This is an automated email from the ASF dual-hosted git repository.
menghaoran pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new c05b58b Add Authentication.findUser (#8557)
c05b58b is described below
commit c05b58b1610b18503f436a61db1d24dba72c7e33
Author: Liang Zhang <[email protected]>
AuthorDate: Thu Dec 10 14:45:44 2020 +0800
Add Authentication.findUser (#8557)
---
.../governance/core/config/ConfigCenterTest.java | 6 ++++--
.../listener/AuthenticationChangedListenerTest.java | 5 ++++-
.../shardingsphere/infra/auth/Authentication.java | 11 +++++++++++
.../yaml/swapper/AuthenticationYamlSwapperTest.java | 10 +++++++---
.../schema/impl/ShowDatabasesBackendHandler.java | 5 ++++-
.../schema/impl/UseDatabaseBackendHandler.java | 6 +++++-
.../impl/GovernanceBootstrapInitializerTest.java | 20 ++++++++++----------
.../impl/StandardBootstrapInitializerTest.java | 14 +++++++-------
.../swapper/YamlProxyConfigurationSwapperTest.java | 11 +++++------
.../mysql/auth/MySQLAuthenticationHandler.java | 12 +-----------
.../command/admin/initdb/MySQLComInitDbExecutor.java | 5 ++++-
.../auth/PostgreSQLAuthenticationHandler.java | 16 +++++-----------
12 files changed, 67 insertions(+), 54 deletions(-)
diff --git
a/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/ConfigCenterTest.java
b/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/ConfigCenterTest.java
index e7af01d..5c03403 100644
---
a/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/ConfigCenterTest.java
+++
b/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/ConfigCenterTest.java
@@ -28,6 +28,7 @@ import
org.apache.shardingsphere.governance.core.yaml.swapper.SchemaYamlSwapper;
import
org.apache.shardingsphere.governance.repository.api.ConfigurationRepository;
import org.apache.shardingsphere.ha.api.config.HARuleConfiguration;
import org.apache.shardingsphere.infra.auth.Authentication;
+import org.apache.shardingsphere.infra.auth.ProxyUser;
import
org.apache.shardingsphere.infra.auth.yaml.config.YamlAuthenticationConfiguration;
import
org.apache.shardingsphere.infra.auth.yaml.swapper.AuthenticationYamlSwapper;
import org.apache.shardingsphere.infra.config.RuleConfiguration;
@@ -419,8 +420,9 @@ public final class ConfigCenterTest {
when(configurationRepository.get("/authentication")).thenReturn(readYAML(AUTHENTICATION_YAML));
ConfigCenter configCenter = new ConfigCenter(configurationRepository);
Authentication actual = configCenter.loadAuthentication();
- assertThat(actual.getUsers().size(), is(2));
- assertThat(actual.getUsers().get("root1").getPassword(), is("root1"));
+ Optional<ProxyUser> user = actual.findUser("root1");
+ assertTrue(user.isPresent());
+ assertThat(user.get().getPassword(), is("root1"));
}
@Test
diff --git
a/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/listener/AuthenticationChangedListenerTest.java
b/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/listener/AuthenticationChangedListenerTest.java
index fd968f7..2801273 100644
---
a/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/listener/AuthenticationChangedListenerTest.java
+++
b/shardingsphere-governance/shardingsphere-governance-core/src/test/java/org/apache/shardingsphere/governance/core/config/listener/AuthenticationChangedListenerTest.java
@@ -22,6 +22,7 @@ import
org.apache.shardingsphere.governance.core.event.model.auth.Authentication
import
org.apache.shardingsphere.governance.repository.api.ConfigurationRepository;
import
org.apache.shardingsphere.governance.repository.api.listener.DataChangedEvent;
import
org.apache.shardingsphere.governance.repository.api.listener.DataChangedEvent.Type;
+import org.apache.shardingsphere.infra.auth.ProxyUser;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
@@ -54,6 +55,8 @@ public final class AuthenticationChangedListenerTest {
public void assertCreateEvent() {
Optional<GovernanceEvent> actual =
authenticationChangedListener.createEvent(new DataChangedEvent("test",
AUTHENTICATION_YAML, Type.UPDATED));
assertTrue(actual.isPresent());
- assertThat(((AuthenticationChangedEvent)
actual.get()).getAuthentication().getUsers().get("root1").getPassword(),
is("root1"));
+ Optional<ProxyUser> user = ((AuthenticationChangedEvent)
actual.get()).getAuthentication().findUser("root1");
+ assertTrue(user.isPresent());
+ assertThat(user.get().getPassword(), is("root1"));
}
}
diff --git
a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/Authentication.java
b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/Authentication.java
index 5e70e91..2a451f2 100644
---
a/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/Authentication.java
+++
b/shardingsphere-infra/shardingsphere-infra-common/src/main/java/org/apache/shardingsphere/infra/auth/Authentication.java
@@ -22,6 +22,7 @@ import lombok.RequiredArgsConstructor;
import java.util.LinkedHashMap;
import java.util.Map;
+import java.util.Optional;
/**
* Authentication.
