This is an automated email from the ASF dual-hosted git repository.
sunnianjun pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 8898982c05d Add MD5 password authenticator for openGauss. (#24313)
8898982c05d is described below
commit 8898982c05dfcea1c0757389103b864ef4ca88a3
Author: Raigor <[email protected]>
AuthorDate: Thu Feb 23 18:15:45 2023 +0800
Add MD5 password authenticator for openGauss. (#24313)
* Add MD5 password authenticator for openGauss.
* Add test cases.
---
.../authenticator/MySQLAuthenticatorTypeTest.java | 70 ++++++++++++++++++++++
.../impl/MySQLClearPasswordAuthenticatorTest.java | 7 +++
.../OpenGaussAuthenticationEngine.java | 33 ++++++++--
.../authenticator/OpenGaussAuthenticatorType.java | 7 +++
...java => OpenGaussMD5PasswordAuthenticator.java} | 18 ++----
.../OpenGaussSCRAMSha256PasswordAuthenticator.java | 4 +-
.../OpenGaussAuthenticatorTypeTest.java | 70 ++++++++++++++++++++++
.../OpenGaussMD5PasswordAuthenticatorTest.java} | 18 ++++--
.../PostgreSQLAuthenticatorTypeTest.java | 70 ++++++++++++++++++++++
.../PostgreSQLMD5PasswordAuthenticatorTest.java | 13 ++--
.../impl/PostgreSQLPasswordAuthenticatorTest.java | 7 +++
11 files changed, 287 insertions(+), 30 deletions(-)
diff --git
a/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/authenticator/MySQLAuthenticatorTypeTest.java
b/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/authenticator/MySQLAuthenticatorTypeTest.java
new file mode 100644
index 00000000000..576f8827752
--- /dev/null
+++
b/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/authenticator/MySQLAuthenticatorTypeTest.java
@@ -0,0 +1,70 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package
org.apache.shardingsphere.proxy.frontend.mysql.authentication.authenticator;
+
+import org.apache.shardingsphere.authority.rule.AuthorityRule;
+import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
+import org.apache.shardingsphere.proxy.frontend.authentication.Authenticator;
+import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticatorFactory;
+import
org.apache.shardingsphere.proxy.frontend.mysql.authentication.authenticator.impl.MySQLClearPasswordAuthenticator;
+import
org.apache.shardingsphere.proxy.frontend.mysql.authentication.authenticator.impl.MySQLNativePasswordAuthenticator;
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public final class MySQLAuthenticatorTypeTest {
+
+ private final AuthorityRule rule = mock(AuthorityRule.class);
+
+ @Test
+ public void assertDefaultAuthenticatorType() {
+ when(rule.getAuthenticatorType(any())).thenReturn("");
+ Authenticator authenticator = new
AuthenticatorFactory<>(MySQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(MySQLNativePasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("mysql_native_password"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithErrorName() {
+ when(rule.getAuthenticatorType(any())).thenReturn("error");
+ Authenticator authenticator = new
AuthenticatorFactory<>(MySQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(MySQLNativePasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("mysql_native_password"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithNative() {
+ when(rule.getAuthenticatorType(any())).thenReturn("NATIVE");
+ Authenticator authenticator = new
AuthenticatorFactory<>(MySQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(MySQLNativePasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("mysql_native_password"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithPassword() {
+ when(rule.getAuthenticatorType(any())).thenReturn("CLEAR_TEXT");
+ Authenticator authenticator = new
AuthenticatorFactory<>(MySQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(MySQLClearPasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("mysql_clear_password"));
+ }
+}
diff --git
a/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/authenticator/impl/MySQLClearPasswordAuthenticatorTest.java
b/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/authenticator/impl/MySQLClearPasswordAuthenticatorTest.java
index a4a4929721a..eda3d6e736f 100644
---
a/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/authenticator/impl/MySQLClearPasswordAuthenticatorTest.java
+++
b/proxy/frontend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/frontend/mysql/authentication/authenticator/impl/MySQLClearPasswordAuthenticatorTest.java
@@ -21,11 +21,18 @@ import
org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
import org.apache.shardingsphere.proxy.frontend.mysql.ProxyContextRestorer;
import org.junit.Test;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
public final class MySQLClearPasswordAuthenticatorTest extends
ProxyContextRestorer {
+ @Test
+ public void assertAuthenticationMethodName() {
+ assertThat(new
MySQLClearPasswordAuthenticator().getAuthenticationMethod().getMethodName(),
is("mysql_clear_password"));
+ }
+
@Test
public void assertAuthenticate() {
