审查视图

vendor/mellium.im/sasl/options.go 1.5 KB
tangxvhui authored
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53
// Copyright 2016 The Mellium Contributors.
// Use of this source code is governed by the BSD 2-clause license that can be
// found in the LICENSE file.

package sasl

import (
	"crypto/tls"
)

// An Option represents an input to a SASL state machine.
type Option func(*Negotiator)

func getOpts(n *Negotiator, o ...Option) {
	n.credentials = func() (username, password, identity []byte) {
		return
	}
	n.permissions = func(_ *Negotiator) bool {
		return false
	}
	for _, f := range o {
		f(n)
	}
}

// TLSState lets the state machine negotiate channel binding with a TLS session
// if supported by the underlying mechanism.
func TLSState(cs tls.ConnectionState) Option {
	return func(n *Negotiator) {
		n.tlsState = &cs
	}
}

// RemoteMechanisms sets a list of mechanisms supported by the remote client or
// server with which the state machine will be negotiating.
// It is used to determine if the server supports channel binding.
func RemoteMechanisms(m ...string) Option {
	return func(n *Negotiator) {
		n.remoteMechanisms = m
	}
}

// Credentials provides the negotiator with a username and password to
// authenticate with and (optionally) an authorization identity.
// Identity will normally be left empty to act as the username.
// The Credentials function is called lazily and may be called multiple times by
// the mechanism.
// It is not memoized by the negotiator.
func Credentials(f func() (Username, Password, Identity []byte)) Option {
	return func(n *Negotiator) {
		n.credentials = f
	}
}