@@ -31,4 +32,14 @@ import java.util.Map;
public final class Authentication {
private final Map<String, ProxyUser> users = new LinkedHashMap<>();
+
+ /**
+ * Find user.
+ *
+ * @param username username
+ * @return found user
+ */
+ public Optional<ProxyUser> findUser(final String username) {
+ return Optional.ofNullable(users.get(username));
+ }
}
diff --git
a/shardingsphere-infra/shardingsphere-infra-common/src/test/java/org/apache/shardingsphere/infra/auth/yaml/swapper/AuthenticationYamlSwapperTest.java
b/shardingsphere-infra/shardingsphere-infra-common/src/test/java/org/apache/shardingsphere/infra/auth/yaml/swapper/AuthenticationYamlSwapperTest.java
index 35162a1..beb1137 100644
---
a/shardingsphere-infra/shardingsphere-infra-common/src/test/java/org/apache/shardingsphere/infra/auth/yaml/swapper/AuthenticationYamlSwapperTest.java
+++
b/shardingsphere-infra/shardingsphere-infra-common/src/test/java/org/apache/shardingsphere/infra/auth/yaml/swapper/AuthenticationYamlSwapperTest.java
@@ -26,6 +26,7 @@ import org.junit.Test;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
+import java.util.Optional;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertThat;
@@ -60,9 +61,12 @@ public final class AuthenticationYamlSwapperTest {
YamlAuthenticationConfiguration yamlConfig = new
YamlAuthenticationConfiguration();
yamlConfig.setUsers(users);
Authentication actual = new
AuthenticationYamlSwapper().swapToObject(yamlConfig);
- assertThat(actual.getUsers().size(), is(2));
-
assertThat(actual.getUsers().get("user1").getAuthorizedSchemas().size(), is(1));
-
assertThat(actual.getUsers().get("user2").getAuthorizedSchemas().size(), is(2));
+ Optional<ProxyUser> actualUser1 = actual.findUser("user1");
+ assertTrue(actualUser1.isPresent());
+ assertThat(actualUser1.get().getAuthorizedSchemas().size(), is(1));
+ Optional<ProxyUser> actualUser2 = actual.findUser("user2");
+ assertTrue(actualUser2.isPresent());
+ assertThat(actualUser2.get().getAuthorizedSchemas().size(), is(2));
}
@Test
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/ShowDatabasesBackendHandler.java
b/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/ShowDatabasesBackendHandler.java
index 5512432..eb53cec 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/ShowDatabasesBackendHandler.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/ShowDatabasesBackendHandler.java
@@ -18,6 +18,7 @@
package org.apache.shardingsphere.proxy.backend.text.metadata.schema.impl;
import lombok.RequiredArgsConstructor;
+import org.apache.shardingsphere.infra.auth.ProxyUser;
import org.apache.shardingsphere.infra.merge.result.MergedResult;
import
org.apache.shardingsphere.proxy.backend.communication.jdbc.connection.BackendConnection;
import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
@@ -32,6 +33,7 @@ import java.sql.Types;
import java.util.Collection;
import java.util.Collections;
import java.util.LinkedList;
+import java.util.Optional;
/**
* Show databases backend handler.
@@ -52,7 +54,8 @@ public final class ShowDatabasesBackendHandler implements
SchemaBackendHandler {
private Collection<Object> getSchemaNames() {
Collection<Object> result = new
LinkedList<>(ProxyContext.getInstance().getAllSchemaNames());
- Collection<String> authorizedSchemas =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().getUsers().get(backendConnection.getUsername()).getAuthorizedSchemas();
+ Optional<ProxyUser> user =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().findUser(backendConnection.getUsername());
+ Collection<String> authorizedSchemas = user.isPresent() ?
