forked from rabbitmq/amqp091-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth.go
83 lines (68 loc) · 2.02 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
// Copyright (c) 2021 VMware, Inc. or its affiliates. All Rights Reserved.
// Copyright (c) 2012-2021, Sean Treadway, SoundCloud Ltd.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package amqp091
import (
"bytes"
"fmt"
)
// Authentication interface provides a means for different SASL authentication
// mechanisms to be used during connection tuning.
type Authentication interface {
Mechanism() string
Response() string
}
// PlainAuth is a similar to Basic Auth in HTTP.
type PlainAuth struct {
Username string
Password string
}
// Mechanism returns "PLAIN"
func (auth *PlainAuth) Mechanism() string {
return "PLAIN"
}
// Response returns the null character delimited encoding for the SASL PLAIN Mechanism.
func (auth *PlainAuth) Response() string {
return fmt.Sprintf("\000%s\000%s", auth.Username, auth.Password)
}
// AMQPlainAuth is similar to PlainAuth
type AMQPlainAuth struct {
Username string
Password string
}
// Mechanism returns "AMQPLAIN"
func (auth *AMQPlainAuth) Mechanism() string {
return "AMQPLAIN"
}
// Response returns an AMQP encoded credentials table, without the field table size.
func (auth *AMQPlainAuth) Response() string {
var buf bytes.Buffer
table := Table{"LOGIN": auth.Username, "PASSWORD": auth.Password}
if err := writeTable(&buf, table); err != nil {
return ""
}
return buf.String()[4:]
}
// ExternalAuth for RabbitMQ-auth-mechanism-ssl.
type ExternalAuth struct {
}
// Mechanism returns "EXTERNAL"
func (*ExternalAuth) Mechanism() string {
return "EXTERNAL"
}
// Response returns an AMQP encoded credentials table, without the field table size.
func (*ExternalAuth) Response() string {
return "\000*\000*"
}
// Finds the first mechanism preferred by the client that the server supports.
func pickSASLMechanism(client []Authentication, serverMechanisms []string) (auth Authentication, ok bool) {
for _, auth = range client {
for _, mech := range serverMechanisms {
if auth.Mechanism() == mech {
return auth, true
}
}
}
return
}