diff --git a/drivers-evergreen-tools b/drivers-evergreen-tools index 3a43346b571..b26580ac7b0 160000 --- a/drivers-evergreen-tools +++ b/drivers-evergreen-tools @@ -1 +1 @@ -Subproject commit 3a43346b571661fb5cef3ac7d010a749430318b4 +Subproject commit b26580ac7b03a7eb282053871da0a050c7075288 diff --git a/test/integration/auth/mongodb_oidc.prose.test.ts b/test/integration/auth/mongodb_oidc.prose.test.ts index 66aabda7e84..7bb2c3c31db 100644 --- a/test/integration/auth/mongodb_oidc.prose.test.ts +++ b/test/integration/auth/mongodb_oidc.prose.test.ts @@ -39,6 +39,11 @@ const generateResult = (token: string, expiresInSeconds?: number, extraFields?: return response; }; +let appNameCounter = 0; +const createAppName = (extra?: string) => { + return `oidc-${appNameCounter++}-app${extra ? `-${extra}` : ''}`; +}; + const DEFAULT_URI = 'mongodb://127.0.0.1:27017'; const URI_SINGLE = process.env.MONGODB_URI_SINGLE ?? DEFAULT_URI; const isCallbackTest = process.env.ENVIRONMENT === 'test'; @@ -278,6 +283,7 @@ describe('OIDC Auth Spec Tests', function () { describe('3.3 Unexpected error code does not clear the cache', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create a MongoClient with a callback that returns a valid token. // Set a fail point for saslStart commands of the form: @@ -299,7 +305,8 @@ describe('OIDC Auth Spec Tests', function () { // `[callback-only]` Assert that the callback has been called once. // Close the client. beforeEach(async function () { - client = getClient({}, callbackSpy); + appName = createAppName(); + client = getClient({ appName }, callbackSpy); utilClient = getClient({}, createCallback()); collection = client.db('test').collection('test'); await utilClient @@ -312,15 +319,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['saslStart'], - errorCode: 20 + errorCode: 20, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -364,6 +374,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.1 Reauthentication Succeeds', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create an OIDC configured client. // Set a fail point for find commands of the form: @@ -383,7 +394,8 @@ describe('OIDC Auth Spec Tests', function () { // `[callback-only]` Assert that the callback was called 2 times (once during the connection handshake, and again during reauthentication). // Close the client. beforeEach(async function () { - client = getClient({}, callbackSpy); + appName = createAppName(); + client = getClient({ appName }, callbackSpy); utilClient = getClient({}, createCallback()); collection = client.db('test').collection('test'); await utilClient @@ -396,15 +408,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -419,6 +434,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.1 Reauthentication Succeeds (promoteValues: false)', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create an OIDC configured client. // Set a fail point for find commands of the form: @@ -438,7 +454,8 @@ describe('OIDC Auth Spec Tests', function () { // `[callback-only]` Assert that the callback was called 2 times (once during the connection handshake, and again during reauthentication). // Close the client. beforeEach(async function () { - client = getClient({ promoteValues: false }, callbackSpy); + appName = createAppName(); + client = getClient({ promoteValues: false, appName }, callbackSpy); utilClient = getClient({ promoteValues: false }, createCallback()); collection = client.db('test').collection('test'); await utilClient @@ -451,15 +468,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -474,6 +494,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.2 `[callback-only]` Read Commands Fail If Reauthentication Fails', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createBadCallback()); // Create a MongoClient whose OIDC callback returns one good token and then bad tokens after the first call. // Perform a find operation that succeeds. @@ -498,12 +519,14 @@ describe('OIDC Auth Spec Tests', function () { this.test.skipReason = 'Callback validation tests only run in test environment'; this.test.skip(); } - client = getClient({}, callbackSpy); + appName = createAppName(); + client = getClient({ appName }, callbackSpy); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_CALLBACK: createCallback() }, - retryReads: false + retryReads: false, + appName }); collection = client.db('test').collection('test'); await utilClient @@ -516,15 +539,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient?.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient?.close(); }); @@ -538,6 +564,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.3 `[callback-only]` Write Commands Fail If Reauthentication Fails', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createBadCallback()); // Create a MongoClient whose OIDC callback returns one good token and then bad tokens after the first call. // Perform an insert operation that succeeds. @@ -562,12 +589,14 @@ describe('OIDC Auth Spec Tests', function () { this.test.skipReason = 'Callback validation tests only run in test environment'; this.test.skip(); } - client = getClient({}, callbackSpy); + appName = createAppName(); + client = getClient({ appName }, callbackSpy); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_CALLBACK: createCallback() }, - retryReads: false + retryReads: false, + appName }); collection = client.db('test').collection('test'); await collection.insertOne({ n: 1 }); @@ -581,15 +610,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['insert'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient?.