SummerGao Books

# 测试ejabberd服务器Rest API

# 1.修改配置文件

vim /usr/local/etc/ejabberd/ejabberd.yml
1

# 2.在api_permissions:添加如下配置

  "API used from localhost allows all calls":
    who:
      ip: 127.0.0.1/8
    what:
      - "*"
      - "!stop"
      - "!start"
1
2
3
4
5
6
7

#

# 在listen:下添加如下配置

  -
    # Add by SummertGao start
    # Using a separate port for oauth and API to make it easy to protect it
    # differently than BOSH and Websocket HTTP interface.
    port: 5281
    # oauth and API only listen on localhost interface for security reason
    # You can set ip to "0.0.0.0" to open it widely, but be careful!
    ip: "127.0.0.1"
    module: ejabberd_http
    request_handlers:
      "/oauth": ejabberd_oauth
      "/api": mod_http_api
    # Add by SummertGao end.
1
2
3
4
5
6
7
8
9
10
11
12
13

# 3.重启使新配置生效

ejabberdctl restart
1

# 4.用Postman或Restlet Client测试api (opens new window)

# 测试消息收发

#

# 我的ejabberd.yml配置文件:

###
###              ejabberd configuration file
###
### The parameters used in this configuration file are explained at
###
###       https://docs.ejabberd.im/admin/configuration
###
### The configuration file is written in YAML.
### *******************************************************
### *******           !!! WARNING !!!               *******
### *******     YAML IS INDENTATION SENSITIVE       *******
### ******* MAKE SURE YOU INDENT SECTIONS CORRECTLY *******
### *******************************************************
### Refer to http://en.wikipedia.org/wiki/YAML for the brief description.
###

hosts:
  - localhost
  - example.com

loglevel: info

## If you already have certificates, list them here
# certfiles:
#  - /etc/letsencrypt/live/domain.tld/fullchain.pem
#  - /etc/letsencrypt/live/domain.tld/privkey.pem

listen:
  -
    port: 5222
    ip: "127.0.0.1"
    module: ejabberd_c2s
    max_stanza_size: 262144
    shaper: c2s_shaper
    access: c2s
    starttls_required: false
  -
    port: 5269
    ip: "::"
    module: ejabberd_s2s_in
    max_stanza_size: 524288
  -
    port: 5443
    ip: "0.0.0.0"
    module: ejabberd_http
    tls: true
    request_handlers:
      /admin: ejabberd_web_admin
      /api: mod_http_api
      /bosh: mod_bosh
      /captcha: ejabberd_captcha
      /upload: mod_http_upload
      /ws: ejabberd_http_ws
  -
    port: 5280
    ip: "127.0.0.1"
    module: ejabberd_http
    request_handlers:
      /admin: ejabberd_web_admin
      /.well-known/acme-challenge: ejabberd_acme
  -
    port: 1883
    ip: "::"
    module: mod_mqtt
    backlog: 1000
  -
    # Add by SummertGao start
    # Using a separate port for oauth and API to make it easy to protect it
    # differently than BOSH and Websocket HTTP interface.
    port: 5281
    # oauth and API only listen on localhost interface for security reason
    # You can set ip to "0.0.0.0" to open it widely, but be careful!
    ip: "127.0.0.1"
    module: ejabberd_http
    request_handlers:
      "/oauth": ejabberd_oauth
      "/api": mod_http_api
    # Add by SummertGao end.

s2s_use_starttls: optional

acl:
  local:
    user_regexp: ""
  loopback:
    ip:
      - 127.0.0.0/8
      - ::1/128
# Add by SummerGao start
  admin:
    user:
      - "admin": "localhost"
      - "summergao": "localhost"

access:
  configure:
    admin: allow
    summergao: allow
# Add by SummerGao end.



access_rules:
  local:
    allow: local
  c2s:
    deny: blocked
    allow: all
  announce:
    allow: admin
  configure:
    allow: admin
  muc_create:
    allow: local
  pubsub_createnode:
    allow: local
  trusted_network:
    allow: loopback

api_permissions:
  "console commands":
    from:
      - ejabberd_ctl
    who: all
    what: "*"
  "admin access":
    who:
      access:
        allow:
          acl: loopback
          acl: admin
      oauth:
        scope: "ejabberd:admin"
        access:
          allow:
            acl: loopback
            acl: admin
    what:
      - "*"
      - "!stop"
      - "!start"
  "public commands":
    who:
      ip: 127.0.0.1/8
    what:
      - status
      - connected_users_number
  "API used from localhost allows all calls":
    who:
      ip: 127.0.0.1/8
    what:
      - "*"
      - "!stop"
      - "!start"

# Add by SummerGao start
#commands_admin_access:
#   - allow:
#      - user: "admin@localhost"
#commands:
#  - add_commands: [user, admin, open]
# Tokens are valid for a year as default:
#oauth_expire: 31536000
#oauth_access: all
# Add by SummerGao end.

shaper:
  normal: 1000
  fast: 50000

shaper_rules:
  max_user_sessions: 10
  max_user_offline_messages:
    5000: admin
    100: all
  c2s_shaper:
    none: admin
    normal: all
  s2s_shaper: fast

modules:
  mod_adhoc: {}
  mod_admin_extra: {}
  mod_announce:
    access: announce
  mod_avatar: {}
  mod_blocking: {}
  mod_bosh: {}
  mod_caps: {}
  mod_carboncopy: {}
  mod_client_state: {}
  mod_configure: {}
  mod_disco: {}
  mod_fail2ban: {}
  mod_http_api: {}
  mod_http_upload:
    put_url: https://@HOST@:5443/upload
  mod_last: {}
  mod_mam:
    ## Mnesia is limited to 2GB, better to use an SQL backend
    ## For small servers SQLite is a good fit and is very easy
    ## to configure. Uncomment this when you have SQL configured:
    ## db_type: sql
    assume_mam_usage: true
    default: always
  mod_mqtt: {}
  mod_muc:
    access:
      - allow
    access_admin:
      - allow: admin
    access_create: muc_create
    access_persistent: muc_create
    access_mam:
      - allow
    default_room_options:
      mam: true
  mod_muc_admin: {}
  mod_offline:
    access_max_user_messages: max_user_offline_messages
  mod_ping: {}
  mod_privacy: {}
  mod_private: {}
  mod_proxy65:
    access: local
    max_connections: 5
  mod_pubsub:
    access_createnode: pubsub_createnode
    plugins:
      - flat
      - pep
    force_node_config:
      ## Avoid buggy clients to make their bookmarks public
      storage:bookmarks:
        access_model: whitelist
  mod_push: {}
  mod_push_keepalive: {}
  mod_register:
    ## Only accept registration requests from the "trusted"
    ## network (see access_rules section above).
    ## Think twice before enabling registration from any
    ## address. See the Jabber SPAM Manifesto for details:
    ## https://github.com/ge0rg/jabber-spam-fighting-manifesto
    ip_access: trusted_network
  mod_roster:
    versioning: true
  mod_s2s_dialback: {}
  mod_shared_roster: {}
  mod_stream_mgmt:
    resend_on_timeout: if_offline
  mod_vcard: {}
  mod_vcard_xupdate: {}
  mod_version:
    show_os: false


### Local Variables:
### mode: yaml
### End:
### vim: set filetype=yaml tabstop=8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261

# 参考:

https://docs.ejabberd.im/developer/ejabberd-api/simple-configuration/ (opens new window)

https://docs.ejabberd.im/developer/ejabberd-api/admin-api/#get-offline-count (opens new window)

Last Updated: 3/22/2021, 10:13:35 AM