ShardingSphereUser user = new ShardingSphereUser("foo", "password",
"%");
diff --git
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
index cee8fd3b6cb..84e9ca2a0ec 100644
---
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
+++
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
@@ -26,13 +26,17 @@ import
org.apache.shardingsphere.db.protocol.opengauss.constant.OpenGaussProtoco
import
org.apache.shardingsphere.db.protocol.opengauss.packet.authentication.OpenGaussAuthenticationHexData;
import
org.apache.shardingsphere.db.protocol.opengauss.packet.authentication.OpenGaussAuthenticationSCRAMSha256Packet;
import org.apache.shardingsphere.db.protocol.payload.PacketPayload;
+import
org.apache.shardingsphere.db.protocol.postgresql.constant.PostgreSQLAuthenticationMethod;
import
org.apache.shardingsphere.db.protocol.postgresql.constant.PostgreSQLServerInfo;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.generic.PostgreSQLReadyForQueryPacket;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLAuthenticationOKPacket;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLComStartupPacket;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLParameterStatusPacket;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLPasswordMessagePacket;
+import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLRandomGenerator;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLSSLNegativePacket;
+import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.authentication.PostgreSQLMD5PasswordAuthenticationPacket;
+import
org.apache.shardingsphere.db.protocol.postgresql.packet.identifier.PostgreSQLIdentifierPacket;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.identifier.PostgreSQLMessagePacketType;
import
org.apache.shardingsphere.db.protocol.postgresql.payload.PostgreSQLPacketPayload;
import
org.apache.shardingsphere.dialect.exception.syntax.database.UnknownDatabaseException;
@@ -49,6 +53,7 @@ import
org.apache.shardingsphere.proxy.backend.postgresql.handler.admin.PostgreS
import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticationEngine;
import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticationResult;
import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticationResultBuilder;
+import org.apache.shardingsphere.proxy.frontend.authentication.Authenticator;
import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticatorFactory;
import
org.apache.shardingsphere.proxy.frontend.connection.ConnectionIdGenerator;
import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.OpenGaussAuthenticatorType;
@@ -78,6 +83,8 @@ public final class OpenGaussAuthenticationEngine implements
AuthenticationEngine
private int serverIteration;
+ private byte[] md5Salt;
+
private AuthenticationResult currentAuthResult;
@Override
@@ -118,11 +125,18 @@ public final class OpenGaussAuthenticationEngine
implements AuthenticationEngine
Grantee grantee = new Grantee(username, "%");
Optional<ShardingSphereUser> user = rule.findUser(grantee);
ShardingSpherePreconditions.checkState(user.isPresent(), () -> new
UnknownUsernameException(username));
- ShardingSpherePreconditions.checkState(new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(user.get())
- .authenticate(user.get(), new Object[]{digest,
authHexData.getSalt(), authHexData.getNonce(), serverIteration}), () -> new
InvalidPasswordException(username));
+ Authenticator authenticator = new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(user.get());
+ ShardingSpherePreconditions.checkState(login(authenticator,
user.get(), digest), () -> new InvalidPasswordException(username));
ShardingSpherePreconditions.checkState(null == databaseName || new
AuthorityChecker(rule, grantee).isAuthorized(databaseName), () -> new
PrivilegeNotGrantedException(username, databaseName));
}
+ private boolean login(final Authenticator authenticator, final
ShardingSphereUser user, final String digest) {
+ if (PostgreSQLAuthenticationMethod.MD5 ==
authenticator.getAuthenticationMethod()) {
+ return authenticator.authenticate(user, new Object[]{digest,
md5Salt});
+ }
+ return authenticator.authenticate(user, new Object[]{digest,
authHexData.getSalt(), authHexData.getNonce(), serverIteration});
+ }
+
private AuthenticationResult processStartupMessage(final
ChannelHandlerContext context, final PostgreSQLPacketPayload payload, final
AuthorityRule rule) {
startupMessageReceived = true;
PostgreSQLComStartupPacket startupPacket = new
PostgreSQLComStartupPacket(payload);
@@ -130,10 +144,19 @@ public final class OpenGaussAuthenticationEngine
implements AuthenticationEngine
context.channel().attr(CommonConstants.CHARSET_ATTRIBUTE_KEY).set(PostgreSQLCharacterSets.findCharacterSet(clientEncoding));
String username = startupPacket.getUsername();
ShardingSpherePreconditions.checkState(!Strings.isNullOrEmpty(username),
EmptyUsernameException::new);
- serverIteration = startupPacket.getVersion() ==
OpenGaussProtocolVersion.PROTOCOL_350.getVersion() ?
