ejabberd - Comments for "ejabberd api oauth help"

That error says that erlang

badlop — Thu, 22 Jun 2017 08:11:26 +0000

That error says that erlang couldn't fin the definition of the function authorize_password with three arguments in a module called oauth2. This usually means it couldn't find the file oauth.beam. That module is included in a dependency that ejabberd source code downloads automatically during compillation, or is already included in the binary installers.

No dice :( I pretty much copy

captainparrot — Tue, 20 Jun 2017 15:20:45 +0000

No dice :(

I pretty much copy pasted the above config (and checked the docs) but got this error:


root@host:/etc/ejabberd# ejabberdctl oauth_issue_token admin@domain.com 3600 "sasl_auth"
Problem 'error undef' occurred executing the command.
Stacktrace: [{oauth2,authorize_password,
                     [{<<"admin">>,<<"domain.com">>},
                      [<<"sasl_auth">>],
                      admin_generated],
                     []},
             {ejabberd_oauth,oauth_issue_token,3,
                             [{file,"src/ejabberd_oauth.erl"},{line,138}]},
             {ejabberd_ctl,call_command,4,
                           [{file,"src/ejabberd_ctl.erl"},{line,324}]},
             {ejabberd_ctl,try_call_command,4,
                           [{file,"src/ejabberd_ctl.erl"},{line,298}]},
             {ejabberd_ctl,process2,4,
                           [{file,"src/ejabberd_ctl.erl"},{line,247}]},
             {ejabberd_ctl,process,2,
                           [{file,"src/ejabberd_ctl.erl"},{line,225}]},
             {rpc,'-handle_call_call/6-fun-0-',5,
                  [{file,"rpc.erl"},{line,187}]}]

Would this be a bug to be reported?

> Edit: Reading through the

badlop — Tue, 20 Jun 2017 09:02:53 +0000

> Edit: Reading through the docs again, I wonder if this way is tied to an application which is listening for it? So the redirect?

Looking at the documentation, it seems so.

Configure access like this:

commands_admin_access: configure
commands:
  - add_commands:
    - user
    - restricted
oauth_expire: 3600
oauth_access: all

Then you can run this in a shell:

$ ejabberdctl oauth_issue_token user1@localhost 3600 "sasl_auth"                                                                                         
WzUlRPPxSF6M6KVxCl2Mgw74UrtNCbFn        [<<"sasl_auth">>]       3600 seconds

Then, if that's good, you can enable some module to run this command from somewhere else, like ejabberd_xmlrpc or mod_rest.

Oh, okay. I removed the

captainparrot — Mon, 19 Jun 2017 18:26:38 +0000

Oh, okay. I removed the reverse proxy for now. I am now calling http.

So i can now get a webpage when i put this in a browser

http://domain.com:5280/oauth/authorization_token?response_type=token&cli...

and when i try to log in, I get redirected to this url

http://domain.com:5280/oauth/authorization_token

But I get a "connection was reset" error. I do not have a firewall or anything blocking connection in use

Edit: Reading through the docs again, I wonder if this way is tied to an application which is listening for it? So the redirect? My intension was just to recieve a token so I could use it in a script

Edit2: Here is any relevant updated config parts:

listen:
  - 
    port: 4560
    module: ejabberd_xmlrpc
    access_commands: {}

  -
    port: 5280
    ip: "0.0.0.0"
    module: ejabberd_http
    request_handlers:
    ##   "/pub/archive": mod_http_fileserver
      "/websocket": ejabberd_http_ws
      "/log": mod_log_http
      # OAuth support:
      "/oauth": ejabberd_oauth
      # ReST API:
      "/api": mod_http_api
    web_admin: true
    http_poll: true
    http_bind: true
    ## register: true
    captcha: true

disable_sasl_mechanisms: ["digest-md5"]
command_admin_access: xmlrpc

acl:
  admin:
     user:
         - "admin": "domain.com"

  xmlrpc:
     user:
         - "admin": "domain.com"

access:
  xmlrpc:
    xmlrpc: allow

modules:
  mod_rest: {}
  mod_admin_extra: {}

The listener in port 5281 is

badlop — Mon, 19 Jun 2017 16:00:37 +0000

The listener in port 5281 is not configured to use any encryption, but later in curl you request an https page.