Merge pull request #530 from Aorioli/authenticator_class_check

added a list of approved authenticators

AUTHORS

@@ -57,4 +57,5 @@ Adrien Bustany <adrien@bustany.org>
 Andrey Smirnov <smirnov.andrey@gmail.com>
 Adam Weiner <adamsweiner@gmail.com>
 Daniel Cannon <daniel@danielcannon.co.uk>
-Johnny Bergström <johnny@joonix.se>
+Johnny Bergström <johnny@joonix.se>
+Adriano Orioli <orioli.adriano@gmail.com>

conn.go

@@ -20,6 +20,22 @@ import (
 	"time"
 )
 
+var (
+	approvedAuthenticators = [...]string{
+		"org.apache.cassandra.auth.PasswordAuthenticator",
+		"com.instaclustr.cassandra.auth.SharedSecretAuthenticator",
+	}
+)
+
+func approve(authenticator string) bool {
+	for _, s := range approvedAuthenticators {
+		if authenticator == s {
+			return true
+		}
+	}
+	return false
+}
+
 //JoinHostPort is a utility to return a address string that can be used
 //gocql.Conn to form a connection with a host.
 func JoinHostPort(addr string, port int) string {
@@ -41,7 +57,7 @@ type PasswordAuthenticator struct {
 }
 
 func (p PasswordAuthenticator) Challenge(req []byte) ([]byte, Authenticator, error) {
-	if string(req) != "org.apache.cassandra.auth.PasswordAuthenticator" {
+	if !approve(string(req)) {
 		return nil, nil, fmt.Errorf("unexpected authenticator %q", req)
 	}
 	resp := make([]byte, 2+len(p.Username)+len(p.Password))

conn_test.go

@@ -23,6 +23,19 @@ const (
 	defaultProto = protoVersion2
 )
 
+func TestApprove(t *testing.T) {
+	tests := map[bool]bool{
+		approve("org.apache.cassandra.auth.PasswordAuthenticator"):          true,
+		approve("com.instaclustr.cassandra.auth.SharedSecretAuthenticator"): true,
+		approve("com.apache.cassandra.auth.FakeAuthenticator"):              false,
+	}
+	for k, v := range tests {
+		if k != v {
+			t.Fatalf("expected '%v', got '%v'", k, v)
+		}
+	}
+}
+
 func TestJoinHostPort(t *testing.T) {
 	tests := map[string]string{
 		"127.0.0.1:0":                                 JoinHostPort("127.0.0.1", 0),