Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DOCSP-43473: oidc #382

Merged
merged 10 commits into from
Sep 16, 2024
Merged

DOCSP-43473: oidc #382

merged 10 commits into from
Sep 16, 2024

Conversation

rustagir
Copy link
Collaborator

@rustagir rustagir commented Sep 12, 2024

Pull Request Info

PR Reviewing Guidelines

JIRA - https://jira.mongodb.org/browse/DOCSP-43473
Staging - https://deploy-preview-382--docs-golang.netlify.app/fundamentals/enterprise-auth/#mongodb-oidc

Self-Review Checklist

  • Is this free of any warnings or errors in the RST?
  • Did you run a spell-check?
  • Did you run a grammar-check?
  • Are all the links working?
  • Are the facets and meta keywords accurate?

Copy link

netlify bot commented Sep 12, 2024

Deploy Preview for docs-golang ready!

Name Link
🔨 Latest commit 24667c2
🔍 Latest deploy log https://app.netlify.com/sites/docs-golang/deploys/66e83adc361bf90008b6236a
😎 Deploy Preview https://deploy-preview-382--docs-golang.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

Copy link
Collaborator

@mongoKart mongoKart left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! awesome job. how was the process of transferring an existing page to Go?

Comment on lines +230 to +231
(IMDS), you can authenticate to MongoDB by using the {+driver-short+}'s
built-in Azure support.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fyi: the info on azure imds and other platforms should be correct across all drivers, but the level of integration might not. for example, not every driver might have built-in support for azure, gcp, etc. The DBX team will know for sure.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

edit: based on the rest of the PR, looks like you've accounted for that!

"&authMechanism=MONGODB-OIDC" +
"&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:<percent-encoded audience>"

client, err := mongo.Connect(options.Client().ApplyURI(uri))
Copy link
Collaborator

@matthewdale matthewdale Sep 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is valid for the Go Driver v2.0 API, but not for v1.17. If this is intended to document v1.17, the first argument to Connect must be a Context value.

This comment applies to all mongo.Connect calls in this PR.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This Pr is against the master branch of the docs, which is tracking for the v2 release. When I backport this ticket to the v1.17 branch, I'll make sure to correct that!

Comment on lines 28 to 30
props := map[string]string{
"TOKEN_RESOURCE": "<audience>",
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These props are unnecessary for custom callbacks and were erroneously added to the Go Driver repo examples. See mongodb/mongo-go-driver#1809 for the related fix.

Suggested change
props := map[string]string{
"TOKEN_RESOURCE": "<audience>",
}

opts.SetAuth(
options.Credential{
AuthMechanism: "MONGODB-OIDC",
AuthMechanismProperties: props,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

AuthMechanismProperties are not used for custom callbacks and were erroneously added to the Go Driver repo examples. See mongodb/mongo-go-driver#1809 for the related fix.

Suggested change
AuthMechanismProperties: props,

Comment on lines 28 to 31
props := map[string]string{
"ENVIRONMENT": "gcp",
"TOKEN_RESOURCE": "<audience>",
}
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to above, custom callbacks do not use AuthMechanismProperties. See mongodb/mongo-go-driver#1809 for the related example fix.

Suggested change
props := map[string]string{
"ENVIRONMENT": "gcp",
"TOKEN_RESOURCE": "<audience>",
}

opts.SetAuth(
options.Credential{
AuthMechanism: "MONGODB-OIDC",
AuthMechanismProperties: props,
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to above, custom callbacks do not use AuthMechanismProperties. See mongodb/mongo-go-driver#1809 for the related example fix.

Suggested change
AuthMechanismProperties: props,

Copy link
Collaborator

@matthewdale matthewdale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! 👍

@rustagir rustagir merged commit 8a67edf into mongodb:master Sep 16, 2024
6 checks passed
rustagir added a commit that referenced this pull request Sep 16, 2024
* DOCSP-43473: oidc

* vale

* fix

* wip

* log error

* dedent

* emphasis

* fix

* MD tech review 1

(cherry picked from commit 8a67edf)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants