func init() { auth.AddMechanism("PLAIN", func(e *auth.AuthElement, stream stream.ServerStream) error { var auth_state *auth.AuthState if err := stream.State().Get(&auth_state); err != nil { return err } b, err := auth.DecodeBase64(e.Data, stream) if err != nil { return err } user_password := bytes.Split(b, usernamePasswordSeparator) if pass := auth_state.GetPasswordByUserName(string(user_password[1])); pass == string(user_password[2]) { if err := stream.WriteElement(mechanisms.SuccessElement{}); err != nil { return err } auth_state.UserName = string(user_password[1]) auth_state.Mechanism = "PLAIN" stream.ReOpen() return nil } else { return errors.New("AUTH FAILED") } }) }
func init() { auth.AddMechanism("SCRAM-SHA-1", func(e *auth.AuthElement, strm stream.ServerStream) error { var auth_state *auth.AuthState if err := strm.State().Get(&auth_state); err != nil { log.Println("SHAM-SHA-1 AuthState is not set can't get auth data") return err } auth_data, err := auth.DecodeBase64(e.Data, strm) if err != nil { return err } scram := scram.NewServer(sha1.New, nil) if err := scram.ParseClientFirst(auth_data); err != nil { return err } scram.SaltPassword([]byte(auth_state.GetPasswordByUserName(scram.UserName()))) handler := newSHAHandler(strm, scram, auth_state) return handler.Handle() }) }
func (h *digestMD5Handler) Handle() error { var auth_state *auth.AuthState if err := h.strm.State().Get(&auth_state); err != nil { auth_state = &auth.AuthState{} h.strm.State().Push(auth_state) } if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.md5.Challenge())); err != nil { return err } // Receive a response with encoded MD5 resp_el, err := mechanisms.ReadResponse(h.strm) if err != nil { return err } // Check MD5 raw_resp_data, err := auth.DecodeBase64(resp_el.Data, h.strm) if err != nil { return err } if err := h.md5.ParseResponse(raw_resp_data); err != nil { return err } password := auth_state.GetPasswordByUserName(h.md5.UserName()) if err := h.md5.Validate(password); err != nil { return err } // Send response if err := h.strm.WriteElement(mechanisms.NewChallengeElement(h.md5.Final())); err != nil { return err } rsp, err := mechanisms.ReadResponse(h.strm) if err != nil { return err } if rsp.Data != "" { return errors.New("Wrong response, expected empty response") } if err := h.strm.WriteElement(mechanisms.SuccessElement{}); err != nil { return err } auth_state.UserName = h.md5.AuthID() h.strm.ReOpen() return nil }