SQL-1937: Add ODBC callback conditionally (#213)

* SQL-1937: Target main for mongodb (and bson)

* SQL-1937: Map UserOptions to (Mongo) Client so that we share Clients for OIDC purposes

* SQL-1937: Clippy

* SQL-1937: Port to using rust driver types

* SQL-1937: Oh yea, make sure to also remove any duplicates

* SQL-1937: Remove username and password

* SQL-1937: Remove username and password

* SQL-1937: Some initial feature flag work, checkpointing to switch back to linux

* SQL-1937: Add feature flag for garbage collecting

* SQL-1937: Abstract client creation, and only use the CLIENT_MAP when we are using OIDC

* SQL-1937: Try to load in DLLMain

* SQL-1937: Move core back to master, now that oidc is public

* SQL-1937: Remove DLLMain because it does not reduce the number of logins in power-bi, since power-bi is actually opening multiple processes

* SQL-1937: Move config into shared file

* Update core/src/conn.rs

* SQL-1937: Move to 3.0.0 GA!

* SQL-1937: Appease clippy

* SQL-1937: Appease clippy, again

* Update core/src/conn.rs

Co-authored-by: Natacha Bagnard <[email protected]>

* SQL-1937: Remove OIDC-only pooling

* SQL-1937: Remove unused import

* SQL-1937: Update Cargo.lock

* SQL-1937: Fix merge errors

* SQL-1937: Fix rustfmt

* SQL-1937: Add back in BulkWriteFailure, fix integration_test

---------

Co-authored-by: Natacha Bagnard <[email protected]>

Author: pmeredit

Cargo.lock

@@ -26,8 +26,8 @@ cstr = { path = "../cstr" }
 fancy-regex = "0.11.0"
 shared_sql_utils = { path = "../shared_sql_utils" }
 log = "0.4.14"
-mongodb = { version = "2.8.2", features = ["aws-auth"] }
-# Do NOT change these features without consulting with other team members. 
+mongodb = { version = "3", features = ["aws-auth", "dns-resolver"] }
+# Do NOT change these features without consulting with other team members.
 # The features are used to control the behavior of tokio. Tokio is unsafe to use
 # across ABI boundaries in any other runtime but current_thread
 tokio = { version = "1", features = ["rt", "sync", "io-util", "macros", "net"] }
@@ -46,6 +46,7 @@ windows = { version = "0.44.0", features = [
 
 [features]
 bad_host = []
+garbage_collect = []
 
 [lib]
 name = "mongo_odbc_core"

core/Cargo.toml

@@ -1,17 +1,21 @@
-use mongo_odbc_core::oidc_auth::*;
+use mongo_odbc_core::{oidc_auth::do_auth_flow, test_config::*};
+use mongodb::options::oidc::{CallbackContext, IdpServerInfo};
 
 #[tokio::main]
 async fn main() {
-    let c = CallbackContext {
-        idp_info: Some(IdpServerInfo {
-            issuer: "https://mongodb-dev.okta.com/oauth2/ausqrxbcr53xakaRR357".to_string(),
-            client_id: Some("0oarvap2r7PmNIBsS357".to_string()),
-            // show that we get a refresh_token even when we don't ask for it here
-            request_scopes: Some(vec!["openid".to_string()]),
-        }),
-        refresh_token: None,
-        timeout_seconds: None,
-        version: 1,
-    };
-    println!("{:?}", do_auth_flow(c).await.unwrap());
+    let c = CallbackContext::builder()
+        .idp_info(
+            IdpServerInfo::builder()
+                .issuer(ISSUER_URL.to_string())
+                .client_id(Some(CLIENT_ID.to_string()))
+                .request_scopes(Some(vec!["openid".to_string()]))
+                .build(),
+        )
+        .version(1u32)
+        .build();
+    let res = do_auth_flow(c).await.unwrap();
+    println!(
+        "{:?}, {:?}, {:?}",
+        res.access_token, res.expires, res.refresh_token
+    );
 }

core/src/bin/test_auth_flow.rs

@@ -1,24 +1,27 @@
-use mongo_odbc_core::oidc_auth::*;
+use mongo_odbc_core::{
+    oidc_auth::{do_auth_flow, do_refresh},
+    test_config::*,
+};
+use mongodb::options::oidc::{CallbackContext, IdpServerInfo};
 
 #[tokio::main]
 async fn main() {
-    let c = CallbackContext {
-        idp_info: Some(IdpServerInfo {
-            issuer: "https://mongodb-dev.okta.com/oauth2/ausqrxbcr53xakaRR357".to_string(),
-            client_id: Some("0oarvap2r7PmNIBsS357".to_string()),
-            // show that we get a refresh_token even when we don't ask for it here
-            request_scopes: Some(vec!["openid".to_string()]),
-        }),
-        refresh_token: None,
-        timeout_seconds: None,
-        version: 1,
-    };
+    let c = CallbackContext::builder()
+        .idp_info(
+            IdpServerInfo::builder()
+                .issuer(ISSUER_URL.to_string())
+                .client_id(Some(CLIENT_ID.to_string()))
+                .request_scopes(Some(vec!["openid".to_string()]))
+                .build(),
+        )
+        .version(1u32)
+        .build();
     let mut refresh_c = c.clone();
-    let IdpServerResponse {
-        access_token: _,
-        expires: _,
-        refresh_token,
-    } = do_auth_flow(c).await.unwrap();
-    refresh_c.refresh_token = refresh_token;
+    let res = do_auth_flow(c).await.unwrap();
+    println!(
+        "{:?}, {:?}, {:?}",
+        res.access_token, res.expires, res.refresh_token
+    );
+    refresh_c.refresh_token = res.refresh_token;
     println!("{:?}", do_refresh(refresh_c).await.unwrap());
 }

core/src/bin/test_auth_flow_and_refresh.rs

@@ -1,28 +1,24 @@
-use mongo_odbc_core::oidc_auth::*;
+use mongo_odbc_core::{oidc_auth::oidc_call_back, test_config::*};
+use mongodb::options::oidc::{CallbackContext, IdpServerInfo};
 
 // This shows that the oidc_call_back function works. The second call will use the refresh token,
 // which will be obvious in that the web browser only opens once.
 #[tokio::main(flavor = "current_thread")]
 async fn main() {
-    let c = CallbackContext {
-        idp_info: Some(IdpServerInfo {
-            issuer: "https://mongodb-dev.okta.com/oauth2/ausqrxbcr53xakaRR357".to_string(),
-            client_id: Some("0oarvap2r7PmNIBsS357".to_string()),
-            // show that we get a refresh_token even when we don't ask for it here
-            request_scopes: Some(vec!["openid".to_string()]),
-        }),
-        refresh_token: None,
-        timeout_seconds: None,
-        version: 1,
-    };
+    let c = CallbackContext::builder()
+        .idp_info(
+            IdpServerInfo::builder()
+                .issuer(ISSUER_URL.to_string())
+                .client_id(Some(CLIENT_ID.to_string()))
+                .request_scopes(Some(vec!["openid".to_string()]))
+                .build(),
+        )
+        .version(1u32)
+        .build();
     let mut refresh_c = c.clone();
-    let IdpServerResponse {
-        access_token: _,
-        expires: _,
-        refresh_token,
-    } = oidc_call_back(c).await.unwrap();
-    println!("initial refresh token: {refresh_token:?}");
-    refresh_c.refresh_token = refresh_token;
+    let res = oidc_call_back(c).await.unwrap();
+    println!("initial refresh token: {:?}", res.refresh_token);
+    refresh_c.refresh_token = res.refresh_token;
     println!(
         "second response: {:?}",
         oidc_call_back(refresh_c).await.unwrap()

core/src/bin/test_oidc_call_back.rs

@@ -1,19 +1,23 @@
-use mongo_odbc_core::oidc_auth::*;
+use mongo_odbc_core::{
+    oidc_auth::{oidc_call_back, Error},
+    test_config::*,
+};
+use mongodb::options::oidc::{CallbackContext, IdpServerInfo};
 
+// This shows that the oidc_call_back function works. The second call will use the refresh token,
+// which will be obvious in that the web browser only opens once.
 #[tokio::main(flavor = "current_thread")]
 async fn main() {
-    let c = CallbackContext {
-        idp_info: Some(IdpServerInfo {
-            issuer: "https://mongodb-dev.okta.com/oauth2/ausqrxbcr53xakaRR357".to_string(),
-            client_id: Some("0oarvap2r7PmNIBsS357".to_string()),
-            request_scopes: Some(vec!["openid".to_string()]),
-        }),
-        refresh_token: None,
-        // 2 seconds works well on my laptop. 1 second results in the request dying before the
-        //   server can redirect
-        timeout_seconds: Some(std::time::Instant::now() + std::time::Duration::from_secs(2)),
-        version: 1,
-    };
+    let c = CallbackContext::builder()
+        .idp_info(
+            IdpServerInfo::builder()
+                .issuer(ISSUER_URL.to_string())
+                .client_id(Some(CLIENT_ID.to_string()))
+                .request_scopes(Some(vec!["openid".to_string()]))
+                .build(),
+        )
+        .timeout(std::time::Instant::now() + std::time::Duration::from_secs(2))
+        .version(1u32)
+        .build();
     println!("This is very timing dependent, but we should see a timeout, if we play with the value: {:?}", oidc_call_back(c).await.unwrap_err().get_custom::<Error>());
-    // example output from my laptop: `This is very timing dependent, but we should see a timeout, if we play with the value: Some(Timedout)`
 }