Skip to content

DRIVERS-2415 Implement OIDC SASL mechanism #1365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 57 commits into from
Feb 23, 2023
Merged

DRIVERS-2415 Implement OIDC SASL mechanism #1365

Changes from 1 commit
Commits
Show all changes
57 commits
Select commit Hold shift + click to select a range
fd28894
DRIVERS-2415 Implement OIDC SASL mechanism
blink1073 Jan 13, 2023
2400b73
update mechanism description
blink1073 Jan 13, 2023
b41852d
underline
blink1073 Jan 13, 2023
261580c
add link
blink1073 Jan 13, 2023
0297618
add link
blink1073 Jan 13, 2023
7033518
address review
blink1073 Jan 17, 2023
e01ef3b
clarify validation and callback semantics
blink1073 Jan 17, 2023
996090f
add callbacks as auth mech props
blink1073 Jan 17, 2023
c98145e
clarify the use of the cache
blink1073 Jan 18, 2023
a79c53c
clarify skipping step 1 and the use of locks
blink1073 Jan 19, 2023
7087603
add wip test spec file
blink1073 Jan 20, 2023
6136d1c
address comments
blink1073 Jan 23, 2023
d5cd4ea
address comments
blink1073 Jan 23, 2023
f55a6e8
clean up cache prose test
blink1073 Jan 24, 2023
ee44e9a
Update source/auth/auth.rst
blink1073 Jan 26, 2023
f46f39a
address review
blink1073 Jan 26, 2023
3b7769f
wording
blink1073 Jan 26, 2023
6b34d8d
clarify use of host and add note about preventing memory leaks
blink1073 Jan 27, 2023
4547c62
make it invalid to specify both principal name and device name
blink1073 Jan 27, 2023
c3e37f5
add not about using both device name and principal name
blink1073 Jan 27, 2023
0a607a4
clarifications and connection string tests
blink1073 Jan 30, 2023
9345c37
address review
blink1073 Jan 30, 2023
8bd0df5
update prose tests and remove azure/gcp connection string tests
blink1073 Jan 31, 2023
2b9d069
update multiple principal prose test
blink1073 Feb 2, 2023
96219ef
add unified tests and update specifications
blink1073 Feb 3, 2023
10b1aaa
restore GSSAPI tests
blink1073 Feb 6, 2023
39fceb1
clarify usage of cache key
blink1073 Feb 6, 2023
c2874bc
update callback timeout
blink1073 Feb 6, 2023
98c9ca2
only require schema 1.12
blink1073 Feb 6, 2023
0d1ef01
clarify usage of cache key
blink1073 Feb 6, 2023
f019176
clean up server address section
blink1073 Feb 6, 2023
b53ab8a
update server response and remove azure note
blink1073 Feb 7, 2023
e3f1d46
add more language around retry
blink1073 Feb 7, 2023
4aaa570
update prose tests
blink1073 Feb 8, 2023
0d52bf7
update docs and prose test on reauthentication
blink1073 Feb 8, 2023
6474093
use username as principal name
blink1073 Feb 9, 2023
869198d
Update source/auth/tests/mongodb-oidc.rst
blink1073 Feb 9, 2023
9fe808b
update reauthentication prose tests
blink1073 Feb 10, 2023
c15d2ab
add the failcommand examples
blink1073 Feb 10, 2023
8601f77
formatting
blink1073 Feb 10, 2023
734eadf
update urls
blink1073 Feb 10, 2023
f720771
Update source/auth/auth.rst
blink1073 Feb 14, 2023
2444933
address review
blink1073 Feb 14, 2023
63a68a0
clean up and add additional prose test
blink1073 Feb 14, 2023
8aee7ed
wording
blink1073 Feb 14, 2023
bd71fc1
update prose tests
blink1073 Feb 14, 2023
749caf3
fix urls in prose tests
blink1073 Feb 14, 2023
c3f88e8
syntax
blink1073 Feb 14, 2023
1c45b17
clean up
blink1073 Feb 16, 2023
15b7600
clarify prose test
blink1073 Feb 16, 2023
ce832c6
clarify prose test
blink1073 Feb 16, 2023
0f85c3f
add principal name to callbacks, and include callbacks in cache key
blink1073 Feb 17, 2023
742689e
update cache exp on access, clean up prose test
blink1073 Feb 21, 2023
e581aa2
remove reauth write prose test
blink1073 Feb 22, 2023
4c93899
clarification and spelling
blink1073 Feb 22, 2023
dc55a8c
remove extraneous prose test
blink1073 Feb 22, 2023
bcf32fb
Update source/auth/tests/mongodb-oidc.rst
blink1073 Feb 23, 2023
File filter

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
underline
  • Loading branch information
@blink1073
blink1073 committed Jan 13, 2023
commit b41852d5dc61392632dd9fdf99bcbaa9d30dcdef
2 changes: 1 addition & 1 deletion source/auth/auth.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1160,7 +1160,7 @@ If AWS authentication fails for any reason, the cache MUST be cleared.
Five minutes was chosen based on the AWS documentation for `IAM roles for EC2 <https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html>`_ : "We make new credentials available at least five minutes before the expiration of the old credentials". The intent is to have some buffer between when the driver fetches the credentials and when the server verifies them.

MONGODB-OIDC
~~~~~~~~~~~
~~~~~~~~~~~~

:since: 6.3 Enterprise

Expand Down