WAMPCRA doesn't support salting #2123

Mahad-10 · 2025-01-17T13:32:12Z

WAMPCRA authentication with salting doesn't work.
To reproduce the issue, here's my setup:

A simple config.json file that registers a procedure:

{
    "version": 2,
    "workers": [
        {
            "type": "router",
            "id": "test_router1",
            "options": {
                "pythonpath": [
                    ".."
                ]
            },
            "realms": [
                {
                    "name": "realm1",
                    "roles": [
                        {
                            "name": "backend",
                            "permissions": [
                                {
                                    "uri": "",
                                    "match": "prefix",
                                    "allow": {
                                        "call": true,
                                        "register": true,
                                        "publish": true,
                                        "subscribe": true
                                    },
                                    "disclose": {
                                        "caller": false,
                                        "publisher": false
                                    },
                                    "cache": true
                                }
                            ]
                        },
                        {
                            "name": "frontend",
                            "permissions": [
                                {
                                    "uri": "com.example.add2",
                                    "match": "exact",
                                    "allow": {
                                        "call": true,
                                        "register": false,
                                        "publish": false,
                                        "subscribe": false
                                    },
                                    "disclose": {
                                        "caller": false,
                                        "publisher": false
                                    },
                                    "cache": true
                                }
                            ]
                        }
                    ]
                }
            ],
            "transports": [
                {
                    "type": "web",
                    "endpoint": {
                        "type": "tcp",
                        "port": 8080
                    },
                    "paths": {
                        "ws": {
                            "type": "websocket",
                            "serializers": ["json", "msgpack", "cbor"],
                            "auth": {
                                "wampcra": {
                                    "type": "static",
                                    "users": {
                                        "client1": {
                                            "secret": "new-secret",
                                            "role": "frontend"
                                        },
                                        "client2": {
                                            "secret": "new-secret",
                                            "role": "frontend",
                                            "salt": "salt123",
                                            "iterations": 100,
                                            "keylen": 16
                                        }
                                    }
                                },
                                "cookie": {}
                            }
                        }
                    }
                }
            ],
            "components": [
                {
                    "type": "class",
                    "classname": "backend.BackendSession",
                    "realm": "realm1",
                    "role": "backend"
                }
            ]
        }
    ]
}

The backend.py file to register the procedure:

from twisted.internet.defer import inlineCallbacks

from autobahn.twisted.wamp import ApplicationSession


class BackendSession(ApplicationSession):

    @inlineCallbacks
    def onJoin(self, details):
      print("Backend session joined: {}".format(details))

      def add2(x, y):
         print("add2() called with {} and {}".format(x, y))
         return x + y

      try:
         yield self.register(add2, 'com.example.add2')
         print("procedure add2() registered")
      except Exception as e:
         print("could not register procedure: {}".format(e))

The client.py file to call the procedure:

import sys

from twisted.internet import reactor
from twisted.internet.defer import inlineCallbacks

import txaio

txaio.use_twisted()

from autobahn.wamp.serializer import JsonSerializer
from autobahn.twisted.wamp import ApplicationSession
from autobahn.twisted.util import sleep
from autobahn.wamp import auth

USER_SECRET = "new-secret"

if len(sys.argv) > 1:
    USER = sys.argv[1]
else:
    raise RuntimeError('missing authid')


class ClientSession(ApplicationSession):

    def onConnect(self):
        print("Client session connected. Starting WAMP-CRA authentication on realm '{}' as user '{}' ..".format(
            self.config.realm, USER))
        self.join(self.config.realm, ["wampcra"], USER)

    def onChallenge(self, challenge):
        if challenge.method == "wampcra":
            print("WAMP-CRA challenge received: {}".format(challenge))

            if 'salt' in challenge.extra:
                # salted secret
                key = auth.derive_key(USER_SECRET,
                                      challenge.extra['salt'],
                                      challenge.extra['iterations'],
                                      challenge.extra['keylen'])
            else:
                # plain, unsalted secret
                key = USER_SECRET

            signature = auth.compute_wcs(key, challenge.extra['challenge'])
            return signature

        else:
            raise Exception("Invalid authmethod {}".format(challenge.method))

    @inlineCallbacks
    def onJoin(self, details):
        print("Client session joined: {}".format(details))
        yield sleep(1)

        try:
            res = yield self.call('com.example.add2', 2, 3)
            print("call result: {}".format(res))
        except Exception as e:
            print("call error: {}".format(e))

        self.leave()

    def onLeave(self, details):
        print("Client session left: {}".format(details))
        self.config.extra['exit_details'] = details
        self.disconnect()

    def onDisconnect(self):
        print("Client session disconnected.")
        reactor.stop()


if __name__ == '__main__':

    from autobahn.twisted.wamp import ApplicationRunner

    extra = {
        'exit_details': None,
    }

    serializers = [JsonSerializer(batched=False)]

    runner = ApplicationRunner(url='ws://localhost:8080/ws', realm='realm1', extra=extra, serializers=serializers)
    runner.run(ClientSession)

    print(extra['exit_details'])

    if not extra['exit_details'] or extra['exit_details'].reason != 'wamp.close.normal':
        sys.exit(1)
    else:
        sys.exit(0)

Logs of client.py file:

