VOIP Tech Chat → Upgrade Asterisk to an OAUTH2.0 connection with Google Voice

Ah, is this what you meant by "open source" on the GVsip home page? Cool.

Ryan:
Interesting but I am confused at the same time.
If I have an Asterisk server and want to use OAUTH2.0 to log into my GV account, by using you approach, will I connect to GV server directly or will through GVSip or will be directly once Done?
Will this work on Asterisk 11?
Thanks.

Thats a great question, with this method you connect directly to GV so the audio latency is a lot lower which means better quality phone calls. GVsip only acts as a interface to get and store your Google Oauth2.0 refresh tokens. I have only tested it with asterisk 12 so I am not sure about 11. Let me know if you try to get it working with 11 just make sure you backup your previous res_xmpp before trying.

O.K. Thanks. I will give it a try.

I have a couple of questions about this.

First, if we use your servers to obtain a token, do you store that token or is it available to you for future use? Or is it something that we alone see?

Second, I happened to look at your modified res_xmpp.c file and note that the first few lines read as follows:

/*
* Asterisk -- An open source telephony toolkit.
*
* Copyright (C) 2015, GVsip
*
* GVsip
* Visit »www.gvsip.org for more information.
*
* See »www.asterisk.org for more information about
* the Asterisk project. Please do not directly contact
* any of the maintainers of this project for assistance;
* the project provides a web site, mailing lists and IRC
* channels for your use.
*
* This program is free software, distributed under the terms of
* the GNU General Public License Version 2. See the LICENSE file
* at the top of the source tree.
*/

My question is, why did you attach your copyright notice? That pretty much absolutely guarantees that it will never be part of Asterisk or FreePBX, because they will only use open source stuff. And most Asterisk users (and FreePBX users in particular) do not compile their own software, they simply use whatever comes in their distribution of choice, which means they won't be able to use your module. EDIT: I should have read a bit further, I didn't notice the reference to "GNU General Public License Version 2" - sorry about that! I have added the additional lines to the above quote.

I might suggest that you find out what Digium requires in order to contribute a patch to a module, and then submit your changes as patch to them, along with whatever documentation they require. They may or may not accept it, but once it's out there the various FreePBX and other GUI-based distributions might feel more free to include it (but probably only if you can't read or store the tokens created via your server). But I doubt that any of them will touch it with that copyright notice attached, and I'm fairly certain there isn't a snowball's chance in Hades that Digium will even look at it (EDIT: unless you submit it to them along with an executed Digium License Agreement), since they would want to maintain "clean hands" in case they decide to write a similar modification.

Even if you don't want to submit it to Digium, please consider releasing it under GPL or whatever open-source license is preferred by those who create Asterisk modules these days.

I have never contributed to asterisk so I don't really know how to do that.
Maybe someone here can take the code and submit it?

I'm really open to anything, really whatever it takes to get it out there. The modification is for the Asterisk community. The copyright is there because thats what I do with all my source files.

GVsip does store the refresh tokens, but its just for the users benefit for future reference and removal purposes from Google. If there is a demand I will write an API that returns the refresh token without storing it so that Asterisk web gui's etc can easily grab a refresh token.

I think this has been a long time in coming for Asterisk. Thanks for getting the effort going.

To make the whole thing more generally useful outside of GVSIP, could the client ID and secrets be extracted out to config file parameters instead of hard coded? This also seems like a liability if you need to change your Google oauth2 client credentials for some reason.

const char * client_id = "470306186573-jtdetm9fb2b28k4gumaleamea7a14deh.apps.googleusercontent.com";
const char * client_secret = "zWK1W_I-4ZlfRoFnYRoGhsrB";
 

Some people might want to use the module against their own client ID and secret.

Great job, Ryan. In light of the copyright notice, there will also need to be some sort of license provided so that others may use your code. I would recommend GPL2, but that's your call. Once that is included, we will quickly integrate this into the Incredible PBX platforms.

Edit: Just downloaded latest version of res_xmpp.c from GitHub and the GPL2 license is included in the file. Many thanks!

I'm not a programmer so I've never done it, but it appears all the information you'd need is linked from this page:

Asterisk Developers page

You might have to change your code a bit to conform to their Coding Guidelines, and I believe they will want you to submit your changes as a patch file against the original module that is available from subversion - those pages explain all that. They also have a page on the Patch Contribution Process which unfortunately requires you to Sign a Digium License Agreement that you may or may not find objectionable (I believe it has probably had a chilling effect on code submissions, but IANAL so can't say if it's as bad as some people seem to think). That part, at least, is something that no one else could do for you even if they wanted to, especially given your copyright notice.

Even if you decide you don't want to submit it to Asterisk, you'd still need to license it under something like GPL2 so that GUI-based distribution owners could choose to include it (in effect bypassing Digium).

As for the refresh tokens, I'd personally feel a lot better if I could get them without them being stored anywhere else. If you store them and your system were ever compromised, someone could obtain the tokens for all the GV accounts obtained via your page, and potentially make a lot of calls on other people's dime.

I have not made any changes. Does anything need to be changed with the copyright notice? How should it be written so that anyone can use it? Or is it fine the way it is right now.

Looks fine to me. I hadn't looked at it originally after someone noted there was only a copyright notice. But you apparently had included the GPL2 license in the code as well. Thanks.

Ryan:
Thank you for put effort into this. Indeed, as AllThumbs said, great job!
I am wondering about what is involved in getting, refreshing and storing the tokens? Does this has to go through GVsip? What you did that a user cannot do on their own server? Just curious.

