licaon-kter
commented
1 year ago sudo -u ejabberd /usr/local/etc/ejabberd/authenticator.py says what ?
Also that script has no /.../bin/python mentions on top so it knows with WHAT it should run it?
Closed pinanklakhani closed 1 year ago
licaon-kter
commented
1 year ago sudo -u ejabberd /usr/local/etc/ejabberd/authenticator.py says what ?
Also that script has no /.../bin/python mentions on top so it knows with WHAT it should run it?
pinanklakhani
commented
1 year ago @licaon-kter Didn't get you
I am referring tot this : https://docs.ejabberd.im/admin/configuration/authentication/#external-script
licaon-kter
commented
1 year ago Run that command, show the output.
Can you run the script as bash authenticator.py from command line?
pinanklakhani
commented
1 year ago bash /usr/local/etc/ejabberd/authenticator.py
/usr/local/etc/ejabberd/authenticator.py: line 3: import: command not found
/usr/local/etc/ejabberd/authenticator.py: line 4: import: command not found
/usr/local/etc/ejabberd/authenticator.py: line 7: syntax error near unexpected token `('
/usr/local/etc/ejabberd/authenticator.py: line 7: `def authenticate(username, token):'Run this command too: sudo -u ejabberd /usr/local/etc/ejabberd/authenticator.py
What is its output?
And yes add this on top of the script: #!/usr/bin/env python3 then retry with bash again
pinanklakhani
commented
1 year ago sudo: unknown user: ejabberd
sudo: error initializing audit plugin sudoers_auditI am on macOS
licaon-kter
commented
1 year ago Ok, replace "ejabberd" with your user that is used to start ejabberd
Did you update your auth script and tested it?
pinanklakhani
commented
1 year ago @licaon-kter Sorry? Not sure which about user you are pointing
pinanklakhani
commented
1 year ago @licaon-kter I Simply want to authenticate my client using JWT toke. Fo that i am using external authentication and using python script. I have following configurations in ejabberd.yml file
auth_method: external
extauth_program: /usr/local/etc/ejabberd/authenticator.py
extauth_instances: 1
auth_use_cache: false
auth_password_format: scramand following is my authenticator.py file in the same dir.
#! /usr/bin python3
import requests
import json
def authenticate(username, token):
headers = {'Authorization': f'Bearer {token}'}
response = requests.get('https://keycloak.example.com/auth/realms/myrealm/protocol/openid-connect/userinfo', headers=headers)
if response.status_code == 200:
userinfo = json.loads(response.content)
return True
else:
return Falsebut when i start ejabberd server its giving following error
[error] <0.605.0>@extauth:handle_info/2:149 Failed to start external authentication program '/usr/local/etc/ejabberd/authenticator.py'
2023-02-23 14:35:11.100175+05:30 [error] <0.600.0>@supervisor:do_restart/3:736 SUPERVISOR REPORT:
supervisor: {local,extauth_pool_localhost}
errorContext: child_terminated
reason: normal
offender: [{pid,<0.605.0>},
{id,extauth_pool_localhost_1},
{mfargs,{extauth,start_link,
[extauth_pool_localhost_1,
"/usr/local/etc/ejabberd/authenticator.py"]}},
{restart_type,permanent},
{significant,false},
{shutdown,5000},
{child_type,worker}]Please help to resolve
licaon-kter
commented
1 year ago JWT has a separate section: https://docs.ejabberd.im/admin/configuration/authentication/#jwt-authentication
I want to authenticate users using external auth_method but its not loading the file,
My Configs
External python script
Getting following error when start ejabberd server
ejabberdctl start