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient?.close(); }); @@ -603,6 +635,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.4 Speculative Authentication should be ignored on Reauthentication', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); const saslStarts = []; // - Create an OIDC configured client. @@ -632,7 +665,8 @@ describe('OIDC Auth Spec Tests', function () { // - Close the client. beforeEach(async function () { utilClient = getClient({}, createCallback()); - client = getClient({ monitorCommands: true }, callbackSpy); + appName = createAppName(); + client = getClient({ monitorCommands: true, appName }, callbackSpy); client.on('commandStarted', event => { if (event.commandName === 'saslStart') { saslStarts.push(event); @@ -654,9 +688,11 @@ describe('OIDC Auth Spec Tests', function () { }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient?.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient?.close(); }); @@ -678,7 +714,8 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['insert'], - errorCode: 391 + errorCode: 391, + appName } }); @@ -693,6 +730,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.5 Reauthentication Succeeds when a Session is involved', function () { let utilClient: MongoClient; let session: ClientSession; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create an OIDC configured client. // Set a fail point for find commands of the form: @@ -713,7 +751,8 @@ describe('OIDC Auth Spec Tests', function () { // `[callback-only]` Assert that the callback was called 2 times (once during the connection handshake, and again during reauthentication). // Close the session and the client. beforeEach(async function () { - client = getClient({}, callbackSpy); + appName = createAppName(); + client = getClient({ appName }, callbackSpy); utilClient = getClient({}, createCallback()); collection = client.db('test').collection('test'); await utilClient @@ -726,16 +765,19 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); session = client.startSession(); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); await session.endSession(); @@ -1039,6 +1081,7 @@ describe('OIDC Auth Spec Tests', function () { describe('2.3 Refresh Token Is Passed To The Callback', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create a MongoClient with a human callback that checks for the presence of a refresh token. // Perform a find operation that succeeds. @@ -1059,17 +1102,20 @@ describe('OIDC Auth Spec Tests', function () { // Assert that the callback has been called twice. // Assert that the refresh token was provided to the callback once. beforeEach(async function () { + appName = createAppName(); client = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: callbackSpy }, - retryReads: false + retryReads: false, + appName }); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: createCallback() }, - retryReads: false + retryReads: false, + appName }); collection = client.db('test').collection('testHuman'); await collection.findOne(); @@ -1083,15 +1129,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -1114,6 +1163,7 @@ describe('OIDC Auth Spec Tests', function () { describe('3.1 Uses speculative authentication if there is a cached token', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create an OIDC configured client with a human callback that returns a valid token. // Set a fail point for find commands of the form: @@ -1146,17 +1196,20 @@ describe('OIDC Auth Spec Tests', function () { // Perform a find operation that succeeds. // Close the client. beforeEach(async function () { + appName = createAppName(); client = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: callbackSpy }, - retryReads: false + retryReads: false, + appName }); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: createCallback() }, - retryReads: false + retryReads: false, + appName }); collection = client.db('test').collection('testHuman'); await utilClient @@ -1169,7 +1222,8 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - closeConnection: true + closeConnection: true, + appName } }); const error = await collection.findOne().catch(error => error); @@ -1184,15 +1238,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['saslStart'], - errorCode: 18 + errorCode: 18, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -1205,6 +1262,7 @@ describe('OIDC Auth Spec Tests', function () { describe('3.2 Does not use speculative authentication if there is no cached token', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create an OIDC configured client with a human callback that returns a valid token. // Set a fail point for saslStart commands of the form: @@ -1223,11 +1281,13 @@ describe('OIDC Auth Spec Tests', function () { // Perform a find operation that fails. // Close the client. beforeEach(async function () { + appName = createAppName(); client = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: callbackSpy }, - retryReads: false + retryReads: false, + appName }); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { @@ -1246,15 +1306,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['saslStart'], - errorCode: 18 + errorCode: 18, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -1276,6 +1339,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.1 Succeeds', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); const commandStartedEvents = []; const commandSucceededEvents = []; @@ -1307,12 +1371,14 @@ describe('OIDC Auth Spec Tests', function () { // Assert that a find operation failed once during the command execution. // Close the client. beforeEach(async function () { + appName = createAppName(); client = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: callbackSpy }, monitorCommands: true, - retryReads: false + retryReads: false, + appName }); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { @@ -1342,15 +1408,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -1366,6 +1435,7 @@ describe('OIDC Auth Spec Tests', function () { describe('4.2 Succeeds no refresh', function () { let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createCallback()); // Create an OIDC configured client with a human callback that does not return a refresh token. // Perform a find operation that succeeds. @@ -1387,12 +1457,14 @@ describe('OIDC Auth Spec Tests', function () { // Assert that the human callback has been called twice. // Close the client. beforeEach(async function () { + appName = createAppName(); client = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: callbackSpy }, monitorCommands: true, - retryReads: false + retryReads: false, + appName }); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { @@ -1413,15 +1485,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -1443,6 +1518,7 @@ describe('OIDC Auth Spec Tests', function () { }; let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createBadCallback()); // Create an OIDC configured client with a callback that returns the test_user1 access token and a bad refresh token. // Perform a find operation that succeeds. @@ -1464,12 +1540,14 @@ describe('OIDC Auth Spec Tests', function () { // Assert that the human callback has been called 2 times. // Close the client. beforeEach(async function () { + appName = createAppName(); client = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: callbackSpy }, monitorCommands: true, - retryReads: false + retryReads: false, + appName }); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { @@ -1490,15 +1568,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); @@ -1528,6 +1609,7 @@ describe('OIDC Auth Spec Tests', function () { }; let utilClient: MongoClient; + let appName: string; const callbackSpy = sinon.spy(createBadCallback()); // Create an OIDC configured client that returns invalid refresh tokens and returns invalid access tokens after the first access. // Perform a find operation that succeeds. @@ -1549,12 +1631,14 @@ describe('OIDC Auth Spec Tests', function () { // Assert that the human callback has been called three times. // Close the client. beforeEach(async function () { + appName = createAppName(); client = new MongoClient(uriSingle, { authMechanismProperties: { OIDC_HUMAN_CALLBACK: callbackSpy }, monitorCommands: true, - retryReads: false + retryReads: false, + appName }); utilClient = new MongoClient(uriSingle, { authMechanismProperties: { @@ -1575,15 +1659,18 @@ describe('OIDC Auth Spec Tests', function () { }, data: { failCommands: ['find'], - errorCode: 391 + errorCode: 391, + appName } }); }); afterEach(async function () { + // explicitly remove the fail point to prevent interaction between test runs await utilClient.db().admin().command({ configureFailPoint: 'failCommand', - mode: 'off' + mode: 'off', + data: { appName } }); await utilClient.close(); }); diff --git a/test/spec/auth/unified/mongodb-oidc-no-retry.json b/test/spec/auth/unified/mongodb-oidc-no-retry.json index 9dbe1982704..b32ada172a4 100644 --- a/test/spec/auth/unified/mongodb-oidc-no-retry.json +++ b/test/spec/auth/unified/mongodb-oidc-no-retry.json @@ -5,7 +5,8 @@ { "minServerVersion": "7.0", "auth": true, - "authMechanism": "MONGODB-OIDC" + "authMechanism": "MONGODB-OIDC", + "serverless": "forbid" } ], "createEntities": [ @@ -24,7 +25,8 @@ "$$placeholder": 1 }, "retryReads": false, - "retryWrites": false + "retryWrites": false, + "appName": "mongodb-oidc-no-retry" }, "observeEvents": [ "commandStartedEvent", @@ -146,7 +148,8 @@ "failCommands": [ "find" ], - "errorCode": 391 + "errorCode": 391, + "appName": "mongodb-oidc-no-retry" } } } @@ -211,7 +214,8 @@ "failCommands": [ "insert" ], - "errorCode": 391 + "errorCode": 391, + "appName": "mongodb-oidc-no-retry" } } } @@ -288,7 +292,8 @@ "failCommands": [ "insert" ], - "closeConnection": true + "closeConnection": true, + "appName": "mongodb-oidc-no-retry" } } } @@ -320,7 +325,8 @@ "failCommands": [ "saslStart" ], - "errorCode": 18 + "errorCode": 18, + "appName": "mongodb-oidc-no-retry" } } } @@ -397,7 +403,8 @@ "failCommands": [ "saslStart" ], - "errorCode": 18 + "errorCode": 18, + "appName": "mongodb-oidc-no-retry" } } } diff --git a/test/spec/auth/unified/mongodb-oidc-no-retry.yml b/test/spec/auth/unified/mongodb-oidc-no-retry.yml index 426fd72466c..dbfe4ef79e6 100644 --- a/test/spec/auth/unified/mongodb-oidc-no-retry.yml +++ b/test/spec/auth/unified/mongodb-oidc-no-retry.yml @@ -5,6 +5,7 @@ runOnRequirements: - minServerVersion: "7.0" auth: true authMechanism: "MONGODB-OIDC" + serverless: forbid createEntities: - client: id: &failPointClient failPointClient @@ -20,6 +21,7 @@ createEntities: authMechanismProperties: { $$placeholder: 1 } retryReads: false retryWrites: false + appName: &appName mongodb-oidc-no-retry observeEvents: - commandStartedEvent - commandSucceededEvent @@ -86,6 +88,7 @@ tests: failCommands: - find errorCode: 391 # ReauthenticationRequired + appName: *appName - name: find object: collection0 arguments: @@ -120,6 +123,7 @@ tests: failCommands: - insert errorCode: 391 # ReauthenticationRequired + appName: *appName - name: insertOne object: collection0 arguments: @@ -159,6 +163,7 @@ tests: failCommands: - insert closeConnection: true + appName: *appName - name: insertOne object: collection0 arguments: @@ -179,6 +184,7 @@ tests: failCommands: - saslStart errorCode: 18 + appName: *appName - name: insertOne object: collection0 arguments: @@ -212,12 +218,13 @@ tests: client: failPointClient failPoint: configureFailPoint: failCommand - mode: + mode: times: 1 data: failCommands: - saslStart errorCode: 18 + appName: *appName - name: insertOne object: collection0 arguments: @@ -225,4 +232,4 @@ tests: _id: 1 x: 1 expectError: - errorCode: 18 \ No newline at end of file + errorCode: 18