powered by Jive Software

Problems with connecting to Facebook XMMP MD5-DIGEST

Hi,

I was trying to connect to newly added Facebook XMPP service with smack 3.1.0. Facebook XMPP supports MD5-DIGEST, but unfortunately it just didn’t work. After long hours I’ve found that the problem was the way SASLMechanism class creates sasl client, i.e

public void authenticate(String username, String host, String password) throws IOException, XMPPException {

//Set the authenticationID as the username, since they must be the same in this case.
this.authenticationId = username;

sc = Sasl.createSaslClient(mechanisms, username, “xmpp”, host, props, this);
authenticate();

}

The *userName *is passed as authorizationId parameter. The result was an error: “SASL authentication failed using mechanism DIGEST-MD5”.

The fix was to pass null as authorizationId (instead of userName) which sorted the things out and I was able to connect.

sc = Sasl.createSaslClient(mechanisms, null, “xmpp”, host, props, this);

Did anyone else faced the same issue?

Should smack be patched?

Regards,

Gennady

I’ve made the recommended change and recompiled the JARs, but I’m still getting this same error when trying to connect to Facebook chat. Would you mind sharing some snippets of code? I think I have everything (server/port/etc) correct, but it’s not authenticating.

EDIT: Making the changes in this thread:

http://www.igniterealtime.org/community/thread/35976

and recompiling seems to have fixed my problem. Thanks a ton for this thread!

You are right, I forgot to mention that applied this patch either.

BTW, pay attention that Sasl.createSaslClient appears in multiple places depending on which athenticate(…) method is called.

Are there plans to make an official release of 3.1.1 , there is a nice number of changes accumulated since 3.1.0?

Gennady.

Hi I was trying to connect to facebook via their xmpp server. I also encountered the same errors you guys have. Based on your exchanges here it seems that you already have fixed the problem. Can you help me out with it also? Did you recompile smack library setting the username on authenticate method to null? I just got confused. By the way this is how I’m trying to connect to facebook, based on the thread you’ve provided there are times that we need to provided @domain on the username. How about in facebook case?

org.jivesoftware.smack.ConnectionConfiguration configuration = new org.jivesoftware.smack.ConnectionConfiguration(“chat.facebook.com”, 5222);

org.jivesoftware.smack.XMPPConnection connection = new org.jivesoftware.smack.XMPPConnection(configuration);

connection.connect();

connection.login(“username”, “password”);

or should I used

connection.login("username@chat.facebook.com", “password”);

Thanks guys.

You coud take the sources from http://svn.igniterealtime.org/svn/repos/smack/trunk

modify SASLMechanism class: fix all Sasl.createSaslClient calls to pass 2nd param as null instead of username

and build your own copy of the library (with ant from build directory)

The problem is that SASLMechanism is the base class for all mechanisms (plain, cramMD5, etc.) and I am not sure how this change will affect them. Futhermore I am not sure that passing username is wrong at all and probably it’s a bug of facebook xmpp implementation.

So the other solution is to provide your own compact DigestMD5 implementation that extends SASLMechanism, but overrides authenticate() methods. I am attaching such an implementation. Then you can call it as :

SASLAuthentication.registerSASLMechanism(“DIGEST-MD5”, MySASLDigestMD5Mechanism.class);
ConnectionConfiguration config = new ConnectionConfiguration(“chat.facebook.com”, 5222);
connection = new XMPPConnection(config);

connection.connect();
connection.login(userName, pwd); // user name should not contain @chat

Gennady
MySASLDigestMD5Mechanism.java.zip (1036 Bytes)

Thanks for the reply. I’ll try to use it. I will also try to modify SASLDigestMD5Mechanism for this purpose. I actually thought that the reason why facebook is returning failure was because of wrong base64 encoding of challenge - response on login.

Edit:2

Got it working thanks for the sample class.

Edit:1

I tried your solution but still getting the failed authentication it seems I need to check out on SVN first. It is quite a while since I updated my sources.

I am using asmack to connect to Facebook and it works like a charm. You can also use asmack in desktio environments. You can find asmack on github.

Thanks for the patch it works fine for me in case of using DIGEST-MD5 authentication!

