// Copyright (c) 2021 VMware, Inc. or its affiliates. All Rights Reserved. // Copyright (c) 2012-2021, Sean Treadway, SoundCloud Ltd. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. package amqp091 import ( "bytes" "fmt" ) // Authentication interface provides a means for different SASL authentication // mechanisms to be used during connection tuning. type Authentication interface { Mechanism() string Response() string } // PlainAuth is a similar to Basic Auth in HTTP. type PlainAuth struct { Username string Password string } // Mechanism returns "PLAIN" func (auth *PlainAuth) Mechanism() string { return "PLAIN" } // Response returns the null character delimited encoding for the SASL PLAIN Mechanism. func (auth *PlainAuth) Response() string { return fmt.Sprintf("\000%s\000%s", auth.Username, auth.Password) } // AMQPlainAuth is similar to PlainAuth type AMQPlainAuth struct { Username string Password string } // Mechanism returns "AMQPLAIN" func (auth *AMQPlainAuth) Mechanism() string { return "AMQPLAIN" } // Response returns an AMQP encoded credentials table, without the field table size. func (auth *AMQPlainAuth) Response() string { var buf bytes.Buffer table := Table{"LOGIN": auth.Username, "PASSWORD": auth.Password} if err := writeTable(&buf, table); err != nil { return "" } return buf.String()[4:] } // ExternalAuth for RabbitMQ-auth-mechanism-ssl. type ExternalAuth struct { } // Mechanism returns "EXTERNAL" func (*ExternalAuth) Mechanism() string { return "EXTERNAL" } // Response returns an AMQP encoded credentials table, without the field table size. func (*ExternalAuth) Response() string { return "\000*\000*" } // Finds the first mechanism preferred by the client that the server supports. func pickSASLMechanism(client []Authentication, serverMechanisms []string) (auth Authentication, ok bool) { for _, auth = range client { for _, mech := range serverMechanisms { if auth.Mechanism() == mech { return auth, true } } } return }