Optimising the open stream & authentication process
I'm analysing the possibility of reducing the open stream & auth process packets between server and mobile clients in order to optimise authenticating time because most of the times the apps are using mobile networks. We were using nosasl iq-auth method that requires less packets transmission in negotiating and authenticating but we have implemented Stream Management XEP-0198 and is not compatible when the connection must be resumed. So we'd like to develop the best optimised authentication process and in a second version apply security to it. OAuth 2.0 protocol would be the good solution considering security and fast authentication process between client/server using refresh tokens for example?
What would be your advice to achieve this?
Thanks a lot in advance.
Added by Mauro Carrio over 4 years ago
Yes, I have checked it. Looking at the Tigase features, XEP-0305 is not implemented yet.
I assume that it will require modifications at core level, could you please guide me in general terms with the architecture of supporting pipelining in order to start developing this functionality?
Added by Artur Hefczyc over 4 years ago
In theory it could work out of the box in Tigase but I am sure some changes in Tigase would be necessary. It is hard for me to tell what to change exactly. The main problem would be probably the fact that in Tigase different packets are processed concurrently. So for example TLS start would be processed while the user's session is being created. Right now, before we start working on this, it is hard for me to tell you what would be the best way to handle it.
My suggestion for you is to either experiment on this on your own or wait until we implement it.