README
¶
Documentation
¶
Overview ¶
Library for Simple Authentication and Security Layer (SASL) defined in RFC 4422.
Index ¶
- Constants
- Variables
- type AnonymousAuthenticator
- type Client
- type ExternalAuthenticator
- type LoginAuthenticator
- type OAuthBearerAuthenticator
- type OAuthBearerError
- type OAuthBearerOptions
- type PlainAuthenticator
- type Server
- func NewAnonymousServer(authenticator AnonymousAuthenticator) Server
- func NewExternalServer(authenticator ExternalAuthenticator) Server
- func NewLoginServer(authenticator LoginAuthenticator) Server
- func NewOAuthBearerServer(auth OAuthBearerAuthenticator) Server
- func NewPlainServer(authenticator PlainAuthenticator) Server
Constants ¶
const Anonymous = "ANONYMOUS"
The ANONYMOUS mechanism name.
const External = "EXTERNAL"
The EXTERNAL mechanism name.
const Login = "LOGIN"
The LOGIN mechanism name.
const OAuthBearer = "OAUTHBEARER"
The OAUTHBEARER mechanism name.
const Plain = "PLAIN"
The PLAIN mechanism name.
Variables ¶
var ( ErrUnexpectedClientResponse = errors.New("sasl: unexpected client response") ErrUnexpectedServerChallenge = errors.New("sasl: unexpected server challenge") )
Common SASL errors.
Functions ¶
This section is empty.
Types ¶
type AnonymousAuthenticator ¶
Get trace information from clients logging in anonymously.
type Client ¶
type Client interface {
// Begins SASL authentication with the server. It returns the
// authentication mechanism name and "initial response" data (if required by
// the selected mechanism). A non-nil error causes the client to abort the
// authentication attempt.
//
// A nil ir value is different from a zero-length value. The nil value
// indicates that the selected mechanism does not use an initial response,
// while a zero-length value indicates an empty initial response, which must
// be sent to the server.
Start() (mech string, ir []byte, err error)
// Continues challenge-response authentication. A non-nil error causes
// the client to abort the authentication attempt.
Next(challenge []byte) (response []byte, err error)
}
Client interface to perform challenge-response authentication.
func NewAnonymousClient ¶
A client implementation of the ANONYMOUS authentication mechanism, as described in RFC 4505.
func NewExternalClient ¶
An implementation of the EXTERNAL authentication mechanism, as described in RFC 4422. Authorization identity may be left blank to indicate that the client is requesting to act as the identity associated with the authentication credentials.
func NewLoginClient ¶
A client implementation of the LOGIN authentication mechanism for SMTP, as described in http://www.iana.org/go/draft-murchison-sasl-login
It is considered obsolete, and should not be used when other mechanisms are available. For plaintext password authentication use PLAIN mechanism.
func NewOAuthBearerClient ¶
func NewOAuthBearerClient(opt *OAuthBearerOptions) Client
An implementation of the OAUTHBEARER authentication mechanism, as described in RFC 7628.
func NewPlainClient ¶
A client implementation of the PLAIN authentication mechanism, as described in RFC 4616. Authorization identity may be left blank to indicate that it is the same as the username.
type ExternalAuthenticator ¶
ExternalAuthenticator authenticates users with the EXTERNAL mechanism. If the identity is left blank, it indicates that it is the same as the one used in the external credentials. If identity is not empty and the server doesn't support it, an error must be returned.
type LoginAuthenticator ¶
Authenticates users with an username and a password.
type OAuthBearerAuthenticator ¶
type OAuthBearerAuthenticator func(opts OAuthBearerOptions) *OAuthBearerError
type OAuthBearerError ¶
type OAuthBearerOptions ¶
type PlainAuthenticator ¶
Authenticates users with an identity, a username and a password. If the identity is left blank, it indicates that it is the same as the username. If identity is not empty and the server doesn't support it, an error must be returned.
type Server ¶
type Server interface {
// Begins or continues challenge-response authentication. If the client
// supplies an initial response, response is non-nil.
//
// If the authentication is finished, done is set to true. If the
// authentication has failed, an error is returned.
Next(response []byte) (challenge []byte, done bool, err error)
}
Server interface to perform challenge-response authentication.
func NewAnonymousServer ¶
func NewAnonymousServer(authenticator AnonymousAuthenticator) Server
A server implementation of the ANONYMOUS authentication mechanism, as described in RFC 4505.
func NewExternalServer ¶
func NewExternalServer(authenticator ExternalAuthenticator) Server
NewExternalServer creates a server implementation of the EXTERNAL authentication mechanism, as described in RFC 4422.
func NewLoginServer ¶
func NewLoginServer(authenticator LoginAuthenticator) Server
A server implementation of the LOGIN authentication mechanism, as described in https://tools.ietf.org/html/draft-murchison-sasl-login-00.
LOGIN is obsolete and should only be enabled for legacy clients that cannot be updated to use PLAIN.
func NewOAuthBearerServer ¶
func NewOAuthBearerServer(auth OAuthBearerAuthenticator) Server
func NewPlainServer ¶
func NewPlainServer(authenticator PlainAuthenticator) Server
A server implementation of the PLAIN authentication mechanism, as described in RFC 4616.
Source Files