Pirate Praveen opened 9 years ago
|
|||||||
Andrzej, please estimate work required to add Diaspora authentication support in Tigase. |
|||||||
Looking at code from https://gist.githubusercontent.com/jhass/948e8e8d87b9143f97ad/raw/mod_auth_diaspora.lua, this task looks rather simple to add authentication module to Tigase XMPP Server to support authentication against diaspora. However we have 2 things which can cause problems:
This is something which needs to be learned
bcrypt algorithm is not supported by JDK, so we would need to add external library as dependency (see jBCrypt) or include bcrypt implementation from other opensource project (maybe from SpringSecurity) In both cases we need to check if there will be any licensing issues with using this. If we decide to use jBCrypt we need to add this library as dependency, so I would suggest creation of subproject with support for Diaspora (to be able to build core Tigase XMPP Server without this dependency). If we decide to use code from SpringSecurity then we could add this code directly to Tigase XMPP Server and no additional subproject would be needed. However we would need to fix issues with this code if any will appear. Assuming that we would be able to use existing implementation of bcrypt I think we should be able to implement this in 32h (maybe less) including creation of installation of Diaspora for development. This estimated time is only for support of authentication against Diaspora if it will use external database (ie. MySQL, and not SQLite3). It do not include implementation of roster based on Diaspora contacts (as implemented here for Prosody) |
|||||||
Andrzej Wójcik wrote:
I have created a debian package and its as easy as apt-get install and answering a few questions https://tracker.debian.org/pkg/diaspora-installer https://people.debian.org/~praveen/diaspora-jessie/
This would be needed as well because contacts are primarily handled by diaspora. |
|||||||
I initially excluded support for "contacts" integration as it was only authentication against Diaspora mentioned. However looking at implementation of "contacts" integration between Prosody and Diaspora I would say it may add additional 40h as this integration looks tricky to be added due to current internal implementation of processing requests of roster, etc. in Tigase XMPP Server. We would need to add:
both require changes to internal Tigase XMPP Server API. |
|||||||
Andrzej, for this kind of contacts integration we normally use DynamicRoster API. It allows Tigase to directly load roster data from non-Tigase data storage. Tigase cannot change items in the dynamic roster but this is good enough for most use cases and I think should be enough for Diaspora integration. This way we would also avoid DB synchronization. Do you think this is possible? |
|||||||
I think we could use DynamicRoster API, however any changes of contacts in Diaspora will not be visible for user until reconnection, as Tigase will keep in memory older version. Prosody had same issue, and they synchronize roster/dynamic roster with database every 5 minutes. To have similar integration and be able to refresh contacts list when user in Diaspora change this list, we need to have some way to add periodical synchronization. |
|||||||
Andrzej, thank you for the additional information. I am generally against such periodic synchronization because I always have in mind installation with 1M or more online users. Synchronizing roster every now and then means we would have 1M or more DB calls on regular basis. Most of them would be unnecessary as most users do not change their contact list often. So we would generate huge load for nothing. A better way would be to provide an ad-hoc command (REST API) to call when a user's roster needs update/sync. The command could even contain all the info so Tigase would not need to call DB. That would be much more efficient and users would get roster update instantly. But, ok, I get the idea of the work required and we may work on it at some point. |
|||||||
I tried to port BCrypt implementation as there is no support for BCrypt in JDK, however it is rather large task with a lot of work with cryptographic documentation. However there are existing implementations in Java:
Can we use one of this for implementation of this feature? If not in Tigase XMPP Server then maybe in some subproject? |
|||||||
I am assigning this to our expert. Bartek what do you think? |
|||||||
Referenced from commit 1 year ago
|
|||||||
wojciech.kapcia@tigase.net batch edited 7 months ago
|
|||||||
wojciech.kapcia@tigase.net removed from iteration "Candidate for next major release" 7 months ago
|
|||||||
wojciech.kapcia@tigase.net changed state to 'Closed' 7 months ago
|
|||||||
Obsolete |
|||||||
wojciech.kapcia@tigase.net changed fields 7 months ago
|
Type |
New Feature
|
Priority |
Blocker
|
Assignee | |
RedmineID |
3333
|
Version |
none
|
Estimation |
72h
|
Spent time |
46h 30m
|
Kontalk messaging network is built on tigasse, diaspora social network has support for prosody and vines. We run two diaspora pods, diasp.in and poddery.com, and want to offer kontalk from the same server. This was discussed with kontalk developers and they suggested tigase is the right place https://github.com/kontalk/tigase-server/issues/7
Here is how prosody integrates diaspora https://wiki.diasporafoundation.org/Integration/XMPP/Prosody
Diaspora authentication for tigase would make tigase a candidate xmpp provider for 100+ diaspora pods, it will also encourage them to offer a kontalk service too.