1
2 /**
3 * Copyright (C) 2018-present MongoDB, Inc.
4 *
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the Server Side Public License, version 1,
7 * as published by MongoDB, Inc.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * Server Side Public License for more details.
13 *
14 * You should have received a copy of the Server Side Public License
15 * along with this program. If not, see
16 * <http://www.mongodb.com/licensing/server-side-public-license>.
17 *
18 * As a special exception, the copyright holders give permission to link the
19 * code of portions of this program with the OpenSSL library under certain
20 * conditions as described in each individual source file and distribute
21 * linked combinations including the program with the OpenSSL library. You
22 * must comply with the Server Side Public License in all respects for
23 * all of the code used other than as permitted herein. If you modify file(s)
24 * with this exception, you may extend this exception to your version of the
25 * file(s), but you are not obligated to do so. If you do not wish to do so,
26 * delete this exception statement from your version. If you delete this
27 * exception statement from all source files in the program, then also delete
28 * it in the license file.
29 */
30
31 #include "mongo/client/sasl_client_authenticate.h"
32
33 #include <string>
34
35 #include "mongo/base/string_data.h"
36 #include "mongo/bson/util/bson_extract.h"
37 #include "mongo/util/base64.h"
38 #include "mongo/util/mongoutils/str.h"
39
40 namespace mongo {
41
42 using namespace mongoutils;
43
44 void (*saslClientAuthenticate)(auth::RunCommandHook runCommand,
45 const HostAndPort& hostname,
46 const BSONObj& saslParameters,
47 auth::AuthCompletionHandler handler) = nullptr;
48
49 const char* const saslStartCommandName = "saslStart";
50 const char* const saslContinueCommandName = "saslContinue";
51 const char* const saslCommandAutoAuthorizeFieldName = "autoAuthorize";
52 const char* const saslCommandCodeFieldName = "code";
53 const char* const saslCommandConversationIdFieldName = "conversationId";
54 const char* const saslCommandDoneFieldName = "done";
55 const char* const saslCommandErrmsgFieldName = "errmsg";
56 const char* const saslCommandMechanismFieldName = "mechanism";
57 const char* const saslCommandMechanismListFieldName = "supportedMechanisms";
58 const char* const saslCommandPasswordFieldName = "pwd";
59 const char* const saslCommandPayloadFieldName = "payload";
60 const char* const saslCommandUserDBFieldName = "db";
61 const char* const saslCommandUserFieldName = "user";
62 const char* const saslCommandServiceHostnameFieldName = "serviceHostname";
63 const char* const saslCommandServiceNameFieldName = "serviceName";
64 const char* const saslCommandDigestPasswordFieldName = "digestPassword";
65 const char* const saslDefaultDBName = "$external";
66 const char* const saslDefaultServiceName = "mongodb";
67
saslExtractPayload(const BSONObj & cmdObj,std::string * payload,BSONType * type)68 Status saslExtractPayload(const BSONObj& cmdObj, std::string* payload, BSONType* type) {
69 BSONElement payloadElement;
70 Status status = bsonExtractField(cmdObj, saslCommandPayloadFieldName, &payloadElement);
71 if (!status.isOK())
72 return status;
73
74 *type = payloadElement.type();
75 if (payloadElement.type() == BinData) {
76 const char* payloadData;
77 int payloadLen;
78 payloadData = payloadElement.binData(payloadLen);
79 if (payloadLen < 0)
80 return Status(ErrorCodes::InvalidLength, "Negative payload length");
81 *payload = std::string(payloadData, payloadData + payloadLen);
82 } else if (payloadElement.type() == String) {
83 try {
84 *payload = base64::decode(payloadElement.str());
85 } catch (AssertionException& e) {
86 return Status(ErrorCodes::FailedToParse, e.what());
87 }
88 } else {
89 return Status(ErrorCodes::TypeMismatch,
90 (str::stream() << "Wrong type for field; expected BinData or String for "
91 << payloadElement));
92 }
93
94 return Status::OK();
95 }
96 } // namespace mongo
97