn_type' => 'cart',
'mc_gross_1' => '715.80',
'mc_currency' => 'EUR',
'residence_country' => 'SE',
'transaction_subject' => '',
'payment_gross' => '',
'ipn_track_id' => '354021aeaxxx',
Is it possible getting through the information above to the transaction id which is required in quite a lot of other API transactions?
Actually, I'm trying to execute a refund via this call:
https://api.paypal.com/v1/payments/sale/{transactionId}/refund
However, I'm still missing the correct ID here and meanwhile I don't have any more ideas how to collect this transaction id (I guess it should look like ""PAY-PT597110X687430LKGECATA") ....
Please keep in mind that I'm using the REST API and not the classic API.
Edit: I don't know why, but every time I edit this article and add a "Hello" at the beginning, it is being deleted after saving :-( Sorry!
The transaction id is found on this line
'txn_id' => '1M112630L55146xxx',
You would need to call this URL with REST (sandbox URL shown, adjust for Live as needed)
https://api.sandbox.paypal.com/v1/payments/refund/1M112630L55146xxx
You can see more details in the API reference
Just got a message from PayPal that refunds are only partially available wioth REST API. I'll now try it with Classic API...
However, it didn't work with the txn_id # Machavity

Paypal Adaptive payment implementation on live environment

We have implemented Adaptive payment method. This implementation is working fine on sandbox environment. But its showing the following response in Live environment. We are not clear with the response. Can please provide the details about this response.
Response:
{
Array
(["en" class
[send_method] => domestic;icon-uri
[content_ID] => marketing_us/request_money;icon-uri
[amp;from] => PayPal">Sign Up
2" width [label] => xuVFCJezswQQmbe91QM [guid] => ON [script] => 0"/>
escalateTab">Contact
[ ($("#mobile_number").val() !] => ''))
{
validPhoneNumber
[page] => main%3Amktg%3Apersonal%3A%3Ahome%3A%3A%3A
[tmpl] => core2HomeCExp.jsp
[pgst] => Unknown
[lgin] => out
[calc] => f91c2b0c39598
[rsta] => en_US
[md5h] => 7fbf0dfca87f30b51dc1d9cb8dae4318
[shfp] => %7C%7C
[usce] => + [pgtf] => Sparta [s] => ci [aver] => unverified [rstr] => unrestricted [pfid] => f91c2b0c39598
[bzsr] => main [bchn] => mktg [pgsf] => personal [ccpg] => usa [pgld] => Unknown [shir] => main_mktg_personal_" alt [pgrp] => main%3Amktg%3Apersonal%3A%3Ahome )
}

Losing access token

Sometimes my Facebook object goes from something like this:
[fb] => Facebook Object
(
[appId:protected] => 350348105029704
[appSecret:protected] => 9e84****************************
[user:protected] =>
[signedRequest:protected] =>
[state:protected] =>
[accessToken:protected] => AAACQm6g*****************
[fileUploadSupport:protected] =>
)
into something like this:
[fb] => Facebook Object
(
[appId:protected] => 350348105029704
[appSecret:protected] => 9e84****************************
[user:protected] =>
[signedRequest:protected] =>
[state:protected] =>
[accessToken:protected] => 350348105029704|9e84****************************
[fileUploadSupport:protected] =>
)
appSecret is masked of course and so is the access token. But as you can see, in the second object it's not a valid access token, but one that is made out of the appId|appSecret.
It happens randomly and I can't seem to catch it while it happens, what can be the cause of that?

FedEx: Authentication Failed with test account

I'm trying to integrate FedEx with my application. I created a test account.
When I send RateRequest I got a response Authentication Failed (code is 1000).
I use v10 of Fedex Rate service. For SOAP I use Savon ruby gem.
Here is code I use:
require 'rubygems'
require 'savon'
TEST_URL = 'https://wsbeta.fedex.com:443/web-services/rate'
client = Savon::Client.new do
wsdl.document = File.expand_path("../rate_wsdl.xml", __FILE__)
wsdl.endpoint = TEST_URL
end
client.request "RateRequest" do
soap.body = {
'WebAuthenticationDetail' => {'Key' => KEY, 'Password' => PASSWORD},
'ClientDetail' => {'AccountNumber' => ACCOUNT_NUMBER, 'MeterNumber' => METER_NUMBER},
'RequestedShipment' => {
'PackagingType' => 'FODEX_BOX',
'Shipper' =>
{'Address' => {'PostalCode' => '90210', 'CountryCode' => 'US', 'Residential' => 'true'}
},
'Recipient' =>
{'Address' => {'PostalCode' => 'KIP 1J1', 'CountryCode' => 'CA', 'Residential' => 'true'}
},
'RateRequestTypes' => 'ACCOUNT',
'PackageCount' => '1',
'RequestedPackages' => {
'Weight' => {'Units' => 'LB', 'Value' => '7.5'},
'Dimensions' => {'Length' => '15', 'Width' => '10', 'Height' => '5', 'Units' => 'IN'}
}
#'LabelSpecification' => ''
}
}
end
I googled a lot about it. Some people had the same problem. People say it can be caused because of lack of permission of address validation, but I can't find how I can disable it if so.
I am sure that all credentials are OK (account number, meter number, key, password).
Also I tried "https://wsbeta.fedex.com:443/web-service" for endpoint url as well.
Figured out of was wrong. I sent invalid SOAP request. Thanks to SOAPUI tool, it helped me to validate my request.