1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950 |
- // Copyright 2018 by David A. Golden. All rights reserved.
- //
- // Licensed under the Apache License, Version 2.0 (the "License"); you may
- // not use this file except in compliance with the License. You may obtain
- // a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
-
- package scram
-
- import "sync"
-
- // Server implements the server side of SCRAM authentication. It holds
- // configuration values needed to initialize new server-side conversations.
- // Generally, this can be persistent within an application.
- type Server struct {
- sync.RWMutex
- credentialCB CredentialLookup
- nonceGen NonceGeneratorFcn
- hashGen HashGeneratorFcn
- }
-
- func newServer(cl CredentialLookup, fcn HashGeneratorFcn) (*Server, error) {
- return &Server{
- credentialCB: cl,
- nonceGen: defaultNonceGenerator,
- hashGen: fcn,
- }, nil
- }
-
- // WithNonceGenerator replaces the default nonce generator (base64 encoding of
- // 24 bytes from crypto/rand) with a custom generator. This is provided for
- // testing or for users with custom nonce requirements.
- func (s *Server) WithNonceGenerator(ng NonceGeneratorFcn) *Server {
- s.Lock()
- defer s.Unlock()
- s.nonceGen = ng
- return s
- }
-
- // NewConversation constructs a server-side authentication conversation.
- // Conversations cannot be reused, so this must be called for each new
- // authentication attempt.
- func (s *Server) NewConversation() *ServerConversation {
- s.RLock()
- defer s.RUnlock()
- return &ServerConversation{
- nonceGen: s.nonceGen,
- hashGen: s.hashGen,
- credentialCB: s.credentialCB,
- }
- }
|