autobahncrossbarwamp-protocol

Ticket authentication in Autobahn.js

I have implemented router and a publisher. Client needs to connect to the router using Ticket based authentication. Need the format of sending a token in the onchallange method.

Below is my js code.

var connection = new autobahn.Connection({
    url: 'ws://127.0.0.1:26429/',
    realm: 'testRealm',
    authmethods: ["ticket"],
    authid: 'testAuthid',
    onchallenge: function () {
        // Code to send token in the expected format
    }
});

In router side , below are the values which i am trying to authenticate:

 private readonly IDictionary<string, string> mUserToTicket =
            new Dictionary<string, string>
            {
                ["joe"] = "magic_secret_1"
            };

How can i convert ["joe"] = "magic_secret_1" into a token that is expected by the router?

Most of the examples are in python and implements a diffrent kind of authentication.

Please help.

Edited

Below is part of router side authentication used.

public IWampSessionAuthenticator GetSessionAuthenticator
            (WampPendingClientDetails details,
             IWampSessionAuthenticator transportAuthenticator)
        {
            HelloDetails helloDetails = details.HelloDetails;

            if (helloDetails.AuthenticationMethods?.Contains("ticket") != true)
            {
                throw new WampAuthenticationException("supports only 'ticket' authentication");
            }

            string user = helloDetails.AuthenticationId;

            string ticket;

            if (user == null ||
                !mUserToTicket.TryGetValue(user, out ticket))
            {
                throw new WampAuthenticationException
                    ($"no user with authid '{user}' in user database");
            }

            return new TicketSessionAuthenticator(user, ticket, mUserToAuthorizer[user]);
        }
Solution

  • Since you are building your own router, you will need to build the logic for handling WAMP authentication.

    In your example, the ticket is "magic_secret_1", which is what the client will send to the router, and the router will check.

    In your router you need to add code to handle HELLO and AUTHENTICATE messages. The rough logic for each is:

    handle HELLO

    Check username is permitted on the realm.

    Check authmethods array contains ticket.

    Reply with CHALLENGE message: [4, "ticket", {}]

    handle AUTHENTICATE

    The client will send a message like [5, "magic_secret_1", {}]. Fetch the authid associated with the wamp session (the router should have stored this when it processed HELLO message) and pass realm, authid and the ticket to a function that checks inside of your mUserToTicket dictionary.

    Client

    On the client side, you can add the ticket like so:

    var connection = new autobahn.Connection({
    url: 'ws://127.0.0.1:26429/',
    realm: 'testRealm',
    authmethods: ["ticket"],
    authid: 'joe',
    onchallenge: function () {
        return "magic_secret_1";
    }
});

    WAMP Ticket-based Authentication