Provide an HTTP authentication over XMPP via XEP-0070.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
jnanar ffcbe7f55c IMP: Update dependencies versions. 2 weeks ago
http IMP: update dependencies 11 months ago
packaging Oups! Forgot to add the lang file and explained it has to be added next to the configuration file. 6 years ago
scripts Add packaging instructions and script 6 years ago
xmppauth FIX implementation, message type is not mandatory for answer with message element. 9 months ago
.gitignore initial commit 6 years ago
LICENSE Modification License file 6 years ago
README.md Add default lang into README. 6 years ago
go.mod IMP: Update dependencies versions. 2 weeks ago
httpAuth.conf Add the XDG specification for configuration file location. 6 years ago
main.go IMP: update dependencies 11 months ago
messages.lang Fix FR message that missed a part of the message. 6 years ago

README.md

HTTPAuthenticationOverXMPP

Provide an HTTP authentication over XMPP. Implementation of XEP-0070.

Can be run as a XMPP client or XMPP component.

Dependencies

  • go-xmpp for the XMPP part.
  • cfg for the configuration file.

Build and run

You must first install go environment on your system. Then, go into your $GOPATH directory and go get the source code.

go get git.kingpenguin.tk/chteufleur/HTTPAuthentificationOverXMPP.git

First, you need to go into directory $GOPATH/src/chteufleur/HTTPAuthentificationOverXMPP.git. Then, you can run the project directly by using command go run main.go. Or, in order to build the project you can run the command go build main.go. It will generate a binary that you can run as any binary file.

Configure

Configure the gateway by editing the httpAuth.conf file in order to give all XMPP and HTTP server informations. This configuration file has to be placed following the XDG specification (example /etc/xdg/http-auth/httpAuth.conf). An example of the config file can be found in the repos.

XMPP

  • xmpp_server_address : Component server address connection (default: 127.0.0.1)
  • xmpp_server_port : Component server port connection (default: 5347)
  • xmpp_jid : Account JID
  • xmpp_secret : Account password
  • xmpp_debug : Enable debug log at true (default: false)
  • xmpp_verify_cert_validity : Enable certificate verification (default: true)
  • xmpp_default_lang : Message default languages

HTTP

  • http_port : HTTP port to bind (default: -1, desactive: -1)
  • https_port : HTTPS port to bind (default: -1, desactive: -1)
  • https_cert_path : Path to the certificate file (default: ./cert.pem)
  • https_key_path : Path to the key file (default: ./key.pem)
  • http_timeout_sec : Define a timeout if user did not give an answer to the request (default: 60)
  • http_bind_address_ipv4 : Bind address on IPv4 (default: 127.0.0.1)
  • http_bind_address_ipv6 : Bind address on IPv6 (default: [::1])

Bold config are mandatory.

If http_bind_address_ipv4 is set to 0.0.0.0, it will bind all address on IPv4 AND IPv6.

The lang messages file must be placed into the same directory than the configuration file. An example of this file can be found in the repos

Usage

To ask authorization, just send an HTTP request to the path /auth with parameters:

  • jid : JID of the user (user@host/resource or user@host)
  • domain : Domain you want to access
  • method : Method you access the domain
  • transaction_id : Transaction identifier (auto generated if not provide)
  • timeout : Timeout of the request in second (default : 60, max : 300)

Bold parameters are mandatory.

Example:

GET /auth?jid=user%40host%2fresource;domain=example.org;method=POST;transaction_id=WhatEverYouWant;timeout=120 HTTP/1.1

This will send a request to the given JID, then return HTTP code depending on what appended.

  • 200 : User accept the request
  • 400 : One or more mandatory parameter(s) is missing
  • 401 : User deny the request or timeout
  • 520 : Unknown error append
  • 523 : Server is unreachable

If the provided JID contain a resource, it will try to send an iq stanza. If the answer to this iq is a feature-not-implemented or service-unavailable error, it will automatically send a message stanza. Unfortunately, if a message stanza is used, their is probably no way to get the error if the JID does not exist or is unreachable.

A demo version can be found at auth.xmpp.kingpenguin.tk for test purpose only.

Help

To get any help, please visit the XMPP conference room at httpauth@muc.kingpenguin.tk with your prefered client, or with your browser.