-
-
Notifications
You must be signed in to change notification settings - Fork 618
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Plugin based authentication support #331
Conversation
Hey @sidorares This is fantastic. I have noticed that mysql2 can now adapt mysql authentication-switch method. Bravo! But it seems to be not correct when the authentication switch request is "mysql_native_password", could you help to verify? Authentication switch request (plugin method: mysql_native_password, salt): Authentication switch response (0-length payload): |
Yeah, looks strange Could you connect client with The client supposed to send response to node-mysql2/lib/commands/client_handshake.js Line 133 in 7b4f535
could you also log authToken from l133? If it's empty for some reason the resulting packet would be empty |
Hey @sidorares I digged a little and it turned out that in line:
If I hard-code a valid password string here, it will work correct. Thanks |
Thanks! I'll have a look, should be easy to fix |
@sidorares Hey man, any updates? :p Do we need to post an issue to track this? Best |
@twocode hi! The fix is actually very simple, just did not have time to implement The problem is following: When you have ChangeUser request the same AuthSwitch is performed as with initial ClientHandshake command. I'm mixing in this bit of functionality here: node-mysql2/lib/commands/change_user.js Line 21 in b534e15
ChangeUser.prototype.handshakeResult expects password/username fields differently
If you able to debug that would be great, otherwise wait few more days (or weeks, too busy :( ) |
yes, issue with detailed documentation and debug log would be helpful as well ( just to confirm that it's ChangeUser command etc ) |
Hi @twocode , could you try head of https://github.com/sidorares/node-mysql2/tree/auth-switch2 branch? |
@sidorares Cool man, let me give a try. Will keep you updated! |
@sidorares Hey dude, this fix has been verified. Cheers! |
hi @twocode as I was not able to replicate exactly your behaviour, just for the record - what's your server version? |
@sidorares I was using 5.6.26. By the way, are we having this fix in rc8? Will we have this in node-MySQL as well? |
Yes, I'll try to release another rc today and hope to have final 1.0 this week I'm not sure about node-MySQL timeline and priorities. If everyone is happy about AuthSwitch api I might try to implement them there but afaik there are more important features on todo list there |
Hey @sidorares , I understand. No worries. Thanks so much:) |
@twocode the fix for your issue was published with rc-9 |
@sidorares Gotcha! |
Packets documentation:
http://dev.mysql.com/doc/internals/en/connection-phase-packets.html#packet-Protocol::AuthSwitchRequest
Protocol examples:
http://dev.mysql.com/doc/internals/en/auth-method-switch.html
related node-mysql discussion: mysqljs/mysql#1396
/cc @twocode
API:
authSwitchHandler connection option. Function, accepts data as parameter and callback to pass
(err, authSwitchResponseData)
.Note that it can be invoked multiple times if server respond with AuthMoreData. At first invocation data.pluginName contains name of auth plugin, data.pluginData - buffer with data. Next invocations contain only data asdata.pluginData
.