Feature/auth and tls for brokers

README.md

@@ -146,6 +146,52 @@ Here are the options that you can use with the Kafka controller:
 * `WithMaxBytes`: specify the maximum size of a message that will be received. If not specified, default value (`10e6`, meaning `10MB`) will be used.
 * `WithLogger`: specify the logger that will be used by the controller. If not specified, a silent logger is used that won't log anything.
 * `WithAutoCommit`: specify if the broker should use auto-commit for incoming messages or manual commits. Note that commits are managed by the broker implementation regardless, with manual commits they are executed after the message is complete processed. Subscribers retain the option to manually handle errors via the ErrorHandler, to use mechanisms such as dead letter or retry topics. The default value is `true`
+* `WithSasl`: specify sasl mechanism to connect to the broker. Per default no mechanism will be used.
+* `WithTLS`: specify tls config to connect to the broker. Per default no tls config will be used.
+* `WithConnectionTest`: specify if the controller should make a connection test on creation. The default value is `true`
+
+#### Authentication and TLS
+
+To use a TLS connection and or authentication for the connection to the kafka broker the following options can be used:
+
+```golang
+// Plain mechanism
+kafkaController, err := kafka.NewController([]string{"<host>:<port>"},
+    kafka.WithGroupID(queueGroupID),
+    kafka.WithSasl(plain.Mechanism{Username: "<user>", Password: "<password>"}),
+)
+
+// Sha256 mechanism
+sha256Mechanism, err := scram.Mechanism(scram.SHA256, "<user>", "<password>")
+if err != nil {
+    // handle error
+}
+
+kafkaController, err := kafka.NewController([]string{"<host>:<port>"},
+    kafka.WithGroupID(queueGroupID),
+    kafka.WithSasl(sha256Mechanism),
+)
+
+// Sha512 mechanism
+sha512Mechanism, err := scram.Mechanism(scram.SHA512, "<user>", "<password>")
+if err != nil {
+    // handle error
+}
+
+kafkaController, err := kafka.NewController([]string{"<host>:<port>"},
+    kafka.WithGroupID(queueGroupID),
+    kafka.WithSasl(sha512Mechanism),
+)
+
+// TLS
+// configure tls.config
+myTLSConfig := &tls.Config{}
+
+kafkaController, err := kafka.NewController([]string{"<host>:<port>"},
+    kafka.WithGroupID(queueGroupID),
+    kafka.WithTLS(myTLSConfig),
+)
+```
 
 ### NATS
 
@@ -166,6 +212,32 @@ Here are the options that you can use with the NATS controller:
 
 * `WithLogger`: specify the logger that will be used by the controller. If not specified, a silent logger is used that won't log anything.
 * `WithQueueGroup`: specify the queue group that will be used by the controller. If not specified, default queue name (`asyncapi`) will be used.
+* `WithConnectionOpts`: specify connection Options for establishing connection with nats see [Nats Options](https://pkg.go.dev/github.com/nats-io/go-nats#Option) for more information. If not specified, no options will be used.
+
+#### Authentication and TLS
+
+To use a TLS connection and or authentication for the connection to the nats broker the following nats options can be used:
+
+```golang
+import (
+"github.com/lerenn/asyncapi-codegen/pkg/extensions/brokers/nats"
+
+// import natsio go client option
+natsio "github.com/nats-io/nats.go"
+
+)
+
+func main(){
+
+    myTLSConfig := &tls.Config{}
+
+    natsController, err := nats.NewController("nats://<host>:<port>",
+		nats.WithQueueGroup(queueGroupID),
+		nats.WithConnectionOpts(natsio.UserCredentials("<user.jwt>", "<user.nk>"), natsio.Secure(myTLSConfig))
+	)
+
+}
+```
 
 ### NATS JetStream
 

go.mod

@@ -51,6 +51,9 @@ require (
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/vektah/gqlparser/v2 v2.5.10 // indirect
 	github.com/xanzy/ssh-agent v0.3.3 // indirect
+	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
+	github.com/xdg-go/scram v1.1.2 // indirect
+	github.com/xdg-go/stringprep v1.0.4 // indirect
 	golang.org/x/crypto v0.16.0 // indirect
 	golang.org/x/exp v0.0.0-20231006140011-7918f672742d // indirect
 	golang.org/x/mod v0.14.0 // indirect