How to get JID, SID and RID from actual version of Smack - xmpp

I have the following problem:
How can i get these three (JID, SID and RID) parameters after a successful connection to an openfire server?? with Babbler it is relative easy to get them, but with Smack is kinda of difficult, when not impossible, to find it.
Best Regards.

You may find what you need by this link:
Java - trying to prebind converse.js using bosh but not able to get the sid and rid...using the smack bosh
Other way, if you can use javascript to get jid, sid and rid, you can refer below:
You can use strophe.js to create a bosh bind first, then get them from the connection.
//I user local openfire here
var BOSH_SERVICE = 'http://127.0.0.1:7070/http-bind/';
var connection = null;
//you can get your usr and pwd in other way
var jid = 'admin#127.0.0.1';
var password = 'admin';
connection = new Strophe.Connection(BOSH_SERVICE);
connection.connect(jid,
password,
onConnect);
and then get the detail from onConnect() function like this:
function onConnect(status)
{
if (status == Strophe.Status.CONNECTED) {
//then you can get what you want
console.log("---SID[" + connection._proto.sid + "] RID[" + connection._proto.rid + "] JID[" + jid + "]");
}
}
good luck!

Related

SignalR sending notification to a specific client it's not working

When sending a notification with SignalR to a specific user it's not working.
I'm storing connection IDs in a table and when the notification should be sent I get the connection ID for the receiver from the DB but he doesn't get anything. What is wrong with my code?
// get the connectionId of the receiver
if (_db.UserConnectionid != null)
{
var userConn = await _db.UserConnectionid.Where(x => x.UserId == receiver).Select(x => x.ConnectionId).FirstOrDefaultAsync();
//if the receiver is online
if (userConn != null)
{
await Clients.Client(userConn).SendAsync("RecieveMessage", message);
}
}
I'm storing connection IDs in a table and when the notification should be sent I get the connection ID for the receiver from the DB but he doesn't get anything. What is wrong with my code?
Firstly, please note that a user could have more than one connection id, to troubleshoot the issue, you can try to debug the code and make sure the connection id you retrieved from db is same as the one of current connecting user.
Besides, to send message to a specific user, you can try to get all stored connection id(s) of a specific user/receiver, then send message by specify connectionIds, like below.
var ConnectionIds = _db.UserConnectionid.Where(x => x.UserId == receiver).Select(x => x.ConnectionId).ToList();
if (ConnectionIds.Count > 0)
{
await Clients.Clients(ConnectionIds).SendAsync("RecieveMessage", message);
}
If you are using default user claims mechanism for authorization, you probably can take a look into this mechanism:
https://learn.microsoft.com/en-us/aspnet/core/signalr/authn-and-authz?view=aspnetcore-5.0#use-claims-to-customize-identity-handling
If you will provide IUserIdProvider service or map userId to ClaimTypes.NameIdentifier claim, you will be able to filter your SignalR clients by stringified user id using this method:
https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.signalr.ihubclients-1.user?view=aspnetcore-5.0#Microsoft_AspNetCore_SignalR_IHubClients_1_User_System_String_
Like this:
await Clients.User(receiver.ToString()).SendAsync("RecieveMessage", message);
As recommended in the article, don’t store Id’s.
https://consultwithgriff.com/signalr-connection-ids/

Keycloak: how to get client_id where the user registered?

I have a realm with several OpenId clients using SSO. I need to determine from which client each Keycloak user came from.
How can I get this information?
Answering my own question.
I didn't find natively this information in Keycloak's token. So I added a script.
In Authentication > Registration flow, I add an execution of type "Script" with the following function:
function authenticate(context) {
var username = user ? user.username : "anonymous";
var uri = context.getUriInfo();
LOG.info("setClientIdAttribute for URI " + context.getUriInfo().getRequestUri());
if (uri !== null) {
var clientId = uri.getQueryParameters().getFirst("client_id");
if (clientId !== null) {
LOG.info("Attribute 'origin' set with value " + clientId + " for user " + username);
user.setSingleAttribute('origin', clientId);
}
}
context.success();
}
If decoded each JWT has parameter azp, which is the client id.
If you decode the token, the field "aud" is your "client_id".
Check this information using jwt.io.

