Skip to main content

fluss/rpc/message/
authenticate.rs

1// Licensed to the Apache Software Foundation (ASF) under one
2// or more contributor license agreements.  See the NOTICE file
3// distributed with this work for additional information
4// regarding copyright ownership.  The ASF licenses this file
5// to you under the Apache License, Version 2.0 (the
6// "License"); you may not use this file except in compliance
7// with the License.  You may obtain a copy of the License at
8//
9//   http://www.apache.org/licenses/LICENSE-2.0
10//
11// Unless required by applicable law or agreed to in writing,
12// software distributed under the License is distributed on an
13// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
14// KIND, either express or implied.  See the License for the
15// specific language governing permissions and limitations
16// under the License.
17
18use crate::proto::{AuthenticateRequest as ProtoAuthenticateRequest, AuthenticateResponse};
19use crate::rpc::api_key::ApiKey;
20use crate::rpc::api_version::ApiVersion;
21use crate::rpc::frame::{ReadError, WriteError};
22use crate::rpc::message::{ReadVersionedType, RequestBody, WriteVersionedType};
23use crate::{impl_read_version_type, impl_write_version_type};
24use bytes::{Buf, BufMut};
25use prost::Message;
26
27#[derive(Debug, Clone)]
28pub struct AuthenticateRequest {
29    pub inner_request: ProtoAuthenticateRequest,
30}
31
32impl AuthenticateRequest {
33    /// Build a SASL/PLAIN authenticate request.
34    /// Token format: `\0<username>\0<password>` (NUL-separated UTF-8).
35    pub fn new_plain(username: &str, password: &str) -> Self {
36        let mut token = Vec::with_capacity(1 + username.len() + 1 + password.len());
37        token.push(0u8);
38        token.extend_from_slice(username.as_bytes());
39        token.push(0u8);
40        token.extend_from_slice(password.as_bytes());
41
42        Self {
43            inner_request: ProtoAuthenticateRequest {
44                protocol: "PLAIN".to_string(),
45                token,
46            },
47        }
48    }
49
50    /// Build an authenticate request from a server challenge (for multi-round auth).
51    pub fn from_challenge(protocol: &str, challenge: Vec<u8>) -> Self {
52        Self {
53            inner_request: ProtoAuthenticateRequest {
54                protocol: protocol.to_string(),
55                token: challenge,
56            },
57        }
58    }
59}
60
61impl RequestBody for AuthenticateRequest {
62    type ResponseBody = AuthenticateResponse;
63    const API_KEY: ApiKey = ApiKey::Authenticate;
64    const REQUEST_VERSION: ApiVersion = ApiVersion(0);
65}
66
67impl_write_version_type!(AuthenticateRequest);
68impl_read_version_type!(AuthenticateResponse);
69
70#[cfg(test)]
71mod tests {
72    use super::*;
73
74    #[test]
75    fn test_new_plain_token_format() {
76        let req = AuthenticateRequest::new_plain("admin", "secret");
77        assert_eq!(req.inner_request.protocol, "PLAIN");
78        assert_eq!(req.inner_request.token, b"\0admin\0secret");
79    }
80
81    #[test]
82    fn test_new_plain_empty_credentials() {
83        let req = AuthenticateRequest::new_plain("", "");
84        assert_eq!(req.inner_request.token, b"\0\0");
85    }
86}