mongodb 5.0.1 → 5.2.0

package/src/cmap/connect.ts

@@ -15,19 +15,19 @@ import {
   MongoNetworkError,
   MongoNetworkTimeoutError,
   MongoRuntimeError,
-  MongoServerError,
   needsRetryableWriteLabel
 } from '../error';
-import { Callback, ClientMetadata, HostAddress, makeClientMetadata, ns } from '../utils';
+import { Callback, ClientMetadata, HostAddress, ns } from '../utils';
 import { AuthContext, AuthProvider } from './auth/auth_provider';
 import { GSSAPI } from './auth/gssapi';
 import { MongoCR } from './auth/mongocr';
 import { MongoDBAWS } from './auth/mongodb_aws';
+import { MongoDBOIDC } from './auth/mongodb_oidc';
 import { Plain } from './auth/plain';
 import { AuthMechanism } from './auth/providers';
 import { ScramSHA1, ScramSHA256 } from './auth/scram';
 import { X509 } from './auth/x509';
-import { Connection, ConnectionOptions, CryptoConnection } from './connection';
+import { CommandOptions, Connection, ConnectionOptions, CryptoConnection } from './connection';
 import {
   MAX_SUPPORTED_SERVER_VERSION,
   MAX_SUPPORTED_WIRE_VERSION,
@@ -35,10 +35,12 @@ import {
   MIN_SUPPORTED_WIRE_VERSION
 } from './wire_protocol/constants';
 
-const AUTH_PROVIDERS = new Map<AuthMechanism | string, AuthProvider>([
+/** @internal */
+export const AUTH_PROVIDERS = new Map<AuthMechanism | string, AuthProvider>([
   [AuthMechanism.MONGODB_AWS, new MongoDBAWS()],
   [AuthMechanism.MONGODB_CR, new MongoCR()],
   [AuthMechanism.MONGODB_GSSAPI, new GSSAPI()],
+  [AuthMechanism.MONGODB_OIDC, new MongoDBOIDC()],
   [AuthMechanism.MONGODB_PLAIN, new Plain()],
   [AuthMechanism.MONGODB_SCRAM_SHA1, new ScramSHA1()],
   [AuthMechanism.MONGODB_SCRAM_SHA256, new ScramSHA256()],
@@ -58,7 +60,16 @@ export function connect(options: ConnectionOptions, callback: Callback<Connectio
     if (options.autoEncrypter) {
       ConnectionType = CryptoConnection;
     }
-    performInitialHandshake(new ConnectionType(socket, options), options, callback);
+
+    const connection = new ConnectionType(socket, options);
+
+    performInitialHandshake(connection, options).then(
+      () => callback(undefined, connection),
+      error => {
+        connection.destroy({ force: false });
+        callback(error);
+      }
+    );
   });
 }
 
@@ -89,119 +100,89 @@ function checkSupportedServer(hello: Document, options: ConnectionOptions) {
   return new MongoCompatibilityError(message);
 }
 
-function performInitialHandshake(
+async function performInitialHandshake(
   conn: Connection,
-  options: ConnectionOptions,
-  _callback: Callback
-) {
-  const callback: Callback<Document> = function (err, ret) {
-    if (err && conn) {
-      conn.destroy();
-    }
-    _callback(err, ret);
-  };
-
+  options: ConnectionOptions
+): Promise<void> {
   const credentials = options.credentials;
+
   if (credentials) {
     if (
       !(credentials.mechanism === AuthMechanism.MONGODB_DEFAULT) &&
       !AUTH_PROVIDERS.get(credentials.mechanism)
     ) {
-      callback(
-        new MongoInvalidArgumentError(`AuthMechanism '${credentials.mechanism}' not supported`)
-      );
-      return;
+      throw new MongoInvalidArgumentError(`AuthMechanism '${credentials.mechanism}' not supported`);
     }
   }
 
   const authContext = new AuthContext(conn, credentials, options);
-  prepareHandshakeDocument(authContext, (err, handshakeDoc) => {
-    if (err || !handshakeDoc) {
-      return callback(err);
-    }
+  conn.authContext = authContext;
 