user.get().getAuthorizedSchemas() : Collections.emptyList();
if (!authorizedSchemas.isEmpty()) {
result.retainAll(authorizedSchemas);
}
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/UseDatabaseBackendHandler.java
b/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/UseDatabaseBackendHandler.java
index 97b564b..71158cf 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/UseDatabaseBackendHandler.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-backend/src/main/java/org/apache/shardingsphere/proxy/backend/text/metadata/schema/impl/UseDatabaseBackendHandler.java
@@ -18,6 +18,7 @@
package org.apache.shardingsphere.proxy.backend.text.metadata.schema.impl;
import lombok.RequiredArgsConstructor;
+import org.apache.shardingsphere.infra.auth.ProxyUser;
import
org.apache.shardingsphere.proxy.backend.communication.jdbc.connection.BackendConnection;
import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
import
org.apache.shardingsphere.proxy.backend.exception.UnknownDatabaseException;
@@ -28,6 +29,8 @@ import
org.apache.shardingsphere.sql.parser.sql.common.util.SQLUtil;
import
org.apache.shardingsphere.sql.parser.sql.dialect.statement.mysql.dal.MySQLUseStatement;
import java.util.Collection;
+import java.util.Collections;
+import java.util.Optional;
/**
* Use database backend handler.
@@ -50,7 +53,8 @@ public final class UseDatabaseBackendHandler implements
SchemaBackendHandler {
}
private boolean isAuthorizedSchema(final String schema) {
- Collection<String> authorizedSchemas =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().getUsers().get(backendConnection.getUsername()).getAuthorizedSchemas();
+ Optional<ProxyUser> user =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().findUser(backendConnection.getUsername());
+ Collection<String> authorizedSchemas = user.isPresent() ?
user.get().getAuthorizedSchemas() : Collections.emptyList();
return authorizedSchemas.isEmpty() ||
authorizedSchemas.contains(schema);
}
}
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/GovernanceBootstrapInitializerTest.java
b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/GovernanceBootstrapInitializerTest.java
index 35679e9..62479fb 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/GovernanceBootstrapInitializerTest.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/GovernanceBootstrapInitializerTest.java
@@ -44,6 +44,7 @@ import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.Collection;
import java.util.Map;
+import java.util.Optional;
import java.util.Properties;
import java.util.stream.Collectors;
@@ -193,16 +194,15 @@ public final class GovernanceBootstrapInitializerTest
extends AbstractBootstrapI
}
private void assertAuthentication(final Authentication actual) {
- assertThat(actual.getUsers().size(), is(2));
- assertTrue(actual.getUsers().containsKey("root"));
- ProxyUser rootProxyUser = actual.getUsers().get("root");
- assertThat(rootProxyUser.getPassword(), is("root"));
- assertThat(rootProxyUser.getAuthorizedSchemas().size(), is(0));
- assertTrue(actual.getUsers().containsKey("sharding"));
- ProxyUser shardingProxyUser = actual.getUsers().get("sharding");
- assertThat(shardingProxyUser.getPassword(), is("sharding"));
- assertThat(shardingProxyUser.getAuthorizedSchemas().size(), is(1));
-
assertTrue(shardingProxyUser.getAuthorizedSchemas().contains("sharding_db"));
+ Optional<ProxyUser> rootUser = actual.findUser("root");
+ assertTrue(rootUser.isPresent());
+ assertThat(rootUser.get().getPassword(), is("root"));
+ assertThat(rootUser.get().getAuthorizedSchemas().size(), is(0));
+ Optional<ProxyUser> shardingUser = actual.findUser("sharding");
+ assertTrue(shardingUser.isPresent());
+ assertThat(shardingUser.get().getPassword(), is("sharding"));
+ assertThat(shardingUser.get().getAuthorizedSchemas().size(), is(1));
+
assertTrue(shardingUser.get().getAuthorizedSchemas().contains("sharding_db"));
}
@Test
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/StandardBootstrapInitializerTest.java
b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/StandardBootstrapInitializerTest.java
index b6c7015..524761c 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/StandardBootstrapInitializerTest.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-bootstrap/src/test/java/org/apache/shardingsphere/proxy/initializer/impl/StandardBootstrapInitializerTest.java
@@ -41,6 +41,7 @@ import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
+import java.util.Optional;
import java.util.Properties;
import static org.hamcrest.CoreMatchers.instanceOf;
@@ -146,13 +147,12 @@ public final class StandardBootstrapInitializerTest
extends AbstractBootstrapIni
}
private void assertAuthentication(final Authentication actual) {
- assertThat(actual.getUsers().size(), is(1));
- assertTrue(actual.getUsers().containsKey("root"));
- ProxyUser proxyUser = actual.getUsers().get("root");
- assertThat(proxyUser.getPassword(), is("root"));
- assertThat(proxyUser.getAuthorizedSchemas().size(), is(2));
- assertTrue(proxyUser.getAuthorizedSchemas().contains("ds-1"));
- assertTrue(proxyUser.getAuthorizedSchemas().contains("ds-2"));
+ Optional<ProxyUser> rootUser = actual.findUser("root");
