mongo-go-driver: github.com/mongodb/mongo-go-driver/x/mongo/driver/auth Index | Files

package auth

import "github.com/mongodb/mongo-go-driver/x/mongo/driver/auth"

Package auth is not for public use.

The API for packages in the 'private' directory have no stability guarantee.

The packages within the 'private' directory would normally be put into an 'internal' directory to prohibit their use outside the 'mongo' directory. However, some MongoDB tools require very low-level access to the building blocks of a driver, so we have placed them under 'private' to allow these packages to be imported by projects that need them.

These package APIs may be modified in backwards-incompatible ways at any time.

You are strongly discouraged from directly using any packages under 'private'.

Index

Package Files

auth.go aws_conv.go conversation.go cred.go default.go doc.go gssapi_not_enabled.go mongodbaws.go mongodbcr.go plain.go sasl.go scram.go util.go x509.go

Constants

const (
    // SCRAMSHA1 holds the mechanism name "SCRAM-SHA-1"
    SCRAMSHA1 = "SCRAM-SHA-1"

    // SCRAMSHA256 holds the mechanism name "SCRAM-SHA-256"
    SCRAMSHA256 = "SCRAM-SHA-256"
)
const GSSAPI = "GSSAPI"

GSSAPI is the mechanism name for GSSAPI.

const MONGODBCR = "MONGODB-CR"

MONGODBCR is the mechanism name for MONGODB-CR.

The MONGODB-CR authentication mechanism is deprecated in MongoDB 4.0.

const MongoDBAWS = "MONGODB-AWS"

MongoDBAWS is the mechanism name for MongoDBAWS.

const MongoDBX509 = "MONGODB-X509"

MongoDBX509 is the mechanism name for MongoDBX509.

const PLAIN = "PLAIN"

PLAIN is the mechanism name for PLAIN.

func ConductSaslConversation Uses

func ConductSaslConversation(ctx context.Context, cfg *Config, authSource string, client SaslClient) error

ConductSaslConversation runs a full SASL conversation to authenticate the given connection.

func Handshaker Uses

func Handshaker(h driver.Handshaker, options *HandshakeOptions) driver.Handshaker

Handshaker creates a connection handshaker for the given authenticator.

func RegisterAuthenticatorFactory Uses

func RegisterAuthenticatorFactory(name string, factory AuthenticatorFactory)

RegisterAuthenticatorFactory registers the authenticator factory.

type Authenticator Uses

type Authenticator interface {
    // Auth authenticates the connection.
    Auth(context.Context, *Config) error
}

Authenticator handles authenticating a connection.

func CreateAuthenticator Uses

func CreateAuthenticator(name string, cred *Cred) (Authenticator, error)

CreateAuthenticator creates an authenticator.

type AuthenticatorFactory Uses

type AuthenticatorFactory func(cred *Cred) (Authenticator, error)

AuthenticatorFactory constructs an authenticator.

type Config Uses

type Config struct {
    Description  description.Server
    Connection   driver.Connection
    ClusterClock *session.ClusterClock
}

Config holds the information necessary to perform an authentication attempt.

type Cred Uses

type Cred struct {
    Source      string
    Username    string
    Password    string
    PasswordSet bool
    Props       map[string]string
}

Cred is a user's credential.

type DefaultAuthenticator Uses

type DefaultAuthenticator struct {
    Cred *Cred
    // contains filtered or unexported fields
}

DefaultAuthenticator uses SCRAM-SHA-1 or MONGODB-CR depending on the server version.

func (*DefaultAuthenticator) Auth Uses

func (a *DefaultAuthenticator) Auth(ctx context.Context, cfg *Config) error

Auth authenticates the connection.

func (*DefaultAuthenticator) CreateSpeculativeConversation Uses

func (a *DefaultAuthenticator) CreateSpeculativeConversation() (SpeculativeConversation, error)

CreateSpeculativeConversation creates a speculative conversation for SCRAM authentication.

type Error Uses

type Error struct {
    // contains filtered or unexported fields
}

Error is an error that occurred during authentication.

func (*Error) Error Uses

func (e *Error) Error() string

func (*Error) Inner Uses

func (e *Error) Inner() error

Inner returns the wrapped error.

func (*Error) Message Uses

func (e *Error) Message() string

Message returns the message.

func (*Error) Unwrap Uses

func (e *Error) Unwrap() error

Unwrap returns the underlying error.

type ExtraOptionsSaslClient Uses

type ExtraOptionsSaslClient interface {
    StartCommandOptions() bsoncore.Document
}

ExtraOptionsSaslClient is a SaslClient that appends options to the saslStart command.

type HandshakeOptions Uses

type HandshakeOptions struct {
    AppName               string
    Authenticator         Authenticator
    Compressors           []string
    DBUser                string
    PerformAuthentication func(description.Server) bool
    ClusterClock          *session.ClusterClock
}

HandshakeOptions packages options that can be passed to the Handshaker() function. DBUser is optional but must be of the form <dbname.username>; if non-empty, then the connection will do SASL mechanism negotiation.

type MongoDBAWSAuthenticator Uses

type MongoDBAWSAuthenticator struct {
    // contains filtered or unexported fields
}

MongoDBAWSAuthenticator uses AWS-IAM credentials over SASL to authenticate a connection.

func (*MongoDBAWSAuthenticator) Auth Uses

func (a *MongoDBAWSAuthenticator) Auth(ctx context.Context, cfg *Config) error

Auth authenticates the connection.

type MongoDBCRAuthenticator Uses

type MongoDBCRAuthenticator struct {
    DB       string
    Username string
    Password string
}

MongoDBCRAuthenticator uses the MONGODB-CR algorithm to authenticate a connection.

The MONGODB-CR authentication mechanism is deprecated in MongoDB 4.0.

func (*MongoDBCRAuthenticator) Auth Uses

func (a *MongoDBCRAuthenticator) Auth(ctx context.Context, cfg *Config) error

Auth authenticates the connection.

The MONGODB-CR authentication mechanism is deprecated in MongoDB 4.0.

type MongoDBX509Authenticator Uses

type MongoDBX509Authenticator struct {
    User string
}

MongoDBX509Authenticator uses X.509 certificates over TLS to authenticate a connection.

func (*MongoDBX509Authenticator) Auth Uses

func (a *MongoDBX509Authenticator) Auth(ctx context.Context, cfg *Config) error

Auth authenticates the provided connection by conducting an X509 authentication conversation.

func (*MongoDBX509Authenticator) CreateSpeculativeConversation Uses

func (a *MongoDBX509Authenticator) CreateSpeculativeConversation() (SpeculativeConversation, error)

CreateSpeculativeConversation creates a speculative conversation for X509 authentication.

type PlainAuthenticator Uses

type PlainAuthenticator struct {
    Username string
    Password string
}

PlainAuthenticator uses the PLAIN algorithm over SASL to authenticate a connection.

func (*PlainAuthenticator) Auth Uses

func (a *PlainAuthenticator) Auth(ctx context.Context, cfg *Config) error

Auth authenticates the connection.

type SaslClient Uses

type SaslClient interface {
    Start() (string, []byte, error)
    Next(challenge []byte) ([]byte, error)
    Completed() bool
}

SaslClient is the client piece of a sasl conversation.

type SaslClientCloser Uses

type SaslClientCloser interface {
    SaslClient
    Close()
}

SaslClientCloser is a SaslClient that has resources to clean up.

type ScramAuthenticator Uses

type ScramAuthenticator struct {
    // contains filtered or unexported fields
}

ScramAuthenticator uses the SCRAM algorithm over SASL to authenticate a connection.

func (*ScramAuthenticator) Auth Uses

func (a *ScramAuthenticator) Auth(ctx context.Context, cfg *Config) error

Auth authenticates the provided connection by conducting a full SASL conversation.

func (*ScramAuthenticator) CreateSpeculativeConversation Uses

func (a *ScramAuthenticator) CreateSpeculativeConversation() (SpeculativeConversation, error)

CreateSpeculativeConversation creates a speculative conversation for SCRAM authentication.

type SpeculativeAuthenticator Uses

type SpeculativeAuthenticator interface {
    CreateSpeculativeConversation() (SpeculativeConversation, error)
}

SpeculativeAuthenticator represents an authenticator that supports speculative authentication.

type SpeculativeConversation Uses

type SpeculativeConversation interface {
    FirstMessage() (bsoncore.Document, error)
    Finish(ctx context.Context, cfg *Config, firstResponse bsoncore.Document) error
}

SpeculativeConversation represents an authentication conversation that can be merged with the initial connection handshake.

FirstMessage method returns the first message to be sent to the server. This message will be included in the initial isMaster command.

Finish takes the server response to the initial message and conducts the remainder of the conversation to authenticate the provided connection.

Package auth imports 26 packages (graph). Updated 2020-05-06. Refresh now. Tools for package owners.