afterEach(() => {
return mysqlx.getSession(config)
.then(session => {
return session.sql('SET GLOBAL mysqlx_wait_timeout=28800').execute()
.then(() => session.close());
});
});
it('should authenticate with a URL parameter', () => {
return expect(mysqlx.getSession(`mysqlx://${user}:${password}@${config.host}:${config.port}?ssl-mode=DISABLED`)).to.be.fulfilled
.then(session => {
expect(session.inspect().auth).to.equal('SHA256_MEMORY');
return session.close();
});
});
it('should not connect if the server does not support SSL/TLS', () => {
// Insecure server will be running on port 33061.
const secureConfig = Object.assign({}, config, baseConfig, { ssl: true });
const error = `The server's X plugin version does not support SSL. Please refer to https://dev.mysql.com/doc/refman/8.0/en/x-plugin-ssl-connections.html for more details on how to enable secure connections.`;
return expect(mysqlx.getSession(secureConfig)).to.eventually.be.rejectedWith(error);
});
it('should authenticate with a URL parameter', () => {
return expect(mysqlx.getSession(`mysqlx://${user}:${password}@${config.host}:${config.port}?auth=${auth}`)).to.be.fulfilled
.then(session => {
expect(session.inspect().auth).to.equal(auth);
return session.close();
});
});
it('should fail to authenticate with a URL parameter', () => {
return expect(mysqlx.getSession(`mysqlx://${user}:${password}@${config.host}:${config.port}?ssl-mode=DISABLED&auth=${auth}`)).to.be.rejected
.then(err => {
expect(err.info).to.include.keys('code');
expect(err.info.code).to.equal(1045);
});
});
it('should fail to authenticate with a URL parameter', () => {
return expect(mysqlx.getSession(`mysqlx://${user}:${password}@${config.host}:${config.port}?ssl-mode=DISABLED`)).to.be.rejected
.then(err => {
expect(err.info).to.include.keys('code');
expect(err.info.code).to.equal(1045);
expect(err.message).to.match(/Authentication failed using "MYSQL41" and "SHA256_MEMORY"/);
});
});
beforeEach('create session', () => {
const options = Object.assign({}, config, { schema: undefined });
return mysqlx.getSession(options)
.then(s => {
session = s;
});
});
it('should fail to authenticate with a session configuration object property', () => {
const authConfig = Object.assign({}, config, { auth, user, password, socket: undefined, ssl: false });
return expect(mysqlx.getSession(authConfig)).to.be.rejected
.then(err => {
expect(err.info).to.include.keys('code');
expect(err.info.code).to.equal(1045);
});
});
it('should authenticate with TLS', () => {
const authConfig = Object.assign({}, config, baseConfig, { auth, ssl: true });
return expect(mysqlx.getSession(authConfig)).to.be.fulfilled
.then(session => {
expect(session.inspect().auth).to.equal(auth);
return session.close();
});
});
it('should fail to authenticate without TLS', () => {
const authConfig = Object.assign({}, config, baseConfig, { auth, ssl: false });
return expect(mysqlx.getSession(authConfig)).to.be.rejected
.then(err => {
expect(err.info).to.include.keys('code');
expect(err.info.code).to.equal(1251);
});
});
it('should not connect if the server certificate is revoked', () => {
const ca = path.join(__dirname, '..', 'fixtures', 'ssl', 'client', 'ca.pem');
const crl = path.join(__dirname, '..', 'fixtures', 'ssl', 'client', 'crl.pem');
const secureConfig = Object.assign({}, config, baseConfig, { ssl: true, sslOptions: { ca, crl, servername } });
return expect(mysqlx.getSession(secureConfig)).to.eventually.be.rejected.then(err => {
expect(err.code).to.equal('CERT_REVOKED');
});
});
it('should not connect if the server certificate was not issued by the authority', () => {
const ca = path.join(__dirname, '..', 'fixtures', 'ssl', 'client', 'non-authoritative-ca.pem');
const secureConfig = Object.assign({}, config, baseConfig, { ssl: true, sslOptions: { ca, servername } });
return expect(mysqlx.getSession(secureConfig)).to.eventually.be.rejected.then(err => {
// FIXME(Rui): with an intermediate CA, the error code should be 'UNABLE_TO_GET_ISSUER_CERT'.