-    const handshakeOptions: Document = Object.assign({}, options);
-    if (typeof options.connectTimeoutMS === 'number') {
-      // The handshake technically is a monitoring check, so its socket timeout should be connectTimeoutMS
-      handshakeOptions.socketTimeoutMS = options.connectTimeoutMS;
-    }
+  const handshakeDoc = await prepareHandshakeDocument(authContext);
 
-    const start = new Date().getTime();
-    conn.command(ns('admin.$cmd'), handshakeDoc, handshakeOptions, (err, response) => {
-      if (err) {
-        callback(err);
-        return;
-      }
+  // @ts-expect-error: TODO(NODE-5141): The options need to be filtered properly, Connection options differ from Command options
+  const handshakeOptions: CommandOptions = { ...options };
+  if (typeof options.connectTimeoutMS === 'number') {
+    // The handshake technically is a monitoring check, so its socket timeout should be connectTimeoutMS
+    handshakeOptions.socketTimeoutMS = options.connectTimeoutMS;
+  }
 
-      if (response?.ok === 0) {
-        callback(new MongoServerError(response));
-        return;
-      }
+  const start = new Date().getTime();
+  const response = await conn.commandAsync(ns('admin.$cmd'), handshakeDoc, handshakeOptions);
 
-      if (!('isWritablePrimary' in response)) {
-        // Provide hello-style response document.
-        response.isWritablePrimary = response[LEGACY_HELLO_COMMAND];
-      }
+  if (!('isWritablePrimary' in response)) {
+    // Provide hello-style response document.
+    response.isWritablePrimary = response[LEGACY_HELLO_COMMAND];
+  }
 
-      if (response.helloOk) {
-        conn.helloOk = true;
-      }
+  if (response.helloOk) {
+    conn.helloOk = true;
+  }
 
-      const supportedServerErr = checkSupportedServer(response, options);
-      if (supportedServerErr) {
-        callback(supportedServerErr);
-        return;
-      }
+  const supportedServerErr = checkSupportedServer(response, options);
+  if (supportedServerErr) {
+    throw supportedServerErr;
+  }
 
-      if (options.loadBalanced) {
-        if (!response.serviceId) {
-          return callback(
-            new MongoCompatibilityError(
-              'Driver attempted to initialize in load balancing mode, ' +
-                'but the server does not support this mode.'
-            )
-          );
-        }
-      }
+  if (options.loadBalanced) {
+    if (!response.serviceId) {
+      throw new MongoCompatibilityError(
+        'Driver attempted to initialize in load balancing mode, ' +
+          'but the server does not support this mode.'
+      );
+    }
+  }
 
