SAZZLE is a pure JavaScript library for the Simple Authentication and Security Layer (SASL). The goal is to provide a simple promised-based framework for processing SASL challenges and responses.
This library includes built-in support for PLAIN and SCRAM-SHA1, while additional (or alternative) mechanisms can be added as needed.
This software is liecensed under the terms of the MIT License.
To install the current stable release:
npm install sazzle
To install from sources:
git clone [email protected]:linuxwolf/sazzle.git
npm install ./sazzle
TL;DR -- ficticious client version:
var sazzle = require("sazzle");
// ... once the server's mechanism list is received
// create a SASL session based on the intersection of
// server-offered and client-enabled mechanisms ...
var ssesssion = sazzle.client.create(mechlist, {
username:"bilbo.baggins",
password:"Th3r3 & 84CK Aga!n"
});
// call step() to get started ...
ssession.step().then(function(output) {
// NOTE: output is a Buffer
socket.send(output);
});
var onSASL = function(input) {
// call step() to keep going, until completed!
ssession.step(input).then(function(output) {
if (output) {
socket.send(outupt);
}
if (ssession.completed) {
// YAY! we're authenticated!
console.log("auth succeeded (username == %s; authzid == %s)",
ssession.properties.username,
ssession.properties.authzid);
socket.removeListener("data", onSASL);
// ... move on ...
}
}, function(err) {
// BOO! We've failed!
console.log("auth failed: %s", err.message);
// c'est la vie
});
};
socket.on("data", onSASL);
TL;DR -- ficticious server version:
var sazzle = require("sazzle"),
q = require("q");
/// ... once we've got something, tell the client the offered mechanisms
socket.send(new Buffer(sazzle.server.enabled.join(" ")));
var ssession;
socket.once("data", function(input) {
// protocol-specific parse of input
// into mechanism name and initial data
ssession = sazzle.server.create(input.name, {
password: function(config, username) {
// lookup password, return in a promise (or directly)
return q.resolve(passwords[username]);
}
});
// process client initial
ssession.step(input.data).then(function(output) {
socket.send(output);
function onSASL(output) {
ssession.step(input).then(function(output) {
if (output) {
socket.send(output);
}
if (ssession.completed) {
// YAY! we're authenticated!
console.log("auth succeeded (username == %s; authzid == %s)",
ssession.properties.username,
ssession.properties.authzid);
socket.removeListener("data", onSASL);
// ... move on ...
}
}, function(err) {
// BOO! We've failed!
console.log("auth failed: %s", err.message);
// c'est la vie
});
};
socket.on("data", onSASL);
});
});