diff options
author | Sara Golemon <sara.golemon@mongodb.com> | 2017-11-30 10:16:32 -0500 |
---|---|---|
committer | Sara Golemon <sara.golemon@mongodb.com> | 2017-12-01 16:29:40 -0500 |
commit | 4a5f07ba38561db71727fe4254de5e9c24053645 (patch) | |
tree | c11ead2d7bb621670387798b34f038efd047735e /jstests | |
parent | bd20a3fe5a8aea410282f25f7dacdf7bb923b7c0 (diff) | |
download | mongo-4a5f07ba38561db71727fe4254de5e9c24053645.tar.gz |
SERVER-30491 Remove CRAM-MD5
Diffstat (limited to 'jstests')
-rw-r--r-- | jstests/auth/auth_helpers.js | 73 |
1 files changed, 18 insertions, 55 deletions
diff --git a/jstests/auth/auth_helpers.js b/jstests/auth/auth_helpers.js index 94131821784..fd2775cc463 100644 --- a/jstests/auth/auth_helpers.js +++ b/jstests/auth/auth_helpers.js @@ -1,65 +1,28 @@ // Test the db.auth() shell helper. -// -// This test requires users to persist across a restart. -// @tags: [requires_persistence] -var conn = MongoRunner.runMongod({smallfiles: ""}); +(function() { + 'use strict'; -var mechanisms, hasCR, hasCramMd5; + const conn = MongoRunner.runMongod({smallfiles: ""}); + const admin = conn.getDB('admin'); -var admin = conn.getDB('admin'); -// In order to test MONGODB-CR we need to "reset" the authSchemaVersion to -// 26Final "3" or else the user won't get MONGODB-CR credentials. -admin.system.version.save({"_id": "authSchema", "currentVersion": 3}); -admin.createUser({user: 'andy', pwd: 'a', roles: jsTest.adminUserRoles}); -admin.auth({user: 'andy', pwd: 'a'}); - -// Attempt to start with CRAM-MD5 enabled -// If this fails the build only supports default auth mechanisms -MongoRunner.stopMongod(conn); -var restartedConn = MongoRunner.runMongod({ - auth: "", - restart: conn, - setParameter: "authenticationMechanisms=SCRAM-SHA-1,MONGODB-CR,CRAM-MD5" -}); -if (restartedConn != null) { - mechanisms = ["SCRAM-SHA-1", "MONGODB-CR", "CRAM-MD5"]; - hasCR = true; - hasCramMd5 = true; - print("test info: Enabling non-default authentication mechanisms."); -} else { - restartedConn = MongoRunner.runMongod({restart: conn}); - mechanisms = ["SCRAM-SHA-1", "MONGODB-CR"]; - hasCR = true; - hasCramMd5 = false; - print("test info: Using only default password authentication mechanisms."); -} - -admin = restartedConn.getDB('admin'); -var testedSomething = false; + // In order to test MONGODB-CR we need to "reset" the authSchemaVersion to + // 26Final "3" or else the user won't get MONGODB-CR credentials. + admin.system.version.save({"_id": "authSchema", "currentVersion": 3}); + admin.createUser({user: 'andy', pwd: 'a', roles: jsTest.adminUserRoles}); + assert(admin.auth({user: 'andy', pwd: 'a'})); + assert(admin.logout()); -// Try all the ways to call db.auth that uses SCRAM-SHA-1 or MONGODB-CR. -if (hasCR) { - testedSomething = true; + // Try all the ways to call db.auth that uses SCRAM-SHA-1 or MONGODB-CR. assert(admin.auth('andy', 'a')); - admin.logout(); + assert(admin.logout()); assert(admin.auth({user: 'andy', pwd: 'a'})); - admin.logout(); + assert(admin.logout()); assert(admin.auth({mechanism: 'SCRAM-SHA-1', user: 'andy', pwd: 'a'})); - admin.logout(); + assert(admin.logout()); assert(admin.auth({mechanism: 'MONGODB-CR', user: 'andy', pwd: 'a'})); - admin.logout(); -} - -// If the server supports CRAM-MD5, try it out. -if (hasCramMd5) { - testedSomething = true; - assert(admin.auth({mechanism: 'CRAM-MD5', user: 'andy', pwd: 'a'})); - admin.logout(); -} - -// Sanity check that we tested at least one of MONGODB-CR and CRAM-MD5. -assert(testedSomething, "No candidate authentication mechanisms matched."); + assert(admin.logout()); -// Invalid mechanisms shouldn't lead to authentication, but also shouldn't crash. -assert(!admin.auth({mechanism: 'this-mechanism-is-fake', user: 'andy', pwd: 'a'})); + // Invalid mechanisms shouldn't lead to authentication, but also shouldn't crash. + assert(!admin.auth({mechanism: 'this-mechanism-is-fake', user: 'andy', pwd: 'a'})); +})(); |