Fix OIDC Examples (#83)

Author: mongoKart

source/includes/authentication/azure-envs-connection-string.py

@@ -14,5 +14,5 @@ def fetch(self, context: OIDCCallbackContext) -> OIDCCallbackResult:
 client = MongoClient(
    "mongodb://<hostname>:<port>",
    authMechanism="MONGODB-OIDC",
-   authMechanismProperties=properties,
+   authMechanismProperties=properties
 )

source/includes/authentication/azure-envs-mongoclient.py

@@ -1,9 +1,8 @@
 from pymongo import MongoClient
 
-# define properties, URI, and MongoClient
-properties = {"ENVIRONMENT": "azure", "TOKEN_RESOURCE": "<audience>"}
+# define URI and MongoClient
 uri = ("mongodb://<hostname>:<port>/?"
        "username=<Azure identity client ID>"
        "&authMechanism=MONGODB-OIDC"
-       "&authMechanismProperties=properties")
+       "&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:<audience>")
 client = MongoClient(uri)

source/includes/authentication/azure-imds-connection-string.py

@@ -6,5 +6,5 @@
     "mongodb://<hostname>:<port>",
     username="<Azure identity client ID>",
     authMechanism="MONGODB-OIDC",
-    authMechanismProperties=properties,
+    authMechanismProperties=properties
 )

source/includes/authentication/azure-imds-mongoclient.py

@@ -11,5 +11,5 @@ def fetch(self, context: OIDCCallbackContext) -> OIDCCallbackResult:
 client = MongoClient(
    "mongodb://<hostname>:<port>",
    authMechanism="MONGODB-OIDC",
-   authMechanismProperties=properties,
+   authMechanismProperties=properties
 )

source/includes/authentication/gcp-gke-connection-string.py

@@ -1,9 +1,8 @@
 from pymongo import MongoClient
 
-# define properties, URI, and MongoClient
-properties = {"ENVIRONMENT": "gcp", "TOKEN_RESOURCE": "<audience>"}
+# define URI and MongoClient
 uri = ("mongodb://<hostname>:<port>/?"
        "username=<GCP identity client ID>"
        "&authMechanism=MONGODB-OIDC"
-       "&authMechanismProperties=properties")
+       "&authMechanismProperties=ENVIRONMENT:gcp,TOKEN_RESOURCE:<audience>")
 client = MongoClient(uri)

source/includes/authentication/gcp-gke-mongoclient.py

@@ -6,5 +6,5 @@
    "mongodb://<hostname>:<port>",
    username="<GCP identity client ID>",
    authMechanism="MONGODB-OIDC",
-   authMechanismProperties=properties,
+   authMechanismProperties=properties
 )

source/includes/authentication/gcp-imds-connection-string.py

@@ -478,43 +478,19 @@ To learn more about authenticating with OIDC, see
 Other Azure Environments
 ~~~~~~~~~~~~~~~~~~~~~~~~
 
-.. tabs::
-
-   .. tab:: MongoClient
-      :tabid: mongoclient
-
-      .. literalinclude:: /includes/authentication/azure-envs-mongoclient.py
-            :language: python
-            :copyable: true
-
-   .. tab:: Connection String
-      :tabid: connectionstring
-
-      .. literalinclude:: /includes/authentication/azure-envs-connection-string.py
-            :language: python
-            :copyable: true
+.. literalinclude:: /includes/authentication/azure-envs-mongoclient.py
+      :language: python
+      :copyable: true
 
 To learn more about authenticating with OIDC, see
 :ref:`pymongo-mongodb-oidc-azure-envs` in the Authentication guide.
 
 GCP GKE
 ~~~~~~~
 
-.. tabs::
-
-   .. tab:: MongoClient
-      :tabid: mongoclient
-
-      .. literalinclude:: /includes/authentication/gcp-gke-mongoclient.py
-            :language: python
-            :copyable: true
-
-   .. tab:: Connection String
-      :tabid: connectionstring
-
-      .. literalinclude:: /includes/authentication/gcp-gke-connection-string.py
-            :language: python
-            :copyable: true
+.. literalinclude:: /includes/authentication/gcp-gke-mongoclient.py
+      :language: python
+      :copyable: true
 
 To learn more about authenticating with OIDC, see
 :ref:`pymongo-mongodb-oidc-gcp-gke` in the Authentication guide.

source/includes/authentication/gcp-imds-mongoclient.py

@@ -563,31 +563,34 @@ If your application runs on an Azure VM, or otherwise uses the
 (IMDS), you can authenticate to MongoDB by using {+driver-short+}'s built-in Azure
 support.
 
