SERVER-38984 Validate unique User ID on UserCache hit

1 files changed, 8 insertions, 0 deletions

diff --git a/src/mongo/db/auth/authorization_manager.h b/src/mongo/db/auth/authorization_manager.h
index f9cd1248d4b..1ec9f421a4c 100644
--- a/src/mongo/db/auth/authorization_manager.h
+++ b/src/mongo/db/auth/authorization_manager.h
@@ -99,6 +99,7 @@ public:
 
     static MONGO_DECLARE_SHIM(()->std::unique_ptr<AuthorizationManager>) create;
 
+    static constexpr StringData USERID_FIELD_NAME = "userId"_sd;
     static constexpr StringData USER_NAME_FIELD_NAME = "user"_sd;
     static constexpr StringData USER_DB_FIELD_NAME = "db"_sd;
     static constexpr StringData ROLE_NAME_FIELD_NAME = "role"_sd;
@@ -267,6 +268,13 @@ public:
                                                const UserName& userName) = 0;
 
     /**
+     * Validate the ID associated with a known user while refreshing session cache.
+     */
+    virtual StatusWith<UserHandle> acquireUserForSessionRefresh(OperationContext* opCtx,
+                                                                const UserName& userName,
+                                                                const User::UserId& uid) = 0;
+
+    /**
      * Marks the given user as invalid and removes it from the user cache.
      */
     virtual void invalidateUserByName(OperationContext* opCtx, const UserName& user) = 0;