-
-
Notifications
You must be signed in to change notification settings - Fork 193
/
create_user_data.go
141 lines (122 loc) · 4.01 KB
/
create_user_data.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
// Copyright 2021 Dolthub, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package plan
import (
"crypto/sha1"
"encoding/hex"
"fmt"
"strings"
)
// UserName represents either a user or role name.
type UserName struct {
Name string
Host string
AnyHost bool
}
// String returns the UserName as a formatted string using the quotes given. Using the default root
// account with the backtick as the quote, root@localhost would become `root`@`localhost`. Different quotes are used
// in different places in MySQL. In addition, if the quote is used in a section as part of the name, it is escaped by
// doubling the quote (which also mimics MySQL behavior).
func (un *UserName) String(quote string) string {
host := un.Host
if un.AnyHost {
host = "%"
}
replacement := quote + quote
name := strings.ReplaceAll(un.Name, quote, replacement)
host = strings.ReplaceAll(host, quote, replacement)
return fmt.Sprintf("%s%s%s@%s%s%s", quote, name, quote, quote, host, quote)
}
// Authentication represents an authentication method for a user.
type Authentication interface {
// Plugin returns the name of the plugin that this authentication represents.
Plugin() string
// Password returns the value to insert into the database as the password.
Password() string
}
// AuthenticatedUser represents a user with the relevant methods of authentication.
type AuthenticatedUser struct {
UserName
Auth1 Authentication
Auth2 Authentication
Auth3 Authentication
AuthInitial Authentication
Identity string
}
// TLSOptions represents a user's TLS options.
type TLSOptions struct {
SSL bool
X509 bool
Cipher string
Issuer string
Subject string
}
// AccountLimits represents the limits imposed upon an account.
type AccountLimits struct {
MaxQueriesPerHour *int64
MaxUpdatesPerHour *int64
MaxConnectionsPerHour *int64
MaxUserConnections *int64
}
// PasswordOptions states how to handle a user's passwords.
type PasswordOptions struct {
RequireCurrentOptional bool
ExpirationTime *int64
History *int64
ReuseInterval *int64
FailedAttempts *int64
LockTime *int64
}
// AuthenticationMysqlNativePassword is an authentication type that represents "mysql_native_password".
type AuthenticationMysqlNativePassword string
var _ Authentication = AuthenticationMysqlNativePassword("")
// Plugin implements the interface Authentication.
func (a AuthenticationMysqlNativePassword) Plugin() string {
return "mysql_native_password"
}
// Password implements the interface Authentication.
func (a AuthenticationMysqlNativePassword) Password() string {
if len(a) == 0 {
return ""
}
// native = sha1(sha1(password))
hash := sha1.New()
hash.Write([]byte(a))
s1 := hash.Sum(nil)
hash.Reset()
hash.Write(s1)
s2 := hash.Sum(nil)
return "*" + strings.ToUpper(hex.EncodeToString(s2))
}
// NewDefaultAuthentication returns the given password with the default
// authentication method.
func NewDefaultAuthentication(password string) Authentication {
return AuthenticationMysqlNativePassword(password)
}
// AuthenticationOther is an authentication type that represents plugin types
// other than "mysql_native_password". There must be a mysqldb plugin provided
// to use this plugin.
type AuthenticationOther struct {
password string
plugin string
}
func NewOtherAuthentication(password, plugin string) Authentication {
return AuthenticationOther{password, plugin}
}
func (a AuthenticationOther) Plugin() string {
return a.plugin
}
func (a AuthenticationOther) Password() string {
return string(a.password)
}