-First, create a Python dictionary for your authentication mechanism properties, as shown
-in the following example. Replace the ``<audience>`` placeholder with
-the percent-encoded application or service that the OIDC access token is intended for.
-
-.. literalinclude:: /includes/authentication/azure-imds-mongoclient.py
-   :language: python
-   :copyable: true
-   :start-after: # define properties and MongoClient
-   :end-before: client = MongoClient(
-
-Then, set the following connection options:
-
-- ``username``: The client ID of the Azure managed identity.
-- ``authMechanism``: Set to ``"MONGODB-OIDC"``.
-- ``authMechanismProperties``: Set to the ``properties`` dictionary that you
-  created in the previous step.
-
-You can set these options in two ways: by passing arguments to the
+You can configure OIDC for Azure IMDS in two ways: by passing arguments to the
 ``MongoClient`` constructor or through parameters in your connection string.
 
 .. tabs::
 
    .. tab:: MongoClient
       :tabid: mongoclient
 
+      First, create a Python dictionary for your authentication mechanism properties, as shown
+      in the following example. Replace the ``<audience>`` placeholder with
+      the percent-encoded application or service that the OIDC access token is intended for.
+
+      .. literalinclude:: /includes/authentication/azure-imds-mongoclient.py
+         :language: python
+         :copyable: true
+         :start-after: # define properties and MongoClient
+         :end-before: client = MongoClient(
+
+      Then, set the following connection options:
+
+      - ``username``: The client ID of the Azure managed identity.
+      - ``authMechanism``: Set to ``"MONGODB-OIDC"``.
+      - ``authMechanismProperties``: Set to the ``properties`` dictionary that you
+        created in the previous step.
+
+      The following code example shows how to set these options when creating a
+      ``MongoClient``:
+
       .. literalinclude:: /includes/authentication/azure-imds-mongoclient.py
             :language: python
             :copyable: true
@@ -596,10 +599,20 @@ You can set these options in two ways: by passing arguments to the
    .. tab:: Connection String
       :tabid: connectionstring
 
+      Include the following connection options in your connection string:
+
+      - ``username``: The client ID of the Azure managed identity.
+      - ``authMechanism``: Set to ``MONGODB-OIDC``.
+      - ``authMechanismProperties``: Set to ``environment:azure,token_resource:<audience>``.
+        Replace the ``<audience>`` placeholder with the percent-encoded application or
+        service that the OIDC access token is intended for.
+
+      The following code example shows how to set these options in your connection string:
+      
       .. literalinclude:: /includes/authentication/azure-imds-connection-string.py
             :language: python
             :copyable: true
-            :emphasize-lines: 5-8
+            :emphasize-lines: 4-7
 
 .. tip::
 
@@ -616,31 +629,34 @@ If your application runs on a GCP VM, or otherwise uses the
 you can authenticate to MongoDB by using {+driver-short+}'s built-in GCP
 support.
 
-First, create a Python dictionary for your authentication mechanism properties, as shown
-in the following example. Replace the ``<audience>`` placeholder with
-the percent-encoded application or service that the OIDC access token is intended for.
-
-.. literalinclude:: /includes/authentication/gcp-imds-mongoclient.py
-   :language: python
-   :copyable: true
-   :start-after: # define properties and MongoClient
-   :end-before: client = MongoClient(
-
-Then, set the following connection options:
-
-- ``username``: The client ID of the GCP managed identity.
-- ``authMechanism``: Set to ``"MONGODB-OIDC"``.
-- ``authMechanismProperties``: Set to the ``properties`` dictionary that you created
-  in the previous step.
-
-You can set these options in two ways: by passing arguments to the
+You can configure OIDC for GCP IMDS in two ways: by passing arguments to the
 ``MongoClient`` constructor or through parameters in your connection string.
 
