diff --git a/pom.xml b/pom.xml
index 97d26000a..a92a06416 100644
--- a/pom.xml
+++ b/pom.xml
@@ -48,6 +48,7 @@
UTF-8
1.0.0.RELEASE
2023.0.6
+ 3.0
2.0.13
6.1.8
1.19.8
@@ -147,7 +148,7 @@
com.ongres.scram
- client
+ scram-client
${scram-client.version}
diff --git a/src/main/java/io/r2dbc/postgresql/authentication/SASLAuthenticationHandler.java b/src/main/java/io/r2dbc/postgresql/authentication/SASLAuthenticationHandler.java
index dcfe2ed29..95c665378 100644
--- a/src/main/java/io/r2dbc/postgresql/authentication/SASLAuthenticationHandler.java
+++ b/src/main/java/io/r2dbc/postgresql/authentication/SASLAuthenticationHandler.java
@@ -1,7 +1,6 @@
package io.r2dbc.postgresql.authentication;
import com.ongres.scram.client.ScramClient;
-import com.ongres.scram.client.ScramSession;
import com.ongres.scram.common.exception.ScramInvalidServerSignatureException;
import com.ongres.scram.common.exception.ScramParseException;
import com.ongres.scram.common.exception.ScramServerErrorException;
@@ -17,8 +16,7 @@
import reactor.core.Exceptions;
import reactor.util.annotation.Nullable;
-import static com.ongres.scram.client.ScramClient.ChannelBinding.NO;
-import static com.ongres.scram.common.stringprep.StringPreparations.NO_PREPARATION;
+import static com.ongres.scram.common.StringPreparation.NO_PREPARATION;
public class SASLAuthenticationHandler implements AuthenticationHandler {
@@ -26,9 +24,7 @@ public class SASLAuthenticationHandler implements AuthenticationHandler {
private final String username;
- private ScramSession.ClientFinalProcessor clientFinalProcessor;
-
- private ScramSession scramSession;
+ private ScramClient scramClient;
/**
* Create a new handler.
@@ -73,24 +69,20 @@ public FrontendMessage handle(AuthenticationMessage message) {
}
private FrontendMessage handleAuthenticationSASL(AuthenticationSASL message) {
- ScramClient scramClient = ScramClient
- .channelBinding(NO)
+ scramClient = ScramClient.builder()
+ .advertisedMechanisms(message.getAuthenticationMechanisms())
+ .username(this.username)
+ .password(this.password.toString().toCharArray())
.stringPreparation(NO_PREPARATION)
- .selectMechanismBasedOnServerAdvertised(message.getAuthenticationMechanisms().toArray(new String[0]))
- .setup();
-
- this.scramSession = scramClient.scramSession(this.username);
+ .build();
- return new SASLInitialResponse(ByteBufferUtils.encode(this.scramSession.clientFirstMessage()), scramClient.getScramMechanism().getName());
+ return new SASLInitialResponse(ByteBufferUtils.encode(scramClient.clientFirstMessage().toString()), scramClient.getScramMechanism().getName());
}
private FrontendMessage handleAuthenticationSASLContinue(AuthenticationSASLContinue message) {
try {
- this.clientFinalProcessor = this.scramSession
- .receiveServerFirstMessage(ByteBufferUtils.decode(message.getData()))
- .clientFinalProcessor(this.password.toString());
-
- return new SASLResponse(ByteBufferUtils.encode(clientFinalProcessor.clientFinalMessage()));
+ scramClient.serverFirstMessage(ByteBufferUtils.decode(message.getData()));
+ return new SASLResponse(ByteBufferUtils.encode(scramClient.clientFinalMessage().toString()));
} catch (ScramParseException e) {
throw Exceptions.propagate(e);
}
@@ -99,7 +91,7 @@ private FrontendMessage handleAuthenticationSASLContinue(AuthenticationSASLConti
@Nullable
private FrontendMessage handleAuthenticationSASLFinal(AuthenticationSASLFinal message) {
try {
- this.clientFinalProcessor.receiveServerFinalMessage(ByteBufferUtils.decode(message.getAdditionalData()));
+ scramClient.serverFinalMessage(ByteBufferUtils.decode(message.getAdditionalData()));
return null;
} catch (ScramParseException | ScramInvalidServerSignatureException | ScramServerErrorException e) {
throw Exceptions.propagate(e);
diff --git a/src/test/java/io/r2dbc/postgresql/PostgresqlConnectionFactoryUnitTests.java b/src/test/java/io/r2dbc/postgresql/PostgresqlConnectionFactoryUnitTests.java
index 7fdd5c22c..b06c0d791 100644
--- a/src/test/java/io/r2dbc/postgresql/PostgresqlConnectionFactoryUnitTests.java
+++ b/src/test/java/io/r2dbc/postgresql/PostgresqlConnectionFactoryUnitTests.java
@@ -35,8 +35,7 @@
import java.util.Collections;
-import static com.ongres.scram.client.ScramClient.ChannelBinding.NO;
-import static com.ongres.scram.common.stringprep.StringPreparations.NO_PREPARATION;
+import static com.ongres.scram.common.StringPreparation.NO_PREPARATION;
import static io.r2dbc.postgresql.util.TestByteBufAllocator.TEST;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
@@ -82,17 +81,18 @@ void createAuthenticationMD5Password() {
@Test
void createAuthenticationSASL() {
- ScramClient scramClient = ScramClient
- .channelBinding(NO)
+ ScramClient scramClient = ScramClient.builder()
+ .advertisedMechanisms(Collections.singletonList("SCRAM-SHA-256"))
+ .username("test-username")
+ .password("test-password".toCharArray())
.stringPreparation(NO_PREPARATION)
- .selectMechanismBasedOnServerAdvertised("SCRAM-SHA-256")
- .setup();
+ .build();
// @formatter:off
Client client = TestClient.builder()
.window()
.expectRequest(new StartupMessage( "test-database", "test-username", new TestStartupParameterProvider())).thenRespond(new AuthenticationSASL(Collections.singletonList("SCRAM-SHA-256")))
- .expectRequest(new SASLInitialResponse(ByteBufferUtils.encode(scramClient.scramSession("test-username").clientFirstMessage()), "SCRAM-SHA-256")).thenRespond(AuthenticationOk.INSTANCE)
+ .expectRequest(new SASLInitialResponse(ByteBufferUtils.encode(scramClient.clientFirstMessage().toString()), "SCRAM-SHA-256")).thenRespond(AuthenticationOk.INSTANCE)
.done()
.build();
// @formatter:on
@@ -104,6 +104,12 @@ void createAuthenticationSASL() {
.username("test-username")
.password("test-password")
.build();
+
+ new PostgresqlConnectionFactory(testClientFactory(client, configuration), configuration)
+ .create()
+ .as(StepVerifier::create)
+ .expectNextCount(1)
+ .verifyComplete();
}
@Test