mongodb 7.1.1 → 7.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -0
- package/lib/bson.js +26 -5
- package/lib/bson.js.map +1 -1
- package/lib/change_stream.js +4 -0
- package/lib/change_stream.js.map +1 -1
- package/lib/client-side-encryption/auto_encrypter.js +19 -10
- package/lib/client-side-encryption/auto_encrypter.js.map +1 -1
- package/lib/client-side-encryption/client_encryption.js +1 -3
- package/lib/client-side-encryption/client_encryption.js.map +1 -1
- package/lib/cmap/auth/aws4.js +4 -4
- package/lib/cmap/auth/aws4.js.map +1 -1
- package/lib/cmap/auth/gssapi.js +3 -6
- package/lib/cmap/auth/gssapi.js.map +1 -1
- package/lib/cmap/auth/mongodb_aws.js +3 -2
- package/lib/cmap/auth/mongodb_aws.js.map +1 -1
- package/lib/cmap/auth/mongodb_oidc/azure_machine_workflow.js +3 -3
- package/lib/cmap/auth/mongodb_oidc/azure_machine_workflow.js.map +1 -1
- package/lib/cmap/auth/mongodb_oidc/gcp_machine_workflow.js +3 -3
- package/lib/cmap/auth/mongodb_oidc/gcp_machine_workflow.js.map +1 -1
- package/lib/cmap/auth/mongodb_oidc/k8s_machine_workflow.js +3 -3
- package/lib/cmap/auth/mongodb_oidc/k8s_machine_workflow.js.map +1 -1
- package/lib/cmap/auth/mongodb_oidc/token_machine_workflow.js +3 -3
- package/lib/cmap/auth/mongodb_oidc/token_machine_workflow.js.map +1 -1
- package/lib/cmap/auth/mongodb_oidc.js +4 -4
- package/lib/cmap/auth/mongodb_oidc.js.map +1 -1
- package/lib/cmap/auth/plain.js +1 -1
- package/lib/cmap/auth/plain.js.map +1 -1
- package/lib/cmap/auth/scram.js +53 -40
- package/lib/cmap/auth/scram.js.map +1 -1
- package/lib/cmap/commands.js +46 -39
- package/lib/cmap/commands.js.map +1 -1
- package/lib/cmap/connect.js +1 -0
- package/lib/cmap/connect.js.map +1 -1
- package/lib/cmap/connection.js +5 -2
- package/lib/cmap/connection.js.map +1 -1
- package/lib/cmap/handshake/client_metadata.js +3 -4
- package/lib/cmap/handshake/client_metadata.js.map +1 -1
- package/lib/cmap/wire_protocol/compression.js +8 -7
- package/lib/cmap/wire_protocol/compression.js.map +1 -1
- package/lib/cmap/wire_protocol/on_data.js.map +1 -1
- package/lib/cmap/wire_protocol/on_demand/document.js +9 -9
- package/lib/cmap/wire_protocol/on_demand/document.js.map +1 -1
- package/lib/connection_string.js +21 -5
- package/lib/connection_string.js.map +1 -1
- package/lib/gridfs/download.js +2 -1
- package/lib/gridfs/download.js.map +1 -1
- package/lib/gridfs/upload.js +7 -7
- package/lib/gridfs/upload.js.map +1 -1
- package/lib/mongo_client.js.map +1 -1
- package/lib/operations/execute_operation.js +114 -41
- package/lib/operations/execute_operation.js.map +1 -1
- package/lib/operations/operation.js +1 -0
- package/lib/operations/operation.js.map +1 -1
- package/lib/runtime_adapters.js +32 -0
- package/lib/runtime_adapters.js.map +1 -0
- package/lib/sdam/srv_polling.js +1 -1
- package/lib/sdam/srv_polling.js.map +1 -1
- package/lib/sdam/topology.js +4 -2
- package/lib/sdam/topology.js.map +1 -1
- package/lib/sessions.js +124 -79
- package/lib/sessions.js.map +1 -1
- package/lib/utils.js +10 -33
- package/lib/utils.js.map +1 -1
- package/mongodb.d.ts +45 -2
- package/package.json +30 -21
- package/src/bson.ts +28 -5
- package/src/change_stream.ts +5 -0
- package/src/client-side-encryption/auto_encrypter.ts +17 -11
- package/src/client-side-encryption/client_encryption.ts +1 -3
- package/src/cmap/auth/auth_provider.ts +1 -1
- package/src/cmap/auth/aws4.ts +5 -5
- package/src/cmap/auth/gssapi.ts +9 -6
- package/src/cmap/auth/mongodb_aws.ts +2 -2
- package/src/cmap/auth/mongodb_oidc/azure_machine_workflow.ts +1 -1
- package/src/cmap/auth/mongodb_oidc/gcp_machine_workflow.ts +1 -1
- package/src/cmap/auth/mongodb_oidc/k8s_machine_workflow.ts +1 -1
- package/src/cmap/auth/mongodb_oidc/token_machine_workflow.ts +1 -1
- package/src/cmap/auth/mongodb_oidc.ts +4 -4
- package/src/cmap/auth/plain.ts +2 -2
- package/src/cmap/auth/scram.ts +82 -55
- package/src/cmap/commands.ts +70 -51
- package/src/cmap/connect.ts +2 -0
- package/src/cmap/connection.ts +11 -4
- package/src/cmap/handshake/client_metadata.ts +6 -6
- package/src/cmap/wire_protocol/compression.ts +18 -14
- package/src/cmap/wire_protocol/on_data.ts +5 -5
- package/src/cmap/wire_protocol/on_demand/document.ts +12 -14
- package/src/connection_string.ts +26 -8
- package/src/deps.ts +4 -4
- package/src/gridfs/download.ts +2 -2
- package/src/gridfs/upload.ts +13 -12
- package/src/index.ts +1 -0
- package/src/mongo_client.ts +24 -0
- package/src/operations/client_bulk_write/command_builder.ts +1 -1
- package/src/operations/execute_operation.ts +146 -45
- package/src/operations/operation.ts +8 -0
- package/src/runtime_adapters.ts +64 -0
- package/src/sdam/srv_polling.ts +1 -1
- package/src/sdam/topology.ts +10 -7
- package/src/sessions.ts +140 -96
- package/src/utils.ts +21 -40
- package/tsconfig.json +1 -1
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.tokenMachineCallback = void 0;
|
|
4
4
|
const fs = require("fs");
|
|
5
5
|
const process = require("process");
|
|
6
6
|
const error_1 = require("../../../error");
|
|
@@ -11,7 +11,7 @@ const TOKEN_MISSING_ERROR = 'OIDC_TOKEN_FILE must be set in the environment.';
|
|
|
11
11
|
* @param params - The OIDC callback parameters.
|
|
12
12
|
* @returns The OIDC response.
|
|
13
13
|
*/
|
|
14
|
-
const
|
|
14
|
+
const tokenMachineCallback = async () => {
|
|
15
15
|
const tokenFile = process.env.OIDC_TOKEN_FILE;
|
|
16
16
|
if (!tokenFile) {
|
|
17
17
|
throw new error_1.MongoAWSError(TOKEN_MISSING_ERROR);
|
|
@@ -19,5 +19,5 @@ const callback = async () => {
|
|
|
19
19
|
const token = await fs.promises.readFile(tokenFile, 'utf8');
|
|
20
20
|
return { accessToken: token };
|
|
21
21
|
};
|
|
22
|
-
exports.
