sasl – SASL helpers
This module is used to implement SASL in aioxmpp.security_layer. It
provides a state machine for use by the different SASL mechanisms and
implementations of some SASL mechansims.
SASL mechansims
-
class aioxmpp.sasl.PLAIN(credential_provider)[source]
The PLAIN SASL mechanism (see RFC 4616).
credential_provider must be coroutine which returns a (user,
password) tuple.
-
class aioxmpp.sasl.SCRAM(credential_provider)[source]
The SCRAM SASL mechanism (see RFC 5802).
credential_provider must be coroutine which returns a (user,
password) tuple.
Base class
-
class aioxmpp.sasl.SASLMechanism[source]
Implementation of a SASL mechanism. Each SASLMechanism class must have a
class attribute handled_mechanisms, which must be a container of
strings holding the SASL mechanism names supported by that class.
SASL state machine and XSOs
-
class aioxmpp.sasl.SASLStateMachine(xmlstream)[source]
A state machine to reduce code duplication during SASL handshake.
The state methods change the state and return the next client state of the
SASL handshake, optionally with server-supplied payload.
Valid next states are:
- ('challenge', payload) (with payload being a bytes object
obtained from base64-decoding the servers challenge)
- ('success', None) – after successful authentication
- ('failure', None) – after failed authentication (e.g. after a call to
abort())
Note that, with the notable exception of abort(), failure states
are never returned but thrown as errors.SASLFailure instead.
The initial state is never returned.
The XSOs for SASL authentication can be found in aioxmpp.stream_xsos.