blob: f32495795de3e782e85e9df71d5732a05f8f6a87 [file] [log] [blame]
Don Newton379ae252019-04-01 12:17:06 -04001// Copyright (C) MongoDB, Inc. 2017-present.
2//
3// Licensed under the Apache License, Version 2.0 (the "License"); you may
4// not use this file except in compliance with the License. You may obtain
5// a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
6
7//+build gssapi
8//+build windows linux darwin
9
10package auth
11
12import (
13 "context"
14
15 "github.com/mongodb/mongo-go-driver/x/mongo/driver/auth/internal/gssapi"
16 "github.com/mongodb/mongo-go-driver/x/network/description"
17 "github.com/mongodb/mongo-go-driver/x/network/wiremessage"
18)
19
20// GSSAPI is the mechanism name for GSSAPI.
21const GSSAPI = "GSSAPI"
22
23func newGSSAPIAuthenticator(cred *Cred) (Authenticator, error) {
24 if cred.Source != "" && cred.Source != "$external" {
25 return nil, newAuthError("GSSAPI source must be empty or $external", nil)
26 }
27
28 return &GSSAPIAuthenticator{
29 Username: cred.Username,
30 Password: cred.Password,
31 PasswordSet: cred.PasswordSet,
32 Props: cred.Props,
33 }, nil
34}
35
36// GSSAPIAuthenticator uses the GSSAPI algorithm over SASL to authenticate a connection.
37type GSSAPIAuthenticator struct {
38 Username string
39 Password string
40 PasswordSet bool
41 Props map[string]string
42}
43
44// Auth authenticates the connection.
45func (a *GSSAPIAuthenticator) Auth(ctx context.Context, desc description.Server, rw wiremessage.ReadWriter) error {
46 client, err := gssapi.New(desc.Addr.String(), a.Username, a.Password, a.PasswordSet, a.Props)
47
48 if err != nil {
49 return newAuthError("error creating gssapi", err)
50 }
51 return ConductSaslConversation(ctx, desc, rw, "$external", client)
52}