Skip to content

Commit b7f284f

Browse files
katcharovkatcharov
committed
Conform to latest spec; remove lock around server auth
1 parent 1eccf22 commit b7f284f

File tree

12 files changed

+653
-889
lines changed

12 files changed

+653
-889
lines changed

Diff for: driver-core/src/main/com/mongodb/MongoCredential.java

+8-3
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,7 @@ public final class MongoCredential {
187187
* The provider name. The value must be a string.
188188
* <p>
189189
* If this is provided,
190-
* {@link MongoCredential#REQUEST_TOKEN_CALLBACK_KEY}
190+
* {@link MongoCredential#OIDC_CALLBACK_KEY}
191191
* must not be provided.
192192
*
193193
* @see #createOidcCredential(String)
@@ -206,7 +206,7 @@ public final class MongoCredential {
206206
* @see #createOidcCredential(String)
207207
* @since 4.10
208208
*/
209-
public static final String REQUEST_TOKEN_CALLBACK_KEY = "REQUEST_TOKEN_CALLBACK";
209+
public static final String OIDC_CALLBACK_KEY = "OIDC_CALLBACK";
210210

211211
/**
212212
* Creates a MongoCredential instance with an unspecified mechanism. The client will negotiate the best mechanism based on the
@@ -364,7 +364,7 @@ public static MongoCredential createAwsCredential(@Nullable final String userNam
364364
* @since 4.10
365365
* @see #withMechanismProperty(String, Object)
366366
* @see #PROVIDER_NAME_KEY
367-
* @see #REQUEST_TOKEN_CALLBACK_KEY
367+
* @see #OIDC_CALLBACK_KEY
368368
* @mongodb.server.release 7.0
369369
*/
370370
public static MongoCredential createOidcCredential(@Nullable final String userName) {
@@ -602,6 +602,11 @@ public interface OidcRequestContext {
602602
* @return The timeout that this callback must complete within.
603603
*/
604604
Duration getTimeout();
605+
606+
/**
607+
* @return The OIDC callback version.
608+
*/
609+
int getVersion();
605610
}
606611

607612
/**

Diff for: driver-core/src/main/com/mongodb/internal/connection/OidcAuthenticator.java

+62-133
Large diffs are not rendered by default.

Diff for: driver-core/src/test/resources/auth/legacy/connection-string.json

+10-63
Original file line numberDiff line numberDiff line change
@@ -446,52 +446,7 @@
446446
}
447447
},
448448
{
449-
"description": "should recognise the mechanism and request callback (MONGODB-OIDC)",
450-
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC",
451-
"callback": ["oidcRequest"],
452-
"valid": true,
453-
"credential": {
454-
"username": null,
455-
"password": null,
456-
"source": "$external",
457-
"mechanism": "MONGODB-OIDC",
458-
"mechanism_properties": {
459-
"REQUEST_TOKEN_CALLBACK": true
460-
}
461-
}
462-
},
463-
{
464-
"description": "should recognise the mechanism when auth source is explicitly specified and with request callback (MONGODB-OIDC)",
465-
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authSource=$external",
466-
"callback": ["oidcRequest"],
467-
"valid": true,
468-
"credential": {
469-
"username": null,
470-
"password": null,
471-
"source": "$external",
472-
"mechanism": "MONGODB-OIDC",
473-
"mechanism_properties": {
474-
"REQUEST_TOKEN_CALLBACK": true
475-
}
476-
}
477-
},
478-
{
479-
"description": "should recognise the mechanism and username with request callback (MONGODB-OIDC)",
480-
"uri": "mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC",
481-
"callback": ["oidcRequest"],
482-
"valid": true,
483-
"credential": {
484-
"username": "principalName",
485-
"password": null,
486-
"source": "$external",
487-
"mechanism": "MONGODB-OIDC",
488-
"mechanism_properties": {
489-
"REQUEST_TOKEN_CALLBACK": true
490-
}
491-
}
492-
},
493-
{
494-
"description": "should recognise the mechanism with aws device (MONGODB-OIDC)",
449+
"description": "should recognise the mechanism with aws provider (MONGODB-OIDC)",
495450
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:aws",
496451
"valid": true,
497452
"credential": {
@@ -505,7 +460,7 @@
505460
}
506461
},
507462
{
508-
"description": "should recognise the mechanism when auth source is explicitly specified and with aws device (MONGODB-OIDC)",
463+
"description": "should recognise the mechanism when auth source is explicitly specified and with provider (MONGODB-OIDC)",
509464
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authSource=$external&authMechanismProperties=PROVIDER_NAME:aws",
510465
"valid": true,
511466
"credential": {
@@ -519,42 +474,34 @@
519474
}
520475
},
521476
{
522-
"description": "should throw an exception if username and password are specified (MONGODB-OIDC)",
523-
"uri": "mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC",
524-
"callback": ["oidcRequest"],
477+
"description": "should throw an exception if supplied a password (MONGODB-OIDC)",
478+
"uri": "mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:aws",
525479
"valid": false,
526480
"credential": null
527481
},
528482
{
529-
"description": "should throw an exception if username and deviceName are specified (MONGODB-OIDC)",
530-
"uri": "mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC&PROVIDER_NAME:gcp",
483+
"description": "should throw an exception if username is specified for aws (MONGODB-OIDC)",
484+
"uri": "mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC&PROVIDER_NAME:aws",
531485
"valid": false,
532486
"credential": null
533487
},
534488
{
535-
"description": "should throw an exception if specified deviceName is not supported (MONGODB-OIDC)",
536-
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:unexisted",
489+
"description": "should throw an exception if specified provider is not supported (MONGODB-OIDC)",
490+
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:invalid",
537491
"valid": false,
538492
"credential": null
539493
},
540494
{
541-
"description": "should throw an exception if neither deviceName nor callbacks specified (MONGODB-OIDC)",
495+
"description": "should throw an exception if neither provider nor callbacks specified (MONGODB-OIDC)",
542496
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC",
543497
"valid": false,
544498
"credential": null
545499
},
546-
{
547-
"description": "should throw an exception if provider name and request callback are specified",
548-
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:aws",
549-
"callback": ["oidcRequest"],
550-
"valid": false,
551-
"credential": null
552-
},
553500
{
554501
"description": "should throw an exception when unsupported auth property is specified (MONGODB-OIDC)",
555502
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=UnsupportedProperty:unexisted",
556503
"valid": false,
557504
"credential": null
558505
}
559506
]
560-
}
507+
}

0 commit comments

Comments
 (0)