From 1fc916e5169ed4e2cb23abcd0a6d555220cd6062 Mon Sep 17 00:00:00 2001 From: Durran Jordan Date: Thu, 25 Jul 2024 13:07:53 +0200 Subject: [PATCH] feat(NODE-5838): remove support for server 3.6 --- .evergreen/ci_matrix_constants.js | 2 +- .evergreen/config.yml | 129 ------------------ src/cmap/auth/mongo_credentials.ts | 10 +- src/cmap/auth/mongocr.ts | 38 ------ src/cmap/auth/providers.ts | 1 - src/cmap/wire_protocol/constants.ts | 4 +- src/mongo_client_auth_providers.ts | 2 - test/mongodb.ts | 1 - test/spec/auth/legacy/connection-string.json | 45 +----- test/spec/auth/legacy/connection-string.yml | 32 +---- test/spec/connection-string/README.md | 55 ++++++++ test/spec/connection-string/invalid-uris.yml | 2 - test/spec/connection-string/valid-auth.json | 27 +--- test/spec/connection-string/valid-auth.yml | 22 +-- .../spec/connection-string/valid-options.json | 23 +++- test/spec/connection-string/valid-options.yml | 18 ++- .../connection-string/valid-warnings.json | 15 ++ .../spec/connection-string/valid-warnings.yml | 12 ++ .../rs/compatible.json | 2 +- .../rs/compatible.yml | 2 +- .../rs/compatible_unknown.json | 2 +- .../rs/compatible_unknown.yml | 2 +- .../sharded/compatible.json | 2 +- .../sharded/compatible.yml | 2 +- .../single/compatible.json | 2 +- .../single/compatible.yml | 2 +- .../single/too_old_then_upgraded.json | 4 +- .../single/too_old_then_upgraded.yml | 4 +- test/tools/mongodb-mock/index.js | 6 +- .../unit/cmap/wire_protocol/constants.test.ts | 8 +- 30 files changed, 152 insertions(+), 324 deletions(-) delete mode 100644 src/cmap/auth/mongocr.ts create mode 100644 test/spec/connection-string/README.md diff --git a/.evergreen/ci_matrix_constants.js b/.evergreen/ci_matrix_constants.js index 42e1e2aa2f3..bb53b78a76e 100644 --- a/.evergreen/ci_matrix_constants.js +++ b/.evergreen/ci_matrix_constants.js @@ -1,4 +1,4 @@ -const MONGODB_VERSIONS = ['latest', 'rapid', '8.0', '7.0', '6.0', '5.0', '4.4', '4.2', '4.0', '3.6']; +const MONGODB_VERSIONS = ['latest', 'rapid', '8.0', '7.0', '6.0', '5.0', '4.4', '4.2', '4.0']; const versions = [ { codeName: 'gallium', versionNumber: 16, npmVersion: 9 }, { codeName: 'hydrogen', versionNumber: 18, npmVersion: 'latest' }, diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 184828452b9..a98dc597d54 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -1735,57 +1735,6 @@ tasks: - func: bootstrap mongo-orchestration - func: bootstrap kms servers - func: run tests - - name: test-3.6-server - tags: - - '3.6' - - server - commands: - - command: expansions.update - type: setup - params: - updates: - - {key: NPM_VERSION, value: '9'} - - {key: VERSION, value: '3.6'} - - {key: TOPOLOGY, value: server} - - {key: AUTH, value: auth} - - func: install dependencies - - func: bootstrap mongo-orchestration - - func: bootstrap kms servers - - func: run tests - - name: test-3.6-replica_set - tags: - - '3.6' - - replica_set - commands: - - command: expansions.update - type: setup - params: - updates: - - {key: NPM_VERSION, value: '9'} - - {key: VERSION, value: '3.6'} - - {key: TOPOLOGY, value: replica_set} - - {key: AUTH, value: auth} - - func: install dependencies - - func: bootstrap mongo-orchestration - - func: bootstrap kms servers - - func: run tests - - name: test-3.6-sharded_cluster - tags: - - '3.6' - - sharded_cluster - commands: - - command: expansions.update - type: setup - params: - updates: - - {key: NPM_VERSION, value: '9'} - - {key: VERSION, value: '3.6'} - - {key: TOPOLOGY, value: sharded_cluster} - - {key: AUTH, value: auth} - - func: install dependencies - - func: bootstrap mongo-orchestration - - func: bootstrap kms servers - - func: run tests - name: test-latest-server-v1-api tags: - latest @@ -4081,60 +4030,6 @@ tasks: - func: bootstrap mongo-orchestration - func: bootstrap kms servers - func: run tests - - name: test-3.6-server-noauth - tags: - - '3.6' - - server - - noauth - commands: - - command: expansions.update - type: setup - params: - updates: - - {key: NPM_VERSION, value: '9'} - - {key: VERSION, value: '3.6'} - - {key: TOPOLOGY, value: server} - - {key: AUTH, value: noauth} - - func: install dependencies - - func: bootstrap mongo-orchestration - - func: bootstrap kms servers - - func: run tests - - name: test-3.6-replica_set-noauth - tags: - - '3.6' - - replica_set - - noauth - commands: - - command: expansions.update - type: setup - params: - updates: - - {key: NPM_VERSION, value: '9'} - - {key: VERSION, value: '3.6'} - - {key: TOPOLOGY, value: replica_set} - - {key: AUTH, value: noauth} - - func: install dependencies - - func: bootstrap mongo-orchestration - - func: bootstrap kms servers - - func: run tests - - name: test-3.6-sharded_cluster-noauth - tags: - - '3.6' - - sharded_cluster - - noauth - commands: - - command: expansions.update - type: setup - params: - updates: - - {key: NPM_VERSION, value: '9'} - - {key: VERSION, value: '3.6'} - - {key: TOPOLOGY, value: sharded_cluster} - - {key: AUTH, value: noauth} - - func: install dependencies - - func: bootstrap mongo-orchestration - - func: bootstrap kms servers - - func: run tests - name: test-lambda-example tags: - latest @@ -4579,9 +4474,6 @@ buildvariants: - test-4.0-server - test-4.0-replica_set - test-4.0-sharded_cluster - - test-3.6-server - - test-3.6-replica_set - - test-3.6-sharded_cluster - test-latest-server-v1-api - test-x509-authentication - test-atlas-connectivity @@ -4638,9 +4530,6 @@ buildvariants: - test-4.0-server - test-4.0-replica_set - test-4.0-sharded_cluster - - test-3.6-server - - test-3.6-replica_set - - test-3.6-sharded_cluster - test-latest-server-v1-api - test-x509-authentication - test-atlas-connectivity @@ -4697,9 +4586,6 @@ buildvariants: - test-4.0-server - test-4.0-replica_set - test-4.0-sharded_cluster - - test-3.6-server - - test-3.6-replica_set - - test-3.6-sharded_cluster - test-latest-server-v1-api - test-x509-authentication - test-atlas-connectivity @@ -4755,9 +4641,6 @@ buildvariants: - test-4.0-server - test-4.0-replica_set - test-4.0-sharded_cluster - - test-3.6-server - - test-3.6-replica_set - - test-3.6-sharded_cluster - test-latest-server-v1-api - test-x509-authentication - test-atlas-connectivity @@ -4813,9 +4696,6 @@ buildvariants: - test-4.0-server - test-4.0-replica_set - test-4.0-sharded_cluster - - test-3.6-server - - test-3.6-replica_set - - test-3.6-sharded_cluster - test-latest-server-v1-api - test-socks5 - test-socks5-tls @@ -4860,9 +4740,6 @@ buildvariants: - test-4.0-server - test-4.0-replica_set - test-4.0-sharded_cluster - - test-3.6-server - - test-3.6-replica_set - - test-3.6-sharded_cluster - test-latest-server-v1-api - test-socks5 - test-socks5-tls @@ -4907,9 +4784,6 @@ buildvariants: - test-4.0-server - test-4.0-replica_set - test-4.0-sharded_cluster - - test-3.6-server - - test-3.6-replica_set - - test-3.6-sharded_cluster - test-latest-server-v1-api - test-socks5 - test-socks5-tls @@ -5157,9 +5031,6 @@ buildvariants: - test-4.0-server-noauth - test-4.0-replica_set-noauth - test-4.0-sharded_cluster-noauth - - test-3.6-server-noauth - - test-3.6-replica_set-noauth - - test-3.6-sharded_cluster-noauth - name: rhel8-test-lambda display_name: AWS Lambda handler tests run_on: rhel80-large diff --git a/src/cmap/auth/mongo_credentials.ts b/src/cmap/auth/mongo_credentials.ts index 3438886eff6..b97bb2def09 100644 --- a/src/cmap/auth/mongo_credentials.ts +++ b/src/cmap/auth/mongo_credentials.ts @@ -20,15 +20,10 @@ function getDefaultAuthMechanism(hello: Document | null): AuthMechanism { ? AuthMechanism.MONGODB_SCRAM_SHA256 : AuthMechanism.MONGODB_SCRAM_SHA1; } - - // Fallback to legacy selection method. If wire version >= 3, use scram-sha-1 - if (hello.maxWireVersion >= 3) { - return AuthMechanism.MONGODB_SCRAM_SHA1; - } } - // Default for wireprotocol < 3 - return AuthMechanism.MONGODB_CR; + // Default auth mechanism for 4.0 and higher. + return AuthMechanism.MONGODB_SCRAM_SHA256; } const ALLOWED_ENVIRONMENT_NAMES: AuthMechanismProperties['ENVIRONMENT'][] = [ @@ -173,7 +168,6 @@ export class MongoCredentials { validate(): void { if ( (this.mechanism === AuthMechanism.MONGODB_GSSAPI || - this.mechanism === AuthMechanism.MONGODB_CR || this.mechanism === AuthMechanism.MONGODB_PLAIN || this.mechanism === AuthMechanism.MONGODB_SCRAM_SHA1 || this.mechanism === AuthMechanism.MONGODB_SCRAM_SHA256) && diff --git a/src/cmap/auth/mongocr.ts b/src/cmap/auth/mongocr.ts deleted file mode 100644 index acaab721e8d..00000000000 --- a/src/cmap/auth/mongocr.ts +++ /dev/null @@ -1,38 +0,0 @@ -import * as crypto from 'crypto'; - -import { MongoMissingCredentialsError } from '../../error'; -import { ns } from '../../utils'; -import { type AuthContext, AuthProvider } from './auth_provider'; - -export class MongoCR extends AuthProvider { - override async auth(authContext: AuthContext): Promise { - const { connection, credentials } = authContext; - if (!credentials) { - throw new MongoMissingCredentialsError('AuthContext must provide credentials.'); - } - - const { username, password, source } = credentials; - - const { nonce } = await connection.command(ns(`${source}.$cmd`), { getnonce: 1 }, undefined); - - const hashPassword = crypto - .createHash('md5') - .update(`${username}:mongo:${password}`, 'utf8') - .digest('hex'); - - // Final key - const key = crypto - .createHash('md5') - .update(`${nonce}${username}${hashPassword}`, 'utf8') - .digest('hex'); - - const authenticateCommand = { - authenticate: 1, - user: username, - nonce, - key - }; - - await connection.command(ns(`${source}.$cmd`), authenticateCommand, undefined); - } -} diff --git a/src/cmap/auth/providers.ts b/src/cmap/auth/providers.ts index 74e3638ecc5..fe6a57cef37 100644 --- a/src/cmap/auth/providers.ts +++ b/src/cmap/auth/providers.ts @@ -1,7 +1,6 @@ /** @public */ export const AuthMechanism = Object.freeze({ MONGODB_AWS: 'MONGODB-AWS', - MONGODB_CR: 'MONGODB-CR', MONGODB_DEFAULT: 'DEFAULT', MONGODB_GSSAPI: 'GSSAPI', MONGODB_PLAIN: 'PLAIN', diff --git a/src/cmap/wire_protocol/constants.ts b/src/cmap/wire_protocol/constants.ts index 9512993798b..9e85cab13df 100644 --- a/src/cmap/wire_protocol/constants.ts +++ b/src/cmap/wire_protocol/constants.ts @@ -1,6 +1,6 @@ -export const MIN_SUPPORTED_SERVER_VERSION = '3.6'; +export const MIN_SUPPORTED_SERVER_VERSION = '4.0'; export const MAX_SUPPORTED_SERVER_VERSION = '8.0'; -export const MIN_SUPPORTED_WIRE_VERSION = 6; +export const MIN_SUPPORTED_WIRE_VERSION = 7; export const MAX_SUPPORTED_WIRE_VERSION = 25; export const MIN_SUPPORTED_QE_WIRE_VERSION = 21; export const MIN_SUPPORTED_QE_SERVER_VERSION = '7.0'; diff --git a/src/mongo_client_auth_providers.ts b/src/mongo_client_auth_providers.ts index 7b2b66698dc..d4955e5c88d 100644 --- a/src/mongo_client_auth_providers.ts +++ b/src/mongo_client_auth_providers.ts @@ -1,7 +1,6 @@ import { type AuthProvider } from './cmap/auth/auth_provider'; import { GSSAPI } from './cmap/auth/gssapi'; import { type AuthMechanismProperties } from './cmap/auth/mongo_credentials'; -import { MongoCR } from './cmap/auth/mongocr'; import { MongoDBAWS } from './cmap/auth/mongodb_aws'; import { MongoDBOIDC, OIDC_WORKFLOWS, type Workflow } from './cmap/auth/mongodb_oidc'; import { AutomatedCallbackWorkflow } from './cmap/auth/mongodb_oidc/automated_callback_workflow'; @@ -16,7 +15,6 @@ import { MongoInvalidArgumentError } from './error'; /** @internal */ const AUTH_PROVIDERS = new Map AuthProvider>([ [AuthMechanism.MONGODB_AWS, () => new MongoDBAWS()], - [AuthMechanism.MONGODB_CR, () => new MongoCR()], [AuthMechanism.MONGODB_GSSAPI, () => new GSSAPI()], [AuthMechanism.MONGODB_OIDC, (workflow?: Workflow) => new MongoDBOIDC(workflow)], [AuthMechanism.MONGODB_PLAIN, () => new Plain()], diff --git a/test/mongodb.ts b/test/mongodb.ts index 887c65d2774..1a1e6f8e5a5 100644 --- a/test/mongodb.ts +++ b/test/mongodb.ts @@ -104,7 +104,6 @@ export * from '../src/cmap/auth/auth_provider'; export * from '../src/cmap/auth/aws_temporary_credentials'; export * from '../src/cmap/auth/gssapi'; export * from '../src/cmap/auth/mongo_credentials'; -export * from '../src/cmap/auth/mongocr'; export * from '../src/cmap/auth/mongodb_aws'; export * from '../src/cmap/auth/mongodb_oidc'; export * from '../src/cmap/auth/mongodb_oidc/azure_machine_workflow'; diff --git