jdev - 2024-05-22


  1. akshay

    Hi nicoco, I'm one of the mentors for assu_2000 in this GSoC project. We are all relatively new to XMPP development and were having confusion as to which XEP best serves the purpose of SMS OTP based registration even while drafting the project. As of now based on previous discussions in this chat we're starting with 0389. We do not know yet as to what challenges will come up. I'm sure assu_2000 will share a detailed technical document here for everyone's review soon.

  2. assu_2000

    Hi everyone, please help me review my paperwork : https://pad.disroot.org/p/prav_gsoc

  3. assu_2000

    Thanks Akshay ! Btw we have switched to XEP 0389 but in the official documentation it is still XEP 0388.

  4. praveen

    > Thanks Akshay ! > Btw we have switched to XEP 0389 but in the official documentation it is still XEP 0388. you can edit the wiki page as well

  5. praveen

    > Hi assu_2000 - In which client will you implement this spec? FWIW, since I need multi-factor auth in the gateway components I develop, I use a dedicated adhoc command instead of XEP-0077 we will have to test with at least one client, at the moment we are leaning towards Dino (Since android already has Prav app and iOS we hope to build an app based on Monal, once they release Quicksy iOS). Gajim could also be considered if there is time or someone volunteers to add it for gajim.

  6. praveen

    > Hi everyone, please help me review my paperwork : > > https://pad.disroot.org/p/prav_gsoc What you describe is current Quicksy/Prav App flow - Prav App/Quicksy App makes an HTTP request to Quicksy Server. But we need to change that to an XMPP request. Currently the app send a username and password for registration. With XEP 0389, when it send username and password, the server should ask for the phone number and respond using xep 0389. Once it receives the phone number, it should again ask for the OTP via XEP 0389, once it verified the OTP via Nexmo/Twilio API, it should create the account.

  7. praveen

    Quicksy/Prav is modified to send an HTTP request to Quicksy/Prav server, but our goal is to replace that part with standard XEP 0389 based XMPP requests.

  8. praveen

    1. App sends username/password and indicates this user should be registered 2. The server asks for phone number first and requests Nexmo/Twilio to generate otp 3. Server again asks for otp from the client and verifes it by comparing response from Nexmo/Twilio.

  9. praveen

    see https://xmpp.org/extensions/xep-0389.html#challenge for how to ask client for phone number and then otp

  10. praveen

    we can send a form to the client https://xmpp.org/extensions/xep-0389.html#dataform

  11. assu_2000

    Let me check please !

  12. praveen

    assu_2000, check https://docs.ejabberd.im/admin/guide/xep/

  13. praveen

    assu_2000, also open an issue at https://github.com/processone/ejabberd/issues for xep 0389 support and mention you are planning to implement it as gsoc project, you can use that issue to get feedback from ejabberd developers on implementation

  14. assu_2000

    Thank you Praveen , also I have refactored the entire document . We will be discussing about technical implementation but the documentation was clear enough about xep 0389 . They provide registration and recovering. Both with either email or otp . For now we’ll stay within the scope and make sure that everything works fine