package sasl

Import Path
	mellium.im/sasl (on go.dev)

Dependency Relation
	imports 13 packages, and imported by one package

Involved Source Files

	   #d doc.go
		Package sasl implements the Simple Authentication and Security Layer (SASL)
		as defined by RFC 4422.

		Most users of this package will only need to create a Negotiator using
		NewClient or NewServer and call its Step method repeatedly.
		Authors implementing SASL mechanisms other than the builtin ones will want to
		create a Mechanism struct which will likely use the other methods on the
		Negotiator.

		Be advised: This API is still unstable and is subject to change.

	      mechanism.go
	      negotiator.go
	      nonce.go
	      options.go
	      plain.go
	      scram.go
	      xor.go
	      xor_amd64.go
	      xor_amd64.s
Code Examples

	_plainFailure
		package main
		
		import (
			"fmt"
			"mellium.im/sasl"
		)
		
		func main() {
			const (
				username = "miranda"
				password = "pencil"
			)
		
			creds := sasl.Credentials(func() ([]byte, []byte, []byte) {
				return []byte(username), []byte(password), []byte{}
			})
		
			server := sasl.NewServer(sasl.Plain, func(n *sasl.Negotiator) bool {
				user, pass, ident := n.Credentials()
				// In a real auth system you might want to consider a constant time
				// comparison and this would probably involve hashing and a database lookup.
				if len(ident) == 0 && string(user) == username && string(pass) == password {
					fmt.Println("auth success!")
					return true
				}
				fmt.Println("auth failed!")
				return false
			}, creds)
		
			client := sasl.NewClient(sasl.Plain, sasl.Credentials(func() ([]byte, []byte, []byte) {
				// In a real auth system this would probably be user input.
				return []byte(username), []byte("password!"), []byte{}
			}))
		
			_, resp, err := client.Step(nil)
			if err != nil {
				fmt.Println(err)
				return
			}
		
			// Normally the response would come from the network, not from a client on the
			// same machine.
			_, _, err = server.Step(resp)
			if err != sasl.ErrAuthn {
				fmt.Println(err)
				return
			}
		
		}

	_plainSuccess
		package main
		
		import (
			"fmt"
			"mellium.im/sasl"
		)
		
		func main() {
			const (
				username = "miranda"
				password = "pencil"
			)
		
			creds := sasl.Credentials(func() ([]byte, []byte, []byte) {
				// In a real auth system this would probably be user input.
				return []byte(username), []byte(password), []byte{}
			})
		
			server := sasl.NewServer(sasl.Plain, func(n *sasl.Negotiator) bool {
				user, pass, ident := n.Credentials()
				// In a real auth system you might want to consider a constant time
				// comparison and this would probably involve hashing and a database lookup.
				if len(ident) == 0 && string(user) == username && string(pass) == password {
					fmt.Println("auth success!")
					return true
				}
				fmt.Println("auth failed!")
				return false
			}, creds)
		
			client := sasl.NewClient(sasl.Plain, creds)
		
			_, resp, err := client.Step(nil)
			if err != nil {
				fmt.Println(err)
				return
			}
		
			// Normally the response would come from the network, not from a client on the
			// same machine.
			_, _, err = server.Step(resp)
			if err != nil {
				fmt.Println(err)
				return
			}
		
		}

	_xOAUTH2
		package main
		
		import (
			"bytes"
			"fmt"
		
			"mellium.im/sasl"
		)
		
		// A custom SASL Mechanism that implements XOAUTH2:
		// https://developers.google.com/gmail/xoauth2_protocol
		var xoauth2 = sasl.Mechanism{
			Name: "XOAUTH2",
			Start: func(m *sasl.Negotiator) (bool, []byte, interface{}, error) {
				// Start is called only by clients and returns the client first message.
		
				username, password, _ := m.Credentials()
		
				payload := []byte(`user=`)
				payload = append(payload, username...)
				payload = append(payload, '\x01')
				payload = append(payload, []byte(`auth=Bearer `)...)
				payload = append(payload, password...)
				payload = append(payload, '\x01', '\x01')
		
				return false, payload, nil, nil
			},
			Next: func(m *sasl.Negotiator, challenge []byte, _ interface{}) (bool, []byte, interface{}, error) {
				// Next is called by both clients and servers and must be able to generate
				// and handle every challenge except for the client first message which is
				// generated (but not handled by) by Start.
		
				state := m.State()
		
				// If we're a client or a server that's past the AuthTextSent step, we
				// should never actually hit this step for the XOAUTH2 mechanism so return
				// an error.
				if state&sasl.Receiving != sasl.Receiving || state&sasl.StepMask != sasl.AuthTextSent {
					return false, nil, nil, sasl.ErrTooManySteps
				}
		
				parts := bytes.Split(challenge, []byte{1})
				if len(parts) != 3 {
					return false, nil, nil, sasl.ErrInvalidChallenge
				}
				user := bytes.TrimPrefix([]byte("user="), parts[0])
				if len(user) == len(parts[0]) {
					return false, nil, nil, sasl.ErrInvalidChallenge
				}
				pass := bytes.TrimPrefix([]byte("Auth=Bearer "), parts[1])
				if len(pass) == len(parts[1]) {
					return false, nil, nil, sasl.ErrInvalidChallenge
				}
				if len(parts[2]) > 0 {
					return false, nil, nil, sasl.ErrInvalidChallenge
				}
		
				if m.Permissions(sasl.Credentials(func() ([]byte, []byte, []byte) {
					return user, pass, nil
				})) {
					return false, nil, nil, nil
				}
				return false, nil, nil, sasl.ErrAuthn
			},
		}
		
		func main() {
			c := sasl.NewClient(
				xoauth2,
				sasl.Credentials(func() ([]byte, []byte, []byte) {
					return []byte("someuser@example.com"), []byte("vF9dft4qmTc2Nvb3RlckBhdHRhdmlzdGEuY29tCg=="), []byte{}
				}),
			)
		
			// This is the first step and we haven't received any challenge from the
			// server yet.
			more, resp, _ := c.Step(nil)
			fmt.Printf("%v %s", more, bytes.Replace(resp, []byte{1}, []byte{' '}, -1))
		
		}


Package-Level Type Names (total 4, all are exported)

	/* sort exporteds by: alphabet | popularity */
	 type Mechanism (struct)
		Mechanism represents a SASL mechanism that can be used by a Client or Server
		to perform the actual negotiation. Base64 encoding the final challenges and
		responses should not be performed by the mechanism.

		Mechanisms must be stateless and may be shared between goroutines. When a
		mechanism needs to store state between the different steps it can return
		anything that it needs to store and the value will be cached by the
		negotiator and passed in as the data parameter when the next challenge is
		received.

		Fields (total 3, all are exported)
			Name string
			Next func(n *Negotiator, challenge []byte, data interface{}) (more bool, resp []byte, cache interface{}, err error)
			Start func(n *Negotiator) (more bool, resp []byte, cache interface{}, err error)
		As Outputs Of (at least one unexported)
			/* at least one unexported ... *//* at least one unexported: */
			func scram(name string, fn func() hash.Hash) Mechanism
		As Inputs Of (at least 2, both are exported)
			func NewClient(m Mechanism, opts ...Option) *Negotiator
			func NewServer(m Mechanism, permissions func(*Negotiator) bool, opts ...Option) *Negotiator
		As Types Of (total 6, in which 5 are exported)
			  var Plain
			  var ScramSha1
			  var ScramSha1Plus
			  var ScramSha256
			  var ScramSha256Plus
			/* one unexported ... *//* one unexported: */
			  var plain

	 type Negotiator (struct)
		A Negotiator represents a SASL client or server state machine that can
		attempt to negotiate auth. Negotiators should not be used from multiple
		goroutines, and must be reset between negotiation attempts.

		Fields (total 8, none are exported)
			/* 8 unexporteds ... *//* 8 unexporteds: */
			cache interface{}
			credentials func() (Username, Password, Identity []byte)
			mechanism Mechanism
			nonce []byte
			permissions func(*Negotiator) bool
			remoteMechanisms []string
			state State
			tlsState *tls.ConnectionState
		Methods (total 8, all are exported)
			(*Negotiator) Credentials() (username, password, identity []byte)
				Credentials returns a username, and password for authentication and optional
				identity for authorization.