Unfortunatelly in our solution we need to connect to facebook via the FB-connect solution or so called X-FACEBOOK-PLATFORM mechanism

(for more info look: http://wiki.developers.facebook.com/index.php/Integrating_with_Facebook_Chat)

So this is a new authentication method and I try to register this auth method like mentioned in the smack documentation with

registerSASLMechanism(String, Class)

supportSASLMechanism(String, int)

But I get a null pointer exception from the Sasl.createSaslClient(mechanisms, null, “xmpp”, hostname, props, this); call in the SASLMechanism.authentication() method, because the X-FACEBOOK-PLATFORM mechanism is not in the “Securtiy Provider” list, like DIGEST-MD5.

Do you have any help why the registration doesnt work or what I can do to get the facebook authentication mechanism to run???

THANKS a lot in advance!

best regards,

Manuel

PS: here are the last lines from the stack trace:

java.lang.NullPointerException
at org.jivesoftware.smack.sasl.SASLMechanism.authenticate(SASLMechanism.java:117)
at communityConnections.MySASLFacebookMechanism.authenticate(MySASLFacebookMechani sm.java:34)
at communityConnections.MySASLFacebookMechanism.authenticate(MySASLFacebookMechani sm.java:45)
at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 308)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)
at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:349)

@@dereulenspiegel

Thanks for the suggestion. I will let some of my friends to do the working since they are more focus on Android dev. then I’m going to see if what class I can integrate with my own requirements.

Edit:

Found out the asmack is using other libraries like from novell and all opensource. They are also using another implementation of creating saslclient but inline with smack. This is good specially apps targeting Android platform.

Hi Manuel,

X-FACEBOOK-PLATFORM is a custom SASL mechanims provided by Facebook itself. Take note that in this challenge-response mechanism is under UTF-8 encoding and not the standard way of sending packets of XMPP which is Base64 encoded. Also please take note that you need your account to have permission on it. I will try to use this approach but I guess I need to register first an application to facebook before anything else.

Hello Julian,

thanks for your response! you are right, first you have to register an application on facebook to get started! this is done pretty fast!

I already considered your mentioned points:

  • I have the permission to interact with the fb chat,

  • and the UTF-8 encoding is not a problem, since messaging with MD5-DIGEST authentication already works!

Its more a problem with the smack lib to register this new custom authentication method from FB …I know that I have to write my own SASLMechanism

class to be able to respone to the specific FB behavior. BUT it fails when I want to receive a valid SaslClient from the lib!

EDIT:

looks like it is not possible to register any costum authentication method which is NOT based on something like MD5 etc. -> so I am playing around with SASLAnonymous, where I try to send my special FB responses!

would be cool to hear soon from your experience with fb xmpp connect authentication!

regards,

Manuel

Any luck with supporting the “X-FACEBOOK-PLATFORM” authentication?

Thanks.

yeahh I used the SASLPlainMechanism to implement my own authentication process.

I had quite big problems in the beginning but I could solve it!

you may want to look also on http://forum.developers.facebook.com/viewtopic.php?id=51892

for information

good luck, Askin

Hello Gennady , thanx a bunch for all the help you are sharing on your topics , whatever i’m running out of time & means

i’ve developped a class which is supposed to interact with facebook following what you’ve said , ( I have successfully done the stuff for GTALK) but i really need to come over the facebook challenge , well here is my source code , if you have any notice please keep me up to date guys :slight_smile:

actually , i’ve used the MD5 class given above : mysalsdigestmd5mechanism.class

PLEAASE HELP :slight_smile:

**import org.jivesoftware.smack.RosterEntry; **

import

**import org.jivesoftware.smack.XMPPException; **

import

org.jivesoftware.smack.packet.Message;

public

/**

  • **@param args **

*/

// **TODO Auto-generated method stub **

// peut etre un probleme au niveau des utilisateurs

FacebookChat(

}

{

//FACEBOOK AUTHENTIFICATION

SASLAuthentication.registerSASLMechanism(

ConnectionConfiguration config =

XMPPConnection connection =

connection.connect();

}

// **TODO Auto-generated catch block **

e4.printStackTrace();

}

connection.login(username, password);

}

// **TODO Auto-generated catch block **

e3.printStackTrace();

}

// user name should not contain @chat

// TRUE POUR FACEBOOK , FALSE POUR GTALK , en fait facebook uses MD5 , pas GTALK :wink: plain authentification

// config.setSASLAuthenticationEnabled(true);

connection.connect();

}

// **TODO Auto-generated catch block **

e2.printStackTrace();

}

/* Connect to the XMPP server */

connection.login(username,password);

}

// **TODO Auto-generated catch block **

e1.printStackTrace();

}

/* Login to the IM service */

Chat chat = connection.getChatManager().createChat(destination,

chat.sendMessage(message);

}

// **TODO Auto-generated catch block **

e.printStackTrace();

}

/* Send the message */

connection.disconnect() ;

//Disconnect 8

}

__public __void processMessage(Chat chat,Message message) /*Callback method from MessageListener interface . It is called when a message is received */ ____

{

System.

