fix it

.github/workflows/macos.yml

@@ -44,6 +44,10 @@ jobs:
         brew services start mysql@${{ matrix.mysql }}
         sleep 5
         $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot -e 'CREATE DATABASE test'
+        [[ "$MYSQL_VERSION" == "8.0" ]] && $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/caching_sha2_password_user.sql
+        $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/native_password_user.sql
+        $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/x509_user.sql
+        $(brew --prefix mysql@${{ matrix.mysql }})/bin/mysql -uroot < test/mysql/docker-entrypoint-initdb.d/cleartext_user.sql
     - name: Install dependencies
       run: |
         cd contrib/ruby

contrib/ruby/test/auth_test.rb

@@ -18,8 +18,8 @@ def has_caching_sha2?
   end
 
   def test_connect_native_with_password
-    create_and_delete_test_user(auth_plugin: "mysql_native_password") do
-      client = new_tcp_client username: "auth_user", password: "password"
+    create_and_delete_test_user(username: "native", auth_plugin: "mysql_native_password") do
+      client = new_tcp_client username: "native", password: "password"
 
       refute_nil client
     ensure
@@ -28,8 +28,8 @@ def test_connect_native_with_password
   end
 
   def test_connect_native_with_no_password
-    create_and_delete_test_user(password: "", auth_plugin: "mysql_native_password") do
-      client = new_tcp_client username: "auth_user"
+    create_and_delete_test_user(username: "native", password: "", auth_plugin: "mysql_native_password") do
+      client = new_tcp_client username: "native"
 
       refute_nil client
     ensure
@@ -39,12 +39,12 @@ def test_connect_native_with_no_password
 
   def test_connect_caching_sha2_with_password
     return skip unless has_caching_sha2?
-    create_and_delete_test_user(auth_plugin: "caching_sha2_password") do
+    create_and_delete_test_user(username: "caching_sha2", auth_plugin: "caching_sha2_password") do
 
       # Ensure correct setup
-      assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'auth_user'").rows
+      assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'caching_sha2'").rows
 
-      client = new_tcp_client username: "auth_user", password: "password"
+      client = new_tcp_client username: "caching_sha2", password: "password"
 
       refute_nil client
     ensure
@@ -54,12 +54,12 @@ def test_connect_caching_sha2_with_password
 
   def test_connect_caching_sha2_with_no_password
     return skip unless has_caching_sha2?
-    create_and_delete_test_user(password: "", auth_plugin: "caching_sha2_password") do
+    create_and_delete_test_user(username: "caching_sha2", password: "", auth_plugin: "caching_sha2_password") do
 
       # Ensure correct setup
-      assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'auth_user'").rows
+      assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'caching_sha2'").rows
 
-      client = new_tcp_client username: "auth_user"
+      client = new_tcp_client username: "caching_sha2"
 
       refute_nil client
     ensure
@@ -70,15 +70,15 @@ def test_connect_caching_sha2_with_no_password
   def test_connect_with_unix_and_caching_sha2_works
     return skip unless has_caching_sha2?
     return skip unless ["127.0.0.1", "localhost"].include?(DEFAULT_HOST)
-    create_and_delete_test_user(host: "localhost", auth_plugin: "caching_sha2_password") do
+    create_and_delete_test_user(username: "caching_sha2", host: "localhost", auth_plugin: "caching_sha2_password") do
 
       socket = new_tcp_client.query("SHOW VARIABLES LIKE 'socket'").to_a[0][1]
 
       if !File.exist?(socket)
         skip "cound not find socket at #{socket}"
       end
 
-      client = new_unix_client(socket, username: "auth_user", password: "password")
+      client = new_unix_client(socket, username: "caching_sha2", password: "password")
       refute_nil client
     ensure
       ensure_closed client
@@ -88,15 +88,14 @@ def test_connect_with_unix_and_caching_sha2_works
   def test_connect_without_ssl_or_unix_socket_caching_sha2_raises
     return skip unless has_caching_sha2?
 
-    create_and_delete_test_user(auth_plugin: "caching_sha2_password") do
-
+    create_and_delete_test_user(username: "caching_sha2", auth_plugin: "caching_sha2_password") do
       # Ensure correct setup
-      assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'auth_user'").rows
+      assert_equal [["caching_sha2_password"]], new_tcp_client.query("SELECT plugin FROM mysql.user WHERE user = 'caching_sha2'").rows
 
       options = {
         host: DEFAULT_HOST,
         port: DEFAULT_PORT,
-        username: "auth_user",
+        username: "caching_sha2",
         password: "password",
         ssl: false,
         ssl_mode: 0
@@ -112,51 +111,51 @@ def test_connect_without_ssl_or_unix_socket_caching_sha2_raises
   end
 
   def test_connection_error_native
-    create_and_delete_test_user(auth_plugin: "mysql_native_password") do
+    create_and_delete_test_user(username: "native", auth_plugin: "mysql_native_password") do
 
       err = assert_raises Trilogy::ConnectionError do
-        new_tcp_client(username: "auth_user", password: "incorrect")
+        new_tcp_client(username: "native", password: "incorrect")
       end
 
-      assert_includes err.message, "Access denied for user 'auth_user"
+      assert_includes err.message, "Access denied for user 'native"
     end
   end
 
   def test_connection_error_caching_sha2
     return skip unless has_caching_sha2?
 
