1

I already have a schema of users with authentication-key and wanted to do authentication via that. I tried implementing authentication via sql but due to different structure of my schema I was getting error and so I implemented external-authentication method. The technologies and OS used in my application are :

  • Node.JS
  • Ejabberd as XMPP server
  • MySQL Database
  • React-Native (Front-End)
  • OS - Ubuntu 18.04

I implemented the external authentication configuration as mentioned in https://docs.ejabberd.im/admin/configuration/#external-script and took php script https://www.ejabberd.im/files/efiles/check_mysql.php.txt as an example. But I am getting the below mentioned error in error.log. In ejabberd.yml I have done following configuration.

...

host_config:
"example.org.co":
auth_method: [external]
extauth_program: "/usr/local/etc/ejabberd/JabberAuth.class.php"
auth_use_cache: false

...

Also, is there any external auth javascript script?

Here is the error.log and ejabberd.log as mentioned below

error.log

2019-03-19 07:19:16.814 [error] <0.524.0>@ejabberd_auth_external:failure:103 External authentication program failed when calling 'check_password' for admin@example.org.co: disconnected

ejabberd.log

2019-03-19 07:19:16.811 [debug] <0.524.0>@ejabberd_http:init:151 S: [{[<<"api">>],mod_http_api},{[<<"admin">>],ejabberd_web_admin}]

2019-03-19 07:19:16.811 [debug] <0.524.0>@ejabberd_http:process_header:307 (#Port<0.13811>) http query: 'POST' <<"/api/register">>

2019-03-19 07:19:16.811 [debug] <0.524.0>@ejabberd_http:process:394 [<<"api">>,<<"register">>] matches [<<"api">>]

2019-03-19 07:19:16.811 [info] <0.364.0>@ejabberd_listener:accept:238 (<0.524.0>) Accepted connection ::ffff:ip -> ::ffff:ip

2019-03-19 07:19:16.814 [info] <0.524.0>@mod_http_api:log:548 API call register [{<<"user">>,<<"test">>},{<<"host">>,<<"example.org.co">>},{<<"password">>,<<"test">>}] from ::ffff:ip

2019-03-19 07:19:16.814 [error] <0.524.0>@ejabberd_auth_external:failure:103 External authentication program failed when calling 'check_password' for admin@example.org.co: disconnected

2019-03-19 07:19:16.814 [debug] <0.524.0>@mod_http_api:extract_auth:171 Invalid auth data: {error,invalid_auth}

Any help regarding this topic will be appreciated.

Community
  • 1
  • 1

1 Answers1

3

1) Your config about the auth_method looks good.

2) Here is a python script I've used and upgraded to make an external authentication for ejabberd.

#!/usr/bin/python

import sys
from struct import *
import os

def openAuth(args):
    (user, server, password) = args
    # Implement your interactions with your service / database
    # Return True or False
    return True

def openIsuser(args):
    (user, server) = args
    # Implement your interactions with your service / database
    # Return True or False
    return True


def loop():
    switcher = {
        "auth": openAuth,
        "isuser": openIsuser,
        "setpass": lambda(none): True,
        "tryregister": lambda(none): False,
        "removeuser": lambda(none): False,
        "removeuser3": lambda(none): False,
    }

    data = from_ejabberd()
    to_ejabberd(switcher.get(data[0], lambda(none): False)(data[1:]))
    loop()

def from_ejabberd():
    input_length = sys.stdin.read(2)
    (size,) = unpack('>h', input_length)
    return sys.stdin.read(size).split(':')

def to_ejabberd(result):
    if result:
        sys.stdout.write('\x00\x02\x00\x01')
    else:
        sys.stdout.write('\x00\x02\x00\x00')
    sys.stdout.flush()

if __name__ == "__main__":
    try:
        loop()
    except error:
        pass

I didn't created the communication with Ejabberd from_ejabberd() and to_ejabberd(), and unfortunately can't find back the sources.

Francois Rotta
  • 31
  • 1