go/bson
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bson/testdata/auth/connection-string.json
Francesco Bellini 4b4cceb81c Initial commit
2025-03-17 20:58:26 +01:00

652 lines
23 KiB
JSON
Raw Permalink Blame History

{
"tests": [
{
"description": "should use the default source and mechanism",
"uri": "mongodb://user:password@localhost",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "admin",
"mechanism": null,
"mechanism_properties": null
}
},
{
"description": "should use the database when no authSource is specified",
"uri": "mongodb://user:password@localhost/foo",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "foo",
"mechanism": null,
"mechanism_properties": null
}
},
{
"description": "should use the authSource when specified",
"uri": "mongodb://user:password@localhost/foo?authSource=bar",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "bar",
"mechanism": null,
"mechanism_properties": null
}
},
{
"description": "should recognise the mechanism (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM@localhost/?authMechanism=GSSAPI",
"valid": true,
"credential": {
"username": "user@DOMAIN.COM",
"password": null,
"source": "$external",
"mechanism": "GSSAPI",
"mechanism_properties": {
"SERVICE_NAME": "mongodb"
}
}
},
{
"description": "should ignore the database (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM@localhost/foo?authMechanism=GSSAPI",
"valid": true,
"credential": {
"username": "user@DOMAIN.COM",
"password": null,
"source": "$external",
"mechanism": "GSSAPI",
"mechanism_properties": {
"SERVICE_NAME": "mongodb"
}
}
},
{
"description": "should accept valid authSource (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM@localhost/?authMechanism=GSSAPI&authSource=$external",
"valid": true,
"credential": {
"username": "user@DOMAIN.COM",
"password": null,
"source": "$external",
"mechanism": "GSSAPI",
"mechanism_properties": {
"SERVICE_NAME": "mongodb"
}
}
},
{
"description": "should accept generic mechanism property (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM@localhost/?authMechanism=GSSAPI&authMechanismProperties=SERVICE_NAME:other,CANONICALIZE_HOST_NAME:forward,SERVICE_HOST:example.com",
"valid": true,
"credential": {
"username": "user@DOMAIN.COM",
"password": null,
"source": "$external",
"mechanism": "GSSAPI",
"mechanism_properties": {
"SERVICE_NAME": "other",
"SERVICE_HOST": "example.com",
"CANONICALIZE_HOST_NAME": "forward"
}
}
},
{
"description": "should accept forwardAndReverse hostname canonicalization (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM@localhost/?authMechanism=GSSAPI&authMechanismProperties=SERVICE_NAME:other,CANONICALIZE_HOST_NAME:forwardAndReverse",
"valid": true,
"credential": {
"username": "user@DOMAIN.COM",
"password": null,
"source": "$external",
"mechanism": "GSSAPI",
"mechanism_properties": {
"SERVICE_NAME": "other",
"CANONICALIZE_HOST_NAME": "forwardAndReverse"
}
}
},
{
"description": "should accept no hostname canonicalization (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM@localhost/?authMechanism=GSSAPI&authMechanismProperties=SERVICE_NAME:other,CANONICALIZE_HOST_NAME:none",
"valid": true,
"credential": {
"username": "user@DOMAIN.COM",
"password": null,
"source": "$external",
"mechanism": "GSSAPI",
"mechanism_properties": {
"SERVICE_NAME": "other",
"CANONICALIZE_HOST_NAME": "none"
}
}
},
{
"description": "must raise an error when the hostname canonicalization is invalid",
"uri": "mongodb://user%40DOMAIN.COM@localhost/?authMechanism=GSSAPI&authMechanismProperties=SERVICE_NAME:other,CANONICALIZE_HOST_NAME:invalid",
"valid": false
},
{
"description": "should accept the password (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM:password@localhost/?authMechanism=GSSAPI&authSource=$external",
"valid": true,
"credential": {
"username": "user@DOMAIN.COM",
"password": "password",
"source": "$external",
"mechanism": "GSSAPI",
"mechanism_properties": {
"SERVICE_NAME": "mongodb"
}
}
},
{
"description": "must raise an error when the authSource is empty",
"uri": "mongodb://user:password@localhost/foo?authSource=",
"valid": false
},
{
"description": "must raise an error when the authSource is empty without credentials",
"uri": "mongodb://localhost/admin?authSource=",
"valid": false
},
{
