Introduce a plugin manager interface to allow different mechanisms to acquire a password.

README.md

@@ -139,6 +139,7 @@ In addition to the standard connection parameters the driver supports a number o
 | adaptiveFetchMaximum          | Integer | -1      | Specifies maximum number of rows, which can be calculated by adaptiveFetch. Number of rows used by adaptiveFetch cannot go above this value. Any negative number set as adaptiveFetchMaximum is used by adaptiveFetch as infinity number of rows.
 | localSocketAddress            | String  | null    | Hostname or IP address given to explicitly configure the interface that the driver will bind the client side of the TCP/IP connection to when connecting.
 | quoteReturningIdentifiers     | Boolean | true    | By default we double quote returning identifiers. Some ORM's already quote them. Switch allows them to turn this off
+| authenticationPluginClassName | STRING  | null    | fully qualified class name of the class implementing the AuthenticationPlugin interface. If this is null, the default PasswordAuthentication plugin will be used
 
 ## Contributing
 For information on how to contribute to the project see the [Contributing Guidelines](CONTRIBUTING.md)

pgjdbc/src/main/java/org/postgresql/Driver.java

@@ -463,7 +463,7 @@ public Connection getResult(long timeout) throws SQLException {
    * @throws SQLException if the connection could not be made
    */
   private static Connection makeConnection(String url, Properties props) throws SQLException {
-    return new PgConnection(hostSpecs(props), user(props), database(props), props, url);
+    return new PgConnection(hostSpecs(props), props, url);
   }
 
   /**
@@ -657,8 +657,8 @@ private static HostSpec[] hostSpecs(Properties props) {
   /**
    * @return the username of the URL
    */
-  private static String user(Properties props) {
-    return props.getProperty("user", "");
+  private static @Nullable String user(Properties props) {
+    return PGProperty.USER.get(props);
   }
 
   /**

pgjdbc/src/main/java/org/postgresql/PGProperty.java

@@ -82,6 +82,16 @@ public enum PGProperty {
       null,
       "Assume the server is at least that version"),
 
+  /**
+   * AuthenticationPluginClass
+   */
+
+  AUTHENTICATION_PLUGIN_CLASS_NAME(
+      "authenticationPluginClassName",
+      null,
+      "Name of class which implements AuthenticationPlugin"
+  ),
+
   /**
    * Specifies what the driver should do if a query fails. In {@code autosave=always} mode, JDBC driver sets a savepoint before each query,
    * and rolls back to that savepoint in case of failure. In {@code autosave=never} mode (default), no savepoint dance is made ever.

pgjdbc/src/main/java/org/postgresql/core/AuthenticationPlugin.java

@@ -0,0 +1,16 @@
+/*
+ * Copyright (c) 2021, PostgreSQL Global Development Group
+ * See the LICENSE file in the project root for more information.
+ */
+
+package org.postgresql.core;
+
+import org.postgresql.util.PSQLException;
+
+import java.util.Properties;
+
+public interface AuthenticationPlugin {
+
+  byte[] getEncodedPassword(Properties info) throws PSQLException, PSQLException;
+
+}

pgjdbc/src/main/java/org/postgresql/core/AuthenticationPluginManager.java

@@ -0,0 +1,32 @@
+/*
+ * Copyright (c) 2021, PostgreSQL Global Development Group
+ * See the LICENSE file in the project root for more information.
+ */
+
+package org.postgresql.core;
+
+import org.postgresql.PGProperty;
+
+import java.util.Properties;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+public class AuthenticationPluginManager {
+
+  private static final Logger LOGGER = Logger.getLogger(AuthenticationPluginManager.class.getName());
+
+  public static AuthenticationPlugin getAuthenticationPlugin(Properties info) throws Exception {
+    String authenticationClassName = PGProperty.AUTHENTICATION_PLUGIN_CLASS_NAME.getSetString(info);
+
+    if ( authenticationClassName == null ) {
+      return new PasswordAuthentication();
+    } else {
+      try {
+        return (AuthenticationPlugin) Class.forName(authenticationClassName).getDeclaredConstructor().newInstance();
+      } catch (Exception ex ) {
+        LOGGER.log(Level.FINE, "Unable to load Authentication Plugin " + ex.toString() );
+        throw ex;
+      }
+    }
+  }
+}