}

}

Youssef

out.println("Received message: " + message.getBody());

catch (XMPPException e) {

try {

new SimpleTalking());

catch (XMPPException e1) {

try {

catch (XMPPException e2) {

try {

catch (XMPPException e3) {

try {

catch (XMPPException e4) {

try {

new XMPPConnection(config);

new ConnectionConfiguration(“chat.facebook.com”, 5222);

“DIGEST-MD5”, MySASLDigestMD5Mechanism.class);

public static void FacebookChat(String username , String password , String destination , String message )

sender@domain.com,“Password”,Destinator@domain.com,“Yes !! it’s done ;)”);

Best regardss

public static void main(String[] args) {

class SimpleTalking implements MessageListener {



import org.jivesoftware.smack.XMPPConnection;

org.jivesoftware.smack.SASLAuthentication;


import org.jivesoftware.smack.Roster;

import org.jivesoftware.smack.MessageListener;

import org.jivesoftware.smack.ConnectionConfiguration;

import org.jivesoftware.smack.Chat;

import java.io.*;

import java.util.*;

@Askin,

I’m trying to using asmack to use facebook X-FACEBOOK-PLATFORM as authentication, could you please explain how I could accomplish this?

If found a project called fbgc on Google Code that helped me add support for X-FACEBOOK-PLATFORM to my application. Look at the files FacebookConnectSASLMechanism.java and SessionHandlerImpl.java for an example implementation.

Note though that you need both xmpp_login and offline_access permissions for it to work. Took me a few hours to realize…

Could someone please tell me how to generate the secret session key? I tried,

Bundle parameters1 = new Bundle();

parameters1.putString(“api_key”, “77159c8a694c6a7fae3627261cd2e5c5”);

parameters1.putString(“v”, “1.0”);

parameters1.putString(“auth_token”, authenticatedFacebook.getAccessToken());

parameters1.putString(“generate_session_secret”, “1”);

parameters1.putString(“method”,“auth.getSession”);

Bundle parameters1 = new Bundle();

parameters1.putString(“api_key”, “77159c8a694c6a7fae3627261cd2e5c5”);

parameters1.putString(“v”, “1.0”);

parameters1.putString(“auth_token”, authenticatedFacebook.getAccessToken());

parameters1.putString(“generate_session_secret”, “1”);

parameters1.putString(“method”,“auth.getSession”);

But it didn’t work. I know it’s easy, but I’m finding it hard. :S

Please could you post some sample code where you demonstrate fully

the login process? So far the lack of documentation at facebook was really frustrating and

you could help me a lot with a small post. Thx in advance.

Attached is the class that I made for handling the X-FACEBOOK-PLATFORM mechanism. Most of it is borrowed from the fbgc project on Google Code.

Add that class to your application, and then do something like this:

SASLAuthentication.registerSASLMechanism(SASLXFacebookPlatformMechanism.NAME, SASLXFacebookPlatformMechanism.class);
SASLAuthentication.supportSASLMechanism(SASLXFacebookPlatformMechanism.NAME, 0); ConnectionConfiguration config = new ConnectionConfiguration("chat.facebook.com", 5222); XMPPConnection connection = new XMPPConnection(config);
connection.connect();
connection.login(apiKey + "|" + sessionKey, applicationSecret, "Client Name");

Again, note that you need to request both xmpp_login and offline_access permissions, or else the authentication will always fail, even if you do everything else right.
SASLXFacebookPlatformMechanism.java.zip (1881 Bytes)

You don’t generate the session key, it is returned to your application after a successful Facebook Connect authentication. So with the JavaScript SDK you would do something like this:

FB.login(function(response) {
     if (response.session) {
          alert("Session key: " + response.session.session_key);
     }
}, {perms:"xmpp_login,offline_access"});

EDIT: If you’re not using the JavaScript SDK you can extract the session key from the access token. The access token looks like this “something|sessionKey|somethingElse”, so all you need to do is to extract whatever is in between the pipes ( | ). Note though that you need to be using the new Graph API. I have no idea if you can get the correct session key when using the old REST API.