|
|
22
|
+
exports.tokenMachineCallback = tokenMachineCallback;
|
|
23
23
|
//# sourceMappingURL=token_machine_workflow.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"token_machine_workflow.js","sourceRoot":"","sources":["../../../../src/cmap/auth/mongodb_oidc/token_machine_workflow.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,mCAAmC;AAEnC,0CAA+C;AAG/C,8DAA8D;AAC9D,MAAM,mBAAmB,GAAG,iDAAiD,CAAC;AAE9E;;;;GAIG;AACI,MAAM,
|
|
1
|
+
{"version":3,"file":"token_machine_workflow.js","sourceRoot":"","sources":["../../../../src/cmap/auth/mongodb_oidc/token_machine_workflow.ts"],"names":[],"mappings":";;;AAAA,yBAAyB;AACzB,mCAAmC;AAEnC,0CAA+C;AAG/C,8DAA8D;AAC9D,MAAM,mBAAmB,GAAG,iDAAiD,CAAC;AAE9E;;;;GAIG;AACI,MAAM,oBAAoB,GAAyB,KAAK,IAA2B,EAAE;IAC1F,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC;IAC9C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,qBAAa,CAAC,mBAAmB,CAAC,CAAC;IAC/C,CAAC;IACD,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC5D,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;AAChC,CAAC,CAAC;AAPW,QAAA,oBAAoB,wBAO/B"}
|
|
@@ -15,10 +15,10 @@ const MISSING_CREDENTIALS_ERROR = 'AuthContext must provide credentials.';
|
|
|
15
15
|
exports.OIDC_VERSION = 1;
|
|
16
16
|
/** @internal */
|
|
17
17
|
exports.OIDC_WORKFLOWS = new Map();
|
|
18
|
-
exports.OIDC_WORKFLOWS.set('test', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), token_machine_workflow_1.
|
|
19
|
-
exports.OIDC_WORKFLOWS.set('azure', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), azure_machine_workflow_1.
|
|
20
|
-
exports.OIDC_WORKFLOWS.set('gcp', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), gcp_machine_workflow_1.
|
|
21
|
-
exports.OIDC_WORKFLOWS.set('k8s', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), k8s_machine_workflow_1.
|
|
18
|
+
exports.OIDC_WORKFLOWS.set('test', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), token_machine_workflow_1.tokenMachineCallback));
|
|
19
|
+
exports.OIDC_WORKFLOWS.set('azure', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), azure_machine_workflow_1.azureCallback));
|
|
20
|
+
exports.OIDC_WORKFLOWS.set('gcp', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), gcp_machine_workflow_1.gcpCallback));
|
|
21
|
+
exports.OIDC_WORKFLOWS.set('k8s', () => new automated_callback_workflow_1.AutomatedCallbackWorkflow(new token_cache_1.TokenCache(), k8s_machine_workflow_1.k8sCallback));
|
|
22
22
|
/**
|
|
23
23
|
* OIDC auth provider.
|
|
24
24
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mongodb_oidc.js","sourceRoot":"","sources":["../../../src/cmap/auth/mongodb_oidc.ts"],"names":[],"mappings":";;;AACA,uCAAsF;AAGtF,mDAAiE;AAEjE,4FAAuF;AACvF,
|
|
1
|
+
{"version":3,"file":"mongodb_oidc.js","sourceRoot":"","sources":["../../../src/cmap/auth/mongodb_oidc.ts"],"names":[],"mappings":";;;AACA,uCAAsF;AAGtF,mDAAiE;AAEjE,4FAAuF;AACvF,kFAAsE;AACtE,8EAAkE;AAClE,8EAAkE;AAClE,4DAAwD;AACxD,kFAA6F;AAE7F,0CAA0C;AAC1C,MAAM,yBAAyB,GAAG,uCAAuC,CAAC;AA6E1E,kDAAkD;AACrC,QAAA,YAAY,GAAG,CAAC,CAAC;AA6B9B,gBAAgB;AACH,QAAA,cAAc,GAAyC,IAAI,GAAG,EAAE,CAAC;AAC9E,sBAAc,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,IAAI,uDAAyB,CAAC,IAAI,wBAAU,EAAE,EAAE,6CAAY,CAAC,CAAC,CAAC;AAChG,sBAAc,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,EAAE,CAAC,IAAI,uDAAyB,CAAC,IAAI,wBAAU,EAAE,EAAE,sCAAa,CAAC,CAAC,CAAC;AAClG,sBAAc,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,IAAI,uDAAyB,CAAC,IAAI,wBAAU,EAAE,EAAE,kCAAW,CAAC,CAAC,CAAC;AAC9F,sBAAc,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,IAAI,uDAAyB,CAAC,IAAI,wBAAU,EAAE,EAAE,kCAAW,CAAC,CAAC,CAAC;AAE9F;;GAEG;AACH,MAAa,WAAY,SAAQ,4BAAY;IAG3C;;OAEG;IACH,YAAY,QAAmB;QAC7B,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,iCAAyB,CAAC,iDAAiD,CAAC,CAAC;QACzF,CAAC;QACD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC3B,CAAC;IAED;;OAEG;IACM,KAAK,CAAC,IAAI,CAAC,WAAwB;QAC1C,MAAM,EAAE,UAAU,EAAE,gBAAgB,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC;QAC/D,IAAI,QAAQ,EAAE,uBAAuB,EAAE,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACjE,OAAO;QACT,CAAC;QACD,MAAM,WAAW,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;QAChD,IAAI,gBAAgB,EAAE,CAAC;YACrB,MAAM,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;QAC9D,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED;;OAEG;IACM,KAAK,CAAC,OAAO,CACpB,YAA+B,EAC/B,WAAwB;QAExB,MAAM,EAAE,UAAU,EAAE,GAAG,WAAW,CAAC;QACnC,MAAM,WAAW,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,eAAe,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;QAC5E,OAAO,EAAE,GAAG,YAAY,EAAE,GAAG,MAAM,EAAE,CAAC;IACxC,CAAC;CACF;AA1CD,kCA0CC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,WAAwB;IAC9C,MAAM,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC;IACpC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,oCAA4B,CAAC,yBAAyB,CAAC,CAAC;IACpE,CAAC;IACD,OAAO,WAAW,CAAC;AACrB,CAAC"}
|
package/lib/cmap/auth/plain.js
CHANGED
|
@@ -12,7 +12,7 @@ class Plain extends auth_provider_1.AuthProvider {
|
|
|
12
12
|
throw new error_1.MongoMissingCredentialsError('AuthContext must provide credentials.');
|
|
13
13
|
}
|
|
14
14
|
const { username, password } = credentials;
|
|
15
|
-
const payload = new bson_1.Binary(
|
|
15
|
+