pgjdbc/src/main/java/org/postgresql/core/ConnectionFactory.java

@@ -35,21 +35,19 @@ public abstract class ConnectionFactory {
    *
    * @param hostSpecs at least one host and port to connect to; multiple elements for round-robin
    *        failover
-   * @param user the username to authenticate with; may not be null.
-   * @param database the database on the server to connect to; may not be null.
    * @param info extra properties controlling the connection; notably, "password" if present
    *        supplies the password to authenticate with.
    * @return the new, initialized, connection
    * @throws SQLException if the connection could not be established.
    */
-  public static QueryExecutor openConnection(HostSpec[] hostSpecs, String user,
-      String database, Properties info) throws SQLException {
+  public static QueryExecutor openConnection(HostSpec[] hostSpecs,
+      Properties info) throws SQLException {
     String protoName = PGProperty.PROTOCOL_VERSION.get(info);
 
     if (protoName == null || protoName.isEmpty() || "3".equals(protoName)) {
       ConnectionFactory connectionFactory = new ConnectionFactoryImpl();
       QueryExecutor queryExecutor = connectionFactory.openConnectionImpl(
-          hostSpecs, user, database, info);
+          hostSpecs, info);
       if (queryExecutor != null) {
         return queryExecutor;
       }
@@ -66,17 +64,14 @@ public static QueryExecutor openConnection(HostSpec[] hostSpecs, String user,
    *
    * @param hostSpecs at least one host and port to connect to; multiple elements for round-robin
    *        failover
-   * @param user the username to authenticate with; may not be null.
-   * @param database the database on the server to connect to; may not be null.
    * @param info extra properties controlling the connection; notably, "password" if present
    *        supplies the password to authenticate with.
    * @return the new, initialized, connection, or <code>null</code> if this protocol version is not
    *         supported by the server.
    * @throws SQLException if the connection could not be established for a reason other than
    *         protocol version incompatibility.
    */
-  public abstract QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, String user,
-      String database, Properties info) throws SQLException;
+  public abstract QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, Properties info) throws SQLException;
 
   /**
    * Safely close the given stream.

pgjdbc/src/main/java/org/postgresql/core/PasswordAuthentication.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2021, PostgreSQL Global Development Group
+ * See the LICENSE file in the project root for more information.
+ */
+
+package org.postgresql.core;
+
+import org.postgresql.PGProperty;
+import org.postgresql.util.GT;
+import org.postgresql.util.PSQLException;
+import org.postgresql.util.PSQLState;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Properties;
+
+public class PasswordAuthentication implements AuthenticationPlugin {
+
+  @Override
+  public byte[] getEncodedPassword(Properties info) throws PSQLException {
+    String password = PGProperty.PASSWORD.getSetString(info);
+
+    if (password == null) {
+      throw new PSQLException(
+          GT.tr(
+              "The server requested password-based authentication, but no password was provided."),
+          PSQLState.CONNECTION_REJECTED);
+    }
+
+    return password.getBytes(StandardCharsets.UTF_8);
+  }
+}

pgjdbc/src/main/java/org/postgresql/core/QueryExecutorBase.java

@@ -67,11 +67,10 @@ public abstract class QueryExecutorBase implements QueryExecutor {
       = new TreeMap<String,String>(String.CASE_INSENSITIVE_ORDER);
 
   @SuppressWarnings({"assignment.type.incompatible", "argument.type.incompatible"})
-  protected QueryExecutorBase(PGStream pgStream, String user,
-      String database, int cancelSignalTimeout, Properties info) throws SQLException {
+  protected QueryExecutorBase(PGStream pgStream, int cancelSignalTimeout, Properties info) throws SQLException {
     this.pgStream = pgStream;
-    this.user = user;
-    this.database = database;
+    this.user = PGProperty.USER.get(info);
+    this.database = PGProperty.PG_DBNAME.get(info);
     this.cancelSignalTimeout = cancelSignalTimeout;
     this.reWriteBatchedInserts = PGProperty.REWRITE_BATCHED_INSERTS.getBoolean(info);
     this.columnSanitiserDisabled = PGProperty.DISABLE_COLUMN_SANITISER.getBoolean(info);

pgjdbc/src/main/java/org/postgresql/core/v3/ConnectionFactoryImpl.java

@@ -9,6 +9,8 @@
 import static org.postgresql.util.internal.Nullness.castNonNull;
 
 import org.postgresql.PGProperty;
+import org.postgresql.core.AuthenticationPlugin;
+import org.postgresql.core.AuthenticationPluginManager;
 import org.postgresql.core.ConnectionFactory;
 import org.postgresql.core.PGStream;
 import org.postgresql.core.QueryExecutor;
@@ -91,11 +93,21 @@ private ISSPIClient createSSPI(PGStream pgStream,
     }
   }
 
