Hi,

I'm trying to implement a "click-to-call" functionality with IX Client SDK, with agents using AACC video channel. I'm using currently latest (4.9) JavaScript SDK because website integration is required. Also, guest access is what I need.

I read the other thread (https://www.devconnectprogram.com/forums/posts/list/23854.page), which has these steps:

1) First create an anonymous guest user , where the user is allowed to make a single call using a one-time authorization token retrieved from the AAWG token service. With this one time call creation, you can use where a user with a mobile/desktop client can initiate a call into the contact center.

2) The function you can leverage for this is initWithAuthozizationToken in the CallCreationInfo class.

3) This call object is then started, routed through the contact center and answered by a agent, where customer and agent have a one on one call.

I'm looking at the sample app, which does something similar (requesting and using token), however the comment in the JS code says it is a sample token service:

/**

 * This method retrieves once off token from the sample Token Generation Service

 * It can be invoked in one of the following two ways:

 *   1) During login - In this case the "contact" field of token request will be null and the generated token is valid to call any number.

 *   2) Per call basis - In this case, the "contact" field of token request should be polulated with the "Called Number".  

 * 

 * @param {Object} callSettings 

 * @returns {token}

 */

My question is, how can I achieve same functionality in real-life production usage? Is there a token service on AAWG which I can use, or do I need to implement one? AAWG Administration PDF is somewhat confusing, it describes full-blown OAuth authentication with Device Services (AADS) as token generator server, I'm not sure that this is what I need. Can you please advise?

Any advice please? Only this login/token service step is missing for me, I can't seem to be able to wrap my head around this one.

Hello MajGab8852,

I will try to find documentation about implementing a one time token generator from AAWG service and will get back to you.

Leandro.

Hi,

Any update on this please?

Hi,

I finally managed to get access to the Avaya Web Gateway installation at the customer location where my application will be running. It is version 3.8.1.0.153. I tried running the devclient sample application in a Chrome browser with following url:

https://AAWG_IP:8443/devclient/testapp/index.html?calledNumber=123&displayname=MG

I found out about this devclient in Oceana deployment guide, chapter "Configure the reference authorization service". I enabled the devclient and the token-generation-service by renaming them to .war extension. After that I can open the above URL. However, it displays an error message:

Type help for supported commands, or go to

https://x.x.x.x:8443/devclient/testapp/resources/TestToolCheatSheet.pdf

WebRTC Internals debugging:

chrome://webrtc-internals

Request a token

ERROR: Failed to request the token.please check the token generation service..  ()

csa>

When I enabled debug logs, I found this in CSA logs:

WARN 25 Nov 2020 19:11:16,976 http-apr-8451-exec-9 com.avaya.token - (TokenApplication.java:17) Token application starting

FINE   25 Nov 2020 19:11:16,976 http-apr-8451-exec-9 com.avaya.token - (TokenGenResource.java:61) Call to generate the encrypted token with data:use:csaGuest calledNumber:123 displayName:MG callingNumber:null Expiration:null

FINEST 25 Nov 2020 19:11:16,976 http-apr-8451-exec-9 com.avaya.token - (TokenGenResource.java:78) Path invoked to call CSA token:https://<AAWG_FQDN>:8443/csa/resources/tokens

FINEST 25 Nov 2020 19:11:16,976 http-apr-8451-exec-9 com.avaya.token - (TokenGenResource.java:80) Invoking the request

FINEST 25 Nov 2020 19:11:16,976 http-apr-8451-exec-9 com.avaya.token - (TokenGenResource.java:83) The status received after invoking the request401

ERROR  25 Nov 2020 19:11:16,976 http-apr-8451-exec-9 com.avaya.token - (TokenGenResource.java:90) Can't retrieve information from token Services:401

I tried to execute the same request manually using curl:

curl -k -vvv -H "Accept: application/vnd.avaya.csa.tokens.v1/json" -H "Content-Type: application/vnd.avaya.csa.tokens.v1/json" --data '{"use":"csaGuest","calledNumber:456","displayName":"MG","callingNumber":"","Expiration":""}' https://<AAWG_FQDN>:8443/csa/resources/tokens

* About to connect() to <AAWG_FQDN> port 8443 (#0)

*   Trying x.x.x.x...

* Connected to <AAWG_FQDN> (x.x.x.x) port 8443 (#0)

* Initializing NSS with certpath: sql:/etc/pki/nssdb

* skipping SSL peer certificate verification

* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

* Server certificate:

*       subject: C=US,O=Avaya,CN=<AAWG_FQDN>

*       start date: Sep 24 09:45:48 2020 GMT

*       expire date: Sep 24 09:45:48 2022 GMT

*       common name: <AAWG_FQDN>

*       issuer: O=AVAYA,OU=MGMT,CN=System Manager CA

> POST /csa/resources/tokens HTTP/1.1

> User-Agent: curl/7.29.0

> Host: <AAWG_FQDN>:8443

> Accept: application/vnd.avaya.csa.tokens.v1/json

> Content-Type: application/vnd.avaya.csa.tokens.v1/json

> Content-Length: 100

>

* upload completely sent off: 100 out of 100 bytes

< HTTP/1.1 401 Unauthorized

< Server: nginx

< Date: Wed, 25 Nov 2020 19:08:03 GMT

< Content-Type: text/html;charset=utf-8

< Content-Length: 1033

< Connection: keep-alive

< Set-Cookie: route=5caedf178fc386244c3c7ac70f5281c3f7394287; Path=/; sameSite=none; Secure; HttpOnly

< WWW-Authenticate: Basic realm="ApplicationRealm", ESGToken realm="ApplicationRealm", Bearer realm="ApplicationRealm", charset="UTF-8"

< Content-Language: en

< X-Served-By: <AAWG_FQDN>

< X-Content-Type-Options: nosniff

< X-XSS-Protection: 1

< X-Frame-Options: SAMEORIGIN

< Strict-Transport-Security: max-age=631138519

< P3P: CP="Not Supported"

< Pragma: no-cache

< Cache-Control: no-cache,no-store,must-revalidate,private

< X-Load-Balancer: <AAWG_FQDN>

< Access-Control-Allow-Credentials: true

< Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT

< Access-Control-Allow-Headers: Authorization, Accept, DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,X-Avaya-Requested-With,If-Modified-Since,Cache-Control,Content-Type

< Access-Control-Expose-Headers: Retry-After

<

<!doctype html><html lang="en"><head><title>HTTP Status 401 – Unauthorized</title><style type="text/css">H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}.line {height: 1px; background-color: #525D76; border: none;}</style></head><body><h1>HTTP Status 401 – Unauthorized</h1><hr class="line" /><p><b>Type</b> Status Report</p><p><b>Description</b> The request has not been applied because it lacks valid authentication credentials for the target resource.</p><hr class="line" /><h3>Apache Tomcat</h3></body></html>

* Connection #0 to host <AAWG_FQDN> left intact

So, indeed I am getting a HTTP 401 Unauthorized error. So is the sample application. Problem is, I am unable to find any more logs, based on the displayname parameter (I tried entering something more unique) I couldn't find any more logs to see the root cause.

My question is: is the mentioned token-generation-service.war the one I am supposed to use for production, or is it just a sample app? Also, what am I missing to get a proper response and not 401? Is it maybe configuration issue? I tied to set REST and OAMP certificate policies to NONE, OPTIONAL, OPTIONAL_NO_CA, I'm getting the same response in all cases.

Regards,
Gabor