WL#14650, Support for MFA (multi factor authentication) authentication.

Author: fjssilva

CHANGES

@@ -3,6 +3,8 @@
 
 Version 8.0.28
 
+  - WL#14650, Support for MFA (multi factor authentication) authentication.
+
 Version 8.0.27
 
   - Fix for Bug#103612 (32902019), Incorrectly identified WITH...SELECT as unsafe for read-only connections.

src/main/core-api/java/com/mysql/cj/conf/ConnectionUrl.java

@@ -477,7 +477,7 @@ protected HostInfo fixHostInfo(HostInfo hi) {
         hostProps.putAll(this.properties);
         // Add/override host specific connection arguments.
         hi.getHostProperties().entrySet().stream().forEach(e -> hostProps.put(PropertyKey.normalizeCase(e.getKey()), e.getValue()));
-        // Add the database name
+        // Add the database name.
         if (!hostProps.containsKey(PropertyKey.DBNAME.getKeyName())) {
             hostProps.put(PropertyKey.DBNAME.getKeyName(), getDatabase());
         }
@@ -513,7 +513,7 @@ protected HostInfo fixHostInfo(HostInfo hi) {
         }
 
         String password = hostProps.remove(PropertyKey.PASSWORD.getKeyName());
-        if (!isNullOrEmpty(hi.getPassword())) {
+        if (hi.getPassword() != null) { // Password can be specified as empty string.
             password = hi.getPassword();
         } else if (isNullOrEmpty(password)) {
             password = getDefaultPassword();

src/main/core-api/java/com/mysql/cj/conf/ConnectionUrlParser.java

@@ -292,9 +292,6 @@ private void parseAuthoritySegment(String authSegment) {
      */
     private HostInfo buildHostInfoForEmptyHost(String user, String password, String hostInfo) {
         if (isNullOrEmpty(hostInfo)) {
-            if (isNullOrEmpty(user) && isNullOrEmpty(password)) {
-                return new HostInfo();
-            }
             return new HostInfo(this, null, HostInfo.NO_PORT, user, password);
         }
         return null;

src/main/core-api/java/com/mysql/cj/conf/PropertyDefinitions.java

@@ -187,17 +187,26 @@ public enum DatabaseTerm {
                         Messages.getString("ConnectionProperties.Password"), Messages.getString("ConnectionProperties.allVersions"), CATEGORY_AUTH,
                         Integer.MIN_VALUE + 2),
 
+                new StringPropertyDefinition(PropertyKey.password1, DEFAULT_VALUE_NULL_STRING, RUNTIME_NOT_MODIFIABLE,
+                        Messages.getString("ConnectionProperties.Password1"), "8.0.27", CATEGORY_AUTH, Integer.MIN_VALUE + 3),
+
+                new StringPropertyDefinition(PropertyKey.password2, DEFAULT_VALUE_NULL_STRING, RUNTIME_NOT_MODIFIABLE,
+                        Messages.getString("ConnectionProperties.Password2"), "8.0.27", CATEGORY_AUTH, Integer.MIN_VALUE + 4),
+
+                new StringPropertyDefinition(PropertyKey.password3, DEFAULT_VALUE_NULL_STRING, RUNTIME_NOT_MODIFIABLE,
+                        Messages.getString("ConnectionProperties.Password3"), "8.0.27", CATEGORY_AUTH, Integer.MIN_VALUE + 5),
+
                 new StringPropertyDefinition(PropertyKey.authenticationPlugins, DEFAULT_VALUE_NULL_STRING, RUNTIME_MODIFIABLE,
-                        Messages.getString("ConnectionProperties.authenticationPlugins"), "5.1.19", CATEGORY_AUTH, Integer.MIN_VALUE + 3),
+                        Messages.getString("ConnectionProperties.authenticationPlugins"), "5.1.19", CATEGORY_AUTH, Integer.MIN_VALUE + 6),
 