-  private PGStream tryConnect(String user, String database,
-      Properties info, SocketFactory socketFactory, HostSpec hostSpec,
+  private PGStream tryConnect(Properties info, SocketFactory socketFactory, HostSpec hostSpec,
       SslMode sslMode, GSSEncMode gssEncMode)
       throws SQLException, IOException {
+
     int connectTimeout = PGProperty.CONNECT_TIMEOUT.getInt(info) * 1000;
+    String user = PGProperty.USER.get(info);
+    String database = PGProperty.PG_DBNAME.get(info);
+    if (user == null) {
+      throw new PSQLException(GT.tr("User cannot  be null"),
+          PSQLState.INVALID_NAME);
+    }
+    if (database == null) {
+      throw new PSQLException(GT.tr("Database cannot  be null"),
+          PSQLState.INVALID_NAME);
+    }
 
     PGStream newStream = new PGStream(socketFactory, hostSpec, connectTimeout);
 
@@ -143,7 +155,7 @@ private PGStream tryConnect(String user, String database,
       LOGGER.log(Level.FINE, "Send Buffer Size is {0}", newStream.getSocket().getSendBufferSize());
     }
 
-    newStream = enableGSSEncrypted(newStream, gssEncMode, hostSpec.getHost(), user, info, connectTimeout);
+    newStream = enableGSSEncrypted(newStream, gssEncMode, hostSpec.getHost(), info, connectTimeout);
 
     // if we have a security context then gss negotiation succeeded. Do not attempt SSL negotiation
     if (!newStream.isGssEncrypted()) {
@@ -166,8 +178,7 @@ private PGStream tryConnect(String user, String database,
   }
 
   @Override
-  public QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, String user, String database,
-      Properties info) throws SQLException {
+  public QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, Properties info) throws SQLException {
     SslMode sslMode = SslMode.of(info);
     GSSEncMode gssEncMode = GSSEncMode.of(info);
 
@@ -212,7 +223,7 @@ public QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, String user, Strin
       PGStream newStream = null;
       try {
         try {
-          newStream = tryConnect(user, database, info, socketFactory, hostSpec, sslMode, gssEncMode);
+          newStream = tryConnect(info, socketFactory, hostSpec, sslMode, gssEncMode);
         } catch (SQLException e) {
           if (sslMode == SslMode.PREFER
               && PSQLState.INVALID_AUTHORIZATION_SPECIFICATION.getState().equals(e.getSQLState())) {
@@ -221,14 +232,13 @@ public QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, String user, Strin
             Throwable ex = null;
             try {
               newStream =
-                  tryConnect(user, database, info, socketFactory, hostSpec, SslMode.DISABLE,gssEncMode);
+                  tryConnect(info, socketFactory, hostSpec, SslMode.DISABLE,gssEncMode);
               LOGGER.log(Level.FINE, "Downgraded to non-encrypted connection for host {0}",
                   hostSpec);
-            } catch (SQLException ee) {
+            } catch (SQLException | IOException ee) {
               ex = ee;
-            } catch (IOException ee) {
-              ex = ee; // Can't use multi-catch in Java 6 :(
             }
+
             if (ex != null) {
               log(Level.FINE, "sslMode==PREFER, however non-SSL connection failed as well", ex);
               // non-SSL failed as well, so re-throw original exception
@@ -242,7 +252,7 @@ public QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, String user, Strin
             Throwable ex = null;
             try {
               newStream =
-                  tryConnect(user, database, info, socketFactory, hostSpec, SslMode.REQUIRE, gssEncMode);
+                  tryConnect(info, socketFactory, hostSpec, SslMode.REQUIRE, gssEncMode);
               LOGGER.log(Level.FINE, "Upgraded to encrypted connection for host {0}",
                   hostSpec);
             } catch (SQLException ee) {
@@ -268,8 +278,7 @@ public QueryExecutor openConnectionImpl(HostSpec[] hostSpecs, String user, Strin
         // CheckerFramework can't infer newStream is non-nullable
         castNonNull(newStream);
         // Do final startup.
-        QueryExecutor queryExecutor = new QueryExecutorImpl(newStream, user, database,
-            cancelSignalTimeout, info);
+        QueryExecutor queryExecutor = new QueryExecutorImpl(newStream, cancelSignalTimeout, info);
 
         // Check Primary or Secondary
         HostStatus hostStatus = HostStatus.ConnectOK;
@@ -413,7 +422,7 @@ private boolean credentialCacheExists() {
     return Unsafe.credentialCacheExists();
   }
 
-  private PGStream enableGSSEncrypted(PGStream pgStream, GSSEncMode gssEncMode, String host, String user, Properties info,
+  private PGStream enableGSSEncrypted(PGStream pgStream, GSSEncMode gssEncMode, String host, Properties info,
                                     int connectTimeout)
       throws IOException, PSQLException {
 
@@ -435,6 +444,11 @@ private PGStream enableGSSEncrypted(PGStream pgStream, GSSEncMode gssEncMode, St
       }
     }
 
