I have an IRC client application and I am currently trying to integrate it with google maps.
I am fairly new to android and hence I would like to know how to get ip address of the users in an channel.
Note: I am aware about /whois command but I would like to get ip address of all users so that I can locate them on map.
Could you please help me in this regard.
You can use WHO if I recall correctly. This will give a list of all users (full host + nicks in the form of nick!user#host. Do note that most IRC servers honor the user's privacy and enforce a network-wide +i umode, which effectively hides the IP address from the host.
If you know your server is not like that, WHO is your way to go.
Edit:
This isn't an android problem at all, this is purely an IRC protocol problem. As a user, you may query the channel for the users inside of it, to get information on them. That command is calle WHO. You use it as follows:
WHO <#channel>
And it will give you a list of all the users in this channel in the following format:
352 <channel> <user> <host> <server> <nick> <H|G>[*][#|+] :<hopcount> <real name>
From which you can filter out <host> which will contain the IP address (if not hidden) of the user <nick>.
Many IRC servers cloak or mask the user's hostname to prevent hacking as per my comment above. If however you have the correct IRC operator access you can issue commands which will show the unmasked hostname for a user. For example "WHO *#cloaked.hostname h" where cloaked.hostname is the cloaked host:
https://wiki.inspircd.org/Commands#.2FWHO_.5B_.5Bsearch-pattern.5D_.5BohurmaiMplf.5D_.5D
Note that different irc server software has different ways of approaching this problem, if hosts are cloaked.
Hope this helps!
Related
I want to integrate National Identification Authority (NIDA) API for Tanzania in my Android application. In my application, user will enter their NIDA number and i want to retrieve user information according to NIDA number.
I have just one PDF file to guide me, it says that i need to have 3 to 4 certificates ie. Serve CA Certificate n etc. And after that 4 to 5 encryptions are needed to implement to request NIDA API. And no other information are given like what is the end point for the request?
As i couldn't find anything else on the internet related to NIDA API call, i couldn't even start the programming! So i have not done any coding yet, so not sharing any codes.
If anyone knows anything about the NIDA API call, please let me know.
NIDA does not have a developer portal or documentation online one has to contact them and ask for access. However I heard once in the news that "NIDA will start charging entities who are using its Data - Ref
https://www.thecitizen.co.tz/tanzania/news/nida-to-start-charging-entities-using-its-data-2712730"
But there is no official portal for accessing their API. The legal way to obtain access to their API is to visit their office for Technical Support.
That being said, a simple quick hack solution will be to use existing private sector that uses NIDA API to your advantage since it's REST Full API without verification token or access token
Here is an example :
Where NIN = National Id Number. Eg: 19760517372270000217
`curl -XPOST -H 'Content-Length: 0' -H "Content-type: application/json" 'https://ors.brela.go.tz/um/load/load_nida/{NIN}`
You should expect a json data object in return if the ID is valid or exist
so here's a quick explanation of my issue - my current setup is and IdentityServer4 implementation with ASP.NET Core Identity, an API resource protected by it and a Xamarin.Android application that is the client. My current issue is that the client(Android) cannot get anything from the API because of the following error(from the API logs):
"Bearer" was not authenticated. Failure message: "IDX10205: Issuer validation failed. Issuer: 'http://10.0.2.2:5000'. Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: 'http://127.0.0.1:5000'."
Basically, since I'm using the Android emulator, in order to call something that's on localhost on my machine, I need to use the 10.0.2.2 URL for it. Then the problem pops up - the Identity Server is fine with authenticating, I can login fine, I get an access token, but after that I need to call the API. And that's where the error happens - it's expecting an issuer that is with the same authority(127.0.0.1:5000) but receives the 10.0.2.2:5000, which is the authority for the Android client.
So, my question is - is there a way to somehow specify that 10.0.2.2 is also a valid issuer, or do I have to start thinking about deploying both the API and the Identity Server just so I can test the client. I'd really like it if there was a way to have the whole solution running on my local machine rather than having to deploy for every little thing I want to try out.
Any help will be appreciated very much.
First: Given the standard, you manage just one Issuer.
Are you managing your own Identity / Token generation? It sounds like this isn't the case.