 .. tabs::
 
    .. tab:: MongoClient
       :tabid: mongoclient
 
+      First, create a Python dictionary for your authentication mechanism properties, as shown
+      in the following example. Replace the ``<audience>`` placeholder with
+      the percent-encoded application or service that the OIDC access token is intended for.
+
+      .. literalinclude:: /includes/authentication/gcp-imds-mongoclient.py
+         :language: python
+         :copyable: true
+         :start-after: # define properties and MongoClient
+         :end-before: client = MongoClient(
+
+      Then, set the following connection options:
+
+      - ``username``: The client ID of the GCP managed identity.
+      - ``authMechanism``: Set to ``"MONGODB-OIDC"``.
+      - ``authMechanismProperties``: Set to the ``properties`` dictionary that you
+        created in the previous step.
+
+      The following code example shows how to set these options when creating a
+      ``MongoClient``:
+
       .. literalinclude:: /includes/authentication/gcp-imds-mongoclient.py
             :language: python
             :copyable: true
@@ -649,10 +665,20 @@ You can set these options in two ways: by passing arguments to the
    .. tab:: Connection String
       :tabid: connectionstring
 
+      Include the following connection options in your connection string:
+
+      - ``username``: The client ID of the GCP managed identity.
+      - ``authMechanism``: Set to ``MONGODB-OIDC``.
+      - ``authMechanismProperties``: Set to ``environment:gcp,token_resource:<audience>``.
+        Replace the ``<audience>`` placeholder with the percent-encoded application or
+        service that the OIDC access token is intended for.
+
+      The following code example shows how to set these options in your connection string:
+      
       .. literalinclude:: /includes/authentication/gcp-imds-connection-string.py
             :language: python
             :copyable: true
-            :emphasize-lines: 5-8
+            :emphasize-lines: 4-7
 
 .. _pymongo-mongodb-oidc-azure-envs:
 
@@ -694,32 +720,17 @@ After you define your callback class, create a Python dictionary that contains o
    :start-after: return OIDCCallbackResult(access_token=token)
    :end-before: client = MongoClient(
 
-Finally, set the following connection options:
+Finally, set the following connection options by passing arguments to the ``MongoClient``
+constructor:
 
 - ``authMechanism``: Set to ``"MONGODB-OIDC"``.
 - ``authMechanismProperties``: Set to the ``properties`` dictionary that you created in the
   previous step.
 
-You can set these options in two ways: by passing arguments to the
-``MongoClient`` constructor or through parameters in your connection string.
-
-.. tabs::
-
-   .. tab:: MongoClient
-      :tabid: mongoclient
-
-      .. literalinclude:: /includes/authentication/azure-envs-mongoclient.py
-            :language: python
-            :copyable: true
-            :emphasize-lines: 14-18
-
-   .. tab:: Connection String
-      :tabid: connectionstring
-
-      .. literalinclude:: /includes/authentication/azure-envs-connection-string.py
-            :language: python
-            :copyable: true
-            :emphasize-lines: 14-16
+.. literalinclude:: /includes/authentication/azure-envs-mongoclient.py
+      :language: python
+      :copyable: true
+      :emphasize-lines: 14-18
 
 .. _pymongo-mongodb-oidc-gcp-gke:
 
@@ -753,32 +764,17 @@ After you define your callback class, create a Python dictionary that contains o
    :start-after: return OIDCCallbackResult(access_token=token)
    :end-before: client = MongoClient(
 
-Finally, set the following connection options:
+Finally, set the following connection options by passing arguments to the ``MongoClient``
+constructor:
 
 - ``authMechanism``: Set to ``"MONGODB-OIDC"``.
 - ``authMechanismProperties``: Set to the ``properties`` dictionary that you created
   in the previous step.
 
-You can set these options in two ways: by passing arguments to the
-``MongoClient`` constructor or through parameters in your connection string.
-
-.. tabs::
-
-   .. tab:: MongoClient
-      :tabid: mongoclient
-
-      .. literalinclude:: /includes/authentication/gcp-gke-mongoclient.py
-            :language: python
-            :copyable: true
-            :emphasize-lines: 11-15
-
-   .. tab:: Connection String
-      :tabid: connectionstring
-
-      .. literalinclude:: /includes/authentication/gcp-gke-connection-string.py
-            :language: python
-            :copyable: true
-            :emphasize-lines: 11-13
+.. literalinclude:: /includes/authentication/gcp-gke-mongoclient.py
+      :language: python
+      :copyable: true
+      :emphasize-lines: 11-15
 
 API Documentation
 -----------------