Class: Kafka::Sasl::Scram

Inherits:
Object
  • Object
show all
Defined in:
lib/kafka/sasl/scram.rb

Constant Summary collapse

MECHANISMS =
{
  "sha256" => "SCRAM-SHA-256",
  "sha512" => "SCRAM-SHA-512",
}.freeze

Instance Method Summary collapse

Constructor Details

#initialize(username:, password:, mechanism: 'sha256', logger:) ⇒ Scram

Returns a new instance of Scram


14
15
16
17
18
19
20
21
22
23
24
25
# File 'lib/kafka/sasl/scram.rb', line 14

def initialize(username:, password:, mechanism: 'sha256', logger:)
  @semaphore = Mutex.new
  @username = username
  @password = password
  @logger = TaggedLogger.new(logger)

  if mechanism
    @mechanism = MECHANISMS.fetch(mechanism) do
      raise Kafka::SaslScramError, "SCRAM mechanism #{mechanism} is not supported."
    end
  end
end

Instance Method Details

#authenticate!(host, encoder, decoder) ⇒ Object


35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
# File 'lib/kafka/sasl/scram.rb', line 35

def authenticate!(host, encoder, decoder)
  @logger.debug "Authenticating #{@username} with SASL #{@mechanism}"

  begin
    @semaphore.synchronize do
      msg = first_message
      @logger.debug "Sending first client SASL SCRAM message: #{msg}"
      encoder.write_bytes(msg)

      @server_first_message = decoder.bytes
      @logger.debug "Received first server SASL SCRAM message: #{@server_first_message}"

      msg = final_message
      @logger.debug "Sending final client SASL SCRAM message: #{msg}"
      encoder.write_bytes(msg)

      response = parse_response(decoder.bytes)
      @logger.debug "Received last server SASL SCRAM message: #{response}"

      raise FailedScramAuthentication, response['e'] if response['e']
      raise FailedScramAuthentication, "Invalid server signature" if response['v'] != server_signature
    end
  rescue EOFError => e
    raise FailedScramAuthentication, e.message
  end

  @logger.debug "SASL SCRAM authentication successful"
end

#configured?Boolean

Returns:

  • (Boolean)

31
32
33
# File 'lib/kafka/sasl/scram.rb', line 31

def configured?
  @username && @password && @mechanism
end

#identObject


27
28
29
# File 'lib/kafka/sasl/scram.rb', line 27

def ident
  @mechanism
end