CDRIVER-4489 promote empty username to client error (#1939)

eramongodb · web-flow · commit b1ff5d63ccc0 · 2025-03-20T09:54:31.000-05:00
diff --git a/NEWS b/NEWS
@@ -9,6 +9,7 @@ Unreleased (2.0.0)
 * `bson_oid_init_sequence` is removed. Use `bson_oid_init` instead.
 * `mongoc_server_description_host` changes the return type from `mongoc_host_list_t *` to `const mongoc_host_list_t *`.
 * URI authentication credentials validation (only applicable during creation of a new `mongoc_uri_t` object from a connection string):
+  * The requirement that a username is non-empty when specified is now enforced regardless of authentication mechanism.
   * `authMechanism` is now validated and returns a client error for invalid or unsupported values.
   * `authSource` is now validated and returns a client error for invalid or unsupported values for the specified `authMechanism`.
   * `authSource` is now correctly defaulted to `"$external"` for MONGODB-AWS (instead of the database name or `"admin"`).
diff --git a/src/libmongoc/src/mongoc/mongoc-uri.c b/src/libmongoc/src/mongoc/mongoc-uri.c
@@ -1315,6 +1315,10 @@ _finalize_auth_username (const char *username,
 
    case _mongoc_uri_finalize_allowed:
    default:
+      if (username && strlen (username) == 0u) {
+         MONGOC_URI_ERROR (error, "'%s' authentication mechanism requires a non-empty username", mechanism);
+         return false;
+      }
       break;
    }
 
diff --git a/src/libmongoc/tests/test-mongoc-uri.c b/src/libmongoc/tests/test-mongoc-uri.c

Original file line number	Diff line number	Diff line change
`@@ -1315,6 +1315,10 @@ _finalize_auth_username (const char *username,`
`1315`	`1315`
`1316`	`1316`	`case _mongoc_uri_finalize_allowed:`
`1317`	`1317`	`default:`
	`1318`	`+ if (username && strlen (username) == 0u) {`
	`1319`	`+ MONGOC_URI_ERROR (error, "'%s' authentication mechanism requires a non-empty username", mechanism);`
	`1320`	`+ return false;`
	`1321`	`+ }`
`1318`	`1322`	`break;`
`1319`	`1323`	`}`
`1320`	`1324`