expect(err.code).to.equal('UNABLE_TO_VERIFY_LEAF_SIGNATURE');
});
});
it('should authenticate with a session configuration object property', () => {
const authConfig = Object.assign({}, config, { user, password, socket: undefined, ssl: false });
return expect(mysqlx.getSession(authConfig)).to.be.fulfilled
.then(session => {
expect(session.inspect().auth).to.equal('SHA256_MEMORY');
return session.close();
});
});
it('should make a session unusable for subsequent operations', () => {
const error = 'This session was closed. Use "mysqlx.getSession()" or "mysqlx.getClient()" to create a new one.';
return mysqlx.getSession(Object.assign({}, config, { socket: undefined, ssl: false }))
.then(session => {
return new Promise(resolve => setTimeout(resolve, 3000))
.then(() => expect(session.sql('SELECT 1').execute()).to.be.rejectedWith(error));
});
});
it('should fail to authenticate with a session configuration object property', () => {
const authConfig = Object.assign({}, config, { user, password, socket: undefined, ssl: false });
return expect(mysqlx.getSession(authConfig)).to.be.rejected
.then(err => {
expect(err.info).to.include.keys('code');
expect(err.info.code).to.equal(1045);
expect(err.message).to.match(/Authentication failed using "MYSQL41" and "SHA256_MEMORY"/);
});
});
it('should connect to the server if the server certificate was issued by the authority', () => {
const ca = path.join(__dirname, '..', 'fixtures', 'ssl', 'client', 'ca.pem');
const secureConfig = Object.assign({}, config, baseConfig, { ssl: true, sslOptions: { ca, servername } });
return mysqlx
.getSession(secureConfig)
.then(session => {
expect(session.inspect()).to.have.property('ssl', true);
return session.close();
});
});
it('should authenticate with a URL parameter', function () {
if (!config.socket || os.platform() === 'win32') {
return this.skip();
}
return expect(mysqlx.getSession(`mysqlx://${user}:${password}@(${config.socket})?ssl-mode=DISABLED&auth=${auth}`)).to.be.fulfilled
.then(session => {
expect(session.inspect().auth).to.equal(auth);
return session.close();
});
});
it('should fail to authenticate with a URL parameter', function () {
if (!config.socket || os.platform() === 'win32') {
return this.skip();
}
return expect(mysqlx.getSession(`mysqlx://${user}:${password}@(${config.socket})?ssl-mode=DISABLED&auth=${auth}`)).to.be.rejected
.then(err => {
expect(err.info).to.include.keys('code');
expect(err.info.code).to.equal(1045);
});
});
it('should fail to authenticate with a session configuration object property', function () {
if (!config.socket || os.platform() === 'win32') {
return this.skip();
}
const authConfig = Object.assign({}, config, { auth, user, password, ssl: false });
return expect(mysqlx.getSession(authConfig)).to.be.rejected
.then(err => {
expect(err.info).to.include.keys('code');
expect(err.info.code).to.equal(1045);
});
});
it('should authenticate with a session configuration object property', function () {
if (!config.socket || os.platform() === 'win32') {
return this.skip();
}
const authConfig = Object.assign({}, config, { auth, user, password, ssl: false });
return expect(mysqlx.getSession(authConfig)).to.be.fulfilled
.then(session => {
expect(session.inspect().auth).to.equal(auth);
return session.close();
});
});
it('should set the given default schema', () => {
const options = Object.assign({}, config, { auth: 'SHA256_MEMORY' });
const expected = options.schema;
let actual;
return mysqlx.getSession(options)
.then(session => {
return session.sql('SELECT DATABASE()')
.execute(schemas => {
actual = schemas[0];
})
.then(() => {
return expect(actual).to.equal(expected);
})
.then(() => {
return session.close();
});
});
});
beforeEach('create session using default schema', () => {
return mysqlx.getSession(config)
.then(s => {
session = s;
});
});
beforeEach('create legacy session', () => {
return mysqlx.getSession(config)
.then(s => { session = s; });
});
beforeEach('make sure the password is already cached', () => {
return mysqlx.getSession(config);
});
it('should fail to authenticate without TLS', () => {
const authConfig = Object.assign({}, config, baseConfig, { auth, ssl: false });
return expect(mysqlx.getSession(authConfig))
.to.be.rejectedWith('SHA256_MEMORY authentication is not supported by the server.');
});
beforeEach('setup connection to save the password in the server cache', () => {
return mysqlx
.getSession(Object.assign({}, config, baseConfig, { auth: 'PLAIN', ssl: true }))
.then(session => session.close());
});
.then(() => mysqlx.getSession(config))
.then(() => {
return mysqlx.getSession(config);
})