+ assertTrue(rootUser.isPresent());
+ assertThat(rootUser.get().getPassword(), is("root"));
+ assertThat(rootUser.get().getAuthorizedSchemas().size(), is(2));
+ assertTrue(rootUser.get().getAuthorizedSchemas().contains("ds-1"));
+ assertTrue(rootUser.get().getAuthorizedSchemas().contains("ds-2"));
}
private YamlProxyServerConfiguration createYamlProxyServerConfiguration() {
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-common/src/test/java/org/apache/shardingsphere/proxy/config/yaml/swapper/YamlProxyConfigurationSwapperTest.java
b/shardingsphere-proxy/shardingsphere-proxy-common/src/test/java/org/apache/shardingsphere/proxy/config/yaml/swapper/YamlProxyConfigurationSwapperTest.java
index 7c26fe4..7e2d4aa 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-common/src/test/java/org/apache/shardingsphere/proxy/config/yaml/swapper/YamlProxyConfigurationSwapperTest.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-common/src/test/java/org/apache/shardingsphere/proxy/config/yaml/swapper/YamlProxyConfigurationSwapperTest.java
@@ -39,6 +39,7 @@ import java.util.Collection;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.Map;
+import java.util.Optional;
import java.util.Properties;
import static org.hamcrest.CoreMatchers.instanceOf;
@@ -103,12 +104,10 @@ public final class YamlProxyConfigurationSwapperTest {
private void assertAuthentication(final ProxyConfiguration proxyConfig) {
Authentication authentication = proxyConfig.getAuthentication();
assertNotNull(authentication);
- Map<String, ProxyUser> proxyUserMap = authentication.getUsers();
- assertThat(proxyUserMap.size(), is(1));
- ProxyUser proxyUser = proxyUserMap.get("user1");
- assertNotNull(proxyUser);
- assertThat(proxyUser.getPassword(), is("pass"));
- Collection<String> authorizedSchemas =
proxyUser.getAuthorizedSchemas();
+ Optional<ProxyUser> user = authentication.findUser("user1");
+ assertTrue(user.isPresent());
+ assertThat(user.get().getPassword(), is("pass"));
+ Collection<String> authorizedSchemas =
user.get().getAuthorizedSchemas();
assertNotNull(authentication);
assertThat(authorizedSchemas.size(), is(1));
assertTrue(authorizedSchemas.contains("db1"));
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandler.java
b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandler.java
index 6054389..cc4c1b0 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandler.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/auth/MySQLAuthenticationHandler.java
@@ -28,7 +28,6 @@ import
org.apache.shardingsphere.proxy.backend.context.ProxyContext;
import java.util.Arrays;
import java.util.Collection;
-import java.util.Map.Entry;
import java.util.Optional;
/**
@@ -50,7 +49,7 @@ public final class MySQLAuthenticationHandler {
* @return login success or failure
*/
public Optional<MySQLServerErrorCode> login(final String username, final
byte[] authResponse, final String database) {
- Optional<ProxyUser> user = getUser(username);
+ Optional<ProxyUser> user =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().findUser(username);
if (!user.isPresent() || !isPasswordRight(user.get().getPassword(),
authResponse)) {
return Optional.of(MySQLServerErrorCode.ER_ACCESS_DENIED_ERROR);
}
@@ -60,15 +59,6 @@ public final class MySQLAuthenticationHandler {
return Optional.empty();
}
- private Optional<ProxyUser> getUser(final String username) {
- for (Entry<String, ProxyUser> entry :
PROXY_SCHEMA_CONTEXTS.getMetaDataContexts().getAuthentication().getUsers().entrySet())
{
- if (entry.getKey().equals(username)) {
- return Optional.of(entry.getValue());
- }
- }
- return Optional.empty();
- }
-
private boolean isPasswordRight(final String password, final byte[]
authResponse) {
return Strings.isNullOrEmpty(password) ||
Arrays.equals(getAuthCipherBytes(password), authResponse);
}
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/command/admin/initdb/MySQLComInitDbExecutor.java
b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/command/admin/initdb/MySQLComInitDbExecutor.java
index a26a752..ef8427b 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/command/admin/initdb/MySQLComInitDbExecutor.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-mysql/src/main/java/org/apache/shardingsphere/proxy/frontend/mysql/command/admin/initdb/MySQLComInitDbExecutor.java
@@ -21,6 +21,7 @@ import lombok.RequiredArgsConstructor;
import
org.apache.shardingsphere.db.protocol.mysql.packet.command.admin.initdb.MySQLComInitDbPacket;
import
org.apache.shardingsphere.db.protocol.mysql.packet.generic.MySQLOKPacket;
import org.apache.shardingsphere.db.protocol.packet.DatabasePacket;
+import org.apache.shardingsphere.infra.auth.ProxyUser;
import
org.apache.shardingsphere.proxy.backend.communication.jdbc.connection.BackendConnection;
import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
import
org.apache.shardingsphere.proxy.backend.exception.UnknownDatabaseException;
@@ -29,6 +30,7 @@ import
org.apache.shardingsphere.sql.parser.sql.common.util.SQLUtil;
import java.util.Collection;
import java.util.Collections;
+import java.util.Optional;
/**
* COM_INIT_DB command executor for MySQL.
