mongo 2.4.3 → 2.5.0.beta

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 2d433224b22b9fef9861385a7aa3bb1152c688e3
-  data.tar.gz: c238f0884125f4ec1b3a70b3f051fd0ad61e6d51
+  metadata.gz: c4e52038faa9ef6ff0419d1c5855800d4ce07066
+  data.tar.gz: a7b342d735714530107b7b513ee91c8d071472ba
 SHA512:
-  metadata.gz: 898d76cdc7e59033be68aabae3f8591397577e8d15286de25f07327803c42581febbf40a874303766fdc204f5d617523e46f46e663e9b5d8567b34f96a87fd96
-  data.tar.gz: 71d59dd4c289346aedf2bf9e9ad0161f4a98830ee70cadc9d6c45be47eda5c84bc41bde1d261d2d53230fd82350c2bc2d16409656da84e5faaab23660b4190ed
+  metadata.gz: eb58160cfaa1676ee31df0fcd375e2cad12953b46ba063b8a5f46c6e9dcbdcbf750a5c299e8b4222b3af57c9a0902c9f64fe4dfc33dc37df689730cf19f88e27
+  data.tar.gz: 97cc226f8bc3fc8fd7bda2d1be3b29be4a8d03f1e444b572dc74008e1276f733a3408851132cef3241df936c4e1613e4bce2ef2b3597e2fb55031ccfed49fb4c

checksums.yaml.gz.sig

@@ -1,2 +1,3 @@
-�~��	���tO���x����)�e[��t
-2�R�g)>1ĕ�ŗw�m
+�Ca�? @�7��G�I�ͥ'
+m�OF/�
+Z�/(詏�v-�v���d�A�e.R%-Ş�O@Y̽͛�W㞧��
ȁC�&�E��>qa�*!~7�>�?[�P�k�H��͍���N�:Yg�S�3ͭ�yf�!���0�|�sd�jٯ�z��"�'J7e��V�i¥~V���+J�<AOs�o���m�!�b���([�|k'���� �#jݱr���@�C<MTAv	kA旆Ԧ^�f�ӛ��Ñ�� wX���dx

data/lib/mongo.rb

@@ -26,17 +26,18 @@ require 'mongo/error'
 require 'mongo/event'
 require 'mongo/address'
 require 'mongo/auth'
+require 'mongo/protocol'
 require 'mongo/client'
 require 'mongo/cluster'
-require 'mongo/collection'
 require 'mongo/cursor'
+require 'mongo/collection'
 require 'mongo/database'
 require 'mongo/dbref'
 require 'mongo/grid'
 require 'mongo/index'
-require 'mongo/protocol'
 require 'mongo/server'
 require 'mongo/server_selector'
+require 'mongo/session'
 require 'mongo/socket'
 require 'mongo/uri'
 require 'mongo/version'

data/lib/mongo/auth/cr.rb

@@ -49,14 +49,16 @@ module Mongo
       #
       # @param [ Mongo::Connection ] connection The connection to log into.
       #
-      # @return [ Protocol::Reply ] The authentication response.
+      # @return [ Protocol::Message ] The authentication response.
       #
       # @since 2.0.0
       def login(connection)
         conversation = Conversation.new(user)
-        reply = connection.dispatch([ conversation.start ])
-        reply = connection.dispatch([ conversation.continue(reply) ])
-        conversation.finalize(reply)
+        reply = connection.dispatch([ conversation.start(connection) ])
+        connection.update_cluster_time(Operation::Result.new(reply))
+        reply = connection.dispatch([ conversation.continue(reply, connection) ])
+        connection.update_cluster_time(Operation::Result.new(reply))
+        conversation.finalize(reply, connection)
       end
     end
   end

data/lib/mongo/auth/cr/conversation.rb

@@ -27,7 +27,7 @@ module Mongo
         # @since 2.0.0
         LOGIN = { authenticate: 1 }.freeze
 
-        # @return [ Protocol::Reply ] reply The current reply in the
+        # @return [ Protocol::Message ] reply The current reply in the
         #   conversation.
         attr_reader :reply
 
