I'm using wokkel.client.XMPPClient
to automatically authenticate my site's users to the XMPP server so that their vCards may be set.
However, when I try to authenticate with users who have escaped characters in their JIDs (specifically \40
for @
) I get a SASLAuthError
.
Twisted gives the following log messages:
Starting factory <twisted.words.protocols.jabber.xmlstream.XmlStreamFactory object at 0xc7f1c90>
SEND: "<stream:stream xmlns:stream='http://etherx.jabber.org/streams' xmlns='jabber:client' to='chat.myserver.com' version='1.0'>"
RECV: "<?xml version='1.0'?><stream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='4213779102' from='chat.myserver.com' version='1.0' xml:lang='en'>"
RECV: "<stream:features><starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>DIGEST-MD5</mechanism><mechanism>PLAIN</mechanism></mechanisms><c xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='YUDz8u9BV6d/pR9YmuUwklKsq6c='/><register xmlns='http://jabber.org/features/iq-register'/></stream:features>"
SEND: "<auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='DIGEST-MD5'/>"
RECV: "<challenge xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>bm9uY2U9IjEyMzc1OTIwNjEiLHFvcD0iYXV0aCIsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M=</challenge>"
SEND: "<response xmlns='urn:ietf:params:xml:ns:xmpp-sasl'>dXNlcm5hbWU9IndlYndvcmthZG1pblw0MHN0YXJhbGxpYW5jZS5jb20iLG5vbmNlPSIxMjM3NTkyMDYxIixkaWdlc3QtdXJpPSJ4bXBwL2NoYXQuc3RhcmFsbGlhbmNlLmNvbSIsY2hhcnNldD11dGYtOCxyZWFsbT0iY2hhdC5zdGFyYWxsaWFuY2UuY29tIixxb3A9YXV0aCxjbm9uY2U9IjU3NmU5MDcwMGYxYWZkZWM4N2E5MTAyYTM0ZjBjZWU1IixuYz0wMDAwMDAwMSxyZXNwb25zZT0wMjc2NTVlMWVlYjEzNTExNGQ1MGE5MDVhZTZmMWI5Mg==</response>"
RECV: "<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/></failure>"
Ejabberd's log gives the following output:
=INFO REPORT==== 2013-08-27 16:58:20 ===
I(<0.6053.0>:ejabberd_c2s:733) : ({socket_state,gen_tcp,#Port<0.12456>,<0.6052.0>}) Failed authentication for [email protected]
=INFO REPORT==== 2013-08-27 16:58:20 ===
D(<0.6053.0>:ejabberd_c2s:1456) : Send XML on stream = <<"<failure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><not-authorized/></failure>">>
What I find interesting from the ejabberd log is that the escaped character \40
is shown as only 40
. This is what made me realise that this has to do with the fact that there is an escaped character in the first place.
Users without escaped characters in their JIDs authenticate fine.
As far as I can tell, my JID is correctly escaped, so I assume this must be a bug somewhere during the authentication routine.
(Pdb) pp jid
JID(u'jeff\\[email protected]')
I tried to dive into the Wokkel and Twisted code to debug this further but without luck.
Any help would be greatly appreciated.