const payload = new bson_1.Binary(bson_1.ByteUtils.fromUTF8(`\x00${username}\x00${password}`));
|
|
16
16
|
const command = {
|
|
17
17
|
saslStart: 1,
|
|
18
18
|
mechanism: 'PLAIN',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plain.js","sourceRoot":"","sources":["../../../src/cmap/auth/plain.ts"],"names":[],"mappings":";;;AAAA,
|
|
1
|
+
{"version":3,"file":"plain.js","sourceRoot":"","sources":["../../../src/cmap/auth/plain.ts"],"names":[],"mappings":";;;AAAA,qCAA+C;AAC/C,uCAA2D;AAC3D,uCAAiC;AACjC,mDAAiE;AAEjE,MAAa,KAAM,SAAQ,4BAAY;IAC5B,KAAK,CAAC,IAAI,CAAC,WAAwB;QAC1C,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC;QAChD,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,oCAA4B,CAAC,uCAAuC,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC;QAE3C,MAAM,OAAO,GAAG,IAAI,aAAM,CAAC,gBAAS,CAAC,QAAQ,CAAC,OAAO,QAAQ,OAAO,QAAQ,EAAE,CAAC,CAAC,CAAC;QACjF,MAAM,OAAO,GAAG;YACd,SAAS,EAAE,CAAC;YACZ,SAAS,EAAE,OAAO;YAClB,OAAO,EAAE,OAAO;YAChB,aAAa,EAAE,CAAC;SACjB,CAAC;QAEF,MAAM,UAAU,CAAC,OAAO,CAAC,IAAA,UAAE,EAAC,gBAAgB,CAAC,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;IACrE,CAAC;CACF;AAnBD,sBAmBC"}
|
package/lib/cmap/auth/scram.js
CHANGED
|
@@ -2,7 +2,6 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.ScramSHA256 = exports.ScramSHA1 = void 0;
|
|
4
4
|
const saslprep_1 = require("@mongodb-js/saslprep");
|
|
5
|
-
const crypto = require("crypto");
|
|
6
5
|
const bson_1 = require("../../bson");
|
|
7
6
|
const error_1 = require("../../error");
|
|
8
7
|
const utils_1 = require("../../utils");
|
|
@@ -45,11 +44,11 @@ function cleanUsername(username) {
|
|
|
45
44
|
function clientFirstMessageBare(username, nonce) {
|
|
46
45
|
// NOTE: This is done b/c Javascript uses UTF-16, but the server is hashing in UTF-8.
|
|
47
46
|
// Since the username is not sasl-prep-d, we need to do this here.
|
|
48
|
-
return
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
|
|
47
|
+
return bson_1.ByteUtils.concat([
|
|
48
|
+
bson_1.ByteUtils.fromUTF8('n='),
|
|
49
|
+
bson_1.ByteUtils.fromUTF8(username),
|
|
50
|
+
bson_1.ByteUtils.fromUTF8(',r='),
|
|
51
|
+
bson_1.ByteUtils.fromUTF8(bson_1.ByteUtils.toBase64(nonce))
|
|
53
52
|
]);
|
|
54
53
|
}
|
|
55
54
|
function makeFirstMessage(cryptoMethod, credentials, nonce) {
|
|
@@ -60,7 +59,7 @@ function makeFirstMessage(cryptoMethod, credentials, nonce) {
|
|
|
60
59
|
return {
|
|
61
60
|
saslStart: 1,
|
|
62
61
|
mechanism,
|
|
63
|
-
payload: new bson_1.Binary(
|
|
62
|
+
payload: new bson_1.Binary(bson_1.ByteUtils.concat([bson_1.ByteUtils.fromUTF8('n,,'), clientFirstMessageBare(username, nonce)])),
|
|
64
63
|
autoAuthorize: 1,
|
|
65
64
|
options: { skipEmptyExchange: true }
|
|
66
65
|
};
|
|
@@ -93,7 +92,7 @@ async function continueScramConversation(cryptoMethod, response, authContext) {
|
|
|
93
92
|
const username = cleanUsername(credentials.username);
|
|
94
93
|
const password = credentials.password;
|
|
95
94
|
const processedPassword = cryptoMethod === 'sha256' ? (0, saslprep_1.saslprep)(password) : passwordDigest(username, password);
|
|
96
|
-
const payload =
|
|
95
|
+
const payload = bson_1.ByteUtils.isUint8Array(response.payload)
|
|
97
96
|
? new bson_1.Binary(response.payload)
|
|
98
97
|
: response.payload;
|
|
99
98
|
const dict = parsePayload(payload);
|
|
@@ -110,27 +109,27 @@ async function continueScramConversation(cryptoMethod, response, authContext) {
|
|
|
110
109
|
}
|
|
111
110
|
// Set up start of proof
|
|
112
111
|
const withoutProof = `c=biws,r=${rnonce}`;
|
|
113
|
-
const saltedPassword = HI(processedPassword,
|
|
114
|
-
const clientKey = HMAC(cryptoMethod, saltedPassword, 'Client Key');
|
|
115
|
-
const serverKey = HMAC(cryptoMethod, saltedPassword, 'Server Key');
|
|
116
|
-
const storedKey = H(cryptoMethod, clientKey);
|
|
112
|
+
const saltedPassword = await HI(processedPassword, bson_1.ByteUtils.fromBase64(salt), iterations, cryptoMethod);
|
|
113
|
+
const clientKey = await HMAC(cryptoMethod, saltedPassword, 'Client Key');
|
|
114
|
+
const serverKey = await HMAC(cryptoMethod, saltedPassword, 'Server Key');
|
|
115
|
+
const storedKey = await H(cryptoMethod, clientKey);
|
|
117
116
|
const authMessage = [
|
|
118
117
|
clientFirstMessageBare(username, nonce),
|
|
119
118
|
payload.toString('utf8'),
|
|
120
119
|
withoutProof
|
|
121
120
|
].join(',');
|
|
122
|
-
const clientSignature = HMAC(cryptoMethod, storedKey, authMessage);
|
|
121
|
+
const clientSignature = await HMAC(cryptoMethod, storedKey, authMessage);
|
|
123
122
|
const clientProof = `p=${xor(clientKey, clientSignature)}`;
|
|
124
123
|
const clientFinal = [withoutProof, clientProof].join(',');
|
|
125
|
-
const serverSignature = HMAC(cryptoMethod, serverKey, authMessage);
|
|
124
|
+
const serverSignature = await HMAC(cryptoMethod, serverKey, authMessage);
|
|
126
125
|
const saslContinueCmd = {
|
|
127
126
|
saslContinue: 1,
|
|
128
127
|
conversationId: response.conversationId,
|
|
129
|
-
payload: new bson_1.Binary(
|
|
128
|
+
payload: new bson_1.Binary(bson_1.ByteUtils.fromUTF8(clientFinal))
|
|
130
129
|
};
|
|
131
130
|
const r = await connection.command((0, utils_1.ns)(`${db}.$cmd`), saslContinueCmd, undefined);
|
|
132
131
|
const parsedResponse = parsePayload(r.payload);
|
|
133
|
-
if (!compareDigest(
|
|
132
|
+
if (!compareDigest(bson_1.ByteUtils.fromBase64(parsedResponse.v), serverSignature)) {
|
|
134
133
|
throw new error_1.MongoRuntimeError('Server returned an invalid signature');
|
|
135
134
|
}
|
|
136
135
|
if (r.done !== false) {
|
|
@@ -140,7 +139,7 @@ async function continueScramConversation(cryptoMethod, response, authContext) {
|
|
|
140
139
|
const retrySaslContinueCmd = {
|
|
141
140
|
saslContinue: 1,
|
|
142
141
|
conversationId: r.conversationId,
|
|
143
|
-
payload:
|
|
142
|
+
payload: bson_1.ByteUtils.allocate(0)
|
|
144
143
|
};
|
|
145
144
|
await connection.command((0, utils_1.ns)(`${db}.$cmd`), retrySaslContinueCmd, undefined);
|
|
146
145
|
}
|
|
@@ -164,41 +163,51 @@ function passwordDigest(username, password) {
|
|
|
164
163
|
if (password.length === 0) {
|
|
165
164
|
throw new error_1.MongoInvalidArgumentError('Password cannot be empty');
|
|
166
165
|
}
|
|
167
|
-
let
|
|
166
|
+
let nodeCrypto;
|
|
168
167
|
try {
|
|
169
|
-
|
|
168
|
+
// TODO: NODE-7424 - remove dependency on 'crypto' for SCRAM-SHA-1 authentication
|
|
169
|
+
// eslint-disable-next-line @typescript-eslint/no-require-imports
|
|
170
|
+
nodeCrypto = require('crypto');
|
|
171
|
+
}
|
|
172
|
+
catch (e) {
|
|
173
|
+
throw new error_1.MongoRuntimeError('Node.js crypto module is required for SCRAM-SHA-1 authentication', {
|
|
174
|
+
cause: e
|
|
175
|
+
});
|
|
176
|
+
}
|
|
177
|
+
try {
|
|
178
|
+
const md5 = nodeCrypto.createHash('md5');
|
|
179
|
+
md5.update(`${username}:mongo:${password}`, 'utf8');
|
|
180
|
+
return md5.digest('hex');
|
|
170
181
|
}
|
|
171
182
|
catch (err) {
|
|
172
|
-
if (
|
|
183
|
+
if (nodeCrypto.getFips()) {
|
|
173
184
|
// This error is (slightly) more helpful than what comes from OpenSSL directly, e.g.
|
|
174
185
|
// 'Error: error:060800C8:digital envelope routines:EVP_DigestInit_ex:disabled for FIPS'
|
|
175
186
|
throw new Error('Auth mechanism SCRAM-SHA-1 is not supported in FIPS mode');
|
|
176
187
|
}
|
|
177
188
|
throw err;
|
|
178
189
|
}
|
|
179
|
-
md5.update(`${username}:mongo:${password}`, 'utf8');
|
|
180
|
-
return md5.digest('hex');
|
|
181
190
|
}
|
|
182
191
|
// XOR two buffers
|
|
183
192
|
function xor(a, b) {
|
|
184
|
-
if (!Buffer.isBuffer(a)) {
|
|
185
|
-
a = Buffer.from(a);
|
|
186
|
-
}
|
|
187
|
-
if (!Buffer.isBuffer(b)) {
|
|
188
|
-
b = Buffer.from(b);
|
|
189
|
-
}
|
|
190
193
|
const length = Math.max(a.length, b.length);
|
|
191
194
|
const res = [];
|
|
192
195
|
for (let i = 0; i < length; i += 1) {
|
|
193
196
|
res.push(a[i] ^ b[i]);
|
|
194
197
|
}
|
|
195
|
-
return
|
|
198
|
+
return bson_1.ByteUtils.toBase64(bson_1.ByteUtils.fromNumberArray(res));
|
|
196
199
|
}
|
|
197
|
-
function H(method, text) {
|
|
198
|
-
|
|
200
|
+
async function H(method, text) {
|
|
201
|
+
const buffer = await crypto.subtle.digest(method === 'sha256' ? 'SHA-256' : 'SHA-1', text);
|
|
202
|
+
return new Uint8Array(buffer);
|
|
199
203
|
}
|
|
200
|
-
function HMAC(method, key, text) {
|
|
201
|
-
|
|
204
|
+
async function HMAC(method, key, text) {
|
|
205
|
+
const keyBuffer = bson_1.ByteUtils.toLocalBufferType(key);
|
|
206
|
+
const cryptoKey = await crypto.subtle.importKey('raw', keyBuffer, { name: 'HMAC', hash: { name: method === 'sha256' ? 'SHA-256' : 'SHA-1' } }, false, ['sign', 'verify']);
|
|
207
|
+
const textData = typeof text === 'string' ? new TextEncoder().encode(text) : text;
|
|
208
|
+
const textBuffer = bson_1.ByteUtils.toLocalBufferType(textData);
|
|
209
|
+
const signature = await crypto.subtle.sign('HMAC', cryptoKey, textBuffer);
|
|
210
|
+
return new Uint8Array(signature);
|
|
202
211
|
}
|
|
203
212
|
let _hiCache = {};
|
|
204
213
|
let _hiCacheCount = 0;
|
|
@@ -210,14 +219,21 @@ const hiLengthMap = {
|
|
|
210
219
|
sha256: 32,
|
|
211
220
|
sha1: 20
|
|
212
221
|
};
|
|
213
|
-
function HI(data, salt, iterations, cryptoMethod) {
|
|
222
|
+
async function HI(data, salt, iterations, cryptoMethod) {
|
|
214
223
|
// omit the work if already generated
|
|
215
|
-
const key = [data,
|
|
224
|
+
const key = [data, bson_1.ByteUtils.toBase64(salt), iterations].join('_');
|
|
216
225
|
if (_hiCache[key] != null) {
|
|
217
226
|
return _hiCache[key];
|
|
218
227
|
}
|
|
219
|
-
|
|
220
|
-
const
|
|
228
|
+
const keyMaterial = await crypto.subtle.importKey('raw', new TextEncoder().encode(data), { name: 'PBKDF2' }, false, ['deriveBits']);
|
|
229
|
+
const params = {
|
|
230
|
+
name: 'PBKDF2',
|
|
231
|
+
salt: salt,
|
|
232
|
+
iterations: iterations,
|
|
233
|
+
hash: { name: cryptoMethod === 'sha256' ? 'SHA-256' : 'SHA-1' }
|
|
234
|
+
};
|
|
235
|
+
const derivedBits = await crypto.subtle.deriveBits(params, keyMaterial, hiLengthMap[cryptoMethod] * 8);
|
|
236
|
+
const saltedData = new Uint8Array(derivedBits);
|
|
221
237
|
// cache a copy to speed up the next lookup, but prevent unbounded cache growth
|
|
222
238
|
if (_hiCacheCount >= 200) {
|
|
223
239
|
_hiCachePurge();
|
|
@@ -230,9 +246,6 @@ function compareDigest(lhs, rhs) {
|
|
|
230
246
|
if (lhs.length !== rhs.length) {
|
|
231
247
|
return false;
|
|
