-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #7 from d-strobel/feat/kerberos-authentication
Feat/kerberos authentication
- Loading branch information
Showing
13 changed files
with
200 additions
and
37 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,44 @@ | ||
package connection | ||
|
||
import ( | ||
"github.com/masterzen/winrm" | ||
) | ||
|
||
type KerberosConfig struct { | ||
Realm string | ||
KrbConfigFile string | ||
} | ||
|
||
const ( | ||
// Default kerberos values | ||
defaultKerberosProtocol = "http" | ||
) | ||
|
||
// winRMKerberosParams returns the neccessary parameters | ||
// to pass into the kerberos winrm connection | ||
func winRMKerberosParams(config *WinRMConfig) *winrm.Parameters { | ||
|
||
// Init default parameters | ||
params := winrm.DefaultParameters | ||
|
||
// Set the protocol | ||
kerberosProtocol := defaultKerberosProtocol | ||
if config.WinRMUseTLS { | ||
kerberosProtocol = "https" | ||
} | ||
|
||
// Configure kerberos transporter | ||
params.TransportDecorator = func() winrm.Transporter { | ||
return &winrm.ClientKerberos{ | ||
Username: config.WinRMUsername, | ||
Password: config.WinRMPassword, | ||
Hostname: config.WinRMHost, | ||
Realm: config.WinRMKerberos.Realm, | ||
Port: config.WinRMPort, | ||
Proto: kerberosProtocol, | ||
KrbConf: config.WinRMKerberos.KrbConfigFile, | ||
} | ||
} | ||
|
||
return params | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
package connection | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/masterzen/winrm" | ||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestWinRMKerberosParams(t *testing.T) { | ||
// Create a sample WinRM configuration | ||
winRMConfig := &WinRMConfig{ | ||
WinRMUsername: "testUser", | ||
WinRMPassword: "testPassword", | ||
WinRMHost: "testHost", | ||
WinRMKerberos: &KerberosConfig{ | ||
Realm: "testRealm", | ||
KrbConfigFile: "/path/to/krb5.conf", | ||
}, | ||
WinRMUseTLS: false, | ||
WinRMPort: 5985, | ||
} | ||
|
||
// Call the function to get the parameters | ||
params := winRMKerberosParams(winRMConfig) | ||
|
||
// Check that the parameters are set as expected | ||
assert.NotNil(t, params) | ||
assert.NotNil(t, params.TransportDecorator) | ||
assert.Equal(t, winRMConfig.WinRMUsername, params.TransportDecorator().(*winrm.ClientKerberos).Username) | ||
assert.Equal(t, winRMConfig.WinRMPassword, params.TransportDecorator().(*winrm.ClientKerberos).Password) | ||
assert.Equal(t, winRMConfig.WinRMHost, params.TransportDecorator().(*winrm.ClientKerberos).Hostname) | ||
assert.Equal(t, winRMConfig.WinRMKerberos.Realm, params.TransportDecorator().(*winrm.ClientKerberos).Realm) | ||
assert.Equal(t, winRMConfig.WinRMPort, params.TransportDecorator().(*winrm.ClientKerberos).Port) | ||
assert.Equal(t, "http", params.TransportDecorator().(*winrm.ClientKerberos).Proto) | ||
assert.Equal(t, winRMConfig.WinRMKerberos.KrbConfigFile, params.TransportDecorator().(*winrm.ClientKerberos).KrbConf) | ||
} | ||
|
||
func TestWinRMKerberosParamsWithTLS(t *testing.T) { | ||
// Create a sample WinRM configuration with WinRMUseTLS set to true | ||
winRMConfig := &WinRMConfig{ | ||
WinRMUsername: "testUser", | ||
WinRMPassword: "testPassword", | ||
WinRMHost: "testHost", | ||
WinRMKerberos: &KerberosConfig{ | ||
Realm: "testRealm", | ||
KrbConfigFile: "/path/to/krb5.conf", | ||
}, | ||
WinRMUseTLS: true, // Set WinRMUseTLS to true | ||
WinRMPort: 5985, | ||
} | ||
|
||
// Call the function to get the parameters | ||
params := winRMKerberosParams(winRMConfig) | ||
|
||
// Check that the protocol is set to "https" when WinRMUseTLS is true | ||
assert.Equal(t, "https", params.TransportDecorator().(*winrm.ClientKerberos).Proto) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
File renamed without changes.
File renamed without changes.
File renamed without changes.