search

xmppjs / xmpp.js

XMPP for JavaScript
ISC License
2.18k stars 371 forks source link

Getting not-authorized error when using valid user with ejabberd #983

Closed greffgreff closed 1 year ago

greffgreff commented 1 year ago

Hi,

I am in the process of upgrading node-xmpp-client to xmppjs. After doing so, I am no longer able to authenticate with my xmpp host, ejabberd and am getting the error: "SASLError: not-authorized - Invalid username or password".

Below is the code from the tutorial that I am currently troubleshooting. The only thing that I changed is the parameters passed into the client method:

const { client, xml } = require('@xmpp/client')
const debug = require('@xmpp/debug')

process.env.NODE_TLS_REJECT_UNAUTHORIZED = 0

// Start of changed code
const xmpp = client({
    service: 'wss://localhost:5443/ws',
    domain: 'localhost',
    username: 'admin@localhost',
    password: 'admin',
})
// End of changed code

debug(xmpp, true)

xmpp.on('error', (err) => {
    console.error(err.message)
})

xmpp.on('offline', () => {
    console.log('offline')
})

xmpp.on('stanza', async (stanza) => {
    if (stanza.is('message')) {
        await xmpp.send(xml('presence', { type: 'unavailable' }))
        await xmpp.stop()
    }
})

xmpp.on('online', async (address) => {
    // Makes itself available
    await xmpp.send(xml('presence'))

    // Sends a chat message to itself
    const message = xml('message', { type: 'chat', to: address }, xml('body', {}, 'hello world'))
    await xmpp.send(message)
})

xmpp.start().catch(console.error)

And below are the logs:

status connecting wss://localhost:5443/ws
(node:10748) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.
(Use `node --trace-warnings ...` to show where the warning was created)
status connect 
status opening 
status open <open xmlns="urn:ietf:params:xml:ns:xmpp-framing" id="9076577183396757054" version="1.0" xml:lang="en" from="localhost"/>
IN
<stream:features xmlns:stream="http://etherx.jabber.org/streams"><mechanisms xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism><mechanism>SCRAM-SHA-512</mechanism><mechanism>SCRAM-SHA-256</mechanism><mechanism>SCRAM-SHA-1</mechanism><mechanism>X-OAUTH2</mechanism></mechanisms><register xmlns="http://jabber.org/features/iq-register"/></stream:features>
IN
<failure xmlns="urn:ietf:params:xml:ns:xmpp-sasl"><not-authorized/><text xml:lang="en">Invalid username or password</text></failure>
SASLError: not-authorized - Invalid username or password
    at SASLError.fromElement (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\error\index.js:29:19)
    at Client.handler (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\sasl\index.js:54:26)
    at Client.emit (node:events:513:28)
    at Client._onElement (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\connection\index.js:105:10)
    at FramedParser.emit (node:events:513:28)
    at FramedParser.onEndElement (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\websocket\lib\FramedParser.js:36:12)
    at SaxLtx.emit (node:events:513:28)
    at SaxLtx._handleTagOpening (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\ltx\lib\parsers\ltx.js:44:14)
    at SaxLtx.write (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\ltx\lib\parsers\ltx.js:192:20)
    at FramedParser.write (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\xml\lib\Parser.js:71:17) {
  condition: 'not-authorized',
  text: 'Invalid username or password',
  application: undefined,
  element: Element {
    name: 'failure',
    parent: null,
    children: [ [Element], [Element] ],
    attrs: { xmlns: 'urn:ietf:params:xml:ns:xmpp-sasl' }
  }
}
not-authorized - Invalid username or password
SASLError: not-authorized - Invalid username or password
    at SASLError.fromElement (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\error\index.js:29:19)
    at Client.handler (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\sasl\index.js:54:26)
    at Client.emit (node:events:513:28)
    at Client._onElement (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\connection\index.js:105:10)
    at FramedParser.emit (node:events:513:28)
    at FramedParser.onEndElement (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\websocket\lib\FramedParser.js:36:12)
    at SaxLtx.emit (node:events:513:28)
    at SaxLtx._handleTagOpening (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\ltx\lib\parsers\ltx.js:44:14)
    at SaxLtx.write (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\ltx\lib\parsers\ltx.js:192:20)
    at FramedParser.write (c:\Users\greff\Desktop\repos\im\uima-desktop\node_modules\@xmpp\xml\lib\Parser.js:71:17) {
  condition: 'not-authorized',
  text: 'Invalid username or password',
  application: undefined,
  element: Element {
    name: 'failure',
    parent: null,
    children: [ [Element], [Element] ],
    attrs: { xmlns: 'urn:ietf:params:xml:ns:xmpp-sasl' }
  }
}
OUT
<auth xmlns="urn:ietf:params:xml:ns:xmpp-sasl" mechanism="SCRAM-SHA-1"><hidden xmlns="xmpp.js"/></auth>

I made sure that the user was still valid and that the endpoint in ejabberd I am pointing the client to exists an is running.

Is this a bug (probably not I think)?

greffgreff commented 1 year ago

Turns out I was specifying the domain at the end of the username while it was not necessary. admin@localhost => admin