Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to authenticate with Chrome sync XMPP servers?

I need to get the currently opened tabs of a Google Chrome user in my Java application (not on the same machine). Chrome sync is enabled so the current tabs are synced with Google servers.

According to the documentation of Chrome sync it is done via XMPP. So I guess it should be possible to connect to the Google XMPP server (xmpp.google.com), e.g. via Smack (Java library for XMPP), authenticate and listen for protobuf messages that indicate a tab session change. Of course the login credentials of the user or the "client_id" Chrome uses to identify clients are available.

But I'm having a hard time getting behind the authentication method that is used to connect to the XMPP server – I can't figure out how it's done in the Chromium source code and there's no documentation available besides the very low-level comments in the code. The libjingle library Google uses for it's XMPP based services is only available for C++ and not well maintained/documented.

So is there anyone who has done something like that before and who can give any advice/hints on how the authentication process works?

like image 816
florian h Avatar asked Jul 17 '12 14:07

florian h


1 Answers

I'm not sure chrome sync uses xmpp, at least on the level when it has to exchange info with client. It uses 'protocol buffers' Google technology. The protocol is given by using .proto protocol description files and you can convert it to your language's objects by using special compiler. The sync server seems to rest at https://clients4.google.com/chrome-sync and client sends POST requests with the binary body where typed ClientToServerMessage message is placed. Here's the output from when first connecting to sync server. The first output Python object is a pprint of 'environ' WSGI variable where HTTP headers are placed too. The second object (after '====' ) is actual protocol message.

{'CONTENT_LENGTH': '54',
 'CONTENT_TYPE': 'application/octet-stream',
 'GATEWAY_INTERFACE': 'CGI/1.1',
 'HTTP_ACCEPT_CHARSET': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3',
 'HTTP_ACCEPT_ENCODING': 'gzip,deflate,sdch',
 'HTTP_ACCEPT_LANGUAGE': 'en-US,en;q=0.8',
 'HTTP_AUTHORIZATION': 'GoogleLogin auth=MKhiqZsdz2RV4WrUJzPltxc2smTMcRnlfPALTOpf-Xdy9vsp6yUpS5cGuND0awqrYVUK4lhOJlh6OMsg093eBRghGGIgvWUTzU8PUvquy_c8Xn4sRiz_3tVJcke5eXi3q4qFDa6iVuEbT_0QhyPOjIQyeDOKRpZzMR3rpHsAs0ptFiTtUeTHsoIeUFT9nZPYzkET4-yHbDAp45_dxWdb-U6DPg24',
 'HTTP_CONNECTION': 'keep-alive',
 'HTTP_HOST': 'localhost:8080',
 'HTTP_USER_AGENT': 'Chrome MAC 0.4.21.6 (130497)-devel',
 'PATH_INFO': '/chrome-sync/dev/command/',
 'QUERY_STRING': 'client_id=SOME_SPECIAL_STRING',
 'REMOTE_ADDR': '127.0.0.1',
 'REMOTE_PORT': '59031',
 'REQUEST_METHOD': 'POST',
 'SCRIPT_NAME': '',
 'SERVER_NAME': 'vian-bizon.local',
 'SERVER_PORT': '8080',
 'SERVER_PROTOCOL': 'HTTP/1.0',
 'SERVER_SOFTWARE': 'gevent/1.0 Python/2.6',
 'wsgi.errors': <open file '<stderr>', mode 'w' at 0x100416140>,
 'wsgi.input': <gevent.pywsgi.Input object at 0x102a04250>,
 'wsgi.multiprocess': False,
 'wsgi.multithread': False,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'https',
 'wsgi.version': (1, 0)}
'==================================='
share: "[email protected]"
protocol_version: 30
message_contents: GET_UPDATES
get_updates {
  caller_info {
    source: NEW_CLIENT
    notifications_enabled: false
  }
  fetch_folders: true
  from_progress_marker {
    data_type_id: 47745
    token: ""
    notification_hint: ""
  }
}
debug_info {
  events {
    type: INITIALIZATION_COMPLETE
  }
  events_dropped: false
}

This happens for OAuth based authentication. You can see the OAuth token in HTTP_AUTHORIZATION field. The OAuth token is given to you when you interact with HTML dialog 'Google Account Login'. I'm not sure but seems like the API to get an access token for Google services is available publicly.

If you are looking for XMPP auth instead, please see the description of X-GOOGLE-TOKEN auth mechanism here: Authenticate to Google Talk (XMPP, Smack) using an authToken

For the X-OAUTH2 authorization, you can access the info here: https://developers.google.com/talk/jep_extensions/oauth

And a sample here: http://pits.googlecode.com/svn/trunk/xmpp.c

Note that you can add XMPP stream flow to the Chrome log files populated on each run of the browser - chrome_debug.log. To enable this, run Chrome with following options: --enable-logging --v=2

like image 164
vian Avatar answered Oct 24 '22 05:10

vian