                 new StringPropertyDefinition(PropertyKey.disabledAuthenticationPlugins, DEFAULT_VALUE_NULL_STRING, RUNTIME_MODIFIABLE,
-                        Messages.getString("ConnectionProperties.disabledAuthenticationPlugins"), "5.1.19", CATEGORY_AUTH, Integer.MIN_VALUE + 4),
+                        Messages.getString("ConnectionProperties.disabledAuthenticationPlugins"), "5.1.19", CATEGORY_AUTH, Integer.MIN_VALUE + 7),
 
                 new StringPropertyDefinition(PropertyKey.defaultAuthenticationPlugin, "mysql_native_password", RUNTIME_MODIFIABLE,
-                        Messages.getString("ConnectionProperties.defaultAuthenticationPlugin"), "5.1.19", CATEGORY_AUTH, Integer.MIN_VALUE + 5),
+                        Messages.getString("ConnectionProperties.defaultAuthenticationPlugin"), "5.1.19", CATEGORY_AUTH, Integer.MIN_VALUE + 8),
 
                 new StringPropertyDefinition(PropertyKey.ldapServerHostname, DEFAULT_VALUE_NULL_STRING, RUNTIME_MODIFIABLE,
-                        Messages.getString("ConnectionProperties.ldapServerHostname"), "8.0.23", CATEGORY_AUTH, Integer.MIN_VALUE + 6),
+                        Messages.getString("ConnectionProperties.ldapServerHostname"), "8.0.23", CATEGORY_AUTH, Integer.MIN_VALUE + 9),
 
                 new StringPropertyDefinition(PropertyKey.ociConfigFile, DEFAULT_VALUE_NULL_STRING, RUNTIME_MODIFIABLE,
                         Messages.getString("ConnectionProperties.ociConfigFile"), "8.0.27", CATEGORY_AUTH, Integer.MIN_VALUE + 7),

