Remove registry for CredentialProvider

Instead, it can be used by passing the config object directly to a
Connector.

Author: KJ Tsanaktsidis

README.md

@@ -209,16 +209,6 @@ SELECT u.id FROM users as u
 
 will return `u.id` instead of just `id` if `columnsWithAlias=true`.
 
-#### `credentialProvider`
-
-```
-Type:           string
-Valid Values:   <name>
-Default:        ""
-```
-
-If set, this must refer to a credential provider name registered with `RegisterCredentialProvider`. When this is set, the username and password in the DSN will be ignored; instead, each time a conneciton is to be opened, the named credential provider function will be called to obtain a username/password to connect with. This is useful when using, for example, IAM database auth in Amazon AWS, where "passwords" are actually temporary tokens that expire.
-
 ##### `interpolateParams`
 
 ```
@@ -377,6 +367,31 @@ Examples:
   * [`time_zone=%27Europe%2FParis%27`](https://dev.mysql.com/doc/refman/5.5/en/time-zone-support.html): `SET time_zone='Europe/Paris'`
   * [`tx_isolation=%27REPEATABLE-READ%27`](https://dev.mysql.com/doc/refman/5.5/en/server-system-variables.html#sysvar_tx_isolation): `SET tx_isolation='REPEATABLE-READ'`
 
+#### Non-DSN parameters
+
+Some parameters (those that have types too complex to fit into a string) are not supported as part of a DSN string, but can only be specified by using the Connector interface. To use these parameters, set your database client up like so:
+
+```go
+dbConfig := mysql.Config {
+    Addr: "localhost:3306",
+    // ... other parameters ...
+}
+connector, err := mysql.NewConnector(dbConfig)
+if err != nil {
+    panic(error)
+}
+db := sql.OpenDB(connector)
+```
+
+##### `CredentialProvider`
+
+```
+Type:           CredentialProviderFunc
+Default:        nil
+```
+
+If set, this must refer to a credential provider function of type `CredentialProviderFunc`. When this is set, the `User` and `Passwd` fields in the config will be ignored; instead, each time a connection is to be opened, the credential provider function will be called to obtain a username/password to connect with. This is useful when using, for example, IAM database auth in Amazon AWS, where "passwords" are actually temporary tokens that expire.
+
 
 #### Examples
 ```

auth.go

@@ -15,16 +15,13 @@ import (
 	"crypto/sha256"
 	"crypto/x509"
 	"encoding/pem"
-	"fmt"
 	"sync"
 )
 
 // server pub keys registry
 var (
-	serverPubKeyLock           sync.RWMutex
-	serverPubKeyRegistry       map[string]*rsa.PublicKey
-	credentialProviderLock     sync.RWMutex
-	credentialProviderRegistry map[string]CredentialProviderFunc
+	serverPubKeyLock     sync.RWMutex
+	serverPubKeyRegistry map[string]*rsa.PublicKey
 )
 
 // RegisterServerPubKey registers a server RSA public key which can be used to
@@ -89,39 +86,6 @@ func getServerPubKey(name string) (pubKey *rsa.PublicKey) {
 // and the second the password.
 type CredentialProviderFunc func() (user string, password string, error error)
 
-// RegisterCredentialProvider registers a function to be called on every connection open to
-// get the username and password to call
-func RegisterCredentialProvider(name string, providerFunc CredentialProviderFunc) {
-	credentialProviderLock.Lock()
-	if credentialProviderRegistry == nil {
-		credentialProviderRegistry = make(map[string]CredentialProviderFunc)
-	}
-	credentialProviderRegistry[name] = providerFunc
-	credentialProviderLock.Unlock()
-}
-
-// DeregisterCredentialProvider removes a function registered with RegisterCredentialProvider
-func DeregisterCredentialProvider(name string) {
-	credentialProviderLock.Lock()
-	if credentialProviderRegistry != nil {
-		delete(credentialProviderRegistry, name)
-	}
-	credentialProviderLock.Unlock()
-}
-
-func getCredentialsFromConfig(cfg *Config) (user string, password string, error error) {
-	if cfg.CredentialProvider != "" {
-		credentialProviderLock.RLock()
-		defer credentialProviderLock.RUnlock()
-		cpFunc, ok := credentialProviderRegistry[cfg.CredentialProvider]
-		if !ok {
-			return "", "", fmt.Errorf("credential provider %s not registered", cfg.CredentialProvider)
-		}
-		return cpFunc()
-	}
-	return cfg.User, cfg.Passwd, nil
-}
-
 // Hash password using pre 4.1 (old password) method
 // https://github.com/atcurtis/mariadb/blob/master/mysys/my_rnd.c
 type myRnd struct {

connector.go

@@ -88,7 +88,7 @@ func (c *connector) Connect(ctx context.Context) (driver.Conn, error) {
 		plugin = defaultAuthPlugin
 	}
 
