Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
By Philipp Burckhardt - Oct 17, 2024
SAZZLE - The SASL library with PIZZAZZ!
SAZZLE is a pure JavaScript library for the Simple Authentication and Security Layer (SASL). The goal is to provide a simple promised-based framework for processing SASL challenges and responses.
This library includes built-in support for PLAIN and SCRAM-SHA1, while additional (or alternative) mechanisms can be added as needed.
This software is liecensed under the terms of the MIT License.
Installation
To install the current stable release:
npm install sazzle
To install from sources:
git clone git@github.com:linuxwolf/sazzle.git
npm install ./sazzle
Usage
TL;DR -- ficticious client version:
var sazzle = require("sazzle");
// ... once the server's mechanism list is received
// create a SASL session based on the intersection of
// server-offered and client-enabled mechanisms ...
var ssesssion = sazzle.client.create(mechlist, {
username:"bilbo.baggins",
password:"Th3r3 & 84CK Aga!n"
});
// call step() to get started ...
ssession.step().then(function(output) {
// NOTE: output is a Buffer
socket.send(output);
});
var onSASL = function(input) {
// call step() to keep going, until completed!
ssession.step(input).then(function(output) {
if (output) {
socket.send(outupt);
}
if (ssession.completed) {
// YAY! we're authenticated!
console.log("auth succeeded (username == %s; authzid == %s)",
ssession.properties.username,
ssession.properties.authzid);
socket.removeListener("data", onSASL);
// ... move on ...
}
}, function(err) {
// BOO! We've failed!
console.log("auth failed: %s", err.message);
// c'est la vie
});
};
socket.on("data", onSASL);
TL;DR -- ficticious server version:
var sazzle = require("sazzle"),
q = require("q");
/// ... once we've got something, tell the client the offered mechanisms
socket.send(new Buffer(sazzle.server.enabled.join(" ")));
var ssession;
socket.once("data", function(input) {
// protocol-specific parse of input
// into mechanism name and initial data
ssession = sazzle.server.create(input.name, {
password: function(config, username) {
// lookup password, return in a promise (or directly)
return q.resolve(passwords[username]);
}
});
// process client initial
ssession.step(input.data).then(function(output) {
socket.send(output);
function onSASL(output) {
ssession.step(input).then(function(output) {
if (output) {
socket.send(output);
}
if (ssession.completed) {
// YAY! we're authenticated!
console.log("auth succeeded (username == %s; authzid == %s)",
ssession.properties.username,
ssession.properties.authzid);
socket.removeListener("data", onSASL);
// ... move on ...
}
}, function(err) {
// BOO! We've failed!
console.log("auth failed: %s", err.message);
// c'est la vie
});
};
socket.on("data", onSASL);
});
});
FAQs
The SASL library with PIZZAZZ!
The npm package sazzle receives a total of 11 weekly downloads. As such, sazzle popularity was classified as not popular.
We found that sazzle demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 04 Dec 2014
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Enhancing Open-Source Compliance: Introducing Socket’s Advanced License Analysis
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
By Christopher Bailey - Oct 17, 2024
Product
Introducing Socket Optimize
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.
By John-David Dalton - Oct 16, 2024