a/test/spec/auth/legacy/connection-string.json b/test/spec/auth/legacy/connection-string.json index 5b54e2aadd2..67aafbff6ee 100644 --- a/test/spec/auth/legacy/connection-string.json +++ b/test/spec/auth/legacy/connection-string.json @@ -163,47 +163,6 @@ "uri": "mongodb://localhost/?authMechanism=GSSAPI", "valid": false }, - { - "description": "should recognize the mechanism (MONGODB-CR)", - "uri": "mongodb://user:password@localhost/?authMechanism=MONGODB-CR", - "valid": true, - "credential": { - "username": "user", - "password": "password", - "source": "admin", - "mechanism": "MONGODB-CR", - "mechanism_properties": null - } - }, - { - "description": "should use the database when no authSource is specified (MONGODB-CR)", - "uri": "mongodb://user:password@localhost/foo?authMechanism=MONGODB-CR", - "valid": true, - "credential": { - "username": "user", - "password": "password", - "source": "foo", - "mechanism": "MONGODB-CR", - "mechanism_properties": null - } - }, - { - "description": "should use the authSource when specified (MONGODB-CR)", - "uri": "mongodb://user:password@localhost/foo?authMechanism=MONGODB-CR&authSource=bar", - "valid": true, - "credential": { - "username": "user", - "password": "password", - "source": "bar", - "mechanism": "MONGODB-CR", - "mechanism_properties": null - } - }, - { - "description": "should throw an exception if no username is supplied (MONGODB-CR)", - "uri": "mongodb://localhost/?authMechanism=MONGODB-CR", - "valid": false - }, { "description": "should recognize the mechanism (MONGODB-X509)", "uri": "mongodb://CN%3DmyName%2COU%3DmyOrgUnit%2CO%3DmyOrg%2CL%3DmyLocality%2CST%3DmyState%2CC%3DmyCountry@localhost/?authMechanism=MONGODB-X509", @@ -517,7 +476,7 @@ }, { "description": "should throw an exception if username is specified for test (MONGODB-OIDC)", - "uri": "mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC&ENVIRONMENT:test", + "uri": "mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:test", "valid": false, "credential": null }, @@ -669,4 +628,4 @@ "credential": null } ] -} \ No newline at end of file +} diff --git a/test/spec/auth/legacy/connection-string.yml b/test/spec/auth/legacy/connection-string.yml index a9651133959..ded258f29dd 100644 --- a/test/spec/auth/legacy/connection-string.yml +++ b/test/spec/auth/legacy/connection-string.yml @@ -116,36 +116,6 @@ tests: - description: should throw an exception if no username (GSSAPI) uri: mongodb://localhost/?authMechanism=GSSAPI valid: false -- description: should recognize the mechanism (MONGODB-CR) - uri: mongodb://user:password@localhost/?authMechanism=MONGODB-CR - valid: true - credential: - username: user - password: password - source: admin - mechanism: MONGODB-CR - mechanism_properties: -- description: should use the database when no authSource is specified (MONGODB-CR) - uri: mongodb://user:password@localhost/foo?authMechanism=MONGODB-CR - valid: true - credential: - username: user - password: password - source: foo - mechanism: MONGODB-CR - mechanism_properties: -- description: should use the authSource when specified (MONGODB-CR) - uri: mongodb://user:password@localhost/foo?authMechanism=MONGODB-CR&authSource=bar - valid: true - credential: - username: user - password: password - source: bar - mechanism: MONGODB-CR - mechanism_properties: -- description: should throw an exception if no username is supplied (MONGODB-CR) - uri: mongodb://localhost/?authMechanism=MONGODB-CR - valid: false - description: should recognize the mechanism (MONGODB-X509) uri: mongodb://CN%3DmyName%2COU%3DmyOrgUnit%2CO%3DmyOrg%2CL%3DmyLocality%2CST%3DmyState%2CC%3DmyCountry@localhost/?authMechanism=MONGODB-X509 valid: true @@ -375,7 +345,7 @@ tests: valid: false credential: - description: should throw an exception if username is specified for test (MONGODB-OIDC) - uri: mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC&ENVIRONMENT:test + uri: mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:test valid: false credential: - description: should throw an exception if specified environment is not supported (MONGODB-OIDC) diff --git a/test/spec/connection-string/README.md b/test/spec/connection-string/README.md new file mode 100644 index 00000000000..55469cfbbe9 --- /dev/null +++ b/test/spec/connection-string/README.md @@ -0,0 +1,55 @@ +# Connection String Tests + +The YAML and JSON files in this directory tree are platform-independent tests that drivers can use to prove their +conformance to the Connection String Spec. + +As the spec is primarily concerned with parsing the parts of a URI, these tests do not focus on host and option +validation. Where necessary, the tests use options known to be (un)supported by drivers to assert behavior such as +issuing a warning on repeated option keys. As such these YAML tests are in no way a replacement for more thorough +testing. However, they can provide an initial verification of your implementation. + +## Version + +Files in the "specifications" repository have no version scheme. They are not tied to a MongoDB server version. + +## Format + +Each YAML file contains an object with a single `tests` key. This key is an array of test case objects, each of which +have the following keys: + +- `description`: A string describing the test. +- `uri`: A string containing the URI to be parsed. +- `valid:` A boolean indicating if the URI should be considered valid. +- `warning:` A boolean indicating whether URI parsing should emit a warning (independent of whether or not the URI is + valid). +- `hosts`: An array of host objects, each of which have the following keys: + - `type`: A string denoting the type of host. Possible values are "ipv4", "ip_literal", "hostname", and "unix". + Asserting the type is *optional*. + - `host`: A string containing the parsed host. + - `port`: An integer containing the parsed port number. +- `auth`: An object containing the following keys: + - `username`: A string containing the parsed username. For auth mechanisms that do not utilize a password, this may be + the entire `userinfo` token (as discussed in [RFC 2396](https://www.ietf.org/rfc/rfc2396.txt)). + - `password`: A string containing the parsed password. + - `db`: A string containing the parsed authentication database. For legacy implementations that support namespaces + (databases and collections) this may be the full namespace eg: `.` +- `options`: An object containing key/value pairs for each parsed query string option. + +If a test case includes a null value for one of these keys (e.g. `auth: ~`, `port: ~`), no assertion is necessary. This +both simplifies parsing of the test files (keys should always exist) and allows flexibility for drivers that might +substitute default values *during* parsing (e.g. omitted `port` could be parsed as 27017). + +The `valid` and `warning` fields are boolean in order to keep the tests flexible. We are not concerned with asserting +the format of specific error or warnings messages strings. + +### Use as unit tests + +Testing whether a URI is valid or not should simply be a matter of checking whether URI parsing (or MongoClient +construction) raises an error or exception. Testing for emitted warnings may require more legwork (e.g. configuring a +log handler and watching for output). + +Not all drivers may be able to directly assert the hosts, auth credentials, and options. Doing so may require exposing +the driver's URI parsing component. + +The file `valid-db-with-dotted-name.yml` is a special case for testing drivers that allow dotted namespaces, instead of +only database names, in the Auth Database portion of the URI. diff --git a/test/spec/connection-string/invalid-uris.yml b/test/spec/connection-string/invalid-uris.yml index 79e110c79db..dd4d4ce31cd 100644 --- a/test/spec/connection-string/invalid-uris.yml +++ b/test/spec/connection-string/invalid-uris.yml @@ -249,5 +249,3 @@ tests: hosts: ~ auth: ~ options: ~ - - diff --git a/test/spec/connection-string/valid-auth.json b/test/spec/connection-string/valid-auth.json index 176a54a096a..60f63f4e3fd 100644 --- a/test/spec/connection-string/valid-auth.json +++ b/test/spec/connection-string/valid-auth.json @@ -220,29 +220,8 @@ "options": null }, { - "description": "Escaped user info and database (MONGODB-CR)", - "uri": "mongodb://%24am:f%3Azzb%40z%2Fz%3D@127.0.0.1/admin%3F?authMechanism=MONGODB-CR", - "valid": true, - "warning": false, - "hosts": [ - { - "type": "ipv4", - "host": "127.0.0.1", - "port": null - } - ], - "auth": { - "username": "$am", - "password": "f:zzb@z/z=", - "db": "admin?" - }, - "options": { - "authmechanism": "MONGODB-CR" - } - }, - { - "description": "Subdelimiters in user/pass don't need escaping (MONGODB-CR)", - "uri": "mongodb://!