-      // NOTE: This is metadata attached to the connection while porting away from
-      //       handshake being done in the `Server` class. Likely, it should be
-      //       relocated, or at very least restructured.
-      conn.hello = response;
-      conn.lastHelloMS = new Date().getTime() - start;
-
-      if (!response.arbiterOnly && credentials) {
-        // store the response on auth context
-        authContext.response = response;
-
-        const resolvedCredentials = credentials.resolveAuthMechanism(response);
-        const provider = AUTH_PROVIDERS.get(resolvedCredentials.mechanism);
-        if (!provider) {
-          return callback(
-            new MongoInvalidArgumentError(
-              `No AuthProvider for ${resolvedCredentials.mechanism} defined.`
-            )
-          );
+  // NOTE: This is metadata attached to the connection while porting away from
+  //       handshake being done in the `Server` class. Likely, it should be
+  //       relocated, or at very least restructured.
+  conn.hello = response;
+  conn.lastHelloMS = new Date().getTime() - start;
+
+  if (!response.arbiterOnly && credentials) {
+    // store the response on auth context
+    authContext.response = response;
+
+    const resolvedCredentials = credentials.resolveAuthMechanism(response);
+    const provider = AUTH_PROVIDERS.get(resolvedCredentials.mechanism);
+    if (!provider) {
+      throw new MongoInvalidArgumentError(
+        `No AuthProvider for ${resolvedCredentials.mechanism} defined.`
+      );
+    }
+
+    try {
+      await provider.auth(authContext);
+    } catch (error) {
+      if (error instanceof MongoError) {
+        error.addErrorLabel(MongoErrorLabel.HandshakeError);
+        if (needsRetryableWriteLabel(error, response.maxWireVersion)) {
+          error.addErrorLabel(MongoErrorLabel.RetryableWriteError);
         }
-        provider.auth(authContext, err => {
-          if (err) {
-            if (err instanceof MongoError) {
-              err.addErrorLabel(MongoErrorLabel.HandshakeError);
-              if (needsRetryableWriteLabel(err, response.maxWireVersion)) {
-                err.addErrorLabel(MongoErrorLabel.RetryableWriteError);
-              }
-            }
-            return callback(err);
-          }
-          callback(undefined, conn);
-        });
-
-        return;
       }
-
-      callback(undefined, conn);
-    });
-  });
+      throw error;
+    }
+  }
 }
 
 export interface HandshakeDocument extends Document {
@@ -222,10 +203,9 @@ export interface HandshakeDocument extends Document {
  *
  * This function is only exposed for testing purposes.
  */
-export function prepareHandshakeDocument(
-  authContext: AuthContext,
-  callback: Callback<HandshakeDocument>
-) {
+export async function prepareHandshakeDocument(
+  authContext: AuthContext
+): Promise<HandshakeDocument> {
   const options = authContext.options;
   const compressors = options.compressors ? options.compressors : [];
   const { serverApi } = authContext.connection;
@@ -233,7 +213,7 @@ export function prepareHandshakeDocument(
   const handshakeDoc: HandshakeDocument = {
     [serverApi?.version ? 'hello' : LEGACY_HELLO_COMMAND]: 1,
     helloOk: true,
-    client: options.metadata || makeClientMetadata(options),
+    client: options.metadata,
     compression: compressors
   };
 
@@ -249,23 +229,19 @@ export function prepareHandshakeDocument(
       const provider = AUTH_PROVIDERS.get(AuthMechanism.MONGODB_SCRAM_SHA256);
       if (!provider) {
         // This auth mechanism is always present.
-        return callback(
-          new MongoInvalidArgumentError(
-            `No AuthProvider for ${AuthMechanism.MONGODB_SCRAM_SHA256} defined.`
-          )
+        throw new MongoInvalidArgumentError(
+          `No AuthProvider for ${AuthMechanism.MONGODB_SCRAM_SHA256} defined.`
         );
       }
-      return provider.prepare(handshakeDoc, authContext, callback);
+      return provider.prepare(handshakeDoc, authContext);
     }
     const provider = AUTH_PROVIDERS.get(credentials.mechanism);
     if (!provider) {
-      return callback(
-        new MongoInvalidArgumentError(`No AuthProvider for ${credentials.mechanism} defined.`)
-      );
+      throw new MongoInvalidArgumentError(`No AuthProvider for ${credentials.mechanism} defined.`);
     }
-    return provider.prepare(handshakeDoc, authContext, callback);
+    return provider.prepare(handshakeDoc, authContext);
   }
-  callback(undefined, handshakeDoc);
+  return handshakeDoc;
 }
 
 /** @public */
@@ -347,7 +323,7 @@ function parseSslOptions(options: MakeConnectionOptions): TLSConnectionOpts {
 }
 
 const SOCKET_ERROR_EVENT_LIST = ['error', 'close', 'timeout', 'parseError'] as const;
-type ErrorHandlerEventName = typeof SOCKET_ERROR_EVENT_LIST[number] | 'cancel';
+type ErrorHandlerEventName = (typeof SOCKET_ERROR_EVENT_LIST)[number] | 'cancel';
 const SOCKET_ERROR_EVENTS = new Set(SOCKET_ERROR_EVENT_LIST);
 
 function makeConnection(options: MakeConnectionOptions, _callback: Callback<Stream>) {
@@ -428,7 +404,7 @@ function makeConnection(options: MakeConnectionOptions, _callback: Callback<Stre
       }
     }
 
