sasljs

GNU SASL binding for node.js

Usage no npm install needed!

<script type="module">
  import sasljs from 'https://cdn.skypack.dev/sasljs';
</script>

README

SASL

Bindings to GSASL for node.js. Made to implement XMPP, but can be used anywhere.

At the moment the only plan is to support basic server side auth with callbacks

Since I do not currently require any other parts of the SASL API, they will not be implemented. You are welcome to add them though, please notify me when you do, so that I can pull.

Usage

  1. Create a new SASL session using

    var sasl = require('sasljs'); var session = sasl.createServerSession("", callback );

callback is a callback function which should accept the property name and session object and set properties as requested.

  1. Start the session with a mechanism. The list of supported mechanisms is available as session.mechanisms.

    session.start("DIGEST-MD5");

  2. Step through the authentication procedure by calling step() with input from the client.

    session.step("");

step() returns an object with two members:

{
    status: Integer status code,
    data: Error or reply
}

If status is sasl.GSASL_OK, authentication succeeded. For sasl.GSASL_NEEDS_MORE send the data back to the client. For others, compare against available error codes and decide what to do. Usually abort.

  1. Use callback

    function callback(property, session) { // since realm is not currently set above if( property == sasl.GSASL_REALM ) { session.setProperty("realm", "MyHomePage"); return sasl.GSASL_OK; }

     if( property == sasl.GSASL_PASSWORD ) {
         // get password for user, using property()
         var pass = getPassword(session.property('authid'));
         session.setProperty('password', pass);
         return sasl.GSASL_OK;
     }
    

    }

You have to return GSASL_OK if you handled the callback! As you can see, setProperty() accepts string keys. For a list of keys, see lib/sasljs.cc towards the end.


Nikhil Marathe