github.com/streamdal/segmentio-kafka-go@v0.4.47-streamdal/sasl/sasl.go

github.com/streamdal/segmentio-kafka-go@v0.4.47-streamdal/sasl/sasl.go (about)

     1  package sasl
     2  
     3  import "context"
     4  
     5  type ctxKey struct{}
     6  
     7  // Mechanism implements the SASL state machine for a particular mode of
     8  // authentication.  It is used by the kafka.Dialer to perform the SASL
     9  // handshake.
    10  //
    11  // A Mechanism must be re-usable and safe for concurrent access by multiple
    12  // goroutines.
    13  type Mechanism interface {
    14  	// Name returns the identifier for this SASL mechanism.  This string will be
    15  	// passed to the SASL handshake request and much match one of the mechanisms
    16  	// supported by Kafka.
    17  	Name() string
    18  
    19  	// Start begins SASL authentication. It returns an authentication state
    20  	// machine and "initial response" data (if required by the selected
    21  	// mechanism). A non-nil error causes the client to abort the authentication
    22  	// attempt.
    23  	//
    24  	// A nil ir value is different from a zero-length value. The nil value
    25  	// indicates that the selected mechanism does not use an initial response,
    26  	// while a zero-length value indicates an empty initial response, which must
    27  	// be sent to the server.
    28  	Start(ctx context.Context) (sess StateMachine, ir []byte, err error)
    29  }
    30  
    31  // StateMachine implements the SASL challenge/response flow for a single SASL
    32  // handshake.  A StateMachine will be created by the Mechanism per connection,
    33  // so it does not need to be safe for concurrent access by multiple goroutines.
    34  //
    35  // Once the StateMachine is created by the Mechanism, the caller loops by
    36  // passing the server's response into Next and then sending Next's returned
    37  // bytes to the server.  Eventually either Next will indicate that the
    38  // authentication has been successfully completed via the done return value, or
    39  // it will indicate that the authentication failed by returning a non-nil error.
    40  type StateMachine interface {
    41  	// Next continues challenge-response authentication. A non-nil error
    42  	// indicates that the client should abort the authentication attempt.  If
    43  	// the client has been successfully authenticated, then the done return
    44  	// value will be true.
    45  	Next(ctx context.Context, challenge []byte) (done bool, response []byte, err error)
    46  }
    47  
    48  // Metadata contains additional data for performing SASL authentication.
    49  type Metadata struct {
    50  	// Host is the address of the broker the authentication will be
    51  	// performed on.
    52  	Host string
    53  	Port int
    54  }
    55  
    56  // WithMetadata returns a copy of the context with associated Metadata.
    57  func WithMetadata(ctx context.Context, m *Metadata) context.Context {
    58  	return context.WithValue(ctx, ctxKey{}, m)
    59  }
    60  
    61  // MetadataFromContext retrieves the Metadata from the context.
    62  func MetadataFromContext(ctx context.Context) *Metadata {
    63  	m, _ := ctx.Value(ctxKey{}).(*Metadata)
    64  	return m
    65  }