(.venv) maddy@office-pc:~/scm/crossbar-examples/authentication/wampcra/static$ python3 client.py client2
2025-01-17T18:23:01+0500 Client session connected. Starting WAMP-CRA authentication on realm 'realm1' as user 'client2' ..
2025-01-17T18:23:01+0500 WAMP-CRA challenge received: Challenge(method=wampcra, extra={'challenge': '{"authid": "client2", "authrole": "frontend", "authmethod": "wampcra", "authprovider": "static", "session": 3852410594030796, "nonce": "FJhdzVOAqFg0FVcq/lXUTBpwK3u5dKTJ02+O88ikIU9LjKxYaTxRnpPz+pI1ivTr", "timestamp": "2025-01-17T13:23:01.406Z"}', 'salt': 'salt123', 'iterations': 100, 'keylen': 16})
2025-01-17T18:23:01+0500 Client session left: CloseDetails(reason=<wamp.error.not_authorized>, message='WAMP-CRA client signature is invalid')
2025-01-17T18:23:01+0500 Client session disconnected.
2025-01-17T18:23:01+0500 Main loop terminated.
2025-01-17T18:23:01+0500 CloseDetails(reason=<wamp.error.not_authorized>, message='WAMP-CRA client signature is invalid')

crossbar router logs:

(.venv) maddy@office-pc:~/scm/crossbar-examples/authentication/wampcra/static$ crossbar start

2025-01-17T18:21:04+0500 [Controller  18655] 
2025-01-17T18:21:04+0500 [Controller  18655]     :::::::::::::::::
2025-01-17T18:21:04+0500 [Controller  18655]           :::::          _____                 __              _
2025-01-17T18:21:04+0500 [Controller  18655]     :::::   :   :::::   / ___/______  ___ ___ / /  ___ _____  (_)__
2025-01-17T18:21:04+0500 [Controller  18655]     :::::::   :::::::  / /__/ __/ _ \(_-<(_-</ _ \/ _ `/ __/ / / _ \
2025-01-17T18:21:04+0500 [Controller  18655]     :::::   :   :::::  \___/_/  \___/___/___/_.__/\_,_/_/ (_)_/\___/
2025-01-17T18:21:04+0500 [Controller  18655]           :::::
2025-01-17T18:21:04+0500 [Controller  18655]     :::::::::::::::::   Crossbar.io v23.1.2 [19000101-0000000]
2025-01-17T18:21:04+0500 [Controller  18655] 
2025-01-17T18:21:04+0500 [Controller  18655]     Copyright (c) 2013-2025 Crossbar.io Technologies GmbH. Licensed under EUPLv1.2.
2025-01-17T18:21:04+0500 [Controller  18655] 
2025-01-17T18:21:04+0500 [Controller  18655] Booting standalone node .. <crossbar.node.main._run_command_start>
2025-01-17T18:21:04+0500 [Controller  18655] Node configuration loaded [config_source=localfile, config_path=/home/maddy/scm/crossbar-examples/authentication/wampcra/static/.crossbar/config.json]
2025-01-17T18:21:04+0500 [Controller  18655] Node key files exist and are valid. Node public key is 0xf9556d73f924e9bd86a27adadea7c16e3aac3003d43dbee07366e70ef27477a7
2025-01-17T18:21:04+0500 [Controller  18655] Node key loaded from /home/maddy/scm/crossbar-examples/authentication/wampcra/static/.crossbar/key.priv
2025-01-17T18:21:04+0500 [Controller  18655] Entering event reactor ...
2025-01-17T18:21:04+0500 [Controller  18655] Starting node .. [<crossbar.node.node.Node.start>]
2025-01-17T18:21:04+0500 [Controller  18655] Node ID officepc-18655 set from hostname/pid
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.router.router.RouterFactory.start_realm>: realm=<crossbar.worker.types.RouterRealm object at 0x7026c61515e0> with URI "crossbar"
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.router.router.RouterFactory.add_role>: realm="crossbar", config=
{'name': 'controller',
 'permissions': [{'allow': {'call': True,
                            'publish': True,
                            'register': True,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'prefix',
                  'uri': 'crossbar.'}]}
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.node.node.Node._add_global_roles> node-wide role "controller" added on node management router realm "crossbar"
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.router.router.Router.attach> new session attached for realm="crossbar", session=3593841354765797, authid="serviceagent", authrole="trusted", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.router.service.RouterServiceAgent.onJoin>: realm service session attached to realm "crossbar" [session_id=3593841354765797, authid="serviceagent", authrole="trusted", on_ready=None]
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.node.node.Node.start> router service agent session attached [<crossbar.router.service.RouterServiceAgent>]
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.router.router.Router.attach> new session attached for realm="crossbar", session=6182142917407810, authid="nodecontroller", authrole="controller", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.node.controller.NodeController.onJoin>: joined realm="crossbar" on local node management router [authid="nodecontroller", authrole="controller"]
2025-01-17T18:21:04+0500 [Controller  18655] Native worker ready! (worker=NodeController, node_id="officepc-18655", worker_id="controller") [<crossbar.node.controller.NodeController.onJoin>]
2025-01-17T18:21:04+0500 [Controller  18655] Signal handler installed on process 18655 thread 123312240791680
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.node.node.Node.start> node controller session attached [<crossbar.node.controller.NodeController>]
2025-01-17T18:21:04+0500 [Controller  18655] Using default node shutdown triggers ['shutdown_on_worker_exit']
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.node.node.Node.boot>::NODE_BOOT_BEGIN[node_id="officepc-18655"]
2025-01-17T18:21:04+0500 [Controller  18655] Booting node <crossbar.node.node.Node.boot>
2025-01-17T18:21:04+0500 [Controller  18655] Booting node from local configuration [parallel_worker_start=False] .. <crossbar.node.node.Node.boot_from_config>
2025-01-17T18:21:04+0500 [Controller  18655] Will start 1 worker ..
2025-01-17T18:21:04+0500 [Controller  18655] Order node to start "Router test_router1" ..
2025-01-17T18:21:04+0500 [Controller  18655] Starting router-worker "test_router1" .. <crossbar.node.controller.NodeController.start_worker>
2025-01-17T18:21:04+0500 [Controller  18655] <crossbar.router.router.RouterFactory.add_role>: realm="crossbar", config=
{'name': 'crossbar.worker.test_router1',
 'permissions': [{'allow': {'call': True,
                            'publish': True,
                            'register': True,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'prefix',
                  'uri': 'crossbar.worker.test_router1'},
                 {'allow': {'call': True,
                            'publish': False,
                            'register': False,
                            'subscribe': False},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'exact',
                  'uri': 'crossbar.get_status'},
                 {'allow': {'call': True,
                            'publish': False,
                            'register': False,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'prefix',
                  'uri': 'crossbar.'}]}
2025-01-17T18:21:04+0500 [Controller  18655] worker-specific role "crossbar.worker.test_router1" added on node management router realm "crossbar" <crossbar.node.node.Node._add_worker_role>