"description": "should throw an exception if authSource is invalid (GSSAPI)",
"uri": "mongodb://user%40DOMAIN.COM@localhost/?authMechanism=GSSAPI&authSource=foo",
"valid": false
},
{
"description": "should throw an exception if no username (GSSAPI)",
"uri": "mongodb://localhost/?authMechanism=GSSAPI",
"valid": false
},
{
"description": "should recognize the mechanism (MONGODB-X509)",
"uri": "mongodb://CN%3DmyName%2COU%3DmyOrgUnit%2CO%3DmyOrg%2CL%3DmyLocality%2CST%3DmyState%2CC%3DmyCountry@localhost/?authMechanism=MONGODB-X509",
"valid": true,
"credential": {
"username": "CN=myName,OU=myOrgUnit,O=myOrg,L=myLocality,ST=myState,C=myCountry",
"password": null,
"source": "$external",
"mechanism": "MONGODB-X509",
"mechanism_properties": null
}
},
{
"description": "should ignore the database (MONGODB-X509)",
"uri": "mongodb://CN%3DmyName%2COU%3DmyOrgUnit%2CO%3DmyOrg%2CL%3DmyLocality%2CST%3DmyState%2CC%3DmyCountry@localhost/foo?authMechanism=MONGODB-X509",
"valid": true,
"credential": {
"username": "CN=myName,OU=myOrgUnit,O=myOrg,L=myLocality,ST=myState,C=myCountry",
"password": null,
"source": "$external",
"mechanism": "MONGODB-X509",
"mechanism_properties": null
}
},
{
"description": "should accept valid authSource (MONGODB-X509)",
"uri": "mongodb://CN%3DmyName%2COU%3DmyOrgUnit%2CO%3DmyOrg%2CL%3DmyLocality%2CST%3DmyState%2CC%3DmyCountry@localhost/?authMechanism=MONGODB-X509&authSource=$external",
"valid": true,
"credential": {
"username": "CN=myName,OU=myOrgUnit,O=myOrg,L=myLocality,ST=myState,C=myCountry",
"password": null,
"source": "$external",
"mechanism": "MONGODB-X509",
"mechanism_properties": null
}
},
{
"description": "should recognize the mechanism with no username (MONGODB-X509)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-X509",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-X509",
"mechanism_properties": null
}
},
{
"description": "should recognize the mechanism with no username when auth source is explicitly specified (MONGODB-X509)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-X509&authSource=$external",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-X509",
"mechanism_properties": null
}
},
{
"description": "should throw an exception if supplied a password (MONGODB-X509)",
"uri": "mongodb://user:password@localhost/?authMechanism=MONGODB-X509",
"valid": false
},
{
"description": "should throw an exception if authSource is invalid (MONGODB-X509)",
"uri": "mongodb://CN%3DmyName%2COU%3DmyOrgUnit%2CO%3DmyOrg%2CL%3DmyLocality%2CST%3DmyState%2CC%3DmyCountry@localhost/foo?authMechanism=MONGODB-X509&authSource=bar",
"valid": false
},
{
"description": "should recognize the mechanism (PLAIN)",
"uri": "mongodb://user:password@localhost/?authMechanism=PLAIN",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "$external",
"mechanism": "PLAIN",
"mechanism_properties": null
}
},
{
"description": "should use the database when no authSource is specified (PLAIN)",
"uri": "mongodb://user:password@localhost/foo?authMechanism=PLAIN",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "foo",
"mechanism": "PLAIN",
"mechanism_properties": null
}
},
{
"description": "should use the authSource when specified (PLAIN)",
"uri": "mongodb://user:password@localhost/foo?authMechanism=PLAIN&authSource=bar",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "bar",
"mechanism": "PLAIN",
"mechanism_properties": null
}
},
{
"description": "should throw an exception if no username (PLAIN)",
"uri": "mongodb://localhost/?authMechanism=PLAIN",
"valid": false
},
{
"description": "should recognize the mechanism (SCRAM-SHA-1)",
"uri": "mongodb://user:password@localhost/?authMechanism=SCRAM-SHA-1",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "admin",
"mechanism": "SCRAM-SHA-1",
"mechanism_properties": null
}
},
{
"description": "should use the database when no authSource is specified (SCRAM-SHA-1)",
"uri": "mongodb://user:password@localhost/foo?authMechanism=SCRAM-SHA-1",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "foo",
"mechanism": "SCRAM-SHA-1",
"mechanism_properties": null
}
},
{
"description": "should accept valid authSource (SCRAM-SHA-1)",
"uri": "mongodb://user:password@localhost/foo?authMechanism=SCRAM-SHA-1&authSource=bar",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "bar",
"mechanism": "SCRAM-SHA-1",
"mechanism_properties": null
