refactor: rename gssapi to kerberos

gssapi is the type kerberos is the backend.

apps/emqx_auth_gssapi/include/emqx_auth_gssapi.hrl

@@ -2,15 +2,15 @@
 %% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 
--ifndef(EMQX_AUTH_GSSAPI_HRL).
--define(EMQX_AUTH_GSSAPI_HRL, true).
+-ifndef(EMQX_AUTH_KERBEROS_HRL).
+-define(EMQX_AUTH_KERBEROS_HRL, true).
 
 -define(AUTHN_MECHANISM_GSSAPI, gssapi).
 -define(AUTHN_MECHANISM_GSSAPI_BIN, <<"gssapi">>).
 
--define(AUTHN_BACKEND, gssapi).
--define(AUTHN_BACKEND_BIN, <<"gssapi">>).
+-define(AUTHN_BACKEND, kerberos).
+-define(AUTHN_BACKEND_BIN, <<"kerberos">>).
 
--define(AUTHN_TYPE_GSSAPI, {?AUTHN_MECHANISM_GSSAPI, ?AUTHN_BACKEND}).
+-define(AUTHN_TYPE_KERBEROS, {?AUTHN_MECHANISM_GSSAPI, ?AUTHN_BACKEND}).
 
 -endif.

apps/emqx_auth_gssapi/src/emqx_auth_gssapi.app.src

@@ -1,9 +1,9 @@
 %% -*- mode: erlang -*-
-{application, emqx_auth_gssapi, [
-    {description, "EMQX gssapi Authentication"},
+{application, emqx_auth_kerberos, [
+    {description, "EMQX Kerberos Authentication"},
     {vsn, "0.1.0"},
     {registered, []},
-    {mod, {emqx_auth_gssapi_app, []}},
+    {mod, {emqx_auth_kerberos_app, []}},
     {applications, [
         kernel,
         stdlib,

apps/emqx_auth_gssapi/src/emqx_auth_gssapi_app.erl

@@ -2,19 +2,19 @@
 %% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 
--module(emqx_auth_gssapi_app).
+-module(emqx_auth_kerberos_app).
 
--include("emqx_auth_gssapi.hrl").
+-include("emqx_auth_kerberos.hrl").
 
 -behaviour(application).
 
 -export([start/2, stop/1]).
 
 start(_StartType, _StartArgs) ->
-    ok = emqx_authn:register_provider(?AUTHN_TYPE_GSSAPI, emqx_authn_gssapi),
-    {ok, Sup} = emqx_auth_gssapi_sup:start_link(),
+    ok = emqx_authn:register_provider(?AUTHN_TYPE_KERBEROS, emqx_authn_kerberos),
+    {ok, Sup} = emqx_auth_kerberos_sup:start_link(),
     {ok, Sup}.
 
 stop(_State) ->
-    ok = emqx_authn:deregister_provider(?AUTHN_TYPE_GSSAPI),
+    ok = emqx_authn:deregister_provider(?AUTHN_TYPE_KERBEROS),
     ok.

apps/emqx_auth_gssapi/src/emqx_auth_gssapi_sup.erl

@@ -2,7 +2,7 @@
 %% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 
--module(emqx_auth_gssapi_sup).
+-module(emqx_auth_kerberos_sup).
 
 -behaviour(supervisor).
 

apps/emqx_auth_gssapi/src/emqx_authn_gssapi.erl

@@ -2,9 +2,9 @@
 %% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 
--module(emqx_authn_gssapi).
+-module(emqx_authn_kerberos).
 
--include("emqx_auth_gssapi.hrl").
+-include("emqx_auth_kerberos.hrl").
 -include_lib("emqx_auth/include/emqx_authn.hrl").
 -include_lib("typerefl/include/types.hrl").
 
