I've been pounding at this for over a month following these: https://www.process-one.net/blog/ejabberd-19-08/ https://docs.ejabberd.im/admin/configuration/authentication/#jwt-authentication
I've also been looking at posts like this one: JWT secret to use with ejabberd?
I've tried decoding the "k" value in the generated jwk to sign the Token. Nothing is currently working. I'm not exactly sure what the log is telling me, for all I know its missing the module responsible for JWT authentication. my distribution is Garuda:Arch ejabberd: 21.07-1
I get a crashlog:
2021-10-28 08:45:10.146309-05:00 [error] <0.674.0> ** Generic server <0.674.0> terminating
** Last message in was {'$gen_event',
{xmlstreamelement,
{xmlel,<<"auth">>,
[{<<"xmlns">>,
<<"urn:ietf:params:xml:ns:xmpp-sasl">>},
{<<"mechanism">>,<<"PLAIN">>}],
[{xmlcdata,
<<"AGVyaWMAZXlKaGJHY2lPaUpJVXpJMU5pSXNJblI1Y0NJNklrcFhWQ0o5LmV5SnFhV1FpT2lKbGNtbGpRR3h2ZDJWa2IzZHVMblJySWl3aVpYaHdJam94TmpNMU5ETXdPVEF4ZlEuSUY0LTI4ME9hU1h5Tjl6Yl9jZkZiQk9jWjNEZTMzOV9Xa2JPUkRlbm0tQQ==">>}]}}}
** When Server state == #{mgmt_queue_type => ram,stream_header_sent => true,
mgmt_state => inactive,tls_verify => false,
stream_compressed => false,
stream_timeout => {30000,-576458460293},
mgmt_stanzas_req => 0,
codec_options => [ignore_els],
socket_monitor => #Ref<0.687724880.2890924033.7168>,
user => <<>>,
pres_a => {0,nil},
tls_options => [compression_none],
stream_state => wait_for_sasl_request,
xmlns => <<"jabber:client">>,shaper => c2s_shaper,
tls_required => false,stream_direction => in,
mgmt_max_queue => 5000,csi_state => active,
socket =>
{socket_state,ejabberd_http_ws,
{http_ws,<0.673.0>,
{{0,0,0,0,0,65535,32512,1},52662}},
262144,undefined,none,none},
server => <<"**SECURED.COM**">>,
csi_queue => {0,#{}},
lang => <<"en">>,access => c2s,mod => ejabberd_c2s,
tls_enabled => false,lserver => <<"**SECURED.COM**">>,
owner => <0.674.0>,mgmt_stanzas_in => 0,
stream_authenticated => false,
mgmt_max_timeout => 10800000,
stream_restarted => false,mgmt_ack_timeout => 60000,
zlib => false,resource => <<>>,
mgmt_resend => if_offline,
ip => {{0,0,0,0,0,65535,32512,1},52662},
stream_id => <<"9071053646738984762">>,
mgmt_timeout => 10800000,stream_encrypted => false,
stream_version => {1,0},
mgmt_stanzas_out => 0}
** Reason for termination ==
** {'function not exported',
[{crypto,hmac,
[sha256,
<<229,202,17,249,237,157,59,64,236,115,50,234,213,255,52,31,109,
41,169,46,98,176,188,245,108,155,161,54,88,230,126,175,76,111,
17,186,156,41,53,27,223,122,164,116,89,189,150,4,207,251,152,85,
18,80,49,19,137,243,49,205,5,134,110,182>>,
<<"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJqaWQiOiJlcmljQGxvd2Vkb3duLnRrIiwiZXhwIjoxNjM1NDMwOTAxfQ">>],
[]},
{jose_jwk_kty_oct,verify,4,
[{file,"src/jose_jwk_kty_oct.erl"},{line,159}]},
{jose_jws,verify,2,[{file,"src/jose_jws.erl"},{line,379}]},
{jose_jwt,verify,2,[{file,"src/jose_jwt.erl"},{line,189}]},
{ejabberd_auth_jwt,check_jwt_token,3,
[{file,"src/ejabberd_auth_jwt.erl"},{line,117}]},
{ejabberd_auth_jwt,check_password,4,
[{file,"src/ejabberd_auth_jwt.erl"},{line,76}]},
{ejabberd_auth,db_check_password,7,
[{file,"src/ejabberd_auth.erl"},{line,691}]},
{ejabberd_auth,'-check_password_with_authmodule/6-fun-0-',8,
[{file,"src/ejabberd_auth.erl"},{line,248}]}]}
My tokens are manually generated on jwt.io and key file is generated using mkjwk.org. I'm fully aware that I am probably missing something stupid, but like I previously stated, I've been pounding at this for quite some time, its time to ask for help.
