Files
mongo/jstests/auth/speculative-auth-sharding.js
kshitij 46fec6e0db SERVER-95434: Remove shardOptions from shardingtest.js. (#28068)
GitOrigin-RevId: 1a6e80f2083120e3ae09e8d57694e730f2375f94
2024-10-22 18:29:27 +00:00

67 lines
2.6 KiB
JavaScript

// Verify that clients can speculatively authenticate to mongos.
// @tags: [requires_sharding]
import {ShardingTest} from "jstests/libs/shardingtest.js";
const fallbackMech = 'SCRAM-SHA-256';
const keyfile = 'jstests/libs/key1';
const st = new ShardingTest({
mongos: 1,
keyFile: keyfile,
other: {mongosOptions: {auth: null}, configOptions: {auth: null}, rsOptions: {auth: null}}
});
const admin = st.s.getDB('admin');
admin.createUser({user: 'admin', pwd: 'pwd', roles: ['root']});
admin.auth('admin', 'pwd');
let lastStats =
assert.commandWorked(admin.runCommand({serverStatus: 1})).security.authentication.mechanisms;
jsTest.log('Inintial stats: ' + lastStats);
function test(uri, incrMech, isClusterAuth = false) {
jsTest.log('Connecting to: ' + uri);
assert.eq(runMongoProgram('mongo', uri, '--eval', ';'), 0);
const stats = assert.commandWorked(admin.runCommand({serverStatus: 1}))
.security.authentication.mechanisms;
try {
assert.eq(Object.keys(lastStats).length, Object.keys(stats).length);
Object.keys(lastStats).forEach(function(mech) {
const inc = (mech === incrMech) ? 1 : 0;
const clusterInc = (mech === incrMech && isClusterAuth) ? 1 : 0;
const specBefore = lastStats[mech].speculativeAuthenticate;
const specAfter = stats[mech].speculativeAuthenticate;
assert.eq(specAfter.received, specBefore.received + inc);
assert.eq(specAfter.successful, specBefore.successful + inc);
const clusterBefore = lastStats[mech].clusterAuthenticate;
const clusterAfter = stats[mech].clusterAuthenticate;
assert.eq(clusterAfter.received, clusterBefore.received + clusterInc);
assert.eq(clusterAfter.successful, clusterBefore.successful + clusterInc);
const allBefore = lastStats[mech].authenticate;
const allAfter = stats[mech].authenticate;
assert.eq(allAfter.received, allBefore.received + inc);
assert.eq(allAfter.successful, allBefore.successful + inc);
});
} catch (e) {
print("Stats: " + tojson(stats));
throw e;
}
lastStats = stats;
}
const baseURI = 'mongodb://admin:pwd@' + st.s.host + '/admin';
test(baseURI, fallbackMech);
test(baseURI + '?authMechanism=SCRAM-SHA-1', 'SCRAM-SHA-1');
test(baseURI + '?authMechanism=SCRAM-SHA-256', 'SCRAM-SHA-256');
const systemPass = cat(keyfile).replace(/\s/g, '');
test('mongodb://__system:' + systemPass + '@' + st.s.host + '/admin?authMechanisms=SCRAM-SHA-256',
'SCRAM-SHA-256',
true);
admin.logout();
st.stop();