$&'()*+,;=:!$&'()*+,;=@127.0.0.1/admin?authMechanism=MONGODB-CR", + "description": "Subdelimiters in user/pass don't need escaping (PLAIN)", + "uri": "mongodb://!$&'()*+,;=:!$&'()*+,;=@127.0.0.1/admin?authMechanism=PLAIN", "valid": true, "warning": false, "hosts": [ @@ -258,7 +237,7 @@ "db": "admin" }, "options": { - "authmechanism": "MONGODB-CR" + "authmechanism": "PLAIN" } }, { diff --git a/test/spec/connection-string/valid-auth.yml b/test/spec/connection-string/valid-auth.yml index f40c748fa62..02ed2874282 100644 --- a/test/spec/connection-string/valid-auth.yml +++ b/test/spec/connection-string/valid-auth.yml @@ -173,24 +173,8 @@ tests: db: "my=db" options: ~ - - description: "Escaped user info and database (MONGODB-CR)" - uri: "mongodb://%24am:f%3Azzb%40z%2Fz%3D@127.0.0.1/admin%3F?authMechanism=MONGODB-CR" - valid: true - warning: false - hosts: - - - type: "ipv4" - host: "127.0.0.1" - port: ~ - auth: - username: "$am" - password: "f:zzb@z/z=" - db: "admin?" - options: - authmechanism: "MONGODB-CR" - - - description: "Subdelimiters in user/pass don't need escaping (MONGODB-CR)" - uri: "mongodb://!$&'()*+,;=:!$&'()*+,;=@127.0.0.1/admin?authMechanism=MONGODB-CR" + description: "Subdelimiters in user/pass don't need escaping (PLAIN)" + uri: "mongodb://!$&'()*+,;=:!$&'()*+,;=@127.0.0.1/admin?authMechanism=PLAIN" valid: true warning: false hosts: @@ -203,7 +187,7 @@ tests: password: "!$&'()*+,;=" db: "admin" options: - authmechanism: "MONGODB-CR" + authmechanism: "PLAIN" - description: "Escaped username (MONGODB-X509)" uri: "mongodb://CN%3DmyName%2COU%3DmyOrgUnit%2CO%3DmyOrg%2CL%3DmyLocality%2CST%3DmyState%2CC%3DmyCountry@localhost/?authMechanism=MONGODB-X509" diff --git a/test/spec/connection-string/valid-options.json b/test/spec/connection-string/valid-options.json index 01bc2264bba..6c86172d08b 100644 --- a/test/spec/connection-string/valid-options.json +++ b/test/spec/connection-string/valid-options.json @@ -2,7 +2,7 @@ "tests": [ { "description": "Option names are normalized to lowercase", - "uri": "mongodb://alice:secret@example.com/admin?AUTHMechanism=MONGODB-CR", + "uri": "mongodb://alice:secret@example.com/admin?AUTHMechanism=PLAIN", "valid": true, "warning": false, "hosts": [ @@ -18,7 +18,7 @@ "db": "admin" }, "options": { - "authmechanism": "MONGODB-CR" + "authmechanism": "PLAIN" } }, { @@ -37,6 +37,25 @@ "options": { "tls": true } + }, + { + "description": "Colon in a key value pair", + "uri": "mongodb://example.com/?authMechanism=MONGODB-OIDC&authMechanismProperties=TOKEN_RESOURCE:mongodb://test-cluster", + "valid": true, + "warning": false, + "hosts": [ + { + "type": "hostname", + "host": "example.com", + "port": null + } + ], + "auth": null, + "options": { + "authmechanismProperties": { + "TOKEN_RESOURCE": "mongodb://test-cluster" + } + } } ] } diff --git a/test/spec/connection-string/valid-options.yml b/test/spec/connection-string/valid-options.yml index 8cb0dea3a6e..86523c7f39e 100644 --- a/test/spec/connection-string/valid-options.yml +++ b/test/spec/connection-string/valid-options.yml @@ -1,7 +1,7 @@ tests: - description: "Option names are normalized to lowercase" - uri: "mongodb://alice:secret@example.com/admin?AUTHMechanism=MONGODB-CR" + uri: "mongodb://alice:secret@example.com/admin?AUTHMechanism=PLAIN" valid: true warning: false hosts: @@ -14,7 +14,7 @@ tests: password: "secret" db: "admin" options: - authmechanism: "MONGODB-CR" + authmechanism: "PLAIN" - description: "Missing delimiting slash between hosts and options" uri: "mongodb://example.com?tls=true" @@ -28,3 +28,17 @@ tests: auth: ~ options: tls: true + - + description: Colon in a key value pair + uri: mongodb://example.com/?authMechanism=MONGODB-OIDC&authMechanismProperties=TOKEN_RESOURCE:mongodb://test-cluster + valid: true + warning: false + hosts: + - + type: hostname + host: example.com + port: ~ + auth: ~ + options: + authmechanismProperties: + TOKEN_RESOURCE: 'mongodb://test-cluster' \ No newline at end of file diff --git a/test/spec/connection-string/valid-warnings.json b/test/spec/connection-string/valid-warnings.json index 1eacbf8fcb1..f0e8288bc73 100644 --- a/test/spec/connection-string/valid-warnings.json +++ b/test/spec/connection-string/valid-warnings.json @@ -93,6 +93,21 @@ ], "auth": null, "options": null + }, + { + "description": "Comma in a key value pair causes a warning", + "uri": "mongodb://localhost?authMechanism=MONGODB-OIDC&authMechanismProperties=TOKEN_RESOURCE:mongodb://host1%2Chost2", + "valid": true, + "warning": true, + "hosts": [ + { + "type": "hostname", + "host": "localhost", + "port": null + } + ], + "auth": null, + "options": null } ] } diff --git a/test/spec/connection-string/valid-warnings.yml b/test/spec/connection-string/valid-warnings.yml index ea9cc9d1ed7..bdc64c59169 100644 --- a/test/spec/connection-string/valid-warnings.yml +++ b/test/spec/connection-string/valid-warnings.yml @@ -73,3 +73,15 @@ tests: port: ~ auth: ~ options: ~ + - + description: Comma in a key value pair causes a warning + uri: mongodb://localhost?authMechanism=MONGODB-OIDC&authMechanismProperties=TOKEN_RESOURCE:mongodb://host1%2Chost2 + valid: true + warning: true + hosts: + - + type: "hostname" + host: "localhost" + port: ~ + auth: ~ + options: ~ diff --git a/test/spec/server-discovery-and-monitoring/rs/compatible.json b/test/spec/server-discovery-and-monitoring/rs/compatible.json index 444b13e9d57..dfd5d57dfab 100644 --- a/test/spec/server-discovery-and-monitoring/rs/compatible.json +++ b/test/spec/server-discovery-and-monitoring/rs/compatible.json @@ -16,7 +16,7 @@ "b:27017" ], "minWireVersion": 0, - "maxWireVersion": 6 + "maxWireVersion": 21 } ], [ diff --git a/test/spec/server-discovery-and-monitoring/rs/compatible.yml b/test/spec/server-discovery-and-monitoring/rs/compatible.yml index 8b5d9f456ab..ce17d7e3027 100644 --- a/test/spec/server-discovery-and-monitoring/rs/compatible.yml +++ b/test/spec/server-discovery-and-monitoring/rs/compatible.yml @@ -12,7 +12,7 @@ phases: [ setName: "rs", hosts: ["a:27017", "b:27017"], minWireVersion: 0, - maxWireVersion: 6 + maxWireVersion: 21 }], ["b:27017", { ok: 1, diff --git a/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.json b/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.json index cf92dd1ed35..95e03ea958e 100644 --- a/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.json +++ b/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.json @@ -16,7 +16,7 @@ "b:27017" ], "minWireVersion": 0, - "maxWireVersion": 6 + "maxWireVersion": 21 } ] ], diff --git a/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.yml b/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.yml index 643e8498191..ed97ab31ac5 100644 --- a/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.yml +++ b/test/spec/server-discovery-and-monitoring/rs/compatible_unknown.yml @@ -12,7 +12,7 @@ phases: [ setName: "rs", hosts: ["a:27017", "b:27017"], minWireVersion: 0, - maxWireVersion: 6 + maxWireVersion: 21 }], ], outcome: { diff --git a/test/spec/server-discovery-and-monitoring/sharded/compatible.json b/test/spec/server-discovery-and-monitoring/sharded/compatible.json index e531db97f9f..ceb0ec24c4c 100644 --- a/test/spec/server-discovery-and-monitoring/sharded/compatible.json +++ b/test/spec/server-discovery-and-monitoring/sharded/compatible.json @@ -23,7 +23,7 @@ "isWritablePrimary": true, "msg": "isdbgrid", "minWireVersion": 0, - "maxWireVersion": 6 + "maxWireVersion": 21 } ] ], diff --git a/test/spec/server-discovery-and-monitoring/sharded/compatible.yml b/test/spec/server-discovery-and-monitoring/sharded/compatible.yml index 06d5182a5cf..20519089f50 100644 --- a/test/spec/server-discovery-and-monitoring/sharded/compatible.yml +++ b/test/spec/server-discovery-and-monitoring/sharded/compatible.yml @@ -17,7 +17,7 @@ phases: [ isWritablePrimary: true, msg: "isdbgrid", minWireVersion: 0, - maxWireVersion: 6 + maxWireVersion: 21 }] ], outcome: { diff --git a/test/spec/server-discovery-and-monitoring/single/compatible.json b/test/spec/server-discovery-and-monitoring/single/compatible.json index 302927598ca..493d9b748e6 100644 --- a/test/spec/server-discovery-and-monitoring/single/compatible.json +++ b/test/spec/server-discovery-and-monitoring/single/compatible.json @@ -11,7 +11,7 @@ "helloOk": true, "isWritablePrimary": true, "minWireVersion": 0, - "maxWireVersion": 6 + "maxWireVersion": 21 } ] ], diff --git a/test/spec/server-discovery-and-monitoring/single/compatible.yml b/test/spec/server-discovery-and-monitoring/single/compatible.yml index b84c1388c3c..e183c7127d1 100644 --- a/test/spec/server-discovery-and-monitoring/single/compatible.yml +++ b/test/spec/server-discovery-and-monitoring/single/compatible.yml @@ -8,7 +8,7 @@ phases: [ helloOk: true, isWritablePrimary: true, minWireVersion: 0, - maxWireVersion: 6 + maxWireVersion: 21 }] ], outcome: { diff --git a/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.json b/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.json index 58ae7d9de40..c3dd98cf62e 100644 --- a/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.json +++ b/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.json @@ -1,5 +1,5 @@ { - "description": "Standalone with default maxWireVersion of 0 is upgraded to one with maxWireVersion 6", + "description": "Standalone with default maxWireVersion of 0 is upgraded to one with maxWireVersion 21", "uri": "mongodb://a", "phases": [ { @@ -35,7 +35,7 @@ "helloOk": true, "isWritablePrimary": true, "minWireVersion": 0, - "maxWireVersion": 6 + "maxWireVersion": 21 } ] ], diff --git a/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.yml b/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.yml index aed6bae6e05..87b72b90002 100644 --- a/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.yml +++ b/test/spec/server-discovery-and-monitoring/single/too_old_then_upgraded.yml @@ -1,4 +1,4 @@ -description: "Standalone with default maxWireVersion of 0 is upgraded to one with maxWireVersion 6" +description: "Standalone with default maxWireVersion of 0 is upgraded to one with maxWireVersion 21" uri: "mongodb://a" phases: [ { @@ -29,7 +29,7 @@ phases: [ helloOk: true, isWritablePrimary: true, minWireVersion: 0, - maxWireVersion: 6 + maxWireVersion: 21 }] ], outcome: { diff --git a/test/tools/mongodb-mock/index.js b/test/tools/mongodb-mock/index.js index f4fb35625e7..bffb4748363 100644 --- a/test/tools/mongodb-mock/index.js +++ b/test/tools/mongodb-mock/index.js @@ -17,8 +17,8 @@ const DEFAULT_HELLO = { ok: 1 }; -const DEFAULT_HELLO_36 = Object.assign({}, DEFAULT_HELLO, { - maxWireVersion: 6, +const DEFAULT_HELLO_40 = Object.assign({}, DEFAULT_HELLO, { + maxWireVersion: 7, logicalSessionTimeoutMinutes: 10 }); @@ -92,5 +92,5 @@ function cleanup(spy, callback) { module.exports = { createServer, cleanup, - HELLO: DEFAULT_HELLO_36 + HELLO: DEFAULT_HELLO_40 }; diff --git a/test/unit/cmap/wire_protocol/constants.test.ts b/test/unit/cmap/wire_protocol/constants.test.ts index 81fb1e81063..41445944bc4 100644 --- a/test/unit/cmap/wire_protocol/constants.test.ts +++ b/test/unit/cmap/wire_protocol/constants.test.ts @@ -9,8 +9,8 @@ import { describe('Wire Protocol Constants', function () { describe('MIN_SUPPORTED_SERVER_VERSION', function () { - it('returns 3.6', function () { - expect(MIN_SUPPORTED_SERVER_VERSION).to.equal('3.6'); + it('returns 4.0', function () { + expect(MIN_SUPPORTED_SERVER_VERSION).to.equal('4.0'); }); }); @@ -21,8 +21,8 @@ describe('Wire Protocol Constants', function () { }); describe('MIN_SUPPORTED_WIRE_VERSION', function () { - it('returns 6', function () { - expect(MIN_SUPPORTED_WIRE_VERSION).to.equal(6); + it('returns 7', function () { + expect(MIN_SUPPORTED_WIRE_VERSION).to.equal(7); }); });