-    socket.setTimeout(socketTimeoutMS);
+    socket.setTimeout(0);
     callback(undefined, socket);
   }
 

package/src/cmap/connection.ts

@@ -1,4 +1,5 @@
 import { clearTimeout, setTimeout } from 'timers';
+import { promisify } from 'util';
 
 import type { BSONSerializeOptions, Document, ObjectId } from '../bson';
 import {
@@ -36,6 +37,7 @@ import {
   uuidV4
 } from '../utils';
 import type { WriteConcern } from '../write_concern';
+import type { AuthContext } from './auth/auth_provider';
 import type { MongoCredentials } from './auth/mongo_credentials';
 import {
   CommandFailedEvent,
@@ -73,7 +75,6 @@ const INVALID_QUEUE_SIZE = 'Connection internal queue contains more than 1 opera
 
 /** @internal */
 export interface CommandOptions extends BSONSerializeOptions {
-  command?: boolean;
   secondaryOk?: boolean;
   /** Specify read preference if command supports it */
   readPreference?: ReadPreferenceLike;
@@ -126,14 +127,13 @@ export interface ConnectionOptions
   noDelay?: boolean;
   socketTimeoutMS?: number;
   cancellationToken?: CancellationToken;
-
   metadata: ClientMetadata;
 }
 
 /** @internal */
 export interface DestroyOptions {
   /** Force the destruction. */
-  force?: boolean;
+  force: boolean;
 }
 
 /** @public */
@@ -154,11 +154,18 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
   address: string;
   socketTimeoutMS: number;
   monitorCommands: boolean;
+  /** Indicates that the connection (including underlying TCP socket) has been closed. */
   closed: boolean;
-  destroyed: boolean;
   lastHelloMS?: number;
   serverApi?: ServerApi;
   helloOk?: boolean;
+  commandAsync: (
+    ns: MongoDBNamespace,
+    cmd: Document,
+    options: CommandOptions | undefined
+  ) => Promise<Document>;
+  /** @internal */
+  authContext?: AuthContext;
 
   /**@internal */
   [kDelayedTimeoutId]: NodeJS.Timeout | null;
@@ -198,13 +205,22 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
 
   constructor(stream: Stream, options: ConnectionOptions) {
     super();
+
+    this.commandAsync = promisify(
+      (
+        ns: MongoDBNamespace,
+        cmd: Document,
+        options: CommandOptions | undefined,
+        callback: Callback
+      ) => this.command(ns, cmd, options, callback as any)
+    );
+
     this.id = options.id;
     this.address = streamIdentifier(stream, options);
     this.socketTimeoutMS = options.socketTimeoutMS ?? 0;
     this.monitorCommands = options.monitorCommands;
     this.serverApi = options.serverApi;
     this.closed = false;
-    this.destroyed = false;
     this[kHello] = null;
     this[kClusterTime] = null;
 
@@ -294,56 +310,19 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
   }
 
   onError(error: Error) {
-    if (this.closed) {
-      return;
-    }
-
-    this[kStream].destroy(error);
-
-    this.closed = true;
-
-    for (const op of this[kQueue].values()) {
-      op.cb(error);
-    }
-
-    this[kQueue].clear();
-    this.emit(Connection.CLOSE);
+    this.cleanup(true, error);
   }
 
   onClose() {
-    if (this.closed) {
-      return;
-    }
-
-    this.closed = true;
-
     const message = `connection ${this.id} to ${this.address} closed`;
-    for (const op of this[kQueue].values()) {
-      op.cb(new MongoNetworkError(message));
-    }
-
-    this[kQueue].clear();
-    this.emit(Connection.CLOSE);
+    this.cleanup(true, new MongoNetworkError(message));
   }
 
