Securing Pusher's messages - message

I am using Pusher Channels and delivering messages like in their tutorial:
https://pusher.com/docs/channels/getting_started/javascript
Client:
let pusher = new Pusher('APP_KEY', {
cluster: 'APP_CLUSTER'
});
let channel = pusher.subscribe('my-channel');
channel.bind('my-event', function(data) {
alert('An event was triggered with message: ' + data.message);
});
Server:
// First, run 'npm install pusher'
var Pusher = require('pusher');
var pusher = new Pusher({
appId: 'APP_ID',
key: 'APP_KEY',
secret: 'APP_SECRET',
cluster: 'APP_CLUSTER'
});
pusher.trigger('my-channel', 'my-event', {"message": "hello world"});
Is there a way to secure the connection via port 443 on the IIS?

To make sure Pusher Channels messages are sent from your server to Channels using HTTPS and then broadcast to Clients using WSS you need to the do the following:
For the nodejs library running on the server you need to set the option useTLS: true
var pusher = new Pusher({
appId: 'APP_ID',
key: 'APP_KEY',
secret: 'APP_SECRET',
cluster: 'APP_CLUSTER',
useTLS: true
});
https://github.com/pusher/pusher-http-node#configuration
For the pusher-js library running on the client you need to set the option forceTLS: true
let pusher = new Pusher('APP_KEY', {
cluster: 'APP_CLUSTER',
forceTLS: true
});
https://github.com/pusher/pusher-js#configuration
Finally to make sure that client connections are only accepted over a secure connection, you need to log into your Channels Dashboard account, find the app you need to secure, and click the App settings tab. Finally you need to tick the box "Force TLS" and click "Update" to apply settings. With this box ticked, client connections over port 80 will be rejected and the client will be forced to reconnect using a secure connection:

Related

Created a user pool client using Cognito Identity Provider Client SDK for JavaScript v3, but can't fetch token using (client_credentials) grant type

Created a user pool client using Cognito Identity Provider Client SDK for JavaScript v3
npm install #aws-sdk/client-cognito-identity-provider.
The following code shows how I created the resources server and the user pool client, using the mentionedšŸ‘† SDK...
let poolName = 'UserPool';
const client =new CognitoIdentityProviderClient({
region: process.env.COGNITO_AWS_REGION
});
// create resource server
const createResourceServerCommand = new CreateResourceServerCommand({
Name: poolName,
UserPoolId: UserPool.Id,
Identifier: 'https://localhost:8080/api/v2',
Scopes: [
{
ScopeName: 'access',
ScopeDescription: 'General access to API'
}
]
});
const { ResourceServer } = await client.send(createResourceServerCommand);
// create the user pool client
const createUserPoolClientCommand = new CreateUserPoolClientCommand({
ClientName: 'Default',
UserPoolId: UserPool.Id,
ExplicitAuthFlows: ['USER_PASSWORD_AUTH'],
GenerateSecret: true,
AllowedOAuthFlows: ['client_credentials'],
SupportedIdentityProviders: ['COGNITO'],
AllowedOAuthScopes: [ 'https://localhost:8080/api/v2/access' ]
});
const { UserPoolClient } = await client.send(createUserPoolClientCommand);
...but, I can't fetch tokens using the grant type client_credentials. Therefore getting the following error.
{
"error": "invalid_grant"
}
However, if I use AWS console to navigate to the user pool > Client > Edit the hosted UI and click on the save button without making any changes...
... I am able to fetch a token using the client_credentials grant type.
Is there any setting that I might be missing in the above code that AWS console is setting? I need the following code to automate the creation of user pools.
When I switched to the old I noticed this notification
Apparently, Oauth flows are not enabled by default. Hence adding the following attribute to the CreateUserPoolClientCommandInput object AllowedOAuthFlowsUserPoolClient: true enables it. Hope this helps some newbie like me out there.

Unable to send data to ThingsBoard gateway through MQTT

I have installed ThingsBoard server on one PC (UBUNTU16.04) and ThingsBoard Gateway on another PC(UBUNTU18.04) ,In order to send data to ThingsBoard Gateway I installed Mosquitto MQTT broker on another PC.I followed configuration guides to connect broker to Gateway as well as server (using access token and host ip).
I connected temperature sensor to ESP32. While I am trying to send the data to gateway through MQTT the data is not getting to the gateway.The topic I used here is "v1/gateway/telemetry" in order to publish the data.
Can we use Gateway Device ID to send data?
How can I send data either by using topic or by using device id or by using device access token?(from device)
All the PC 's are connected to the same network(Private network).
I am facing this issue can Someone please sort it out...
You need to create a Proxy Layer Between MQTT Broker and your server.
var mqtt = require('mqtt'), url = require('url');
var client = mqtt.connect('mqtt://localhost:1883',
{
username: '<username>',
password: '<password>'
});
console.log("Connected to MQTT Broker:- localhostā€ + client.toString());
var awsIot = require('aws-iot-device-sdk');
var device = awsIot.device({
keyPath: Certificate key file path,
certPath: Certificate file path,
caPath: Certificate root file path,
clientId: AWS Thing Name,
region: AWS IoT Broker region,
});
device.on('connect', function ()
{
console.log("Connected to AWS IoT Broker:- " + device.toString());
});
client.on('connect', function()
{
//subscribe to a topic (#)
client.subscribe('#', function ()
{
client.on('message', function (topic, message, packet) {
console.log("Received :-" + message + " on " + topic);
device.publish(topic, message);
console.log("Sent :-" + message + " on " + topic);
});
});
});
Something like this might help you.

Unable to connect to MQTT broker via ngx-mqtt in angular8

No matter what i do i can't connect to a mqtt broker via websocket in my angular application (trying in chrome and firefox).
For simplicity i'm using HiveMQ broker, i've published on the topic /gat/38/openReservationRequests some data
I've followed this medium article on how to connect to mqtt in angular using ngx-mqtt but for me it is not working.
In my app:
I've installed the module
npm install ngx-mqtt --save
i've added the configuration and set the module forRoot in my app.module.ts
...
export const MQTT_SERVICE_OPTIONS: IMqttServiceOptions = {
connectOnCreate: true,
hostname: 'broker.hivemq.com',
port: 8000,
path: '/gat/38/openReservationRequests',
protocol: 'ws',
};
...
imports: [
...
MqttModule.forRoot(MQTT_SERVICE_OPTIONS),
...
],
...
i'm executing this function inside the ngOnInit of app.component.ts
...
import { IMqttMessage, MqttConnectionState, MqttService } from 'ngx-mqtt';
...
constructor(private mqttService: MqttService) {
this.mqttService.state.subscribe((s: MqttConnectionState) => {
const status = s === MqttConnectionState.CONNECTED ? 'CONNECTED' : 'DISCONNECTED';
this.status.push(`Mqtt client connection status: ${status}`);
});
}
ngOnInit() {
this.subscription = this.mqttService
.observe('/gat/38/openReservationRequests')
.subscribe((message: IMqttMessage) => {
this.msg = message;
console.log('msg: ', message);
console.log('Message: ' + message.payload.toString() + 'for topic: ' + message.topic);
console.log('subscribed to topic: ' + /gat/38/openReservationRequests);
});
}
but i am always getting this error:
core.js:6014 ERROR TypeError: Cannot read property 'resubscribe' of undefined
