3 var f = require('util').format
4 , crypto = require('crypto')
5 , Query = require('../connection/commands').Query
6 , MongoError = require('../error');
8 var AuthSession = function(db, username, password) {
10 this.username = username;
11 this.password = password;
14 AuthSession.prototype.equal = function(session) {
15 return session.db == this.db
16 && session.username == this.username
17 && session.password == this.password;
21 * Creates a new X509 authentication mechanism
23 * @return {X509} A cursor instance
25 var X509 = function(bson) {
33 * @param {{Server}|{ReplSet}|{Mongos}} server Topology the authentication method is being called on
34 * @param {[]Connections} connections Connections to authenticate using this authenticator
35 * @param {string} db Name of the database
36 * @param {string} username Username
37 * @param {string} password Password
38 * @param {authResultCallback} callback The callback to return the result from the authentication
41 X509.prototype.auth = function(server, connections, db, username, password, callback) {
44 var count = connections.length;
45 if(count == 0) return callback(null, null);
48 var numberOfValidConnections = 0;
49 var credentialsValid = false;
50 var errorObject = null;
52 // For each connection we need to authenticate
53 while(connections.length > 0) {
55 var execute = function(connection) {
56 // Let's start the sasl process
59 , mechanism: 'MONGODB-X509'
63 // Let's start the process
64 server(connection, new Query(self.bson, "$external.$cmd", command, {
65 numberToSkip: 0, numberToReturn: 1
66 }), function(err, r) {
70 // If we have an error
73 } else if(r.result['$err']) {
74 errorObject = r.result;
75 } else if(r.result['errmsg']) {
76 errorObject = r.result;
78 credentialsValid = true;
79 numberOfValidConnections = numberOfValidConnections + 1;
82 // We have authenticated all connections
83 if(count == 0 && numberOfValidConnections > 0) {
84 // Store the auth details
85 addAuthSession(self.authStore, new AuthSession(db, username, password));
86 // Return correct authentication
88 } else if(count == 0) {
89 if(errorObject == null) errorObject = new MongoError(f("failed to authenticate using mongocr"));
90 callback(errorObject, false);
95 var _execute = function(_connection) {
96 process.nextTick(function() {
101 _execute(connections.shift());
105 // Add to store only if it does not exist
106 var addAuthSession = function(authStore, session) {
109 for(var i = 0; i < authStore.length; i++) {
110 if(authStore[i].equal(session)) {
116 if(!found) authStore.push(session);
120 * Remove authStore credentials
122 * @param {string} db Name of database we are removing authStore details about
125 X509.prototype.logout = function(dbName) {
126 this.authStore = this.authStore.filter(function(x) {
127 return x.db != dbName;
132 * Re authenticate pool
134 * @param {{Server}|{ReplSet}|{Mongos}} server Topology the authentication method is being called on
135 * @param {[]Connections} connections Connections to authenticate using this authenticator
136 * @param {authResultCallback} callback The callback to return the result from the authentication
139 X509.prototype.reauthenticate = function(server, connections, callback) {
140 var authStore = this.authStore.slice(0);
142 var count = authStore.length;
143 if(count == 0) return callback(null, null);
144 // Iterate over all the auth details stored
145 for(var i = 0; i < authStore.length; i++) {
146 this.auth(server, connections, authStore[i].db, authStore[i].username, authStore[i].password, function(err, r) {
149 // Done re-authenticating
158 * This is a result from a authentication strategy
160 * @callback authResultCallback
161 * @param {error} error An error object. Set to null if no error present
162 * @param {boolean} result The result of the authentication process
165 module.exports = X509;
Code Review / aai / esr-gui.git / blob