PROTOCOL_350_SERVER_ITERATOR : PROTOCOL_351_SERVER_ITERATOR;
- String password = rule.findUser(new Grantee(username,
"%")).map(ShardingSphereUser::getPassword).orElse("");
- context.writeAndFlush(new
OpenGaussAuthenticationSCRAMSha256Packet(startupPacket.getVersion(),
serverIteration, authHexData, password));
+ context.writeAndFlush(getIdentifierPacket(username, rule,
startupPacket.getVersion()));
currentAuthResult = AuthenticationResultBuilder.continued(username,
"", startupPacket.getDatabase());
return currentAuthResult;
}
+
+ private PostgreSQLIdentifierPacket getIdentifierPacket(final String
username, final AuthorityRule rule, final int version) {
+ Optional<Authenticator> authenticator = rule.findUser(new
Grantee(username, "")).map(optional -> new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(optional));
+ if (authenticator.isPresent() && PostgreSQLAuthenticationMethod.MD5 ==
authenticator.get().getAuthenticationMethod()) {
+ md5Salt =
PostgreSQLRandomGenerator.getInstance().generateRandomBytes(4);
+ return new PostgreSQLMD5PasswordAuthenticationPacket(md5Salt);
+ }
+ serverIteration = version ==
OpenGaussProtocolVersion.PROTOCOL_350.getVersion() ?
PROTOCOL_350_SERVER_ITERATOR : PROTOCOL_351_SERVER_ITERATOR;
+ String password = rule.findUser(new Grantee(username,
"%")).map(ShardingSphereUser::getPassword).orElse("");
+ return new OpenGaussAuthenticationSCRAMSha256Packet(version,
serverIteration, authHexData, password);
+ }
}
diff --git
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/OpenGaussAuthenticatorType.java
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/OpenGaussAuthenticatorType.java
index f96048f68e5..14212556429 100644
---
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/OpenGaussAuthenticatorType.java
+++
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/OpenGaussAuthenticatorType.java
@@ -20,6 +20,7 @@ package
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authen
import lombok.Getter;
import lombok.RequiredArgsConstructor;
import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticatorType;
+import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.impl.OpenGaussMD5PasswordAuthenticator;
import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.impl.OpenGaussSCRAMSha256PasswordAuthenticator;
/**
@@ -29,9 +30,15 @@ import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authent
@Getter
public enum OpenGaussAuthenticatorType implements AuthenticatorType {
+ MD5(OpenGaussMD5PasswordAuthenticator.class),
+
SCRAM_SHA256(OpenGaussSCRAMSha256PasswordAuthenticator.class, true);
private final Class<? extends OpenGaussAuthenticator> authenticatorClass;
private final boolean isDefault;
+
+ OpenGaussAuthenticatorType(final Class<? extends OpenGaussAuthenticator>
authenticatorClass) {
+ this(authenticatorClass, false);
+ }
}
diff --git
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussSCRAMSha256PasswordAuthenticator.java
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussMD5PasswordAuthenticator.java
similarity index 63%
copy from
proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussSCRAMSha256PasswordAuthenticator.java
copy to
proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussMD5PasswordAuthenticator.java
index 4f7501a89a2..728ac688d97 100644
---
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussSCRAMSha256PasswordAuthenticator.java
+++
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussMD5PasswordAuthenticator.java
@@ -18,31 +18,23 @@
package
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.impl;
import org.apache.shardingsphere.db.protocol.constant.AuthenticationMethod;
-import
org.apache.shardingsphere.db.protocol.opengauss.packet.authentication.OpenGaussMacCalculator;
import
org.apache.shardingsphere.db.protocol.postgresql.constant.PostgreSQLAuthenticationMethod;
import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.OpenGaussAuthenticator;
-
-import java.util.Arrays;
+import
org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator.impl.PostgreSQLMD5PasswordAuthenticator;
/**
- * SCRAM Sha256 password authenticator for openGauss.
