This is an automated email from the ASF dual-hosted git repository.
zhonghongsheng pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 3ff01c55125 Refactor usage of AuthorityRule.findUser() (#31822)
3ff01c55125 is described below
commit 3ff01c5512595bb731fa97e98d8ebd56bb720b03
Author: Liang Zhang <[email protected]>
AuthorDate: Sun Jun 23 20:09:22 2024 +0800
Refactor usage of AuthorityRule.findUser() (#31822)
---
.../handler/admin/executor/ShowCurrentUserExecutor.java | 2 +-
.../admin/executor/ShowCurrentUserExecutorTest.java | 6 +++---
.../proxy/frontend/netty/CDCChannelInboundHandler.java | 14 ++++++--------
.../authentication/OpenGaussAuthenticationEngine.java | 15 +++++++--------
.../authentication/PostgreSQLAuthenticationEngine.java | 5 ++---
5 files changed, 19 insertions(+), 23 deletions(-)
diff --git
a/proxy/backend/type/mysql/src/main/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutor.java
b/proxy/backend/type/mysql/src/main/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutor.java
index d88984dad2a..c160ac3bdec 100644
---
a/proxy/backend/type/mysql/src/main/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutor.java
+++
b/proxy/backend/type/mysql/src/main/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutor.java
@@ -51,7 +51,7 @@ public final class ShowCurrentUserExecutor implements
DatabaseAdminQueryExecutor
public void execute(final ConnectionSession connectionSession) {
AuthorityRule authorityRule =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getSingleRule(AuthorityRule.class);
Optional<Grantee> grantee =
authorityRule.findUser(connectionSession.getConnectionContext().getGrantee()).map(ShardingSphereUser::getGrantee);
- mergedResult = new LocalDataMergedResult(Collections.singleton(new
LocalDataQueryResultRow(grantee.isPresent() ? grantee.get().toString() : "")));
+ mergedResult = new LocalDataMergedResult(Collections.singleton(new
LocalDataQueryResultRow(grantee.map(Grantee::toString).orElse(""))));
}
@Override
diff --git
a/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutorTest.java
b/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutorTest.java
index 04285d88be7..7add13dddc8 100644
---
a/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutorTest.java
+++
b/proxy/backend/type/mysql/src/test/java/org/apache/shardingsphere/proxy/backend/mysql/handler/admin/executor/ShowCurrentUserExecutorTest.java
@@ -74,9 +74,9 @@ class ShowCurrentUserExecutorTest {
private RuleMetaData mockRuleMetaData() {
AuthorityRule authorityRule = mock(AuthorityRule.class);
- ShardingSphereUser shardingSphereUser = mock(ShardingSphereUser.class);
- when(shardingSphereUser.getGrantee()).thenReturn(new Grantee("root",
"%"));
-
when(authorityRule.findUser(GRANTEE)).thenReturn(Optional.of(shardingSphereUser));
+ ShardingSphereUser user = mock(ShardingSphereUser.class);
+ when(user.getGrantee()).thenReturn(new Grantee("root", "%"));
+ when(authorityRule.findUser(GRANTEE)).thenReturn(Optional.of(user));
return new RuleMetaData(Collections.singletonList(authorityRule));
}
diff --git
a/proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java
b/proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java
index 198dfb08803..149ca16af04 100644
---
a/proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java
+++
b/proxy/frontend/core/src/main/java/org/apache/shardingsphere/proxy/frontend/netty/CDCChannelInboundHandler.java
@@ -60,7 +60,6 @@ import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.sql.SQLException;
import java.util.Objects;
-import java.util.Optional;
/**
* CDC channel inbound handler.
@@ -141,13 +140,12 @@ public final class CDCChannelInboundHandler extends
ChannelInboundHandlerAdapter
() -> new CDCExceptionWrapper(request.getRequestId(), new
EmptyCDCLoginRequestBodyException()));
BasicBody body = request.getLoginRequestBody().getBasicBody();
AuthorityRule authorityRule =
ProxyContext.getInstance().getContextManager().getMetaDataContexts().getMetaData().getGlobalRuleMetaData().getSingleRule(AuthorityRule.class);
- Optional<ShardingSphereUser> user = authorityRule.findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)));
- if (user.isPresent() &&
Objects.equals(Hashing.sha256().hashBytes(user.get().getPassword().getBytes()).toString().toUpperCase(),
body.getPassword())) {
- ctx.channel().attr(CONNECTION_CONTEXT_KEY).set(new
CDCConnectionContext(user.get()));
-
ctx.writeAndFlush(CDCResponseUtils.succeed(request.getRequestId()));
- } else {
- throw new CDCExceptionWrapper(request.getRequestId(), new
CDCLoginFailedException());
- }
+ ShardingSphereUser user = authorityRule.findUser(new
Grantee(body.getUsername(), getHostAddress(ctx)))
+ .orElseThrow(() -> new
CDCExceptionWrapper(request.getRequestId(), new CDCLoginFailedException()));
+
ShardingSpherePreconditions.checkState(Objects.equals(Hashing.sha256().hashBytes(user.getPassword().getBytes()).toString().toUpperCase(),
body.getPassword()),
+ () -> new CDCExceptionWrapper(request.getRequestId(), new
CDCLoginFailedException()));
+ ctx.channel().attr(CONNECTION_CONTEXT_KEY).set(new
CDCConnectionContext(user));
+ ctx.writeAndFlush(CDCResponseUtils.succeed(request.getRequestId()));
}
private void checkPrivileges(final String requestId, final Grantee
