SASL/SCRAM authentication #1835
Conversation
| @@ -0,0 +1,40 @@ | |||
| 'use strict' | |||
There was a problem hiding this comment.
I'm not sure how this can be integrated into the test run? The role needs to be created with a scram-sha-256 password
andreme
force-pushed
the
scramv1
branch
2 times, most recently
from
0c8a03e
to
5f51f7f
Compare
|
The failing test for node 11 fails in other pr's too, so I assume it's not something I did |
|
ohh very very nice. |
|
Hey if you rebase on master now the test should pass! |
|
@brianc thanks, rebased |
|
Can this please be merged? We are stuck because of #1508 right now. Thank you! |
|
yup! Will look @ this today. Apologies for the delay! |
|
@andreme this is really awesome! Thanks a lot for taking the time on this. Do you have any documentation on how to get the integration test to pass? I'd like to at least be able to run the integration test locally & once I figure that out I'll work out how to add a hook to run it in CI (if possible). Since it's auth related I'd really like to get this running "end-to-end" in tests so we can be sure we don't regress on this at any point. I think I need postgres@11.x at least...anything else I need to do? I'll see how much I can modify the postgres hba edit: it looks like I basically have full access to the |
|
@brianc pg10 is the first version that has scram auth. Make sure the user entries come before any trust entries in the pg_hba. |
|
gotcha!
good point. will do. I'll start trying to get the CI stuff working today so we can merge this thing! |
|
I'm going to merge this but hold off on releasing semver minor w/ this feature until I can get some tests running in CI. Reading about setting up postgres-10 in travis & configuring pg_hba.conf and stuff now...will hopefully have it set up today. |
Fixes #1508
Adapted from:
https://github.com/npgsql/npgsql/blob/8bf421979b4b19cd63e25ecec3f0e1804871700a/src/Npgsql/NpgsqlConnector.Auth.cs
https://github.com/legastero/js-sasl-scram-sha-1
https://github.com/czzarr/node-bitwise-xor