+ * MD5 password authenticator for openGauss.
*/
-public final class OpenGaussSCRAMSha256PasswordAuthenticator implements
OpenGaussAuthenticator {
+public final class OpenGaussMD5PasswordAuthenticator implements
OpenGaussAuthenticator {
@Override
public boolean authenticate(final ShardingSphereUser user, final Object[]
authInfo) {
- String h3HexString = (String) authInfo[0];
- String salt = (String) authInfo[1];
- String nonce = (String) authInfo[2];
- int serverIteration = (int) authInfo[3];
- byte[] serverStoredKey =
OpenGaussMacCalculator.requestClientMac(user.getPassword(), salt,
serverIteration);
- byte[] clientCalculatedStoredKey =
OpenGaussMacCalculator.calculateClientMac(h3HexString, nonce, serverStoredKey);
- return Arrays.equals(clientCalculatedStoredKey, serverStoredKey);
+ return new PostgreSQLMD5PasswordAuthenticator().authenticate(user,
authInfo);
}
@Override
public AuthenticationMethod getAuthenticationMethod() {
- return PostgreSQLAuthenticationMethod.SCRAM_SHA256;
+ return PostgreSQLAuthenticationMethod.MD5;
}
}
diff --git
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussSCRAMSha256PasswordAuthenticator.java
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussSCRAMSha256PasswordAuthenticator.java
index 4f7501a89a2..30306ce5ea5 100644
---
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussSCRAMSha256PasswordAuthenticator.java
+++
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussSCRAMSha256PasswordAuthenticator.java
@@ -18,8 +18,8 @@
package
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.impl;
import org.apache.shardingsphere.db.protocol.constant.AuthenticationMethod;
+import
org.apache.shardingsphere.db.protocol.opengauss.constant.OpenGaussAuthenticationMethod;
import
org.apache.shardingsphere.db.protocol.opengauss.packet.authentication.OpenGaussMacCalculator;
-import
org.apache.shardingsphere.db.protocol.postgresql.constant.PostgreSQLAuthenticationMethod;
import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.OpenGaussAuthenticator;
@@ -43,6 +43,6 @@ public final class OpenGaussSCRAMSha256PasswordAuthenticator
implements OpenGaus
@Override
public AuthenticationMethod getAuthenticationMethod() {
- return PostgreSQLAuthenticationMethod.SCRAM_SHA256;
+ return OpenGaussAuthenticationMethod.SCRAM_SHA256;
}
}
diff --git
a/proxy/frontend/type/opengauss/src/test/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/OpenGaussAuthenticatorTypeTest.java
b/proxy/frontend/type/opengauss/src/test/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/OpenGaussAuthenticatorTypeTest.java
new file mode 100644
index 00000000000..fc9532422f0
--- /dev/null
+++
b/proxy/frontend/type/opengauss/src/test/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/OpenGaussAuthenticatorTypeTest.java
@@ -0,0 +1,70 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator;
+
+import org.apache.shardingsphere.authority.rule.AuthorityRule;
+import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
+import org.apache.shardingsphere.proxy.frontend.authentication.Authenticator;
+import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticatorFactory;
+import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.impl.OpenGaussMD5PasswordAuthenticator;
+import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.impl.OpenGaussSCRAMSha256PasswordAuthenticator;
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public final class OpenGaussAuthenticatorTypeTest {
+
+ private final AuthorityRule rule = mock(AuthorityRule.class);
+
+ @Test
+ public void assertDefaultAuthenticatorType() {
+ when(rule.getAuthenticatorType(any())).thenReturn("");
+ Authenticator authenticator = new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(OpenGaussSCRAMSha256PasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("scram-sha-256"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithErrorName() {
+ when(rule.getAuthenticatorType(any())).thenReturn("error");
+ Authenticator authenticator = new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(OpenGaussSCRAMSha256PasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("scram-sha-256"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithSCRAMSha256() {
+ when(rule.getAuthenticatorType(any())).thenReturn("SCRAM_SHA256");