I don't know how I missed that - I have modified the quote in the above post to include that. Sorry I didn't notice it the first time around!

Thats a great question, in order to get the "offline refresh token" you need a website that redirects you to a Google login page, then the website accepts the information Google sends back after you login to Google.

How it works is mostly outlined in their development documentation here
»developers.google.com/id ··· ebServer

For the sake of simplicity GVsip is offering a central place for users to go to create and manage their offline refresh tokens. GVsip will also offer a free easy to use API that can be integrated into other applications but I'm not sure how that will work yet.

No worky in Asterisk 11.

Not having much luck with Asterisk 12 either. Please translate the following and how to obtain the credentials. Nothing on your site provides a refresh token that I can find:

username=(username obtained from)

;secret=(your plain text password)

refresh_token=(token obtained from GVsip.com)

Sorry, Im not good at writing tutorials. These instructions should get you there

Go to »www.GVsip.com and create an account

Then navigate to (Portal Menu) -> Google Voice-> Advanced Google OAUTH2.0 Manager (top right part of screen)

Then click “Add Google Voice Account” (Green Button)

Select an account with Google Voice and on the next screen click “accept”.

The username and refresh_token will now be displayed on the next screen.

Repeat as necessary for all of your Google Voice Accounts

Then modify your asterisk configuration /etc/asterisk/xmpp.conf Instead of using
secret=(password) comment that out an insert refresh_token=(token obtained from GVsip.com)
username=(username obtained from GVsip.com)

The direct link to the Advanced Google OAUTH2.0 Manager (after logging in) is »www.gvsip.com/oauth.php

Hope that helps!

Didn't work for me either. Asterisk11 does not work. I cannot compile asterisk12 for some reason. I can compile asterisk13 and it works before modifications. After modification, it always gave me the error:

ERROR[24504]: pbx.c:4343 ast_func_read: Function CURL not registered
[Apr 29 12:52:13] NOTICE[24504]: res_xmpp.c:3867 fetch_access_token: Command status :
[Apr 29 12:52:13] ERROR[24504]: res_xmpp.c:3879 fetch_access_token: object is NULL

Is func_curl installed if you do a "make menuselect" in your Asterisk source directory?

Ryan:
Actually, I couldn't because I need to install curl first. I will try to do that and to see if it works. Thanks for your help.
BTW, once it is selected, do I need to do a full compilation or only need to do make install?

On centos to get this working I would do

cd /asterisk source directory/
yum install curl-devel
make menuselect
[*] func_curl
make
make install

I think that should work for you. Let me know if it does not work after that.

Now there's a new error:

[Apr 29 16:32:22] NOTICE[15813]: res_xmpp.c:3863 fetch_access_token: Command CURL(»www.googleapis.com/oauth ··· ient_id= ...... deh.apps.googleusercontent.com&client_secret=...... &refresh_token= ...... &grant_type=refresh_token)
[Apr 29 16:32:22] WARNING[15813]: func_curl.c:684 acf_curl_helper: SSL certificate problem: unable to get local issuer certificate ('https://www.googleapis.com/oauth2/v3/token')
[Apr 29 16:32:22] NOTICE[15813]: res_xmpp.c:3867 fetch_access_token: Command status :
[Apr 29 16:32:22] ERROR[15813]: res_xmpp.c:3879 fetch_access_token: object is NULL
[Apr 29 16:32:22] WARNING[15813]: res_xmpp.c:3752 xmpp_client_receive: Parsing failure: Hook returned an error.
[Apr 29 16:32:22] WARNING[15813]: res_xmpp.c:3749 xmpp_client_receive: Parsing failure: Invalid XML.
[Apr 29 16:32:22] WARNING[15813]: res_xmpp.c:3816 xmpp_client_thread: JABBER: socket read error

Does

yum install ca-certificates
 

install a new package, or is it already there?

I installed it and everything works now. Thank you and Ryan for your help.

One more suggestion for Ryan. Because of the number of folks that still use FreePBX to access Google Voice, let me suggest a minor change to make this easier. Instead of changing the nomenclature in xmpp.conf from secret to refresh_token, leave the existing nomenclature of secret and make the change in res_xmpp.c. The reason is because FreePBX refreshes xmpp.conf as part of any dialplan modification and will overwrite the modified contents. By using the existing nomenclature, it will preserve the entries even though the secret entry will, in fact, be the refresh_token. Down the road we can work on getting the FreePBX module corrected, but this will be a big help for the short term.

I actually originally wanted to do that. I have changed it back now for freepbx users and updated the setup instructions. Will this code work with FPBX-2.11? or just FPBX-12?

Not having any luck with FreePBX 2.11 which uses Asterisk 11. Also having curl issues with Ubuntu and Asterisk 12, but we'll keep plugging away.

Apparently thats not the correct way to copyright a modified asterisk res file.

I got a nice little email from Digium this evening

quote:

---

Howdy,

We noticed this:
»github.com/gvsip/Asteris ··· s_xmpp.c

which we were linked to from:
»Upgrade Asterisk to an OAUTH2.0 connection with Google Voice

In the res_xmpp.c file there, we see that you're listed as the author,
copyright holder, and licensor of the source code.

That's incorrect.

Please return the copyright, licensor and author information as contained
in the original source file.

Cheers

---

I guess its nice to know its on their radar now.

I don't believe it will work with Asterisk 11. There are quite a few differences between 11 and 12. However, I tried 13 and it works. I would suggest to use 13 because it is a long term support version. 12 is not.