jstests/auth/auth_mechanism_discovery.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43

// Tests that a client will auto-discover a user's supported SASL mechanisms during auth().
(function() {
    "use strict";

    function runTest(conn) {
        const admin = conn.getDB("admin");
        const test = conn.getDB("test");

        admin.createUser({user: 'admin', pwd: 'pass', roles: jsTest.adminUserRoles});
        assert(admin.auth('admin', 'pass'));

        // Enable SCRAM-SHA-256.
        assert.commandWorked(admin.runCommand({setFeatureCompatibilityVersion: "4.0"}));

        function checkUser(username, mechanism) {
            var createUser = {createUser: username, pwd: 'pwd', roles: []};
            if (mechanism !== undefined) {
                createUser.mechanisms = [mechanism];
            } else {
                // Create both variants, expect to prefer 256.
                mechanism = 'SCRAM-SHA-256';
            }
            assert.commandWorked(test.runCommand(createUser));
            assert.eq(test._getDefaultAuthenticationMechanism(username, test.getName()), mechanism);
            assert(test.auth(username, 'pwd'));
            test.logout();
        }
        checkUser('userSha1', 'SCRAM-SHA-1');
        checkUser('userSha256', 'SCRAM-SHA-256');
        checkUser('userAll');
    }

    // Test standalone.
    const m = MongoRunner.runMongod({auth: ""});
    runTest(m);
    MongoRunner.stopMongod(m);

    // Test sharded.
    const st =
        new ShardingTest({shards: 1, mongos: 1, config: 1, other: {keyFile: 'jstests/libs/key1'}});
    runTest(st.s0);
    st.stop();
})();