at MqttClient.subscribe (mqtt.min.js:1)
at mqtt.service.js:211
at Observable._subscribe (using.js:8)
at Observable._trySubscribe (Observable.js:42)
at Observable.subscribe (Observable.js:28)
at FilterOperator.call (filter.js:13)
at Observable.subscribe (Observable.js:23)
at Observable.connect (ConnectableObservable.js:30)
at RefCountOperator.call (refCount.js:17)
at Observable.subscribe (Observable.js:23)
mqtt.min.js:1 WebSocket connection to 'ws://broker.hivemq.com:8000/gat/38/openReservationRequests' failed: Connection closed before receiving a handshake response
if i specify the clientId inside the MQTT_SERVICE_OPTIONS i still get the same error.
if i change the protocol to wss i get a different error:
core.js:6014 ERROR TypeError: Cannot read property 'resubscribe' of undefined
at MqttClient.subscribe (mqtt.min.js:1)
at mqtt.service.js:211
at Observable._subscribe (using.js:8)
at Observable._trySubscribe (Observable.js:42)
at Observable.subscribe (Observable.js:28)
at FilterOperator.call (filter.js:13)
at Observable.subscribe (Observable.js:23)
at Observable.connect (ConnectableObservable.js:30)
at RefCountOperator.call (refCount.js:17)
at Observable.subscribe (Observable.js:23)
mqtt.min.js:1 WebSocket connection to 'wss://broker.hivemq.com:8000/gat/38/openReservationRequests' failed: Error in connection establishment: net::ERR_CONNECTION_CLOSED
If i try to connect manually inside my app.component.ts ngOnInit before observing the topic:
this.mqttService.connect({
hostname: 'broker.hivemq.com',
port: 8000,
path: '/gat/38/openReservationRequests',
clientId: '34er23qwrfq42w3' //those are just random digits
});
i still get the error above.
For me it would be ideal to connect in some inner component (accessible after the user is authenticated) because i will have my private mqtt broker and the topic will depend on the logged user information.
I've tried any combination of protocol with/without cliendId etc but at this point i don't know what is wrong. I've already fully recompiled my app lots of times, i've tried publishing it on my test-server which has a ssl certificate but nothing changed.
Resolved thanks to #Anant Lalchandani i set the correct path.
The other problem was that '/mytopic' and 'mytopic' are indeed two different topic and i was using it wrong too.
This is my code, updated:
app.module.ts
export const MQTT_SERVICE_OPTIONS: IMqttServiceOptions = {
connectOnCreate: false,
hostname: 'broker.hivemq.com',
port: 8000,
path: '/mqtt'
};
appcomponent.ts (inside ngOnInit for now)
this.mqttService.connect({
hostname: 'broker.hivemq.com',
port: 8000,
path: '/mqtt',
clientId: '1234e3qer23rf'
});
this.mqttService.onConnect
.subscribe(
connack=> {
console.log('CONNECTED');
console.log(connack);
}
);
this.mqttService.observe('gat/38/openReservationRequests')
.subscribe((message: IMqttMessage) => {
this.msg = message;
console.log(new TextDecoder('utf-8').decode(message.payload));
});
I have checked the code snippets you shared in question.
In your app.module.ts, the path value should be '/mqtt'. You have set the topic as the value of path here. The topic can only be subscribed/published. As you are using a topic as a path value at the time of connecting to a websocket, your application will not be able to connect to websocket at the first place.
The reason why we need to use /mqtt as a path is it specifies you are sending MQTT messages over the WebSocket protocol.
The documentation of HiveMQ itself stated to use the path as '/mqtt' in its example. You can check the documentation here.

