jacob.eva
/
ejabberd-contrib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ejabberd-contrib/mod_rest
History
Badlop b3c8d25104 Reword modules documentation to reflect the usage of local configuration files 2022-08-12 10:52:20 +02:00
..
conf Enable some modules when installed, if they work with reasonable default config 2022-07-26 15:41:21 +02:00
src Add mod_status/0 to show its current status in WebAdmin 2022-07-26 15:41:23 +02:00
COPYING Add missing licence file 2015-04-22 11:31:46 +02:00
README.md Reword modules documentation to reflect the usage of local configuration files 2022-08-12 10:52:20 +02:00
mod_rest.spec Cleanup for module packaging support in ejabberd 2015-03-11 14:19:35 +01:00

README.md

mod_rest - HTTP interface to POST stanzas into ejabberd

This is an ejabberd module that adds an HTTP handler that allows HTTP clients to literally post arbitrary message stanzas to ejabberd. Those stanzas then get shoved through ejabberd's router just like any other stanza.

This module can also be used as a frontend to execute ejabberd commands.

Configuration

Configurable options:

  • allowed_ips: IP addresses that can use the rest service. Notice that the IP address is checked after the connection is established. If you want to restrict the IP address that listens connections, and only allow a certain IP to be able to connect to the port, then the option allowed_ips is not useful to you: you better define the listening IP address in the ejabberd listeners (see the ejabberd Guide).

  • allowed_destinations: Allowed destination Jabber ID addresses in the stanza.

  • allowed_stanza_types: Allowed stanza types of the posted stanza.

  • access_commands: Access restrictions to execute ejabberd commands. This option is similar to the option ejabberdctl_access_commands that is documented in the ejabberd Guide. There is more information about AccessCommands in the ejabberd Guide.

Example Configuration

You can modify the default module configuration file like this:

To enable the module:

modules:
  mod_rest:
    allowed_ips:
      - "127.0.0.1"

To enable the HTTP request handler in the listen section:

listen:
  -
    port: 5285
    module: ejabberd_http
    request_handlers:
       /rest: mod_rest

With that configuration, you can send HTTP POST requests to the URL: http://localhost:5285/rest

Example Access Configuration

acl:
  restuser:
    user:
      - "userest": "localhost"

access:
  restaccess:
    restuser: allow

commands_admin_access: restaccess

modules:
  mod_rest:
    allowed_ips:
      - "127.0.0.1"
      - "192.168.1.12"
    allowed_destinations:
      - "nolan@localhost"
      - "admin@example.com"
    allowed_stanza_types:
      - "message"
      - "presence"
      - "iq"
    access_commands:
      - restaccess:
        - registered_users
        - connected_users

This module gives many power to perform tasks in ejabberd, such power in bad hands can harm your server, so you should restrict the IP address that can connect to the service using: a firewall, allowed_ips option, or the listener IP option.

In ejabberd 2.0.x versions, it is important that the value indicated in Content-Length matches exactly the size of the content.

Example ReST Call

When the module receives this:

POST /rest HTTP/1.1
Host: localhost
Content-Length: 85

<message to="nolan@localhost" from="localhost/rest"><body>World</body></message>

ejabberd.log shows those messages:

=INFO REPORT==== 2-Mar-2009::11:46:05 ===
I(<0.484.0>:ejabberd_listener:201) : (#Port<0.3661>) Accepted connection {{127,0,0,1},55945} -> {{127,0,0,1},5285}

=INFO REPORT==== 2-Mar-2009::11:46:05 ===
I(<0.251.0>:ejabberd_http:127) : started: {gen_tcp,#Port<0.3661>}

=INFO REPORT==== 2-Mar-2009::11:46:05 ===
I(<0.841.0>:mod_rest:81) : Got request from localhost/rest
with IP {{127,0,0,1},49613}
to nolan@localhost:
{xmlelement,"message",
            [{"to","nolan@localhost"},{"from","localhost/rest"}],
            [{xmlelement,"body",[],[{xmlcdata,<<"World">>}]}]}

