Skip to content

fix(NODE-6340): OIDC reauth uses caches speculative auth result #4379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jan 29, 2025
Merged

fix(NODE-6340): OIDC reauth uses caches speculative auth result #4379

merged 4 commits into from
Jan 29, 2025

Conversation

durran
Copy link
Member

@durran durran commented Jan 24, 2025
edited
Loading

Description

Changes OIDC not to skip reauthentication when the initial auth happened via speculative authentication.

What is changing?

  • Fixes the reauth case.
  • Adds the new prose test.
Is there new documentation needed for these changes?

None

What is the motivation for this change?

https://jira.mongodb.org/browse/DRIVERS-2960

Release Highlight

MONGODB-OIDC now properly reauthenticates in speculative auth scenarios

When using MONGODB-OIDC authentication and the initial handshake contained speculative authentication, the driver would not properly reauthenticate when the server would raise 391 errors. This is now fixed.

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@durran durran force-pushed the NODE-6340 branch 2 times, most recently from da00829 to 87242ff Compare January 24, 2025 14:14
@durran durran changed the title test(HELP-69886): run oidc reauth test with mongoose fix(NODE-6340): run oidc reauth test with mongoose Jan 24, 2025
@durran durran changed the title fix(NODE-6340): run oidc reauth test with mongoose fix(NODE-6340): dont speculative auth with reauth Jan 24, 2025
@durran durran marked this pull request as ready for review January 24, 2025 14:24
@W-A-James W-A-James self-assigned this Jan 27, 2025
@W-A-James W-A-James self-requested a review January 27, 2025 17:22
@W-A-James W-A-James added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Jan 27, 2025
@W-A-James W-A-James removed their request for review January 27, 2025 17:45
@W-A-James W-A-James removed their assignment Jan 27, 2025
@W-A-James W-A-James removed the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Jan 27, 2025
@baileympearson baileympearson self-assigned this Jan 27, 2025
@baileympearson baileympearson added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Jan 27, 2025
baileympearson
baileympearson requested changes Jan 27, 2025
View reviewed changes
@baileympearson baileympearson added Team Review Needs review from team and removed Primary Review In Review with primary reviewer, not yet ready for team's eyes labels Jan 28, 2025
@baileympearson baileympearson changed the title fix(NODE-6340): dont speculative auth with reauth fix(NODE-6340): OIDC reauth uses caches speculative auth result Jan 29, 2025
@baileympearson baileympearson merged commit 8b2b7fd into main Jan 29, 2025
27 of 30 checks passed
@baileympearson baileympearson deleted the NODE-6340 branch January 29, 2025 14:02
@github-actions github-actions bot mentioned this pull request Jan 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@baileympearson baileympearson baileympearson approved these changes

Assignees

@baileympearson baileympearson

Labels
Team Review Needs review from team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@durran @baileympearson @W-A-James