Ejabberd OAuth / REST 401 Unauthorized

0
votes

I'm trying to request the Ejabberd REST Web Services with the /api/connected_users endpoint but the request always returns me 401 Unauthorized HTTP errors.

Here is my OAuth configuration. 

 - 
port: 5280
module: ejabberd_http
request_handlers:
  "/websocket": ejabberd_http_ws
  # OAuth Support
  "/oauth": ejabberd_oauth
  # ReST API:
  "/api": mod_http_api
web_admin: true
http_bind: true
register: true
captcha: false

...    

commands_admin_access: configure
commands:
  - add_commands: user
oauth_expire: 3600
oauth_access: all

As explained in the documentation I use the following URL to generate an OAuth 2 Access Token for the admin user.

http://localhost:5280/oauth/authorization_token?response_type=token&client_id=myclient&redirect_uri=http://localhost:5280&scope=sasl_auth

It returns me my OAuth Token.

http://localhost:5280/?access_token=oLn8Hebh051l2PdCM15tSvHrEI25CpBs&token_type=bearer&expires_in=3600&scope=sasl_auth&state=

Finally to request the api/connected_users endpoint I do the following.

curl -v -X GET -H "X-Admin: true" -H "Authorization: Bearer oLn8Hebh051l2PdCM15tSvHrEI25CpBs" http://localhost:5280/api/connected_users

But it always returns me 401 Unauthorized errors.

In my ejabberd.log file I have this. 

2016-02-09 09:47:12.177 [info] <0.497.0>@ejabberd_listener:accept:333 (#Port<0.16419>) Accepted connection 127.0.0.1:62395 -> 127.0.0.1:5280
2016-02-09 09:47:12.177 [debug] <0.546.0>@ejabberd_http:init:154 S: [{[<<"websocket">>],ejabberd_http_ws},{[<<"oauth">>],ejabberd_oauth},{[<<"api">>],mod_http_api},{[<<"register">>],mod_register_web},{[<<"admin">>],ejabberd_web_admin},{[<<"http-bind">>],mod_http_bind}]
2016-02-09 09:47:12.177 [info] <0.546.0>@ejabberd_http:init:158 started: {gen_tcp,#Port<0.16419>}
2016-02-09 09:47:12.177 [debug] <0.546.0>@ejabberd_http:process_header:281 (#Port<0.16419>) http query: 'GET' <<"/api/connected_users">>
2016-02-09 09:47:12.177 [debug] <0.546.0>@ejabberd_http:process:353 [<<"api">>,<<"connected_users">>] matches [<<"api">>]
2016-02-09 09:47:12.178 [info] <0.546.0>@mod_http_api:log:388 Admin call connected_users [] from 127.0.0.1:62395

So how to configure Ejabberd to allow the admin user to request all the Ejabberd REST Web Services ?

My users are stored in Mysql, as OAuth Tokens are stored in Mnesia could it be the problem ?

Thanks,

Baptiste

2
apirestoauthejabberd
make sure you have enabled the modules supporting the OAuth commands in ejabberd.yml in module section . provide detail log and module configuration. - Sunil Singh
Hi Sunil and thanks for your response, what you indicate is written in the docs "the modules supporting the OAuth commands you want to use", but this is the only instruction for modules and OAuth / REST I found. So what are those "modules supporting the OAuth commands" ? I do not understand what I have to do, in the configuration section of the docs docs.ejabberd.im/admin/guide/configuration their is nothing about an "OAuth" or "REST" module. Could you explain me which modules to add in the "modules" section then ? (I've added "mod_http_api" but still encounter authorization errors). - Baptiste Gaillard
@BaptisteGaillard have you solved it somehow ? I am facing same - Jakub Kuchar
I have the same problem. Please help. - J P
@BaptisteGaillard Were you able to resolve this issue? If so, please tell. - GJain

2 Answers

1
votes

Be sure you are using the @host when entering username if it's specified in that way in ejabberd.yml. I wasn't receiving any response from REST requests because I was using just admin for user, when should be admin@somehost in user name.

Please let me know if this doesn't help.

1
votes

make sure you enter correct User(jid): ( User (jid): user@hostname)

it worked for me.