Closed glyphCezilleSantillan closed 7 years ago
If it is indeed due to the need to urlencode your username then that should be handled by the library. Can you try testing with a plain username and password to see if that fixes it?
On Dec 16, 2016 3:23 AM, "Cezille Santillan" notifications@github.com wrote:
When calling ari.start(), I encountered a mysterious error that left the following trace:
Unhandled rejection Error: undefined at Object.ensureErrorObject (/home/
/src/ /node_modules/bluebird/js/main/util.js:261:20) at Promise._rejectCallback (/home/ /src/ /node_modules/bluebird/js/main/promise.js:472:22) at /home/ /src/ /node_modules/bluebird/js/main/promise.js:489:17 at /home/ /src/ /node_modules/ari-client/lib/client.js:327:11 at /home/ /src/ /node_modules/underscore/underscore.js:890:21 at reconnect (/home/ /src/ /node_modules/ari-client/lib/client.js:526:9) at WebSocket.processError (/home/ /src/ /node_modules/ari-client/lib/client.js:509:7) at emitOne (events.js:77:13) at WebSocket.emit (events.js:169:7) at ClientRequest.response (/home/ /src/ /node_modules/ws/lib/WebSocket.js:721:12) at ClientRequest.g (events.js:260:16) at emitOne (events.js:77:13) at ClientRequest.emit (events.js:169:7) at HTTPParser.parserOnIncomingClient (_http_client.js:433:21) at HTTPParser.parserOnHeadersComplete (_http_common.js:103:23) at Socket.socketOnData (_http_client.js:322:20) at emitOne (events.js:77:13) at Socket.emit (events.js:169:7) at readableAddChunk (_stream_readable.js:153:18) at Socket.Readable.push (_stream_readable.js:111:10) at TCP.onread (net.js:537:20) Suspiciously, it occurred about a minute after connecting. Looking around, it turned out that my ARI user had some special characters (+) that weren't being escaped. When creating the websocket url, it added my user as is:
var wsUrl = util.format( '%s://%s/ari/events?app=%s&api_key=%s:%s', (self._connection.protocol === 'https:' ? 'wss' : 'ws'), self._connection.host, applications, self._connection.user, // <-- may be unsafe self._connection.pass );
It resulted in 401s that didn't bubble up well, and finally culminated in the above error.
Is this a bug? Or should I be url-encoding my own usernames/passwords...or should I simply avoid special characters altogether?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/asterisk/node-ari-client/issues/76, or mute the thread https://github.com/notifications/unsubscribe-auth/AAS34-OSteoYfFhXR9HdRk0Qiupez7ldks5rIliIgaJpZM4LO_dl .
And by "should be handled" I mean that it should be the library's responsibility to do that, so if that's actually the case then we should fix it here
On Dec 16, 2016 6:36 AM, "Chad McElligott" chad.mcelligott@gmail.com wrote:
If it is indeed due to the need to urlencode your username then that should be handled by the library. Can you try testing with a plain username and password to see if that fixes it?
