Class: Kafka::Sasl::Scram

Inherits:

Object

• Object
• Kafka::Sasl::Scram

Defined in:

lib/kafka/sasl/scram.rb

Constant Summary

MECHANISMS =

{
  "sha256" => "SCRAM-SHA-256",
  "sha512" => "SCRAM-SHA-512",
}.freeze

Instance Method Summary

• #authenticate!(host, encoder, decoder) ⇒ Object
• #configured? ⇒ Boolean
• #ident ⇒ Object
• #initialize(username:, password:, mechanism: 'sha256', logger:) ⇒ Scram constructor

  A new instance of Scram.

Constructor Details

#initialize(username:, password:, mechanism: 'sha256', logger:) ⇒ Scram

Returns a new instance of Scram.

# File 'lib/kafka/sasl/scram.rb', line 14

def initialize(username:, password:, mechanism: 'sha256', logger:)
  @semaphore = Mutex.new
  @username = username
  @password = password
  @logger = TaggedLogger.new(logger)

  if mechanism
    @mechanism = MECHANISMS.fetch(mechanism) do
      raise Kafka::SaslScramError, "SCRAM mechanism #{mechanism} is not supported."
    end
  end
end

Instance Method Details

#authenticate!(host, encoder, decoder) ⇒ Object

# File 'lib/kafka/sasl/scram.rb', line 35

def authenticate!(host, encoder, decoder)
  @logger.debug "Authenticating #{@username} with SASL #{@mechanism}"

  begin
    @semaphore.synchronize do
      msg = first_message
      @logger.debug "Sending first client SASL SCRAM message: #{msg}"
      encoder.write_bytes(msg)

      @server_first_message = decoder.bytes
      @logger.debug "Received first server SASL SCRAM message: #{@server_first_message}"

      msg = final_message
      @logger.debug "Sending final client SASL SCRAM message: #{msg}"
      encoder.write_bytes(msg)

      response = parse_response(decoder.bytes)
      @logger.debug "Received last server SASL SCRAM message: #{response}"

      raise FailedScramAuthentication, response['e'] if response['e']
      raise FailedScramAuthentication, "Invalid server signature" if response['v'] != server_signature
    end
  rescue EOFError => e
    raise FailedScramAuthentication, e.message
  end

  @logger.debug "SASL SCRAM authentication successful"
end

#configured? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/kafka/sasl/scram.rb', line 31

def configured?
  @username && @password && @mechanism
end

#ident ⇒ Object

# File 'lib/kafka/sasl/scram.rb', line 27

def ident
  @mechanism
end