Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Activate time-limited tokens (beta): Invalid username or password #89

Open
ghost opened this issue Jan 7, 2021 · 6 comments
Open

Activate time-limited tokens (beta): Invalid username or password #89

ghost opened this issue Jan 7, 2021 · 6 comments

Comments

@ghost
Copy link

ghost commented Jan 7, 2021

Hi,
I am having issues with time-limited tokens on JavaScript XMPP Chat 4.2.1 and most recent commit of xmpp-cloud-auth

i think that with somewhat recent updates (sorry, I dont know which one) automatic logging in to the xmpp chat stopped working (?) and i don't expect any of my few users to bother logging in manually (asking for user id and domain which are both in session info) so I started to play with the time limited tokens, but without any success (I am 'troubleshooting' this via firefox's developer tools)

result from call (without content) bundle.js:25 to https://nextcloud.example.com/index.php/apps/ojsxc/settings

{"result":"success", 
"data":{"disabled":false,"xmpp":{"url":"https:\/\/nextcloud.example.com\/bosh",
"domain":"example.com","resource":"web","defaultDomain":"xmpp.example.com",
"node":"user","password":"<31 characters long string>"}, 
"loginForm":{"enable":false,"form":"#body-login 
form","jid":"#user","pass":"#password","preJid":"undefined","onConnecting":
"quiet","onConnected":"submit","onAuthFail":"submit","attachIfFound":true,
"ifFound":"force","startMinimized":false}, 
"priority":{"online":"9","chat":"10","away":"8","xa":"7","dnd":"-1"},"client":{
"lang":"cs"}}}

then POST request from jsxc.bundle.js:2 (usefull, right? :) to bosh

<body content="text/xml; charset=utf-8" hold="1" rid="666534419" to="example.com" ver="1.6" wait="60" xml:lang="en" xmlns="http://jabber.org/protocol/httpbind" xmlns:xmpp="urn:xmpp:xbosh" xmpp:version="1.0"/>

response:

<body xmpp:version='1.0' authid='4356426246084140209' xmlns='http://jabber.org/protocol/httpbind' sid='e80a165a80c7664c7efc646f80298dd5c76f7e24' wait='60' ver='1.11' polling='2' inactivity='30' hold='1' xmpp:restartlogic='true' requests='2' secure='true' maxpause='120' xmlns:xmpp='urn:xmpp:xbosh' xmlns:stream='http://etherx.jabber.org/streams' from='example.com'>
    <stream:features>
        <mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>
            <mechanism>PLAIN</mechanism>
            <mechanism>X-OAUTH2</mechanism>
        </mechanisms>
    </stream:features>
</body>

and last POST request from jsxc.bundle.js:2 (usefull, right? :) to bosh

<body rid="4028017525" sid="0199fa91156c174f2aaeb5f5d379d6377e23919e" xmlns="http://jabber.org/protocol/httpbind"><auth mechanism="PLAIN" xmlns="urn:ietf:params:xml:ns:xmpp-sasl">dXNlcjxzYW1lIDMxIGNoYXJhY3RlcnMgbG9uZyBzdHJpbmcsIHNvcnJ5IGZvciBtZXNzaW5nIHdpdGggdGhpcyA6KT4=</auth></body>

response:

<body xmlns='http://jabber.org/protocol/httpbind'><failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/><text xml:lang='en'>Invalid username or password</text></failure></body>

xcauth.log: (xcauth.err is definitelly no snitch - being empty)

2021-01-07 13:07:12,864 DEBUG: Receive operation auth
2021-01-07 13:07:12,865 WARNING: Token for [email protected] has invalid signature (possible attack attempt!)
2021-01-07 13:07:13,191 DEBUG: Resetting dropped connection: nextcloud.example.com
2021-01-07 13:07:13,973 DEBUG: https://nextcloud.example.com:443 "POST /index.php/apps/ojsxc/ajax/externalApi.php HTTP/1.1" 200 39
2021-01-07 13:07:13,974 INFO: FAILURE: Could not authenticate user [email protected]: noauth
@ghost
Copy link
Author

ghost commented Jan 15, 2021

i updated my ejabberd to 20.04, it works a bit better and video calls work straight out of the box, I tested the login with token several times, it did not work while login and password works without any problem.

@fangebee fangebee mentioned this issue May 18, 2021
Open
@ghost
Copy link
Author

ghost commented Aug 23, 2021
edited by ghost
Loading

I would call this is a deal-breaker - without it, the jsxc is practically useless for me - none of my nextcloud users won't bother login twice (most of them dont even know this exist), and so with completely empty roster, it is just a waste of bytes and pixels (albeit only few).

@sualko
Copy link
Member

sualko commented Aug 24, 2021

I'm sorry that you experienced trouble with this module. Can you ping us again in a week? Thanks for your patience.

@ghost
Copy link
Author

ghost commented Nov 21, 2021
edited by ghost
Loading

Hi, sorry it took me a bit longer to get back to you again, i still hope that the behaviour can be changed so the login happens automatically and i can start using jsxc with my instance's other users, who are currently always offline.

@ghost
Copy link
Author

ghost commented Jan 3, 2022

I just noticed that login in jsxc started to work automatically after login with nextcloud 22.2.3 (snap version) while jsxc stays on 4.3.1 from last summer, which would suggest that the bug was not in jsxc code, sorry about this!

@ghost ghost closed this as completed Jan 3, 2022
@ghost
Copy link
Author

ghost commented Jan 7, 2022

oh oh, my fault, i closed this thinking that the tokens started to work, that still doesn't work (i will try to retest this with newer ejabberd sometimes next week) what started to work is a single login to nextcloud and to xmpp.

@ghost ghost reopened this Jan 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sualko