Skip to content

Commit

Permalink
Formar NewKerberosClient comments acording to golang standad, added t…
Browse files Browse the repository at this point in the history
…est for DisablePAFXFast

Signed-off-by: Ruben <[email protected]>
  • Loading branch information
rubenvp8510 committed Apr 20, 2020
1 parent e8220ca commit 36d31d4
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 8 deletions.
11 changes: 3 additions & 8 deletions kerberos_client.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,14 +19,9 @@ func (c *KerberosGoKrb5Client) CName() types.PrincipalName {
return c.Credentials.CName()
}

/*
*
* Create kerberos client used to obtain TGT and TGS tokens
* used gokrb5 library, which is a pure go kerberos client with
* some GSS-API capabilities, and SPNEGO support. Kafka does not use SPNEGO
* it uses pure Kerberos 5 solution (RFC-4121 and RFC-4120).
*
*/
// NewKerberosClient creates kerberos client used to obtain TGT and TGS tokens.
// It uses pure go Kerberos 5 solution (RFC-4121 and RFC-4120).
// uses gokrb5 library underlying which is a pure go kerberos client with some GSS-API capabilities.
func NewKerberosClient(config *GSSAPIConfig) (KerberosClient, error) {
cfg, err := krb5config.Load(config.KerberosConfigPath)
if err != nil {
Expand Down
24 changes: 24 additions & 0 deletions kerberos_client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -84,3 +84,27 @@ func TestCreateWithKeyTab(t *testing.T) {
t.Errorf("Expected error:%s, got:%s.", err, expectedErr)
}
}

func TestCreateWithDisablePAFXFAST(t *testing.T) {
kerberosConfig, err := krbcfg.NewConfigFromString(testdata.TEST_KRB5CONF)
if err != nil {
t.Fatal(err)
}
// Expect to try to create a client with keytab and fails with "o such file or directory" error
expectedErr := errors.New("open nonexist.keytab: no such file or directory")
clientConfig := NewConfig()
clientConfig.Net.SASL.Mechanism = SASLTypeGSSAPI
clientConfig.Net.SASL.Enable = true
clientConfig.Net.SASL.GSSAPI.ServiceName = "kafka"
clientConfig.Net.SASL.GSSAPI.Realm = "EXAMPLE.COM"
clientConfig.Net.SASL.GSSAPI.Username = "client"
clientConfig.Net.SASL.GSSAPI.AuthType = KRB5_KEYTAB_AUTH
clientConfig.Net.SASL.GSSAPI.KeyTabPath = "nonexist.keytab"
clientConfig.Net.SASL.GSSAPI.KerberosConfigPath = "/etc/krb5.conf"
clientConfig.Net.SASL.GSSAPI.DisablePAFXFAST = true

_, err = createClient(&clientConfig.Net.SASL.GSSAPI, kerberosConfig)
if err.Error() != expectedErr.Error() {
t.Errorf("Expected error:%s, got:%s.", err, expectedErr)
}
}

0 comments on commit 36d31d4

Please sign in to comment.