grantee, final String currentDatabase) {
diff --git
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
index af2bb86c306..e11e84fea55 100644
---
a/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
+++
b/proxy/frontend/type/opengauss/src/main/java/org/apache/shardingsphere/proxy/frontend/opengauss/authentication/OpenGaussAuthenticationEngine.java
@@ -20,6 +20,10 @@ package
org.apache.shardingsphere.proxy.frontend.opengauss.authentication;
import com.google.common.base.Strings;
import io.netty.channel.ChannelHandlerContext;
import io.netty.handler.ssl.SslHandler;
+import org.apache.shardingsphere.authentication.Authenticator;
+import org.apache.shardingsphere.authentication.AuthenticatorFactory;
+import org.apache.shardingsphere.authentication.result.AuthenticationResult;
+import
org.apache.shardingsphere.authentication.result.AuthenticationResultBuilder;
import org.apache.shardingsphere.authority.checker.AuthorityChecker;
import org.apache.shardingsphere.authority.rule.AuthorityRule;
import org.apache.shardingsphere.db.protocol.constant.CommonConstants;
@@ -55,10 +59,6 @@ import
org.apache.shardingsphere.infra.spi.type.typed.TypedSPILoader;
import org.apache.shardingsphere.proxy.backend.context.ProxyContext;
import
org.apache.shardingsphere.proxy.backend.postgresql.handler.admin.executor.variable.charset.PostgreSQLCharacterSets;
import
org.apache.shardingsphere.proxy.frontend.authentication.AuthenticationEngine;
-import org.apache.shardingsphere.authentication.result.AuthenticationResult;
-import
org.apache.shardingsphere.authentication.result.AuthenticationResultBuilder;
-import org.apache.shardingsphere.authentication.Authenticator;
-import org.apache.shardingsphere.authentication.AuthenticatorFactory;
import
org.apache.shardingsphere.proxy.frontend.connection.ConnectionIdGenerator;
import
org.apache.shardingsphere.proxy.frontend.opengauss.authentication.authenticator.OpenGaussAuthenticatorType;
import org.apache.shardingsphere.proxy.frontend.ssl.ProxySSLContext;
@@ -135,10 +135,9 @@ public final class OpenGaussAuthenticationEngine
implements AuthenticationEngine
String databaseName = currentAuthResult.getDatabase();
ShardingSpherePreconditions.checkState(Strings.isNullOrEmpty(databaseName) ||
ProxyContext.getInstance().databaseExists(databaseName), () -> new
UnknownDatabaseException(databaseName));
Grantee grantee = new Grantee(username, "%");
- Optional<ShardingSphereUser> user = rule.findUser(grantee);
- ShardingSpherePreconditions.checkState(user.isPresent(), () -> new
UnknownUsernameException(username));
- Authenticator authenticator = new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(user.get());
- ShardingSpherePreconditions.checkState(login(authenticator,
user.get(), digest), () -> new InvalidPasswordException(username));
+ ShardingSphereUser user = rule.findUser(grantee).orElseThrow(() -> new
UnknownUsernameException(username));
+ Authenticator authenticator = new
AuthenticatorFactory<>(OpenGaussAuthenticatorType.class,
rule).newInstance(user);
+ ShardingSpherePreconditions.checkState(login(authenticator, user,
digest), () -> new InvalidPasswordException(username));
ShardingSpherePreconditions.checkState(null == databaseName || new
AuthorityChecker(rule, grantee).isAuthorized(databaseName), () -> new
PrivilegeNotGrantedException(username, databaseName));
}
diff --git
a/proxy/frontend/type/postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/PostgreSQLAuthenticationEngine.java
b/proxy/frontend/type/postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/PostgreSQLAuthenticationEngine.java
index d09c731fa41..5b4d0601c51 100644
---
a/proxy/frontend/type/postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/PostgreSQLAuthenticationEngine.java
+++
b/proxy/frontend/type/postgresql/src/main/java/org/apache/shardingsphere/proxy/frontend/postgresql/authentication/PostgreSQLAuthenticationEngine.java
@@ -123,9 +123,8 @@ public final class PostgreSQLAuthenticationEngine
implements AuthenticationEngin
private void login(final String databaseName, final String username, final
byte[] md5Salt, final String digest, final AuthorityRule rule) {
ShardingSpherePreconditions.checkState(Strings.isNullOrEmpty(databaseName) ||
ProxyContext.getInstance().databaseExists(databaseName), () -> new
UnknownDatabaseException(databaseName));
Grantee grantee = new Grantee(username, "%");
- Optional<ShardingSphereUser> user = rule.findUser(grantee);
- ShardingSpherePreconditions.checkState(user.isPresent(), () -> new
UnknownUsernameException(username));
- ShardingSpherePreconditions.checkState(new
AuthenticatorFactory<>(PostgreSQLAuthenticatorType.class,
rule).newInstance(user.get()).authenticate(user.get(), new Object[]{digest,
md5Salt}),
+ ShardingSphereUser user = rule.findUser(grantee).orElseThrow(() -> new
UnknownUsernameException(username));
+ ShardingSpherePreconditions.checkState(new
AuthenticatorFactory<>(PostgreSQLAuthenticatorType.class,
rule).newInstance(user).authenticate(user, new Object[]{digest, md5Salt}),
() -> new InvalidPasswordException(username));
ShardingSpherePreconditions.checkState(null == databaseName || new
AuthorityChecker(rule, grantee).isAuthorized(databaseName), () -> new
PrivilegeNotGrantedException(username, databaseName));
}