   onTimeout() {
-    if (this.closed) {
-      return;
-    }
-
     this[kDelayedTimeoutId] = setTimeout(() => {
-      this[kStream].destroy();
-
-      this.closed = true;
-
       const message = `connection ${this.id} to ${this.address} timed out`;
       const beforeHandshake = this.hello == null;
-      for (const op of this[kQueue].values()) {
-        op.cb(new MongoNetworkTimeoutError(message, { beforeHandshake }));
-      }
-
-      this[kQueue].clear();
-      this.emit(Connection.CLOSE);
+      this.cleanup(true, new MongoNetworkTimeoutError(message, { beforeHandshake }));
     }, 1).unref(); // No need for this timer to hold the event loop open
   }
 
@@ -354,6 +333,9 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
       this[kDelayedTimeoutId] = null;
     }
 
+    const socketTimeoutMS = this[kStream].timeout ?? 0;
+    this[kStream].setTimeout(0);
+
     // always emit the message, in case we are streaming
     this.emit('message', message);
     let operationDescription = this[kQueue].get(message.responseTo);
@@ -364,7 +346,7 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
 
       // First check if the map is of invalid size
       if (this[kQueue].size > 1) {
-        this.onError(new MongoRuntimeError(INVALID_QUEUE_SIZE));
+        this.cleanup(true, new MongoRuntimeError(INVALID_QUEUE_SIZE));
       } else {
         // Get the first orphaned operation description.
         const entry = this[kQueue].entries().next();
@@ -394,8 +376,7 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
       // back in the queue with the correct requestId and will resolve not being able
       // to find the next one via the responseTo of the next streaming hello.
       this[kQueue].set(message.requestId, operationDescription);
-    } else if (operationDescription.socketTimeoutOverride) {
-      this[kStream].setTimeout(this.socketTimeoutMS);
+      this[kStream].setTimeout(socketTimeoutMS);
     }
 
     try {
@@ -421,63 +402,82 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
         this.emit(Connection.CLUSTER_TIME_RECEIVED, document.$clusterTime);
       }
 
-      if (operationDescription.command) {
-        if (document.writeConcernError) {
-          callback(new MongoWriteConcernError(document.writeConcernError, document), document);
-          return;
-        }
+      if (document.writeConcernError) {
+        callback(new MongoWriteConcernError(document.writeConcernError, document), document);
+        return;
+      }
 
-        if (document.ok === 0 || document.$err || document.errmsg || document.code) {
-          callback(new MongoServerError(document));
-          return;
-        }
-      } else {
-        // Pre 3.2 support
-        if (document.ok === 0 || document.$err || document.errmsg) {
-          callback(new MongoServerError(document));
-          return;
-        }
+      if (document.ok === 0 || document.$err || document.errmsg || document.code) {
+        callback(new MongoServerError(document));
+        return;
       }
     }
 
     callback(undefined, message.documents[0]);
   }
 
-  destroy(options?: DestroyOptions, callback?: Callback): void {
-    if (typeof options === 'function') {
-      callback = options;
-      options = { force: false };
+  destroy(options: DestroyOptions, callback?: Callback): void {
+    if (this.closed) {
+      process.nextTick(() => callback?.());
+      return;
+    }
+    if (typeof callback === 'function') {
+      this.once('close', () => process.nextTick(() => callback()));
     }
 
+    // load balanced mode requires that these listeners remain on the connection
+    // after cleanup on timeouts, errors or close so we remove them before calling
+    // cleanup.
     this.removeAllListeners(Connection.PINNED);
     this.removeAllListeners(Connection.UNPINNED);
+    const message = `connection ${this.id} to ${this.address} closed`;
+    this.cleanup(options.force, new MongoNetworkError(message));
+  }
 
