go-xmpp/auth.go

package xmpp

import (
	"encoding/base64"
	"encoding/xml"
	"errors"
	"fmt"
	"io"
)

func authSASL(socket io.ReadWriter, decoder *xml.Decoder, f StreamFeatures, user string, password string) (err error) {
	// TODO: Implement other type of SASL Authentication
	havePlain := false
	for _, m := range f.Mechanisms.Mechanism {
		if m == "PLAIN" {
			havePlain = true
			break
		}
	}
	if !havePlain {
		err := fmt.Errorf("PLAIN authentication is not supported by server: %v", f.Mechanisms.Mechanism)
		return NewConnError(err, true)
	}

	return authPlain(socket, decoder, user, password)
}

// Plain authentication: send base64-encoded \x00 user \x00 password
func authPlain(socket io.ReadWriter, decoder *xml.Decoder, user string, password string) error {
	raw := "\x00" + user + "\x00" + password
	enc := make([]byte, base64.StdEncoding.EncodedLen(len(raw)))
	base64.StdEncoding.Encode(enc, []byte(raw))
	fmt.Fprintf(socket, "<auth xmlns='%s' mechanism='PLAIN'>%s</auth>", nsSASL, enc)

	// Next message should be either success or failure.
	val, err := next(decoder)
	if err != nil {
		return err
	}

	switch v := val.(type) {
	case SASLSuccess:
	case SASLFailure:
		// v.Any is type of sub-element in failure, which gives a description of what failed.
		err := errors.New("auth failure: " + v.Any.Local)
		return NewConnError(err, true)
	default:
		return errors.New("expected SASL success or failure, got " + v.Name())
	}
	return err
}

// ============================================================================
// SASLSuccess

type SASLSuccess struct {
	XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-sasl success"`
}

func (SASLSuccess) Name() string {
	return "sasl:success"
}

type saslSuccessDecoder struct{}

var saslSuccess saslSuccessDecoder

func (saslSuccessDecoder) decode(p *xml.Decoder, se xml.StartElement) (SASLSuccess, error) {
	var packet SASLSuccess
	err := p.DecodeElement(&packet, &se)
	return packet, err
}

// ============================================================================
// SASLFailure

type SASLFailure struct {
	XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-sasl failure"`
	Any     xml.Name // error reason is a subelement
}

func (SASLFailure) Name() string {
	return "sasl:failure"
}

type saslFailureDecoder struct{}

var saslFailure saslFailureDecoder

func (saslFailureDecoder) decode(p *xml.Decoder, se xml.StartElement) (SASLFailure, error) {
	var packet SASLFailure
	err := p.DecodeElement(&packet, &se)
	return packet, err
}

// ============================================================================

type auth struct {
	XMLName   xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-sasl auth"`
	Mechanism string   `xml:"mecanism,attr"`
	Value     string   `xml:",innerxml"`
}

type BindBind struct {
	XMLName  xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-bind bind"`
	Resource string   `xml:"resource,omitempty"`
	Jid      string   `xml:"jid,omitempty"`
}

func (b *BindBind) Namespace() string {
	return b.XMLName.Space
}

// Session is obsolete in RFC 6121.
// Added for compliance with RFC 3121.
// Remove when ejabberd purely conforms to RFC 6121.
type sessionSession struct {
	XMLName  xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-session session"`
	optional xml.Name // If it does exist, it mean we are not required to open session
}
With go modules, we should be able to remove import comments 2019-06-18 14:28:30 +00:00			`package xmpp`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00
			`import (`
			`"encoding/base64"`
			`"encoding/xml"`
			`"errors"`
			`"fmt"`
			`"io"`
			`)`

Add tool to check XMPP certificate on starttls Minor refactoring 2019-05-16 15:46:36 +00:00			`func authSASL(socket io.ReadWriter, decoder *xml.Decoder, f StreamFeatures, user string, password string) (err error) {`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`// TODO: Implement other type of SASL Authentication`
			`havePlain := false`
			`for _, m := range f.Mechanisms.Mechanism {`
			`if m == "PLAIN" {`
			`havePlain = true`
			`break`
			`}`
			`}`
			`if !havePlain {`
Handling basic unrecoverable errors Fix #43 2019-06-07 13:23:23 +00:00			`err := fmt.Errorf("PLAIN authentication is not supported by server: %v", f.Mechanisms.Mechanism)`
			`return NewConnError(err, true)`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`}`

