| 1 | #pragma once |
|---|---|
| 2 | |
| 3 | #include <Core/Types.h> |
| 4 | |
| 5 | |
| 6 | namespace DB |
| 7 | { |
| 8 | /// Authentication type and encrypted password for checking when an user logins. |
| 9 | class Authentication |
| 10 | { |
| 11 | public: |
| 12 | enum Type |
| 13 | { |
| 14 | /// User doesn't have to enter password. |
| 15 | NO_PASSWORD, |
| 16 | |
| 17 | /// Password is stored as is. |
| 18 | PLAINTEXT_PASSWORD, |
| 19 | |
| 20 | /// Password is encrypted in SHA256 hash. |
| 21 | SHA256_PASSWORD, |
| 22 | |
| 23 | /// SHA1(SHA1(password)). |
| 24 | /// This kind of hash is used by the `mysql_native_password` authentication plugin. |
| 25 | DOUBLE_SHA1_PASSWORD, |
| 26 | }; |
| 27 | |
| 28 | using Digest = std::vector<UInt8>; |
| 29 | |
| 30 | Authentication(Authentication::Type type = NO_PASSWORD); |
| 31 | Authentication(const Authentication & src) = default; |
| 32 | Authentication & operator =(const Authentication & src) = default; |
| 33 | Authentication(Authentication && src) = default; |
| 34 | Authentication & operator =(Authentication && src) = default; |
| 35 | |
| 36 | Type getType() const { return type; } |
| 37 | |
| 38 | /// Sets the password and encrypt it using the authentication type set in the constructor. |
| 39 | void setPassword(const String & password); |
| 40 | |
| 41 | /// Returns the password. Allowed to use only for Type::PLAINTEXT_PASSWORD. |
| 42 | String getPassword() const; |
| 43 | |
| 44 | /// Sets the password as a string of hexadecimal digits. |
| 45 | void setPasswordHashHex(const String & hash); |
| 46 | String getPasswordHashHex() const; |
| 47 | |
| 48 | /// Sets the password in binary form. |
| 49 | void setPasswordHashBinary(const Digest & hash); |
| 50 | const Digest & getPasswordHashBinary() const { return password_hash; } |
| 51 | |
| 52 | /// Returns SHA1(SHA1(password)) used by MySQL compatibility server for authentication. |
| 53 | /// Allowed to use for Type::NO_PASSWORD, Type::PLAINTEXT_PASSWORD, Type::DOUBLE_SHA1_PASSWORD. |
| 54 | Digest getPasswordDoubleSHA1() const; |
| 55 | |
| 56 | /// Checks if the provided password is correct. Returns false if not. |
| 57 | bool isCorrectPassword(const String & password) const; |
| 58 | |
| 59 | /// Checks if the provided password is correct. Throws an exception if not. |
| 60 | /// `user_name` is only used for generating an error message if the password is incorrect. |
| 61 | void checkPassword(const String & password, const String & user_name = String()) const; |
| 62 | |
| 63 | friend bool operator ==(const Authentication & lhs, const Authentication & rhs); |
| 64 | friend bool operator !=(const Authentication & lhs, const Authentication & rhs) { return !(lhs == rhs); } |
| 65 | |
| 66 | private: |
| 67 | Type type = Type::NO_PASSWORD; |
| 68 | Digest password_hash; |
| 69 | }; |
| 70 | } |
| 71 |
Generated while processing ClickHouse/dbms/programs/local/LocalServer.cpp
Generated on 2020-Jan-04 from project ClickHouse revision 19.17.6
Powered by 
Code Browser 2.1
Generator usage only permitted with license.