Authentication when opening a websocket connection.

#1

Hi ,

From what i understood, that we need to create another ApplicationSession which would attach to a Container component.

I have copied the authenticator.py code to create the ApplicationSession:

class MyAuthenticator(ApplicationSession):

PRINCIPALS_DB = {

‘joe’: {

‘ticket’: ‘secret!!!’,

‘role’: ‘frontend’

}

}

@inlineCallbacks

def onJoin(self, details):

def authenticate(realm, authid, ticket):

print(“MyAuthenticator.authenticate called: realm = ‘{}’, authid = ‘{}’, ticket = ‘{}’”.format(

realm, authid, ticket))

if authid in self.PRINCIPALS_DB:

if ticket == self.PRINCIPALS_DB[authid][‘ticket’]:

return self.PRINCIPALS_DB[authid][‘role’]

else:

raise ApplicationError(

“com.chat.invalid_ticket”, “could not authenticate session - invalid ticket ‘{}’ for principal {}”.format(ticket, authid))

else:

raise ApplicationError(

“com.chat.no_such_user”, “could not authenticate session - no such principal {}”.format(authid))

try:

yield self.register(authenticate, ‘com.chat.authenticate’)

print(“custom Ticket-based authenticator registered”)

except Exception as e:

print(

“could not register custom Ticket-based authenticator: {0}”.format(e))

However, the config.json file given is the examples is pretty outdated as it says we should just add role to component, however it is not an attribute in configyration anymore.

This is currently my config.json file

{

“controller”: {

},

“workers”: [

{

“type”: “router”,

“options”: {

“pythonpath”: ["…"]

},

“realms”: [

{

“name”: “realm1”,

“roles”: [

{

“name”: “authenticator”,

“permissions”: [

{

“uri”: “chat.chat.authenticate”,

“register”: true

}

]

},

{

“name”: “backend”,

“permissions”: [

{

“uri”: “*”,

“publish”: true,

“subscribe”: true,

“call”: true,

“register”: true

}

]

}

]

}

],

“transports”: [

{

“type”: “web”,

“endpoint”: {

“type”: “tcp”,

“port”: 8080

},

“paths”: {

“/”: {

“type”: “static”,

“directory”: “…/chat/web”

},

“ws”: {

“type”: “websocket”,

“auth”: {

“ticket”: {

“type”: “dynamic”,

“authenticator”: “chat.authenticator.authenticate”

}

}

}

}

}

]

},

{

“type”: “container”,

“options”: {

“pythonpath”: ["…"]

},

“components”: [

{

“type”: “class”,

“classname”: “chat.authenticator.MyAuthenticator”,

“realm”: “realm1”,

“transport”: {

“type”: “websocket”,

“endpoint”: {

“type”: “tcp”,

“host”: “127.0.0.1”,

“port”: 8080

},

“url”: “ws://127.0.0.1:8080/ws”,

“debug”: false

}

},

{

“type”: “class”,

“classname”: “chat.chat.ChatSession”,

“realm”: “realm1”,

“transport”: {

“type”: “websocket”,

“endpoint”: {

“type”: “tcp”,

“host”: “127.0.0.1”,

“port”: 8080

},

“url”: “ws://127.0.0.1:8080/ws”,

“debug”: false

}

}

]

}

]

}

This is inside my chat.py file

from twisted.internet import defer

from twisted.internet.defer import inlineCallbacks

from autobahn.twisted.util import sleep

from autobahn.twisted.wamp import ApplicationSession

from crossbar.router.session import RouterSession

class ChatSession(ApplicationSession):

‘’’

The main Application

‘’’

@inlineCallbacks

def onJoin(self, details):

Events

Procedures

def getMessages(chat_id):

‘’’

Get the active chats

‘’’

Replace with a call to the API

return NotImplemented

Subscriptions

yield self.subscribe(onMessageCreate, ‘com.chat.messages’)

print(‘Subscribe to new messages from clients’)

yield self.register(getMessages, ‘com.chat.get_messages’)

print(“Procedure get_messages() registered for client to use.”)

When i try to run my crossbar.io app, it doesnt finish up loading my subscriptions from any of my applicationSession.

Any help would be highly appreciated :slight_smile:

Regards

Harshad

0 Likes

#2

Well after hours of headache, i ended up updating the crossbar to version 0.10.1 which made it, however docs still needs to be updated.