232
248
|
}
|
|
233
|
-
if (typeof crypto.timingSafeEqual === 'function') {
|
|
234
|
-
return crypto.timingSafeEqual(lhs, rhs);
|
|
235
|
-
}
|
|
236
249
|
let result = 0;
|
|
237
250
|
for (let i = 0; i < lhs.length; i++) {
|
|
238
251
|
result |= lhs[i] ^ rhs[i];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scram.js","sourceRoot":"","sources":["../../../src/cmap/auth/scram.ts"],"names":[],"mappings":";;;AAAA,mDAAgD;
|
|
1
|
+
{"version":3,"file":"scram.js","sourceRoot":"","sources":["../../../src/cmap/auth/scram.ts"],"names":[],"mappings":";;;AAAA,mDAAgD;AAEhD,qCAA8D;AAC9D,uCAIqB;AACrB,uCAA8C;AAE9C,mDAAiE;AAEjE,2CAA4C;AAI5C,MAAM,QAAS,SAAQ,4BAAY;IAGjC,YAAY,YAA0B;QACpC,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,YAAY,GAAG,YAAY,IAAI,MAAM,CAAC;IAC7C,CAAC;IAEQ,KAAK,CAAC,OAAO,CACpB,YAA+B,EAC/B,WAAwB;QAExB,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;QACvC,MAAM,WAAW,GAAG,WAAW,CAAC,WAAW,CAAC;QAC5C,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,oCAA4B,CAAC,uCAAuC,CAAC,CAAC;QAClF,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAW,EAAC,EAAE,CAAC,CAAC;QACpC,gCAAgC;QAChC,WAAW,CAAC,KAAK,GAAG,KAAK,CAAC;QAE1B,MAAM,OAAO,GAAG;YACd,GAAG,YAAY;YACf,uBAAuB,EAAE;gBACvB,GAAG,gBAAgB,CAAC,YAAY,EAAE,WAAW,EAAE,KAAK,CAAC;gBACrD,EAAE,EAAE,WAAW,CAAC,MAAM;aACvB;SACF,CAAC;QAEF,OAAO,OAAO,CAAC;IACjB,CAAC;IAEQ,KAAK,CAAC,IAAI,CAAC,WAAwB;QAC1C,MAAM,EAAE,gBAAgB,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC;QACnD,IAAI,QAAQ,EAAE,uBAAuB,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3D,OAAO,MAAM,yBAAyB,CACpC,IAAI,CAAC,YAAY,EACjB,QAAQ,CAAC,uBAAuB,EAChC,WAAW,CACZ,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,YAAY,CAAC,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;IAC5D,CAAC;CACF;AAED,SAAS,aAAa,CAAC,QAAgB;IACrC,OAAO,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;AAC1D,CAAC;AAED,SAAS,sBAAsB,CAAC,QAAgB,EAAE,KAAiB;IACjE,qFAAqF;IACrF,kEAAkE;IAClE,OAAO,gBAAS,CAAC,MAAM,CAAC;QACtB,gBAAS,CAAC,QAAQ,CAAC,IAAI,CAAC;QACxB,gBAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC5B,gBAAS,CAAC,QAAQ,CAAC,KAAK,CAAC;QACzB,gBAAS,CAAC,QAAQ,CAAC,gBAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;KAC9C,CAAC,CAAC;AACL,CAAC;AAED,SAAS,gBAAgB,CACvB,YAA0B,EAC1B,WAA6B,EAC7B,KAAiB;IAEjB,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,SAAS,GACb,YAAY,KAAK,MAAM,CAAC,CAAC,CAAC,yBAAa,CAAC,kBAAkB,CAAC,CAAC,CAAC,yBAAa,CAAC,oBAAoB,CAAC;IAElG,qFAAqF;IACrF,kEAAkE;IAClE,OAAO;QACL,SAAS,EAAE,CAAC;QACZ,SAAS;QACT,OAAO,EAAE,IAAI,aAAM,CACjB,gBAAS,CAAC,MAAM,CAAC,CAAC,gBAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,sBAAsB,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CACvF;QACD,aAAa,EAAE,CAAC;QAChB,OAAO,EAAE,EAAE,iBAAiB,EAAE,IAAI,EAAE;KACrC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,YAA0B,EAAE,WAAwB;IAC9E,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC;IAChD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,oCAA4B,CAAC,uCAAuC,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QACvB,MAAM,IAAI,iCAAyB,CAAC,iDAAiD,CAAC,CAAC;IACzF,CAAC;IACD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC;IAChC,MAAM,EAAE,GAAG,WAAW,CAAC,MAAM,CAAC;IAE9B,MAAM,YAAY,GAAG,gBAAgB,CAAC,YAAY,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC;IACxE,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,IAAA,UAAE,EAAC,GAAG,EAAE,OAAO,CAAC,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;IACrF,MAAM,yBAAyB,CAAC,YAAY,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;AACvE,CAAC;AAED,KAAK,UAAU,yBAAyB,CACtC,YAA0B,EAC1B,QAAkB,EAClB,WAAwB;IAExB,MAAM,UAAU,GAAG,WAAW,CAAC,UAAU,CAAC;IAC1C,MAAM,WAAW,GAAG,WAAW,CAAC,WAAW,CAAC;IAC5C,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,oCAA4B,CAAC,uCAAuC,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QACvB,MAAM,IAAI,iCAAyB,CAAC,8CAA8C,CAAC,CAAC;IACtF,CAAC;IACD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC;IAEhC,MAAM,EAAE,GAAG,WAAW,CAAC,MAAM,CAAC;IAC9B,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC;IAEtC,MAAM,iBAAiB,GACrB,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAA,mBAAQ,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEtF,MAAM,OAAO,GAAW,gBAAS,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC9D,CAAC,CAAC,IAAI,aAAM,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC9B,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;IAErB,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAEnC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACxC,IAAI,UAAU,IAAI,UAAU,GAAG,IAAI,EAAE,CAAC;QACpC,kBAAkB;QAClB,MAAM,IAAI,yBAAiB,CAAC,8CAA8C,UAAU,EAAE,CAAC,CAAC;IAC1F,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC;IACpB,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC;IACtB,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/B,kBAAkB;QAClB,MAAM,IAAI,yBAAiB,CAAC,qCAAqC,MAAM,EAAE,CAAC,CAAC;IAC7E,CAAC;IAED,wBAAwB;IACxB,MAAM,YAAY,GAAG,YAAY,MAAM,EAAE,CAAC;IAC1C,MAAM,cAAc,GAAG,MAAM,EAAE,CAC7B,iBAAiB,EACjB,gBAAS,CAAC,UAAU,CAAC,IAAI,CAAC,EAC1B,UAAU,EACV,YAAY,CACb,CAAC;IAEF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,cAAc,EAAE,YAAY,CAAC,CAAC;IACzE,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,cAAc,EAAE,YAAY,CAAC,CAAC;IACzE,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;IACnD,MAAM,WAAW,GAAG;QAClB,sBAAsB,CAAC,QAAQ,EAAE,KAAK,CAAC;QACvC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;QACxB,YAAY;KACb,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEZ,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IACzE,MAAM,WAAW,GAAG,KAAK,GAAG,CAAC,SAAS,EAAE,eAAe,CAAC,EAAE,CAAC;IAC3D,MAAM,WAAW,GAAG,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE1D,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,YAAY,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IACzE,MAAM,eAAe,GAAG;QACtB,YAAY,EAAE,CAAC;QACf,cAAc,EAAE,QAAQ,CAAC,cAAc;QACvC,OAAO,EAAE,IAAI,aAAM,CAAC,gBAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;KACrD,CAAC;IAEF,MAAM,CAAC,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,IAAA,UAAE,EAAC,GAAG,EAAE,OAAO,CAAC,EAAE,eAAe,EAAE,SAAS,CAAC,CAAC;IACjF,MAAM,cAAc,GAAG,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAE/C,IAAI,CAAC,aAAa,CAAC,gBAAS,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,EAAE,CAAC;QAC5E,MAAM,IAAI,yBAAiB,CAAC,sCAAsC,CAAC,CAAC;IACtE,CAAC;IAED,IAAI,CAAC,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QACrB,0DAA0D;QAC1D,OAAO;IACT,CAAC;IAED,MAAM,oBAAoB,GAAG;QAC3B,YAAY,EAAE,CAAC;QACf,cAAc,EAAE,CAAC,CAAC,cAAc;QAChC,OAAO,EAAE,gBAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;KAC/B,CAAC;IAEF,MAAM,UAAU,CAAC,OAAO,CAAC,IAAA,UAAE,EAAC,GAAG,EAAE,OAAO,CAAC,EAAE,oBAAoB,EAAE,SAAS,CAAC,CAAC;AAC9E,CAAC;AAED,SAAS,YAAY,CAAC,OAAe;IACnC,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC5C,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACrE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;IACtC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB,EAAE,QAAgB;IACxD,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,iCAAyB,CAAC,2BAA2B,CAAC,CAAC;IACnE,CAAC;IAED,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,MAAM,IAAI,iCAAyB,CAAC,2BAA2B,CAAC,CAAC;IACnE,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,iCAAyB,CAAC,0BAA0B,CAAC,CAAC;IAClE,CAAC;IAED,IAAI,UAAU,CAAC;IACf,IAAI,CAAC;QACH,iFAAiF;QACjF,iEAAiE;QACjE,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IACjC,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,yBAAiB,CACzB,kEAAkE,EAClE;YACE,KAAK,EAAE,CAAC;SACT,CACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QACzC,GAAG,CAAC,MAAM,CAAC,GAAG,QAAQ,UAAU,QAAQ,EAAE,EAAE,MAAM,CAAC,CAAC;QACpD,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC;YACzB,oFAAoF;YACpF,wFAAwF;YACxF,MAAM,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC;QAC9E,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,kBAAkB;AAClB,SAAS,GAAG,CAAC,CAAa,EAAE,CAAa;IACvC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC;IAC5C,MAAM,GAAG,GAAG,EAAE,CAAC;IAEf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;IAED,OAAO,gBAAS,CAAC,QAAQ,CAAC,gBAAS,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC;AAC5D,CAAC;AAED,KAAK,UAAU,CAAC,CAAC,MAAoB,EAAE,IAAgB;IACrD,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC3F,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED,KAAK,UAAU,IAAI,CACjB,MAAoB,EACpB,GAAe,EACf,IAAyB;IAEzB,MAAM,SAAS,GAAG,gBAAS,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC7C,KAAK,EACL,SAAS,EACT,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE,EAAE,EAC3E,KAAK,EACL,CAAC,MAAM,EAAE,QAAQ,CAAC,CACnB,CAAC;IACF,MAAM,QAAQ,GAAe,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9F,MAAM,UAAU,GAAG,gBAAS,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;IAC1E,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,CAAC;AACnC,CAAC;AAMD,IAAI,QAAQ,GAAY,EAAE,CAAC;AAC3B,IAAI,aAAa,GAAG,CAAC,CAAC;AACtB,SAAS,aAAa;IACpB,QAAQ,GAAG,EAAE,CAAC;IACd,aAAa,GAAG,CAAC,CAAC;AACpB,CAAC;AAED,MAAM,WAAW,GAAG;IAClB,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;CACT,CAAC;AAEF,KAAK,UAAU,EAAE,CAAC,IAAY,EAAE,IAAgB,EAAE,UAAkB,EAAE,YAA0B;IAC9F,qCAAqC;IACrC,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,gBAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnE,IAAI,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;QAC1B,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAC/C,KAAK,EACL,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,EAC9B,EAAE,IAAI,EAAE,QAAQ,EAAE,EAClB,KAAK,EACL,CAAC,YAAY,CAAC,CACf,CAAC;IACF,MAAM,MAAM,GAAG;QACb,IAAI,EAAE,QAAQ;QACd,IAAI,EAAE,IAAI;QACV,UAAU,EAAE,UAAU;QACtB,IAAI,EAAE,EAAE,IAAI,EAAE,YAAY,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE;KAChE,CAAC;IACF,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,UAAU,CAChD,MAAM,EACN,WAAW,EACX,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,CAC9B,CAAC;IACF,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,WAAW,CAAC,CAAC;IAE/C,+EAA+E;IAC/E,IAAI,aAAa,IAAI,GAAG,EAAE,CAAC;QACzB,aAAa,EAAE,CAAC;IAClB,CAAC;IAED,QAAQ,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;IAC3B,aAAa,IAAI,CAAC,CAAC;IACnB,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,aAAa,CAAC,GAAe,EAAE,GAAe;IACrD,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,CAAC,MAAM,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,GAAG,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IAED,OAAO,MAAM,KAAK,CAAC,CAAC;AACtB,CAAC;AAED,MAAa,SAAU,SAAQ,QAAQ;IACrC;QACE,KAAK,CAAC,MAAM,CAAC,CAAC;IAChB,CAAC;CACF;AAJD,8BAIC;AAED,MAAa,WAAY,SAAQ,QAAQ;IACvC;QACE,KAAK,CAAC,QAAQ,CAAC,CAAC;IAClB,CAAC;CACF;AAJD,kCAIC"}