On Dec 16, 2016 3:23 AM, "Cezille Santillan" notifications@github.com wrote:
When calling ari.start(), I encountered a mysterious error that left the following trace:
Unhandled rejection Error: undefined at Object.ensureErrorObject (/home/
/src/ /node_modules/bluebird/js/main/util.js:261:20) at Promise._rejectCallback (/home/ /src/ /node_modules/bluebird/js/main/promise.js:472:22) at /home/ /src/ /node_modules/bluebird/js/main/promise.js:489:17 at /home/ /src/ /node_modules/ari-client/lib/client.js:327:11 at /home/ /src/ /node_modules/underscore/underscore.js:890:21 at reconnect (/home/ /src/ /node_modules/ari-client/lib/client.js:526:9) at WebSocket.processError (/home/ /src/ /node_modules/ari-client/lib/client.js:509:7) at emitOne (events.js:77:13) at WebSocket.emit (events.js:169:7) at ClientRequest.response (/home/ /src/ /node_modules/ws/lib/WebSocket.js:721:12) at ClientRequest.g (events.js:260:16) at emitOne (events.js:77:13) at ClientRequest.emit (events.js:169:7) at HTTPParser.parserOnIncomingClient (_http_client.js:433:21) at HTTPParser.parserOnHeadersComplete (_http_common.js:103:23) at Socket.socketOnData (_http_client.js:322:20) at emitOne (events.js:77:13) at Socket.emit (events.js:169:7) at readableAddChunk (_stream_readable.js:153:18) at Socket.Readable.push (_stream_readable.js:111:10) at TCP.onread (net.js:537:20) Suspiciously, it occurred about a minute after connecting. Looking around, it turned out that my ARI user had some special characters (+) that weren't being escaped. When creating the websocket url, it added my user as is:
var wsUrl = util.format( '%s://%s/ari/events?app=%s&api_key=%s:%s', (self._connection.protocol === 'https:' ? 'wss' : 'ws'), self._connection.host, applications, self._connection.user, // <-- may be unsafe self._connection.pass );
It resulted in 401s that didn't bubble up well, and finally culminated in the above error.
Is this a bug? Or should I be url-encoding my own usernames/passwords...or should I simply avoid special characters altogether?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/asterisk/node-ari-client/issues/76, or mute the thread https://github.com/notifications/unsubscribe-auth/AAS34-OSteoYfFhXR9HdRk0Qiupez7ldks5rIliIgaJpZM4LO_dl .
Yeah, that's on us, sorry about that.
@chadxz To illustrate, here's couple of sample users in ari.conf
:
[normal]
type=user
password=nothingspecial
[special]
type=user
password=s3cre+
Assume we have a dialplan that launches a stasis app "some_app", then in node:
ari.connect('http://127.0.0.1:8088', 'normal', 'nothingspecial').then(function (client) {
client.start("some_app");
// ... rest of app code
});
The code proceeds quickly and does as expected.
However,
ari.connect('http://127.0.0.1:8088', 'special', 's3cre+').then(function (client) {
client.start("some_app").catch(function (err) {
console.log(err); // prints the error in first post (Error: undefined)
});
// ... rest of app code
});
In this case, start
creates a websocket url that is:
ws://127.0.0.1:8088/ari/events?app=some_app&api_key=special:s3cre+
The +
seems to be interpreted as a space. If one calls: ari.connect('http://127.0.0.1:8088', 'special', 'secre%2B')
(where %2B
is url-encoded +
), it goes through as before. I tried wrapping the username and password in encodeURIComponent
in the start
function (while using secre+
again), and it went without a hitch.
I don't think the Asterisk documentation prevents one from using special characters; either: the library should add URL-encoding as a safeguard against +
, %
, etc... or, issue a warning against using special characters.
Perhaps the strangest thing for me here is the Error: undefined
part. I had to console.log(err)
from the processError
in node_modules/ari-client/lib/client.js
function to reveal the 401
. I noticed that resolve and reject is overwritten to be called only once; I think that muddled up the error message somehow?
Thank you for taking the time to verify the issue. Since you have a narrow reproduction case and the fix in hand, would you be up for submitting a pull request with the fix?
I'd recommend fixing this as two separate PRs @glyphCezilleSantillan - one to fix the main issue and another to fix whatever issue you're facing with promises?
Closing since the 2 PRs above should resolve the issues listed here.
When calling
ari.start()
, I encountered a mysterious error that left the following trace:Suspiciously, it occurred about a minute after connecting. Looking around, it turned out that my ARI user had some special characters (
+
) that weren't being escaped. When creating the websocket url, it added my user as is:It resulted in
401
s that didn't bubble up well, and finally culminated in the above error.Is this a bug? Or should I be url-encoding my own usernames/passwords...or should I simply avoid special characters altogether?