@@ -47,20 +47,29 @@ module Mongo
         # @example Continue the conversation.
         #   conversation.continue(reply)
         #
-        # @param [ Protocol::Reply ] reply The reply of the previous
+        # @param [ Protocol::Message ] reply The reply of the previous
         #   message.
+        # @param [ Mongo::Server::Connection ] connection The connection being authenticated.
         #
         # @return [ Protocol::Query ] The next message to send.
         #
         # @since 2.0.0
-        def continue(reply)
+        def continue(reply, connection = nil)
           validate!(reply)
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            LOGIN.merge(user: user.name, nonce: nonce, key: user.auth_key(nonce)),
-            limit: -1
-          )
+          if connection && connection.features.op_msg_enabled?
+            selector = LOGIN.merge(user: user.name, nonce: nonce, key: user.auth_key(nonce))
+            selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
+            cluster_time = connection.mongos? && connection.cluster_time
+            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
+            Protocol::Msg.new([:none], {}, selector)
+          else
+            Protocol::Query.new(
+              user.auth_source,
+              Database::COMMAND,
+              LOGIN.merge(user: user.name, nonce: nonce, key: user.auth_key(nonce)),
+              limit: -1
+            )
+          end
         end
 
         # Finalize the CR conversation. This is meant to be iterated until
@@ -69,13 +78,13 @@ module Mongo
         # @example Finalize the conversation.
         #   conversation.finalize(reply)
         #
-        # @param [ Protocol::Reply ] reply The reply of the previous
+        # @param [ Protocol::Message ] reply The reply of the previous
         #   message.
         #
         # @return [ Protocol::Query ] The next message to send.
         #
         # @since 2.0.0
-        def finalize(reply)
+        def finalize(reply, connection = nil)
           validate!(reply)
         end
 
@@ -88,12 +97,19 @@ module Mongo
         # @return [ Protocol::Query ] The first CR conversation message.
         #
         # @since 2.0.0
-        def start
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            Auth::GET_NONCE,
-            limit: -1)
+        def start(connection = nil)
+          if connection && connection.features.op_msg_enabled?
+            selector = Auth::GET_NONCE.merge(Protocol::Msg::DATABASE_IDENTIFIER => user.auth_source)
+            cluster_time = connection.mongos? && connection.cluster_time
+            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
+            Protocol::Msg.new([:none], {}, selector)
+          else
+            Protocol::Query.new(
+              user.auth_source,
+              Database::COMMAND,
+              Auth::GET_NONCE,
+              limit: -1)
+          end
         end
 
         # Create the new conversation.

data/lib/mongo/auth/ldap.rb

@@ -49,12 +49,14 @@ module Mongo
       # @param [ Mongo::Connection ] connection The connection to log into.
       #   on.
       #
-      # @return [ Protocol::Reply ] The authentication response.
+      # @return [ Protocol::Message ] The authentication response.
       #
       # @since 2.0.0
       def login(connection)
         conversation = Conversation.new(user)
-        conversation.finalize(connection.dispatch([ conversation.start ]))
+        reply = connection.dispatch([ conversation.start(connection) ])
+        connection.update_cluster_time(Operation::Result.new(reply))
+        conversation.finalize(reply)
       end
     end
   end

data/lib/mongo/auth/ldap/conversation.rb

@@ -27,7 +27,7 @@ module Mongo
         # @since 2.0.0
         LOGIN = { saslStart: 1, autoAuthorize: 1 }.freeze
 
-        # @return [ Protocol::Reply ] reply The current reply in the
+        # @return [ Protocol::Message ] reply The current reply in the
         #   conversation.
         attr_reader :reply
 
