# -*- mode: python -*- Import("env") env = env.Clone() env.Library( target='security_token', source=[ 'security_token_authentication_guard.cpp', 'security_token.idl', 'validated_tenancy_scope.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/auth/auth', '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/db/server_feature_flags', '$BUILD_DIR/mongo/db/service_context', ], ) env.Library( target='authentication_restriction', source=[ 'restriction_environment.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/util/net/network', ], ) # The Auth library should consist only of the shimmed API for Auth usage and the implementations of # the data structures used in that API. No actual Auth subsystem implementation should exist in # this library. env.Library( target='auth', source=[ 'auth_name.cpp', 'authorization_manager.cpp', 'authorization_session.cpp', 'auth_decorations.cpp', 'role_name_or_string.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/db/service_context', 'auth_options', 'cluster_auth_mode', 'sasl_options', ], ) env.Library( target='authentication_session', source=[ 'authentication_session.cpp', ], LIBDEPS=[ 'auth', 'saslauth', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/audit', '$BUILD_DIR/mongo/db/connection_health_metrics_parameter', '$BUILD_DIR/mongo/db/service_context', '$BUILD_DIR/mongo/db/stats/counters', ], ) env.Library( target='auth_op_observer', source=[ 'auth_op_observer.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/db/audit', '$BUILD_DIR/mongo/db/catalog/collection_options', '$BUILD_DIR/mongo/db/index/index_access_method', '$BUILD_DIR/mongo/db/op_observer/op_observer', '$BUILD_DIR/mongo/db/op_observer/op_observer_util', '$BUILD_DIR/mongo/db/repl/oplog_entry', 'auth', ], ) env.Library( target='user', source=[ 'user.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/crypto/sha_block_${MONGO_CRYPTO}', 'auth', 'authentication_restriction', 'authprivilege', ], ) env.Library( target='auth_impl_internal_local', source=[ 'authz_manager_external_state_local.cpp', ], LIBDEPS=[ 'auth_impl_internal', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/multitenancy', '$BUILD_DIR/mongo/db/shard_role', 'auth_types', ], ) # This needs to use its own env to tell scons to suppress scanning the .tpl.cpp input # for #includes since they aren't directly preprocessed. Scons will still scan the generated files # to produce the correct implicit dependencies when they are compiled. env_for_builtin_roles = env.Clone() env_for_builtin_roles['SCANNERS'] = [] generateBuiltinRoles = env_for_builtin_roles.Command( target=[ 'builtin_roles.cpp', ], source=[ 'builtin_roles_gen.py', 'builtin_roles.yml', 'builtin_roles.tpl.cpp', ], action=[ '$PYTHON ${SOURCES[0]} ${SOURCES[1]} ${SOURCES[2]} ${TARGETS[0]}', ], ) env.Alias('generated-sources', generateBuiltinRoles) env.Library( target='builtin_roles', source=[ 'builtin_roles.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/db/server_base', 'auth', 'auth_options', 'authprivilege', ], ) env.Library( target='user_document_parser', source=[ 'user_document_parser.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/bson/util/bson_extract', 'auth', 'user', ], LIBDEPS_PRIVATE=[ 'address_restriction', 'authprivilege', ], ) env.Library( target='cluster_auth_mode', source=[ 'cluster_auth_mode.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', ], ) env.Library( target='auth_options', source=[ 'auth_options.idl', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/server_base', ], ) env.Library( target='auth_impl_internal', source=[ 'authorization_manager_impl.cpp', 'authorization_session_impl.cpp', 'authz_manager_external_state.cpp', 'authz_session_external_state.cpp', 'authorization_manager_impl_parameters.idl', ], LIBDEPS=[ '$BUILD_DIR/mongo/base/secure_allocator', '$BUILD_DIR/mongo/bson/util/bson_extract', '$BUILD_DIR/mongo/db/commands/authentication_commands', '$BUILD_DIR/mongo/db/common', '$BUILD_DIR/mongo/db/global_settings', '$BUILD_DIR/mongo/db/query/op_metrics', '$BUILD_DIR/mongo/util/concurrency/thread_pool', '$BUILD_DIR/mongo/util/icu', '$BUILD_DIR/mongo/util/net/ssl_manager', '$BUILD_DIR/mongo/util/net/ssl_types', 'address_restriction', 'auth', 'authorization_manager_global', 'authprivilege', 'builtin_roles', 'sasl_options', 'user', 'user_acquisition_stats', 'user_document_parser', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/api_parameters', '$BUILD_DIR/mongo/db/audit', # audit:logLogout in AuthZSession. '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/db/stats/counters', '$BUILD_DIR/mongo/util/caching', 'auth_types', 'auth_umc', ], ) env.Library( target='auth_checks', source=[ 'authorization_checks.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/db/catalog/document_validation', '$BUILD_DIR/mongo/db/common', '$BUILD_DIR/mongo/db/pipeline/lite_parsed_document_source', '$BUILD_DIR/mongo/db/update/update_driver', 'auth', 'authprivilege', 'builtin_roles', 'user', 'user_document_parser', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/audit', '$BUILD_DIR/mongo/db/server_base', ], ) env.Library( target='authprivilege', source=[ 'access_checks.idl', 'action_set.cpp', 'action_type.cpp', 'action_type.idl', 'authorization_contract.cpp', 'privilege.cpp', 'privilege_parser.cpp', 'resource_pattern.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/bson/mutable/mutable_bson', '$BUILD_DIR/mongo/db/common', '$BUILD_DIR/mongo/idl/idl_parser', ], ) env.Library( target='auth_types', source=[ 'auth_types.idl', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/idl/idl_parser', 'auth', 'authprivilege', ], ) env.Library( target='auth_umc', source=[ 'impersonation_session.cpp', 'user_management_commands_parser.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/bson/mutable/mutable_bson', '$BUILD_DIR/mongo/db/common', '$BUILD_DIR/mongo/rpc/metadata_impersonated_user', 'address_restriction', 'auth', 'authprivilege', ], ) env.Library( target='authorization_manager_global', source=[ 'authorization_manager_global.cpp', 'authorization_manager_global_parameters.idl', ], LIBDEPS=[ 'auth', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/client/authentication', '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/db/service_context', '$BUILD_DIR/mongo/util/net/ssl_manager', '$BUILD_DIR/mongo/util/net/ssl_parameters_auth', 'cluster_auth_mode', 'security_key', ], ) env.Library( target='security_key', source=[ 'security_key.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/base/secure_allocator', '$BUILD_DIR/mongo/client/authentication', '$BUILD_DIR/mongo/crypto/sha_block_${MONGO_CRYPTO}', '$BUILD_DIR/mongo/util/icu', '$BUILD_DIR/mongo/util/md5', 'auth', 'cluster_auth_mode', 'sasl_options', 'security_file', 'user', ], ) env.Library( target='sasl_commands', source=[ 'sasl_commands.cpp', 'sasl_commands.idl', 'sasl_payload.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/client/sasl_client', '$BUILD_DIR/mongo/db/commands', '$BUILD_DIR/mongo/db/commands/test_commands_enabled', 'auth', 'auth_impl_internal', 'authentication_session', 'authorization_manager_global', 'saslauth', ], ) env.Library( target='authservercommon', source=[ 'authz_session_external_state_server_common.cpp', 'enable_localhost_auth_bypass_parameter.idl', ], LIBDEPS=[ '$BUILD_DIR/mongo/db/commands/authentication_commands', 'auth', 'auth_impl_internal', 'authorization_manager_global', 'sasl_commands', 'saslauth', ], LIBDEPS_PRIVATE=[ 'sasl_options_init', ], ) yamlEnv = env.Clone() yamlEnv.InjectThirdParty(libraries=['yaml']) yamlEnv.Library( target='security_file', source=[ 'security_file.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/third_party/shim_yaml', ], ) env.Library( target='sasl_options', source=[ 'sasl_options.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/db/stats/counters', ], ) env.Library( target='sasl_options_init', source=[ 'sasl_options_init.cpp', 'sasl_options.idl', ], LIBDEPS=[ 'sasl_options', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/util/net/network', '$BUILD_DIR/mongo/util/options_parser/options_parser', ], ) env.Library( target='saslauth', source=[ 'sasl_mechanism_registry.cpp', 'sasl_plain_server_conversation.cpp', 'sasl_scram_server_conversation.