Uploaded image for project: 'Node.js Driver'
  1. Node.js Driver
  2. NODE-1674

Fix auth workflow with regards to auth mechanism resolution

    • Type: Icon: Improvement Improvement
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 3.2.0
    • Affects Version/s: None
    • Component/s: Authentication, Core
    • None

      See this comment .

      • If you do not provide a mechanism, or if you say "default" we need do to mechanism negotiation. As of MongoDB 4.0, this requires an ismaster to get saslSupportedMechs
      • For mechanism negotiation to work, we need to have credentials available at the time of topology connect, which happens before the actual auth call. This way, we can add the saslSupportedMechs field to the first outgoing ismaster
      • At the same time, there is legacy support for authenticating on connect, where you pass credentials in to the initial connect call, and immediately auth. This is a problem, since the credentials have not been mechanism negotiated yet, so they will still say default.

      Lets find a way to do this that is neater

            Assignee:
            matt.broadstone@mongodb.com Matt Broadstone
            Reporter:
            daniel.aprahamian@mongodb.com Daniel Aprahamian (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: