Source: driver/auth/mechanisms/sasl-mechanism-plain.js

/*
 *  Licensed to the Apache Software Foundation (ASF) under one
 *  or more contributor license agreements.  See the NOTICE file
 *  distributed with this work for additional information
 *  regarding copyright ownership.  The ASF licenses this file
 *  to you under the Apache License, Version 2.0 (the
 *  "License"); you may not use this file except in compliance
 *  with the License.  You may obtain a copy of the License at
 *
 *  http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing,
 *  software distributed under the License is distributed on an
 *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 *  KIND, either express or implied.  See the License for the
 *  specific language governing permissions and limitations
 *  under the License.
 */
'use strict';

const { Buffer } = require('buffer');
const SaslMechanismBase = require('./sasl-mechanism-base');

class SaslMechanismPlain extends SaslMechanismBase {
  /**
   * Creates a new instance of SaslMechanismPlain.
   * @param {Object} [options] The mechanism options.
   * @param {String} [options.authzid] The identity of the client.
   * @param {String} [options.username] The identity of user with access to server.
   * @param {String} [options.password] The password of user with access to server.
   * @constructor
   */
  constructor(options) {
    super(options);

    if (
      this._options.username === undefined ||
      this._options.username === null ||
      this._options.username.length === 0 ||
      this._options.password === undefined ||
      this._options.password === null ||
      this._options.password.length === 0
    ) {
      throw new Error('Missing credentials for SASL PLAIN mechanism');
    }
  }

  /**
   * Returns the name of the mechanism
   */
  get name() {
    return 'PLAIN';
  }

  /**
   * Evaluates the challenge from the server and returns appropriate response.
   * @param {String} challenge Challenge string presented by the server.
   * @return {Object} A Promise that resolves to a valid sasl response object.
   */
  evaluateChallenge(challenge) {
    if (this._hasInitialResponse(challenge)) {
      return Promise.resolve({
        saslMechanism: this.name,
        sasl: this._saslArgument(this._options.authzid, this._options.username, this._options.password),
      });
    }

    return Promise.resolve({
      sasl: this._saslArgument(this._options.authzid, this._options.username, this._options.password),
    });
  }

  /**
   * Generates a base64 encoded sasl argument based on the given parameters.
   * @param {String} authzid Identitiy of the client.
   * @param {String} username The identity of user with access to server.
   * @param {String} password The password of user with access to server.
   */
  _saslArgument(authzid, username, password) {
    if (authzid === undefined || authzid === null) {
      authzid = '';
    }
    if (username === undefined || username === null) {
      username = '';
    }
    if (password === undefined || password.length === null) {
      password = '';
    }

    return Buffer.from(`${authzid}\0${username}\0${password}`).toString('base64');
  }

  /**
   * Checks challenge to see if we have the initial sasl response from the server.
   * @param {String} challenge The challenge string from the server.
   * @return {Boolean}
   */
  _hasInitialResponse(challenge) {
    if (challenge === undefined || challenge === null) {
      return false;
    }
    return true;
  }
}

module.exports = SaslMechanismPlain;