fix: make auth providers non singletons

mongodb · Dec 21, 2023 · e67a221 · e67a221
1 parent 58a3034
commit e67a221
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 32 deletions.
diff --git a/src/cmap/auth/mongodb_oidc/azure_machine_workflow.ts b/src/cmap/auth/mongodb_oidc/azure_machine_workflow.ts
@@ -52,7 +52,6 @@ export class AzureMachineWorkflow extends MachineWorkflow {
     } else {
       this.cache.deleteEntry(tokenAudience);
       const response = await getAzureTokenData(tokenAudience, tokenClientId);
-      console.log(response);
       if (!isEndpointResultValid(response)) {
         throw new MongoAzureError(ENDPOINT_RESULT_ERROR);
       }

diff --git a/src/cmap/connect.ts b/src/cmap/connect.ts
@@ -41,16 +41,28 @@ import {
 } from './wire_protocol/constants';
 
 /** @internal */
-export const AUTH_PROVIDERS = new Map<AuthMechanism | string, AuthProvider>([
-  [AuthMechanism.MONGODB_AWS, new MongoDBAWS()],
-  [AuthMechanism.MONGODB_CR, new MongoCR()],
-  [AuthMechanism.MONGODB_GSSAPI, new GSSAPI()],
-  [AuthMechanism.MONGODB_OIDC, new MongoDBOIDC()],
-  [AuthMechanism.MONGODB_PLAIN, new Plain()],
-  [AuthMechanism.MONGODB_SCRAM_SHA1, new ScramSHA1()],
-  [AuthMechanism.MONGODB_SCRAM_SHA256, new ScramSHA256()],
-  [AuthMechanism.MONGODB_X509, new X509()]
-]);
+export function getAuthProvider(name: AuthMechanism | string): AuthProvider {
+  switch (name) {
+    case AuthMechanism.MONGODB_AWS:
+      return new MongoDBAWS();
+    case AuthMechanism.MONGODB_CR:
+      return new MongoCR();
+    case AuthMechanism.MONGODB_GSSAPI:
+      return new GSSAPI();
+    case AuthMechanism.MONGODB_OIDC:
+      return new MongoDBOIDC();
+    case AuthMechanism.MONGODB_PLAIN:
+      return new Plain();
+    case AuthMechanism.MONGODB_SCRAM_SHA1:
+      return new ScramSHA1();
+    case AuthMechanism.MONGODB_SCRAM_SHA256:
+      return new ScramSHA256();
+    case AuthMechanism.MONGODB_X509:
+      return new X509();
+    default:
+      throw new MongoInvalidArgumentError(`No auth provider found for type ${name}`);
+  }
+}
 
 /** @public */
 export type Stream = Socket | TLSSocket;
@@ -109,15 +121,6 @@ async function performInitialHandshake(
 ): Promise<void> {
   const credentials = options.credentials;
 
-  if (credentials) {
-    if (
-      !(credentials.mechanism === AuthMechanism.MONGODB_DEFAULT) &&
-      !AUTH_PROVIDERS.get(credentials.mechanism)
-    ) {
-      throw new MongoInvalidArgumentError(`AuthMechanism '${credentials.mechanism}' not supported`);
-    }
-  }
-
   const authContext = new AuthContext(conn, credentials, options);
   conn.authContext = authContext;
 
@@ -167,7 +170,7 @@ async function performInitialHandshake(
     authContext.response = response;
 
     const resolvedCredentials = credentials.resolveAuthMechanism(response);
-    const provider = AUTH_PROVIDERS.get(resolvedCredentials.mechanism);
+    const provider = getAuthProvider(resolvedCredentials.mechanism);
     if (!provider) {
       throw new MongoInvalidArgumentError(
         `No AuthProvider for ${resolvedCredentials.mechanism} defined.`
@@ -229,16 +232,10 @@ export async function prepareHandshakeDocument(
     if (credentials.mechanism === AuthMechanism.MONGODB_DEFAULT && credentials.username) {
       handshakeDoc.saslSupportedMechs = `${credentials.source}.${credentials.username}`;
 
-      const provider = AUTH_PROVIDERS.get(AuthMechanism.MONGODB_SCRAM_SHA256);
-      if (!provider) {
-        // This auth mechanism is always present.
-        throw new MongoInvalidArgumentError(
-          `No AuthProvider for ${AuthMechanism.MONGODB_SCRAM_SHA256} defined.`
-        );
-      }
+      const provider = getAuthProvider(AuthMechanism.MONGODB_SCRAM_SHA256);
       return provider.prepare(handshakeDoc, authContext);
     }
-    const provider = AUTH_PROVIDERS.get(credentials.mechanism);
+    const provider = getAuthProvider(credentials.mechanism);
     if (!provider) {
       throw new MongoInvalidArgumentError(`No AuthProvider for ${credentials.mechanism} defined.`);
     }

diff --git a/src/cmap/connection_pool.ts b/src/cmap/connection_pool.ts
@@ -28,7 +28,7 @@ import {
 import { CancellationToken, TypedEventEmitter } from '../mongo_types';
 import type { Server } from '../sdam/server';
 import { type Callback, eachAsync, List, makeCounter, TimeoutController } from '../utils';
-import { AUTH_PROVIDERS, connect } from './connect';
+import { connect, getAuthProvider } from './connect';
 import { Connection, type ConnectionEvents, type ConnectionOptions } from './connection';
 import {
   ConnectionCheckedInEvent,
@@ -622,7 +622,8 @@ export class ConnectionPool extends TypedEventEmitter<ConnectionPoolEvents> {
       );
     }
     const resolvedCredentials = credentials.resolveAuthMechanism(connection.hello);
-    const provider = AUTH_PROVIDERS.get(resolvedCredentials.mechanism);
+    // TODO: Use existing auth provider.
+    const provider = getAuthProvider(resolvedCredentials.mechanism);
     if (!provider) {
       return callback(
         new MongoMissingCredentialsError(
@@ -639,7 +640,7 @@ export class ConnectionPool extends TypedEventEmitter<ConnectionPoolEvents> {
           callback(undefined, fnResult);
         });
       },
-      error => callback(error)
+      (error: AnyError | undefined) => callback(error)
     );
   }