aTalk is implementing XEP-0070: Verifying HTTP Requests via XMPP:
On received of an HTTP IQ request iqRequest i,e.
<iq type='get'
from='files.shakespeare.lit'
to='juliet@capulet.com/balcony'
id='ha000'>
<confirm xmlns='http://jabber.org/protocol/http-auth'
id='a7374jnjlalasdf82'
method='GET'
url='https://files.shakespeare.lit:9345/missive.html'/>
</iq>
On deny, aTalk is required to sent the following stanza i.e.
<iq type='error'
from='juliet@capulet.com/balcony'
to='files.shakespeare.lit'
id='ha000'>
<confirm xmlns='http://jabber.org/protocol/http-auth'
id='a7374jnjlalasdf82'
method='GET'
url='https://files.shakespeare.lit:9345/missive.html'/>
<error code='401' type='auth'>
<not-authorized xmlns='urn:ietf:params:xml:xmpp-stanzas'/>
</error>
</iq>
Using the following approach, it was found that the return errorIQ will strip off the Confirm ExtensionElement, leaving only the StanzaError.
StanzaError errorBuilder = StanzaError.getBuilder()
.setType(StanzaError.Type.AUTH)
.setCondition(StanzaError.Condition.not_authorized).build();
ErrorIQ errorIQ = IQ.createErrorResponse(iqRequest, errorBuilder);
When aTalk is trying to build using IQ class method, it seems that reply IQ can only contain either a StanzaError or an ExtensionElement.
public final XmlStringBuilder getChildElementXML(XmlEnvironment enclosingXmlEnvironment) {
XmlStringBuilder xml = new XmlStringBuilder();
if (type == Type.error) {
// Add the error sub-packet, if there is one.
appendErrorIfExists(xml, enclosingXmlEnvironment);
}
else if (childElementName != null) {
// Add the query section if there is one.
IQChildElementXmlStringBuilder iqChildElement = getIQChildElementBuilder(new IQChildElementXmlStringBuilder(this));
if (iqChildElement != null) {
xml.append(iqChildElement);
List<ExtensionElement> extensionsXml = getExtensions();
if (iqChildElement.isEmptyElement) {
if (extensionsXml.isEmpty()) {
xml.closeEmptyElement();
return xml;
} else {
xml.rightAngleBracket();
}
}
xml.append(extensionsXml);
xml.closeElement(iqChildElement.element);
}
}
return xml;
}
If my understanding is correct, it means aTalk needs to take special case to generate the required HTTP request denied IQ. e.g. to override the below method to include the ErrorStanza.
protected IQChildElementXmlStringBuilder getIQChildElementBuilder(IQChildElementXmlStringBuilder xml)
Or there is an easy way to generate using the existing IQ class.