1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
var authutil;
(function() {
assert(!authutil);
authutil = {};
/**
* Logs out all connections "conn" from database "dbname".
*/
authutil.logout = function(conn, dbname) {
var i;
if (null == conn.length) {
conn = [conn];
}
for (i = 0; i < conn.length; ++i) {
var curDB = new DB(conn[i], dbname);
curDB.logout();
}
};
/**
* Authenticates all connections in "conns" using "authParams" on database "dbName".
*
* Raises an exception if any authentication fails, and tries to leave all connnections
* in "conns" in the logged-out-of-dbName state.
*/
authutil.assertAuthenticate = function(conns, dbName, authParams) {
var conn, i, ex, ex2;
if (conns.length == null)
conns = [conns];
try {
for (i = 0; i < conns.length; ++i) {
conn = conns[i];
// Bypass the implicit auth call in getDB();
var db = new DB(conn, dbName);
assert(db.auth(authParams),
"Failed to authenticate " + conn + " to " + dbName + " using parameters " +
tojson(authParams));
}
} catch (ex) {
try {
authutil.logout(conns, dbName);
} catch (ex2) {
}
throw ex;
}
};
/**
* Authenticates all connections in "conns" using "authParams" on database "dbName".
* Raises in exception if any of the authentications succeed.
*/
authutil.assertAuthenticateFails = function(conns, dbName, authParams) {
var conn, i;
if (conns.length == null)
conns = [conns];
for (i = 0; i < conns.length; ++i) {
conn = conns[i];
// Bypass the implicit auth call in getDB();
var db = new DB(conn, dbName);
assert(!db.auth(authParams),
"Unexpectedly authenticated " + conn + " to " + dbName + " using parameters " +
tojson(authParams));
}
};
/**
* Executes action() after authenticating the keyfile user on "conn", then logs out the keyfile
* user.
*/
authutil.asCluster = function(conn, keyfile, action) {
var ex;
const authMode = jsTest.options().clusterAuthMode;
if (authMode === 'keyFile') {
authutil.assertAuthenticate(conn, 'admin', {
user: '__system',
mechanism: 'SCRAM-SHA-1',
pwd: cat(keyfile).replace(/[\011-\015\040]/g, '')
});
} else if (authMode === 'x509') {
authutil.assertAuthenticate(conn, '$external', {
mechanism: 'MONGODB-X509',
});
} else {
throw new Error('clusterAuthMode ' + authMode + ' is currently unsupported');
}
try {
return action();
} finally {
try {
authutil.logout(conn, 'admin');
} catch (ex) {
}
}
};
}());
|