// constructors /// <summary> /// Initializes a new instance of the <see cref="MongoCredential" /> class. /// </summary> /// <param name="mechanism">Mechanism to authenticate with.</param> /// <param name="identity">The identity.</param> /// <param name="evidence">The evidence.</param> public MongoCredential(string mechanism, MongoIdentity identity, MongoIdentityEvidence evidence) { if (identity == null) { throw new ArgumentNullException("identity"); } if (evidence == null) { throw new ArgumentNullException("evidence"); } _mechanism = mechanism; _identity = identity; _evidence = evidence; }
// constructors /// <summary> /// Initializes a new instance of the <see cref="MongoCredential" /> class. /// </summary> /// <param name="mechanism">Mechanism to authenticate with. /// In .NET Standard, authenticating via SCRAM-SHA-256 may not work with non-ASCII passwords because SaslPrep is /// not fully implemented due to the lack of a string normalization function in .NET Standard 1.6. /// Normalizing the password into Unicode Normalization Form KC beforehand MAY help. /// SCRAM-SHA-1 is the recommended alternative for now.</param> /// <param name="identity">The identity.</param> /// <param name="evidence">The evidence.</param> public MongoCredential(string mechanism, MongoIdentity identity, MongoIdentityEvidence evidence) { if (identity == null) { throw new ArgumentNullException("identity"); } if (evidence == null) { throw new ArgumentNullException("evidence"); } _mechanism = mechanism; _identity = identity; _evidence = evidence; _mechanismProperties = new Dictionary <string, object>(); }
// private static methods private static MongoCredential FromComponents(string mechanism, string source, string username, MongoIdentityEvidence evidence) { var defaultedMechanism = (mechanism ?? "DEFAULT").Trim().ToUpperInvariant(); switch (defaultedMechanism) { case "DEFAULT": case "MONGODB-CR": case "SCRAM-SHA-1": case "SCRAM-SHA-256": // it is allowed for a password to be an empty string, but not a username source = source ?? "admin"; if (evidence == null || !(evidence is PasswordEvidence)) { var message = string.Format("A {0} credential must have a password.", defaultedMechanism); throw new ArgumentException(message); } return(new MongoCredential( mechanism, new MongoInternalIdentity(source, username), evidence)); case "MONGODB-X509": // always $external for X509. source = "$external"; if (evidence == null || !(evidence is ExternalEvidence)) { throw new ArgumentException("A MONGODB-X509 does not support a password."); } return(new MongoCredential( mechanism, new MongoX509Identity(username), evidence)); case "GSSAPI": // always $external for GSSAPI. source = "$external"; return(new MongoCredential( "GSSAPI", new MongoExternalIdentity(source, username), evidence)); case "PLAIN": source = source ?? "admin"; if (evidence == null || !(evidence is PasswordEvidence)) { throw new ArgumentException("A PLAIN credential must have a password."); } MongoIdentity identity; if (source == "$external") { identity = new MongoExternalIdentity(source, username); } else { identity = new MongoInternalIdentity(source, username); } return(new MongoCredential( mechanism, identity, evidence)); default: throw new NotSupportedException(string.Format("Unsupported MongoAuthenticationMechanism {0}.", mechanism)); } }
// private static methods private static MongoCredential FromComponents(string mechanism, string source, string username, MongoIdentityEvidence evidence) { if (string.IsNullOrEmpty(mechanism)) { throw new ArgumentException("Cannot be null or empty.", "mechanism"); } if (string.IsNullOrEmpty(username)) { return(null); } switch (mechanism.ToUpperInvariant()) { case "MONGODB-CR": // it is allowed for a password to be an empty string, but not a username source = source ?? "admin"; if (evidence == null || !(evidence is PasswordEvidence)) { throw new ArgumentException("A MONGODB-CR credential must have a password."); } return(new MongoCredential( mechanism, new MongoInternalIdentity(source, username), evidence)); case "MONGODB-X509": // always $external for X509. source = "$external"; if (evidence == null || !(evidence is ExternalEvidence)) { throw new ArgumentException("A MONGODB-X509 does not support a password."); } return(new MongoCredential( mechanism, new MongoExternalIdentity(username), evidence)); case "GSSAPI": // always $external for GSSAPI. source = "$external"; return(new MongoCredential( "GSSAPI", new MongoExternalIdentity(source, username), evidence)); case "PLAIN": source = source ?? "admin"; if (evidence == null || !(evidence is PasswordEvidence)) { throw new ArgumentException("A PLAIN credential must have a password."); } MongoIdentity identity; if (source == "$external") { identity = new MongoExternalIdentity(source, username); } else { identity = new MongoInternalIdentity(source, username); } return(new MongoCredential( mechanism, identity, evidence)); default: throw new NotSupportedException(string.Format("Unsupported MongoAuthenticationMechanism {0}.", mechanism)); } }