From adcd0ca7b2aa45a08c200ace526cffd9636a1192 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Wed, 16 Mar 2022 12:38:49 +0100 Subject: [PATCH 1/3] feat(cli-repl): pass through sspiHostnameCanonicalization to driver MONGOSH-856 Pass down `sspiHostnameCanonicalization` to the driver as-is and let the driver do the validation. We still map `true` and `false` from strings to booleans and an empty string to `undefined`, since the driver would otherwise reject those values. --- packages/cli-repl/src/arg-mapper.spec.ts | 25 ++++++++++++++---------- packages/cli-repl/src/arg-mapper.ts | 19 +++++++++--------- 2 files changed, 24 insertions(+), 20 deletions(-) diff --git a/packages/cli-repl/src/arg-mapper.spec.ts b/packages/cli-repl/src/arg-mapper.spec.ts index 3c21165770..5daa15070a 100644 --- a/packages/cli-repl/src/arg-mapper.spec.ts +++ b/packages/cli-repl/src/arg-mapper.spec.ts @@ -320,6 +320,9 @@ describe('arg-mapper.mapCliToDriver', () => { it('is not mapped to authMechanismProperties', () => { expect(mapCliToDriver(cliOptions)).to.deep.equal({ + authMechanismProperties: { + CANONICALIZE_HOSTNAME: 'none' + }, driverInfo: { name: 'mongosh', version: packageJSON.version @@ -334,7 +337,7 @@ describe('arg-mapper.mapCliToDriver', () => { it('is mapped to authMechanismProperties', () => { expect(mapCliToDriver(cliOptions)).to.deep.equal({ authMechanismProperties: { - gssapiCanonicalizeHostName: 'true' + gssapiCanonicalizeHostName: 'forward' }, driverInfo: { name: 'mongosh', @@ -344,17 +347,19 @@ describe('arg-mapper.mapCliToDriver', () => { }); }); - context('with a value of forwardAndReverse', () => { - const cliOptions: CliOptions = { sspiHostnameCanonicalization: 'forwardAndReverse' }; + context('with a value of true', () => { + const cliOptions: CliOptions = { sspiHostnameCanonicalization: 'true' }; it('is mapped to authMechanismProperties', () => { - try { - mapCliToDriver(cliOptions); - } catch (e) { - expect(e.message).to.contain('forwardAndReverse is not supported'); - return; - } - expect.fail('expected error'); + expect(mapCliToDriver(cliOptions)).to.deep.equal({ + authMechanismProperties: { + gssapiCanonicalizeHostName: true + }, + driverInfo: { + name: 'mongosh', + version: packageJSON.version + } + }); }); }); }); diff --git a/packages/cli-repl/src/arg-mapper.ts b/packages/cli-repl/src/arg-mapper.ts index cb4ddaaefc..e681697171 100644 --- a/packages/cli-repl/src/arg-mapper.ts +++ b/packages/cli-repl/src/arg-mapper.ts @@ -1,4 +1,4 @@ -import { CommonErrors, MongoshInvalidInputError, MongoshUnimplementedError } from '@mongosh/errors'; +import { MongoshInvalidInputError, MongoshUnimplementedError } from '@mongosh/errors'; import { CliOptions, DevtoolsConnectOptions } from '@mongosh/service-provider-server'; import setValue from 'lodash.set'; @@ -15,7 +15,7 @@ const MAPPINGS = { awsIamSessionToken: 'authMechanismProperties.AWS_SESSION_TOKEN', gssapiServiceName: 'authMechanismProperties.SERVICE_NAME', sspiRealmOverride: 'authMechanismProperties.SERVICE_REALM', - sspiHostnameCanonicalization: { opt: 'authMechanismProperties.gssapiCanonicalizeHostName', fun: mapSspiHostnameCanonicalization }, + sspiHostnameCanonicalization: { opt: 'authMechanismProperties.CANONICALIZE_HOST_NAME', fun: mapGSSAPIHostnameCanonicalization }, authenticationDatabase: 'authSource', authenticationMechanism: 'authMechanism', keyVaultNamespace: 'autoEncryption.keyVaultNamespace', @@ -125,17 +125,16 @@ function getCertificateExporter(): TlsCertificateExporter | undefined { return undefined; } -function mapSspiHostnameCanonicalization(value: string): string | undefined { - if (!value || value === 'none') { +function mapGSSAPIHostnameCanonicalization(value: string): string | boolean | undefined { + // Here for backwards compatibility reasons -- ideally, users should always + // just either not specify this, or use none/forward/forwardAndReverse. + if (value === '') { return undefined; } - if (value === 'forward') { - return 'true'; + if (value === 'true' || value === 'false') { + return value === 'true'; } - throw new MongoshInvalidInputError( - `--sspiHostnameCanonicalization value ${value} is not supported`, - CommonErrors.InvalidArgument - ); + return value; } export default mapCliToDriver; From d3e85b61c02405f87190296fd20767037a4d802f Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Thu, 17 Mar 2022 11:41:27 +0100 Subject: [PATCH 2/3] fixup: adjust tests --- packages/cli-repl/src/arg-mapper.spec.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/cli-repl/src/arg-mapper.spec.ts b/packages/cli-repl/src/arg-mapper.spec.ts index 5daa15070a..879e744fb2 100644 --- a/packages/cli-repl/src/arg-mapper.spec.ts +++ b/packages/cli-repl/src/arg-mapper.spec.ts @@ -337,7 +337,7 @@ describe('arg-mapper.mapCliToDriver', () => { it('is mapped to authMechanismProperties', () => { expect(mapCliToDriver(cliOptions)).to.deep.equal({ authMechanismProperties: { - gssapiCanonicalizeHostName: 'forward' + CANONICALIZE_HOST_NAME: 'forward' }, driverInfo: { name: 'mongosh', @@ -353,7 +353,7 @@ describe('arg-mapper.mapCliToDriver', () => { it('is mapped to authMechanismProperties', () => { expect(mapCliToDriver(cliOptions)).to.deep.equal({ authMechanismProperties: { - gssapiCanonicalizeHostName: true + CANONICALIZE_HOST_NAME: true }, driverInfo: { name: 'mongosh', From 79b8927779fa414e44f61bfea8c98b3a3b8177aa Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Thu, 17 Mar 2022 12:16:44 +0100 Subject: [PATCH 3/3] fixup: typo --- packages/cli-repl/src/arg-mapper.spec.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/cli-repl/src/arg-mapper.spec.ts b/packages/cli-repl/src/arg-mapper.spec.ts index 879e744fb2..b20fddb7bd 100644 --- a/packages/cli-repl/src/arg-mapper.spec.ts +++ b/packages/cli-repl/src/arg-mapper.spec.ts @@ -321,7 +321,7 @@ describe('arg-mapper.mapCliToDriver', () => { it('is not mapped to authMechanismProperties', () => { expect(mapCliToDriver(cliOptions)).to.deep.equal({ authMechanismProperties: { - CANONICALIZE_HOSTNAME: 'none' + CANONICALIZE_HOST_NAME: 'none' }, driverInfo: { name: 'mongosh',