Merge pull request #5974 from tigercl/fix/mysql-query

fix(authn): fix sql parse for mysql

apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl

@@ -145,7 +145,7 @@ parse_query(Query) ->
     case re:run(Query, ?RE_PLACEHOLDER, [global, {capture, all, binary}]) of
         {match, Captured} ->
             PlaceHolders = [PlaceHolder || [PlaceHolder] <- Captured],
-            NQuery = re:replace(Query, "'\\$\\{[a-z0-9\\_]+\\}'", "?", [global, {return, binary}]),
+            NQuery = re:replace(Query, ?RE_PLACEHOLDER, "?", [global, {return, binary}]),
             {NQuery, PlaceHolders};
         nomatch ->
             {Query, []}

apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl

@@ -108,7 +108,8 @@ authenticate(#{password := Password} = Credential,
         {ok, _Columns, []} -> ignore;
         {ok, Columns, Rows} ->
             NColumns = [Name || #column{name = Name} <- Columns],
-            Selected = maps:from_list(lists:zip(NColumns, Rows)),
+            NRows = [erlang:element(1, Row) || Row <- Rows],
+            Selected = maps:from_list(lists:zip(NColumns, NRows)),
             case emqx_authn_utils:check_password(Password, Selected, State) of
                 ok ->
                     {ok, emqx_authn_utils:is_superuser(Selected)};
@@ -137,7 +138,7 @@ parse_query(Query) ->
             PlaceHolders = [PlaceHolder || [PlaceHolder] <- Captured],
             Replacements = ["$" ++ integer_to_list(I) || I <- lists:seq(1, length(Captured))],
             NQuery = lists:foldl(fun({PlaceHolder, Replacement}, Query0) ->
-                                     re:replace(Query0, <<"'\\", PlaceHolder/binary, "'">>, Replacement, [{return, binary}])
+                                     re:replace(Query0, PlaceHolder, Replacement, [{return, binary}])
                                  end, Query, lists:zip(PlaceHolders, Replacements)),
             {NQuery, PlaceHolders};
         nomatch ->