@@ -40,7 +40,7 @@ module Mongo
         # @example Finalize the conversation.
         #   conversation.finalize(reply)
         #
-        # @param [ Protocol::Reply ] reply The reply of the previous
+        # @param [ Protocol::Message ] reply The reply of the previous
         #   message.
         #
         # @return [ Protocol::Query ] The next message to send.
@@ -56,16 +56,26 @@ module Mongo
         # @example Start the conversation.
         #   conversation.start
         #
+        # @param [ Mongo::Server::Connection ] connection The connection being authenticated.
+        #
         # @return [ Protocol::Query ] The first PLAIN conversation message.
         #
         # @since 2.0.0
-        def start
-          Protocol::Query.new(
-            Auth::EXTERNAL,
-            Database::COMMAND,
-            LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM),
-            limit: -1
-          )
+        def start(connection = nil)
+          if connection && connection.features.op_msg_enabled?
+            selector = LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM)
+            selector[Protocol::Msg::DATABASE_IDENTIFIER] = Auth::EXTERNAL
+            cluster_time = connection.mongos? && connection.cluster_time
+            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
+            Protocol::Msg.new([:none], {}, selector)
+          else
+            Protocol::Query.new(
+              Auth::EXTERNAL,
+              Database::COMMAND,
+              LOGIN.merge(payload: payload, mechanism: LDAP::MECHANISM),
+              limit: -1
+            )
+          end
         end
 
         # Create the new conversation.

data/lib/mongo/auth/scram.rb

@@ -50,15 +50,18 @@ module Mongo
       # @param [ Mongo::Connection ] connection The connection to log into.
       #   on.
       #
-      # @return [ Protocol::Reply ] The authentication response.
+      # @return [ Protocol::Message ] The authentication response.
       #
       # @since 2.0.0
       def login(connection)
         conversation = Conversation.new(user)
-        reply = connection.dispatch([ conversation.start ])
-        reply = connection.dispatch([ conversation.continue(reply) ])
+        reply = connection.dispatch([ conversation.start(connection) ])
+        connection.update_cluster_time(Operation::Result.new(reply))
+        reply = connection.dispatch([ conversation.continue(reply, connection) ])
+        connection.update_cluster_time(Operation::Result.new(reply))
         until reply.documents[0][Conversation::DONE]
-          reply = connection.dispatch([ conversation.finalize(reply) ])
+          reply = connection.dispatch([ conversation.finalize(reply, connection) ])
+          connection.update_cluster_time(Operation::Result.new(reply))
         end
         reply
       end

data/lib/mongo/auth/scram/conversation.rb

@@ -88,7 +88,7 @@ module Mongo
         # @return [ String ] nonce The initial user nonce.
         attr_reader :nonce
 
-        # @return [ Protocol::Reply ] reply The current reply in the
+        # @return [ Protocol::Message ] reply The current reply in the
         #   conversation.
         attr_reader :reply
 
@@ -102,20 +102,36 @@ module Mongo
         # @example Continue the conversation.
         #   conversation.continue(reply)
         #
-        # @param [ Protocol::Reply ] reply The reply of the previous
+        # @param [ Protocol::Message ] reply The reply of the previous
         #   message.
+        # @param [ Mongo::Server::Connection ] connection The connection being authenticated.
         #
         # @return [ Protocol::Query ] The next message to send.
         #
         # @since 2.0.0
-        def continue(reply)
+        def continue(reply, connection = nil)
           validate_first_message!(reply)
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            CLIENT_CONTINUE_MESSAGE.merge(payload: client_final_message, conversationId: id),
-            limit: -1
-          )
+
+          # The salted password needs to be calculated now; otherwise, if the
+          # client key is cached from a previous authentication, the salt in the
+          # reply will no longer be available for when the salted password is
+          # needed to calculate the server key.
+          salted_password
+
+          if connection && connection.features.op_msg_enabled?
+            selector = CLIENT_CONTINUE_MESSAGE.merge(payload: client_final_message, conversationId: id)
+            selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
+            cluster_time = connection.mongos? && connection.cluster_time
+            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
+            Protocol::Msg.new([:none], {}, selector)
+          else
+            Protocol::Query.new(
+              user.auth_source,
+              Database::COMMAND,
+              CLIENT_CONTINUE_MESSAGE.merge(payload: client_final_message, conversationId: id),
+              limit: -1
+            )
+          end
         end
 