+ Authenticator authenticator = new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(OpenGaussSCRAMSha256PasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("scram-sha-256"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithMD5() {
+ when(rule.getAuthenticatorType(any())).thenReturn("md5");
+ Authenticator authenticator = new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(OpenGaussMD5PasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("md5"));
+ }
+}
diff --git
a/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLMD5PasswordAuthenticatorTest.java
b/proxy/frontend/type/opengauss/src/test/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussMD5PasswordAuthenticatorTest.java
similarity index 71%
copy from
proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLMD5PasswordAuthenticatorTest.java
copy to
proxy/frontend/type/opengauss/src/test/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussMD5PasswordAuthenticatorTest.java
index 2e8f62da70c..96ae64d7b62 100644
---
a/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLMD5PasswordAuthenticatorTest.java
+++
b/proxy/frontend/type/opengauss/src/test/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/authenticator/impl/OpenGaussMD5PasswordAuthenticatorTest.java
@@ -15,32 +15,38 @@
* limitations under the License.
*/
-package
org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator.impl;
+package
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.impl;
import lombok.SneakyThrows;
import
org.apache.shardingsphere.db.protocol.postgresql.packet.handshake.PostgreSQLRandomGenerator;
import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
+import
org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator.impl.PostgreSQLMD5PasswordAuthenticator;
import org.junit.Test;
import org.mockito.internal.configuration.plugins.Plugins;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
-public final class PostgreSQLMD5PasswordAuthenticatorTest {
-
- private final PostgreSQLMD5PasswordAuthenticator authenticator = new
PostgreSQLMD5PasswordAuthenticator();
+public final class OpenGaussMD5PasswordAuthenticatorTest {
private final String username = "root";
private final String password = "password";
+ @Test
+ public void assertAuthenticationMethodName() {
+ assertThat(new
OpenGaussMD5PasswordAuthenticator().getAuthenticationMethod().getMethodName(),
is("md5"));
+ }
+
@Test
public void assertAuthenticate() {
ShardingSphereUser user = new ShardingSphereUser(username, password,
"");
byte[] md5Salt =
PostgreSQLRandomGenerator.getInstance().generateRandomBytes(4);
String md5Digest = md5Encode(md5Salt);
- assertTrue(authenticator.authenticate(user, new Object[]{md5Digest,
md5Salt}));
- assertFalse(authenticator.authenticate(user, new Object[]{"wrong",
md5Salt}));
+ assertTrue(new OpenGaussMD5PasswordAuthenticator().authenticate(user,
new Object[]{md5Digest, md5Salt}));
+ assertFalse(new OpenGaussMD5PasswordAuthenticator().authenticate(user,
new Object[]{"wrong", md5Salt}));
}
@SneakyThrows(ReflectiveOperationException.class)
diff --git
a/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/PostgreSQLAuthenticatorTypeTest.java
b/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/PostgreSQLAuthenticatorTypeTest.java
new file mode 100644
index 00000000000..777b4c21232
--- /dev/null
+++
b/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/PostgreSQLAuthenticatorTypeTest.java
@@ -0,0 +1,70 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package
org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator;
+
+import org.apache.shardingsphere.authority.rule.AuthorityRule;
+import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
+import org.apache.shardingsphere.proxy.frontend.authentication.Authenticator;
+import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticatorFactory;
+import
org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator.impl.PostgreSQLMD5PasswordAuthenticator;
+import
org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authenticator.impl.PostgreSQLPasswordAuthenticator;
+import org.junit.Test;
+
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+public final class PostgreSQLAuthenticatorTypeTest {
+
+ private final AuthorityRule rule = mock(AuthorityRule.class);
+
+ @Test
