Support AuthenticationCleartextPassword in the Proxy

This authentication method is used by Neon. And it's related to the SSL implementation here because there's no way Postgres would be requesting a cleartext password over an unencrypted connection.
electric-sql · Dec 22, 2023 · 21f903a · 21f903a
1 parent 2cea436
commit 21f903a
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/components/electric/lib/electric/postgres/proxy/upstream_connection.ex b/components/electric/lib/electric/postgres/proxy/upstream_connection.ex
@@ -148,6 +148,15 @@ defmodule Electric.Postgres.Proxy.UpstreamConnection do
     notify_parent(%{state | authenticated: true}, :authenticated)
   end
 
+  defp handle_backend_msg(
+         %M.AuthenticationCleartextPassword{},
+         %{authenticated: false, transport_module: :ssl} = state
+       ) do
+    response = %M.PasswordMessage{password: state.conn_opts[:password]}
+
+    upstream(response, state)
+  end
+
   defp handle_backend_msg(%M.AuthenticationSASL{} = msg, %{authenticated: false} = state) do
     {sasl_mechanism, response} = SASL.initial_response(msg)