2025-01-17T18:21:05+0500 [Router      18662] Starting router-worker "test_router1" on node "officepc-18655" (personality "standalone") and local node management realm "crossbar" .. <crossbar.worker.router.RouterController>
2025-01-17T18:21:05+0500 [Router      18662] Running as PID 18662 on CPython-EPollReactor
2025-01-17T18:21:05+0500 [Router      18662] Entering event reactor ...
2025-01-17T18:21:05+0500 [Controller  18655] <crossbar.router.router.Router.has_role>: uri="crossbar.worker.test_router1", exists=True
2025-01-17T18:21:05+0500 [Controller  18655] <crossbar.router.router.Router.attach> new session attached for realm="crossbar", session=8849175796786122, authid="crossbar.process.18662", authrole="crossbar.worker.test_router1", authmethod="trusted", authprovider="programcode", authextra=
{'x_cb_node': 'officepc-18655',
 'x_cb_peer': 'process:18662',
 'x_cb_pid': 18655,
 'x_cb_worker': None}
2025-01-17T18:21:05+0500 [Router      18662] Router worker session for "test_router1" joined realm "crossbar" on node router <crossbar.worker.router.RouterController.onJoin>
2025-01-17T18:21:05+0500 [Router      18662] Native worker ready! (worker=RouterController, node_id="officepc-18655", worker_id="test_router1") [<crossbar.worker.router.RouterController.onJoin>]
2025-01-17T18:21:05+0500 [Controller  18655] <crossbar.node.controller.NodeController.get_public_key>: return node public key for realm="crossbar", session=8849175796786122, authid="crossbar.process.18662", authrole="crossbar.worker.test_router1"
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.worker.router.RouterController.onJoin> worker loaded node key f9556d73f924e9bd86a27adadea7c16e3aac3003d43dbee07366e70ef27477a7
2025-01-17T18:21:05+0500 [Router      18662] Router worker session for "test_router1" ready
2025-01-17T18:21:05+0500 [Controller  18655] Ok, node has started Router test_router1
2025-01-17T18:21:05+0500 [Controller  18655] Configuring Router test_router1 ..
2025-01-17T18:21:05+0500 [Controller  18655] Order Router test_router1 to start Realm realm001
2025-01-17T18:21:05+0500 [Router      18662] Starting router realm realm001 <crossbar.worker.router.RouterController.start_router_realm>
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.worker.router.RouterController.start_router_realm> starting STANDALONE-realm with WAMP realm name "realm1" using router local realm_id realm001
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.router.router.RouterFactory.start_realm>: realm=<crossbar.worker.types.RouterRealm object at 0x7192e3b73080> with URI "realm1"
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.router.router.Router.attach> new session attached for realm="realm1", session=7602852542206839, authid="routerworker-test_router1-realm-realm001-serviceagent", authrole="trusted", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.router.service.RouterServiceAgent.onJoin>: realm service session attached to realm "realm1" [session_id=7602852542206839, authid="routerworker-test_router1-realm-realm001-serviceagent", authrole="trusted", on_ready=<Deferred at 0x7192e3a781d0>]
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.worker.router.RouterController.set_service_session>(session=<crossbar.router.service.RouterServiceAgent object at 0x7192e3ad1130>, realm="realm1", authrole="trusted")
2025-01-17T18:21:05+0500 [Router      18662] RouterServiceAgent started on realm="realm1" with authrole="trusted", authid="routerworker-test_router1-realm-realm001-serviceagent"
2025-01-17T18:21:05+0500 [Router      18662] Realm "realm001" (category="standalone", name="realm1", authrole="trusted", authid="routerworker-test_router1-realm-realm001-serviceagent") started
2025-01-17T18:21:05+0500 [Controller  18655] Ok, Router test_router1 has started Realm realm001
2025-01-17T18:21:05+0500 [Controller  18655] Order Realm realm001 to start Role role001
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.router.router.RouterFactory.add_role>: realm="realm1", config=
{'id': 'role001',
 'name': 'backend',
 'permissions': [{'allow': {'call': True,
                            'publish': True,
                            'register': True,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': False, 'publisher': False},
                  'match': 'prefix',
                  'uri': ''}]}
2025-01-17T18:21:05+0500 [Controller  18655] Ok, Realm realm001 has started Role role001
2025-01-17T18:21:05+0500 [Controller  18655] Order Realm realm001 to start Role role002
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.router.router.RouterFactory.add_role>: realm="realm1", config=
{'id': 'role002',
 'name': 'frontend',
 'permissions': [{'allow': {'call': True,
                            'publish': False,
                            'register': False,
                            'subscribe': False},
                  'cache': True,
                  'disclose': {'caller': False, 'publisher': False},
                  'match': 'exact',
                  'uri': 'com.example.add2'}]}