+ public void assertDefaultAuthenticatorType() {
+ when(rule.getAuthenticatorType(any())).thenReturn("");
+ Authenticator authenticator = new
AuthenticatorFactory<>(PostgreSQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(PostgreSQLMD5PasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("md5"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithErrorName() {
+ when(rule.getAuthenticatorType(any())).thenReturn("error");
+ Authenticator authenticator = new
AuthenticatorFactory<>(PostgreSQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(PostgreSQLMD5PasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("md5"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithMD5() {
+ when(rule.getAuthenticatorType(any())).thenReturn("MD5");
+ Authenticator authenticator = new
AuthenticatorFactory<>(PostgreSQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(PostgreSQLMD5PasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("md5"));
+ }
+
+ @Test
+ public void assertAuthenticatorTypeWithPassword() {
+ when(rule.getAuthenticatorType(any())).thenReturn("PASSWORD");
+ Authenticator authenticator = new
AuthenticatorFactory<>(PostgreSQLAuthenticatorType.class,
rule).newInstance(mock(ShardingSphereUser.class));
+ assertThat(authenticator,
instanceOf(PostgreSQLPasswordAuthenticator.class));
+ assertThat(authenticator.getAuthenticationMethod().getMethodName(),
is("password"));
+ }
+}
diff --git
a/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLMD5PasswordAuthenticatorTest.java
b/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLMD5PasswordAuthenticatorTest.java
index 2e8f62da70c..bb60cff78cd 100644
---
a/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLMD5PasswordAuthenticatorTest.java
+++
b/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLMD5PasswordAuthenticatorTest.java
@@ -23,24 +23,29 @@ import
org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
import org.junit.Test;
import org.mockito.internal.configuration.plugins.Plugins;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
public final class PostgreSQLMD5PasswordAuthenticatorTest {
- private final PostgreSQLMD5PasswordAuthenticator authenticator = new
PostgreSQLMD5PasswordAuthenticator();
-
private final String username = "root";
private final String password = "password";
+ @Test
+ public void assertAuthenticationMethodName() {
+ assertThat(new
PostgreSQLMD5PasswordAuthenticator().getAuthenticationMethod().getMethodName(),
is("md5"));
+ }
+
@Test
public void assertAuthenticate() {
ShardingSphereUser user = new ShardingSphereUser(username, password,
"");
byte[] md5Salt =
PostgreSQLRandomGenerator.getInstance().generateRandomBytes(4);
String md5Digest = md5Encode(md5Salt);
- assertTrue(authenticator.authenticate(user, new Object[]{md5Digest,
md5Salt}));
- assertFalse(authenticator.authenticate(user, new Object[]{"wrong",
md5Salt}));
+ assertTrue(new PostgreSQLMD5PasswordAuthenticator().authenticate(user,
new Object[]{md5Digest, md5Salt}));
+ assertFalse(new
PostgreSQLMD5PasswordAuthenticator().authenticate(user, new Object[]{"wrong",
md5Salt}));
}
@SneakyThrows(ReflectiveOperationException.class)
diff --git
a/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLPasswordAuthenticatorTest.java
b/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLPasswordAuthenticatorTest.java
index cba578906e1..0ff7bc0910a 100644
---
a/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLPasswordAuthenticatorTest.java
+++
b/proxy/frontend/type/postgresql/src/test/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/authenticator/impl/PostgreSQLPasswordAuthenticatorTest.java
@@ -20,11 +20,18 @@ package
org.apache.shardingsphere.proxy.frontend.postgresql.authentication.authe
import org.apache.shardingsphere.infra.metadata.user.ShardingSphereUser;
import org.junit.Test;
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
public final class PostgreSQLPasswordAuthenticatorTest {
+ @Test
+ public void assertAuthenticationMethodName() {
+ assertThat(new
PostgreSQLPasswordAuthenticator().getAuthenticationMethod().getMethodName(),
is("password"));
+ }
+
@Test
public void assertAuthenticateSuccess() {
assertTrue(new PostgreSQLPasswordAuthenticator().authenticate(new
ShardingSphereUser("root", "password", ""), new Object[]{"password", null}));
