parametrize service principal and host

albertchang · albertchang · commit afb7d9de6d8d · 2024-07-03T13:02:58.000-07:00
handle accept token

return if no token step
diff --git a/packages/pg/lib/client.js b/packages/pg/lib/client.js
@@ -10,6 +10,7 @@ var Query = require('./query')
 var defaults = require('./defaults')
 var Connection = require('./connection')
 const crypto = require('./crypto/utils')
+const kerberos = require('kerberos').Kerberos
 
 class Client extends EventEmitter {
   constructor(config) {
@@ -20,6 +21,7 @@ class Client extends EventEmitter {
     this.database = this.connectionParameters.database
     this.port = this.connectionParameters.port
     this.host = this.connectionParameters.host
+    this.principal = this.connectionParameters.principal
 
     // "hiding" the password so it doesn't show up in stack traces
     // or if the client is console.logged
@@ -204,8 +206,7 @@ class Client extends EventEmitter {
 
   async _handleGSSInit(msg) {
     try {
-      // TODO: Below needs to be parameterized
-      this.client = await kerberos.initializeClient('postgres@pg.US-WEST-2.COMPUTE.INTERNAL', {
+      this.client = await kerberos.initializeClient(`${this.principal}@${this.host}`, {
         mechOID: kerberos.GSS_MECH_OID_SPNEGO,
       })
 
diff --git a/packages/pg/lib/connection-parameters.js b/packages/pg/lib/connection-parameters.js
@@ -65,6 +65,8 @@ class ConnectionParameters {
 
     this.port = parseInt(val('port', config), 10)
     this.host = val('host', config)
+    // Kerberos/GSSAPI service principal
+    this.principal = val('principal', config)
 
     // "hiding" the password so it doesn't show up in stack traces
     // or if the client is console.logged
