1package sasllogin23import "github.com/emersion/go-sasl"45// Copy-pasted from old emersion/go-sasl version67// Authenticates users with an username and a password.8type LoginAuthenticator func(username, password string) error9type loginState int1011const (12 loginNotStarted loginState = iota13 loginWaitingUsername14 loginWaitingPassword15)1617type loginServer struct {18 state loginState19 username, password string20 authenticate LoginAuthenticator21}2223// A server implementation of the LOGIN authentication mechanism, as described24// in https://tools.ietf.org/html/draft-murchison-sasl-login-00.25//26// LOGIN is obsolete and should only be enabled for legacy clients that cannot27// be updated to use PLAIN.28func NewLoginServer(authenticator LoginAuthenticator) sasl.Server {29 return &loginServer{authenticate: authenticator}30}3132func (a *loginServer) Next(response []byte) (challenge []byte, done bool, err error) {33 switch a.state {34 case loginNotStarted:35 // Check for initial response field, as per RFC4422 section 336 if response == nil {37 challenge = []byte("Username:")38 break39 }40 a.state++41 fallthrough42 case loginWaitingUsername:43 a.username = string(response)44 challenge = []byte("Password:")45 case loginWaitingPassword:46 a.password = string(response)47 err = a.authenticate(a.username, a.password)48 done = true49 default:50 err = sasl.ErrUnexpectedClientResponse51 }52 a.state++53 return54}