-	user, password, err := getCredentialsFromConfig(c.cfg)
+	user, password, err := c.cfg.getCredentials()
 	if err != nil {
 		mc.cleanup()
 		return nil, err

driver_test.go

@@ -125,36 +125,47 @@ func runTestsWithMultiStatement(t *testing.T, dsn string, tests ...func(dbt *DBT
 }
 
 func runTests(t *testing.T, dsn string, tests ...func(dbt *DBTest)) {
+	cfg, err := ParseDSN(dsn)
+	if err != nil {
+		t.Fatalf("error formatting DSN")
+	}
+	runTestsWithConfig(t, cfg, tests...)
+}
+
+func runTestsWithConfig(t *testing.T, cfg *Config, tests ...func(dbt *DBTest)) {
 	if !available {
 		t.Skipf("MySQL server not running on %s", netAddr)
 	}
 
-	db, err := sql.Open("mysql", dsn)
+	connector, err := NewConnector(cfg)
 	if err != nil {
 		t.Fatalf("error connecting: %s", err.Error())
 	}
+	db := sql.OpenDB(connector)
 	defer db.Close()
 
 	db.Exec("DROP TABLE IF EXISTS test")
 
-	dsn2 := dsn + "&interpolateParams=true"
+	cfg2 := cfg.Clone()
+	cfg2.InterpolateParams = true
 	var db2 *sql.DB
-	if _, err := ParseDSN(dsn2); err != errInvalidDSNUnsafeCollation {
-		db2, err = sql.Open("mysql", dsn2)
-		if err != nil {
-			t.Fatalf("error connecting: %s", err.Error())
-		}
+	connector2, err := NewConnector(cfg2)
+	if err != errInvalidDSNUnsafeCollation {
+		db2 = sql.OpenDB(connector2)
 		defer db2.Close()
+	} else if err != nil {
+		t.Fatalf("error connecting: %s", err.Error())
 	}
 
-	dsn3 := dsn + "&multiStatements=true"
+	cfg3 := cfg.Clone()
+	cfg3.MultiStatements = true
 	var db3 *sql.DB
-	if _, err := ParseDSN(dsn3); err != errInvalidDSNUnsafeCollation {
-		db3, err = sql.Open("mysql", dsn3)
-		if err != nil {
-			t.Fatalf("error connecting: %s", err.Error())
-		}
+	connector3, err := NewConnector(cfg2)
+	if err != errInvalidDSNUnsafeCollation {
+		db3 = sql.OpenDB(connector3)
 		defer db3.Close()
+	} else if err != nil {
+		t.Fatalf("error connecting: %s", err.Error())
 	}
 
 	dbt := &DBTest{t, db}
@@ -3169,18 +3180,23 @@ func TestCredentialProviderFunc(t *testing.T) {
 	// to test that it really is having an effect.
 	shouldFailCreds := false
 	shouldFailError := false
-	RegisterCredentialProvider("TestCredentialProviderFunc", func() (string, string, error) {
-		if shouldFailCreds {
-			return "fail", "fail", nil
-		}
-		if shouldFailError {
-			return "", "", fmt.Errorf("credential_error")
-		}
-		return user, pass, nil
-	})
-	defer DeregisterCredentialProvider("TestCredentialProviderFunc")
-	dsn := fmt.Sprintf("%s/%s?timeout=30s&credentialProvider=TestCredentialProviderFunc", netAddr, dbname)
-	runTests(t, dsn, func(dbt *DBTest) {
+	cfg := &Config{
+		Addr:                 addr,
+		Net:                  prot,
+		DBName:               dbname,
+		Collation:            defaultCollation,
+		AllowNativePasswords: true,
+		CredentialProvider: func() (string, string, error) {
+			if shouldFailCreds {
+				return "fail", "fail", nil
+			}
+			if shouldFailError {
+				return "", "", fmt.Errorf("credential_error")
+			}
+			return user, pass, nil
+		},
+	}
+	runTestsWithConfig(t, cfg, func(dbt *DBTest) {
 		ctx := context.Background()
 		c1, err := dbt.db.Conn(ctx)
 		if err != nil {

