sasl plain: ignore any challenge data

Tencent apparently returns some data in the response to PLAIN authentication. Sarama just ignores the data. RFC4616 does not mention a server response (any challenge). RFC4422 secion 5b specifies valid mechanisms should indicate whether the server is expected to provide additional data indicating a successful outcome. RFC4616 does not indicate this. So, it's not clear why Tencent is sending this data, but again, we can just ignore it.
twmb · Jun 1, 2023 · 3addecc · 3addecc
1 parent 8406043
commit 3addecc
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/pkg/sasl/plain/plain.go b/pkg/sasl/plain/plain.go
@@ -3,7 +3,6 @@ package plain
 
 import (
  "context"
- "errors"
 
  "github.com/twmb/franz-go/pkg/sasl"
 )
@@ -52,9 +51,6 @@ func (fn plain) Authenticate(ctx context.Context, _ string) (sasl.Session, []byt
 
 type session struct{}
 
-func (session) Challenge(resp []byte) (bool, []byte, error) {
- if len(resp) != 0 {
- return false, nil, errors.New("unexpected data in plain response")
- }
+func (session) Challenge([]byte) (bool, []byte, error) {
  return true, nil, nil
 }