}
},
{
"description": "should throw an exception if no username (SCRAM-SHA-1)",
"uri": "mongodb://localhost/?authMechanism=SCRAM-SHA-1",
"valid": false
},
{
"description": "should recognize the mechanism (SCRAM-SHA-256)",
"uri": "mongodb://user:password@localhost/?authMechanism=SCRAM-SHA-256",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "admin",
"mechanism": "SCRAM-SHA-256",
"mechanism_properties": null
}
},
{
"description": "should use the database when no authSource is specified (SCRAM-SHA-256)",
"uri": "mongodb://user:password@localhost/foo?authMechanism=SCRAM-SHA-256",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "foo",
"mechanism": "SCRAM-SHA-256",
"mechanism_properties": null
}
},
{
"description": "should accept valid authSource (SCRAM-SHA-256)",
"uri": "mongodb://user:password@localhost/foo?authMechanism=SCRAM-SHA-256&authSource=bar",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "bar",
"mechanism": "SCRAM-SHA-256",
"mechanism_properties": null
}
},
{
"description": "should throw an exception if no username (SCRAM-SHA-256)",
"uri": "mongodb://localhost/?authMechanism=SCRAM-SHA-256",
"valid": false
},
{
"description": "URI with no auth-related info doesn't create credential",
"uri": "mongodb://localhost/",
"valid": true,
"credential": null
},
{
"description": "database in URI path doesn't create credentials",
"uri": "mongodb://localhost/foo",
"valid": true,
"credential": null
},
{
"description": "authSource without username doesn't create credential (default mechanism)",
"uri": "mongodb://localhost/?authSource=foo",
"valid": true,
"credential": null
},
{
"description": "should throw an exception if no username provided (userinfo implies default mechanism)",
"uri": "mongodb://@localhost.com/",
"valid": false
},
{
"description": "should throw an exception if no username/password provided (userinfo implies default mechanism)",
"uri": "mongodb://:@localhost.com/",
"valid": false
},
{
"description": "should recognise the mechanism (MONGODB-AWS)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-AWS",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-AWS",
"mechanism_properties": null
}
},
{
"description": "should recognise the mechanism when auth source is explicitly specified (MONGODB-AWS)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-AWS&authSource=$external",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-AWS",
"mechanism_properties": null
}
},
{
"description": "should throw an exception if username and no password (MONGODB-AWS)",
"uri": "mongodb://user@localhost/?authMechanism=MONGODB-AWS",
"valid": false,
"credential": null
},
{
"description": "should use username and password if specified (MONGODB-AWS)",
"uri": "mongodb://user%21%40%23%24%25%5E%26%2A%28%29_%2B:pass%21%40%23%24%25%5E%26%2A%28%29_%2B@localhost/?authMechanism=MONGODB-AWS",
"valid": true,
"credential": {
"username": "user!@#$%^&*()_+",
"password": "pass!@#$%^&*()_+",
"source": "$external",
"mechanism": "MONGODB-AWS",
"mechanism_properties": null
}
},
{
"description": "should use username, password and session token if specified (MONGODB-AWS)",
"uri": "mongodb://user:password@localhost/?authMechanism=MONGODB-AWS&authMechanismProperties=AWS_SESSION_TOKEN:token%21%40%23%24%25%5E%26%2A%28%29_%2B",
"valid": true,
"credential": {
"username": "user",
"password": "password",
"source": "$external",
"mechanism": "MONGODB-AWS",
"mechanism_properties": {
"AWS_SESSION_TOKEN": "token!@#$%^&*()_+"
}
}
},
{
"description": "should recognise the mechanism with test environment (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:test",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "test"
}
}
},
{
"description": "should recognise the mechanism when auth source is explicitly specified and with environment (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authSource=$external&authMechanismProperties=ENVIRONMENT:test",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "test"
}
}
},
{
"description": "should throw an exception if supplied a password (MONGODB-OIDC)",
"uri": "mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:test",
"valid": false,
"credential": null
},
{
"description": "should throw an exception if username is specified for test (MONGODB-OIDC)",