dsn.go

@@ -34,23 +34,23 @@ var (
 // If a new Config is created instead of being parsed from a DSN string,
 // the NewConfig function should be used, which sets default values.
 type Config struct {
-	User               string            // Username
-	Passwd             string            // Password (requires User)
-	CredentialProvider string            // Credential provider name registered with RegisterCredentialProvider
-	Net                string            // Network type
-	Addr               string            // Network address (requires Net)
-	DBName             string            // Database name
-	Params             map[string]string // Connection parameters
-	Collation          string            // Connection collation
-	Loc                *time.Location    // Location for time.Time values
-	MaxAllowedPacket   int               // Max packet size allowed
-	ServerPubKey       string            // Server public key name
-	pubKey             *rsa.PublicKey    // Server public key
-	TLSConfig          string            // TLS configuration name
-	tls                *tls.Config       // TLS configuration
-	Timeout            time.Duration     // Dial timeout
-	ReadTimeout        time.Duration     // I/O read timeout
-	WriteTimeout       time.Duration     // I/O write timeout
+	User               string                 // Username
+	Passwd             string                 // Password (requires User)
+	CredentialProvider CredentialProviderFunc // Credential provider function
+	Net                string                 // Network type
+	Addr               string                 // Network address (requires Net)
+	DBName             string                 // Database name
+	Params             map[string]string      // Connection parameters
+	Collation          string                 // Connection collation
+	Loc                *time.Location         // Location for time.Time values
+	MaxAllowedPacket   int                    // Max packet size allowed
+	ServerPubKey       string                 // Server public key name
+	pubKey             *rsa.PublicKey         // Server public key
+	TLSConfig          string                 // TLS configuration name
+	tls                *tls.Config            // TLS configuration
+	Timeout            time.Duration          // Dial timeout
+	ReadTimeout        time.Duration          // I/O read timeout
+	WriteTimeout       time.Duration          // I/O write timeout
 
 	AllowAllFiles           bool // Allow all files to be used with LOAD DATA LOCAL INFILE
 	AllowCleartextPasswords bool // Allows the cleartext client side plugin
@@ -348,16 +348,6 @@ func (cfg *Config) FormatDSN() string {
 
 	}
 
-	if cfg.CredentialProvider != "" {
-		if hasParam {
-			buf.WriteString("&credentialProvider=")
-		} else {
-			hasParam = true
-			buf.WriteString("?credentialProvider=")
-		}
-		buf.WriteString(cfg.CredentialProvider)
-	}
-
 	// other params
 	if cfg.Params != nil {
 		var params []string
@@ -624,8 +614,6 @@ func parseDSNParams(cfg *Config, params string) (err error) {
 			if err != nil {
 				return
 			}
-		case "credentialProvider":
-			cfg.CredentialProvider = value
 		default:
 			// lazy init
 			if cfg.Params == nil {
@@ -641,6 +629,13 @@ func parseDSNParams(cfg *Config, params string) (err error) {
 	return
 }
 
+func (cfg *Config) getCredentials() (user string, password string, err error) {
+	if cfg.CredentialProvider != nil {
+		return cfg.CredentialProvider()
+	}
+	return cfg.User, cfg.Passwd, nil
+}
+
 func ensureHavePort(addr string) string {
 	if _, _, err := net.SplitHostPort(addr); err != nil {
 		return net.JoinHostPort(addr, "3306")

dsn_test.go

@@ -71,9 +71,6 @@ var testDSNs = []struct {
 }, {
 	"tcp(de:ad:be:ef::ca:fe)/dbname",
 	&Config{Net: "tcp", Addr: "[de:ad:be:ef::ca:fe]:3306", DBName: "dbname", Collation: "utf8mb4_general_ci", Loc: time.UTC, MaxAllowedPacket: defaultMaxAllowedPacket, AllowNativePasswords: true},
-}, {
-	"tcp(localhost)/dbname?credentialProvider=foobar",
-	&Config{Net: "tcp", Addr: "localhost:3306", DBName: "dbname", Collation: "utf8mb4_general_ci", Loc: time.UTC, MaxAllowedPacket: defaultMaxAllowedPacket, AllowNativePasswords: true, CredentialProvider: "foobar"},
 }}
 
 func TestDSNParser(t *testing.T) {