Adding ssl config params to Postgres URI (#6580)

* use pg-promise native pg-connection-string to parse uri instead of ParseConfigParser.js. The allows for a more felxible uri for ssl and other params * added ssl config params and others to PostgresConfigParser * forgot to add back the original client file * need to read in file at path for pfx, ca, key, and key * convert file buffer to string to be consistant with node-postgres examples
2020-04-23 12:25:16 -04:00
parent e6e5a8c578
commit f43afc5d40
2 changed files with 84 additions and 5 deletions
--- a/spec/PostgresConfigParser.spec.js
+++ b/spec/PostgresConfigParser.spec.js
@@ -1,4 +1,5 @@
 const parser = require('../lib/Adapters/Storage/Postgres/PostgresConfigParser');
+const fs = require('fs');

 const queryParamTests = {
  'a=1&b=2': { a: '1', b: '2' },
@@ -23,7 +24,7 @@ describe('PostgresConfigParser.parseQueryParams', () => {
 });

 const baseURI = 'postgres://username:password@localhost:5432/db-name';
-
+const testfile = fs.readFileSync('./Dockerfile').toString();
 const dbOptionsTest = {};
 dbOptionsTest[
  `${baseURI}?ssl=true&binary=true&application_name=app_name&fallback_application_name=f_app_name&poolSize=10`
@@ -35,9 +36,38 @@ dbOptionsTest[
  poolSize: 10,
 };
 dbOptionsTest[`${baseURI}?ssl=&binary=aa`] = {
-  ssl: false,
  binary: false,
 };
+dbOptionsTest[
+  `${baseURI}?ssl=true&ca=./Dockerfile&pfx=./Dockerfile&cert=./Dockerfile&key=./Dockerfile&binary=aa&passphrase=word&secureOptions=20`
+] = {
+  ssl: {
+    ca: testfile,
+    pfx: testfile,
+    cert: testfile,
+    key: testfile,
+    passphrase: 'word',
+    secureOptions: 20,
+  },
+  binary: false,
+};
+dbOptionsTest[
+  `${baseURI}?ssl=false&ca=./Dockerfile&pfx=./Dockerfile&cert=./Dockerfile&key=./Dockerfile&binary=aa`
+] = {
+  ssl: { ca: testfile, pfx: testfile, cert: testfile, key: testfile },
+  binary: false,
+};
+dbOptionsTest[`${baseURI}?rejectUnauthorized=true`] = {
+  ssl: { rejectUnauthorized: true },
+};
+dbOptionsTest[
+  `${baseURI}?max=5&query_timeout=100&idleTimeoutMillis=1000&keepAlive=true`
+] = {
+  max: 5,
+  query_timeout: 100,
+  idleTimeoutMillis: 1000,
+  keepAlive: true,
+};

 describe('PostgresConfigParser.getDatabaseOptionsFromURI', () => {
  it('creates a db options map from a query string', () => {
--- a/src/Adapters/Storage/Postgres/PostgresConfigParser.js
+++ b/src/Adapters/Storage/Postgres/PostgresConfigParser.js
@@ -1,5 +1,5 @@
 const url = require('url');
-
+const fs = require('fs');
 function getDatabaseOptionsFromURI(uri) {
  const databaseOptions = {};

@@ -16,8 +16,44 @@ function getDatabaseOptionsFromURI(uri) {
  databaseOptions.user = authParts.length > 0 ? authParts[0] : '';
  databaseOptions.password = authParts.length > 1 ? authParts[1] : '';

-  databaseOptions.ssl =
-    queryParams.ssl && queryParams.ssl.toLowerCase() === 'true' ? true : false;
+  if (queryParams.ssl && queryParams.ssl.toLowerCase() === 'true') {
+    databaseOptions.ssl = true;
+  }
+
+  if (
+    queryParams.ca ||
+    queryParams.pfx ||
+    queryParams.cert ||
+    queryParams.key ||
+    queryParams.passphrase ||
+    queryParams.rejectUnauthorized ||
+    queryParams.secureOptions
+  ) {
+    databaseOptions.ssl = {};
+    if (queryParams.ca) {
+      databaseOptions.ssl.ca = fs.readFileSync(queryParams.ca).toString();
+    }
+    if (queryParams.pfx) {
+      databaseOptions.ssl.pfx = fs.readFileSync(queryParams.pfx).toString();
+    }
+    if (queryParams.cert) {
+      databaseOptions.ssl.cert = fs.readFileSync(queryParams.cert).toString();
+    }
+    if (queryParams.key) {
+      databaseOptions.ssl.key = fs.readFileSync(queryParams.key).toString();
+    }
+    if (queryParams.passphrase) {
+      databaseOptions.ssl.passphrase = queryParams.passphrase;
+    }
+    if (queryParams.rejectUnauthorized) {
+      databaseOptions.ssl.rejectUnauthorized =
+        queryParams.rejectUnauthorized.toLowerCase() === 'true' ? true : false;
+    }
+    if (queryParams.secureOptions) {
+      databaseOptions.ssl.secureOptions = parseInt(queryParams.secureOptions);
+    }
+  }
+
  databaseOptions.binary =
    queryParams.binary && queryParams.binary.toLowerCase() === 'true'
      ? true
@@ -31,6 +67,19 @@ function getDatabaseOptionsFromURI(uri) {
  if (queryParams.poolSize) {
    databaseOptions.poolSize = parseInt(queryParams.poolSize) || 10;
  }
+  if (queryParams.max) {
+    databaseOptions.max = parseInt(queryParams.max) || 10;
+  }
+  if (queryParams.query_timeout) {
+    databaseOptions.query_timeout = parseInt(queryParams.query_timeout);
+  }
+  if (queryParams.idleTimeoutMillis) {
+    databaseOptions.idleTimeoutMillis = parseInt(queryParams.idleTimeoutMillis);
+  }
+  if (queryParams.keepAlive) {
+    databaseOptions.keepAlive =
+      queryParams.keepAlive.toLowerCase() === 'true' ? true : false;
+  }

  return databaseOptions;
 }