         # Finalize the SCRAM conversation. This is meant to be iterated until
@@ -124,20 +140,29 @@ module Mongo
         # @example Finalize the conversation.
         #   conversation.finalize(reply)
         #
-        # @param [ Protocol::Reply ] reply The reply of the previous
+        # @param [ Protocol::Message ] reply The reply of the previous
         #   message.
+        # @param [ Mongo::Server::Connection ] connection The connection being authenticated.
         #
         # @return [ Protocol::Query ] The next message to send.
         #
         # @since 2.0.0
-        def finalize(reply)
+        def finalize(reply, connection = nil)
           validate_final_message!(reply)
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            CLIENT_CONTINUE_MESSAGE.merge(payload: client_empty_message, conversationId: id),
-            limit: -1
-          )
+          if connection && connection.features.op_msg_enabled?
+            selector = CLIENT_CONTINUE_MESSAGE.merge(payload: client_empty_message, conversationId: id)
+            selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
+            cluster_time = connection.mongos? && connection.cluster_time
+            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
+            Protocol::Msg.new([:none], {}, selector)
+          else
+            Protocol::Query.new(
+              user.auth_source,
+              Database::COMMAND,
+              CLIENT_CONTINUE_MESSAGE.merge(payload: client_empty_message, conversationId: id),
+              limit: -1
+            )
+          end
         end
 
         # Start the SCRAM conversation. This returns the first message that
@@ -146,16 +171,26 @@ module Mongo
         # @example Start the conversation.
         #   conversation.start
         #
+        # @param [ Mongo::Server::Connection ] connection The connection being authenticated.
+        #
         # @return [ Protocol::Query ] The first SCRAM conversation message.
         #
         # @since 2.0.0
-        def start
-          Protocol::Query.new(
-            user.auth_source,
-            Database::COMMAND,
-            CLIENT_FIRST_MESSAGE.merge(payload: client_first_message, mechanism: SCRAM::MECHANISM),
-            limit: -1
-          )
+        def start(connection = nil)
+          if connection && connection.features.op_msg_enabled?
+            selector = CLIENT_FIRST_MESSAGE.merge(payload: client_first_message, mechanism: SCRAM::MECHANISM)
+            selector[Protocol::Msg::DATABASE_IDENTIFIER] = user.auth_source
+            cluster_time = connection.mongos? && connection.cluster_time
+            selector[Operation::CLUSTER_TIME] = cluster_time if cluster_time
+            Protocol::Msg.new([:none], {}, selector)
+          else
+            Protocol::Query.new(
+              user.auth_source,
+              Database::COMMAND,
+              CLIENT_FIRST_MESSAGE.merge(payload: client_first_message, mechanism: SCRAM::MECHANISM),
+              limit: -1
+            )
+          end
         end
 
         # Get the id of the conversation.
@@ -181,6 +216,7 @@ module Mongo
         def initialize(user)
           @user = user
           @nonce = SecureRandom.base64
+          @client_key = user.send(:client_key)
         end
 
         private
@@ -247,6 +283,8 @@ module Mongo
         # @since 2.0.0
         def client_key
           @client_key ||= hmac(salted_password, CLIENT_KEY)
+          user.instance_variable_set(:@client_key, @client_key) unless user.send(:client_key)
+          @client_key
         end
 
         # Client proof algorithm implementation.

data/lib/mongo/auth/user.rb

@@ -131,6 +131,8 @@ module Mongo
       # @option options [ String ] :password The user's password.
       # @option options [ Symbol ] :auth_mech The authorization mechanism.
       # @option options [ Array<String>, Array<Hash> ] roles The user roles.
+      # @option options [ String ] :client_key The user's client key cached from a previous
+      #   authentication on the same connection.
       #
       # @since 2.0.0
       def initialize(options)
@@ -141,6 +143,7 @@ module Mongo
         @mechanism = options[:auth_mech] || :mongodb_cr
         @auth_mech_properties = options[:auth_mech_properties] || {}
         @roles = options[:roles] || []
+        @client_key = options[:client_key]
       end
 