Not connecting user using MQTTjs on cloudmqtt

I am having this code in my file (belong to react)
const client = mqtt.connect({
host: 'mqtt://m16.cloudmqtt.com',
port: 1883,
username: 'b*******k',
password: 'gU******S',
});
client.on('connect', () => {
console.log('hello');
client.subscribe('v');
client.publish('v', 'chal pa');
});
client.on('message', (topic, message) => {
if (topic === 'v') {
console.log('here my topic is v');
// var connected = (message.toString() === 'true');
}
console.log('recived message from mqtt');
console.log(message);
});
client.on('error', er => {
console.log(er);
});
I am expecting to connect to mqtt broker and receive some message.
But nothing happened. When i check log file in cloudmqtt.com
I am stuck here can anybody help. Link to any blog/video that will help will be highly appreciated.
I am using mqttjs
You have explicitly told the MQTTjs library to use native MQTT rather than MQTT over Websockets by using mqtt:// on the start of the URI.
If you want to use MQTT over websockets the URI should start with ws://
Secondly you are using port 1883, this is normally used for native MQTT not MQTT over websockets. The cloudmqtt docs suggest you should be using a port number that starts with a 3 to access the websockets listener.

APNS (Apple Push Notification Service) with Node JS

I am looking to create APNS (Apple Push Notification Service), where the server will be sending notifications to the iOS devices.
I am able to make the push notifications work via PHP using the SAME device token and the SAME certificate, however, I would like to send notifications via Node JS instead of PHP.
I have the following valid files/certificates to help me get started:
cert.pem
key.pem
aps_development.cer
cert.p12
key.p12,
ck.pem
I've been looking through several resources/links such as:
https://github.com/argon/node-apn
How to implement APNS notifications through nodejs?
After doing so, I was able to come up with the following sample code, where PASSWORD stands for the password of the key.pem and TOKEN stands for my device's token:
var apn = require("apn");
var path = require('path');
try {
var options = {
cert: path.join(__dirname, 'cert.pem'), // Certificate file path
key: path.join(__dirname, 'key.pem'), // Key file path
passphrase: '<PASSWORD>', // A passphrase for the Key file
ca: path.join(__dirname, 'aps_development.cer'),// String or Buffer of CA data to use for the TLS connection
production:false,
gateway: 'gateway.sandbox.push.apple.com', // gateway address
port: 2195, // gateway port
enhanced: true // enable enhanced format
};
var apnConnection = new apn.Connection(options);
var myDevice = new apn.Device("<TOKEN>");
var note = new apn.Notification();
note.expiry = Math.floor(Date.now() / 1000) + 3600; // Expires 1 hour from now.
note.badge = 3;
note.sound = "ping.aiff";
note.alert = "You have a new message";
note.payload = {'msgFrom': 'Alex'};
note.device = myDevice;
apnConnection.pushNotification(note);
process.stdout.write("******* EXECUTED WITHOUT ERRORS************ :");
} catch (ex) {
process.stdout.write("ERROR :"+ex);
}
I get no errors when executing this code, but The problem is that no notification is received on my iOS device. I have also tried setting the ca:null & debug:true (in options var). But same thing happens.
Again, when I use the ck.pem & device token that I have and use it with PHP, it works, but i'm not able to make it work in Node JS. PLEASE HELP!!
Thank you so much!
You are probably running into the asynchronous nature of NodeJS itself. I use the same node-apn module with great success. But you don't just call it directly like you're used to in PHP - that's a synchronous model that doesn't map from PHP->Node. Your process is exiting before anything can actually happen - the apnConnection.pushNotification(note); is an asynchronous call that just barely gets started before your script returns/exits.
As noted in the node-apn docs you probably want to "listen for" additional events on apnConnection. Here's an excerpt of code that I use to log out various events that are occurring on the connection after it's created:
// We were unable to initialize the APN layer - most likely a cert issue.
connection.on('error', function(error) {
console.error('APNS: Initialization error', error);
});
// A submission action has completed. This just means the message was submitted, not actually delivered.
connection.on('completed', function(a) {
console.log('APNS: Completed sending', a);
});
// A message has been transmitted.
connection.on('transmitted', function(notification, device) {
console.log('APNS: Successfully transmitted message');
});
// There was a problem sending a message.
connection.on('transmissionError', function(errorCode, notification, device) {
var deviceToken = device.toString('hex').toUpperCase();
if (errorCode === 8) {
console.log('APNS: Transmission error -- invalid token', errorCode, deviceToken);
// Do something with deviceToken here - delete it from the database?
} else {
console.error('APNS: Transmission error', errorCode, deviceToken);
}
});
connection.on('connected', function() {
console.log('APNS: Connected');
});
connection.on('timeout', function() {
console.error('APNS: Connection timeout');
});
connection.on('disconnected', function() {
console.error('APNS: Lost connection');
});
connection.on('socketError', console.log);
Equally important, you need to make sure your script STAYS RUNNING while the async requests are being processed. Most of the time, as you build a bigger and bigger service, you're going to end up with some kind of event loop that does this, and frameworks like ActionHero, ExpressJS, Sails, etc. will do this for you.
In the meantime, you can confirm it with this super-crude loop, which just forces the process to stay running until you hit CTRL+C:
setInterval(function() {
console.log('Waiting for events...');
}, 5000);
I will explain it with simple code
First install apn module using this command npm install apn .
Require that module in code
var apn = require('apn');
let service = new apn.Provider({
cert: "apns.pem",
key: "p12Cert.pem",
passphrase:"123456",
production: true //use this when you are using your application in production.For development it doesn't need
});
Here is the main heart of notification
let note = new apn.Notification({
payload:{
"staffid":admins[j]._id,
"schoolid":admins[j].schoolid,
"prgmid":resultt.programid
},
category:"Billing",
alert:"Fee payment is pending for your approval",
sound:"ping.aiff",
topic:"com.xxx.yyy",//this is the bundle name of your application.This key is needed for production
contentAvailable: 1//this key is also needed for production
});
console.log(`Sending: ${note.compile()} to ${ios}`);
services.send(note, ios).then( result => {//ios key is holding array of device ID's to which notification has to be sent
console.log("sent:", result.sent.length);
console.log("failed:", result.failed.length);
console.log(result.failed);
});
services.shutdown();
In Payload you can send data with custom keys.I hope it helps

Resources