+    String user = PGProperty.USER.get(info);
+    if (user == null) {
+      throw new PSQLException("GSSAPI encryption required but was impossible user is null", PSQLState.CONNECTION_REJECTED);
+    }
+
     // attempt to acquire a GSS encrypted connection
     String password = PGProperty.PASSWORD.get(info);
     LOGGER.log(Level.FINEST, " FE=> GSSENCRequest");
@@ -595,6 +609,13 @@ private void doAuthentication(PGStream pgStream, String host, String user, Prope
     // Now get the response from the backend, either an error message
     // or an authentication request
 
+    AuthenticationPlugin authenticationPlugin;
+    try {
+      authenticationPlugin = AuthenticationPluginManager.getAuthenticationPlugin(info);
+    } catch ( Exception ex ) {
+      throw new PSQLException(ex.getMessage(), PSQLState.UNEXPECTED_ERROR);
+    }
+
     String password = PGProperty.PASSWORD.get(info);
 
     /* SSPI negotiation state, if used */
@@ -665,14 +686,7 @@ private void doAuthentication(PGStream pgStream, String host, String user, Prope
                 LOGGER.log(Level.FINEST, "<=BE AuthenticationReqPassword");
                 LOGGER.log(Level.FINEST, " FE=> Password(password=<not shown>)");
 
-                if (password == null) {
-                  throw new PSQLException(
-                      GT.tr(
-                          "The server requested password-based authentication, but no password was provided."),
-                      PSQLState.CONNECTION_REJECTED);
-                }
-
-                byte[] encodedPassword = password.getBytes(StandardCharsets.UTF_8);
+                byte[] encodedPassword = authenticationPlugin.getEncodedPassword(info);
 
                 pgStream.sendChar('p');
                 pgStream.sendInteger4(4 + encodedPassword.length + 1);

pgjdbc/src/main/java/org/postgresql/core/v3/QueryExecutorImpl.java

@@ -141,9 +141,9 @@ public class QueryExecutorImpl extends QueryExecutorBase {
 
   @SuppressWarnings({"assignment.type.incompatible", "argument.type.incompatible",
       "method.invocation.invalid"})
-  public QueryExecutorImpl(PGStream pgStream, String user, String database,
+  public QueryExecutorImpl(PGStream pgStream,
       int cancelSignalTimeout, Properties info) throws SQLException, IOException {
-    super(pgStream, user, database, cancelSignalTimeout, info);
+    super(pgStream, cancelSignalTimeout, info);
 
     long maxResultBuffer = pgStream.getMaxResultBuffer();
     this.adaptiveFetchCache = new AdaptiveFetchCache(maxResultBuffer, info);

pgjdbc/src/main/java/org/postgresql/ds/common/BaseDataSource.java

@@ -1305,6 +1305,26 @@ public void setURL(String url) {
     setUrl(url);
   }
 
+  /**
+   *
+   * @return the class name to use for the Authentication Plugin.
+   *         This can be null in which case the default password authentication plugin will be used
+   */
+  public @Nullable String getAuthenticationPluginClassName() {
+    return PGProperty.AUTHENTICATION_PLUGIN_CLASS_NAME.get(properties);
+  }
+
+  /**
+   *
+   * @param className name of a class which implements {@link org.postgresql.core.AuthenticationPlugin}
+   *                  This class will be used to get the encoded bytes to be sent to the server as the
+   *                  password to authenticate the user.
+   *
+   */
+  public void setAuthenticationPluginClassName(String className) {
+    PGProperty.AUTHENTICATION_PLUGIN_CLASS_NAME.set(properties, className);
+  }
+
   public @Nullable String getProperty(String name) throws SQLException {
     PGProperty pgProperty = PGProperty.forName(name);
     if (pgProperty != null) {

pgjdbc/src/main/java/org/postgresql/jdbc/PgConnection.java

@@ -203,8 +203,6 @@ public void setFlushCacheOnDeallocate(boolean flushCacheOnDeallocate) {
   //
   @SuppressWarnings({"method.invocation.invalid", "argument.type.incompatible"})
   public PgConnection(HostSpec[] hostSpecs,
-                      String user,
-                      String database,
                       Properties info,
                       String url) throws SQLException {
     // Print out the driver version number
@@ -222,7 +220,7 @@ public PgConnection(HostSpec[] hostSpecs,
     }
 
     // Now make the initial connection and set up local state
-    this.queryExecutor = ConnectionFactory.openConnection(hostSpecs, user, database, info);
+    this.queryExecutor = ConnectionFactory.openConnection(hostSpecs, info);
 
     // WARNING for unsupported servers (8.1 and lower are not supported)
     if (LOGGER.isLoggable(Level.WARNING) && !haveMinimumServerVersion(ServerVersion.v8_2)) {