Documentation ¶
Overview ¶
Package auth is not for public use.
The API for packages in the 'private' directory have no stability guarantee.
The packages within the 'private' directory would normally be put into an 'internal' directory to prohibit their use outside the 'mongo' directory. However, some MongoDB tools require very low-level access to the building blocks of a driver, so we have placed them under 'private' to allow these packages to be imported by projects that need them.
These package APIs may be modified in backwards-incompatible ways at any time.
You are strongly discouraged from directly using any packages under 'private'.
Index ¶
- Constants
- func ConductSaslConversation(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter, ...) error
- func Handshaker(appName string, h connection.Handshaker, authenticator Authenticator) connection.Handshaker
- func RegisterAuthenticatorFactory(name string, factory AuthenticatorFactory)
- type Authenticator
- type AuthenticatorFactory
- type Cred
- type DefaultAuthenticator
- type Error
- type MongoDBCRAuthenticator
- type MongoDBX509Authenticator
- type PlainAuthenticator
- type SaslClient
- type SaslClientCloser
- type ScramSHA1Authenticator
Constants ¶
const GSSAPI = "GSSAPI"
GSSAPI is the mechanism name for GSSAPI.
const MONGODBCR = "MONGODB-CR"
MONGODBCR is the mechanism name for MONGODB-CR.
const MongoDBX509 = "MONGODB-X509"
MongoDBX509 is the mechanism name for MongoDBX509.
const PLAIN = "PLAIN"
PLAIN is the mechanism name for PLAIN.
const SCRAMSHA1 = "SCRAM-SHA-1"
SCRAMSHA1 is the mechanism name for SCRAM-SHA-1.
Variables ¶
This section is empty.
Functions ¶
func ConductSaslConversation ¶
func ConductSaslConversation(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter, db string, client SaslClient) error
ConductSaslConversation handles running a sasl conversation with MongoDB.
func Handshaker ¶
func Handshaker(appName string, h connection.Handshaker, authenticator Authenticator) connection.Handshaker
Handshaker creates a connection handshaker for the given authenticator. The handshaker will handle calling isMaster and buildInfo.
func RegisterAuthenticatorFactory ¶
func RegisterAuthenticatorFactory(name string, factory AuthenticatorFactory)
RegisterAuthenticatorFactory registers the authenticator factory.
Types ¶
type Authenticator ¶
type Authenticator interface { // Auth authenticates the connection. Auth(context.Context, description.Server, wiremessage.ReadWriter) error }
Authenticator handles authenticating a connection.
func CreateAuthenticator ¶
func CreateAuthenticator(name string, cred *Cred) (Authenticator, error)
CreateAuthenticator creates an authenticator.
type AuthenticatorFactory ¶
type AuthenticatorFactory func(cred *Cred) (Authenticator, error)
AuthenticatorFactory constructs an authenticator.
type Cred ¶
type Cred struct { Source string Username string Password string PasswordSet bool Props map[string]string }
Cred is a user's credential.
type DefaultAuthenticator ¶
type DefaultAuthenticator struct {
Cred *Cred
}
DefaultAuthenticator uses SCRAM-SHA-1 or MONGODB-CR depending on the server version.
func (*DefaultAuthenticator) Auth ¶
func (a *DefaultAuthenticator) Auth(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter) error
Auth authenticates the connection.
type Error ¶
type Error struct {
// contains filtered or unexported fields
}
Error is an error that occurred during authentication.
type MongoDBCRAuthenticator ¶
MongoDBCRAuthenticator uses the MONGODB-CR algorithm to authenticate a connection.
func (*MongoDBCRAuthenticator) Auth ¶
func (a *MongoDBCRAuthenticator) Auth(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter) error
Auth authenticates the connection.
type MongoDBX509Authenticator ¶
type MongoDBX509Authenticator struct {
User string
}
MongoDBX509Authenticator uses X.509 certificates over TLS to authenticate a connection.
func (*MongoDBX509Authenticator) Auth ¶
func (a *MongoDBX509Authenticator) Auth(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter) error
Auth implements the Authenticator interface.
type PlainAuthenticator ¶
PlainAuthenticator uses the PLAIN algorithm over SASL to authenticate a connection.
func (*PlainAuthenticator) Auth ¶
func (a *PlainAuthenticator) Auth(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter) error
Auth authenticates the connection.
type SaslClient ¶
type SaslClient interface { Start() (string, []byte, error) Next(challenge []byte) ([]byte, error) Completed() bool }
SaslClient is the client piece of a sasl conversation.
type SaslClientCloser ¶
type SaslClientCloser interface { SaslClient Close() }
SaslClientCloser is a SaslClient that has resources to clean up.
type ScramSHA1Authenticator ¶
type ScramSHA1Authenticator struct { DB string Username string Password string NonceGenerator func([]byte) error // contains filtered or unexported fields }
ScramSHA1Authenticator uses the SCRAM-SHA-1 algorithm over SASL to authenticate a connection.
func (*ScramSHA1Authenticator) Auth ¶
func (a *ScramSHA1Authenticator) Auth(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter) error
Auth authenticates the connection.