feat: export NewKerberosClientFunc to config for allow custom client

Signed-off-by: fooofei <[email protected]>
IBM · Jan 25, 2024 · 46754c0 · 46754c0
1 parent b10ee36
commit 46754c0
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 19 deletions.
diff --git a/broker.go b/broker.go
@@ -1295,8 +1295,8 @@ func (b *Broker) authenticateViaSASLv1() error {
 
 func (b *Broker) sendAndReceiveKerberos() error {
 	b.kerberosAuthenticator.Config = &b.conf.Net.SASL.GSSAPI
-	if b.kerberosAuthenticator.NewKerberosClientFunc == nil {
-		b.kerberosAuthenticator.NewKerberosClientFunc = NewKerberosClient
+	if b.kerberosAuthenticator.Config.NewKerberosClientFunc == nil {
+		b.kerberosAuthenticator.Config.NewKerberosClientFunc = NewKerberosClient
 	}
 	return b.kerberosAuthenticator.Authorize(b)
 }

diff --git a/broker_test.go b/broker_test.go
@@ -723,14 +723,14 @@ func TestGSSAPIKerberosAuth_Authorize(t *testing.T) {
 			}
 			mockBroker.SetGSSAPIHandler(gssapiHandler.MockKafkaGSSAPI)
 			if test.mockKerberosClient {
-				broker.kerberosAuthenticator.NewKerberosClientFunc = func(config *GSSAPIConfig) (KerberosClient, error) {
+				conf.Net.SASL.GSSAPI.NewKerberosClientFunc = func(config *GSSAPIConfig) (KerberosClient, error) {
 					return &MockKerberosClient{
 						mockError:  test.error,
 						errorStage: test.errorStage,
 					}, nil
 				}
 			} else {
-				broker.kerberosAuthenticator.NewKerberosClientFunc = nil
+				conf.Net.SASL.GSSAPI.NewKerberosClientFunc = nil
 			}
 
 			err := broker.Open(conf)

diff --git a/gssapi_kerberos.go b/gssapi_kerberos.go
@@ -30,23 +30,23 @@ const (
 )
 
 type GSSAPIConfig struct {
-	AuthType           int
-	KeyTabPath         string
-	CCachePath         string
-	KerberosConfigPath string
-	ServiceName        string
-	Username           string
-	Password           string
-	Realm              string
-	DisablePAFXFAST    bool
+	AuthType              int
+	KeyTabPath            string
+	CCachePath            string
+	KerberosConfigPath    string
+	ServiceName           string
+	Username              string
+	Password              string
+	Realm                 string
+	DisablePAFXFAST       bool
+	NewKerberosClientFunc func(config *GSSAPIConfig) (KerberosClient, error)
 }
 
 type GSSAPIKerberosAuth struct {
-	Config                *GSSAPIConfig
-	ticket                messages.Ticket
-	encKey                types.EncryptionKey
-	NewKerberosClientFunc func(config *GSSAPIConfig) (KerberosClient, error)
-	step                  int
+	Config *GSSAPIConfig
+	ticket messages.Ticket
+	encKey types.EncryptionKey
+	step   int
 }
 
 type KerberosClient interface {
@@ -199,7 +199,7 @@ func (krbAuth *GSSAPIKerberosAuth) initSecContext(bytes []byte, kerberosClient K
 
 /* This does the handshake for authorization */
 func (krbAuth *GSSAPIKerberosAuth) Authorize(broker *Broker) error {
-	kerberosClient, err := krbAuth.NewKerberosClientFunc(krbAuth.Config)
+	kerberosClient, err := krbAuth.Config.NewKerberosClientFunc(krbAuth.Config)
 	if err != nil {
 		Logger.Printf("Kerberos client error: %s", err)
 		return err