powered by Jive Software

Problems with connecting to Facebook XMMP MD5-DIGEST

interesting!keep it up!

I have still one problem… how do i use the getchat command then? I’ve tried an userID like this:

newChat = chatmanager.createChat(“10430122958887”, new MessageListener() {

put @chat.facebook.com after it, but it doesn’t send any messages. Tried full name. How did you do this?


solved! Just put in “-@chat.facebook.com” don’t forget the “-”

i almost came with the solution but u got it before…great!

if u have any problem further related to chat try this (its from my project):

private class messageProcessor implements MessageListener

            Chat chat;//chat variable
            public messageProcessor(String address)//constructor recieving the address of the participant
                chat = connection.getChatManager().createChat(to, this);
            public void processMessage(Chat chat, Message message)
                            Thread.sleep (3000);
                        catch(Exception ex){};
                        if(message.getType() == Message.Type.chat)
                            if(message.getBody ()!=null)
            public void sendMessage(String message) throws XMPPException
                try{Thread.sleep (600);}catch(Exception ex){};

HI ,

I tried the same thing .

Changed the smack library . Added null

sc = Sasl.createSaslClient(mechanisms, null, “xmpp”, host, props, this);

on all locations .

Still I am getting not authorized . Do we need to enable any thing like xmpp_login ?

Am I missing some thing

not clear enough what u tried to say or supposed to do.if u r trying to connect to Facebook than just scroll upward & u will find a solution posted by me! that worked for me & others & hope will for u too!dont forget to like my solution!

Thanks what I found was it was not working for some logins .

Just now Now it is working .



HI ,

I have a doubt with X-FACEBOOK.

I am confused with the login behaviour of the same .Is it possible to write applications such as chat bots with this mechanism .What is the relation to session key and chat Can a chat application using this mechanim, send message to a face book user .




recently I try to connect Facebook Chat with smack.

I try all solutions everyone mentioned.

But I always got error message “failed using mechanism DIGEST-MD5:” and sometimes it just worked with the same code.

Can you help me to deal with this problem?



I am getting following error


at org.jivesoftware.smack.sasl.SASLMechanism.authenticate(SASLMechanism.java:117)

at MySASLDigestMD5Mechanism.authenticate(MySASLDigestMD5Mechanism.java:43)

at org.jivesoftware.smack.SASLAuthentication.authenticate(SASLAuthentication.java: 308)

at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:395)

at org.jivesoftware.smack.XMPPConnection.login(XMPPConnection.java:349)

my code is


MySASLDigestMD5Mechanism. class);

ConnectionConfiguration config = new ConnectionConfiguration(“chat.facebook.com”,5222);


config.setRosterLoadedAtLogin (true);

XMPPConnection connection = new XMPPConnection(config);



connection.login(“xxxxxxxxx”, “xxxxxx”);

How to do it, Please explain, Its urgent…

SASL authentication DIGEST-MD5 failed: not-authorized:

hi, I’m trying to using your file. but : SASL authentication DIGEST-MD5 failed: not-authorized.

my code:

SASLAuthentication.registerSASLMechanism(“DIGEST-MD5”, MySASLDigestMD5Mechanism1.class);

SASLAuthentication.supportSASLMechanism(“DIGEST-MD5”, 0);

config = new ConnectionConfiguration(“chat.facebook.com”, 5222, “chat.facebook.com”);






conn = new XMPPConnection(config);

try {





conn.login(username, pd, “leolee.com”);

} catch (XMPPException e) {

// TODO Auto-generated catch block



thank you.

Hi there!!

I’m quite new at this. I downloaded your file and I am get an error with your las sentence:


It’s all the time saying that the method send is not applicable for the type String. What is wrong with this???

I just want to try and connect with FB and I see that many of those who have used your file now can connect properly.

Thanks in advance.

I used your code but it no longer worked so I patched it at little and am returning it to the community. It works like a charm for facebook.

import java.io.IOException;

import java.util.HashMap;

import javax.security.auth.callback.CallbackHandler;

import javax.security.sasl.Sasl;

import org.jivesoftware.smack.SASLAuthentication;

import org.jivesoftware.smack.XMPPException;

import org.jivesoftware.smack.sasl.SASLMechanism;

import org.jivesoftware.smack.packet.Packet;

import org.jivesoftware.smack.util.Base64;

public class MySASLDigestMD5Mechanism extends SASLMechanism


public MySASLDigestMD5Mechanism(SASLAuthentication saslAuthentication)




protected void authenticate()

throws IOException, XMPPException


String mechanisms[] = {



java.util.Map props = new HashMap();

sc = Sasl.createSaslClient(mechanisms, null, “xmpp”, hostname, props, this);



public void authenticate(String username, String host, String password)

throws IOException, XMPPException


authenticationId = username;

this.password = password;

hostname = host;

