ejabberd denies generating token

0
votes

I have read all questions and answers what I can find, but oauth still not working. this is config ejabberd.yml.

 port: 5280
module: ejabberd_http
request_handlers:
  "/websocket": ejabberd_http_ws
  "/log": mod_log_http
  # OAuth support:
  "/oauth": ejabberd_oauth
  # ReST API:
  "/api": mod_http_api
##  "/pub/archive": mod_http_fileserver
web_admin: true
http_bind: true
## register: true
captcha: false
commands_admin_access: configure
commands:
  - add_commands: user
oauth_expire: 3600
oauth_access: all

http://192.168.217.128:5280/oauth/authorization_token?response_type=token&client_id=somclient&redirect_uri=http://192.168.217.128:5280&scope=sasl_auth

when I open this url shows html form, where I write jid,password and Token TTL(one hours). after clicking accept url redirecting http://192.168.217.128:5280/?error=access_denied&state=

What I am doing wrong?

I think this specific parameters place is wrong. If its like this, I do not understand where to put.

commands_admin_access: configure
commands:
  - add_commands: user
oauth_expire: 3600
oauth_access: all

Sorry for my english.

2
oauthejabberdcentos7

2 Answers

0
votes

You probably do not have proper credentials ACL defined for all. That mean oauth_access is probably denied.

0
votes

This is top level option (like for example api_permission), it shouldn't be in any section, it should start at begin of a line.

You are supposed to make oauth_access top level as well, so you should have:

oauth_access: all

api_permission:
   "abc":
    ...

Reference link: https://github.com/processone/ejabberd/issues/1661