@@ -51,7 +53,8 @@ public final class MySQLComInitDbExecutor implements
CommandExecutor {
}
private boolean isAuthorizedSchema(final String schema) {
- Collection<String> authorizedSchemas =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().getUsers().get(backendConnection.getUsername()).getAuthorizedSchemas();
+ Optional<ProxyUser> user =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().findUser(backendConnection.getUsername());
+ Collection<String> authorizedSchemas = user.isPresent() ?
user.get().getAuthorizedSchemas() : Collections.emptyList();
return authorizedSchemas.isEmpty() ||
authorizedSchemas.contains(schema);
}
}
diff --git
a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java
b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java
index 6a46f5b..8513293 100644
---
a/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java
+++
b/shardingsphere-proxy/shardingsphere-proxy-frontend/shardingsphere-proxy-frontend-postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/auth/PostgreSQLAuthenticationHandler.java
@@ -30,7 +30,7 @@ import
org.apache.shardingsphere.proxy.backend.context.ProxyContext;
import java.security.MessageDigest;
import java.util.Collection;
-import java.util.Map;
+import java.util.Optional;
/**
* Authentication handler for PostgreSQL.
@@ -48,22 +48,16 @@ public final class PostgreSQLAuthenticationHandler {
* @return PostgreSQL login result
*/
public static PostgreSQLLoginResult loginWithMd5Password(final String
username, final String databaseName, final byte[] md5Salt, final
PostgreSQLPasswordMessagePacket passwordMessagePacket) {
- ProxyUser proxyUser = null;
- for (Map.Entry<String, ProxyUser> entry :
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().getUsers().entrySet())
{
- if (entry.getKey().equals(username)) {
- proxyUser = entry.getValue();
- break;
- }
- }
- if (null == proxyUser) {
+ Optional<ProxyUser> user =
ProxyContext.getInstance().getMetaDataContexts().getAuthentication().findUser(username);
+ if (!user.isPresent()) {
return new
PostgreSQLLoginResult(PostgreSQLErrorCode.INVALID_AUTHORIZATION_SPECIFICATION,
String.format("unknown username: %s", username));
}
String md5Digest = passwordMessagePacket.getMd5Digest();
- String expectedMd5Digest = md5Encode(username,
proxyUser.getPassword(), md5Salt);
+ String expectedMd5Digest = md5Encode(username,
user.get().getPassword(), md5Salt);
if (!expectedMd5Digest.equals(md5Digest)) {
return new
PostgreSQLLoginResult(PostgreSQLErrorCode.INVALID_PASSWORD,
String.format("password authentication failed for user \"%s\"", username));
}
- if (!isAuthorizedSchema(proxyUser.getAuthorizedSchemas(),
databaseName)) {
+ if (!isAuthorizedSchema(user.get().getAuthorizedSchemas(),
databaseName)) {
return new
PostgreSQLLoginResult(PostgreSQLErrorCode.PRIVILEGE_NOT_GRANTED,
String.format("Access denied for user '%s' to database '%s'", username,
databaseName));
}
return new
PostgreSQLLoginResult(PostgreSQLErrorCode.SUCCESSFUL_COMPLETION, null);