2025-01-17T18:21:05+0500 [Controller  18655] Ok, Realm realm001 has started Role role002
2025-01-17T18:21:05+0500 [Router      18662] <crossbar.router.router.Router.attach> new session attached for realm="realm1", session=2593081184682840, authid="3e75de89-e5b4-4d1e-8988-adc3b802c548", authrole="backend", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:21:05+0500 [Router      18662] started component: backend.BackendSession id=2593081184682840
2025-01-17T18:21:05+0500 [Router      18662] Backend session joined: {'authextra': None,
2025-01-17T18:21:05+0500 [Router      18662]  'authid': '3e75de89-e5b4-4d1e-8988-adc3b802c548',
2025-01-17T18:21:05+0500 [Router      18662]  'authmethod': None,
2025-01-17T18:21:05+0500 [Router      18662]  'authprovider': None,
2025-01-17T18:21:05+0500 [Router      18662]  'authrole': 'backend',
2025-01-17T18:21:05+0500 [Router      18662]  'realm': 'realm1',
2025-01-17T18:21:05+0500 [Router      18662]  'resumable': False,
2025-01-17T18:21:05+0500 [Router      18662]  'resume_token': None,
2025-01-17T18:21:05+0500 [Router      18662]  'resumed': False,
2025-01-17T18:21:05+0500 [Router      18662]  'serializer': None,
2025-01-17T18:21:05+0500 [Router      18662]  'session': 2593081184682840,
2025-01-17T18:21:05+0500 [Router      18662]  'transport': {'channel_framing': 'native',
2025-01-17T18:21:05+0500 [Router      18662]                'channel_id': None,
2025-01-17T18:21:05+0500 [Router      18662]                'channel_serializer': 'null',
2025-01-17T18:21:05+0500 [Router      18662]                'channel_type': 'function',
2025-01-17T18:21:05+0500 [Router      18662]                'http_cbtid': None,
2025-01-17T18:21:05+0500 [Router      18662]                'http_headers_received': None,
2025-01-17T18:21:05+0500 [Router      18662]                'http_headers_sent': None,
2025-01-17T18:21:05+0500 [Router      18662]                'is_secure': None,
2025-01-17T18:21:05+0500 [Router      18662]                'is_server': None,
2025-01-17T18:21:05+0500 [Router      18662]                'own': None,
2025-01-17T18:21:05+0500 [Router      18662]                'own_fd': None,
2025-01-17T18:21:05+0500 [Router      18662]                'own_pid': None,
2025-01-17T18:21:05+0500 [Router      18662]                'own_tid': None,
2025-01-17T18:21:05+0500 [Router      18662]                'peer': None,
2025-01-17T18:21:05+0500 [Router      18662]                'peer_cert': None,
2025-01-17T18:21:05+0500 [Router      18662]                'websocket_extensions_in_use': None,
2025-01-17T18:21:05+0500 [Router      18662]                'websocket_protocol': None}}
2025-01-17T18:21:05+0500 [Router      18662] procedure add2() registered
2025-01-17T18:21:05+0500 [Router      18662] component ready: backend.BackendSession id=2593081184682840
2025-01-17T18:21:05+0500 [Controller  18655] Router test_router1: component 'component001' started
2025-01-17T18:21:05+0500 [Controller  18655] Order Router test_router1 to start Transport transport001
2025-01-17T18:21:05+0500 [Router      18662] Starting router transport "transport001" <crossbar.worker.router.RouterController.start_router_transport>
2025-01-17T18:21:05+0500 [Router      18662] Creating router transport for "transport001" ..
2025-01-17T18:21:05+0500 [Router      18662] Router transport created for "transport001" [transport_class=<crossbar.worker.transport.RouterWebTransport>]
2025-01-17T18:21:05+0500 [Router      18662] Created "path" Web service on root path "/" of Web transport "transport001"
2025-01-17T18:21:05+0500 [Router      18662] Site starting on 8085
2025-01-17T18:21:05+0500 [Router      18662] Router TCP/8085 transport started as transport "transport001" and listening on TCP port 8085
2025-01-17T18:21:05+0500 [Controller  18655] Ok, Router test_router1 has started Transport transport001
2025-01-17T18:21:05+0500 [Controller  18655] Order Transport transport001 to start Web Service webservice001
2025-01-17T18:21:05+0500 [Router      18662] Starting "websocket" Web service on path "ws" of transport "transport001" <crossbar.worker.transport.TransportController.start_web_transport_service>
2025-01-17T18:21:05+0500 [Controller  18655] Ok, Transport transport001 has started Web Service webservice001
2025-01-17T18:21:05+0500 [Controller  18655] Ok, worker "Router test_router1" configured and ready!
2025-01-17T18:21:05+0500 [Controller  18655] Ok, local node configuration ran successfully.
2025-01-17T18:21:05+0500 [Controller  18655] <crossbar.node.node.Node.boot>::NODE_BOOT_COMPLETE[node_id="officepc-18655"]
2025-01-17T18:23:01+0500 [Router      18662] <crossbar.router.protocol.WampWebSocketServerProtocol.onConnect> cookie tracking disabled on WebSocket connection
2025-01-17T18:23:01+0500 [Router      18662] <crossbar.router.auth.wampcra.PendingAuthWampCra.authenticate>: WAMP-CRA client signature is invalid (expected BLey1h33sVGix997dldNrF3odsHArr6ck/H0GCMXoxk= but got zpZVlSllTTLEwVGXqq0biqylN5jVsdwgvEw2K9T4zro=)

