Skip to content

Commit edaca40

Browse files
kangmingtaykangmingtay
committed
chore: add test for pgbouncer.get_auth
1 parent 70b1181 commit edaca40

File tree

2 files changed

+34
-2
lines changed

2 files changed

+34
-2
lines changed

nix/tests/expected/pgbouncer.out

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,11 +58,30 @@ SELECT
5858
FROM pg_proc p
5959
JOIN schema_obj s ON s.oid = p.pronamespace
6060
CROSS JOIN LATERAL aclexplode(p.proacl) AS acl
61-
ORDER BY object_name, grantee, privilege_type;
61+
ORDER BY object_name, grantee, privilege_type;
6262
schema | object_name | grantee | privilege_type
6363
-----------+-------------+----------------+----------------
6464
pgbouncer | get_auth | pgbouncer | EXECUTE
6565
pgbouncer | get_auth | postgres | EXECUTE
6666
pgbouncer | get_auth | supabase_admin | EXECUTE
6767
(3 rows)
6868

69+
-- Ensure that pgbouncer.get_auth() function does not return an expired password
70+
create role test_expired_user_password with login password 'expired_password' valid until '2000-01-01 00:00:00+00';
71+
create role test_valid_user_password with login password 'valid_password' valid until '2100-01-01 00:00:00+00';
72+
-- Update the pg_authid catalog directly to replace with a known SCRAM hash
73+
update pg_authid set rolpassword = 'SCRAM-SHA-256$4096:testsaltbase64$storedkeybase64$serverkeybase64' where rolname = 'test_valid_user_password';
74+
select pgbouncer.get_auth('test_expired_user_password');
75+
get_auth
76+
-------------------------------
77+
(test_expired_user_password,)
78+
(1 row)
79+
80+
select pgbouncer.get_auth('test_valid_user_password');
81+
get_auth
82+
----------------------------------------------------------------------------------------------
83+
(test_valid_user_password,SCRAM-SHA-256$4096:testsaltbase64$storedkeybase64$serverkeybase64)
84+
(1 row)
85+
86+
drop role test_expired_user_password;
87+
drop role test_valid_user_password;

nix/tests/sql/pgbouncer.sql

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -50,4 +50,17 @@ SELECT
5050
FROM pg_proc p
5151
JOIN schema_obj s ON s.oid = p.pronamespace
5252
CROSS JOIN LATERAL aclexplode(p.proacl) AS acl
53-
ORDER BY object_name, grantee, privilege_type;
53+
ORDER BY object_name, grantee, privilege_type;
54+
55+
-- Ensure that pgbouncer.get_auth() function does not return an expired password
56+
create role test_expired_user_password with login password 'expired_password' valid until '2000-01-01 00:00:00+00';
57+
create role test_valid_user_password with login password 'valid_password' valid until '2100-01-01 00:00:00+00';
58+
-- Update the pg_authid catalog directly to replace with a known SCRAM hash
59+
update pg_authid set rolpassword = 'SCRAM-SHA-256$4096:testsaltbase64$storedkeybase64$serverkeybase64' where rolname = 'test_valid_user_password';
60+
61+
select pgbouncer.get_auth('test_expired_user_password');
62+
63+
select pgbouncer.get_auth('test_valid_user_password');
64+
65+
drop role test_expired_user_password;
66+
drop role test_valid_user_password;

0 commit comments

Comments
 (0)