integration Integration websockets

[FernandoSocialway]

Hi,

I am testing the documentation from the link below: https://doc.vodia.com/docs/click2dial

I need to get a call to be generated using the websocket

When entering the credentials, it returns the token that I later use to log in

Everything works fine until the websocket is executed, which responds with an error and disconnects

 

This is the error

thanks for your help

[Vodia PBX]

In 68.0, you can also just use Basic authentication for setting up the web socket. Make sure that the Host is matches the domain name, and the username in the authorization header the extension. The password is the web password. This works only if there is no 2nd factor required for the login. Otherwise you'll need to set up a session first and then use the session cookie in the web socket request. Also I would turn the web server log to 9 which should provide more information what is going on.

[AlanS]

On 9/1/2021 at 5:20 PM, Vodia PBX said:

In 68.0, you can also just use Basic authentication for setting up the web socket. Make sure that the Host is matches the domain name, and the username in the authorization header the extension. The password is the web password. This works only if there is no 2nd factor required for the login. Otherwise you'll need to set up a session first and then use the session cookie in the web socket request. Also I would turn the web server log to 9 which should provide more information what is going on.

By basic auth, do you mean wss://user:password@domain.com/websocket?

And by "host" you mean, wss://user:password@host.com/websocket?domain=host ?

[Vodia PBX]

Hmm that might work depending what you use (e.g. C#, JavaScript). On the protocol layer, there needs to be an Authorization header with Basic authentication that contains the username:password (no tenant name there) and the Host header needs to contain the tenant DNS address.

[AlanS]

Well, from past experience with the native WebSocket library, You can't send user:pass in the url with WSS.

Do you have a js template with this working?

I read this guide here: https://doc.vodia.com/docs/websocket

But, you can't attach any headers to the native WebSocket library. So I can't add Authorization: 'Basic token'.

[AlanS]

Ah you know what. I think the websocket server is checking the requests cookies for session. Trying that now.

[AlanS]

Nope. I set the cookie, session = token, and no dice.

Should I open a support ticket?

[Vodia PBX]

According to https://stackoverflow.com/questions/4361173/http-headers-in-websockets-client-api you should be able to use the username and password in the URL and this should just work?

[AlanS]

That has been deprecated.

You can't send user:pass in a ws header. The server only accepts wss I believe too.

I also can not use the third party login documentation. The /rest endpoints all have CORS enabled. Which only leaves me the option to use me backend (node). But that's only the backend. 

I have 0 problems consuming the vodia API in the backend.

I can't set a cookie "session=sessionId" across domains. So using the session cookie is not an option.

I tried to use an iframe and set it to hidden. Then I make a call to the backend.

I get a session id and then send the session id to /rest/system/session - name:'session', value:sessionId all from the backend. When it returns true, then I set the iframe src to https://pbx.com/welcome?session=sessionId and nothing happens. It doesn't auto login. I have the cookie from the pbx domain, but its a cross domain cookie. So the WebSocket library will not send cross domain cookies.

 

There needs to be a clientSecret, or websocketSecret or something like that setup on vodias end. Something we generate in the admin panel. Then we can use socket.io-client to consume the vodia websockets by passing the auth in the handshake.query options.

There is currently no available option to use websockets and would LOVE to see a real example of this working. Because as it is now, it is impossible to use cross domain cookies.

[Vodia PBX]

Hmm, it's not clear when the wss://user:pass@domain URI will work, but it's probably not a good idea to rely on it. But for sure setting a cookie should work. That means you'll need a step before opening the web socket and fetch the session cookie first using /rest/system/session like you would login from the welcome.js code.

[AlanS]

1 hour ago, Vodia PBX said:

Hmm, it's not clear when the wss://user:pass@domain URI will work, but it's probably not a good idea to rely on it. But for sure setting a cookie should work. That means you'll need a step before opening the web socket and fetch the session cookie first using /rest/system/session like you would login from the welcome.js code.

Thank you for your reply.

Please re-read above.