(DOCSP-22711 + DOCSP-22715) Node + Mongosh Code Review (#1165)

* ah: manual enc + options updates

* remove monitor commands

* ah - remove unused line

* ah - base64 import remove

Author: biniona-mongodb

source/includes/automatic-enc-options/code-snippets/opts-shell.js

@@ -1,12 +1,11 @@
 var ClientSideFieldLevelEncryptionOptions =
 {
-   "keyVaultClient" : keyVaultClient,
    "keyVaultNamespace" : "<database>.<collection>",
    "kmsProviders" : { ... },
    "schemaMap" : { ... }
 }
 
 cluster = Mongo(
-  "mongodb://myhostexample.net:27017/?replicaSet=myReplicaSet",
+  "<Your Connection String>",
   ClientSideFieldLevelEncryptionOptions
 );

source/includes/fundamentals/manual-encryption/manual-enc-shell.js

@@ -1,63 +1,62 @@
-var database = "medicalRecords";
-var collection = "patients";
-var kmsProviders = {
+const database = "medicalRecords";
+const collection = "patients";
+const kmsProviders = {
   aws: {
-    accessKeyId: process.env["AWS_ACCESS_KEY_ID"],
-    secretAccessKey: process.env["AWS_SECRET_ACCESS_KEY"],
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
   },
 };
-var masterKey = {
-  key: process.env["AWS_KEY_ARN"],
-  region: process.env["AWS_KEY_REGION"],
+const masterKey = {
+  key: process.env.AWS_KEY_ARN,
+  region: process.env.AWS_KEY_REGION,
 };
-var connectionString = process.env.DRIVER_URL;
-var keyVaultNamespace = "encryption.__keyVault";
+const connectionString = process.env.DRIVER_URL;
+const keyVaultNamespace = "encryption.__keyVault";
 
 // start_mongoclient
-var ClientSideFieldLevelEncryptionOptions = {
+const ClientSideFieldLevelEncryptionOptions = {
   keyVaultNamespace: keyVaultNamespace,
   kmsProviders: kmsProviders,
 };
-var encryptedClient = Mongo(
+const encryptedClient = Mongo(
   connectionString,
   ClientSideFieldLevelEncryptionOptions
 );
 // end_mongoclient
 // start_client_enc
-var clientEncryption = encryptedClient.getClientEncryption();
+const clientEncryption = encryptedClient.getClientEncryption();
 // end_client_enc
 
-var keyVault = encryptedClient.getKeyVault();
-var keyId = keyVault.createKey("aws", masterKey);
+const keyVault = encryptedClient.getKeyVault();
+const keyId = keyVault.createKey("aws", masterKey);
 
 // start_enc_and_insert
-var encName = clientEncryption.encrypt(
+const encName = clientEncryption.encrypt(
   keyId,
   "Greg",
   "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
 );
-var encFoods = clientEncryption.encrypt(
+const encFoods = clientEncryption.encrypt(
   keyId,
   ["Cheese", "Grapes"],
   "AEAD_AES_256_CBC_HMAC_SHA_512-Random"
 );
-// end_enc_and_insert
-// start_find_decrypt
 db.getSiblingDB(database).getCollection(collection).insertOne({
   name: encName,
   foods: encFoods,
 });
-
-var encNameQuery = clientEncryption.encrypt(
+// end_enc_and_insert
+// start_find_decrypt
+const encNameQuery = clientEncryption.encrypt(
   keyId,
   "Greg",
   "AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic"
 );
-var doc = db.getSiblingDB(database).getCollection(collection).findOne({
+let doc = db.getSiblingDB(database).getCollection(collection).findOne({
   name: encNameQuery,
 });
-doc;
-doc["name"] = clientEncryption.decrypt(doc["name"]);
-doc["foods"] = clientEncryption.decrypt(doc["foods"]);
-doc;
+console.log(doc);
+doc.name = clientEncryption.decrypt(doc.name);
+doc.foods = clientEncryption.decrypt(doc.foods);
+console.log(doc);
 // end_find_decrypt

source/includes/fundamentals/manual-encryption/manual-enc.js

@@ -2,20 +2,20 @@ const mongodb = require("mongodb");
 const { ClientEncryption } = require("mongodb-client-encryption");
 const { MongoClient, Binary } = mongodb;
 
-var db = "medicalRecords";
-var coll = "patients";
+const db = "medicalRecords";
+const coll = "patients";
 
 // start-specify-credentials
 const provider = "aws";
 const kmsProviders = {
   aws: {
-    accessKeyId: process.env["AWS_ACCESS_KEY_ID"],
-    secretAccessKey: process.env["AWS_SECRET_ACCESS_KEY"],
+    accessKeyId: process.env.AWS_ACCESS_KEY_ID,
+    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY,
   },
 };
 const masterKey = {
-  key: process.env["AWS_KEY_ARN"],
-  region: process.env["AWS_KEY_REGION"],
+  key: process.env.AWS_KEY_ARN,
+  region: process.env.AWS_KEY_REGION,
 };
 // end-specify-state
 
