proxy: make auth more type safe (#5689)

## Problem a5292f7e67/proxy/src/auth/backend.rs (L146-L148) a5292f7e67/proxy/src/console/provider/neon.rs (L90) a5292f7e67/proxy/src/console/provider/neon.rs (L154) ## Summary of changes 1. Test backend is only enabled on `cfg(test)`. 2. Postgres mock backend + MD5 auth keys are only enabled on `cfg(feature = testing)` 3. Password hack and cleartext flow will have their passwords validated before proceeding. 4. Distinguish between ClientCredentials with endpoint and without, removing many panics in the process
2026-01-07 05:22:56 +00:00 · 2023-12-08 11:48:37 +00:00
parent 2c544343e0
commit 699049b8f3
20 changed files with 497 additions and 303 deletions
--- a/proxy/Cargo.toml
+++ b/proxy/Cargo.toml
@@ -4,6 +4,10 @@ version = "0.1.0"
 edition.workspace = true
 license.workspace = true

+[features]
+default = []
+testing = []
+
 [dependencies]
 anyhow.workspace = true
 async-trait.workspace = true
@@ -69,6 +73,7 @@ webpki-roots.workspace = true
 x509-parser.workspace = true
 native-tls.workspace = true
 postgres-native-tls.workspace = true
+postgres-protocol.workspace = true
 smol_str.workspace = true

 workspace_hack.workspace = true
@@ -78,4 +83,3 @@ tokio-util.workspace = true
 rcgen.workspace = true
 rstest.workspace = true
 tokio-postgres-rustls.workspace = true
-postgres-protocol.workspace = true