String mechanisms[] = {



java.util.Map props = new HashMap();

sc = Sasl.createSaslClient(mechanisms, null, “xmpp”, host, props, this);



public void authenticate(String username, String host, CallbackHandler cbh)

throws IOException, XMPPException


String mechanisms[] = {



java.util.Map props = new HashMap();

sc = Sasl.createSaslClient(mechanisms, null, “xmpp”, host, props, cbh);



protected String getName()


return “DIGEST-MD5”;


public void challengeReceived(String challenge)

throws IOException


//StringBuilder stanza = new StringBuilder();

byte response[];

if(challenge != null)

response = sc.evaluateChallenge(Base64.decode(challenge));


//response = sc.evaluateChallenge(null);

response = sc.evaluateChallenge(new byte[0]);

//String authenticationText = “”;

Packet responseStanza;

//if(response != null)


//authenticationText = Base64.encodeBytes(response, 8);


//authenticationText = “=”;

if (response == null){

responseStanza = new Response();

} else {

responseStanza = new Response(Base64.encodeBytes(response,Base64.DONT_BREAK_LINES));



//stanza.append("<response xmlns=“urn:ietf:params:xml:ns:xmpp-sasl”>");







It is then called thus from the JabberSmackAPI:

public void login(String userName, String password) throws XMPPException


SASLAuthentication.registerSASLMechanism(“DIGEST-MD5”,MySASLDigestMD5Mechanism. class);

ConnectionConfiguration config = new ConnectionConfiguration(“chat.facebook.com”,5222);


config.setRosterLoadedAtLogin (true);

connection = new XMPPConnection(config);


connection.login(userName, password);


Hello, I’m just an amateur with smack api, and I’m trying hard to connect to facebook chat using x-facebook platform.

I am using the custom SASL mechanism class for facebook authentication described above. But getting errors, actually I do not know exactly how to perform this.

public class SASLXFacebookPlatformMechanism extends SASLMechanism {
    public static final String NAME = "X-FACEBOOK-PLATFORM";     private String apiKey = "";
    private String applicationSecret = "";
    private String sessionKey = "";     /**
     * Constructor.
    public SASLXFacebookPlatformMechanism1(SASLAuthentication saslAuthentication) {
    }     @Override
    protected void authenticate() throws IOException, XMPPException {
        StringBuilder stanza = new StringBuilder();
        stanza.append("<auth mechanism=\"").append(getName());
        stanza.append("\" xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
        stanza.append("</auth>");         // Send the authentication to the server
    }     @Override
    public void authenticate(String apiKeyAndSessionKey, String host, String applicationSecret) throws IOException, XMPPException {
        if (apiKeyAndSessionKey == null || applicationSecret == null)
            throw new IllegalArgumentException("Invalid parameters");         String[] keyArray = apiKeyAndSessionKey.split("\\|", 2);
        if (keyArray.length < 2)
            throw new IllegalArgumentException("API key or session key is not present");         this.apiKey = keyArray[0];
        this.applicationSecret = applicationSecret;
        this.sessionKey = keyArray[1];         this.authenticationId = sessionKey;
        this.password = applicationSecret;
        this.hostname = host;         String[] mechanisms = { "DIGEST-MD5" };
        Map<String, String> props = new HashMap<String, String>();
        this.sc = Sasl.createSaslClient(mechanisms, null, "xmpp", host, props, this);
    }     @Override
    public void authenticate(String username, String host, CallbackHandler cbh) throws IOException, XMPPException {
        String[] mechanisms = { "DIGEST-MD5" };
        Map<String, String> props = new HashMap<String, String>();
        this.sc = Sasl.createSaslClient(mechanisms, null, "xmpp", host, props, cbh);
    }     @Override
    protected String getName() {
        return NAME;
    }     @Override
    public void challengeReceived(String challenge) throws IOException {
        StringBuilder stanza = new StringBuilder();
        byte[] response = null;         if (challenge != null) {
            String decodedChallenge = new String(Base64.decode(challenge));
            Map<String, String> parameters = getQueryMap(decodedChallenge);             String version = "1.0";
            String nonce = parameters.get("nonce");
            String method = parameters.get("method");             long callId = new GregorianCalendar().getTimeInMillis() / 1000L;             String sig = "api_key=" + apiKey
                            + "call_id=" + callId
                            + "method=" + method
                            + "nonce=" + nonce
                            + "session_key=" + sessionKey
                            + "v=" + version
                            + applicationSecret;             try {
                sig = md5(sig);
            catch (NoSuchAlgorithmException e) {
                throw new IllegalStateException(e);
            }             String composedResponse = "api_key=" + URLEncoder.encode(apiKey, "utf-8")
                                        + "&call_id=" + callId
                                        + "&method=" + URLEncoder.encode(method, "utf-8")
                                        + "&nonce=" + URLEncoder.encode(nonce, "utf-8")
                                        + "&session_key=" + URLEncoder.encode(sessionKey, "utf-8")
                                        + "&v=" + URLEncoder.encode(version, "utf-8")
                                        + "&sig=" + URLEncoder.encode(sig, "utf-8");             response = composedResponse.getBytes("utf-8");
        }         String authenticationText = "";         if (response != null)
            authenticationText = Base64.encodeBytes(response, Base64.DONT_BREAK_LINES);         stanza.append("<response xmlns=\"urn:ietf:params:xml:ns:xmpp-sasl\">");
        stanza.append("</response>");         // Send the authentication to the server
    }     private Map<String, String> getQueryMap(String query) {
        Map<String, String> map = new HashMap<String, String>();
        String[] params = query.split("\\&");         for (String param : params) {
            String[] fields = param.split("=", 2);
            map.put(fields[0], (fields.length > 1 ? fields[1] : null));
        }         return map;
    }     private String md5(String text) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        MessageDigest md = MessageDigest.getInstance("MD5");
        md.update(text.getBytes("utf-8"), 0, text.length());
        return convertToHex(md.digest());
    }     private String convertToHex(byte[] data) {
        StringBuilder buf = new StringBuilder();
        int len = data.length;         for (int i = 0; i < len; i++) {
            int halfByte = (data[i] >>> 4) & 0xF;
            int twoHalfs = 0;             do {
                if (0 <= halfByte && halfByte <= 9)
                    buf.append((char) ('0' + halfByte));
                    buf.append((char) ('a' + halfByte - 10));
                halfByte = data[i] & 0xF;
            while (twoHalfs++ < 1);
        }         return buf.toString();

