Description
Hi
I am currently using the go-sql-driver/mysql driver to connect to a MySQL database that requires OpenID Connect authentication. I am encountering an issue when attempting to use the authentication_openid_connect plugin with this driver.
The plugin is returning the following error during the client-server handshake (mysql Log) :
[ERROR] [MY-015153] [Server] Plugin authentication_openid_connect reported: 'An error occurred during the client server handshake.'
Additionally, the Go client (go-sql-driver/mysql) outputs:
[mysql] 2025/04/28 13:03:55 auth.go:341 unknown auth plugin:authentication_openid_connect_client
When I try to connect using the following DSN:
mysql_app@tcp(X.X.X.X:3306)/identity_demo?tls=custom&allowCleartextPasswords=1&auth_client_plugin=authentication_openid_connect&authentication_openid_connect_client_id_token_file=.%2Ftokens%2Ftoken_1745836161.txt
I have confirmed that the OIDC configuration and token generation are correct, as I am able to use the generated token successfully via curl. However, when attempting to use the token in my Go application with the go-sql-driver/mysql, the authentication fails with the error mentioned above.
Here is a summary of the steps I have taken:
1. The MySQL server has the authentication_openid_connect plugin properly configured.
2. I use the clientcredentials.Config structure from the oauth2 package to obtain an OIDC token.
3. I pass the token as the password in the MySQL connection string.
4. The error persists, even though the token works with curl and is valid.
Could you provide any guidance or recommendations for fixing this issue? Is there anything specific that might need to be done on the go-sql-driver/mysql side to properly handle the OIDC authentication handshake?
Driver version : v1.9.2
Go version: go1.23.6 darwin/arm64
Server version: MySQL Enterprise 9.2
Server OS: : container image on podman 5.2.3
Thank you in advance for your help!