Closed pinanklakhani closed 1 year ago
Why open a new issue?!
@licaon-kter It was posted on contrib repository by mistakenly
For reference, the previous issue is https://github.com/processone/ejabberd-contrib/issues/316
@licaon-kter @badlop
For JWT authentication, i have to use auth method external.
The reference provided suggesting to use auth_method: jwt
And for this to work, i have to expose my token private key which according to
Understand?
I think this is wrong:
#! /usr/bin python3
It should be:
#!/usr/bin/python3
@badlop tried but same result
2023-02-23 18:42:20.703636+05:30 [error] <0.599.0>@extauth:handle_info/2:149 Failed to start external authentication program 'python3.9 /usr/local/etc/ejabberd/authenticator.py'
2023-02-23 18:42:20.703869+05:30 [error] <0.598.0>@supervisor:do_restart/3:736 SUPERVISOR REPORT:
#!/usr/bin/python3
would probably be better as #!/usr/bin/env python3
, but it doesn't matter if python3
is actually in /usr/bin
.
The main problem is your script does not implement the external authentication API.
Also, as @licaon-kter pointed out on the ticket in ejabberd-contrib, JWT
authentication is already supported natively.
For JWT authentication, i have to use auth method external.
Why?
The reference provided suggesting to use
auth_method: jwt
And for this to work, i have to expose my token private key which according to
That looks like an incomplete sentence. You do not need to share private key if you are using an asymmetric key, only the public key is necessary to validate tokens.
Understand?
No 😄
Thanks @nosnilmot
I updated auth_method to jwt and provided public key in jwt_key option and configuration worked.
I have keycloak as auth gateway so provided cert json in jwt_key path and configs loaded successfully
https://<host>/auth/realms/myrealm/protocol/openid-connect/certs
Now when i pass jid and token from strophe.js while connection, it is giving an error of invalid username or password. Checking for that
I Simply want to authenticate my client using JWT toke. Fo that i am using external authentication and using python script. I have following configurations in ejabberd.yml file
and following is my authenticator.py file in the same dir.
but when i start ejabberd server its giving following error
Please help to resolve