IdentityServer4 implicit grant acr values

I am trying to pass tenant id as parameter to identityserver4 implicit grant end point. The client is written using angularjs, are there any examples to pass the tenantid from angular app to identityserver4 end point.
I have found that this feature was implemented using acr_values. More details are here - https://github.com/IdentityServer/IdentityServer3/issues/348
yes of course. you can always pass userID or any other variable in the state variable of your AUth request. if you include userID as a parameter in your request URL when sending it to Auth server, it'll return the state to redirect URI. which means you'll have access to it there. the issue is when an implicit request is being sent, it practically detaches your app from server cause the response URI (possibly) is in a different state/page. so by passing it as in state, the authorization server includes this value when redirecting the user-agent back to the client.
public Authenticationrequest() {
var client_id = "YOUR-CLIENT-ID";
var scope = "OPTIONAL";
var redirect_uri = "YOUR_REDIRECT_URI";
var response_type = "token";
var authserver = "YOUR-AUTH-SERVER-URL?";
var state = "OPTIONAL"; // put UserID here
var AuthenticationURL = authserver + "response_type=" + response_type + "&scope=" + scope + "&client_id=" + client_id + "&state=" + state + "&redirect_uri=" + redirect_uri;
return AuthenticationURL;
};

How to run Sharepoint Rest API from server side with elevated privileges?

The Sharepoint Rest API uses a simple URL of the type http://mysite/_api/search/query?querytext='search_key' to return search results as an XML. When I run this directly in a browser, I see a valid XML response:
(1) Am I right in assuming the above response is generated using the current user's authorization?
(2) Can this URL be invoked from server side? I tried it in a web method (WCF web service), but received a 401 - Unauthorized:
public string GetSearchResults(string searchKey)
{
string webURL = SPContext.Current.Web.Url;
string searchURL = webURL + "/_api/search/query?querytext='" + searchKey + "'";
WebClient client = new WebClient();
string xmlResponse = client.DownloadString(searchURL); // throws 401
// parse xmlResponse and return appropriately
}
(3) What I really need is to be able to get the search results irrespective of the current user's access rights (the requirement is that users will see all search results, with an option to "request access" when needed).
I tried this in the above web method, but it still throws the same 401:
public string GetSearchResults(string searchKey)
{
string webURL = SPContext.Current.Web.Url;
string searchURL = webURL + "/_api/search/query?querytext='" + searchKey + "'";
string xmlResponse;
SPSecurity.RunWithElevatedPrivileges(delegate()
{
WebClient client = new WebClient();
xmlResponse = client.DownloadString(searchURL); // still 401
});
// parse xmlResponse and return appropriately
}
What is the right way to invoke the Rest URL from server side? Specifically, from a web method? And how can it be run as super user?
In order to perform REST request, authenticate the request via WebClient.Credentials Property
On Premise (your scenario)
WebClient client = new WebClient();
client.Credentials = new NetworkCredential(userName,password,domain);
SharePoint Online
WebClient client = new WebClient();
client.Credentials = new SharePointOnlineCredentials(username,securedPassword);
client.Headers.Add("X-FORMS_BASED_AUTH_ACCEPTED", "f");
Search results are always security trimmed by SharePoint so to make this work, you'd need to run your query after specifying new credentials as mentioned by Vadim. This is almost certainly not a good idea. If you're running code server side already, don't use the REST interface, just query directly using the search API.

Get remote endpoint properties on node.js socket close/end events

I have a node.js server which keeps track of all "clients" connected to it, using an associative array of sockets, because I need to send some data to specific clients sometimes. The keys in that array are strings composed of
socket.remoteAddress + ':' + socket.remotePort
and values are socket instances passed to the callback provided to net.createServer(...)
Sometimes the clients disconnect for one reason or another and I receive the 'end' and then 'close' events. I'd like to remove the disconnected clients from my client registry but in the close/end event callbacks, the remoteAddress and remotePort variables are undefined. Can they be retrieved somehow?
To illustrate:
var registry = {}
var server = net.createServer(function (socket) {
socket.on('connect', function(){
registry [socket.remoteAddress + ':' + socket.remotePort] = socket;
});
socket.on('close', function(had_error){
// ******************************************************
// socket.remoteAddress and remotePort are undefined here
// ******************************************************
var id = socket.remoteAddress + ':' + socket.remotePort;
// *************************************************************
if(registry.hasOwnProperty(id)
delete socket.id;
});
});
I think you should use socket.id instead of creating your own object property that might not be unique
socket.on('connect', function(){
registry [socket.id] = socket;
});
UPDATE
Node provides basic http API. Http is stateless. HTTP sessions allow associating information with individual visitors but node doesn't have a native sessions support.
Take a look at express, it is a nice web framework with sessions support
Also, if you need to send messages in a realtime fashion, take a look at socket.io
UPDATE V2
You can add your own ID property to the socket object:
function randomID(len){
//Generate a random String
return randID;
}
var registry = {}
var server = net.createServer(function (socket) {
socket.on('connect', function(){
var uid = randomID(32);
socket.id = uid;
registry [uid] = socket;
});
socket.on('close', function(had_error){
var uid = socket.id;
// *************************************************************
console.log("Socket ID " + uid + " disconnected")
});
});