forked from vapor/postgres-nio
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathPostgresConnection+Authenticate.swift
109 lines (95 loc) · 3.32 KB
/
PostgresConnection+Authenticate.swift
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import Crypto
import NIO
import Logging
extension PostgresConnection {
public func authenticate(
username: String,
database: String? = nil,
password: String? = nil,
logger: Logger = .init(label: "codes.vapor.postgres")
) -> EventLoopFuture<Void> {
let auth = PostgresAuthenticationRequest(
username: username,
database: database,
password: password
)
return self.send(auth, logger: self.logger)
}
}
// MARK: Private
private final class PostgresAuthenticationRequest: PostgresRequest {
enum State {
case ready
case done
}
let username: String
let database: String?
let password: String?
var state: State
init(username: String, database: String?, password: String?) {
self.state = .ready
self.username = username
self.database = database
self.password = password
}
func log(to logger: Logger) {
logger.debug("Logging into Postgres db \(self.database ?? "nil") as \(self.username)")
}
func respond(to message: PostgresMessage) throws -> [PostgresMessage]? {
if case .error = message.identifier {
// terminate immediately on error
return nil
}
switch self.state {
case .ready:
switch message.identifier {
case .authentication:
let auth = try PostgresMessage.Authentication(message: message)
switch auth {
case .md5(let salt):
let pwdhash = self.md5((self.password ?? "") + self.username).hexdigest()
let hash = "md5" + self.md5(self.bytes(pwdhash) + salt).hexdigest()
return try [PostgresMessage.Password(string: hash).message()]
case .plaintext:
return try [PostgresMessage.Password(string: self.password ?? "").message()]
case .ok:
self.state = .done
return []
}
default: throw PostgresError.protocol("Unexpected response to start message: \(message)")
}
case .done:
switch message.identifier {
case .parameterStatus:
// self.status[status.parameter] = status.value
return []
case .backendKeyData:
// self.processID = data.processID
// self.secretKey = data.secretKey
return []
case .readyForQuery:
return nil
default: throw PostgresError.protocol("Unexpected response to password authentication: \(message)")
}
}
}
func start() throws -> [PostgresMessage] {
return try [
PostgresMessage.Startup.versionThree(parameters: [
"user": self.username,
"database": self.database ?? username
]).message()
]
}
// MARK: Private
private func md5(_ string: String) -> [UInt8] {
return md5(self.bytes(string))
}
private func md5(_ message: [UInt8]) -> [UInt8] {
let digest = Insecure.MD5.hash(data: message)
return .init(digest)
}
func bytes(_ string: String) -> [UInt8] {
return Array(string.utf8)
}
}