Example #1
0
func (h *digestMD5Handler) Handle() error {
	var auth_state *auth.AuthState
	if err := h.strm.State().Get(&auth_state); err != nil {
		auth_state = &auth.AuthState{}
		h.strm.State().Push(auth_state)
	}

	if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.md5.Challenge())); err != nil {
		return err
	}

	// Receive a response with encoded MD5
	resp_el, err := mechanisms.ReadResponse(h.strm)
	if err != nil {
		return err
	}

	// Check MD5
	raw_resp_data, err := auth.DecodeBase64(resp_el.Data, h.strm)
	if err != nil {
		return err
	}

	if err := h.md5.ParseResponse(raw_resp_data); err != nil {
		return err
	}
	password := auth_state.GetPasswordByUserName(h.md5.UserName())
	if err := h.md5.Validate(password); err != nil {
		return err
	}

	// Send response
	if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.md5.Final())); err != nil {
		return err
	}

	rsp, err := mechanisms.ReadResponse(h.strm)
	if err != nil {
		return err
	}
	if rsp.Data != "" {
		return errors.New("Wrong response, expected empty response")
	}

	if err := h.strm.WriteElement(mechanisms.SuccessElement{}); err != nil {
		return err
	}

	auth_state.UserName = h.md5.AuthID()

	h.strm.ReOpen()

	return nil
}
Example #2
0
func (h *shaHandler) Handle() error {
	if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.scram.First())); err != nil {
		return err
	}

	// Receive a response with encoded MD5
	resp_el, err := mechanisms.ReadResponse(h.strm)
	if err != nil {
		return err
	}

	// Check SHA
	raw_resp_data, err := auth.DecodeBase64(resp_el.Data, h.strm)
	if err != nil {
		return err
	}

	if err := h.scram.CheckClientFinal(raw_resp_data); err != nil {
		return err
	}

	// Send response
	if err := h.strm.WriteElement(mechanisms.NewSuccessElement(h.scram.Final())); err != nil {
		log.Println("Could not write signature")
		return err
	}

	h.authState.UserName = h.scram.UserName()

	h.strm.ReOpen()

	return nil
}