The challenge
One of Superfeedr messaging protocols is XMPP. It is offering a XMPP Pub Sub API and using Prosody at its core. XMPP is a mature protocol and is heavily used in the messaging space. It offers quite a lot extensions and covers various use cases that may come up.
At some point every XMPP developer faces the issue, that adapting XMPP to your local needs may become quite cumbersome. Superfeedr sponsored the development of the Server-2-Server (S2S) for nodejs to improve the situation here.
The solution
The latest master branch of node-xmpp-server includes an implementation of the S2S feature. Let’s start with an example to see how easy the usage is:
'use strict';
// import node-xmpp server and the router
var xmpp = require('node-xmpp-server'),
r = new xmpp.Router();
// register handler for own domain
r.register('nodexmpp.com', function (stanza) {
// output the recieved message
console.log('GOT YA << ' + stanza.toString())
// send back the message to the sender
if (stanza.attrs.type !== 'error') {
var me = stanza.attrs.to
stanza.attrs.to = stanza.attrs.from
stanza.attrs.from = me
r.send(stanza)
}
});
// parse raw xml message with ltx
var ltx = require('ltx');
var rawmsg = '<message to=\'mu@example.com\' from=\'juliet@nodexmpp.com/balcony\' type=\'chat\' xml:lang=\'en\'><body>Wherefore art thou, mu?</body></message>';
var msg = ltx.parse(rawmsg);
// send a message to mu@example.com
r.send(msg);
It takes less than 20 lines of nodejs code to implement a full version xmpp S2S component. The above sample does not include TLS, but node-xmpp-server
implements TLS, too.
The latest version of node-xmpp-server
implements the following specifications:
- [XEP-0220: Server Dialback] (http://xmpp.org/extensions/xep-0220.html)
- XEP-0185: Dialback Key Generation and Validation
During development we tested node-xmpp-server
against Prosody. To get it running, you need to change the prodsody configuration to:
s2s_require_encryption = false
Be aware that this does not mean the connection between Prosody and node-xmpp-server
is not encrypted the communication. node-xmpp-server
establishes a secure TLS connection between the servers if possible. Prosody requires all servers that ship with server dialback instead certificate authentication to deactivate s2s_require_encryption
. We do not recommend deactivating s2s_require_encryption
in production, though. Instead you may try to use the mod_s2s_never_encrypt_blacklist. Further information is available at Prosody.
We look into the implementation of XEP-0288: Bidirectional Server-to-Server Connections to make the implementation via nodejs even more secure.
Happy hacking.
Comments