Implement support for cleartext authentication plugin

[wildmaples]

Resolves: #157
Redo of: #168

The server doesn't request for cleartext plugin in the first handshake as it is not a default plugin. The client should only provide cleartext password when the server requests an auth switch to it, and the client has enable_cleartext_plugin option enabled. If the client does not have cleartext auth plugin enabled, we will raise a Trilogy::AuthPluginError.

This is the authentication flow for a server that uses the cleartext client side plugin (#168 (comment)):

Server sends handshake, with auth plugin caching_sha2_password
Client sends handshake response, still with auth plugin caching_sha2_password
Server sends auth switch request, now with auth plugin mysql_clear_password
Client sends auth switch response with just the cleartext password and nothing else
Server sends OK and we are connected

This PR introduces these changes:

• Supports cleartext auth plugin!
• Raises when the server auth switches to a plugin that Trilogy does not support. Note that at the moment Trilogy supports mysql_native_password, caching_sha2_password and now mysql_clear_password. This is the recommended behaviour according to mysql docs "Authentication Method Mismatch".
• Adds a test dependency on this mysql test server plugin. It's unclear if the file will stick around in the long term but seeing that it is only a test dependency and makes our lives easier than the alternative testing options, we are inclined to just use it for the time being.

cc: @ngan @composerinteralia

[ngan]

I created an issue on the MySQL docker repo to see if they'd be open to building and tagging a mysql-community-test variant that we can use. If they do, we can switch to that and get the test auth plugin for free. If they don't, we can keep what we have (checked-in plugins for various mysql version), or build our own MySQL image.

docker-library/mysql#1040

[composerinteralia]

This looks great to me, but I'll leave it for a bit in case anybody else has feedback.

[casperisfine]

This probably shouldn't be committed?

[adrianna-chang-shopify]

Should we be building our own MySQL image instead of committing the plugins?

[ngan]

I think we can and should, but that would be quite a big detour from the original intent of this PR. I suggest we land as-is then I can spend some time refactoring the test setup.

[adrianna-chang-shopify]

Follow up sounds good to me 👍 Thanks!

[ngan]

This has been addressed here: #174

[adrianna-chang-shopify]

Thanks for working on this! Would you mind squashing your commits?

My preference would be for us to build our own MySQL image extending mysql-community-test over checking in those plugins, but don't feel strongly if folks would prefer to ship as is.

[adrianna-chang-shopify]

Does it make sense for the mysql_native_password and caching_sha2_password connection tests from client_test.rb to live in this test suite too?

[ngan]

Done!

[ngan]

Actually, I could only add it for native password. We don't use cache_sha2 for mysql 5 so the ruby test fails there. I'm going to revisit this after this PR.

[composerinteralia]

I think we already have that test elsewhere, but we can sort it out later. We might want to move all connection-related stuff into something like ConnectionTest.

[adrianna-chang-shopify]

Should we be building our own MySQL image instead of committing the plugins?

[composerinteralia]

Would you mind squashing your commits?

I do like a clean git history, but we haven't historically been as opinionated about this as (for example) Rails.

[adrianna-chang-shopify]

I do like a clean git history, but we haven't historically been as opinionated about this as (for example) Rails.

I'll defer to you folks, I wasn't sure if we were following Rails' stance of squash-everything-before-merge! 🙇‍♀️

[composerinteralia]

Thank you!