From 3a834a822f220a93581789db93590b54ac50ecc2 Mon Sep 17 00:00:00 2001 From: zhouzb Date: Thu, 21 Oct 2021 17:07:24 +0800 Subject: [PATCH 1/3] fix(authn): fix sql parse for mysql --- apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl index 9df50cf8f..065e951c5 100644 --- a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl +++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl @@ -145,7 +145,7 @@ parse_query(Query) -> case re:run(Query, ?RE_PLACEHOLDER, [global, {capture, all, binary}]) of {match, Captured} -> PlaceHolders = [PlaceHolder || [PlaceHolder] <- Captured], - NQuery = re:replace(Query, "'\\$\\{[a-z0-9\\_]+\\}'", "?", [global, {return, binary}]), + NQuery = re:replace(Query, "'\\$\\{[a-z0-9\\-]+\\}'", "?", [global, {return, binary}]), {NQuery, PlaceHolders}; nomatch -> {Query, []} From e071a10fee5aa032f54986bbd4163d50b92cdd25 Mon Sep 17 00:00:00 2001 From: zhouzb Date: Thu, 21 Oct 2021 17:14:08 +0800 Subject: [PATCH 2/3] fix(authn): no longer use single quotes to wrap placeholders --- apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl | 2 +- apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl index 065e951c5..98d515310 100644 --- a/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl +++ b/apps/emqx_authn/src/simple_authn/emqx_authn_mysql.erl @@ -145,7 +145,7 @@ parse_query(Query) -> case re:run(Query, ?RE_PLACEHOLDER, [global, {capture, all, binary}]) of {match, Captured} -> PlaceHolders = [PlaceHolder || [PlaceHolder] <- Captured], - NQuery = re:replace(Query, "'\\$\\{[a-z0-9\\-]+\\}'", "?", [global, {return, binary}]), + NQuery = re:replace(Query, ?RE_PLACEHOLDER, "?", [global, {return, binary}]), {NQuery, PlaceHolders}; nomatch -> {Query, []} diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl index 4086f4b22..2b8c9b391 100644 --- a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl +++ b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl @@ -137,7 +137,7 @@ parse_query(Query) -> PlaceHolders = [PlaceHolder || [PlaceHolder] <- Captured], Replacements = ["$" ++ integer_to_list(I) || I <- lists:seq(1, length(Captured))], NQuery = lists:foldl(fun({PlaceHolder, Replacement}, Query0) -> - re:replace(Query0, <<"'\\", PlaceHolder/binary, "'">>, Replacement, [{return, binary}]) + re:replace(Query0, PlaceHolder, Replacement, [{return, binary}]) end, Query, lists:zip(PlaceHolders, Replacements)), {NQuery, PlaceHolders}; nomatch -> From 7fdcca587a83db4c6c5e9a9719ad4120bb9e43b0 Mon Sep 17 00:00:00 2001 From: zhouzb Date: Thu, 21 Oct 2021 17:41:16 +0800 Subject: [PATCH 3/3] fix(authn): fix handling of pgsql response --- apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl index 2b8c9b391..d1390697a 100644 --- a/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl +++ b/apps/emqx_authn/src/simple_authn/emqx_authn_pgsql.erl @@ -108,7 +108,8 @@ authenticate(#{password := Password} = Credential, {ok, _Columns, []} -> ignore; {ok, Columns, Rows} -> NColumns = [Name || #column{name = Name} <- Columns], - Selected = maps:from_list(lists:zip(NColumns, Rows)), + NRows = [erlang:element(1, Row) || Row <- Rows], + Selected = maps:from_list(lists:zip(NColumns, NRows)), case emqx_authn_utils:check_password(Password, Selected, State) of ok -> {ok, emqx_authn_utils:is_superuser(Selected)};