examples

examples/httpClient.go

@@ -0,0 +1,95 @@
+// +build examples
+
+package main
+
+import (
+	"encoding/hex"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+
+	//"github.com/pkg/profile"
+	"gopkg.in/jcmturner/gokrb5.v5/client"
+	"gopkg.in/jcmturner/gokrb5.v5/config"
+	"gopkg.in/jcmturner/gokrb5.v5/keytab"
+	"gopkg.in/jcmturner/gokrb5.v5/testdata"
+)
+
+const (
+	port     = ":9080"
+	kRB5CONF = `[libdefaults]
+  default_realm = TEST.GOKRB5
+  dns_lookup_realm = false
+  dns_lookup_kdc = false
+  ticket_lifetime = 24h
+  forwardable = yes
+  default_tkt_enctypes = aes256-cts-hmac-sha1-96
+  default_tgs_enctypes = aes256-cts-hmac-sha1-96
+
+[realms]
+ TEST.GOKRB5 = {
+  kdc = 127.0.0.1:88
+  admin_server = 127.0.0.1:749
+  default_domain = test.gokrb5
+ }
+
+[domain_realm]
+ .test.gokrb5 = TEST.GOKRB5
+ test.gokrb5 = TEST.GOKRB5
+ `
+)
+
+func main() {
+	//defer profile.Start(profile.TraceProfile).Stop()
+	// Load the keytab
+	kb, _ := hex.DecodeString(testdata.TESTUSER1_KEYTAB)
+	kt, err := keytab.Parse(kb)
+	if err != nil {
+		panic(err)
+	}
+
+	// Create the client with the keytab
+	cl := client.NewClientWithKeytab("testuser1", "TEST.GOKRB5", kt)
+
+	// Load the client krb5 config
+	conf, err := config.NewConfigFromString(kRB5CONF)
+	if err != nil {
+		panic(err)
+	}
+	addr := os.Getenv("TEST_KDC_ADDR")
+	if addr != "" {
+		conf.Realms[0].KDC = []string{addr + ":88"}
+	}
+	// Apply the config to the client
+	cl.WithConfig(conf)
+
+	// Log in the client
+	err = cl.Login()
+	if err != nil {
+		panic(err)
+	}
+
+	// Form the request
+	url := "http://localhost" + port
+	r, err := http.NewRequest("GET", url, nil)
+	if err != nil {
+		panic(err)
+	}
+	// Apply the client's auth headers to the request
+	err = cl.SetSPNEGOHeader(r, "HTTP/host.test.gokrb5")
+	if err != nil {
+		panic(err)
+	}
+
+	// Make the request
+	resp, err := http.DefaultClient.Do(r)
+	if err != nil {
+		panic(err)
+	}
+	b, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		panic(err)
+	}
+	fmt.Println(string(b))
+}

examples/httpServer.go

@@ -5,16 +5,23 @@ package main
 import (
 	"encoding/hex"
 	"fmt"
+	"log"
+	"net/http"
+	"os"
+
+	//"github.com/pkg/profile"
 	"gopkg.in/jcmturner/gokrb5.v5/credentials"
 	"gopkg.in/jcmturner/gokrb5.v5/keytab"
 	"gopkg.in/jcmturner/gokrb5.v5/service"
 	"gopkg.in/jcmturner/gokrb5.v5/testdata"
-	"log"
-	"net/http"
-	"os"
+)
+
+const (
+	port = ":9080"
 )
 
 func main() {
+	//defer profile.Start(profile.TraceProfile).Stop()
 	// Create logger
 	l := log.New(os.Stderr, "GOKRB5 Service: ", log.Ldate|log.Ltime|log.Lshortfile)
 
@@ -30,15 +37,28 @@ func main() {
 	mux.Handle("/", service.SPNEGOKRB5Authenticate(th, kt, "", false, l))
 
 	// Start up the web server
-	log.Fatal(http.ListenAndServe(":9080", mux))
+	log.Fatal(http.ListenAndServe(port, mux))
 }
 
 // Simple application specific handler
 func testAppHandler(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusOK)
 	ctx := r.Context()
-	fmt.Fprintf(w, "<html>\nTEST.GOKRB5 Handler\nAuthenticed user: %s\nUser's realm: %s\n</html>",
-		ctx.Value(service.CTXKeyCredentials).(credentials.Credentials).Username,
-		ctx.Value(service.CTXKeyCredentials).(credentials.Credentials).Realm)
+	creds := ctx.Value(service.CTXKeyCredentials).(credentials.Credentials)
+	fmt.Fprintf(w,
+		`<html>
+<h1>GOKRB5 Handler</h1>
+<ul>
+<li>Authenticed user: %s</li>
+<li>User's realm: %s</li>
+<li>Authn time: %v</li>
+<li>Session ID: %s</li>
+<ul>
+</html>`,
+		creds.UserName(),
+		creds.Domain(),
+		creds.AuthTime(),
+		creds.SessionID(),
+	)
 	return
 }