SASLAuth.jl is a pure Julia implementation of the Simple Authentication and Security Layer (SASL) framework. It provides both client and server support for multiple authentication mechanisms, suitable for implementing protocol layers such as IMAP, LDAP, SMTP, XMPP, or custom client-server auth.
Supported mechanisms:
- β
SCRAM-SHA-256β secure, salted password-based challenge-response - β
PLAINβ simple username/password (must be used over TLS) - β
EXTERNALβ identity established by external means (e.g. TLS client cert)
Install from the Julia registry:
using Pkg
Pkg.add("SASLAuth")For the development version:
Pkg.add(url="https://github.com/JuliaServices/SASLAuth.jl")Each mechanism provides:
Client <: SASLClientServer <: SASLServer
With the shared interface:
step!(client::SASLClient, input) β (message, done::Bool)step!(server::SASLServer, input) β (reply, done::Bool, success::Bool)
client = SCRAMSHA256Client("alice", "correcthorsebatterystaple")
msg1, _ = step!(client, nothing)
msg2, _ = step!(client, "r=nonceXYZ,s=\$(Base64.base64encode("salt")),i=4096")
msg3, _ = step!(client, "v=\$(Base64.base64encode("serversignature"))"; verify_server_signature=false)salt = rand(UInt8, 16)
iterations = 4096
salted_password = pbkdf2(Vector{UInt8}("correcthorsebatterystaple"), salt, iterations)
server = SCRAMSHA256Server("alice", salted_password, salt, iterations)
challenge, _, _ = step!(server, msg1)
response, done, success = step!(server, msg2)client = PLAINClient("alice", "hunter2")
msg, _ = step!(client, nothing)
server = PLAINServer(username -> username == "alice" ? "hunter2" : nothing)
_, _, ok = step!(server, msg)client = EXTERNALClient("alice")
msg, _ = step!(client, nothing)
server = EXTERNALServer(authzid -> authzid == "alice")
_, _, ok = step!(server, msg)using Pkg
Pkg.test("SASLAuth")MIT Β© 2024 JuliaServices