|
package/lib/cmap/commands.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.OpCompressedRequest = exports.OpMsgResponse = exports.OpMsgRequest = exports.DocumentSequence = exports.OpReply = exports.OpQueryRequest = void 0;
|
|
4
|
-
const
|
|
4
|
+
const bson_1 = require("../bson");
|
|
5
5
|
const error_1 = require("../error");
|
|
6
6
|
const compression_1 = require("./wire_protocol/compression");
|
|
7
7
|
const constants_1 = require("./wire_protocol/constants");
|
|
@@ -20,7 +20,7 @@ const CURSOR_NOT_FOUND = 1;
|
|
|
20
20
|
const QUERY_FAILURE = 2;
|
|
21
21
|
const SHARD_CONFIG_STALE = 4;
|
|
22
22
|
const AWAIT_CAPABLE = 8;
|
|
23
|
-
const encodeUTF8Into =
|
|
23
|
+
const encodeUTF8Into = bson_1.ByteUtils.encodeUTF8Into;
|
|
24
24
|
/** @internal */
|
|
25
25
|
class OpQueryRequest {
|
|
26
26
|
constructor(databaseName, query, options) {
|
|
@@ -111,9 +111,9 @@ class OpQueryRequest {
|
|
|
111
111
|
if (this.batchSize !== this.numberToReturn)
|
|
112
112
|
this.numberToReturn = this.batchSize;
|
|
113
113
|
// Allocate write protocol header buffer
|
|
114
|
-
const header =
|
|
114
|
+
const header = bson_1.ByteUtils.allocate(4 * 4 + // Header
|
|
115
115
|
4 + // Flags
|
|
116
|
-
|
|
116
|
+
bson_1.ByteUtils.utf8ByteLength(this.ns) +
|
|
117
117
|
1 + // namespace
|
|
118
118
|
4 + // numberToSkip
|
|
119
119
|
4 // numberToReturn
|
|
@@ -121,7 +121,7 @@ class OpQueryRequest {
|
|
|
121
121
|
// Add header to buffers
|
|
122
122
|
buffers.push(header);
|
|
123
123
|
// Serialize the query
|
|
124
|
-
const query = BSON.serialize(this.query, {
|
|
124
|
+
const query = bson_1.BSON.serialize(this.query, {
|
|
125
125
|
checkKeys: this.checkKeys,
|
|
126
126
|
serializeFunctions: this.serializeFunctions,
|
|
127
127
|
ignoreUndefined: this.ignoreUndefined
|
|
@@ -130,7 +130,7 @@ class OpQueryRequest {
|
|
|
130
130
|
buffers.push(query);
|
|
131
131
|
if (this.returnFieldSelector && Object.keys(this.returnFieldSelector).length > 0) {
|
|
132
132
|
// Serialize the projection document
|
|
133
|
-
projection = BSON.serialize(this.returnFieldSelector, {
|
|
133
|
+
projection = bson_1.BSON.serialize(this.returnFieldSelector, {
|
|
134
134
|
checkKeys: this.checkKeys,
|
|
135
135
|
serializeFunctions: this.serializeFunctions,
|
|
136
136
|
ignoreUndefined: this.ignoreUndefined
|
|
@@ -172,7 +172,7 @@ class OpQueryRequest {
|
|
|
172
172
|
header[index] = flags & 0xff;
|
|
173
173
|
index = index + 4;
|
|
174
174
|
// Write collection name
|
|
175
|
-
index = index + header
|
|
175
|
+
index = index + encodeUTF8Into(header, this.ns, index) + 1;
|
|
176
176
|
header[index - 1] = 0;
|
|
177
177
|
// Write header information flags numberToSkip
|
|
178
178
|
header[index + 3] = (this.numberToSkip >> 24) & 0xff;
|
|
@@ -234,10 +234,10 @@ class OpReply {
|
|
|
234
234
|
// (See https://www.mongodb.com/docs/manual/reference/mongodb-wire-protocol/#wire-op-reply)
|
|
235
235
|
this.index = 20;
|
|
236
236
|
// Read the message body
|
|
237
|
-
this.responseFlags = this.data
|
|
238
|
-
this.cursorId = new BSON.Long(this.data
|
|
239
|
-
this.startingFrom = this.data
|
|
240
|
-
this.numberReturned = this.data
|
|
237
|
+
this.responseFlags = (0, bson_1.readInt32LE)(this.data, 0);
|
|
238
|
+
this.cursorId = new bson_1.BSON.Long((0, bson_1.readInt32LE)(this.data, 4), (0, bson_1.readInt32LE)(this.data, 8));
|
|
239
|
+
this.startingFrom = (0, bson_1.readInt32LE)(this.data, 12);
|
|
240
|
+
this.numberReturned = (0, bson_1.readInt32LE)(this.data, 16);
|
|
241
241
|
if (this.numberReturned < 0 || this.numberReturned > 2 ** 32 - 1) {
|
|
242
242
|
throw new RangeError(`OP_REPLY numberReturned is an invalid array length ${this.numberReturned}`);
|
|
243
243
|
}
|
|
@@ -279,7 +279,7 @@ class DocumentSequence {
|
|
|
279
279
|
this.serializedDocumentsLength = 0;
|
|
280
280
|
// Document sequences starts with type 1 at the first byte.
|
|
281
281
|
// Field strings must always be UTF-8.
|
|
282
|
-
const buffer =
|
|
282
|
+
const buffer = bson_1.ByteUtils.allocateUnsafe(1 + 4 + this.field.length + 1);
|
|
283
283
|
buffer[0] = 1;
|
|
284
284
|
// Third part is the field name at offset 5 with trailing null byte.
|
|
285
285
|
encodeUTF8Into(buffer, `${this.field}\0`, 5);
|
|
@@ -287,7 +287,7 @@ class DocumentSequence {
|
|
|
287
287
|
this.header = buffer;
|
|
288
288
|
if (documents) {
|
|
289
289
|
for (const doc of documents) {
|
|
290
|
-
this.push(doc, BSON.serialize(doc));
|
|
290
|
+
this.push(doc, bson_1.BSON.serialize(doc));
|
|
291
291
|
}
|
|
292
292
|
}
|
|
293
293
|
}
|
|
@@ -305,7 +305,9 @@ class DocumentSequence {
|
|
|
305
305
|
// Push the document raw bson.
|
|
306
306
|
this.chunks.push(buffer);
|
|
307
307
|
// Write the new length.
|
|
308
|
-
this.header
|
|
308
|
+
if (this.header) {
|
|
309
|
+
bson_1.NumberUtils.setInt32LE(this.header, 1, 4 + this.field.length + 1 + this.serializedDocumentsLength);
|
|
310
|
+
}
|
|
309
311
|
return this.serializedDocumentsLength + this.header.length;
|
|
310
312
|
}
|
|
311
313
|
/**
|
|
@@ -313,7 +315,7 @@ class DocumentSequence {
|
|
|
313
315
|
* @returns The section bytes.
