DRIVERS-2672 Add OIDC machine workflow spec. #1471
Conversation
matthewdale
force-pushed
the
drivers2672-oidc-machine
branch
from
f805caf
to
246d124
Compare
matthewdale
requested review from
alcaeus and
JamesKovacs
and removed request for
a team
|
@alcaeus Added an invalid test for the type of |
Co-authored-by: Jeff Yemin <jeff.yemin@mongodb.com>
…ional PR feedback.
| (MONGODB-OIDC) | ||
| uri: mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:unexisted | ||
| - description: should throw an exception custom callback is chosen but no callback is provided (MONGODB-OIDC) | ||
| uri: mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:custom |
There was a problem hiding this comment.
I suppose "custom" is not allowed value for PROVIDER_NAME. As far as I remember there is only "aws" allowed so far.
There was a problem hiding this comment.
You're right, that test is vestigial from an earlier version of the spec. I've removed this test case because it's no longer relevant.
| uri: mongodb://localhost/?authMechanism=MONGODB-OIDC | ||
| PROVIDER_NAME: aws | ||
| - description: should ignore username and password if specified for aws provider (MONGODB-OIDC) | ||
| uri: mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=PROVIDER_NAME:aws |
There was a problem hiding this comment.
PROVIDER_NAME and callbacks are mutual exclusive. Callback parameter probably has to be removed from this test.
There was a problem hiding this comment.
You're correct. The callback legacy test case parameter was never documented and is not supported by most drivers, so I intended to remove it from all test cases here, but accidentally left that one in. I've updated that test case to assert that providing a password causes a validation error, which matches the spec.
…a fields in prose tests.
|
|
||
| - Create a ``MongoClient`` configured with an OIDC callback and auth mechanism | ||
| property ``PROVIDER_NAME:aws``. | ||
| - Assert it returns a client configuration error. |
There was a problem hiding this comment.
This prose test is already covered by the unified connection string tests above. Isn't this an unnecessary duplicate?
There was a problem hiding this comment.
The updated Auth connection string tests don't support passing an OIDC callback, so I believe this prose test covers a case that the Auth connection string tests can't. The previous Auth connection string OIDC tests did include a "callback" param, but it was not documented in the test format README, was only implemented in 1 or 2 drivers, and was confusing with the updated OIDC callback API, so I decided to replace it with a prose test instead.
DRIVERS-2672
Please complete the following before merging: