Add SASL SCRAM-SHA-512 and SCRAM-SHA-256 mechanismes

[iyedbennour]

Hi ! I would like to add SCRAM-SHA-512 and SCRAM-SHA-256 SASL mechanismes. We are already using this fork in production.

[bai]

Thanks for contributing! Could you please sign CLA to unblock this? 🙏

[iyedbennour]

Thanks for contributing! Could you please sign CLA to unblock this?

Hi ! I signed the CLA but I could not get the recheck to run.

[varun06]

you seems to have committed a binary file with this push, is that intentional?

[varun06]

[nitpicky] It helps readability to add a newline after a block even inside a function.

[iyedbennour]

I have fixed according to you comments. I have also remove the example which I will be submitting in another PR. Thank you :)

[iyedbennour]

you seems to have committed a binary file with this push, is that intentional?

This is a mistake. My bad.

[varun06]

You might have to write more tests too. Also is there anyone who can look at SCRAM part of PR?

[bai]

Thanks for contributing this! And thanks Varun for reviewing 👍

[iyedbennour]

Thank you very much!

[giautm]

@bai : Hi, any release plan for this feature?

[bai]

I'll cut one early next week.

[tsrikanth06]

@bai when can you cut a release?

[zhipcui]

looking forward to a new release

[iyedbennour]

@bai @varun06 Please guys make sure #1349 is merged before cutting the release with SCRAM auth.

[varun06]

Will do sir.

[dbodtke]

Is this ready to be used?

[iyedbennour]

Yes It has been released but you might want to wait for this #1349 to be in a release as it introduces a backward incompatible change.

[yurishkuro]

@bai question: could you elaborate on the reasoning for using SCRAMClientGeneratorFunc abstraction rather than implementing a SCRAM client directly in this library?

[iyedb]

The scram client is stateful and cannot be shared by multiple goroutines/connections. The function creates a new instance for each connection.

[yurishkuro]

Understood, but is there an actual implementation of the client in this library that can be used? The examples import another 3rd party lib "github.com/xdg/scram".

[iyedb]

No there is no default client builder function. You should use that package like in the example. Le mer. 29 janv. 2020 à 20:20, Yuri Shkuro <notifications@github.com> a écrit :

Understood, but is there an actual implementation of the client in this library that can be used? The examples import another 3rd party lib " github.com/xdg/scram". — You are receiving this because you commented. Reply to this email directly, view it on GitHub <#1295>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAE47VRM2S4ACBL32D7TLNTRAHJIVANCNFSM4G2T7PEQ> .

-- Sent from Gmail Mobile

[liangxj8]

@bai question: I'm wondering why we don't make the client generator in the example used as the default SCRAMClientGeneratorFunc automatically when the user set the SASL.Mechanism as sarama.SASLTypeSCRAMSHA256 or sarama.SASLTypeSCRAMSHA512 in config.go. When I am using the config, I think the client should be automatically generated according to my configuration but not telling me kafka: invalid configuration (A SCRAMClientGeneratorFunc function must be provided to Net.SASL.SCRAMClientGeneratorFunc). When I'm stepping into the imported source code, it is a little bit hard for me to target the useful GeneratorFunc because golang import without the examples.

[Neustradamus]

@iyedbennour and others: Thanks a lot for all about SCRAM.

Linked to:

• State of Play scram-sasl/info#1