-
Type: Build Failure
-
Resolution: Fixed
-
Priority: Major - P3
-
Affects Version/s: None
-
Component/s: Authentication
OIDC Prose tests are failing on the 5.x branch:
The authentication is not failing, the expectation is that the db "test" at collection "test" has no documents, but it has at least one.
1) OIDC Auth Spec Prose Tests 3. Azure Automatic Auth 3.1 Connect successfully authenticates: AssertionError: expected { _id: new ObjectId("659c32802f06cd989ec40f43") } to be null at Context.<anonymous> (test/integration/auth/mongodb_oidc_azure.prose.test.ts:42:29) at processTicksAndRejections (internal/process/task_queues.js:95:5) 2) OIDC Auth Spec Prose Tests 3. Azure Automatic Auth 3.2 Allowed Hosts Ignored successfully authenticates: AssertionError: expected { _id: new ObjectId("659c32802f06cd989ec40f43") } to be null at Context.<anonymous> (test/integration/auth/mongodb_oidc_azure.prose.test.ts:62:29) at processTicksAndRejections (internal/process/task_queues.js:95:5) 3) OIDC Auth Spec Prose Tests 3. Azure Automatic Auth 3.3 Main Cache Not Used does not use the main callback cache: AssertionError: expected { _id: new ObjectId("659c32802f06cd989ec40f43") } to be null at Context.<anonymous> (test/integration/auth/mongodb_oidc_azure.prose.test.ts:80:29) at processTicksAndRejections (internal/process/task_queues.js:95:5) 4) OIDC Auth Spec Prose Tests 3. Azure Automatic Auth 3.4 Azure Cache is Used uses the Azure OIDC cache: AssertionError: expected { _id: new ObjectId("659c32802f06cd989ec40f43") } to be null at Context.<anonymous> (test/integration/auth/mongodb_oidc_azure.prose.test.ts:100:29) at processTicksAndRejections (internal/process/task_queues.js:95:5)
Have confirmed with devtools that they do not use the 5.x driver for OIDC. The feature is marked as experimental and we can then remove it completely from the 5.x branch.
AC:
Implementation:
- Remove support for the MONGODB-OIDC auth mechanism.
- Remove all validation around OIDC in the URI parser and MongoCredentials.
- Remove all OIDC related code from the auth package.
Testing:
- Remove the Azure OIDC variant from the Evergreen config.
- Remove the OIDC tasks from the Evergreen config.
- Remove all OIDC tests from the manual test directory.
- Remove all OIDC related unit tests.
- Remove all OIDC related integration tests.
- is related to
-
NODE-4929 OIDC: Automatic token acquisition for Azure Identity Provider
- Closed