public void Authentication_succeeds_when_user_has_multiple_credentials_and_mechanism_is_not_specified(
[Values(false, true)] bool async)
{
RequireServer.Check().Supports(Feature.ScramSha256Authentication).Authentication(true);
var client = DriverTestConfiguration.Client;
var source1 = "nyc-matrix";
var userName1 = $"ThomasAnderson{Guid.NewGuid()}";
var password1 = "WhatIsTheMatrix";
var source2 = "admin";
var userName2 = $"Neo{Guid.NewGuid()}";
var password2 = "TrinityAndZionForever";
CreateDatabaseUser(client, source1, userName1, password1, role: "read", mechanisms: "SCRAM-SHA-256");
CreateDatabaseUser(client, source2, userName2, password2, role: "root", mechanisms: "SCRAM-SHA-256");
var settings = client.Settings.Clone();
#pragma warning disable 618
settings.Credentials = new[]
{
#pragma warning restore 618
MongoCredential.FromComponents(mechanism: null, source: source1, username: userName1, password: password1),
MongoCredential.FromComponents(mechanism: null, source: source2, username: userName2, password: password2)
};
AssertAuthenticationSucceeds(settings, async);
}
private DisposableMongoClient CreateMongoClient(
CollectionNamespace keyVaultNamespace = null,
BsonDocument schemaMapDocument = null,
IReadOnlyDictionary <string, IReadOnlyDictionary <string, object> > kmsProviders = null,
bool withExternalKeyVault = false,
Action <ClusterBuilder> clusterConfigurator = null,
Dictionary <string, object> extraOptions = null,
bool bypassAutoEncryption = false)
{
var mongoClientSettings = DriverTestConfiguration.GetClientSettings().Clone();
#pragma warning disable 618
if (BsonDefaults.GuidRepresentationMode == GuidRepresentationMode.V2)
{
mongoClientSettings.GuidRepresentation = GuidRepresentation.Unspecified;
}
#pragma warning restore 618
mongoClientSettings.ClusterConfigurator = clusterConfigurator;
if (keyVaultNamespace != null || schemaMapDocument != null || kmsProviders != null || withExternalKeyVault)
{
if (extraOptions == null)
{
extraOptions = new Dictionary <string, object>()
{
{ "mongocryptdSpawnPath", Environment.GetEnvironmentVariable("MONGODB_BINARIES") ?? string.Empty }
};
}
var schemaMap = GetSchemaMapIfNotNull(schemaMapDocument);
if (kmsProviders == null)
{
kmsProviders = new ReadOnlyDictionary <string, IReadOnlyDictionary <string, object> >(new Dictionary <string, IReadOnlyDictionary <string, object> >());
}
var autoEncryptionOptions = new AutoEncryptionOptions(
keyVaultNamespace: keyVaultNamespace,
kmsProviders: kmsProviders,
schemaMap: schemaMap,
extraOptions: extraOptions,
bypassAutoEncryption: bypassAutoEncryption);
if (withExternalKeyVault)
{
var externalKeyVaultClientSettings = DriverTestConfiguration.GetClientSettings().Clone();
externalKeyVaultClientSettings.Credential = MongoCredential.FromComponents(null, null, "fake-user", "fake-pwd");
var externalKeyVaultClient = new MongoClient(externalKeyVaultClientSettings);
autoEncryptionOptions = autoEncryptionOptions.With(keyVaultClient: externalKeyVaultClient);
}
mongoClientSettings.AutoEncryptionOptions = autoEncryptionOptions;
}
return(new DisposableMongoClient(new MongoClient(mongoClientSettings)));
}
public void Authentication_fails_when_user_is_non_extant_and_mechanism_is_not_specified()
{
RequireServer.Check().Supports(Feature.ScramSha256Authentication).Authentication(true);
var client = DriverTestConfiguration.Client;
var userName = $"cipher{Guid.NewGuid()}";
var password = "******";
var settings = client.Settings.Clone();
settings.Credential = MongoCredential
.FromComponents(mechanism: null, source: null, username: userName, password: password);
settings.ServerSelectionTimeout = TimeSpan.FromSeconds(5);
AssertAuthenticationFails(settings);
}
public void Authentication_succeeds_when_user_has_both_Scram_Sha_mechanisms_and_mechanism_is_not_specified()
{
RequireServer.Check().Supports(Feature.ScramSha256Authentication).Authentication(true);
var client = DriverTestConfiguration.Client;
var userName = $"both{Guid.NewGuid()}";
var password = "******";
CreateAdminDatabaseReadWriteUser(client, userName, password, "SCRAM-SHA-256", "SCRAM-SHA-1");
var settings = client.Settings.Clone();
settings.Credential = MongoCredential
.FromComponents(mechanism: null, source: null, username: userName, password: password);
AssertAuthenticationSucceeds(settings);
}
public void Authentication_succeeds_when_user_has_Scram_Sha_256_mechanism_and_mechanism_is_Scram_Sha_256(
[Values(false, true)] bool async)
{
RequireServer.Check().Supports(Feature.ScramSha256Authentication).Authentication(true);
var client = DriverTestConfiguration.Client;
var userName = $"sha256{Guid.NewGuid()}";
var password = "******";
