🔒⚗️ Add experimental SASL::ClientAdapter #183
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nevans
force-pushed
the
sasl/abstract-protocol
branch
9 times, most recently
from
4af88b3
to
5a72913
Compare
35 tasks
nevans
force-pushed
the
sasl/abstract-protocol
branch
2 times, most recently
from
6fc2d1e
to
60651db
Compare
_The API is **experimental.**_ TODO: catch exceptions in #process and send #cancel_string. TODO: raise an error if the command succeeds after being canceled. TODO: use with more clients, to verify the API can accommodate them. An abstract base class for executing a SASL authentication exchange for a client. Subclasses works as an adapter for a protocol and a client implementation of that protocol. Call `#authenticate` to execute an authentication exchange for `#client` using `#authenticator`. Authentication failures will raise an exception. Any exceptions other than those in RESPONSE_ERRORs will also drop the connection. Methods for subclasses to override are all documented as `protected`. At the very least, subclasses must provide an override (or a block) for `#send_command_with_continuations`. Client-specific overrides may also be needed for `RESPONSE_ERRORS`, `#supports_initial_response?`, `#supports_mechanism?`, `#handle_incomplete`, or `#drop_connection`.
nevans
force-pushed
the
sasl/abstract-protocol
branch
2 times, most recently
from
2a55ec3
to
51b12d6
Compare
|
This PR has been updated to only create the SASL::ClientAdapter. Actually using it has been pushed off until later (#194). So I see this PR as very low risk. On the other hand, I have been using this code from other projects and I would like to submit PRs to some of them. And that will be greatly simplified once it is in a released gem. |
This was referenced Oct 15, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds some complexity over the IMAP implementation, but it simplifies sharing the implementation between
net-imap,net-smtp, and hopefully many others in the future.SASL.initial_response?andSASL.done?have been removed without deprecation (they haven't been in any release yet). The logic has been moved intoSASL::ClientAdapter.#initial_response?was added to the deprecated authenticators. It isn't required that authenticators implement this method, but it simplifies the tests, now thatSASL.initial_response?is gone.This PR has been updated to only create the SASL::ClientAdapter. Actually using it has been pushed off until a later PR: #194.