If the user nolan@localhost exists, he will receive this message:

<message from='localhost/rest'
	 to='nolan@localhost'>
  <body>World</body>
</message>

Instead of an XMPP stanza, you can provide an ejabberd command to execute:

registered_users localhost

If you configure access_commands in mod_rest, you need to provide information about a local Jabber account with enough privileges according to your option:

--auth robot localhost pass0011 registered_users localhost

Example Call With Lynx

This example shows how to send a POST using Lynx:

$ lynx http://localhost:5285/rest/ -mime_header -post_data
<message to="nolan@localhost" from="localhost/rest"><body>World</body></message>
---
HTTP/1.0 200 OK
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 2

Ok

Example Call With Wget

This example shows how to send a POST using Wget:

$ wget http://localhost:5285/rest/ --server-response --post-data '<message to="nolan@localhost" from="localhost/rest"><body>World</body></message>'

--2009-03-02 12:01:42--  http://localhost:5285/rest/
Resolving localhost... 127.0.0.1
Connecting to localhost|127.0.0.1|:5285... connected.
HTTP request sent, awaiting response...
  HTTP/1.0 200 OK
  Connection: keep-alive
  Content-Type: text/html; charset=utf-8
  Content-Length: 2
Length: 2 [text/html]
Saving to: `index.html'

100%[======================================>] 2           --.-K/s   in 0s

2009-03-02 12:01:42 (285 KB/s) - `index.html' saved [2/2]

The content of the index.html is simply:

Ok

Please notice that mod_rest and wget don't work correctly over HTTPS.

Example Auth Command With Wget

To execute an ejabberd command, simply provide its name and arguments as in ejabberdctl:

wget http://localhost:5285/rest/ --server-response --post-data 'registered_users localhost'

If you configure access_commands option, you must provide the credentials like this:

wget http://localhost:5285/rest/ --server-response --post-data '--auth user1 localhost thepass registered_users localhost'

Example Call With Curl

curl -X POST -i http://localhost:5285/rest/ -d 'create_room testroom muc.localhost localhost'
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Content-Length: 1

Example Call With Python

This example Python code first calls to send a stanza, and then calls to execute a command:

import urllib2

server_url = 'http://localhost:5285/rest/'

call = '<message to="nolan@localhost" from="localhost/rest"><body>World</body></message>'
resp = urllib2.urlopen(server_url, call)
result = resp.read()
print result

call = 'registered_users localhost'
resp = urllib2.urlopen(server_url, call)
result = resp.read()
print result

Example Call With PHP

This example PHP code implements a call to execute a command (thanks to Qu1cksand):

<?
function sendRESTRequest ($url, $request) {
    // Create a stream context so that we can POST the REST request to $url
    $context = stream_context_create (array ('http' => array ('method' => 'POST'
                                            ,'header' => "Host: localhost:5285\nContent-Type: text/html; charset=utf-8\nContent-Length: ".strlen($request)
                                            ,'content' => $request)));
    // Use file_get_contents for PHP 5+ otherwise use fopen, fread, fclose
    if (version_compare(PHP_VERSION, '5.0.0', '>=')) {
        $result = file_get_contents($url, false, $context);
    } else {
        // This is the PHP4 workaround which is slightly less elegant
        // Suppress fopen warnings, otherwise they interfere with the page headers
        $fp = @fopen($url, 'r', false, $context);
        $result = '';
        // Only proceed if we have a file handle, otherwise we enter an infinite loop
        if ($fp) {
            while(!feof($fp)) {
                $result .= fread($fp, 4096);
            }
            fclose($fp);
        }
    }
    return $result;
}
$url = "http://localhost:5285/rest";
$request = "register user12 localhost somepass";
$response = sendRESTRequest($url, $request);
echo "Response: $response\n";
?>