1 
2 /**
3  *    Copyright (C) 2018-present MongoDB, Inc.
4  *
5  *    This program is free software: you can redistribute it and/or modify
6  *    it under the terms of the Server Side Public License, version 1,
7  *    as published by MongoDB, Inc.
8  *
9  *    This program is distributed in the hope that it will be useful,
10  *    but WITHOUT ANY WARRANTY; without even the implied warranty of
11  *    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  *    Server Side Public License for more details.
13  *
14  *    You should have received a copy of the Server Side Public License
15  *    along with this program. If not, see
16  *    <http://www.mongodb.com/licensing/server-side-public-license>.
17  *
18  *    As a special exception, the copyright holders give permission to link the
19  *    code of portions of this program with the OpenSSL library under certain
20  *    conditions as described in each individual source file and distribute
21  *    linked combinations including the program with the OpenSSL library. You
22  *    must comply with the Server Side Public License in all respects for
23  *    all of the code used other than as permitted herein. If you modify file(s)
24  *    with this exception, you may extend this exception to your version of the
25  *    file(s), but you are not obligated to do so. If you do not wish to do so,
26  *    delete this exception statement from your version. If you delete this
27  *    exception statement from all source files in the program, then also delete
28  *    it in the license file.
29  */
30 
31 #include "mongo/client/sasl_client_authenticate.h"
32 
33 #include <string>
34 
35 #include "mongo/base/string_data.h"
36 #include "mongo/bson/util/bson_extract.h"
37 #include "mongo/util/base64.h"
38 #include "mongo/util/mongoutils/str.h"
39 
40 namespace mongo {
41 
42 using namespace mongoutils;
43 
44 void (*saslClientAuthenticate)(auth::RunCommandHook runCommand,
45                                const HostAndPort& hostname,
46                                const BSONObj& saslParameters,
47                                auth::AuthCompletionHandler handler) = nullptr;
48 
49 const char* const saslStartCommandName = "saslStart";
50 const char* const saslContinueCommandName = "saslContinue";
51 const char* const saslCommandAutoAuthorizeFieldName = "autoAuthorize";
52 const char* const saslCommandCodeFieldName = "code";
53 const char* const saslCommandConversationIdFieldName = "conversationId";
54 const char* const saslCommandDoneFieldName = "done";
55 const char* const saslCommandErrmsgFieldName = "errmsg";
56 const char* const saslCommandMechanismFieldName = "mechanism";
57 const char* const saslCommandMechanismListFieldName = "supportedMechanisms";
58 const char* const saslCommandPasswordFieldName = "pwd";
59 const char* const saslCommandPayloadFieldName = "payload";
60 const char* const saslCommandUserDBFieldName = "db";
61 const char* const saslCommandUserFieldName = "user";
62 const char* const saslCommandServiceHostnameFieldName = "serviceHostname";
63 const char* const saslCommandServiceNameFieldName = "serviceName";
64 const char* const saslCommandDigestPasswordFieldName = "digestPassword";
65 const char* const saslDefaultDBName = "$external";
66 const char* const saslDefaultServiceName = "mongodb";
67 
saslExtractPayload(const BSONObj & cmdObj,std::string * payload,BSONType * type)68 Status saslExtractPayload(const BSONObj& cmdObj, std::string* payload, BSONType* type) {
69     BSONElement payloadElement;
70     Status status = bsonExtractField(cmdObj, saslCommandPayloadFieldName, &payloadElement);
71     if (!status.isOK())
72         return status;
73 
74     *type = payloadElement.type();
75     if (payloadElement.type() == BinData) {
76         const char* payloadData;
77         int payloadLen;
78         payloadData = payloadElement.binData(payloadLen);
79         if (payloadLen < 0)
80             return Status(ErrorCodes::InvalidLength, "Negative payload length");
81         *payload = std::string(payloadData, payloadData + payloadLen);
82     } else if (payloadElement.type() == String) {
83         try {
84             *payload = base64::decode(payloadElement.str());
85         } catch (AssertionException& e) {
86             return Status(ErrorCodes::FailedToParse, e.what());
87         }
88     } else {
89         return Status(ErrorCodes::TypeMismatch,
90                       (str::stream() << "Wrong type for field; expected BinData or String for "
91                                      << payloadElement));
92     }
93 
94     return Status::OK();
95 }
96 }  // namespace mongo
97