Is OAuth broken?
eloo opened this issue · 0 comments
eloo commented
I've tested the OAuth mechanism but it seems the implementation is broken.
After a while of testing i got it work with the following changes to xmpp.go
if m == "X-HIPCHAT-OAUTH2" && o.OAuthToken != "" {
mechanism = m
// Oauth authentication: send base64-encoded \x00 token \x00 resource.
raw := "\x00" + o.OAuthToken + "\x00" + o.Resource
enc := make([]byte, base64.StdEncoding.EncodedLen(len(raw)))
base64.StdEncoding.Encode(enc, []byte(raw))
outString := fmt.Sprintf("<auth xmlns='http://hipchat.com' node='http://hipchat.com/client/mac' ver='22' mechanism='oauth2'>%s</auth>", enc)
fmt.Println(outString)
fmt.Fprint(c.conn, outString)
break
}
if m == "PLAIN" && o.Password != "" {
mechanism = m
// Plain authentication: send base64-encoded \x00 user \x00 password.
raw := "\x00" + user + "\x00" + o.Password
enc := make([]byte, base64.StdEncoding.EncodedLen(len(raw)))
base64.StdEncoding.Encode(enc, []byte(raw))
fmt.Fprintf(c.conn, "<auth xmlns='%s' mechanism='PLAIN'>%s</auth>\n", nsSASL, enc)
break
}
now i'm receiving the following output
<success xmlns='urn:ietf:params:xml:ns:xmpp-sasl' jid='<jid_number>@chat.btf.hipchat.com/bot||proxy|<myHost>|<number>' api_host='<myHost>' chat_host='chat.btf.hipchat.com' muc_host='conf.btf.hipchat.com' web_host='<myHost>'/>
but the client throws still an error
another implementation of the oauth could be found here
dane/hipchat@74f6164
is anyone using oauth in xmpp?