github.com/hoveychen/kafka-go@v0.4.42/sasl/sasl.go (about) 1 package sasl 2 3 import "context" 4 5 type ctxKey struct{} 6 7 // Mechanism implements the SASL state machine for a particular mode of 8 // authentication. It is used by the kafka.Dialer to perform the SASL 9 // handshake. 10 // 11 // A Mechanism must be re-usable and safe for concurrent access by multiple 12 // goroutines. 13 type Mechanism interface { 14 // Name returns the identifier for this SASL mechanism. This string will be 15 // passed to the SASL handshake request and much match one of the mechanisms 16 // supported by Kafka. 17 Name() string 18 19 // Start begins SASL authentication. It returns an authentication state 20 // machine and "initial response" data (if required by the selected 21 // mechanism). A non-nil error causes the client to abort the authentication 22 // attempt. 23 // 24 // A nil ir value is different from a zero-length value. The nil value 25 // indicates that the selected mechanism does not use an initial response, 26 // while a zero-length value indicates an empty initial response, which must 27 // be sent to the server. 28 Start(ctx context.Context) (sess StateMachine, ir []byte, err error) 29 } 30 31 // StateMachine implements the SASL challenge/response flow for a single SASL 32 // handshake. A StateMachine will be created by the Mechanism per connection, 33 // so it does not need to be safe for concurrent access by multiple goroutines. 34 // 35 // Once the StateMachine is created by the Mechanism, the caller loops by 36 // passing the server's response into Next and then sending Next's returned 37 // bytes to the server. Eventually either Next will indicate that the 38 // authentication has been successfully completed via the done return value, or 39 // it will indicate that the authentication failed by returning a non-nil error. 40 type StateMachine interface { 41 // Next continues challenge-response authentication. A non-nil error 42 // indicates that the client should abort the authentication attempt. If 43 // the client has been successfully authenticated, then the done return 44 // value will be true. 45 Next(ctx context.Context, challenge []byte) (done bool, response []byte, err error) 46 } 47 48 // Metadata contains additional data for performing SASL authentication. 49 type Metadata struct { 50 // Host is the address of the broker the authentication will be 51 // performed on. 52 Host string 53 Port int 54 } 55 56 // WithMetadata returns a copy of the context with associated Metadata. 57 func WithMetadata(ctx context.Context, m *Metadata) context.Context { 58 return context.WithValue(ctx, ctxKey{}, m) 59 } 60 61 // MetadataFromContext retrieves the Metadata from the context. 62 func MetadataFromContext(ctx context.Context) *Metadata { 63 m, _ := ctx.Value(ctxKey{}).(*Metadata) 64 return m 65 }