fix: handle notice response during auth and terminate the creds retri…

…eval process (#514)
supabase · Dec 12, 2024 · 25cd733 · 25cd733
1 parent 9f56b87
commit 25cd733
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 15 deletions.
diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-1.1.67
+1.1.68
diff --git a/lib/supavisor/client_handler.ex b/lib/supavisor/client_handler.ex
@@ -865,18 +865,26 @@ defmodule Supavisor.ClientHandler do
         ssl_opts: ssl_opts || []
       )
 
-    resp =
-      case H.get_user_secret(conn, tenant.auth_query, db_user) do
-        {:ok, secret} ->
+    try do
+      Logger.debug(
+        "ClientHandler: Connected to db #{tenant.db_host} #{tenant.db_port} #{tenant.db_database} #{user.db_user}"
+      )
+
+      resp =
+        with {:ok, secret} <- H.get_user_secret(conn, tenant.auth_query, db_user) do
           t = if secret.digest == :md5, do: :auth_query_md5, else: :auth_query
           {:ok, {t, fn -> Map.put(secret, :alias, user.db_user_alias) end}}
+        end
 
-        {:error, reason} ->
-          {:error, reason}
-      end
-
-    GenServer.stop(conn, :normal)
-    resp
+      Logger.info("ClientHandler: Get secrets finished")
+      resp
+    rescue
+      exception ->
+        Logger.error("ClientHandler: Couldn't fetch user secrets from #{tenant.db_host}")
+        reraise exception, __STACKTRACE__
+    after
+      GenServer.stop(conn, :normal, 5_000)
+    end
   end
 
   @spec exchange_first(:password | :auth_query, fun(), binary(), binary(), binary()) ::

diff --git a/lib/supavisor/db_handler.ex b/lib/supavisor/db_handler.ex
@@ -235,6 +235,9 @@ defmodule Supavisor.DbHandler do
         %{tag: :error_response, payload: error}, _ ->
           {:error_response, error}
 
+        %{tag: :notice_response, payload: error}, _ ->
+          {:notice_response, error}
+
         _e, acc ->
           acc
       end)
@@ -268,8 +271,8 @@ defmodule Supavisor.DbHandler do
         Logger.error("DbHandler: Auth error #{inspect(reason)}")
         {:stop, :invalid_password, data}
 
-      {:error_response, error} ->
-        Logger.error("DbHandler: Error auth response #{inspect(error)}")
+      {response, error} when response in [:notice_response, :error_response] ->
+        Logger.error("DbHandler: #{inspect(response)} #{inspect(error)}")
         {:keep_state, data}
 
       {:ready_for_query, ps, db_state} ->

diff --git a/lib/supavisor/protocol/server.ex b/lib/supavisor/protocol/server.ex
@@ -171,9 +171,8 @@ defmodule Supavisor.Protocol.Server do
   end
 
   # https://www.postgresql.org/docs/current/protocol-error-fields.html
-  def decode_payload(:error_response, payload) do
-    String.split(payload, <<0>>, trim: true)
-  end
+  def decode_payload(tag, payload) when tag in [:error_response, :notice_response],
+    do: String.split(payload, <<0>>, trim: true)
 
   def decode_payload(
         :password_message,