-    create_and_delete_test_user(auth_plugin: "caching_sha2_password") do
+    create_and_delete_test_user(username: "caching_sha2", auth_plugin: "caching_sha2_password") do
 
       err = assert_raises Trilogy::ConnectionError do
-        new_tcp_client(username: "auth_user", password: "incorrect")
+        new_tcp_client(username: "caching_sha2", password: "incorrect")
       end
-      assert_includes err.message, "Access denied for user 'auth_user"
+      assert_includes err.message, "Access denied for user 'caching_sha2"
     end
   end
 
   def test_cleartext_auth_plugin_with_password
-    create_and_delete_test_user(auth_plugin: "cleartext_plugin_server") do
-      client = new_tcp_client username: "auth_user", password: "password", enable_cleartext_plugin: true
+    create_and_delete_test_user(username: "cleartext_user", auth_plugin: "cleartext_plugin_server") do
+      client = new_tcp_client username: "cleartext_user", password: "password", enable_cleartext_plugin: true
       refute_nil client
     ensure
       ensure_closed client
     end
   end
 
   def test_cleartext_auth_plugin_with_no_password
-    create_and_delete_test_user(password: "", auth_plugin: "cleartext_plugin_server") do
-      client = new_tcp_client username: "auth_user", enable_cleartext_plugin: true
+    create_and_delete_test_user(username: "cleartext_user", password: "", auth_plugin: "cleartext_plugin_server") do
+      client = new_tcp_client username: "cleartext_user", enable_cleartext_plugin: true
       refute_nil client
     ensure
       ensure_closed client
     end
   end
 
   def test_cleartext_auth_plugin_disabled
-    create_and_delete_test_user(password: "", auth_plugin: "cleartext_plugin_server") do
+    create_and_delete_test_user(username: "cleartext_user", password: "", auth_plugin: "cleartext_plugin_server") do
 
       assert_raises Trilogy::AuthPluginError do
-        new_tcp_client username: "auth_user", password: "password"
+        new_tcp_client username: "cleartext_user", password: "password"
       end
     end
   end

contrib/ruby/test/test_helper.rb

@@ -92,22 +92,27 @@ def ensure_closed(socket)
 
   def create_and_delete_test_user(opts = {}, &block)
     client = new_tcp_client
-    create_test_user(client, opts)
+    user_created = create_test_user(client, opts)
     yield
-    delete_test_user(client, opts)
   ensure
+    delete_test_user(client, opts) if user_created
     ensure_closed client
   end
 
   def create_test_user(client, opts = {})
-    username = opts[:username] || "auth_user"
+    username = opts[:username]
     password = opts[:password] || "password"
     host = opts[:host] || DEFAULT_HOST
     auth_plugin = opts[:auth_plugin]
 
+    raise ArgumentError if username.nil? || auth_plugin.nil?
+    user_exists = client.query("SELECT user FROM mysql.user WHERE user = '#{username}';").rows.first
+    return if user_exists
+
     client.query("CREATE USER '#{username}'@'#{host}'")
     client.query("GRANT ALL PRIVILEGES ON test.* TO '#{username}'@'#{host}';")
     client.query("ALTER USER '#{username}'@'#{host}' IDENTIFIED WITH #{auth_plugin} BY '#{password}';")
+    client.query("SELECT user FROM mysql.user WHERE user = '#{username}';").rows.first
   end
 
   def delete_test_user(client, opts = {})

test/mysql/docker-entrypoint-initdb.d/caching_sha2_password_user.sql

@@ -0,0 +1,3 @@
+CREATE USER 'caching_sha2'@'%';
+GRANT ALL PRIVILEGES ON test.* TO 'caching_sha2'@'%';
+ALTER USER 'caching_sha2'@'%' IDENTIFIED /*!80000 WITH caching_sha2_password */ BY 'password';

test/mysql/docker-entrypoint-initdb.d/cleartext_user.sql

@@ -0,0 +1,4 @@
+INSTALL PLUGIN cleartext_plugin_server SONAME 'auth_test_plugin.so';
+CREATE USER 'cleartext_user'@'%';
+GRANT ALL PRIVILEGES ON test.* TO 'cleartext_user'@'%';
+ALTER USER 'cleartext_user'@'%' IDENTIFIED WITH cleartext_plugin_server BY 'password';

test/mysql/docker-entrypoint-initdb.d/native_password_user.sql

@@ -0,0 +1,7 @@
+CREATE USER 'native'@'%';
+GRANT ALL PRIVILEGES ON test.* TO 'native'@'%';
+ALTER USER 'native'@'%' IDENTIFIED WITH mysql_native_password BY '';
+// add back these
+// change usernames
+// check if user exists for create
+// only delete user if we created it