I have written a failing CICD test #2122 to support the claim.

To fix this, we need to derive key from salt if given.
There's a PR #2121 to fix this issue.

Here are the router logs of the PR #2121:

(.venv) maddy@office-pc:~/scm/crossbar-examples/authentication/wampcra/static$ crossbar start

2025-01-17T18:28:51+0500 [Controller  19418] 
2025-01-17T18:28:51+0500 [Controller  19418]     :::::::::::::::::
2025-01-17T18:28:51+0500 [Controller  19418]           :::::          _____                 __              _
2025-01-17T18:28:51+0500 [Controller  19418]     :::::   :   :::::   / ___/______  ___ ___ / /  ___ _____  (_)__
2025-01-17T18:28:51+0500 [Controller  19418]     :::::::   :::::::  / /__/ __/ _ \(_-<(_-</ _ \/ _ `/ __/ / / _ \
2025-01-17T18:28:51+0500 [Controller  19418]     :::::   :   :::::  \___/_/  \___/___/___/_.__/\_,_/_/ (_)_/\___/
2025-01-17T18:28:51+0500 [Controller  19418]           :::::
2025-01-17T18:28:51+0500 [Controller  19418]     :::::::::::::::::   Crossbar.io v23.1.2 [19000101-0000000]
2025-01-17T18:28:51+0500 [Controller  19418] 
2025-01-17T18:28:51+0500 [Controller  19418]     Copyright (c) 2013-2025 Crossbar.io Technologies GmbH. Licensed under EUPLv1.2.
2025-01-17T18:28:51+0500 [Controller  19418] 
2025-01-17T18:28:51+0500 [Controller  19418] Booting standalone node .. <crossbar.node.main._run_command_start>
2025-01-17T18:28:51+0500 [Controller  19418] Node configuration loaded [config_source=localfile, config_path=/home/maddy/scm/crossbar-examples/authentication/wampcra/static/.crossbar/config.json]
2025-01-17T18:28:51+0500 [Controller  19418] Node key files exist and are valid. Node public key is 0xf9556d73f924e9bd86a27adadea7c16e3aac3003d43dbee07366e70ef27477a7
2025-01-17T18:28:51+0500 [Controller  19418] Node key loaded from /home/maddy/scm/crossbar-examples/authentication/wampcra/static/.crossbar/key.priv
2025-01-17T18:28:51+0500 [Controller  19418] Entering event reactor ...
2025-01-17T18:28:51+0500 [Controller  19418] Starting node .. [<crossbar.node.node.Node.start>]
2025-01-17T18:28:51+0500 [Controller  19418] Node ID officepc-19418 set from hostname/pid
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.router.router.RouterFactory.start_realm>: realm=<crossbar.worker.types.RouterRealm object at 0x798330559550> with URI "crossbar"
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.router.router.RouterFactory.add_role>: realm="crossbar", config=
{'name': 'controller',
 'permissions': [{'allow': {'call': True,
                            'publish': True,
                            'register': True,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'prefix',
                  'uri': 'crossbar.'}]}
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.node.node.Node._add_global_roles> node-wide role "controller" added on node management router realm "crossbar"
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.router.router.Router.attach> new session attached for realm="crossbar", session=4104630754946720, authid="serviceagent", authrole="trusted", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.router.service.RouterServiceAgent.onJoin>: realm service session attached to realm "crossbar" [session_id=4104630754946720, authid="serviceagent", authrole="trusted", on_ready=None]
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.node.node.Node.start> router service agent session attached [<crossbar.router.service.RouterServiceAgent>]
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.router.router.Router.attach> new session attached for realm="crossbar", session=5533550115145443, authid="nodecontroller", authrole="controller", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.node.controller.NodeController.onJoin>: joined realm="crossbar" on local node management router [authid="nodecontroller", authrole="controller"]
2025-01-17T18:28:51+0500 [Controller  19418] Native worker ready! (worker=NodeController, node_id="officepc-19418", worker_id="controller") [<crossbar.node.controller.NodeController.onJoin>]
2025-01-17T18:28:51+0500 [Controller  19418] Signal handler installed on process 19418 thread 133604764008576
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.node.node.Node.start> node controller session attached [<crossbar.node.controller.NodeController>]
2025-01-17T18:28:51+0500 [Controller  19418] Using default node shutdown triggers ['shutdown_on_worker_exit']
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.node.node.Node.boot>::NODE_BOOT_BEGIN[node_id="officepc-19418"]
2025-01-17T18:28:51+0500 [Controller  19418] Booting node <crossbar.node.node.Node.boot>
2025-01-17T18:28:51+0500 [Controller  19418] Booting node from local configuration [parallel_worker_start=False] .. <crossbar.node.node.Node.boot_from_config>
2025-01-17T18:28:51+0500 [Controller  19418] Will start 1 worker ..
2025-01-17T18:28:51+0500 [Controller  19418] Order node to start "Router test_router1" ..
2025-01-17T18:28:51+0500 [Controller  19418] Starting router-worker "test_router1" .. <crossbar.node.controller.NodeController.start_worker>
2025-01-17T18:28:51+0500 [Controller  19418] <crossbar.router.router.RouterFactory.add_role>: realm="crossbar", config=
{'name': 'crossbar.worker.test_router1',
 'permissions': [{'allow': {'call': True,
                            'publish': True,
                            'register': True,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'prefix',
                  'uri': 'crossbar.worker.test_router1'},
                 {'allow': {'call': True,
                            'publish': False,
                            'register': False,
                            'subscribe': False},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'exact',
                  'uri': 'crossbar.get_status'},
                 {'allow': {'call': True,
                            'publish': False,
                            'register': False,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': True, 'publisher': True},
                  'match': 'prefix',
                  'uri': 'crossbar.'}]}
2025-01-17T18:28:51+0500 [Controller  19418] worker-specific role "crossbar.worker.test_router1" added on node management router realm "crossbar" <crossbar.node.node.Node._add_worker_role>