|
|
314
316
|
*/
|
|
315
317
|
toBin() {
|
|
316
|
-
return
|
|
318
|
+
return bson_1.ByteUtils.concat(this.chunks);
|
|
317
319
|
}
|
|
318
320
|
}
|
|
319
321
|
exports.DocumentSequence = DocumentSequence;
|
|
@@ -356,18 +358,20 @@ class OpMsgRequest {
|
|
|
356
358
|
if (this.exhaustAllowed) {
|
|
357
359
|
flags |= OPTS_EXHAUST_ALLOWED;
|
|
358
360
|
}
|
|
359
|
-
const header =
|
|
361
|
+
const header = bson_1.ByteUtils.allocate(4 * 4 + // Header
|
|
360
362
|
4 // Flags
|
|
361
363
|
);
|
|
362
364
|
buffers.push(header);
|
|
363
365
|
let totalLength = header.length;
|
|
364
366
|
const command = this.command;
|
|
365
367
|
totalLength += this.makeSections(buffers, command);
|
|
366
|
-
|
|
367
|
-
|
|
368
|
-
|
|
369
|
-
|
|
370
|
-
|
|
368
|
+
bson_1.NumberUtils.setInt32LE(header, 0, totalLength); // messageLength
|
|
369
|
+
bson_1.NumberUtils.setInt32LE(header, 4, this.requestId); // requestID
|
|
370
|
+
bson_1.NumberUtils.setInt32LE(header, 8, 0); // responseTo
|
|
371
|
+
bson_1.NumberUtils.setInt32LE(header, 12, constants_1.OP_MSG); // opCode
|
|
372
|
+
// The OP_MSG spec calls out that flags is uint32:
|
|
373
|
+
// https://github.com/mongodb/specifications/blob/master/source/message/OP_MSG.md#op_msg-1
|
|
374
|
+
(0, bson_1.setUint32LE)(header, 16, flags); // flags
|
|
371
375
|
return buffers;
|
|
372
376
|
}
|
|
373
377
|
/**
|
|
@@ -375,7 +379,7 @@ class OpMsgRequest {
|
|
|
375
379
|
*/
|
|
376
380
|
makeSections(buffers, document) {
|
|
377
381
|
const sequencesBuffer = this.extractDocumentSequences(document);
|
|
378
|
-
const payloadTypeBuffer =
|
|
382
|
+
const payloadTypeBuffer = bson_1.ByteUtils.allocateUnsafe(1);
|
|
379
383
|
payloadTypeBuffer[0] = 0;
|
|
380
384
|
const documentBuffer = this.serializeBson(document);
|
|
381
385
|
// First section, type 0
|
|
@@ -407,14 +411,14 @@ class OpMsgRequest {
|
|
|
407
411
|
}
|
|
408
412
|
}
|
|
409
413
|
if (chunks.length > 0) {
|
|
410
|
-
return
|
|
414
|
+
return bson_1.ByteUtils.concat(chunks);
|
|
411
415
|
}
|
|
412
416
|
// If we have no document sequences we return an empty buffer for nothing to add
|
|
413
417
|
// to the payload.
|
|
414
|
-
return
|
|
418
|
+
return bson_1.ByteUtils.allocate(0);
|
|
415
419
|
}
|
|
416
420
|
serializeBson(document) {
|
|
417
|
-
return BSON.serialize(document, {
|
|
421
|
+
return bson_1.BSON.serialize(document, {
|
|
418
422
|
checkKeys: this.checkKeys,
|
|
419
423
|
serializeFunctions: this.serializeFunctions,
|
|
420
424
|
ignoreUndefined: this.ignoreUndefined
|
|
@@ -448,7 +452,7 @@ class OpMsgResponse {
|
|
|
448
452
|
this.opCode = msgHeader.opCode;
|
|
449
453
|
this.fromCompressed = msgHeader.fromCompressed;
|
|
450
454
|
// Read response flags
|
|
451
|
-
this.responseFlags =
|
|
455
|
+
this.responseFlags = (0, bson_1.readInt32LE)(msgBody, 0);
|
|
452
456
|
this.checksumPresent = (this.responseFlags & OPTS_CHECKSUM_PRESENT) !== 0;
|
|
453
457
|
this.moreToCome = (this.responseFlags & OPTS_MORE_TO_COME) !== 0;
|
|
454
458
|
this.exhaustAllowed = (this.responseFlags & OPTS_EXHAUST_ALLOWED) !== 0;
|
|
@@ -469,9 +473,12 @@ class OpMsgResponse {
|
|
|
469
473
|
return this.sections[0];
|
|
470
474
|
this.index = 4;
|
|
471
475
|
while (this.index < this.data.length) {
|
|
472
|
-
const payloadType = this.data
|
|
476
|
+
const payloadType = this.data[this.index++];
|
|
473
477
|
if (payloadType === 0) {
|
|
474
|
-
|
|
478
|
+
// BSON spec specifies that this is a 32-bit signed integer: https://bsonspec.org/spec.html#:~:text=%3A%3A%3D-,int32,-e_list%20unsigned_byte(0
|
|
479
|
+
// While allowing negative sizes seems odd, in practice we never expect a negative size. Also, the server's 16mb limit for BSON documents leaves plenty
|
|
480
|
+
// of room in an int32 to store a document of the max BSON size that the server supports
|
|
481
|
+
const bsonSize = (0, bson_1.readInt32LE)(this.data, this.index);
|
|
475
482
|
const bin = this.data.subarray(this.index, this.index + bsonSize);
|
|
476
483
|
this.sections.push(bin);
|
|
477
484
|
this.index += bsonSize;
|
|
@@ -510,24 +517,24 @@ class OpCompressedRequest {
|
|
|
510
517
|
return !compression_1.uncompressibleCommands.has(commandName);
|
|
511
518
|
}
|
|
512
519
|
async toBin() {
|
|
513
|
-
const concatenatedOriginalCommandBuffer =
|
|
520
|
+
const concatenatedOriginalCommandBuffer = bson_1.ByteUtils.concat(this.command.toBin());
|
|
514
521
|
// otherwise, compress the message
|
|
515
522
|
const messageToBeCompressed = concatenatedOriginalCommandBuffer.slice(MESSAGE_HEADER_SIZE);
|
|
516
523
|
// Extract information needed for OP_COMPRESSED from the uncompressed message
|
|
517
|
-
const originalCommandOpCode =
|
|
524
|
+
const originalCommandOpCode = (0, bson_1.readInt32LE)(concatenatedOriginalCommandBuffer, 12);
|
|
518
525
|
// Compress the message body
|
|
519
526
|
const compressedMessage = await (0, compression_1.compress)(this.options, messageToBeCompressed);
|
|
520
527
|
// Create the msgHeader of OP_COMPRESSED
|
|
521
|
-
const msgHeader =
|
|
522
|
-
|
|
523
|
-
|
|
524
|
-
|
|
525
|
-
|
|
528
|
+
const msgHeader = bson_1.ByteUtils.allocate(MESSAGE_HEADER_SIZE);
|
|
529
|
+
bson_1.NumberUtils.setInt32LE(msgHeader, 0, MESSAGE_HEADER_SIZE + COMPRESSION_DETAILS_SIZE + compressedMessage.length); // messageLength
|
|
530
|
+
bson_1.NumberUtils.setInt32LE(msgHeader, 4, this.command.requestId); // requestID
|
|
531
|
+
bson_1.NumberUtils.setInt32LE(msgHeader, 8, 0); // responseTo (zero)
|
|
532
|
+
bson_1.NumberUtils.setInt32LE(msgHeader, 12, constants_1.OP_COMPRESSED); // opCode
|
|
526
533
|
// Create the compression details of OP_COMPRESSED
|
|
527
|
-
const compressionDetails =
|
|
528
|
-
|
|
529
|
-
|
|
530
|
-
compressionDetails
|
|
534
|
+
const compressionDetails = bson_1.ByteUtils.allocate(COMPRESSION_DETAILS_SIZE);
|
|
535
|
+
bson_1.NumberUtils.setInt32LE(compressionDetails, 0, originalCommandOpCode); // originalOpcode
|
|
536
|
+
bson_1.NumberUtils.setInt32LE(compressionDetails, 4, messageToBeCompressed.length); // Size of the uncompressed compressedMessage, excluding the MsgHeader
|
|
537
|
+
compressionDetails[8] = compression_1.Compressor[this.options.agreedCompressor]; // compressorID
|
|
531
538
|
return [msgHeader, compressionDetails, compressedMessage];
|
|
532
539
|
}
|
|
533
540
|
}
|