@@ -44,7 +44,7 @@ destroy(_) ->
 
 authenticate(
     #{
-        auth_method := <<"GSSAPI">>,
+        auth_method := <<"GSSAPI-KERBEROS">>,
         auth_data := AuthData,
         auth_cache := AuthCache
     },
@@ -71,7 +71,7 @@ auth_new(Principal) ->
         {ok, SaslConn} ->
             {ok, SaslConn};
         Error ->
-            ?TRACE_AUTHN_PROVIDER("sasl_gssapi_new_failed", #{
+            ?TRACE_AUTHN_PROVIDER("sasl_kerberos_new_failed", #{
                 reason => Error,
                 sasl_function => "server_server_new"
             }),
@@ -86,7 +86,7 @@ auth_begin(SaslConn, ClientToken) ->
             sasl_auth:server_done(SaslConn),
             {ok, #{}, ServerToken};
         Reason ->
-            ?TRACE_AUTHN_PROVIDER("sasl_gssapi_start_failed", #{
+            ?TRACE_AUTHN_PROVIDER("sasl_kerberos_start_failed", #{
                 reason => Reason,
                 sasl_function => "server_server_start"
             }),
@@ -102,7 +102,7 @@ auth_continue(SaslConn, ClientToken) ->
             sasl_auth:server_done(SaslConn),
             {ok, #{}, ServerToken};
         Reason ->
-            ?TRACE_AUTHN_PROVIDER("sasl_gssapi_step_failed", #{
+            ?TRACE_AUTHN_PROVIDER("sasl_kerberos_step_failed", #{
                 reason => Reason,
                 sasl_function => "server_server_step"
             }),

apps/emqx_auth_gssapi/src/emqx_authn_gssapi_schema.erl

@@ -2,9 +2,9 @@
 %% Copyright (c) 2024 EMQ Technologies Co., Ltd. All Rights Reserved.
 %%--------------------------------------------------------------------
 
--module(emqx_authn_gssapi_schema).
+-module(emqx_authn_kerberos_schema).
 
--include("emqx_auth_gssapi.hrl").
+-include("emqx_auth_kerberos.hrl").
 -include_lib("hocon/include/hoconsc.hrl").
 
 -behaviour(emqx_authn_schema).
@@ -20,7 +20,7 @@
 namespace() -> "authn".
 
 refs() ->
-    [?R_REF(gssapi)].
+    [?R_REF(kerberos)].
 
 select_union_member(#{
     <<"mechanism">> := ?AUTHN_MECHANISM_GSSAPI_BIN, <<"backend">> := ?AUTHN_BACKEND_BIN
@@ -34,7 +34,7 @@ select_union_member(#{<<"mechanism">> := ?AUTHN_MECHANISM_GSSAPI_BIN}) ->
 select_union_member(_) ->
     undefined.
 
-fields(gssapi) ->
+fields(kerberos) ->
     emqx_authn_schema:common_fields() ++
         [
             {mechanism, emqx_authn_schema:mechanism(?AUTHN_MECHANISM_GSSAPI)},
@@ -58,7 +58,7 @@ fields(gssapi) ->
                 })}
         ].
 
-desc(gssapi) ->
-    "Settings for GSSAPI authentication.";
+desc(kerberos) ->
+    "Settings for Kerberos authentication.";
 desc(_) ->
     undefined.

apps/emqx_conf/src/emqx_conf_schema_inject.erl

@@ -65,7 +65,7 @@ authn_mods(ee) ->
         [
             emqx_gcp_device_authn_schema,
             emqx_authn_scram_restapi_schema,
-            emqx_authn_gssapi_schema
+            emqx_authn_kerberos_schema
         ].
 
 authz() ->

rel/i18n/emqx_authn_gssapi_schema.hocon

@@ -1,10 +1,10 @@
-emqx_authn_gssapi_schema {
+emqx_authn_kerberos_schema {
 
 principal {
     label: "Kerberos Principal"
     desc: """~
-        SASL GSSAPI authentication Kerberos principal.
-        For example <code>mqtt/node1.example.com@MY_REALM.EXAMPLE.COM</code>.
+        Server Kerberos principal.
+        For example <code>mqtt/emqx-cluster-1.example.com@MY_REALM.EXAMPLE.COM</code>.
         NOTE: The realm in use has to be configured in /etc/krb5.conf in EMQX nodes.~"""
 }
 
@@ -24,7 +24,7 @@ server_fqdn {
 keytab_file {
     label: "Keytab File"
     desc: """~
-        SASL GSSAPI authentication Kerberos keytab file path.
+        Kerberos keytab file path.
         NOTE: This file has to be placed in EMQX nodes.~"""
 }