From 46754c04f0c0aa931e328ba7b4f40f5158f7f52a Mon Sep 17 00:00:00 2001 From: fooofei Date: Thu, 25 Jan 2024 01:03:09 +0000 Subject: [PATCH] feat: export NewKerberosClientFunc to config for allow custom client Signed-off-by: fooofei --- broker.go | 4 ++-- broker_test.go | 4 ++-- gssapi_kerberos.go | 30 +++++++++++++++--------------- 3 files changed, 19 insertions(+), 19 deletions(-) diff --git a/broker.go b/broker.go index 268696cf4..4942ceb06 100644 --- a/broker.go +++ b/broker.go @@ -1295,8 +1295,8 @@ func (b *Broker) authenticateViaSASLv1() error { func (b *Broker) sendAndReceiveKerberos() error { b.kerberosAuthenticator.Config = &b.conf.Net.SASL.GSSAPI - if b.kerberosAuthenticator.NewKerberosClientFunc == nil { - b.kerberosAuthenticator.NewKerberosClientFunc = NewKerberosClient + if b.kerberosAuthenticator.Config.NewKerberosClientFunc == nil { + b.kerberosAuthenticator.Config.NewKerberosClientFunc = NewKerberosClient } return b.kerberosAuthenticator.Authorize(b) } diff --git a/broker_test.go b/broker_test.go index 6e6b8480c..415b256a3 100644 --- a/broker_test.go +++ b/broker_test.go @@ -723,14 +723,14 @@ func TestGSSAPIKerberosAuth_Authorize(t *testing.T) { } mockBroker.SetGSSAPIHandler(gssapiHandler.MockKafkaGSSAPI) if test.mockKerberosClient { - broker.kerberosAuthenticator.NewKerberosClientFunc = func(config *GSSAPIConfig) (KerberosClient, error) { + conf.Net.SASL.GSSAPI.NewKerberosClientFunc = func(config *GSSAPIConfig) (KerberosClient, error) { return &MockKerberosClient{ mockError: test.error, errorStage: test.errorStage, }, nil } } else { - broker.kerberosAuthenticator.NewKerberosClientFunc = nil + conf.Net.SASL.GSSAPI.NewKerberosClientFunc = nil } err := broker.Open(conf) diff --git a/gssapi_kerberos.go b/gssapi_kerberos.go index 8abbcdc38..33290819d 100644 --- a/gssapi_kerberos.go +++ b/gssapi_kerberos.go @@ -30,23 +30,23 @@ const ( ) type GSSAPIConfig struct { - AuthType int - KeyTabPath string - CCachePath string - KerberosConfigPath string - ServiceName string - Username string - Password string - Realm string - DisablePAFXFAST bool + AuthType int + KeyTabPath string + CCachePath string + KerberosConfigPath string + ServiceName string + Username string + Password string + Realm string + DisablePAFXFAST bool + NewKerberosClientFunc func(config *GSSAPIConfig) (KerberosClient, error) } type GSSAPIKerberosAuth struct { - Config *GSSAPIConfig - ticket messages.Ticket - encKey types.EncryptionKey - NewKerberosClientFunc func(config *GSSAPIConfig) (KerberosClient, error) - step int + Config *GSSAPIConfig + ticket messages.Ticket + encKey types.EncryptionKey + step int } type KerberosClient interface { @@ -199,7 +199,7 @@ func (krbAuth *GSSAPIKerberosAuth) initSecContext(bytes []byte, kerberosClient K /* This does the handshake for authorization */ func (krbAuth *GSSAPIKerberosAuth) Authorize(broker *Broker) error { - kerberosClient, err := krbAuth.NewKerberosClientFunc(krbAuth.Config) + kerberosClient, err := krbAuth.Config.NewKerberosClientFunc(krbAuth.Config) if err != nil { Logger.Printf("Kerberos client error: %s", err) return err