MCPcopy
hub / github.com/segmentio/kafka-go / authenticateSASL

Function authenticateSASL

transport.go:1288–1318  ·  transport.go::authenticateSASL

authenticateSASL performs all of the required requests to authenticate this connection. If any step fails, this function returns with an error. A nil error indicates successful authentication.

(ctx context.Context, pc *protocol.Conn, mechanism sasl.Mechanism)

Source from the content-addressed store, hash-verified

1286// connection. If any step fails, this function returns with an error. A nil
1287// error indicates successful authentication.
1288func authenticateSASL(ctx context.Context, pc *protocol.Conn, mechanism sasl.Mechanism) error {
1289 if err := saslHandshakeRoundTrip(pc, mechanism.Name()); err != nil {
1290 return err
1291 }
1292
1293 sess, state, err := mechanism.Start(ctx)
1294 if err != nil {
1295 return err
1296 }
1297
1298 for completed := false; !completed; {
1299 challenge, err := saslAuthenticateRoundTrip(pc, state)
1300 if err != nil {
1301 if errors.Is(err, io.EOF) {
1302 // the broker may communicate a failed exchange by closing the
1303 // connection (esp. in the case where we're passing opaque sasl
1304 // data over the wire since there's no protocol info).
1305 return SASLAuthenticationFailed
1306 }
1307
1308 return err
1309 }
1310
1311 completed, state, err = sess.Next(ctx, challenge)
1312 if err != nil {
1313 return err
1314 }
1315 }
1316
1317 return nil
1318}
1319
1320// saslHandshake sends the SASL handshake message. This will determine whether
1321// the Mechanism is supported by the cluster. If it's not, this function will

Callers 1

connectMethod · 0.85

Calls 5

saslHandshakeRoundTripFunction · 0.85
NameMethod · 0.65
StartMethod · 0.65
NextMethod · 0.65

Tested by

no test coverage detected