I am using strophe.js for implementing XMPP to connect using google account. I am already using Google OAuth for login into my application using the OAuth token.
How do I use the X-OAUTH2 mechanism to make the <auth> request using strophe, rather than providing the password for the authentication to the XMPP service.
Google's documentation for the X-OAUTH2 authentication states this is the initial <auth> request to make:
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl"
mechanism="X-OAUTH2"
auth:service="oauth2"
xmlns:auth="http://www.google.com/talk/protocol/auth">
base64("\0" + user_name + "\0" + oauth_token)
</auth>
I'm starting to building a client using strophe, to which I'm new too. I guess you'll need to use a proper BOSH connection manager to authenticate to xmpp server with oauth2. I know punjab is popular, you could try to use that, but I'm looking at Node BOSH, as mentioned here XMPP client Not connecting - using Node Bosh server
Related
I have a blockchain network built using Hyperledger Composer, started the Composer Rest Server and generated Java client code from the Open API spec to consume the REST Api. I have looked at the documentation to enable authentication and multi user mode. I already have authentication in my web application. How would I go about granting access to the user to interact with the blockchain after they sign into my web app?
Thanks.
Can you please tell us what strategy are you using for your web-application authentication?
Recently updated documentation # https://hyperledger.github.io/composer/latest/integrating/enabling-rest-authentication
The REST server uses the open source Passport authentication middleware.
Administrators of the REST server must select Passport strategies to
authenticate clients. Multiple Passport strategies can be selected, allowing
clients of the REST server to select a preferred authentication mechanism.
Passport includes a wide range of strategies (300+ at the time of writing),
including a mix of social media (Google, Facebook, Twitter) and enterprise
(SAML, LDAP) strategies.
You need to configure an appropriate passport-strategy to generate the access_token that will be used by REST API SERVER.
Given that I would create an OAUTH2 authentication server.
Given that I would to have separate resource servers, exposing REST APIs.
What are the best communication practies between the authentication server and the API servers?
To explain OAUTH2 server would be a proxy authenticating the user and forwarding requests to different API servers, that are not third party, but under the hood of the OAUTH2 proxy, relying on it to know the agent (user) requesting for the given command\query.
The simplest would be that the authentication server will forward the user id (that is stored with ACL rules also on each API server) under a secure connection, and that access would be restricted to request forwarded from authetication server to resource API servers.
The auth server would in this case forward the user id, but this seems suceptible to mand in the middle attack (altought firewall on API servers would be configured to accept requests only from the authentication server).
Another problem would be compromission of the OAUTH proxy, giving automaticly grant to any request coming from it.
Are there ready solution and patterns to deal with this scenario?
Thanks!
Check the User Account and Authentication Service (UAA) from CloudFoundry. Maybe will help you. It is also available as a stand-alone OAuth2 server.
API Documentation, GitHub
I have a web .NET service. I can connect this web service from web browsers.
If I write service address first web browser ask username and password than service is connected.
If I connect this web service with delphi. There is error message:
Error message is "401 Unauthorized"
I am using:
RESTResponse1
RESTRequest1
RESTClient1 and HTTPBasicAuthenticator 1.
HTTPBasicAuthenticator1 has username and password and RestClient add Authenticator.
But I can not connect web service
How can I connect it?
To find out the reason for the missing (or wrong) authentication you can use the developer / debug mode in most web browsers. You could also use Wireshark or a HTTP proxy.
Check the response headers of the server. They include information about all supported authentication modes (see RFC 2616)
I am creating chat application that will connect to facebook chat via XMPP. I installed eJabberd server, and, I am looking for a way to to hook to messages that comes from the client in order to add the access token and the api key/secret to the message before I am sending it to facebook, and I can't figure out how to do it, is it via one of the pre defined ejabber modules, or I need to develop one?
** I can connect with pidgin to facebook xmpp using the eJabberd server I installed.
Thanks.
How can I login different gateways like google and yahoo using xmpp framework. I am using openfire server. Thanks in advance
GTalk uses Xmpp, so you can chat between gtalk and openfire users using s2s federation (which should be on by default in openfire). Yahoo is it's own protocol and you'd need the IM gateway plug-in for openfire. However that seems to be deprecated and instead there is now the standalone IM gateway, Kraken, which should do what you want