-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DOCSP-43473: oidc #382
DOCSP-43473: oidc #382
Conversation
✅ Deploy Preview for docs-golang ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! awesome job. how was the process of transferring an existing page to Go?
(IMDS), you can authenticate to MongoDB by using the {+driver-short+}'s | ||
built-in Azure support. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fyi: the info on azure imds and other platforms should be correct across all drivers, but the level of integration might not. for example, not every driver might have built-in support for azure, gcp, etc. The DBX team will know for sure.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
edit: based on the rest of the PR, looks like you've accounted for that!
"&authMechanism=MONGODB-OIDC" + | ||
"&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:<percent-encoded audience>" | ||
|
||
client, err := mongo.Connect(options.Client().ApplyURI(uri)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is valid for the Go Driver v2.0 API, but not for v1.17. If this is intended to document v1.17, the first argument to Connect
must be a Context
value.
This comment applies to all mongo.Connect
calls in this PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This Pr is against the master branch of the docs, which is tracking for the v2 release. When I backport this ticket to the v1.17 branch, I'll make sure to correct that!
props := map[string]string{ | ||
"TOKEN_RESOURCE": "<audience>", | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These props are unnecessary for custom callbacks and were erroneously added to the Go Driver repo examples. See mongodb/mongo-go-driver#1809 for the related fix.
props := map[string]string{ | |
"TOKEN_RESOURCE": "<audience>", | |
} |
opts.SetAuth( | ||
options.Credential{ | ||
AuthMechanism: "MONGODB-OIDC", | ||
AuthMechanismProperties: props, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AuthMechanismProperties
are not used for custom callbacks and were erroneously added to the Go Driver repo examples. See mongodb/mongo-go-driver#1809 for the related fix.
AuthMechanismProperties: props, |
props := map[string]string{ | ||
"ENVIRONMENT": "gcp", | ||
"TOKEN_RESOURCE": "<audience>", | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Similar to above, custom callbacks do not use AuthMechanismProperties
. See mongodb/mongo-go-driver#1809 for the related example fix.
props := map[string]string{ | |
"ENVIRONMENT": "gcp", | |
"TOKEN_RESOURCE": "<audience>", | |
} |
opts.SetAuth( | ||
options.Credential{ | ||
AuthMechanism: "MONGODB-OIDC", | ||
AuthMechanismProperties: props, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Similar to above, custom callbacks do not use AuthMechanismProperties
. See mongodb/mongo-go-driver#1809 for the related example fix.
AuthMechanismProperties: props, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! 👍
* DOCSP-43473: oidc * vale * fix * wip * log error * dedent * emphasis * fix * MD tech review 1 (cherry picked from commit 8a67edf)
Pull Request Info
PR Reviewing Guidelines
JIRA - https://jira.mongodb.org/browse/DOCSP-43473
Staging - https://deploy-preview-382--docs-golang.netlify.app/fundamentals/enterprise-auth/#mongodb-oidc
Self-Review Checklist