go-hep.org/x/hep@v0.38.1/xrootd/auth.go (about) 1 // Copyright ©2018 The go-hep Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package xrootd // import "go-hep.org/x/hep/xrootd" 6 7 import ( 8 "bytes" 9 "context" 10 "fmt" 11 12 "go-hep.org/x/hep/xrootd/xrdproto/auth" 13 "go-hep.org/x/hep/xrootd/xrdproto/auth/host" 14 "go-hep.org/x/hep/xrootd/xrdproto/auth/krb5" 15 "go-hep.org/x/hep/xrootd/xrdproto/auth/unix" 16 ) 17 18 // defaultProviders is the list of authentification providers a xrootd client will use by default. 19 var defaultProviders = []auth.Auther{ 20 krb5.Default, 21 unix.Default, 22 host.Default, 23 } 24 25 func (sess *cliSession) auth(ctx context.Context, securityInformation []byte) error { 26 securityInformation = bytes.TrimLeft(securityInformation, "&") 27 providerInfos := bytes.Split(securityInformation, []byte{'&'}) 28 29 var errs []error 30 for _, providerInfo := range providerInfos { 31 providerInfo = bytes.TrimLeft(providerInfo, "P=")[:] 32 paramsData := bytes.Split(providerInfo, []byte{','}) 33 params := make([]string, len(paramsData)) 34 for i := range paramsData { 35 params[i] = string(paramsData[i]) 36 } 37 provider := params[0] 38 params = params[1:] 39 40 auther, ok := sess.client.auths[provider] 41 if !ok { 42 errs = append(errs, fmt.Errorf("xrootd: could not authorize using %s: provider was not found", provider)) 43 continue 44 } 45 r, err := auther.Request(params) 46 if err != nil { 47 errs = append(errs, fmt.Errorf("xrootd: could not authorize using %s: %w", provider, err)) 48 continue 49 } 50 _, err = sess.Send(ctx, nil, r) 51 // TODO: should we react somehow to redirection? 52 if err != nil { 53 errs = append(errs, fmt.Errorf("xrootd: could not authorize using %s: %w", provider, err)) 54 continue 55 } 56 return nil 57 } 58 59 return fmt.Errorf("xrootd: could not authorize:\n%v", errs) 60 }