Support IDENTIFIED BY RANDOM PASSWORD in CREATE USER / ALTER USER / SET PASSWORD

[kyleconroy]

Summary

Marino does not parse the IDENTIFIED BY RANDOM PASSWORD form used to make MySQL generate a random password server-side.

MySQL version

Introduced in MySQL 8.0.18.

Current state in marino

grep -in 'RANDOM PASSWORD\|RandomPassword' parser/parser.y parser/keywords.go ast/misc.go returns no matches. The PasswordOrLockOption rule (parser/parser.y:14665-14760) only accepts IDENTIFIED BY 'string' and IDENTIFIED WITH plugin BY 'string'.

Example SQL

CREATE USER:

CREATE USER rand_u IDENTIFIED BY RANDOM PASSWORD;

ALTER USER:

ALTER USER rand_u IDENTIFIED BY RANDOM PASSWORD;

Combined with a plugin:

CREATE USER rand_u IDENTIFIED WITH caching_sha2_password BY RANDOM PASSWORD;

SET PASSWORD:

SET PASSWORD FOR rand_u TO RANDOM;

SET PASSWORD with REPLACE clause:

SET PASSWORD FOR rand_u TO RANDOM REPLACE 'old_password';

Validation

CREATE USER rand_u IDENTIFIED BY RANDOM PASSWORD; runs successfully against MySQL 9.2.0 Community.

Notes for the implementer

• Add RANDOM as a non-reserved keyword (it already exists in some grammars as random).
• Extend the IDENTIFIED [WITH plugin] BY rule to accept RANDOM PASSWORD instead of a string literal.
• Extend SET PASSWORD ... = / TO to accept RANDOM and the REPLACE 'current' tail.
• Reference: https://dev.mysql.com/doc/refman/9.2/en/create-user.html