       # Get the specification for the user, used in creation.
@@ -154,6 +157,13 @@ module Mongo
       def spec
         { pwd: hashed_password, roles: roles }
       end
+
+      private
+
+      # The client key for the user.
+      #
+      # @return [ String ] The client key for the user.
+      attr_reader :client_key
     end
   end
 end

data/lib/mongo/auth/user/view.rb

@@ -25,7 +25,7 @@ module Mongo
         # @return [ Database ] database The view's database.
         attr_reader :database
 
-        def_delegators :database, :cluster, :read_preference
+        def_delegators :database, :cluster, :read_preference, :client
         def_delegators :cluster, :next_primary
 
         # Create a new user in the database.
@@ -36,15 +36,20 @@ module Mongo
         # @param [ Auth::User, String ] user_or_name The user object or user name.
         # @param [ Hash ] options The user options.
         #
+        # @option options [ Session ] :session The session to use for the operation.
+        #
         # @return [ Result ] The command response.
         #
         # @since 2.0.0
         def create(user_or_name, options = {})
           user = generate(user_or_name, options)
-          Operation::Write::CreateUser.new(
-            user: user,
-            db_name: database.name
-          ).execute(next_primary)
+          client.send(:with_session, options) do |session|
+            Operation::Write::CreateUser.new(
+              user: user,
+              db_name: database.name,
+              session: session
+            ).execute(next_primary)
+          end
         end
 
         # Initialize the new user view.
@@ -65,15 +70,21 @@ module Mongo
         #   view.remove('user')
         #
         # @param [ String ] name The user name.
+        # @param [ Hash ] options The options for the remove operation.
+        #
+        # @option options [ Session ] :session The session to use for the operation.
         #
         # @return [ Result ] The command response.
         #
         # @since 2.0.0
-        def remove(name)
-          Operation::Write::RemoveUser.new(
-            user_name: name,
-            db_name: database.name
-          ).execute(next_primary)
+        def remove(name, options = {})
+          client.send(:with_session, options) do |session|
+            Operation::Write::RemoveUser.new(
+              user_name: name,
+              db_name: database.name,
+              session: session
+            ).execute(next_primary)
+          end
         end
 
         # Update a user in the database.
@@ -84,15 +95,20 @@ module Mongo
         # @param [ Auth::User, String ] user_or_name The user object or user name.
         # @param [ Hash ] options The user options.
         #
+        # @option options [ Session ] :session The session to use for the operation.
+        #
         # @return [ Result ] The response.
         #
         # @since 2.0.0
         def update(user_or_name, options = {})
-          user = generate(user_or_name, options)
-          Operation::Write::UpdateUser.new(
-            user: user,
-            db_name: database.name
-          ).execute(next_primary)
+          client.send(:with_session, options) do |session|
+            user = generate(user_or_name, options)
+            Operation::Write::UpdateUser.new(
+              user: user,
+              db_name: database.name,
+              session: session
+            ).execute(next_primary)
+          end
         end
 
         # Get info for a particular user in the database.
@@ -101,21 +117,27 @@ module Mongo
         #   view.info('emily')
         #
         # @param [ String ] name The user name.
+        # @param [ Hash ] options The options for the info operation.
+        #
+        # @option options [ Session ] :session The session to use for the operation.
         #
         # @return [ Hash ] A document containing information on a particular user.
         #
         # @since 2.1.0
-        def info(name)
-          user_query(name).documents
+        def info(name, options = {})
+          user_query(name, options).documents
         end
 
         private
 
-        def user_query(name)
-          Operation::Commands::UserQuery.new(
-            user_name: name,
-            db_name: database.name
-          ).execute(next_primary)
+        def user_query(name, options = {})
+          client.send(:with_session, options) do |session|
+            Operation::Commands::UserQuery.new(
+              user_name: name,
+              db_name: database.name,
+              session: session
+            ).execute(next_primary)
+          end
         end
 
         def generate(user, options)