"uri": "mongodb://principalName@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:test",
"valid": false,
"credential": null
},
{
"description": "should throw an exception if specified environment is not supported (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:invalid",
"valid": false,
"credential": null
},
{
"description": "should throw an exception if neither environment nor callbacks specified (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC",
"valid": false,
"credential": null
},
{
"description": "should throw an exception when unsupported auth property is specified (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=UnsupportedProperty:unexisted",
"valid": false,
"credential": null
},
{
"description": "should recognise the mechanism with azure provider (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:foo",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "azure",
"TOKEN_RESOURCE": "foo"
}
}
},
{
"description": "should accept a username with azure provider (MONGODB-OIDC)",
"uri": "mongodb://user@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:foo",
"valid": true,
"credential": {
"username": "user",
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "azure",
"TOKEN_RESOURCE": "foo"
}
}
},
{
"description": "should accept a url-encoded TOKEN_RESOURCE (MONGODB-OIDC)",
"uri": "mongodb://user@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:mongodb%3A%2F%2Ftest-cluster",
"valid": true,
"credential": {
"username": "user",
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "azure",
"TOKEN_RESOURCE": "mongodb://test-cluster"
}
}
},
{
"description": "should accept an un-encoded TOKEN_RESOURCE (MONGODB-OIDC)",
"uri": "mongodb://user@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:mongodb://test-cluster",
"valid": true,
"credential": {
"username": "user",
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "azure",
"TOKEN_RESOURCE": "mongodb://test-cluster"
}
}
},
{
"description": "should handle a complicated url-encoded TOKEN_RESOURCE (MONGODB-OIDC)",
"uri": "mongodb://user@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:abcd%25ef%3Ag%26hi",
"valid": true,
"credential": {
"username": "user",
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "azure",
"TOKEN_RESOURCE": "abcd%ef:g&hi"
}
}
},
{
"description": "should url-encode a TOKEN_RESOURCE (MONGODB-OIDC)",
"uri": "mongodb://user@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:a$b",
"valid": true,
"credential": {
"username": "user",
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "azure",
"TOKEN_RESOURCE": "a$b"
}
}
},
{
"description": "should accept a username and throw an error for a password with azure provider (MONGODB-OIDC)",
"uri": "mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:foo",
"valid": false,
"credential": null
},
{
"description": "should throw an exception if no token audience is given for azure provider (MONGODB-OIDC)",
"uri": "mongodb://username@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure",
"valid": false,
"credential": null
},
{
"description": "should recognise the mechanism with gcp provider (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:gcp,TOKEN_RESOURCE:foo",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "gcp",
"TOKEN_RESOURCE": "foo"
}
}
},
{
"description": "should throw an error for a username and password with gcp provider (MONGODB-OIDC)",
"uri": "mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:gcp,TOKEN_RESOURCE:foo",
"valid": false,
"credential": null
},
{
"description": "should throw an error if not TOKEN_RESOURCE with gcp provider (MONGODB-OIDC)",
"uri": "mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:gcp",
"valid": false,
"credential": null
},
{
"description": "should recognise the mechanism with k8s provider (MONGODB-OIDC)",
"uri": "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:k8s",
"valid": true,
"credential": {
"username": null,
"password": null,
"source": "$external",
"mechanism": "MONGODB-OIDC",
"mechanism_properties": {
"ENVIRONMENT": "k8s"
}
}
},
{
"description": "should throw an error for a username and password with k8s provider (MONGODB-OIDC)",
"uri": "mongodb://user:pass@localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:k8s",
"valid": false,
"credential": null
}
]
}
Reference in New Issue View Git Blame Copy Permalink