You could customize your API for creating your tokens explicitly. Then, you can indicate a global Issuer (like your project url) so anyone can validate against the same.
var token = new JwtSecurityToken(
issuer: "http://my-perfect-proj.net",
claims: ...,
notBefore: DateTime.Now,
expires: DateTime.Now.AddHours(1),
signingCredentials: ...)
);
After your token is created and sent, validate your incoming request based on your tastes (checking time, user's data, issuer).
ASP.NET Core JWT Bearer Token Custom Validation
Creating RESTful API with Authentication
EDIT: Using Xamarin and Visual Studio on the same machine, didn't gave me this kind of problems but in that case, I was using Visual Studio Emulator. You could give it a try and avoid doing other types of workarounds.
So, I managed to work around the issue by simply running the Web part of it so it's visible on my local network. What I did in more detail - in the Program.cs where I create the host, I use the .UseUrls("http://*:5001") method, and then I run the app with dotnet run.
In this way your app is accessible in your local network via the IP address of your machine and the port you've specified. Also, in order for this to work, you'd have to define a new Outbound Rule in your Firewall to allow traffic through that port you're using. Hope this helps someone else as well, this turned out to be the easiest way to get what I need to work, and that's after fighting with IIS for a while trying to get it to work through there as well.
Short answer: In IIS, don't leave the site binding host name set as blank.
Longer explenation:
I received a similar error, but could see that for some reason it was trying to match the issuer domain name vs IP (the domain does point to the IP, but I guess it tries to validate the two strings). I could see this error after allowing logging : IdentityModelEventSource.ShowPII = true.
Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException:
IDX10205: Issuer validation failed. Issuer: 'http://ec2XXXXXom'. Did
not match: validationParameters.ValidIssuer: 'http://34.111.111.29' or
validationParameters.ValidIssuers: 'null'. at
Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String
issuer, SecurityToken securityToken, TokenValidationParameters
validationParameters)
In IIS I previously had the host name set as blank (I am using the server name as domain name) - and therefore it set the issuer using the IP of the server. When I specifically set the site domain name, it worked.
So this is a two part question:
Part a: I'm trying to implement a secure connection to the KMS. From the documentation, I've understood that KMS Configuration file would need to be updated with the SSL certificate and then the HTTPS connection from the client can be made. Please let me know if there are any other steps that are involved in achieving SSL security.
Part b: From a better understanding now and from comments from a previous question I posted, Kurento Utils does not connect to KMS directly (this was an fyi and a clarification I received and I wanted documented here just in case). Now I'm trying to use Kurento Client to connect to KMS and I'm trying to understand the role of ICE/TURN/STUN servers acting as negotiators in the middle. If I were to specify my own server URL, I'm assuming that I would not need to include "freeice" and "normalice" and instead specify my own server's URL. In the code snippet below taken from the tutorial on github, I'm assuming that I would need to replace the argument for ice_servers to point to the url where my server is running? Or since this is the client, do I really need an ICE server because as said from the first statement, the utils don't connect to the KMS but the client can, right? So if I were to specify the Kurento URL for "ws_uri" parameter, then I won't need to even use ICE servers...right? I don't really understand the concept of ICE/TURN servers very well in terms of how they integrate with Kurento and hence, I would like to understand in English as to what changes would I need to make in order to get this to work. I will bang my head to write the code myself! Thanks much in advance!
`
var args = getopts(location.search,
{
default:
{
ws_uri: 'ws://' + location.hostname + ':8888/kurento',
file_uri: 'file:///tmp/recorder_demo.webm', //file to be stored in media server
ice_servers: undefined
}
});`
Answer A
Only this and nothing more... at least for KMS. On the client side, you'll need to specify the WSS port and so on.
Answer B
Your client might need a STUN/TURN server, and that's independent of where KMS is located. STUN and TURN are used in the candidate harvest process, to discover the network topology of your peer. You have two peers: KMS and your Android app, and both need to have, in their SDPs and during the negotiation, a candidate that is reachable by them (app will connect with KMS and viceversa) If both peers are on the same network, you can go without using STUN/TURN. The moment you have a NAT in between, you need at least STUN for that peer to be able to harvest candidates that have the public IP on the other side of the NAT, which is not known by the peer unless STUN is used.
TURN is used as a relay server, and it is needed in a small set of cases. If you are almost certain you are going to use TURN, you need to have that in a machine different than KMS (it makes close to no sense to have both the relay server and the media server installed together)
So the answer is yes, you are most likely going to need STUN/TURN in your clients.
I'm debugging an API on my home development environment with the IP range 192.168.0.0-255.
I'm in Australia (relevant for reasons below), the API's written in PHP, and I'm running Apache.
My server IP = 192.168.0.20
My router is configured to forward HTTP requests to this IP.
My router's internal IP is 192.168.0.1 and external IP is, for this example, 123.123.123.123
For the following cases:
Laptop, all browsers, over wi-fi
Android tablet, all browsers, over wifi
Android phone, using Internet browser, over wifi
the server detects $_SERVER['REMOTE_ADDR'] = 123.123.123.123.
The latency is effectively zero and no caching occurs. So far, all as expected.
However, when I submit the same query from an Android mobile phone (assigned the IP of 192.168.0.10) in Chrome over the same wi-fi connection, the server detects:
$_SERVER['HTTP_X_FORWARDED_FOR']: 123.123.123.123
$_SERVER['HTTP_FORWARDED']: 123.123.123.123
$_SERVER['REMOTE_ADDR'] : 66.249.84.217`
The 'REMOTE_ADDR' also takes on the values 66.249.84.223 and 66.249.84.229
There is a delay of ~400ms and my API is being cached - hence not returning correct/latest values.
Relevant parts of HTTP header:
Forwarded: for=123.123.123.123
Scheme: http
Via: 1.1 Chrome-Compression-Proxy
I see 66.249.84.0-255 belongs to Google, and understand why compression may often be useful in mobile context. But in my case I'd rather avoid the extra latency of a round-world-trip.
When I run the same queries over HTTPS, no re-routing through Googles's servers occurs.
Is there any way to avoid Chrome mobile re-routing my packets?
Your request is, presumably, being routed through Google's Data Compression Proxy.
Since Google does not try to hijack your SSL certificates, no such rerouting is being done for SSL connections.
On the client side, a user can simply disable this in settings with Settings > Bandwidth Management > Reduce data usage.
On the server side, it's too late to "undo" the routing, though you can indicate with a Cache-Control: no-transform header that you don't want your response transcoded.
From the Google Developer Docs:
As a site owner, how do I opt-out from content optimization?
Data compression proxy respects the standard Cache-Control: no-transform directive. Site owners can mark individual resources with this directive and the proxy will pass them through directly to the mobile browser.
https://developer.chrome.com/multidevice/data-compression
Yes, same answer for me. I have a network camera in New Zealand I access from Canada. I noticed a bunch of suspicious access in the Access Log in the range 66-xx-xx-xx, and believing the camera had been hacked I immediately added an access denial for that range (at the time I knew the range was owned by google ... but as far as I was concerned at the time it could have been a cloud machine of unknown purpose.)
Then noticing I could no longer access the netcam on chrome on my mobile (but could on the default browser, and any windows browser) It became clear that there was some kind of proxy in the middle. Further research led me here.
Here's some more info -
https://developer.chrome.com/multidevice/data-compression
Turning off Reduce Data Usage in chrome settings immediately restored access to my netcam
I have to wonder what's in it for google ? what valuable info are the mining from my traffic as it passes through their proxy?
I am new to android and currently developing an android application, and I got to a point where I need to find the ISP name when the phone is connected to a wifi access point, there is no function in Android to do it (like the one to get the operator name, already implemented in Android).
Can anyone help me? Share his function or give me a solution on how to do it?
Thanks :)
PeeHaa is right there is no direct method of getting the isp..
Case A is you are directly on mobile network
Case b is you are on wifi
Case c is you are on ththering
In all cases you can use the util lib to get the IP
Utils.getIPAddress(true);
The submit it to a php script like this
<?php
$ip=$_SERVER['REMOTE_ADDR'];
$url=file_get_contents("http://whatismyipaddress.com/ip/$ip");
preg_match_all('/<th>(.*?)<\/th><td>(.*?)<\/td>/s',$url,$output,PREG_SET_ORDER);
$isp=$output[1][2];
$city=$output[9][2];
$state=$output[8][2];
$zipcode=$output[12][2];
$country=$output[7][2];
?>
YOu may use any isp db provide api you want this is just an example..The process will be to get the ip and then submit it to the php script via http and return all the above values..A long process but effective..It will however lag if you have too many request, depends on the api server...happy coding...