2025-01-17T18:28:53+0500 [Router      19425] Starting router-worker "test_router1" on node "officepc-19418" (personality "standalone") and local node management realm "crossbar" .. <crossbar.worker.router.RouterController>
2025-01-17T18:28:53+0500 [Router      19425] Running as PID 19425 on CPython-EPollReactor
2025-01-17T18:28:53+0500 [Router      19425] Entering event reactor ...
2025-01-17T18:28:53+0500 [Controller  19418] <crossbar.router.router.Router.has_role>: uri="crossbar.worker.test_router1", exists=True
2025-01-17T18:28:53+0500 [Controller  19418] <crossbar.router.router.Router.attach> new session attached for realm="crossbar", session=6484868134894738, authid="crossbar.process.19425", authrole="crossbar.worker.test_router1", authmethod="trusted", authprovider="programcode", authextra=
{'x_cb_node': 'officepc-19418',
 'x_cb_peer': 'process:19425',
 'x_cb_pid': 19418,
 'x_cb_worker': None}
2025-01-17T18:28:53+0500 [Router      19425] Router worker session for "test_router1" joined realm "crossbar" on node router <crossbar.worker.router.RouterController.onJoin>
2025-01-17T18:28:53+0500 [Router      19425] Native worker ready! (worker=RouterController, node_id="officepc-19418", worker_id="test_router1") [<crossbar.worker.router.RouterController.onJoin>]
2025-01-17T18:28:53+0500 [Controller  19418] <crossbar.node.controller.NodeController.get_public_key>: return node public key for realm="crossbar", session=6484868134894738, authid="crossbar.process.19425", authrole="crossbar.worker.test_router1"
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.worker.router.RouterController.onJoin> worker loaded node key f9556d73f924e9bd86a27adadea7c16e3aac3003d43dbee07366e70ef27477a7
2025-01-17T18:28:53+0500 [Router      19425] Router worker session for "test_router1" ready
2025-01-17T18:28:53+0500 [Controller  19418] Ok, node has started Router test_router1
2025-01-17T18:28:53+0500 [Controller  19418] Configuring Router test_router1 ..
2025-01-17T18:28:53+0500 [Controller  19418] Order Router test_router1 to start Realm realm001
2025-01-17T18:28:53+0500 [Router      19425] Starting router realm realm001 <crossbar.worker.router.RouterController.start_router_realm>
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.worker.router.RouterController.start_router_realm> starting STANDALONE-realm with WAMP realm name "realm1" using router local realm_id realm001
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.router.router.RouterFactory.start_realm>: realm=<crossbar.worker.types.RouterRealm object at 0x7a780f7ad340> with URI "realm1"
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.router.router.Router.attach> new session attached for realm="realm1", session=4701401438986728, authid="routerworker-test_router1-realm-realm001-serviceagent", authrole="trusted", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.router.service.RouterServiceAgent.onJoin>: realm service session attached to realm "realm1" [session_id=4701401438986728, authid="routerworker-test_router1-realm-realm001-serviceagent", authrole="trusted", on_ready=<Deferred at 0x7a780f4845f0>]
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.worker.router.RouterController.set_service_session>(session=<crossbar.router.service.RouterServiceAgent object at 0x7a780f4859a0>, realm="realm1", authrole="trusted")
2025-01-17T18:28:53+0500 [Router      19425] RouterServiceAgent started on realm="realm1" with authrole="trusted", authid="routerworker-test_router1-realm-realm001-serviceagent"
2025-01-17T18:28:53+0500 [Router      19425] Realm "realm001" (category="standalone", name="realm1", authrole="trusted", authid="routerworker-test_router1-realm-realm001-serviceagent") started
2025-01-17T18:28:53+0500 [Controller  19418] Ok, Router test_router1 has started Realm realm001
2025-01-17T18:28:53+0500 [Controller  19418] Order Realm realm001 to start Role role001
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.router.router.RouterFactory.add_role>: realm="realm1", config=
{'id': 'role001',
 'name': 'backend',
 'permissions': [{'allow': {'call': True,
                            'publish': True,
                            'register': True,
                            'subscribe': True},
                  'cache': True,
                  'disclose': {'caller': False, 'publisher': False},
                  'match': 'prefix',
                  'uri': ''}]}
2025-01-17T18:28:53+0500 [Controller  19418] Ok, Realm realm001 has started Role role001
2025-01-17T18:28:53+0500 [Controller  19418] Order Realm realm001 to start Role role002
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.router.router.RouterFactory.add_role>: realm="realm1", config=
{'id': 'role002',
 'name': 'frontend',
 'permissions': [{'allow': {'call': True,
                            'publish': False,
                            'register': False,
                            'subscribe': False},
                  'cache': True,
                  'disclose': {'caller': False, 'publisher': False},
                  'match': 'exact',
                  'uri': 'com.example.add2'}]}
2025-01-17T18:28:53+0500 [Controller  19418] Ok, Realm realm001 has started Role role002
