gokrb5.v7/types/PrincipalName.go

package types

import (
	"strings"

	"gopkg.in/jcmturner/gokrb5.v7/iana/nametype"
)

// Reference: https://www.ietf.org/rfc/rfc4120.txt
// Section: 5.2.2

// PrincipalName implements RFC 4120 type: https://tools.ietf.org/html/rfc4120#section-5.2.2
type PrincipalName struct {
	NameType   int32    `asn1:"explicit,tag:0"`
	NameString []string `asn1:"generalstring,explicit,tag:1"`
}

// NewPrincipalName creates a new PrincipalName from the name type int32 and name string provided.
func NewPrincipalName(ntype int32, spn string) PrincipalName {
	return PrincipalName{
		NameType:   ntype,
		NameString: strings.Split(spn, "/"),
	}
}

// GetSalt returns a salt derived from the PrincipalName.
func (pn PrincipalName) GetSalt(realm string) string {
	var sb []byte
	sb = append(sb, realm...)
	for _, n := range pn.NameString {
		sb = append(sb, n...)
	}
	return string(sb)
}

// Equal tests if the PrincipalName is equal to the one provided.
func (pn PrincipalName) Equal(n PrincipalName) bool {
	//https://tools.ietf.org/html/rfc4120#section-6.2 - the name type is not significant when checking for equivalence
	for i, s := range pn.NameString {
		if n.NameString[i] != s {
			return false
		}
	}
	return true
}

// PrincipalNameString returns the PrincipalName in string form.
func (pn PrincipalName) PrincipalNameString() string {
	return strings.Join(pn.NameString, "/")
}

// ParseSPNString will parse a string in the format <service>/<name>@<realm>
// a PrincipalName type will be returned with the name type set to KRB_NT_PRINCIPAL(1)
// and the realm will be returned as a string. If the "@<realm>" suffix
// is not included in the SPN then the value of realm string returned will be ""
func ParseSPNString(spn string) (pn PrincipalName, realm string) {
	if strings.Contains(spn, "@") {
		s := strings.Split(spn, "@")
		realm = s[len(s)-1]
		spn = strings.TrimSuffix(spn, "@"+realm)
	}
	pn = NewPrincipalName(nametype.KRB_NT_PRINCIPAL, spn)
	return
}