···

On Friday, 16 January 2015 15:53:37 UTC+11, harshad bhatia wrote:

Hi ,

From what i understood, that we need to create another ApplicationSession which would attach to a Container component.

I have copied the authenticator.py code to create the ApplicationSession:

class MyAuthenticator(ApplicationSession):

PRINCIPALS_DB = {

‘joe’: {

‘ticket’: ‘secret!!!’,

‘role’: ‘frontend’

}

}

@inlineCallbacks

def onJoin(self, details):

def authenticate(realm, authid, ticket):

print(“MyAuthenticator.authenticate called: realm = ‘{}’, authid = ‘{}’, ticket = ‘{}’”.format(

realm, authid, ticket))

if authid in self.PRINCIPALS_DB:

if ticket == self.PRINCIPALS_DB[authid][‘ticket’]:

return self.PRINCIPALS_DB[authid][‘role’]

else:

raise ApplicationError(

“com.chat.invalid_ticket”, “could not authenticate session - invalid ticket ‘{}’ for principal {}”.format(ticket, authid))

else:

raise ApplicationError(

“com.chat.no_such_user”, “could not authenticate session - no such principal {}”.format(authid))

try:

yield self.register(authenticate, ‘com.chat.authenticate’)

print(“custom Ticket-based authenticator registered”)

except Exception as e:

print(

“could not register custom Ticket-based authenticator: {0}”.format(e))

However, the config.json file given is the examples is pretty outdated as it says we should just add role to component, however it is not an attribute in configyration anymore.

This is currently my config.json file

{

“controller”: {

},

“workers”: [

{

“type”: “router”,

“options”: {

“pythonpath”: ["…"]

},

“realms”: [

{

“name”: “realm1”,

“roles”: [

{

“name”: “authenticator”,

“permissions”: [

{

“uri”: “chat.chat.authenticate”,

“register”: true

}

]

},

{

“name”: “backend”,

“permissions”: [

{

“uri”: “*”,

“publish”: true,

“subscribe”: true,

“call”: true,

“register”: true

}

]

}

]

}

],

“transports”: [

{

“type”: “web”,

“endpoint”: {

“type”: “tcp”,

“port”: 8080

},

“paths”: {

“/”: {

“type”: “static”,

“directory”: “…/chat/web”

},

“ws”: {

“type”: “websocket”,

“auth”: {

“ticket”: {

“type”: “dynamic”,

“authenticator”: “chat.authenticator.authenticate”

}

}

}

}

}

]

},

{

“type”: “container”,

“options”: {

“pythonpath”: ["…"]

},

“components”: [

{

“type”: “class”,

“classname”: “chat.authenticator.MyAuthenticator”,

“realm”: “realm1”,

“transport”: {

“type”: “websocket”,

“endpoint”: {

“type”: “tcp”,

“host”: “127.0.0.1”,

“port”: 8080

},

“url”: “ws://127.0.0.1:8080/ws”,

“debug”: false

}

},

{

“type”: “class”,

“classname”: “chat.chat.ChatSession”,

“realm”: “realm1”,

“transport”: {

“type”: “websocket”,

“endpoint”: {

“type”: “tcp”,

“host”: “127.0.0.1”,

“port”: 8080

},

“url”: “ws://127.0.0.1:8080/ws”,

“debug”: false

}

}

]

}

]

}

This is inside my chat.py file

from twisted.internet import defer

from twisted.internet.defer import inlineCallbacks

from autobahn.twisted.util import sleep

from autobahn.twisted.wamp import ApplicationSession

from crossbar.router.session import RouterSession

class ChatSession(ApplicationSession):

‘’’

The main Application

‘’’

@inlineCallbacks

def onJoin(self, details):

Events

Procedures

def getMessages(chat_id):

‘’’

Get the active chats

‘’’

Replace with a call to the API

return NotImplemented

Subscriptions

yield self.subscribe(onMessageCreate, ‘com.chat.messages’)

print(‘Subscribe to new messages from clients’)

yield self.register(getMessages, ‘com.chat.get_messages’)

print(“Procedure get_messages() registered for client to use.”)

When i try to run my crossbar.io app, it doesnt finish up loading my subscriptions from any of my applicationSession.

Any help would be highly appreciated :slight_smile:

Regards

Harshad

0 Likes