Ticket authentication in Autobahn.js

Question

I have implemented router and a publisher. Client needs to connect to the router using Ticket based authentication. Need the format of sending a token in the onchallange method.

Below is my js code.

var connection = new autobahn.Connection({
    url: 'ws://127.0.0.1:26429/',
    realm: 'testRealm',
    authmethods: ["ticket"],
    authid: 'testAuthid',
    onchallenge: function () {
        // Code to send token in the expected format
    }
});

In router side , below are the values which i am trying to authenticate:

 private readonly IDictionary<string, string> mUserToTicket =
            new Dictionary<string, string>
            {
                ["joe"] = "magic_secret_1"
            };

How can i convert ["joe"] = "magic_secret_1" into a token that is expected by the router?

Most of the examples are in python and implements a diffrent kind of authentication.

Please help.

Edited

Below is part of router side authentication used.

public IWampSessionAuthenticator GetSessionAuthenticator
            (WampPendingClientDetails details,
             IWampSessionAuthenticator transportAuthenticator)
        {
            HelloDetails helloDetails = details.HelloDetails;

            if (helloDetails.AuthenticationMethods?.Contains("ticket") != true)
            {
                throw new WampAuthenticationException("supports only 'ticket' authentication");
            }

            string user = helloDetails.AuthenticationId;

            string ticket;

            if (user == null ||
                !mUserToTicket.TryGetValue(user, out ticket))
            {
                throw new WampAuthenticationException
                    ($"no user with authid '{user}' in user database");
            }

            return new TicketSessionAuthenticator(user, ticket, mUserToAuthorizer[user]);
        }

Darren Smith · Accepted Answer · 2020-01-07T14:22:34.680

0

Since you are building your own router, you will need to build the logic for handling WAMP authentication.

In your example, the ticket is "magic_secret_1", which is what the client will send to the router, and the router will check.

In your router you need to add code to handle HELLO and AUTHENTICATE messages. The rough logic for each is:

handle HELLO

Check username is permitted on the realm.

Check authmethods array contains ticket.

Reply with CHALLENGE message: [4, "ticket", {}]

handle AUTHENTICATE

The client will send a message like [5, "magic_secret_1", {}]. Fetch the authid associated with the wamp session (the router should have stored this when it processed HELLO message) and pass realm, authid and the ticket to a function that checks inside of your mUserToTicket dictionary.

Client

On the client side, you can add the ticket like so:

var connection = new autobahn.Connection({
    url: 'ws://127.0.0.1:26429/',
    realm: 'testRealm',
    authmethods: ["ticket"],
    authid: 'joe',
    onchallenge: function () {
        return "magic_secret_1";
    }
});

WAMP Ticket-based Authentication

edited Jan 07 '20 at 14:22

answered Jan 07 '20 at 14:17

Darren Smith

2,261
16
16

Hi thanks for your reply. I did the same initially and i got this below error. Potentially unhandled rejection [1] {"error":"wamp.error.not_authorized","args":[],"kwargs":{}} (WARNING: non-Error used) – bharath Jan 08 '20 at 06:57
Its not clear what has happened. The `[1]` suggests this was an HELLO attempt that was rejected by the router, is that right? You have implemented the router, so you should be able to debug why the HELLO was rejected. – Darren Smith Jan 08 '20 at 09:04
Router is running as a windows service. And i am unable attach debugger for that process. It says 'No symbols have been loaded' . Did try clean/rebuild the sln. and explicitly specifying the .pdb files required. Still not able to debug... I was thinking may be i sent wrong ticket format in the onchallenge method from js.. – bharath Jan 08 '20 at 10:52
Thank you for the help. One more question regarding the same . How can i check the incomming mesages in Router ? I my router host code : var hostedRealm = host.RealmContainer.GetRealmByName(realm); hostedRealm.SessionCreated += (sender, arguments) => { counters++; _logger.Log(DateTime.UtcNow.ToString() + "\r\n" + "A session is opened." + "\r\n" + "- Session ID: " + arguments.SessionId.ToString() + "\r\n" + "- Total of opened sessions: " + counters.ToString()); }; – bharath Jan 13 '20 at 07:30
Well you could try to add code to the router to print out each message as it arrives. What javascript library is the router using? You could examine the `sender` and `arguments` parameters to see if they have ways for you to attach your own callback that can be used to print messages. – Darren Smith Jan 13 '20 at 08:20
Router is written in C# . Was able to read/log the msgs using the below code : hostedRealm.Services.GetSubject(topic).Subscribe (x => _logger.Log("Message :" + x) ); – bharath Jan 14 '20 at 05:33

Ticket authentication in Autobahn.js

1 Answers1