can't authorize via dynamic wampcra

#1

Hey guys. i have problems in authorize via wampcra with dynamic credentials.
Every time i try to authorize from frontend i get following console message:

AutobahnJS debug enabled autobahn.min.jgz:20:182
trying to create WAMP transport of type: websocket autobahn.min.jgz:33:1
using WAMP transport type: websocket autobahn.min.jgz:33:1

WebSocket
transport send [1,“realm1”,{“roles”:{“caller”:{“features”:{“caller_identification”:true,“progressive_call_results”:true}},“callee”:{“features”:{“progressive_call_results”:true}},“publisher”:{“features”:{“subscriber_blackwhite_listing”:true,“publisher_exclusion”:true,“publisher_identification”:true}},“subscriber”:{“features”:{“publisher_identification”:true}}},“authmethods”:[“wampcra”],“authid”:“itchy”}] autobahn.min.jgz:33:1

WebSocket
transport receive [4,“wampcra”,{“keylen”:64,“challenge”:"{“nonce”: “u/5TRcJ3JdG2j40Y”, “authprovider”: “dynamic”, “authid”: “itchy”, “timestamp”: “2015-10-07T14:35:30.297Z”, “authrole”: “frontend”, “authmethod”: “wampcra”, “session”: 1419184072723504}",“salt”:“1234567890”,“iterations”:10000}] autobahn.min.jgz:33:1

WebSocket transport send [5,“QVlOsmNUDFGiYTrvYjHUtKrmJmDhWdN7SxcAez+381Q=”,{}] autobahn.min.jgz:33:1
WebSocket transport receive [3,{“message”:“signature is invalid”},“wamp.error.not_authorized”] autobahn.min.jgz:33:1

This are the Login credetials for testing:

name: itchy

password: 1234

I use python code for athentificator as below:

def authenticate(realm, authid, details):
print('AUTHID: ’ + authid)
rows = mysql.execute(‘select’,‘SELECT secret,salt FROM users WHERE name = %s’, [authid] )

        if len(rows) == 1:
            # return a dictionary with authentication information ...
            print('secret:' + rows[0][0] + ' , salt:' + rows[0][1])
            return { 'secret': rows[0][0], 'salt': rows[0][1], 'role': 'frontend', 'iterations': 10000, 'keylen': 64 }
        else:
            raise ApplicationError("de.XYZ.no_such_user", "could not authenticate session - no such user {}".format(authid))

``

The
print(secret + salt) statement on line 7 shows the right credetials from mysql. The secret is the pbkdf2-hashed value (the returned value below).

My python function to create the hash is the following (simple version):

import hashlib, binascii

pwd = u'1234'
salt = u'1234567890'
iter = 10000 keylen = ````64 ``dk = hashlib.pbkdf2_hmac(‘sha256’, pwd, salt, iter, keylen)
binascii.hexlify(dk)

returns: 'e3ffec210b7a1c17060556e781deb92d618aa96a58f67d99f2cdef325f189230a4aa2771a4acdbf

#b779e37f65d01c6372dc25ebb9ffb1fed7ae3d54477ceeaff

``

In frontend i use the standard function from docs:

    var user = "itchy";
    var key = "1234";

    // this callback is fired during WAMP-CRA authentication
    //
    function onchallenge (session, method, extra) {
       if (method === "wampcra") {
         return autobahn.auth_cra.sign(key, extra.challenge);
       }
    }

    var connection = new autobahn.Connection({
       url: 'ws://127.0.0.1:8080/ws',
       realm: 'realm1',

       // the following attributes must be set of WAMP-CRA authentication
       authmethods: ["wampcra"],
       authid: user,
       onchallenge: onchallenge
    });

``

Please show me my fault. I have no idea what to do. Maybe i use a wrong pbkdf2-hash. Thanks!

0 Likes