SERVER-41152 strip white space from auth mechanisms

(cherry picked from commit c31362708f26397dd20818ab780a5180e257d5a7)

2 files changed, 43 insertions, 5 deletions

diff --git a/jstests/auth/auth_mechanisms_parsing.js b/jstests/auth/auth_mechanisms_parsing.js
new file mode 100644
index 00000000000..72f906b3c68
--- /dev/null
+++ b/jstests/auth/auth_mechanisms_parsing.js
@@ -0,0 +1,13 @@
+// Test for stripping whitespace for authenticationMechanisms
+(function() {
+    "use strict";
+
+    const conn = MongoRunner.runMongod(
+        {setParameter: "authenticationMechanisms=SCRAM-SHA-1,SCRAM-SHA-256, PLAIN"});
+
+    const cmdOut = conn.getDB('admin').runCommand({getParameter: 1, authenticationMechanisms: 1});
+
+    // Check to see if whitespace in front of PLAIN is stripped
+    assert.sameMembers(cmdOut.authenticationMechanisms, ["SCRAM-SHA-1", "SCRAM-SHA-256", "PLAIN"]);
+    MongoRunner.stopMongod(conn);
+}());
diff --git a/src/mongo/db/auth/sasl_options.cpp b/src/mongo/db/auth/sasl_options.cpp
index 8a8597304b3..382d1d4b45b 100644
--- a/src/mongo/db/auth/sasl_options.cpp
+++ b/src/mongo/db/auth/sasl_options.cpp
@@ -32,6 +32,8 @@
 
 #include "mongo/db/auth/sasl_options.h"
 
+#include <boost/algorithm/string.hpp>
+
 #include "mongo/base/status.h"
 #include "mongo/db/server_parameters.h"
 #include "mongo/util/log.h"
@@ -193,11 +195,6 @@ MONGO_STARTUP_OPTIONS_STORE(SASLOptions)(InitializerContext* context) {
 
 // SASL Startup Parameters, making them settable via setParameter on the command line or in the
 // legacy INI config file.  None of these parameters are modifiable at runtime.
-ExportedServerParameter<std::vector<std::string>, ServerParameterType::kStartupOnly>
-    SASLAuthenticationMechanismsSetting(ServerParameterSet::getGlobal(),
-                                        "authenticationMechanisms",
-                                        &saslGlobalParams.authenticationMechanisms);
-
 ExportedServerParameter<std::string, ServerParameterType::kStartupOnly> SASLHostNameSetting(
     ServerParameterSet::getGlobal(), "saslHostName", &saslGlobalParams.hostName);
 
@@ -231,6 +228,30 @@ private:
     int _minimum;
 };
 
+class ExportedAuthenticationMechanismParameter
+    : public ExportedServerParameter<std::vector<std::string>, ServerParameterType::kStartupOnly> {
+public:
+    ExportedAuthenticationMechanismParameter(StringData name, std::vector<std::string>* value)
+        : ExportedServerParameter<std::vector<std::string>, ServerParameterType::kStartupOnly>(
+              ServerParameterSet::getGlobal(), name.toString(), value) {}
+
+    Status setFromString(const std::string& str) final {
+
+        std::vector<std::string> v;
+        splitStringDelim(str, &v, ',');
+
+        // Strip white space for authentication mechanisms
+        for (auto& mechanism : v) {
+            boost::trim(mechanism);
+        }
+
+        std::string joinedString = boost::algorithm::join(v, ",");
+        return ExportedServerParameter<
+            std::vector<std::string>,
+            ServerParameterType::kStartupOnly>::setFromString(joinedString);
+    }
+};
+
 ExportedScramIterationCountParameter scramSHA1IterationCountParam(
     scramSHA1IterationCountServerParameter,
     &saslGlobalParams.scramSHA1IterationCount,
@@ -240,4 +261,8 @@ ExportedScramIterationCountParameter scramSHA256IterationCountParam(
     &saslGlobalParams.scramSHA256IterationCount,
     minimumScramSHA256IterationCount);
 
+// modify the input to remove leading and trailing white space
+ExportedAuthenticationMechanismParameter authMechanismsParam(
+    "authenticationMechanisms", &saslGlobalParams.authenticationMechanisms);
+
 }  // namespace mongo