forked from domehuhu/logspout-kafka
/
authen.go
58 lines (46 loc) · 1.52 KB
/
authen.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
package kafka
import (
"log"
"os"
"strconv"
"github.com/Shopify/sarama"
"github.com/xdg/scram"
)
type SASLAuthentication struct {
options map[string]string
}
func NewSASLAuthentication(options map[string]string) *SASLAuthentication {
if _, found := options["sasl.version"]; !found {
options["sasl.version"] = "1"
}
return &SASLAuthentication{options}
}
func (authen *SASLAuthentication) SetConfig(config *sarama.Config) error {
if os.Getenv("DEBUG") != "" {
log.Println("SASL PLAINTEXT is enabled")
}
config.Metadata.Full = true
config.Net.SASL.Enable = true
config.Net.SASL.Handshake = true
config.Net.SASL.User = authen.options["sasl.user"]
config.Net.SASL.Password = authen.options["sasl.password"]
if version, err := strconv.Atoi(authen.options["sasl.version"]); err == nil {
config.Net.SASL.Version = int16(version)
} else {
return errorf("SASL version configuration is invalid.")
}
switch authen.options["sasl.mechanism"] {
case sarama.SASLTypeSCRAMSHA256:
authen.setHash(config, sarama.SASLTypeSCRAMSHA256, SHA256)
case sarama.SASLTypeSCRAMSHA512:
authen.setHash(config, sarama.SASLTypeSCRAMSHA512, SHA512)
}
return nil
}
func (auth *SASLAuthentication) setHash(config *sarama.Config, mechanism sarama.SASLMechanism, generator scram.HashGeneratorFcn) {
if os.Getenv("DEBUG") != "" {
log.Printf("SASL Mechanism: %s\n", mechanism)
}
config.Net.SASL.SCRAMClientGeneratorFunc = func() sarama.SCRAMClient { return &SCRAMClient{HashGeneratorFcn: generator} }
config.Net.SASL.Mechanism = mechanism
}