What is XMPP?
Work on a new instant messaging system designed to solve the aforementioned problems began in 1998 with the development of the Extensible Messaging and Presence Protocol, or XMPP, and the first XMPP server was made available by January 1999.
Over the next 6 years, the Jabber software and standards were defined and eventually approved by the Internet Engineering Task Force (IETF). Jabber became known as XMPP during that process. The process of becoming part of the IETF meant that the protocol underwent a huge amount of scrutiny, laying the foundations for the maturity and security in the protocol that we are seeing today.
Additional standards were created later that extended the platform so that it could handle things such as voice and video calls, Multi-User Chat (MUC), publish-subscribe systems, avatars, vCards, and feature discovery. These standards are looked after by a body called the XMPP Standards Foundation, or XSF, which handles the publishing, editing, finalizing, and obsoleting of the standards.
The important thing to realize about XMPP is that rather than being a set of software, it is a set of standards that define how clients and servers should interact, much like HTTP is a standard rather than a specific piece of software like Apache. What this means is that there are many implementations of servers and clients, all interactively speaking a common language from proprietary solutions to open source offerings forming a large and rich ecosystem.
XMPP provides many advantages outside of its plethora of servers and clients, which includes the following:
- Decentralized: Unlike big messaging silos such as MSN messenger or ICQ, XMPP is built from the ground up so that servers are able to intercommunicate, mimicking the format of the early Internet. With no single point of failure, a friend's server going down does not prevent you from communicating with other friends or colleagues.
- Secure: The XMPP community works hard to ensure that the standards and implementations are highly secure, by adopting things such as mandatory server-to-server encryption and secure authentication mechanisms, and by becoming involved with (and implementing where appropriate) new secure mechanisms such as DNSSEC. This focus on security has led to XMPP being deployed in environments requiring the highest levels of security, from actively deployed armed forces through to financial institutions.
- Scalable: With servers able to handle hundreds of thousands of connections at any time and due to XMPP's push architecture (versus HTTP's pull for example), hugely scaled systems not previously possible have been created.
- Real-time: Sending messages in real time enables new ways of developing capabilities that were previously difficult to support, such as remote collaboration on a project and talking to people all over the world without the lag or complexity of older communication methods.
- Multi-device: Somewhat ahead of its time, XMPP was built with multiple devices baked into the protocol. These are exposed as resources on your Jabber ID (JID), which means you can be connected to the same account from a desktop computer, a mobile phone, and a tablet at the same time and have messages routed appropriately.
- Extensible: XMPP is an extensible platform, meaning new functionality can be added to the protocol without interfering with existing features. This means that new ways of working and new standards come into existence (such as WebRTC), which can be integrated into XMPP with ease. These extensions are called XMPP Extension Protocols, or XEP for short, and a full list (including obsolete or abandoned extensions) can be seen on the XMPP website at http://xmpp.org/extensions.
- Mature: With hundreds of server and client implementations developed over 15 years, the standard can be said to be heavily battle-tested, and many deployments of XMPP systems demonstrate that the standards embodied by the protocol are scalable for today's Internet and the Internet of the future.
Lastly, another major advantage of using or developing on the XMPP platform is the amazing community that rallies around the protocol. Within the XSF and the community at large, there is a huge amount of experience, help, knowledge, and enthusiasm. The community has very active mailing lists, and chat rooms, as well as scores of developers writing blogs and articles and regularly speaking at events all over the world. This welcoming community means that it is easy to propose ideas, get feedback, and improve deployments or implementations with the knowledge that you will be supported by a great group of people.
Uses of XMPP
XMPP is used to solve many real-world problems and has made its way into many large services, often without users realizing. Some large examples of deployments or XMPP-based services include:
- Jabber.org
- Google Cloud Messaging (GCM)
- Facebook chat
- Google Talk (discontinued)
- HipChat
Additionally, many services also allow users to connect via an XMPP gateway, meaning that users can connect with their preferred clients rather than with those supplied by a company, such as Slack and Skype.
XMPP is deployed in many industries where its uses go beyond simple chat applications to include diverse purposes such as the following:
- Building management
- Gaming
- System control
- Log watching
- Cyber-incident report management
- Peer-to-peer session negotiation (such as with WebRTC)
- Voice-over-IP (VoIP)
- Identity services
XMPP and the Web
With the continuing rise of the real-time web and WebRTC applications, XMPP is becoming more relevant on the web than ever before. Its push architecture means that lightweight real-time applications can be built without continuously polling the server, making for more scalable web applications. Its mature standards mean that developers are quickly able to build real-world applications without having to design their own proprietary standards and benefit from the thought and problem solving that has gone into XMPP.
With all its advantages, one area that WebRTC hasn't solved (nor was it designed to solve) is the issue of session negotiation. Not only was a standard called Jingle available in XMPP before WebRTC arrived in the browser, but also it turns out that it's a great way of transferring session data to form peer-to-peer sessions. This means that users are now able to use WebRTC clients of their choice without having to visit and reply upon a meet me type URL or a proprietary signaling method.
Installing Node.js and library dependencies
Node.js was released in 2009, and since its release, it has quickly become a nearly indispensable tool for server side development using JavaScript. Node.js allows developers to create fast and scalable applications (especially when asynchronous IO libraries are used) in a single language throughout an application's stack, with JavaScript running on both the back-end and front-end.
While Node.js is not required for working with XMPP, all examples in this book will utilize libraries written in Node.js, some of which can also run on the browser.
Using Ubuntu 16.04 as a base, we're now going to install Node.js and some core dependencies for the libraries we'll be using.
First we'll install libicu-dev
and libexpat-dev
. These libraries allow us to perform case transformations on international characters and process XML, respectively:
$ sudo apt-get install libicu libexpat1-dev
Next, we'll work on installing Node.js itself. My preferred method of achieving this is to use nvm
by Tim Caswell, which is available from this GitHub repository:
https://github.com/creationix/nvm
. Please check out the readme
for the current installation instructions, but at the time of writing this book, the procedure is as follows:
$ curl https://raw.githubusercontent.com/creationix/nvm/v0.32.0 /install.sh | bash $ source ~/.bashrc $ nvm install 6 $ node -v
This will install the latest version of the Node.js 6 release for you. The advantage of using nvm
over the operating system packages is that it is easy to switch between different versions of Node.js with a simple command.