2025-01-17T18:28:53+0500 [Router      19425] <crossbar.router.router.Router.attach> new session attached for realm="realm1", session=7527641630537460, authid="31f33c76-d30b-48a0-b8d4-0bc778b45c16", authrole="backend", authmethod="None", authprovider="None", authextra=
None
2025-01-17T18:28:53+0500 [Router      19425] started component: backend.BackendSession id=7527641630537460
2025-01-17T18:28:53+0500 [Router      19425] Backend session joined: {'authextra': None,
2025-01-17T18:28:53+0500 [Router      19425]  'authid': '31f33c76-d30b-48a0-b8d4-0bc778b45c16',
2025-01-17T18:28:53+0500 [Router      19425]  'authmethod': None,
2025-01-17T18:28:53+0500 [Router      19425]  'authprovider': None,
2025-01-17T18:28:53+0500 [Router      19425]  'authrole': 'backend',
2025-01-17T18:28:53+0500 [Router      19425]  'realm': 'realm1',
2025-01-17T18:28:53+0500 [Router      19425]  'resumable': False,
2025-01-17T18:28:53+0500 [Router      19425]  'resume_token': None,
2025-01-17T18:28:53+0500 [Router      19425]  'resumed': False,
2025-01-17T18:28:53+0500 [Router      19425]  'serializer': None,
2025-01-17T18:28:53+0500 [Router      19425]  'session': 7527641630537460,
2025-01-17T18:28:53+0500 [Router      19425]  'transport': {'channel_framing': 'native',
2025-01-17T18:28:53+0500 [Router      19425]                'channel_id': None,
2025-01-17T18:28:53+0500 [Router      19425]                'channel_serializer': 'null',
2025-01-17T18:28:53+0500 [Router      19425]                'channel_type': 'function',
2025-01-17T18:28:53+0500 [Router      19425]                'http_cbtid': None,
2025-01-17T18:28:53+0500 [Router      19425]                'http_headers_received': None,
2025-01-17T18:28:53+0500 [Router      19425]                'http_headers_sent': None,
2025-01-17T18:28:53+0500 [Router      19425]                'is_secure': None,
2025-01-17T18:28:53+0500 [Router      19425]                'is_server': None,
2025-01-17T18:28:53+0500 [Router      19425]                'own': None,
2025-01-17T18:28:53+0500 [Router      19425]                'own_fd': None,
2025-01-17T18:28:53+0500 [Router      19425]                'own_pid': None,
2025-01-17T18:28:53+0500 [Router      19425]                'own_tid': None,
2025-01-17T18:28:53+0500 [Router      19425]                'peer': None,
2025-01-17T18:28:53+0500 [Router      19425]                'peer_cert': None,
2025-01-17T18:28:53+0500 [Router      19425]                'websocket_extensions_in_use': None,
2025-01-17T18:28:53+0500 [Router      19425]                'websocket_protocol': None}}
2025-01-17T18:28:53+0500 [Router      19425] procedure add2() registered
2025-01-17T18:28:53+0500 [Router      19425] component ready: backend.BackendSession id=7527641630537460
2025-01-17T18:28:53+0500 [Controller  19418] Router test_router1: component 'component001' started
2025-01-17T18:28:53+0500 [Controller  19418] Order Router test_router1 to start Transport transport001
2025-01-17T18:28:53+0500 [Router      19425] Starting router transport "transport001" <crossbar.worker.router.RouterController.start_router_transport>
2025-01-17T18:28:53+0500 [Router      19425] Creating router transport for "transport001" ..
2025-01-17T18:28:53+0500 [Router      19425] Router transport created for "transport001" [transport_class=<crossbar.worker.transport.RouterWebTransport>]
2025-01-17T18:28:53+0500 [Router      19425] Created "path" Web service on root path "/" of Web transport "transport001"
2025-01-17T18:28:53+0500 [Router      19425] Site starting on 8085
2025-01-17T18:28:53+0500 [Router      19425] Router TCP/8085 transport started as transport "transport001" and listening on TCP port 8085
2025-01-17T18:28:53+0500 [Controller  19418] Ok, Router test_router1 has started Transport transport001
2025-01-17T18:28:53+0500 [Controller  19418] Order Transport transport001 to start Web Service webservice001
2025-01-17T18:28:53+0500 [Router      19425] Starting "websocket" Web service on path "ws" of transport "transport001" <crossbar.worker.transport.TransportController.start_web_transport_service>
2025-01-17T18:28:53+0500 [Controller  19418] Ok, Transport transport001 has started Web Service webservice001
2025-01-17T18:28:53+0500 [Controller  19418] Ok, worker "Router test_router1" configured and ready!
2025-01-17T18:28:53+0500 [Controller  19418] Ok, local node configuration ran successfully.
2025-01-17T18:28:53+0500 [Controller  19418] <crossbar.node.node.Node.boot>::NODE_BOOT_COMPLETE[node_id="officepc-19418"]
2025-01-17T18:29:01+0500 [Router      19425] <crossbar.router.protocol.WampWebSocketServerProtocol.onConnect> cookie tracking disabled on WebSocket connection
2025-01-17T18:29:01+0500 [Router      19425] <crossbar.router.router.Router.attach> new session attached for realm="realm1", session=2874212379323014, authid="client2", authrole="frontend", authmethod="wampcra", authprovider="static", authextra=
{'x_cb_node': 'officepc-19418',
 'x_cb_peer': 'tcp4:127.0.0.1:49664',
 'x_cb_pid': 19425,
 'x_cb_worker': 'test_router1'}
2025-01-17T18:29:02+0500 [Router      19425] add2() called with 2 and 3
2025-01-17T18:29:02+0500 [Router      19425] <crossbar.router.router.Router.detach> router session detached from realm "realm1" (session=2874212379323014, detached_session_ids=1, authid="client2", authrole="frontend", authmethod="wampcra", authprovider="static")