			`return authPlain(socket, decoder, user, password)`
			`}`

			`// Plain authentication: send base64-encoded \x00 user \x00 password`
			`func authPlain(socket io.ReadWriter, decoder *xml.Decoder, user string, password string) error {`
			`raw := "\x00" + user + "\x00" + password`
			`enc := make([]byte, base64.StdEncoding.EncodedLen(len(raw)))`
			`base64.StdEncoding.Encode(enc, []byte(raw))`
			`fmt.Fprintf(socket, "<auth xmlns='%s' mechanism='PLAIN'>%s</auth>", nsSASL, enc)`

			`// Next message should be either success or failure.`
Refactor parsing / improve typing 2018-01-13 17:50:17 +00:00			`val, err := next(decoder)`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`if err != nil {`
			`return err`
			`}`

			`switch v := val.(type) {`
Fix failing test 2018-01-13 17:56:38 +00:00			`case SASLSuccess:`
			`case SASLFailure:`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`// v.Any is type of sub-element in failure, which gives a description of what failed.`
Handling basic unrecoverable errors Fix #43 2019-06-07 13:23:23 +00:00			`err := errors.New("auth failure: " + v.Any.Local)`
			`return NewConnError(err, true)`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`default:`
Refactor parsing / improve typing 2018-01-13 17:50:17 +00:00			`return errors.New("expected SASL success or failure, got " + v.Name())`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`}`
			`return err`
			`}`

Refactor parsing / improve typing 2018-01-13 17:50:17 +00:00			`// ============================================================================`
			`// SASLSuccess`

			`type SASLSuccess struct {`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-sasl success"`
			`}`

Refactor parsing / improve typing 2018-01-13 17:50:17 +00:00			`func (SASLSuccess) Name() string {`
			`return "sasl:success"`
			`}`

			`type saslSuccessDecoder struct{}`

			`var saslSuccess saslSuccessDecoder`

			`func (saslSuccessDecoder) decode(p *xml.Decoder, se xml.StartElement) (SASLSuccess, error) {`
			`var packet SASLSuccess`
			`err := p.DecodeElement(&packet, &se)`
			`return packet, err`
			`}`

			`// ============================================================================`
			`// SASLFailure`

			`type SASLFailure struct {`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-sasl failure"`
			`Any xml.Name // error reason is a subelement`
Initial basic XMPP server mock. Work in progress: Need refactoring. 2017-10-04 23:27:35 +00:00			`}`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00
Refactor parsing / improve typing 2018-01-13 17:50:17 +00:00			`func (SASLFailure) Name() string {`
			`return "sasl:failure"`
			`}`

			`type saslFailureDecoder struct{}`

			`var saslFailure saslFailureDecoder`

			`func (saslFailureDecoder) decode(p *xml.Decoder, se xml.StartElement) (SASLFailure, error) {`
			`var packet SASLFailure`
			`err := p.DecodeElement(&packet, &se)`
			`return packet, err`
			`}`

			`// ============================================================================`

Initial basic XMPP server mock. Work in progress: Need refactoring. 2017-10-04 23:27:35 +00:00			`type auth struct {`
			XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-sasl auth"`
			Mechanism string `xml:"mecanism,attr"`
			Value string `xml:",innerxml"`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`}`

Work-in-progress on dynamic IQ parsing 2018-01-16 21:33:21 +00:00			`type BindBind struct {`
Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-bind bind"`
Refactor IQ handling and merge payload iq struct fields for supported XEPs 2016-02-15 14:22:51 +00:00			Resource string `xml:"resource,omitempty"`
			Jid string `xml:"jid,omitempty"`
			`}`

Add router to make it easier to set up routing info - Using the router, the dispatch is not done anymore by receiving from receive channel, but by registering callback functions in routers, with matchers. - Make IQPayload a real interface to make it easier to match namespaces. - The StreamManager Run command is now blocking, waiting for StreamManager to terminate. 2019-06-13 15:22:39 +00:00			`func (b *BindBind) Namespace() string {`
			`return b.XMLName.Space`
			`}`

Initial working version of go XMPP library 2016-01-06 15:51:12 +00:00			`// Session is obsolete in RFC 6121.`
			`// Added for compliance with RFC 3121.`
			`// Remove when ejabberd purely conforms to RFC 6121.`
			`type sessionSession struct {`
			XMLName xml.Name `xml:"urn:ietf:params:xml:ns:xmpp-session session"`
			`optional xml.Name // If it does exist, it mean we are not required to open session`
			`}`