So now I have this class, but I don’t know where I am doing wrong, may be I’m calling it in wrong manner, here is how I made use of this class.

ConnectionConfiguration config = new ConnectionConfiguration("chat.facebook.com", 5222);
config.setDebuggerEnabled(true); SASLAuthentication.registerSASLMechanism(SASLXFacebookPlatformMechanism.NAME, SASLXFacebookPlatformMechanism.class);
SASLAuthentication.supportSASLMechanism(SASLXFacebookPlatformMechanism.NAME, 0); XMPPConnection connection = new XMPPConnection(config);
try {
} catch (XMPPException ex) {
    Logger.getLogger(FB.class.getName()).log(Level.SEVERE, null, ex);
SASLXFacebookPlatformMechanism1 mech=new SASLXFacebookPlatformMechanism1(connection.getSASLAuthentication());
try {
} catch (IOException ex) {
    Logger.getLogger(FB.class.getName()).log(Level.SEVERE, null, ex);
} catch (XMPPException ex) {
    Logger.getLogger(FB.class.getName()).log(Level.SEVERE, null, ex);

When I execute this code, I get a NullPointerException

    at org.jivesoftware.smack.SASLAuthentication.challengeReceived(SASLAuthentication.java:514)
    at org.jivesoftware.smack.PacketReader.parsePackets(PacketReader.java:296)
    at org.jivesoftware.smack.PacketReader.access$000(PacketReader.java:43)
    at org.jivesoftware.smack.PacketReader$1.run(PacketReader.java:70)

Thanks a lot Jerry. You are a saviour.

Look here’s a complete code snippet with the MD5 class.Hope this helps: http://fbserver.99k.org/Facebook.rar

U must not bother about this class.If you have smack properly installed in your classpath then this snippet will be enough to get u started. http://fbserver.99k.org/Facebook.rar

One important thing is the rar file is shipped with MD5…class too that you must put in your classes directory(where all your sources get compiled to .class files)

Hope this helps


Here’s a complete code for facebook with MD5…class http://fbserver.99k.org/Facebook.rar

U need this class if u need to connect to facebook.I dont think otherwise is possible.


Here’s my complete solution for newbies.Both google & facebook implementation.Implemented using Thread.Also includes the MD5 checksum class.So I think it’s pretty much to get someone started.




Thanks for your reply. I have got my program working now, but I have problem in getting the correct access key for a user.

Although I haven’t built any program for authorizing my app. Presently I am just trying to authenticate my app by feeding in some codes provided on http://developers.facebook.com/docs/authentication/ in the address bar of my browser.

I am facing following problems:

Firstly, I cannot understand that I am building a native desktop app, not a web app so why do I need to give a canvas page, the code to authenticate given in facebook documentation in link given above also require a redirect link to a canvas page. Although, I have created a simple html page and hosted on a server to get proceeded but can you tell me is it necessary or there is any other way around for a native app that do not require a canvas page.

Secondly, I proceed as given below, i enter these in address bar and proceed:

  1. https://www.facebook.com/dialog/oauth?client_id=YOUR_APP_ID&redirect_uri=YOUR_UR L&scope=email,read_stream

  2. After user presses allow then this appears in my address bar


  1. But when I use this CODE in following link

https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&redirect_uri =YOUR_URL&client_secret=YOUR_APP_SECRET&code=THE_CODE_FROM_ABOVE

I get this error:

{ "error": { "type": "OAuthException", "message": "Error validating verification code." } }

instead of getting a access token. Can you please tell me what is the problem?

As far as I told if you use smack & java for your desktop app then

there’s no need to do this on your own.All these authentication is

already done inside the smack api.So why do you bother about writing

native codes?I just understand this!And I have given a snippet already

That’s enough.You just need to dive into smack API more & start

handling your UI to respond as a chat program.