@@ -66,8 +66,8 @@ async function main() {
     });
     let doc = await collection.findOne({ name: queryEncryptedName });
     console.log("Encrypted Document: ", doc);
-    doc["name"] = encryption.decrypt(doc["name"]);
-    doc["foods"] = encryption.decrypt(doc["foods"]);
+    doc.name = encryption.decrypt(doc.name);
+    doc.foods = encryption.decrypt(doc.foods);
     console.log("Decrypted document: ", doc);
     // end_find_decrypt
   } finally {

source/includes/sample_apps/csfle/build/node/aws/reader/insert_encrypted_document.js

@@ -73,7 +73,6 @@ const extraOptions = {
 const secureClient = new MongoClient(connectionString, {
   useNewUrlParser: true,
   useUnifiedTopology: true,
-  monitorCommands: true,
   autoEncryption: {
     keyVaultNamespace,
     kmsProviders,

source/includes/sample_apps/csfle/build/node/aws/reader/make_data_key.js

@@ -20,7 +20,6 @@ const masterKey = {
 // end-datakeyopts
 
 // start-create-dek
-const base64 = require("base64-js");
 const connectionString = "<Your Connection String>";
 const keyVaultNamespace = "encryption.__keyVault";
 const client = new MongoClient(connectionString, {
@@ -38,9 +37,7 @@ async function main() {
     const key = await encryption.createDataKey(provider, {
       masterKey: masterKey,
     });
-    const base64DataKeyId = key.toString("base64");
-    const uuidDataKeyId = base64.fromByteArray(base64DataKeyId);
-    console.log("DataKeyId [base64]: ", base64DataKeyId);
+    console.log("DataKeyId [base64]: ", key.toString("base64"));
   } finally {
     await client.close();
   }

source/includes/sample_apps/csfle/build/node/azure/reader/insert_encrypted_document.js

@@ -74,7 +74,6 @@ const extraOptions = {
 const secureClient = new MongoClient(connectionString, {
   useNewUrlParser: true,
   useUnifiedTopology: true,
-  monitorCommands: true,
   autoEncryption: {
     keyVaultNamespace,
     kmsProviders,

source/includes/sample_apps/csfle/build/node/azure/reader/make_data_key.js

@@ -21,7 +21,6 @@ const masterKey = {
 // end-datakeyopts
 
 // start-create-dek
-const base64 = require("base64-js");
 const connectionString = "<Your Connection String>";
 const keyVaultNamespace = "encryption.__keyVault";
 const client = new MongoClient(connectionString, {
@@ -39,9 +38,7 @@ async function main() {
     const key = await encryption.createDataKey(provider, {
       masterKey: masterKey,
     });
-    const base64DataKeyId = key.toString("base64");
-    const uuidDataKeyId = base64.fromByteArray(base64DataKeyId);
-    console.log("DataKeyId [base64]: ", base64DataKeyId);
+    console.log("DataKeyId [base64]: ", key.toString("base64"));
   } finally {
     await client.close();
   }

source/includes/sample_apps/csfle/build/node/gcp/reader/insert_encrypted_document.js

@@ -73,7 +73,6 @@ const extraOptions = {
 const secureClient = new MongoClient(connectionString, {
   useNewUrlParser: true,
   useUnifiedTopology: true,
-  monitorCommands: true,
   autoEncryption: {
     keyVaultNamespace,
     kmsProviders,

source/includes/sample_apps/csfle/build/node/gcp/reader/make_data_key.js

@@ -22,7 +22,6 @@ const masterKey = {
 // end-datakeyopts
 
 // start-create-dek
-const base64 = require("base64-js");
 const connectionString = "<Your Connection String>";
 const keyVaultNamespace = "encryption.__keyVault";
 const client = new MongoClient(connectionString, {
@@ -40,9 +39,7 @@ async function main() {
     const key = await encryption.createDataKey(provider, {
       masterKey: masterKey,
     });
-    const base64DataKeyId = key.toString("base64");
-    const uuidDataKeyId = base64.fromByteArray(base64DataKeyId);
-    console.log("DataKeyId [base64]: ", base64DataKeyId);
+    console.log("DataKeyId [base64]: ", key.toString("base64"));
   } finally {
     await client.close();
   }

source/includes/sample_apps/csfle/build/node/local/reader/insert_encrypted_document.js

@@ -76,7 +76,6 @@ const extraOptions = {
 const secureClient = new MongoClient(connectionString, {
   useNewUrlParser: true,
   useUnifiedTopology: true,
-  monitorCommands: true,
   autoEncryption: {
     keyVaultNamespace,
     kmsProviders,