client.py file logs:

(.venv) maddy@office-pc:~/scm/crossbar-examples/authentication/wampcra/static$ python3 client.py client2
2025-01-17T18:29:01+0500 Client session connected. Starting WAMP-CRA authentication on realm 'realm1' as user 'client2' ..
2025-01-17T18:29:01+0500 WAMP-CRA challenge received: Challenge(method=wampcra, extra={'challenge': '{"authid": "client2", "authrole": "frontend", "authmethod": "wampcra", "authprovider": "static", "session": 2874212379323014, "nonce": "PMn5oRp5sDv/5N0WeqEzfam4T0tE0H7jhuQMmEycsO01JNx6ot11l+E3LaESbIoX", "timestamp": "2025-01-17T13:29:01.514Z"}', 'salt': 'salt123', 'iterations': 100, 'keylen': 16})
2025-01-17T18:29:01+0500 Client session joined: {'authextra': {'x_cb_node': 'officepc-19418',
2025-01-17T18:29:01+0500                'x_cb_peer': 'tcp4:127.0.0.1:49664',
2025-01-17T18:29:01+0500                'x_cb_pid': 19425,
2025-01-17T18:29:01+0500                'x_cb_worker': 'test_router1'},
2025-01-17T18:29:01+0500  'authid': 'client2',
2025-01-17T18:29:01+0500  'authmethod': 'wampcra',
2025-01-17T18:29:01+0500  'authprovider': 'static',
2025-01-17T18:29:01+0500  'authrole': 'frontend',
2025-01-17T18:29:01+0500  'realm': 'realm1',
2025-01-17T18:29:01+0500  'resumable': False,
2025-01-17T18:29:01+0500  'resume_token': None,
2025-01-17T18:29:01+0500  'resumed': False,
2025-01-17T18:29:01+0500  'serializer': 'json',
2025-01-17T18:29:01+0500  'session': 2874212379323014,
2025-01-17T18:29:01+0500  'transport': {'channel_framing': 'websocket',
2025-01-17T18:29:01+0500                'channel_id': {},
2025-01-17T18:29:01+0500                'channel_serializer': None,
2025-01-17T18:29:01+0500                'channel_type': 'tcp',
2025-01-17T18:29:01+0500                'http_cbtid': None,
2025-01-17T18:29:01+0500                'http_headers_received': None,
2025-01-17T18:29:01+0500                'http_headers_sent': None,
2025-01-17T18:29:01+0500                'is_secure': False,
2025-01-17T18:29:01+0500                'is_server': False,
2025-01-17T18:29:01+0500                'own': None,
2025-01-17T18:29:01+0500                'own_fd': -1,
2025-01-17T18:29:01+0500                'own_pid': 19433,
2025-01-17T18:29:01+0500                'own_tid': 19433,
2025-01-17T18:29:01+0500                'peer': 'tcp4:127.0.0.1:8085',
2025-01-17T18:29:01+0500                'peer_cert': None,
2025-01-17T18:29:01+0500                'websocket_extensions_in_use': None,
2025-01-17T18:29:01+0500                'websocket_protocol': None}}
2025-01-17T18:29:02+0500 call result: 5
2025-01-17T18:29:02+0500 Client session left: CloseDetails(reason=<wamp.close.normal>, message='None')
2025-01-17T18:29:02+0500 Client session disconnected.
2025-01-17T18:29:02+0500 Main loop terminated.
2025-01-17T18:29:02+0500 CloseDetails(reason=<wamp.close.normal>, message='None')

The text was updated successfully, but these errors were encountered:

Mahad-10 mentioned this issue Jan 17, 2025

WAMPCRA does not support salting #2120

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

WAMPCRA doesn't support salting #2123

WAMPCRA doesn't support salting #2123

Mahad-10 commented Jan 17, 2025 •

edited

Loading

WAMPCRA doesn't support salting #2123

WAMPCRA doesn't support salting #2123

Comments

Mahad-10 commented Jan 17, 2025 • edited Loading

Mahad-10 commented Jan 17, 2025 •

edited

Loading