stablekernel / postgresql-dart

Dart PostgreSQL driver: supports extended query format, binary protocol and statement reuse.
https://www.dartdocs.org/documentation/postgres/latest
BSD 3-Clause "New" or "Revised" License
128 stars 32 forks source link

Unauthorized type 3 #114

Open pmagnuson opened 4 years ago

pmagnuson commented 4 years ago

Following the example code of

import 'package:postgres/postgres.dart';

void main() async {
  print('Hello World!');

  var connection = new PostgreSQLConnection("127.0.0.1", 5432, "xxx",
      username: "xx", password: "xxx");
  await connection.open();
}

produces the error PostgreSQLSeverity.error : Unsupported authentication type 3, closing connection.

I verified that the connection parameters work by using the same with psql on this database.
The full stack trace is

Unhandled exception:
PostgreSQLSeverity.error : Unsupported authentication type 3, closing connection. 
#0      PostgreSQLConnection.open (package:postgres/src/connection.dart:154:7)
<asynchronous suspension>
#1      main (file:///Users/philm/Documents/projects/dart_sql/main.dart:25:20)
#2      _startIsolate.<anonymous closure> (dart:isolate-patch/isolate_patch.dart:307:19)
#3      _RawReceivePortImpl._handleMessage (dart:isolate-patch/isolate_patch.dart:174:12)
isoos commented 4 years ago

@pmagnuson: psql may connect through Unix socket too, please double check with another tool. It is likely that either the password auth is disabled, or the source IP is not enabled (is there any networking involved?)...

pmagnuson commented 4 years ago

@isoos: I appreciate you looking into this issue.

I have double checked the connectivity using a python program and psycopg2. It works correctly and returns results.

From this I believe I have the correct connection information and user/password.

Not sure where to go from here.

itsjoeconway commented 4 years ago

This library does not implement the cleartext password authentication method in the frontend/backend protocol; it only implements the md5 password method. If you wanted to implement this method, check out the docs for the authentication messages the client/server send here.

  1. You'll need to create a new message type for any new client or server messages, like this one: https://github.com/stablekernel/postgresql-dart/blob/35c6b85368be87061e167143838d1b7f6c6db798/lib/src/server_messages.dart#L39
  2. You'll react to this new message in this method: https://github.com/stablekernel/postgresql-dart/blob/35c6b85368be87061e167143838d1b7f6c6db798/lib/src/connection_fsm.dart#L69

You might need new state types (like the class that method belongs to) to handle the different states the connection will be in for the differing authentication methods. I believe the clear text method you want to use requires an authentication challenge and would require a state to respond to this challenge. You'll also note the error message you are seeing in your issue is located in this method.

  1. There might be API changes in the library if there is some user choice around what authentication method.

edit: Or optionally allow md5 authentication type in your postgres config, if possible.

oysterpack commented 4 years ago

I am running into the same exact issue with cockroachdb - which is a blocker.

being able to connect via a secure connection is a must have ... are there any plans to address this?

isoos commented 4 years ago

fwiw, I'm using cockroachdb with insecure setup + wireguard to connect the nodes and the clients.