mirror of
https://github.com/crazy-max/diun.git
synced 2025-01-27 01:08:50 +00:00
83 lines
2 KiB
Go
83 lines
2 KiB
Go
// Copyright (c) 2021 VMware, Inc. or its affiliates. All Rights Reserved.
|
|
// Copyright (c) 2012-2021, Sean Treadway, SoundCloud Ltd.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package amqp091
|
|
|
|
import (
|
|
"bytes"
|
|
"fmt"
|
|
)
|
|
|
|
// Authentication interface provides a means for different SASL authentication
|
|
// mechanisms to be used during connection tuning.
|
|
type Authentication interface {
|
|
Mechanism() string
|
|
Response() string
|
|
}
|
|
|
|
// PlainAuth is a similar to Basic Auth in HTTP.
|
|
type PlainAuth struct {
|
|
Username string
|
|
Password string
|
|
}
|
|
|
|
// Mechanism returns "PLAIN"
|
|
func (auth *PlainAuth) Mechanism() string {
|
|
return "PLAIN"
|
|
}
|
|
|
|
// Response returns the null character delimited encoding for the SASL PLAIN Mechanism.
|
|
func (auth *PlainAuth) Response() string {
|
|
return fmt.Sprintf("\000%s\000%s", auth.Username, auth.Password)
|
|
}
|
|
|
|
// AMQPlainAuth is similar to PlainAuth
|
|
type AMQPlainAuth struct {
|
|
Username string
|
|
Password string
|
|
}
|
|
|
|
// Mechanism returns "AMQPLAIN"
|
|
func (auth *AMQPlainAuth) Mechanism() string {
|
|
return "AMQPLAIN"
|
|
}
|
|
|
|
// Response returns an AMQP encoded credentials table, without the field table size.
|
|
func (auth *AMQPlainAuth) Response() string {
|
|
var buf bytes.Buffer
|
|
table := Table{"LOGIN": auth.Username, "PASSWORD": auth.Password}
|
|
if err := writeTable(&buf, table); err != nil {
|
|
return ""
|
|
}
|
|
return buf.String()[4:]
|
|
}
|
|
|
|
// ExternalAuth for RabbitMQ-auth-mechanism-ssl.
|
|
type ExternalAuth struct {
|
|
}
|
|
|
|
// Mechanism returns "EXTERNAL"
|
|
func (*ExternalAuth) Mechanism() string {
|
|
return "EXTERNAL"
|
|
}
|
|
|
|
// Response returns an AMQP encoded credentials table, without the field table size.
|
|
func (*ExternalAuth) Response() string {
|
|
return "\000*\000*"
|
|
}
|
|
|
|
// Finds the first mechanism preferred by the client that the server supports.
|
|
func pickSASLMechanism(client []Authentication, serverMechanisms []string) (auth Authentication, ok bool) {
|
|
|
|
for _, auth = range client {
|
|
for _, mech := range serverMechanisms {
|
|
if auth.Mechanism() == mech {
|
|
return auth, true
|
|
}
|
|
}
|
|
}
|
|
|
|
return
|
|
}
|