PR fixes

Author: katcharov

.evergreen/.evg.yml

@@ -13,7 +13,7 @@ stepback: true
 command_type: system
 
 # Protect ourselves against rogue test case, or curl gone wild, that runs forever
-exec_timeout_secs: 7200
+exec_timeout_secs: 3600
 
 # What to do when evergreen hits the timeout (`post:` tasks are run automatically)
 timeout:

driver-core/src/main/com/mongodb/MongoCredential.java

@@ -202,7 +202,7 @@ public final class MongoCredential {
      * This callback is invoked when the OIDC-based authenticator requests
      * a token. The type of the value must be {@link OidcCallback}.
      * {@link IdpInfo} will not be supplied to the callback,
-     * and a {@linkplain com.mongodb.MongoCredential.OidcTokens#getRefreshToken() refresh token}
+     * and a {@linkplain com.mongodb.MongoCredential.OidcCallbackResult#getRefreshToken() refresh token}
      * must not be returned by the callback.
      * <p>
      * If this is provided, {@link MongoCredential#ENVIRONMENT_KEY}
@@ -698,7 +698,7 @@ public interface OidcCallback {
          * @param context The context.
          * @return The response produced by an OIDC Identity Provider
          */
-        OidcTokens onRequest(OidcCallbackContext context);
+        OidcCallbackResult onRequest(OidcCallbackContext context);
     }
 
     /**
@@ -732,7 +732,7 @@ public interface IdpInfo {
      *
      * @since 5.1
      */
-    public static final class OidcTokens {
+    public static final class OidcCallbackResult {
 
         private final String accessToken;
 
@@ -746,7 +746,7 @@ public static final class OidcTokens {
          * An access token that does not expire.
          * @param accessToken The OIDC access token.
          */
-        public OidcTokens(final String accessToken) {
+        public OidcCallbackResult(final String accessToken) {
             this(accessToken, Duration.ZERO, null);
         }
 
@@ -756,7 +756,7 @@ public OidcTokens(final String accessToken) {
          *                  A {@linkplain Duration#isZero() zero-length} duration
          *                  means that the access token does not expire.
          */
-        public OidcTokens(final String accessToken, final Duration expiresIn) {
+        public OidcCallbackResult(final String accessToken, final Duration expiresIn) {
             this(accessToken, expiresIn, null);
         }
 
@@ -767,7 +767,7 @@ public OidcTokens(final String accessToken, final Duration expiresIn) {
          *                  means that the access token does not expire.
          * @param refreshToken The refresh token. If null, refresh will not be attempted.
          */
-        public OidcTokens(final String accessToken, final Duration expiresIn,
+        public OidcCallbackResult(final String accessToken, final Duration expiresIn,
                 @Nullable final String refreshToken) {
             notNull("accessToken", accessToken);
             notNull("expiresIn", expiresIn);

driver-core/src/main/com/mongodb/internal/authentication/GcpCredentialHelper.java

@@ -32,7 +32,6 @@
  * <p>This class is not part of the public API and may be removed or changed at any time</p>
  */
 public final class GcpCredentialHelper {
-
     public static BsonDocument obtainFromEnvironment() {
         String endpoint = "http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token";
 
@@ -43,8 +42,7 @@ public static BsonDocument obtainFromEnvironment() {
         if (responseDocument.containsKey("access_token")) {
             return new BsonDocument("accessToken", responseDocument.get("access_token"));
         } else {
-            throw new MongoClientException("access_token is missing from GCE metadata response.  Full response is ''"
-                    + response);
+            throw new MongoClientException("access_token is missing from GCE metadata response.  Full response is ''" + response);
         }
     }
 

driver-core/src/main/com/mongodb/internal/connection/OidcAuthenticator.java

@@ -21,7 +21,7 @@
 import com.mongodb.MongoCommandException;
 import com.mongodb.MongoConfigurationException;
 import com.mongodb.MongoCredential;
-import com.mongodb.MongoCredential.OidcTokens;
+import com.mongodb.MongoCredential.OidcCallbackResult;
 import com.mongodb.MongoException;
 import com.mongodb.MongoSecurityException;
 import com.mongodb.ServerAddress;
@@ -193,8 +193,8 @@ private OidcCallback getRequestCallback() {
     @VisibleForTesting(otherwise = VisibleForTesting.AccessModifier.PRIVATE)
     public static OidcCallback getTestCallback() {
         return (context) -> {
-            String accessToken = readTestTokenFromFile();
-            return new OidcTokens(accessToken);
+            String accessToken = readTokenFromFile();
+            return new OidcCallbackResult(accessToken);
         };
     }
 
@@ -204,7 +204,7 @@ public static OidcCallback getAzureCallback(final MongoCredential credential) {
             String resource = assertNotNull(credential.getMechanismProperty(TOKEN_RESOURCE_KEY, null));
             String objectId = credential.getUserName();
             CredentialInfo response = AzureCredentialHelper.fetchAzureCredentialInfo(resource, objectId);
-            return new OidcTokens(response.getAccessToken(), response.getExpiresIn());
+            return new OidcCallbackResult(response.getAccessToken(), response.getExpiresIn());
         };
     }
 
@@ -213,7 +213,7 @@ public static OidcCallback getGcpCallback(final MongoCredential credential) {
         return (context) -> {
             String resource = assertNotNull(credential.getMechanismProperty(TOKEN_RESOURCE_KEY, null));
             CredentialInfo response = GcpCredentialHelper.fetchGcpCredentialInfo(resource);
-            return new OidcTokens(response.getAccessToken(), response.getExpiresIn());
+            return new OidcCallbackResult(response.getAccessToken(), response.getExpiresIn());
         };
     }
 
@@ -302,7 +302,7 @@ private byte[] evaluate(final byte[] challenge) {
                 assertNotNull(cachedIdpInfo);
                 // Invoke Callback using cached Refresh Token
                 fallbackState = FallbackState.PHASE_2_REFRESH_CALLBACK_TOKEN;
-                OidcTokens result = requestCallback.onRequest(new OidcCallbackContextImpl(
+                OidcCallbackResult result = requestCallback.onRequest(new OidcCallbackContextImpl(
                         CALLBACK_TIMEOUT, cachedIdpInfo, cachedRefreshToken, userName));
                 jwt[0] = populateCacheWithCallbackResultAndPrepareJwt(cachedIdpInfo, result);
             } else {
@@ -311,7 +311,7 @@ private byte[] evaluate(final byte[] challenge) {
                 if (!isHuman) {
                     // no principal request
                     fallbackState = FallbackState.PHASE_3B_CALLBACK_TOKEN;
-                    OidcTokens result = requestCallback.onRequest(new OidcCallbackContextImpl(
+                    OidcCallbackResult result = requestCallback.onRequest(new OidcCallbackContextImpl(
                             CALLBACK_TIMEOUT, userName));
                     jwt[0] = populateCacheWithCallbackResultAndPrepareJwt(null, result);
                     if (result.getRefreshToken() != null) {
@@ -341,7 +341,7 @@ private byte[] evaluate(final byte[] challenge) {
                         IdpInfo idpInfo = toIdpInfo(challenge);
                         // there is no cached refresh token
                         fallbackState = FallbackState.PHASE_3B_CALLBACK_TOKEN;
-                        OidcTokens result = requestCallback.onRequest(new OidcCallbackContextImpl(
+                        OidcCallbackResult result = requestCallback.onRequest(new OidcCallbackContextImpl(
                                 CALLBACK_TIMEOUT, idpInfo, null, userName));
                         jwt[0] = populateCacheWithCallbackResultAndPrepareJwt(idpInfo, result);
                     }
@@ -485,7 +485,7 @@ public boolean isComplete() {
 
     }
 
-    private static String readTestTokenFromFile() {
+    private static String readTokenFromFile() {
         String path = System.getenv(OIDC_TOKEN_FILE);
         if (path == null) {
             throw new MongoClientException(
@@ -502,14 +502,14 @@ private static String readTestTokenFromFile() {
 
     private byte[] populateCacheWithCallbackResultAndPrepareJwt(
             @Nullable final IdpInfo serverInfo,
-            @Nullable final OidcTokens oidcTokens) {
-        if (oidcTokens == null) {
+            @Nullable final OidcCallbackResult oidcCallbackResult) {
+        if (oidcCallbackResult == null) {
             throw new MongoConfigurationException("Result of callback must not be null");
         }
-        OidcCacheEntry newEntry = new OidcCacheEntry(oidcTokens.getAccessToken(),
-                oidcTokens.getRefreshToken(), serverInfo);
+        OidcCacheEntry newEntry = new OidcCacheEntry(oidcCallbackResult.getAccessToken(),
+                oidcCallbackResult.getRefreshToken(), serverInfo);
         getMongoCredentialWithCache().setOidcCacheEntry(newEntry);
-        return prepareTokenAsJwt(oidcTokens.getAccessToken());
+        return prepareTokenAsJwt(oidcCallbackResult.getAccessToken());
     }
 
     private static byte[] prepareUsername(@Nullable final String username) {

driver-sync/src/test/functional/com/mongodb/internal/connection/OidcAuthenticationProseTests.java

@@ -64,7 +64,7 @@
 import static com.mongodb.MongoCredential.OIDC_HUMAN_CALLBACK_KEY;
 import static com.mongodb.MongoCredential.OidcCallback;
 import static com.mongodb.MongoCredential.OidcCallbackContext;
-import static com.mongodb.MongoCredential.OidcTokens;
+import static com.mongodb.MongoCredential.OidcCallbackResult;
 import static com.mongodb.assertions.Assertions.assertNotNull;
 import static java.lang.System.getenv;
 import static java.util.Arrays.asList;
@@ -211,7 +211,7 @@ public void test2p3CallbackReturnsMissingData() {
         //    conforming to the OIDCRequestTokenResult with missing field(s).
         OidcCallback callback = (context) -> {
             //noinspection ConstantConditions
-            return new OidcTokens(null);
+            return new OidcCallbackResult(null);
         };
         // we ensure that the error is propagated
         MongoClientSettings clientSettings = createSettings(callback);
@@ -238,7 +238,7 @@ public void test3p1AuthFailsWithCachedToken() throws ExecutionException, Interru
         // reference to the token to poison
         CompletableFuture<String> poisonToken = new CompletableFuture<>();
         OidcCallback callback = (context) -> {
-            OidcTokens result = callbackWrapped.onRequest(context);
+            OidcCallbackResult result = callbackWrapped.onRequest(context);
             String accessToken = result.getAccessToken();
             if (!poisonToken.isDone()) {
                 poisonToken.complete(accessToken);
@@ -272,7 +272,7 @@ public void test3p1AuthFailsWithCachedToken() throws ExecutionException, Interru
     @Test
     public void test3p2AuthFailsWithoutCachedToken() {
         OidcCallback callback =
-                (x) -> new OidcTokens("invalid_token");
+                (x) -> new OidcCallbackResult("invalid_token");
         MongoClientSettings clientSettings = createSettings(callback);
         try (MongoClient mongoClient = createMongoClient(clientSettings)) {
             assertCause(MongoCommandException.class,
@@ -328,8 +328,8 @@ public void test4p2ReadCommandsFailIfReauthenticationFails() {
         // and then bad tokens after the first call.
         TestCallback wrappedCallback = createCallback();
         OidcCallback callback = (context) -> {
-            OidcTokens result1 = wrappedCallback.callback(context);
-            return new OidcTokens(wrappedCallback.getInvocations() > 1 ? "bad" : result1.getAccessToken());
+            OidcCallbackResult result1 = wrappedCallback.callback(context);
+            return new OidcCallbackResult(wrappedCallback.getInvocations() > 1 ? "bad" : result1.getAccessToken());
         };
         MongoClientSettings clientSettings = createSettings(callback);
         try (MongoClient mongoClient = createMongoClient(clientSettings)) {
@@ -348,8 +348,8 @@ public void test4p3WriteCommandsFailIfReauthenticationFails() {
         // and then bad tokens after the first call.
         TestCallback wrappedCallback = createCallback();
         OidcCallback callback = (context) -> {
-            OidcTokens result1 = wrappedCallback.callback(context);
-            return new OidcTokens(
+            OidcCallbackResult result1 = wrappedCallback.callback(context);
+            return new OidcCallbackResult(
                     wrappedCallback.getInvocations() > 1 ? "bad" : result1.getAccessToken());
         };
         MongoClientSettings clientSettings = createSettings(callback);
@@ -526,7 +526,7 @@ public void testh2p2HumanCallbackReturnsMissingData() {
 
         //noinspection ConstantConditions
         OidcCallback callback =
-                (context) -> new OidcTokens(null);
+                (context) -> new OidcCallbackResult(null);
         assertFindFails(createHumanSettings(callback, null),
                 IllegalArgumentException.class,
                 "accessToken can not be null");
@@ -537,7 +537,7 @@ public void testh2p2HumanCallbackReturnsMissingData() {
     public void testRefreshTokenAbsent() {
         // additionally, check validation for refresh in machine workflow:
         OidcCallback callbackMachineRefresh =
-                (context) -> new OidcTokens("access", Duration.ZERO, "exists");
+                (context) -> new OidcCallbackResult("access", Duration.ZERO, "exists");
         assertFindFails(createSettings(callbackMachineRefresh),
                 MongoConfigurationException.class,
                 "Refresh token must only be provided in human workflow");
@@ -648,8 +648,8 @@ public void testh4p3SucceedsAfterRefreshFails() {
         assumeTestEnvironment();
         TestCallback callback1 = createHumanCallback();
         OidcCallback callback2 = (context) -> {
-            OidcTokens oidcTokens = callback1.onRequest(context);
-            return new OidcTokens(oidcTokens.getAccessToken(), Duration.ofMinutes(5), "BAD_REFRESH");
+            OidcCallbackResult oidcCallbackResult = callback1.onRequest(context);
+            return new OidcCallbackResult(oidcCallbackResult.getAccessToken(), Duration.ofMinutes(5), "BAD_REFRESH");
         };
         MongoClientSettings clientSettings = createHumanSettings(callback2, null);
         try (MongoClient mongoClient = createMongoClient(clientSettings)) {
@@ -670,8 +670,8 @@ public void testh4p4Fails() {
         TestCallback callback1 = createHumanCallback()
                 .setPathSupplier(() -> tokens.remove());
         OidcCallback callback2 = (context) -> {
-            OidcTokens oidcTokens = callback1.onRequest(context);
-            return new OidcTokens(oidcTokens.getAccessToken(), Duration.ofMinutes(5), "BAD_REFRESH");
+            OidcCallbackResult oidcCallbackResult = callback1.onRequest(context);
+            return new OidcCallbackResult(oidcCallbackResult.getAccessToken(), Duration.ofMinutes(5), "BAD_REFRESH");
         };
         MongoClientSettings clientSettings = createHumanSettings(callback2, null);
         try (MongoClient mongoClient = createMongoClient(clientSettings)) {
@@ -976,7 +976,7 @@ public int getInvocations() {
         }
 
         @Override
-        public OidcTokens onRequest(final OidcCallbackContext context) {
+        public OidcCallbackResult onRequest(final OidcCallbackContext context) {
             if (testListener != null) {
                 testListener.add("onRequest invoked ("
                         + "Refresh Token: " + (context.getRefreshToken() == null ? "none" : "present")
@@ -986,7 +986,7 @@ public OidcTokens onRequest(final OidcCallbackContext context) {
             return callback(context);
         }
 
-        private OidcTokens callback(final OidcCallbackContext context) {
+        private OidcCallbackResult callback(final OidcCallbackContext context) {
             if (concurrentTracker != null) {
                 if (concurrentTracker.get() > 0) {
                     throw new RuntimeException("Callbacks should not be invoked by multiple threads.");
@@ -1007,12 +1007,7 @@ private OidcTokens callback(final OidcCallbackContext context) {
                     c = OidcAuthenticator.getAzureCallback(credential);
                 } else if (oidcEnv.contains("gcp")) {
                     c = OidcAuthenticator.getGcpCallback(credential);
-                } else if (oidcEnv.contains("test")) {
-                    c = null;
                 } else {
-                    c = null;
-                }
-                if (c == null) {
                     c = getProseTestCallback();
                 }
                 return c.onRequest(context);
@@ -1034,7 +1029,7 @@ private OidcCallback getProseTestCallback() {
                     if (testListener != null) {
                         testListener.add("read access token: " + path.getFileName());
                     }
-                    return new OidcTokens(accessToken, Duration.ZERO, refreshToken);
+                    return new OidcCallbackResult(accessToken, Duration.ZERO, refreshToken);
                 } catch (IOException e) {
                     throw new RuntimeException(e);
                 }