cubefs

kerberos_client.go
46 строк · 1.4 Кб
Перенос по словам
1
package sarama
2

3
import (
4
	krb5client "github.com/jcmturner/gokrb5/v8/client"
5
	krb5config "github.com/jcmturner/gokrb5/v8/config"
6
	"github.com/jcmturner/gokrb5/v8/keytab"
7
	"github.com/jcmturner/gokrb5/v8/types"
8
)
9

10
type KerberosGoKrb5Client struct {
11
	krb5client.Client
12
}
13

14
func (c *KerberosGoKrb5Client) Domain() string {
15
	return c.Credentials.Domain()
16
}
17

18
func (c *KerberosGoKrb5Client) CName() types.PrincipalName {
19
	return c.Credentials.CName()
20
}
21

22
// NewKerberosClient creates kerberos client used to obtain TGT and TGS tokens.
23
// It uses pure go Kerberos 5 solution (RFC-4121 and RFC-4120).
24
// uses gokrb5 library underlying which is a pure go kerberos client with some GSS-API capabilities.
25
func NewKerberosClient(config *GSSAPIConfig) (KerberosClient, error) {
26
	cfg, err := krb5config.Load(config.KerberosConfigPath)
27
	if err != nil {
28
		return nil, err
29
	}
30
	return createClient(config, cfg)
31
}
32

33
func createClient(config *GSSAPIConfig, cfg *krb5config.Config) (KerberosClient, error) {
34
	var client *krb5client.Client
35
	if config.AuthType == KRB5_KEYTAB_AUTH {
36
		kt, err := keytab.Load(config.KeyTabPath)
37
		if err != nil {
38
			return nil, err
39
		}
40
		client = krb5client.NewWithKeytab(config.Username, config.Realm, kt, cfg, krb5client.DisablePAFXFAST(config.DisablePAFXFAST))
41
	} else {
42
		client = krb5client.NewWithPassword(config.Username,
43
			config.Realm, config.Password, cfg, krb5client.DisablePAFXFAST(config.DisablePAFXFAST))
44
	}
45
	return &KerberosGoKrb5Client{*client}, nil
46
}
47
cubefs

Использование cookies