			(*Negotiator) Nonce() []byte
				Nonce returns a unique nonce that is reset for each negotiation attempt. It
				is used by SASL Mechanisms and should generally not be called directly.

			(*Negotiator) Permissions(opts ...Option) bool
				Permissions is the callback used by the server to authenticate the user.

			(*Negotiator) RemoteMechanisms() []string
				RemoteMechanisms is a list of mechanisms as advertised by the other side of a
				SASL negotiation.

			(*Negotiator) Reset()
				Reset resets the state machine to its initial state so that it can be reused
				in another SASL exchange.

			(*Negotiator) State() State
				State returns the internal state of the SASL state machine.

			(*Negotiator) Step(challenge []byte) (more bool, resp []byte, err error)
				Step attempts to transition the state machine to its next state. If Step is
				called after a previous invocation generates an error (and the state machine
				has not been reset to its initial state), Step panics.

			(*Negotiator) TLSState() *tls.ConnectionState
				TLSState is the state of any TLS connections being used to negotiate SASL
				(it can be used for channel binding).

		As Outputs Of (at least 2, both are exported)
			func NewClient(m Mechanism, opts ...Option) *Negotiator
			func NewServer(m Mechanism, permissions func(*Negotiator) bool, opts ...Option) *Negotiator
		As Inputs Of (at least 4, none are exported)
			/* 4+ unexporteds ... *//* 4+ unexporteds: */
			func getGS2Header(name string, n *Negotiator) (gs2Header []byte)
			func getOpts(n *Negotiator, o ...Option)
			func scramClientNext(name string, fn func() hash.Hash, m *Negotiator, challenge []byte, data interface{}) (more bool, resp []byte, cache interface{}, err error)
			func github.com/go-pg/pg/v10.readAuthSASLFinal(rd *pool.ReaderContext, client *Negotiator) error

	 type Option (func)
		An Option represents an input to a SASL state machine.

		As Outputs Of (at least 4, in which 3 are exported)
			func Credentials(f func() (Username, Password, Identity []byte)) Option
			func RemoteMechanisms(m ...string) Option
			func TLSState(cs tls.ConnectionState) Option
			/* at least one unexported ... *//* at least one unexported: */
			func setNonce(v []byte) Option
		As Inputs Of (at least 4, in which 3 are exported)
			func NewClient(m Mechanism, opts ...Option) *Negotiator
			func NewServer(m Mechanism, permissions func(*Negotiator) bool, opts ...Option) *Negotiator
			func (*Negotiator).Permissions(opts ...Option) bool
			/* at least one unexported ... *//* at least one unexported: */
			func getOpts(n *Negotiator, o ...Option)

	 type State uint8 (basic type)
		State represents the current state of a Negotiator.
		The first two bits represent the actual state of the state machine and the
		last 3 bits are a bitmask that define the machines behavior.
		The remaining bits should not be used.

		As Outputs Of (at least one exported)
			func (*Negotiator).State() State
		As Types Of (total 7, all are exported)
			const AuthTextSent
			const Errored
			const Initial
			const Receiving
			const RemoteCB
			const ResponseSent
			const ValidServerResponse


Package-Level Functions (total 14, in which 5 are exported)

	 func Credentials(f func() (Username, Password, Identity []byte)) Option
		Credentials provides the negotiator with a username and password to
		authenticate with and (optionally) an authorization identity.
		Identity will normally be left empty to act as the username.
		The Credentials function is called lazily and may be called multiple times by
		the mechanism.
		It is not memoized by the negotiator.

	 func NewClient(m Mechanism, opts ...Option) *Negotiator
		NewClient creates a new SASL Negotiator that supports creating authentication
		requests using the given mechanism.

	 func NewServer(m Mechanism, permissions func(*Negotiator) bool, opts ...Option) *Negotiator
		NewServer creates a new SASL Negotiator that supports receiving
		authentication requests using the given mechanism.
		A nil permissions function is the same as a function that always returns
		false.

	 func RemoteMechanisms(m ...string) Option
		RemoteMechanisms sets a list of mechanisms supported by the remote client or
		server with which the state machine will be negotiating.
		It is used to determine if the server supports channel binding.

	 func TLSState(cs tls.ConnectionState) Option
		TLSState lets the state machine negotiate channel binding with a TLS session
		if supported by the underlying mechanism.

