func WithKerberosAuth()

in http_client_wrappers.go [49:80]

• 32 lines of code
• 7 McCabe index (conditional complexity)

func WithKerberosAuth(cli *http.Client, username, realm, keyTab, krb5Conf, krb5CredentialCache string) (*http.Client, error) {
	var kerberosClient *client.Client
	if krb5CredentialCache != "" {
		tc, err := credentials.LoadCCache(krb5CredentialCache)
		if err != nil {
			return nil, fmt.Errorf("error reading kerberos ticket cache: %w", err)
		}
		kc, err := client.NewFromCCache(tc, config.New())
		if err != nil {
			return nil, fmt.Errorf("error creating kerberos client: %w", err)
		}
		kerberosClient = kc
	} else {
		cfg, err := config.Load(krb5Conf)
		if err != nil {
			return nil, fmt.Errorf("error reading kerberos config: %w", err)
		}
		kt, err := keytab.Load(keyTab)
		if err != nil {
			return nil, fmt.Errorf("error reading kerberos keytab: %w", err)
		}
		kc := client.NewWithKeytab(username, realm, kt, cfg)
		err = kc.Login()
		if err != nil {
			return nil, fmt.Errorf("error performing kerberos login with keytab: %w", err)
		}
		kerberosClient = kc
	}
	rt := &krb5Transport{cli.Transport, kerberosClient}
	cli.Transport = rt
	return cli, nil
}