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base/secure_allocator', '$BUILD_DIR/mongo/crypto/sha_block_${MONGO_CRYPTO}', '$BUILD_DIR/mongo/db/commands/test_commands_enabled', '$BUILD_DIR/mongo/util/icu', '$BUILD_DIR/mongo/util/md5', '$BUILD_DIR/mongo/util/net/network', 'auth', 'authprivilege', 'sasl_options', 'user', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/connection_health_metrics_parameter', '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/db/service_context', 'cluster_auth_mode', ], ) env.Library( target='authmongod', source=[ 'authz_manager_external_state_d.cpp', 'authz_session_external_state_d.cpp', ], LIBDEPS=[ 'auth_impl_internal_local', 'authservercommon', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/dbdirectclient', '$BUILD_DIR/mongo/db/dbhelpers', '$BUILD_DIR/mongo/db/repl/repl_coordinator_interface', '$BUILD_DIR/mongo/db/shard_role', ], ) env.Library( target='authmongos', source=[ 'authz_manager_external_state_s.cpp', 'authz_session_external_state_s.cpp', 'user_cache_invalidator_job.cpp', 'user_cache_invalidator_job_parameters.idl', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/multitenancy', '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/s/grid', 'authservercommon', ], ) env.Library( target='authmocks', source=[ 'authz_manager_external_state_mock.cpp', 'authz_session_external_state_mock.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/db/concurrency/lock_manager', '$BUILD_DIR/mongo/db/query_expressions', '$BUILD_DIR/mongo/db/service_context', '$BUILD_DIR/mongo/db/update/update_driver', 'auth', 'auth_impl_internal', 'auth_impl_internal_local', ], ) env.Library( target='address_restriction', source=[ 'address_restriction.cpp', 'address_restriction.idl', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/idl/idl_parser', '$BUILD_DIR/mongo/util/net/network', 'authentication_restriction', ], ) env.Library( target='user_acquisition_stats', source=[ 'ldap_operation_stats.cpp', 'ldap_cumulative_operation_stats.cpp', 'user_cache_acquisition_stats.cpp', ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/db/server_base', '$BUILD_DIR/mongo/db/service_context', 'auth', ], ) env.Library( target='oidc_protocol', source=[ "oauth_authorization_server_metadata.idl", "oauth_discovery_factory.cpp", 'oidc_protocol.idl' ], LIBDEPS_PRIVATE=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/idl/idl_parser', '$BUILD_DIR/mongo/util/net/http_client', ], ) env.CppUnitTest( target='db_auth_test', source=[ 'action_set_test.cpp', 'address_restriction_test.cpp', 'auth_identifier_test.cpp', 'authorization_contract_test.cpp', 'auth_op_observer_test.cpp', "authentication_session_test.cpp", 'authorization_manager_test.cpp', 'authorization_session_for_test.cpp', 'authorization_session_test.cpp', 'builtin_roles_test.cpp', 'oauth_discovery_factory_test.cpp', 'privilege_parser_test.cpp', 'restriction_test.cpp', 'sasl_authentication_session_test.cpp', 'sasl_mechanism_registry_test.cpp', 'sasl_scram_test.cpp', 'security_key_test.cpp', 'user_document_parser_test.cpp', 'validated_tenancy_scope_test.cpp', ], LIBDEPS=[ '$BUILD_DIR/mongo/base', '$BUILD_DIR/mongo/client/sasl_client', '$BUILD_DIR/mongo/db/common', '$BUILD_DIR/mongo/db/concurrency/exception_util', '$BUILD_DIR/mongo/db/pipeline/pipeline', '$BUILD_DIR/mongo/db/repl/oplog', '$BUILD_DIR/mongo/db/repl/oplog_interface_local', '$BUILD_DIR/mongo/db/repl/replmocks', '$BUILD_DIR/mongo/db/service_context_d_test_fixture', '$BUILD_DIR/mongo/db/service_context_test_fixture', '$BUILD_DIR/mongo/transport/transport_layer_common', '$BUILD_DIR/mongo/transport/transport_layer_mock', '$BUILD_DIR/mongo/util/net/mock_http_client', '$BUILD_DIR/mongo/util/net/network', 'address_restriction', 'auth', 'auth_impl_internal', 'auth_op_observer', 'authentication_restriction', 'authentication_session', 'authmocks', 'oidc_protocol', 'saslauth', 'security_file', 'security_key', 'user', ], )