scram

package
v1.11.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 18, 2023 License: BSD-3-Clause Imports: 14 Imported by: 63

Documentation

Overview

Package scram provides SCRAM-SHA-256 and SCRAM-SHA-512 sasl authentication as specified in RFC5802.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Sha256

func Sha256(authFn func(context.Context) (Auth, error)) sasl.Mechanism

Sha256 returns a SCRAM-SHA-256 sasl mechanism that will call authFn whenever authentication is needed. The returned Auth is used for a single session.

func Sha512

func Sha512(authFn func(context.Context) (Auth, error)) sasl.Mechanism

Sha512 returns a SCRAM-SHA-512 sasl mechanism that will call authFn whenever authentication is needed. The returned Auth is used for a single session.

Types

type Auth

type Auth struct {
	// Zid is an optional authorization ID to use in authenticating.
	Zid string

	// User is username to use for authentication.
	//
	// Note that this package does not attempt to "prepare" the username
	// for authentication; this package assumes that the incoming username
	// has already been prepared / does not need preparing.
	//
	// Preparing simply normalizes case / removes invalid characters; doing
	// so is likely not necessary.
	User string

	// Pass is the password to use for authentication.
	Pass string

	// Nonce, if provided, is the nonce to use for authentication. If not
	// provided, this package uses 20 bytes read with crypto/rand.
	Nonce []byte

	// IsToken, if true, suffixes the "tokenauth=true" extra attribute to
	// the initial authentication message.
	//
	// Set this to true if the user and pass are from a delegation token.
	IsToken bool
	// contains filtered or unexported fields
}

Auth contains information for authentication.

This client may add fields to this struct in the future if Kafka adds more extensions to SCRAM.

func (Auth) AsSha256Mechanism

func (a Auth) AsSha256Mechanism() sasl.Mechanism

AsSha256Mechanism returns a sasl mechanism that will use 'a' as credentials for all sasl sessions.

This is a shortcut for using the Sha256 function and is useful when you do not need to live-rotate credentials.

func (Auth) AsSha512Mechanism

func (a Auth) AsSha512Mechanism() sasl.Mechanism

AsSha512Mechanism returns a sasl mechanism that will use 'a' as credentials for all sasl sessions.

This is a shortcut for using the Sha512 function and is useful when you do not need to live-rotate credentials.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL