authentication support for guassdb

Author: liubao68

src/main/java/io/r2dbc/postgresql/authentication/PasswordAuthenticationHandler.java

@@ -19,8 +19,10 @@
 import io.r2dbc.postgresql.message.backend.AuthenticationCleartextPassword;
 import io.r2dbc.postgresql.message.backend.AuthenticationMD5Password;
 import io.r2dbc.postgresql.message.backend.AuthenticationMessage;
+import io.r2dbc.postgresql.message.backend.AuthenticationSHA256Password;
 import io.r2dbc.postgresql.message.frontend.FrontendMessage;
 import io.r2dbc.postgresql.message.frontend.PasswordMessage;
+import io.r2dbc.postgresql.message.frontend.SHA256PasswordMessage;
 import io.r2dbc.postgresql.util.Assert;
 
 /**
@@ -54,7 +56,9 @@ public PasswordAuthenticationHandler(CharSequence password, String username) {
     public static boolean supports(AuthenticationMessage message) {
         Assert.requireNonNull(message, "message must not be null");
 
-        return message instanceof AuthenticationCleartextPassword || message instanceof AuthenticationMD5Password;
+        return message instanceof AuthenticationCleartextPassword
+            || message instanceof AuthenticationMD5Password
+            || message instanceof AuthenticationSHA256Password;
     }
 
     @Override
@@ -65,12 +69,18 @@ public FrontendMessage handle(AuthenticationMessage message) {
             return handleAuthenticationClearTextPassword();
         } else if (message instanceof AuthenticationMD5Password) {
             return handleAuthenticationMD5Password((AuthenticationMD5Password) message);
+        } else if (message instanceof AuthenticationSHA256Password) {
+            return handleAuthenticationSHA256Password((AuthenticationSHA256Password) message);
         } else {
             throw new IllegalArgumentException(String.format("Cannot handle %s message", message.getClass().getSimpleName()));
         }
     }
 
-    private PasswordMessage handleAuthenticationClearTextPassword() {
+  private FrontendMessage handleAuthenticationSHA256Password(AuthenticationSHA256Password message) {
+      return new SHA256PasswordMessage(this.username, this.password, message);
+  }
+
+  private PasswordMessage handleAuthenticationClearTextPassword() {
         return new PasswordMessage(this.password);
     }
 

src/main/java/io/r2dbc/postgresql/message/backend/AuthenticationSHA256Password.java

@@ -0,0 +1,97 @@
+/*
+ * Copyright 2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.r2dbc.postgresql.message.backend;
+
+import io.netty.buffer.ByteBuf;
+import io.r2dbc.postgresql.util.Assert;
+import io.r2dbc.postgresql.util.ByteBufferUtils;
+
+import java.nio.ByteBuffer;
+
+/**
+ * The AuthenticationSHA256Password message.
+ */
+public final class AuthenticationSHA256Password implements AuthenticationMessage {
+    public static final int PLAIN_PASSWORD = 0;
+
+    public static final int MD5_PASSWORD = 1;
+
+    public static final int SHA256_PASSWORD = 2;
+
+    private final int passwordStoredMethod;
+
+    private ByteBuffer randomCode;
+
+    private ByteBuffer token;
+
+    private ByteBuffer iteration;
+
+    private ByteBuffer md5Salt;
+
+    /**
+     * Create a new message.
+     *
+     * @throws IllegalArgumentException if {@code authenticationMechanisms} is {@code null}
+     */
+    public AuthenticationSHA256Password(int passwordStoredMethod, ByteBuffer randomCode, ByteBuffer token, ByteBuffer iteration) {
+        this.passwordStoredMethod = passwordStoredMethod;
+        this.randomCode = randomCode;
+        this.token = token;
+        this.iteration = iteration;
+    }
+
+    public AuthenticationSHA256Password(int passwordStoredMethod, ByteBuffer md5Salt) {
+        this.passwordStoredMethod = passwordStoredMethod;
+        this.md5Salt = md5Salt;
+    }
+
+    public ByteBuffer getRandomCode() {
+        return this.randomCode;
+    }
+
+    public ByteBuffer getToken() {
+        return this.token;
+    }
+
+    public ByteBuffer getIteration() {
+        return iteration;
+    }
+
+    public ByteBuffer getMd5Salt() {
+        return this.md5Salt;
+    }
+
+    public int getPasswordStoredMethod() {
+        return this.passwordStoredMethod;
+    }
+
+    static AuthenticationSHA256Password decode(ByteBuf in) {
+        Assert.requireNonNull(in, "in must not be null");
+
+        int passwordStoredMethod = in.readInt();
+        if (passwordStoredMethod == PLAIN_PASSWORD || passwordStoredMethod == SHA256_PASSWORD) {
+            return new AuthenticationSHA256Password(passwordStoredMethod,
+                ByteBufferUtils.toByteBuffer(in.readSlice(64)),
+                ByteBufferUtils.toByteBuffer(in.readSlice(8)),
+                ByteBufferUtils.toByteBuffer(in.readSlice(4)));
+        } else if(passwordStoredMethod == MD5_PASSWORD) {
+            return new AuthenticationSHA256Password(passwordStoredMethod, ByteBufferUtils.toByteBuffer(in.readSlice(4)));
+        }
+        throw new IllegalArgumentException(String.format("%s is not a supported password stored method.", passwordStoredMethod));
+    }
+
+}

src/main/java/io/r2dbc/postgresql/message/backend/BackendMessageDecoder.java

@@ -110,12 +110,8 @@ private static BackendMessage decodeAuthentication(ByteBuf in) {
                 return AuthenticationMD5Password.decode(in);
             case SCMC_CREDENTIAL:
                 return AuthenticationSCMCredential.INSTANCE;
-            case SASL:
-                return AuthenticationSASL.decode(in);
-            case SASL_CONTINUE:
-                return AuthenticationSASLContinue.decode(in);
-            case SASL_FINAL:
-                return AuthenticationSASLFinal.decode(in);
+            case SHA256_PASSWORD:
+                return AuthenticationSHA256Password.decode(in);
             case SSPI:
                 return AuthenticationSSPI.INSTANCE;
             default:
@@ -132,7 +128,7 @@ private enum AuthenticationType {
         GSS_CONTINUE(8),
         MD5_PASSWORD(5),
         SCMC_CREDENTIAL(6),
-        SASL(10),
+        SHA256_PASSWORD(10),
         SASL_CONTINUE(11),
         SASL_FINAL(12),
         SSPI(9);

src/main/java/io/r2dbc/postgresql/message/frontend/SHA256PasswordMessage.java

@@ -0,0 +1,81 @@
+/*
+ * Copyright 2017 the original author or authors.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.r2dbc.postgresql.message.frontend;
+
+import io.netty.buffer.ByteBuf;
+import io.netty.buffer.ByteBufAllocator;
+import io.r2dbc.postgresql.message.backend.AuthenticationSHA256Password;
+import io.r2dbc.postgresql.util.Assert;
+import io.r2dbc.postgresql.util.MD5Digest;
+import org.reactivestreams.Publisher;
+import reactor.core.publisher.Mono;
+
+import java.nio.ByteBuffer;
+import java.nio.charset.StandardCharsets;
+
+import static io.r2dbc.postgresql.message.frontend.FrontendMessageUtils.writeByte;
+import static io.r2dbc.postgresql.message.frontend.FrontendMessageUtils.writeBytes;
+import static io.r2dbc.postgresql.message.frontend.FrontendMessageUtils.writeInt;
+
+/**
+ * The SHA256PasswordMessage message.
+ */
+public final class SHA256PasswordMessage implements FrontendMessage {
+
+    private final CharSequence password;
+
+    private final String username;
+
+    private final AuthenticationSHA256Password authentication;
+
+    /**
+     * Create a new message.
+     *
+     * @param password the password (encrypted, if requested)
+     * @throws IllegalArgumentException if {@code password} is {@code null}
+     */
+    public SHA256PasswordMessage(String username, CharSequence password, AuthenticationSHA256Password authentication) {
+        this.username = Assert.requireNonNull(username, "username must not be null");
+        this.password = Assert.requireNonNull(password, "password must not be null");
+        this.authentication = Assert.requireNonNull(authentication, "authentication must not be null");
+    }
+
+    @Override
+    public Publisher<ByteBuf> encode(ByteBufAllocator byteBufAllocator) {
+        Assert.requireNonNull(byteBufAllocator, "byteBufAllocator must not be null");
+
+        return Mono.fromSupplier(() -> {
+            ByteBuf out = byteBufAllocator.ioBuffer();
+            byte[] result;
+            if (AuthenticationSHA256Password.SHA256_PASSWORD == authentication.getPasswordStoredMethod() ||
+                AuthenticationSHA256Password.PLAIN_PASSWORD == authentication.getPasswordStoredMethod()) {
+                String randomCode = new String(authentication.getRandomCode().array(), StandardCharsets.UTF_8);
+                String token = new String(authentication.getToken().array(), StandardCharsets.UTF_8);
+                int iteration = authentication.getIteration().getInt();
+                result = MD5Digest.RFC5802Algorithm(String.valueOf(this.password), randomCode, token, iteration);
+            } else {
+                byte[] salt = authentication.getMd5Salt().array();
+                result = MD5Digest.SHA256_MD5encode(username.getBytes(StandardCharsets.UTF_8),
+                    String.valueOf(this.password).getBytes(StandardCharsets.UTF_8), salt);
+            }
+            writeByte(out, 'p');
+            writeInt(out, 4 + result.length + 1);
+            writeBytes(out, ByteBuffer.wrap(result));
+            return writeByte(out, 0);
+        });
+    }
+}

src/main/java/io/r2dbc/postgresql/message/frontend/StartupMessage.java

@@ -87,7 +87,7 @@ public Publisher<ByteBuf> encode(ByteBufAllocator byteBufAllocator) {
             ByteBuf out = byteBufAllocator.ioBuffer();
 
             writeLengthPlaceholder(out);
-            writeShort(out, 3, 0);
+            writeShort(out, 3, 51);
             writeParameter(out, USER, this.username);
 
             if (this.database != null) {