Skip to content

OIDC Add remaining environments (azure, gcp), evergreen testing, API naming updates #1371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 25 commits into from
Apr 29, 2024
Merged

OIDC Add remaining environments (azure, gcp), evergreen testing, API naming updates #1371

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
25 commits
Select commit Hold shift + click to select a range
240af4c
Add remaining environments (azure, gcp), evergreen testing, API namin…
katcharov Apr 19, 2024
b84ca99
Add remaining tests, refactor, increase GCP test machine
katcharov Apr 22, 2024
df3ef8d
Cleanup, update since annotations, updates to match spec API
katcharov Apr 23, 2024
581ae2e
Test fixes
katcharov Apr 23, 2024
00e4c15
PR fixes
katcharov Apr 23, 2024
6898b4f
Remove admin credentials
katcharov Apr 24, 2024
2621ae8
PR fixes
katcharov Apr 25, 2024
c842d22
PR fixes
katcharov Apr 25, 2024
3cea409
Apply suggestions from code review
katcharov Apr 26, 2024
e883279
Update driver-core/src/main/com/mongodb/MongoCredential.java
katcharov Apr 26, 2024
bc30a2f
Update driver-core/src/main/com/mongodb/internal/authentication/Crede…
katcharov Apr 26, 2024
d856d84
Implement OIDC map value splitting
katcharov Apr 26, 2024
479fcdd
PR fixes, doc updates
katcharov Apr 26, 2024
4a844b1
PR fixes for OIDC feature branch
katcharov Apr 26, 2024
cc1c7ec
Update connection-string latest specifications/pull/1569
katcharov Apr 26, 2024
678d7b7
PR fixes
katcharov Apr 26, 2024
fcb65dc
PR fixes
katcharov Apr 26, 2024
71b3846
PR fixes
katcharov Apr 26, 2024
f6cb3da
PR Fixes
katcharov Apr 26, 2024
be63643
PR fixes
katcharov Apr 27, 2024
0532a87
PR fixes
katcharov Apr 29, 2024
761918e
PR fixes: mustDecodeNonOidcAsWhole
katcharov Apr 29, 2024
7428fd1
PR fixes
katcharov Apr 29, 2024
fcdab29
Update driver-sync/src/test/functional/com/mongodb/internal/connectio…
katcharov Apr 29, 2024
8971a79
Doc fix
katcharov Apr 29, 2024
File filter

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
PR fixes
  • Loading branch information
@katcharov
katcharov committed Apr 25, 2024
commit c842d226108d0765b7f930e1522f10e8a474e52d
12 changes: 11 additions & 1 deletion driver-core/src/main/com/mongodb/internal/authentication/AzureCredentialHelper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@
import org.bson.BsonString;
import org.bson.json.JsonParseException;

import java.io.UnsupportedEncodingException;
import java.net.URLEncoder;
import java.time.Duration;
import java.util.HashMap;
import java.util.Map;
Expand Down Expand Up @@ -72,7 +74,7 @@ public static BsonDocument obtainFromEnvironment() {
public static CredentialInfo fetchAzureCredentialInfo(final String resource, @Nullable final String clientId) {
String endpoint = "http://169.254.169.254:80"
+ "/metadata/identity/oauth2/token?api-version=2018-02-01"
+ "&resource=" + resource
+ "&resource=" + getEncoded(resource)
+ (clientId == null ? "" : "&client_id=" + clientId);

Map<String, String> headers = new HashMap<>();
Expand All @@ -99,6 +101,14 @@ public static CredentialInfo fetchAzureCredentialInfo(final String resource, @Nu
return new CredentialInfo(accessToken, Duration.ofSeconds(expiresInSeconds));
}

static String getEncoded(final String resource) {
try {
return URLEncoder.encode(resource, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e);
}
}

private AzureCredentialHelper() {
}
}
8 changes: 4 additions & 4 deletions driver-core/src/main/com/mongodb/internal/authentication/GcpCredentialHelper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,12 @@

import com.mongodb.MongoClientException;
import org.bson.BsonDocument;
import org.bson.BsonString;

import java.time.Duration;
import java.util.HashMap;
import java.util.Map;

import static com.mongodb.internal.authentication.AzureCredentialHelper.getEncoded;
import static com.mongodb.internal.authentication.HttpHelper.getHttpContents;

/**
Expand All @@ -46,14 +46,14 @@ public static BsonDocument obtainFromEnvironment() {
}
}

public static CredentialInfo fetchGcpCredentialInfo(final String resource) {
public static CredentialInfo fetchGcpCredentialInfo(final String audience) {
String endpoint = "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience="
+ resource;
+ getEncoded(audience);
Map<String, String> header = new HashMap<>();
header.put("Metadata-Flavor", "Google");
String response = getHttpContents("GET", endpoint, header);
return new CredentialInfo(
new BsonString(response).getValue(),
response,
Duration.ZERO);
}

Expand Down
13 changes: 6 additions & 7 deletions driver-sync/src/test/functional/com/mongodb/client/unified/Entities.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,6 @@
import com.mongodb.ServerApiVersion;
import com.mongodb.TransactionOptions;
import com.mongodb.WriteConcern;
import com.mongodb.assertions.Assertions;
import com.mongodb.client.ClientSession;
import com.mongodb.client.MongoClient;
import com.mongodb.client.MongoCollection;
Expand Down Expand Up @@ -92,6 +91,8 @@
import static com.mongodb.ClusterFixture.getMultiMongosConnectionString;
import static com.mongodb.ClusterFixture.isLoadBalanced;
import static com.mongodb.ClusterFixture.isSharded;
import static com.mongodb.assertions.Assertions.assertNotNull;
import static com.mongodb.assertions.Assertions.notNull;
import static com.mongodb.client.Fixture.getMongoClientSettingsBuilder;
import static com.mongodb.client.Fixture.getMultiMongosMongoClientSettingsBuilder;
import static com.mongodb.client.unified.EventMatcher.getReasonString;
Expand Down Expand Up @@ -530,13 +531,11 @@ private void initClient(final BsonDocument entity, final String id,
boolean hasPlaceholder = authMechanismProperties.equals(
new BsonDocument("$$placeholder", new BsonInt32(1)));
if (!hasPlaceholder) {
throw new UnsupportedOperationException("Unsupported authMechanism: " + value);
throw new UnsupportedOperationException(
"Unsupported authMechanismProperties for authMechanism: " + value);
}

String env = getenv("OIDC_ENV");
if (env == null) {
env = "test";
}
String env = assertNotNull(getenv("OIDC_ENV"));
MongoCredential oidcCredential = MongoCredential
.createOidcCredential(null)
.withMechanismProperty("ENVIRONMENT", env);
Expand Down Expand Up @@ -723,7 +722,7 @@ private void initClientEncryption(final BsonDocument entity, final String id,
}
}

putEntity(id, clientEncryptionSupplier.apply(Assertions.notNull("mongoClient", mongoClient), builder.build()), clientEncryptions);
putEntity(id, clientEncryptionSupplier.apply(notNull("mongoClient", mongoClient), builder.build()), clientEncryptions);
}

private TransactionOptions getTransactionOptions(final BsonDocument options) {
Expand Down