src/main/core-api/java/com/mysql/cj/conf/PropertyKey.java

@@ -62,11 +62,11 @@ public enum PropertyKey {
 
     allowLoadLocalInfile("allowLoadLocalInfile", true), //
     allowLoadLocalInfileInPath("allowLoadLocalInfileInPath", true), //
-    allowSourceDownConnections("allowSourceDownConnections", "allowMasterDownConnections", true), //
     allowMultiQueries("allowMultiQueries", true), //
     allowNanAndInf("allowNanAndInf", true), //
     allowPublicKeyRetrieval("allowPublicKeyRetrieval", true), //
     allowReplicaDownConnections("allowReplicaDownConnections", "allowSlaveDownConnections", true), //
+    allowSourceDownConnections("allowSourceDownConnections", "allowMasterDownConnections", true), //
     allowUrlInLocalInfile("allowUrlInLocalInfile", true), //
     alwaysSendSetIsolation("alwaysSendSetIsolation", true), //
     authenticationPlugins("authenticationPlugins", true), //
@@ -125,13 +125,14 @@ public enum PropertyKey {
     failOverReadOnly("failOverReadOnly", true), //
     fallbackToSystemKeyStore("fallbackToSystemKeyStore", true), //
     fallbackToSystemTrustStore("fallbackToSystemTrustStore", true), //
+    forceConnectionTimeZoneToSession("forceConnectionTimeZoneToSession", true), //
     functionsNeverReturnBlobs("functionsNeverReturnBlobs", true), //
     gatherPerfMetrics("gatherPerfMetrics", true), //
     generateSimpleParameterMetadata("generateSimpleParameterMetadata", true), //
     getProceduresReturnsFunctions("getProceduresReturnsFunctions", true), //
-    holdResultsOpenOverStatementClose("holdResultsOpenOverStatementClose", true), //
     ha_enableJMX("ha.enableJMX", "haEnableJMX", true), //
     ha_loadBalanceStrategy("ha.loadBalanceStrategy", "haLoadBalanceStrategy", true), //
+    holdResultsOpenOverStatementClose("holdResultsOpenOverStatementClose", true), //
     ignoreNonTxTables("ignoreNonTxTables", true), //
     includeInnodbStatusInDeadlockExceptions("includeInnodbStatusInDeadlockExceptions", true), //
     includeThreadDumpInDeadlockExceptions("includeThreadDumpInDeadlockExceptions", true), //
@@ -148,8 +149,8 @@ public enum PropertyKey {
     loadBalanceExceptionChecker("loadBalanceExceptionChecker", true), //
     loadBalanceHostRemovalGracePeriod("loadBalanceHostRemovalGracePeriod", true), //
     loadBalancePingTimeout("loadBalancePingTimeout", true), //
-    loadBalanceSQLStateFailover("loadBalanceSQLStateFailover", true), //
     loadBalanceSQLExceptionSubclassFailover("loadBalanceSQLExceptionSubclassFailover", true), //
+    loadBalanceSQLStateFailover("loadBalanceSQLStateFailover", true), //
     loadBalanceValidateConnectionOnSwapServer("loadBalanceValidateConnectionOnSwapServer", true), //
     localSocketAddress("localSocketAddress", true), //
     locatorFetchBufferSize("locatorFetchBufferSize", true), //
@@ -172,6 +173,9 @@ public enum PropertyKey {
     padCharsWithSpace("padCharsWithSpace", true), //
     paranoid("paranoid", false), //
     parseInfoCacheFactory("parseInfoCacheFactory", true), //
+    password1("password1", true), //
+    password2("password2", true), //
+    password3("password3", true), //
     passwordCharacterEncoding("passwordCharacterEncoding", true), //
     pedantic("pedantic", true), //
     pinGlobalTxToPhysicalConnection("pinGlobalTxToPhysicalConnection", true), //
@@ -182,7 +186,6 @@ public enum PropertyKey {
     processEscapeCodesForPrepStmts("processEscapeCodesForPrepStmts", true), //
     profilerEventHandler("profilerEventHandler", true), //
     profileSQL("profileSQL", true), //
-    forceConnectionTimeZoneToSession("forceConnectionTimeZoneToSession", true), //
     propertiesTransform("propertiesTransform", true), //
     queriesBeforeRetrySource("queriesBeforeRetrySource", "queriesBeforeRetryMaster", true), //
     queryInterceptors("queryInterceptors", true), //
@@ -208,7 +211,6 @@ public enum PropertyKey {
     serverConfigCacheFactory("serverConfigCacheFactory", true), //
     serverRSAPublicKeyFile("serverRSAPublicKeyFile", true), //
     sessionVariables("sessionVariables", true), //
-    trackSessionState("trackSessionState", true), //
     slowQueryThresholdMillis("slowQueryThresholdMillis", true), //
     slowQueryThresholdNanos("slowQueryThresholdNanos", true), //
     socketFactory("socketFactory", true), //
@@ -224,6 +226,7 @@ public enum PropertyKey {
     tcpTrafficClass("tcpTrafficClass", true), //
     tinyInt1isBit("tinyInt1isBit", true), //
     traceProtocol("traceProtocol", true), //
+    trackSessionState("trackSessionState", true), //
     transformedBitIsBoolean("transformedBitIsBoolean", true), //
     treatUtilDateAsTimestamp("treatUtilDateAsTimestamp", true), //
     trustCertificateKeyStorePassword("trustCertificateKeyStorePassword", true), //

src/main/core-api/java/com/mysql/cj/protocol/ServerSessionStateController.java

@@ -36,7 +36,6 @@
 import com.mysql.cj.exceptions.ExceptionFactory;
 
 public interface ServerSessionStateController {
-
     public static int SESSION_TRACK_SYSTEM_VARIABLES = 0x00;
     public static int SESSION_TRACK_SCHEMA = 0x01;
     public static int SESSION_TRACK_STATE_CHANGE = 0x02;