SouL
/
HTTPAuthentificationOverXMPP
forked from chteufleur/HTTPAuthentificationOverXMPP
1
0
Fork 0
Code Releases Activity
Provide an HTTP anthentification over XMPP (XEP-0070).
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
64 Commits
3 Branches
1 Tag
1.2 MiB
 
 
Branch: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
Chteufleur ce6a3a26af
Oups! Forgot to add the lang file and explained it has to be added next to the configuration file. 		7 years ago
http Make the transaction ID mandatory again (for security issue). 7 years ago
packaging Oups! Forgot to add the lang file and explained it has to be added next to the configuration file. 7 years ago
scripts Add packaging instructions and script 7 years ago
xmpp Send multiple bodies with support of xml:lang. 7 years ago
.gitignore initial commit 7 years ago
LICENSE Modification License file 7 years ago
README.md Fix typo in README 7 years ago
httpAuth.conf Add the XDG specification for configuration file location. 7 years ago
main.go Send multiple bodies with support of xml:lang. 7 years ago
messages.lang Oups! Forgot to add the lang file and explained it has to be added next to the configuration file. 7 years ago

README.md
Escape

HTTPAuthenticationOverXMPP

Provide an HTTP authentication over XMPP. Implementation of XEP-0070.

Can be run as a XMPP client or XMPP component.

Dependencies

  • go-xmpp for the XMPP part.
  • cfg for the configuration file.

Build and run

You must first install go environment on your system. Then, go into your $GOPATH directory and go get the source code.

go get git.kingpenguin.tk/chteufleur/HTTPAuthentificationOverXMPP.git

First, you need to go into directory $GOPATH/src/chteufleur/HTTPAuthentificationOverXMPP.git. Then, you can run the project directly by using command go run main.go. Or, in order to build the project you can run the command go build main.go. It will generate a binary that you can run as any binary file.

Configure

Configure the gateway by editing the httpAuth.conf file in order to give all XMPP and HTTP server informations. This configuration file has to be placed following the XDG specification (example /etc/xdg/http-auth/httpAuth.conf). An example of the config file can be found in the repos.

XMPP

  • xmpp_server_address : Component server address connection (default: 127.0.0.1)
  • xmpp_server_port : Component server port connection (default: 5347)
  • xmpp_jid : Account JID
  • xmpp_secret : Account password
  • xmpp_debug : Enable debug log at true (default: false)
  • xmpp_verify_cert_validity : Enable certificate verification (default: true)

HTTP

  • http_port : HTTP port to bind (default: -1, desactive: -1)
  • https_port : HTTPS port to bind (default: -1, desactive: -1)
  • https_cert_path : Path to the certificate file (default: ./cert.pem)
  • https_key_path : Path to the key file (default: ./key.pem)
  • http_timeout_sec : Define a timeout if user did not give an answer to the request (default: 60)
  • http_bind_address_ipv4 : Bind address on IPv4 (default: 127.0.0.1)
  • http_bind_address_ipv6 : Bind address on IPv6 (default: [::1])

Bold config are mandatory.

If http_bind_address_ipv4 is set to 0.0.0.0, it will bind all address on IPv4 AND IPv6.

Usage

To ask authorization, just send an HTTP request to the path /auth with parameters:

  • jid : JID of the user (user@host/resource or user@host)
  • domain : Domain you want to access
  • method : Method you access the domain
  • transaction_id : Transaction identifier (auto generated if not provide)
  • timeout : Timeout of the request in second (default : 60, max : 300)

Bold parameters are mandatory.

Example:

GET /auth?jid=user%40host%2fresource;domain=example.org;method=POST;transaction_id=WhatEverYouWant;timeout=120 HTTP/1.1

This will send a request to the given JID, then return HTTP code depending on what appended.

  • 200 : User accept the request
  • 400 : One or more mandatory parameter(s) is missing
  • 401 : User deny the request or timeout
  • 520 : Unknown error append
  • 523 : Server is unreachable

If the provided JID contain a resource, it will try to send an iq stanza. If the answer to this iq is a feature-not-implemented or service-unavailable error, it will automatically send a message stanza. Unfortunately, if a message stanza is used, their is probably no way to get the error if the JID does not exist or is unreachable.

A demo version can be found at auth.xmpp.kingpenguin.tk for test purpose only.

Help

To get any help, please visit the XMPP conference room at httpauth@muc.kingpenguin.tk with your prefered client, or with your browser.