CreateAdminDatabaseReadWriteUser(client, userName, password, "SCRAM-SHA-256");
var settings = client.Settings.Clone();
settings.Credential = MongoCredential
.FromComponents(mechanism: "SCRAM-SHA-256", source: null, username: userName, password: password);
AssertAuthenticationSucceeds(settings, async);
}
public void Authentication_fails_when_user_has_Scram_Sha_256_mechanism_and_mechanism_is_Scram_Sha_1()
{
RequireServer.Check().Supports(Feature.ScramSha256Authentication).Authentication(true);
var client = DriverTestConfiguration.Client;
var userName = $"sha256{Guid.NewGuid()}";
var password = "******";
CreateAdminDatabaseReadWriteUser(client, userName, password, "SCRAM-SHA-256");
var settings = client.Settings.Clone();
settings.Credential = MongoCredential
.FromComponents(mechanism: "SCRAM-SHA-1", source: null, username: userName, password: password);
settings.ServerSelectionTimeout = TimeSpan.FromSeconds(5);
AssertAuthenticationFails(settings);
}
public void Authentication_succeeds_when_user_has_Scram_Sha_1_Mechanism_and_mechanism_is_not_specified(
[Values(false, true)] bool async)
{
RequireServer.Check().Supports(Feature.ScramSha256Authentication).Authentication(true);
// mechanisms field in createUser command requires server >=4.0
var client = DriverTestConfiguration.Client;
var userName = $"sha1{Guid.NewGuid()}";
var password = "******";
CreateAdminDatabaseReadWriteUser(client, userName, password, "SCRAM-SHA-1");
var settings = client.Settings.Clone();
settings.Credential = MongoCredential
.FromComponents(mechanism: null, source: null, username: userName, password: password);
AssertAuthenticationSucceeds(settings, async, speculativeAuthenticatationShouldSucceedIfPossible: false);
}
public void Driver_should_connect_to_AtlasDataLake_with_SCRAM_SHA_256()
{
RequireEnvironment.Check().EnvironmentVariable("ATLAS_DATA_LAKE_TESTS_ENABLED");
RequireServer.Check().Supports(Feature.ScramSha256Authentication);
var connectionString = CoreTestConfiguration.ConnectionString;
var username = connectionString.Username;
var password = connectionString.Password;
var source = connectionString.AuthSource;
var settings = DriverTestConfiguration.Client.Settings.Clone();
settings.Credential = MongoCredential.FromComponents(mechanism: "SCRAM-SHA-256", source, username, password);
using (var client = DriverTestConfiguration.CreateDisposableClient(settings))
{
client.GetDatabase("admin").RunCommand <BsonDocument>(new BsonDocument("ping", 1));
}
}
[InlineData("IX", "IX", "\u2168", "\u2163")] // "IX", "IX", Roman numeral nine, Roman numeral four
public void Authentication_succeeds_with_Unicode_username_and_Unicode_password_when_SaslPrep_equivalent_username_exists(
string asciiUsername,
string asciiPassword,
string unicodeUsername,
string unicodePassword)
{
RequireServer.Check().Supports(Feature.ScramSha256Authentication).Authentication(true);
var client = DriverTestConfiguration.Client;
var uniqueAsciiUserName = $"{asciiUsername}{Guid.NewGuid()}";
var uniqueUnicodeUserName = $"{unicodeUsername}{Guid.NewGuid()}";
CreateAdminDatabaseUser(client, uniqueAsciiUserName, asciiPassword, "root", "SCRAM-SHA-256");
CreateAdminDatabaseUser(client, uniqueUnicodeUserName, unicodePassword, "root", "SCRAM-SHA-256");
var settings = client.Settings.Clone();
settings.Credential = MongoCredential.FromComponents(
mechanism: "SCRAM-SHA-256", source: null, username: uniqueUnicodeUserName, password: unicodePassword);
AssertAuthenticationSucceeds(settings);
}
public void Execute_should_return_the_expected_result_when_AuthorizedDatabases_is_used(
[Values(null, false, true)] bool?authorizedDatabases)
{
RequireServer.Check().Supports(Feature.ListDatabasesAuthorizedDatabases).Authentication(true);
var setupClient = DriverTestConfiguration.Client;
CreateListDatabasesRole(setupClient, _roleName);
CreateListDatabasesUser(setupClient, _userName, _password, _databaseName, _roleName);
setupClient.GetDatabase(_databaseName).GetCollection <BsonDocument>("test").InsertOne(new BsonDocument());
var settings = DriverTestConfiguration.Client.Settings.Clone();
settings.Credential = MongoCredential.FromComponents(mechanism: null, source: null, username: _userName, password: _password);
var testClient = new MongoClient(settings);
var options = new ListDatabasesOptions
{
AuthorizedDatabases = authorizedDatabases,
NameOnly = true,
};
var result = testClient.ListDatabases(options).ToList();
if (authorizedDatabases.HasValue && authorizedDatabases.Value)
{
result.Should().BeEquivalentTo(new BsonArray {
new BsonDocument {
{ "name", _databaseName }
}
});
}
else
{
result.Count.Should().BeGreaterThan(1);
}
}