func (h *digestMD5Handler) Handle() error { var auth_state *auth.AuthState if err := h.strm.State().Get(&auth_state); err != nil { auth_state = &auth.AuthState{} h.strm.State().Push(auth_state) } if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.md5.Challenge())); err != nil { return err } // Receive a response with encoded MD5 resp_el, err := mechanisms.ReadResponse(h.strm) if err != nil { return err } // Check MD5 raw_resp_data, err := auth.DecodeBase64(resp_el.Data, h.strm) if err != nil { return err } if err := h.md5.ParseResponse(raw_resp_data); err != nil { return err } password := auth_state.GetPasswordByUserName(h.md5.UserName()) if err := h.md5.Validate(password); err != nil { return err } // Send response if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.md5.Final())); err != nil { return err } rsp, err := mechanisms.ReadResponse(h.strm) if err != nil { return err } if rsp.Data != "" { return errors.New("Wrong response, expected empty response") } if err := h.strm.WriteElement(mechanisms.SuccessElement{}); err != nil { return err } auth_state.UserName = h.md5.AuthID() h.strm.ReOpen() return nil }
func (h *shaHandler) Handle() error { if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.scram.First())); err != nil { return err } // Receive a response with encoded MD5 resp_el, err := mechanisms.ReadResponse(h.strm) if err != nil { return err } // Check SHA raw_resp_data, err := auth.DecodeBase64(resp_el.Data, h.strm) if err != nil { return err } if err := h.scram.CheckClientFinal(raw_resp_data); err != nil { return err } // Send response if err := h.strm.WriteElement(mechanisms.NewSuccessElement(h.scram.Final())); err != nil { log.Println("Could not write signature") return err } h.authState.UserName = h.scram.UserName() h.strm.ReOpen() return nil }