Add informative error when SASL password is empty string

sehrope · sehrope · commit 49432be14bb4 · 2023-01-20T09:54:08.000-05:00
diff --git a/packages/pg/lib/sasl.js b/packages/pg/lib/sasl.js
@@ -23,6 +23,9 @@ function continueSession(session, password, serverData) {
   if (typeof password !== 'string') {
     throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a string')
   }
+  if (password === '') {
+    throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a non-empty string')
+  }
   if (typeof serverData !== 'string') {
     throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: serverData must be a string')
   }
diff --git a/packages/pg/test/unit/client/sasl-scram-tests.js b/packages/pg/test/unit/client/sasl-scram-tests.js
@@ -100,6 +100,24 @@ test('sasl/scram', function () {
       }
     })
 
+    test('fails when client password is an empty string', function () {
+      assert.throws(
+        function () {
+          sasl.continueSession(
+            {
+              message: 'SASLInitialResponse',
+              clientNonce: 'a',
+            },
+            '',
+            'r=1,i=1'
+          )
+        },
+        {
+          message: 'SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a non-empty string',
+        }
+      )
+    })
+
     test('fails when iteration is missing in server message', function () {
       assert.throws(
         function () {

Original file line number	Diff line number	Diff line change
`@@ -23,6 +23,9 @@ function continueSession(session, password, serverData) {`
`23`	`23`	`if (typeof password !== 'string') {`
`24`	`24`	`throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a string')`
`25`	`25`	`}`
	`26`	`+ if (password === '') {`
	`27`	`+ throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: client password must be a non-empty string')`
	`28`	`+ }`
`26`	`29`	`if (typeof serverData !== 'string') {`
`27`	`30`	`throw new Error('SASL: SCRAM-SERVER-FIRST-MESSAGE: serverData must be a string')`
`28`	`31`	`}`