Add support for EXTERNAL auth

src/client.ts

@@ -707,6 +707,7 @@ export interface ClientParams {
   port: number
   username: string
   password: string
+  mechanism?: string
   vhost: string
   frameMax?: number
   heartbeat?: number

src/connection.ts

@@ -146,7 +146,11 @@ export class Connection {
         this.logger.info(`Connected to RabbitMQ ${this.params.hostname}:${this.params.port}`)
         this.peerProperties = (await this.exchangeProperties()).properties
         this.filteringEnabled = lt(coerce(this.rabbitManagementVersion)!, REQUIRED_MANAGEMENT_VERSION) ? false : true
-        await this.auth({ username: this.params.username, password: this.params.password })
+        await this.auth({
+          username: this.params.username,
+          password: this.params.password,
+          mechanism: this.params.mechanism ?? "PLAIN",
+        })
         const { heartbeat } = await this.tune(this.params.heartbeat ?? 0)
         await this.open({ virtualHost: this.params.vhost })
         if (!this.heartbeat.started) this.heartbeat.start(heartbeat)
@@ -436,19 +440,17 @@ export class Connection {
     return this.setupCompleted
   }
 
-  private async auth(params: { username: string; password: string }) {
+  private async auth(params: { username: string; password: string; mechanism: string }) {
     this.logger.debug(`Start authentication process ...`)
     this.logger.debug(`Start SASL handshake ...`)
     const handshakeResponse = await this.sendAndWait<SaslHandshakeResponse>(new SaslHandshakeRequest())
     this.logger.debug(`Mechanisms: ${handshakeResponse.mechanisms}`)
-    if (!handshakeResponse.mechanisms.find((m) => m === "PLAIN")) {
-      throw new Error(`Unable to find PLAIN mechanism in ${handshakeResponse.mechanisms}`)
+    if (!handshakeResponse.mechanisms.find((m) => m === params.mechanism)) {
+      throw new Error(`Unable to find ${params.mechanism} mechanism in ${handshakeResponse.mechanisms}`)
     }
 
-    this.logger.debug(`Start SASL PLAIN authentication ...`)
-    const authResponse = await this.sendAndWait<SaslAuthenticateResponse>(
-      new SaslAuthenticateRequest({ ...params, mechanism: "PLAIN" })
-    )
+    this.logger.debug(`Start SASL ${params.mechanism} authentication ...`)
+    const authResponse = await this.sendAndWait<SaslAuthenticateResponse>(new SaslAuthenticateRequest(params))
     this.logger.debug(`Authentication: ${authResponse.ok} - '${authResponse.data}'`)
     if (!authResponse.ok) {
       throw new Error(`Unable Authenticate -> ${authResponse.code}`)

src/requests/sasl_authenticate_request.ts

@@ -14,10 +14,19 @@ export class SaslAuthenticateRequest extends AbstractRequest {
 
   protected writeContent(writer: DataWriter): void {
     writer.writeString(this.params.mechanism)
-    writer.writeUInt32(this.params.password.length + this.params.username.length + 2)
-    writer.writeUInt8(0)
-    writer.writeData(this.params.username)
-    writer.writeUInt8(0)
-    writer.writeData(this.params.password)
+    switch (this.params.mechanism) {
+      case "PLAIN":
+        writer.writeUInt32(this.params.password.length + this.params.username.length + 2)
+        writer.writeUInt8(0)
+        writer.writeData(this.params.username)
+        writer.writeUInt8(0)
+        writer.writeData(this.params.password)
+        break
+      case "EXTERNAL":
+        writer.writeUInt32(0)
+        break
+      default:
+        throw new Error(`Auth mechanism ${this.params.mechanism} not implemented`)
+    }
   }
 }

test/support/util.ts

@@ -220,7 +220,7 @@ export const sendANumberOfRandomMessages = async (publisher: Publisher, offset =
 }
 
 export const getTestNodesFromEnv = (): { host: string; port: number }[] => {
-  const envValue = process.env.RABBIT_MQ_TEST_NODES ?? "localhost:5552"
+  const envValue = process.env.RABBIT_MQ_TEST_NODES ?? "rabbitmq:5552"
   const nodes = envValue.split(";")
   return nodes.map((n) => {
     const [host, port] = n.split(":")