From 8e3f6e98dcdc15b01ace959d47b8db161ebf105d Mon Sep 17 00:00:00 2001 From: Miccah Date: Mon, 6 Nov 2023 17:17:37 -0800 Subject: [PATCH] Add support for user:pass@host to postgres JDBC detector (#2089) * Add support for user:pass@host to postgres JDBC detector * Remove ineffectual assignment --- pkg/detectors/jdbc/postgres.go | 25 ++++++++++++++++--- .../jdbc/postgres_integration_test.go | 9 +++++++ 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/pkg/detectors/jdbc/postgres.go b/pkg/detectors/jdbc/postgres.go index a79efb081cb5..66e86b60d12b 100644 --- a/pkg/detectors/jdbc/postgres.go +++ b/pkg/detectors/jdbc/postgres.go @@ -4,8 +4,9 @@ import ( "context" "errors" "fmt" - "github.com/lib/pq" "strings" + + "github.com/lib/pq" ) type postgresJDBC struct { @@ -57,18 +58,34 @@ func joinKeyValues(m map[string]string, sep string) string { } func parsePostgres(subname string) (jdbc, error) { - // expected form: //HOST/DB?key=value&key=value + // expected form: [subprotocol:]//[user:password@]HOST[/DB][?key=val[&key=val]] hostAndDB, paramString, _ := strings.Cut(subname, "?") if !strings.HasPrefix(hostAndDB, "//") { return nil, errors.New("expected host to start with //") } - hostAndDB = strings.TrimPrefix(hostAndDB, "//") - host, database, _ := strings.Cut(hostAndDB, "/") + userPassAndHostAndDB := strings.TrimPrefix(hostAndDB, "//") + userPass, hostAndDB, found := strings.Cut(userPassAndHostAndDB, "@") + var user, pass string + if found { + user, pass, _ = strings.Cut(userPass, ":") + } else { + hostAndDB = userPass + } + host, database, found := strings.Cut(hostAndDB, "/") + if !found { + return nil, errors.New("expected host and database to be separated by /") + } params := map[string]string{ "host": host, "dbname": database, } + if len(user) > 0 { + params["user"] = user + } + if len(pass) > 0 { + params["password"] = pass + } for _, param := range strings.Split(paramString, "&") { key, val, _ := strings.Cut(param, "=") params[key] = val diff --git a/pkg/detectors/jdbc/postgres_integration_test.go b/pkg/detectors/jdbc/postgres_integration_test.go index e667a0aa8a96..4c80ff88cdc3 100644 --- a/pkg/detectors/jdbc/postgres_integration_test.go +++ b/pkg/detectors/jdbc/postgres_integration_test.go @@ -7,6 +7,7 @@ import ( "bytes" "context" "errors" + "fmt" "os/exec" "testing" "time" @@ -33,10 +34,18 @@ func TestPostgres(t *testing.T) { input: "//localhost:5432/foo?sslmode=disable&password=" + postgresPass, want: result{pingOk: true, pingDeterminate: true}, }, + { + input: fmt.Sprintf("//postgres:%s@localhost:5432/foo?sslmode=disable", postgresPass), + want: result{pingOk: true, pingDeterminate: true}, + }, { input: "//localhost:5432/foo?sslmode=disable&user=" + postgresUser + "&password=" + postgresPass, want: result{pingOk: true, pingDeterminate: true}, }, + { + input: fmt.Sprintf("//%s:%s@localhost:5432/foo?sslmode=disable", postgresUser, postgresPass), + want: result{pingOk: true, pingDeterminate: true}, + }, { input: "//localhost/foo?sslmode=disable&port=5432&password=" + postgresPass, want: result{pingOk: true, pingDeterminate: true},