-    options = Object.assign({ force: false }, options);
-    if (this[kStream] == null || this.destroyed) {
-      this.destroyed = true;
-      if (typeof callback === 'function') {
-        callback();
-      }
-
+  /**
+   * A method that cleans up the connection.  When `force` is true, this method
+   * forcibly destroys the socket.
+   *
+   * If an error is provided, any in-flight operations will be closed with the error.
+   *
+   * This method does nothing if the connection is already closed.
+   */
+  private cleanup(force: boolean, error?: Error): void {
+    if (this.closed) {
       return;
     }
 
-    if (options.force) {
-      this[kStream].destroy();
-      this.destroyed = true;
-      if (typeof callback === 'function') {
-        callback();
+    this.closed = true;
+
+    const completeCleanup = () => {
+      for (const op of this[kQueue].values()) {
+        op.cb(error);
       }
 
+      this[kQueue].clear();
+
+      this.emit(Connection.CLOSE);
+    };
+
+    this[kStream].removeAllListeners();
+    this[kMessageStream].removeAllListeners();
+
+    this[kMessageStream].destroy();
+
+    if (force) {
+      this[kStream].destroy();
+      completeCleanup();
       return;
     }
 
-    this[kStream].end(() => {
-      this.destroyed = true;
-      if (typeof callback === 'function') {
-        callback();
-      }
-    });
+    if (!this[kStream].writableEnded) {
+      this[kStream].end(() => {
+        this[kStream].destroy();
+        completeCleanup();
+      });
+    } else {
+      completeCleanup();
+    }
   }
 
   command(
@@ -513,6 +513,8 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
       if (err) {
         return callback(err);
       }
+    } else if (session?.explicit) {
+      return callback(new MongoCompatibilityError('Current topology does not support sessions'));
     }
 
     // if we have a known cluster time, gossip it
@@ -529,7 +531,6 @@ export class Connection extends TypedEventEmitter<ConnectionEvents> {
 
     const commandOptions: Document = Object.assign(
       {
-        command: true,
         numberToSkip: 0,
         numberToReturn: -1,
         checkKeys: false,
@@ -629,7 +630,7 @@ export class CryptoConnection extends Connection {
 /** @internal */
 export function hasSessionSupport(conn: Connection): boolean {
   const description = conn.description;
-  return description.logicalSessionTimeoutMinutes != null || !!description.loadBalanced;
+  return description.logicalSessionTimeoutMinutes != null;
 }
 
 function supportsOpMsg(conn: Connection) {
@@ -669,9 +670,9 @@ function write(
     session: options.session,
     noResponse: typeof options.noResponse === 'boolean' ? options.noResponse : false,
     documentsReturnedIn: options.documentsReturnedIn,
-    command: !!options.command,
 
     // for BSON parsing
+    useBigInt64: typeof options.useBigInt64 === 'boolean' ? options.useBigInt64 : false,
     promoteLongs: typeof options.promoteLongs === 'boolean' ? options.promoteLongs : true,
     promoteValues: typeof options.promoteValues === 'boolean' ? options.promoteValues : true,
     promoteBuffers: typeof options.promoteBuffers === 'boolean' ? options.promoteBuffers : false,
@@ -691,8 +692,9 @@ function write(
   }
 
   if (typeof options.socketTimeoutMS === 'number') {
-    operationDescription.socketTimeoutOverride = true;
     conn[kStream].setTimeout(options.socketTimeoutMS);
+  } else if (conn.socketTimeoutMS !== 0) {
+    conn[kStream].setTimeout(conn.socketTimeoutMS);
   }
 
   // if command monitoring is enabled we need to modify the callback here
@@ -702,7 +704,7 @@ function write(
     operationDescription.started = now();
     operationDescription.cb = (err, reply) => {
       // Command monitoring spec states that if ok is 1, then we must always emit
-      // a command suceeded event, even if there's an error. Write concern errors
+      // a command succeeded event, even if there's an error. Write concern errors
       // will have an ok: 1 in their reply.
       if (err && reply?.ok !== 1) {
         conn.emit(