libgo/go/smtp/auth.go

   1 // Copyright 2010 The Go Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style
   3 // license that can be found in the LICENSE file.
   4
   5 package smtp
   6
   7 import (
   8         "os"
   9 )
  10
  11 // Auth is implemented by an SMTP authentication mechanism.
  12 type Auth interface {
  13         // Start begins an authentication with a server.
  14         // It returns the name of the authentication protocol
  15         // and optionally data to include in the initial AUTH message
  16         // sent to the server. It can return proto == "" to indicate
  17         // that the authentication should be skipped.
  18         // If it returns a non-nil os.Error, the SMTP client aborts
  19         // the authentication attempt and closes the connection.
  20         Start(server *ServerInfo) (proto string, toServer []byte, err os.Error)
  21
  22         // Next continues the authentication. The server has just sent
  23         // the fromServer data. If more is true, the server expects a
  24         // response, which Next should return as toServer; otherwise
  25         // Next should return toServer == nil.
  26         // If Next returns a non-nil os.Error, the SMTP client aborts
  27         // the authentication attempt and closes the connection.
  28         Next(fromServer []byte, more bool) (toServer []byte, err os.Error)
  29 }
  30
  31 // ServerInfo records information about an SMTP server.
  32 type ServerInfo struct {
  33         Name string   // SMTP server name
  34         TLS  bool     // using TLS, with valid certificate for Name
  35         Auth []string // advertised authentication mechanisms
  36 }
  37
  38 type plainAuth struct {
  39         identity, username, password string
  40         host                         string
  41 }
  42
  43 // PlainAuth returns an Auth that implements the PLAIN authentication
  44 // mechanism as defined in RFC 4616.
  45 // The returned Auth uses the given username and password to authenticate
  46 // on TLS connections to host and act as identity. Usually identity will be
  47 // left blank to act as username.
  48 func PlainAuth(identity, username, password, host string) Auth {
  49         return &plainAuth{identity, username, password, host}
  50 }
  51
  52 func (a *plainAuth) Start(server *ServerInfo) (string, []byte, os.Error) {
  53         if !server.TLS {
  54                 return "", nil, os.NewError("unencrypted connection")
  55         }
  56         if server.Name != a.host {
  57                 return "", nil, os.NewError("wrong host name")
  58         }
  59         resp := []byte(a.identity + "\x00" + a.username + "\x00" + a.password)
  60         return "PLAIN", resp, nil
  61 }
  62
  63 func (a *plainAuth) Next(fromServer []byte, more bool) ([]byte, os.Error) {
  64         if more {
  65                 // We've already sent everything.
  66                 return nil, os.NewError("unexpected server challenge")
  67         }
  68         return nil, nil
  69 }