	/* 9 unexporteds ... *//* 9 unexporteds: */
	 func getGS2Header(name string, n *Negotiator) (gs2Header []byte)
	 func getOpts(n *Negotiator, o ...Option)
	 func goXORBytes(dst, x, y []byte) int
	 func nextParam(params []byte) ([]byte, []byte)
	 func nonce(n int, r io.Reader) []byte
		Generates a nonce with n random bytes base64 encoded to ensure that it meets
		the criteria for inclusion in a SCRAM message.

	 func scram(name string, fn func() hash.Hash) Mechanism
	 func scramClientNext(name string, fn func() hash.Hash, m *Negotiator, challenge []byte, data interface{}) (more bool, resp []byte, cache interface{}, err error)
	 func setNonce(v []byte) Option
		nonce overrides the nonce used for authentication attempts.
		This defaults to a random value and should not be changed.

	 func xorBytes(dst, a, b *byte, n int)
Package-Level Variables (total 13, in which 9 are exported)

	  var ErrAuthn error
		Define common errors used by SASL mechanisms and negotiators.

	  var ErrInvalidChallenge error
		Define common errors used by SASL mechanisms and negotiators.

	  var ErrInvalidState error
		Define common errors used by SASL mechanisms and negotiators.

	  var ErrTooManySteps error
		Define common errors used by SASL mechanisms and negotiators.

	  var Plain Mechanism
		Plain is a Mechanism that implements the PLAIN authentication mechanism
		as defined by RFC 4616.

	  var ScramSha1 Mechanism
		ScramSha1 is a Mechanism that implements the SCRAM-SHA-1 authentication
		mechanism defined in RFC 5802.

	  var ScramSha1Plus Mechanism
		ScramSha1Plus is a Mechanism that implements the SCRAM-SHA-1-PLUS
		authentication mechanism defined in RFC 5802.
		The only supported channel binding types are tls-unique as defined in RFC
		5929 and tls-exporter defined in RFC 9266.

	  var ScramSha256 Mechanism
		ScramSha256 is a Mechanism that implements the SCRAM-SHA-256
		authentication mechanism defined in RFC 7677.

	  var ScramSha256Plus Mechanism
		ScramSha256Plus is a Mechanism that implements the SCRAM-SHA-256-PLUS
		authentication mechanism defined in RFC 7677.
		The only supported channel binding types are tls-unique as defined in RFC
		5929 and tls-exporter defined in RFC 9266.

	/* 4 unexporteds ... *//* 4 unexporteds: */
	  var clientKeyInput []byte
	  var plain Mechanism
	  var plainSep []byte
	  var serverKeyInput []byte
Package-Level Constants (total 15, in which 8 are exported)

	const AuthTextSent State = 1
		The current step of the Server or Client (represented by the first two bits
		of the state byte).

	const Errored State = 16
		Errored bit is on if the machine has errored.

	const Initial State = 0
		The current step of the Server or Client (represented by the first two bits
		of the state byte).

	const Receiving State = 32
		Receiving bit is on if the machine is a server.

	const RemoteCB State = 8
		RemoteCB bit is on if the remote client or server supports channel binding.

	const ResponseSent State = 2
		The current step of the Server or Client (represented by the first two bits
		of the state byte).

	const StepMask = 3
		Bitmask used for extracting the step from the state byte.

	const ValidServerResponse State = 3
		The current step of the Server or Client (represented by the first two bits
		of the state byte).

	/* 7 unexporteds ... *//* 7 unexporteds: */
	const exporterLabel = "EXPORTER-Channel-Binding"
	const exporterLen = 32
	const gs2HeaderCBSupportExporter = "p=tls-exporter,"
	const gs2HeaderCBSupportUnique = "p=tls-unique,"
	const gs2HeaderNoCBSupport = "n,"
	const gs2HeaderNoServerCBSupport = "y,"
	const noncerandlen = 16
		The number of random bytes to generate for a nonce.

The pages are generated with Golds v0.4.9. (GOOS=linux GOARCH=amd64)