From 4cf1e96c68410d743c592b27e8864917ca16e160 Mon Sep 17 00:00:00 2001 From: Neal Beeken Date: Tue, 15 Aug 2023 16:20:28 -0400 Subject: [PATCH] fix(NODE-5537): remove credentials from ConnectionPoolCreatedEvent options (#3813) --- global.d.ts | 2 +- src/cmap/connection_pool_events.ts | 9 +++- .../connection_monitoring_and_pooling.test.ts | 49 +++++++++++++++++++ 3 files changed, 57 insertions(+), 3 deletions(-) diff --git a/global.d.ts b/global.d.ts index 7c8dc818cc..7bfde0e6d1 100644 --- a/global.d.ts +++ b/global.d.ts @@ -1,4 +1,4 @@ -import { OneOrMore } from './src/mongo_types'; +import { type OneOrMore } from './src/mongo_types'; import type { TestConfiguration } from './test/tools/runner/config'; declare global { diff --git a/src/cmap/connection_pool_events.ts b/src/cmap/connection_pool_events.ts index 4c90444133..619e59e455 100644 --- a/src/cmap/connection_pool_events.ts +++ b/src/cmap/connection_pool_events.ts @@ -54,14 +54,19 @@ export abstract class ConnectionPoolMonitoringEvent { */ export class ConnectionPoolCreatedEvent extends ConnectionPoolMonitoringEvent { /** The options used to create this connection pool */ - options?: ConnectionPoolOptions; + options: Omit & { credentials?: Record }; /** @internal */ name = CONNECTION_POOL_CREATED; /** @internal */ constructor(pool: ConnectionPool) { super(pool); - this.options = pool.options; + if (pool.options.credentials != null) { + // Intentionally remove credentials: NODE-5460 + this.options = { ...pool.options, credentials: {} }; + } else { + this.options = pool.options; + } } } diff --git a/test/integration/connection-monitoring-and-pooling/connection_monitoring_and_pooling.test.ts b/test/integration/connection-monitoring-and-pooling/connection_monitoring_and_pooling.test.ts index 6e57d5a826..5ed491940e 100644 --- a/test/integration/connection-monitoring-and-pooling/connection_monitoring_and_pooling.test.ts +++ b/test/integration/connection-monitoring-and-pooling/connection_monitoring_and_pooling.test.ts @@ -1,3 +1,7 @@ +import { expect } from 'chai'; +import { once } from 'events'; + +import { type MongoClient } from '../../mongodb'; import { loadSpecTests } from '../../spec'; import { type CmapTest, runCmapTestSuite } from '../../tools/cmap_spec_runner'; import { runUnifiedSuite } from '../../tools/unified-spec-runner/runner'; @@ -23,4 +27,49 @@ describe('Connection Monitoring and Pooling (Node Driver)', function () { '../integration/connection-monitoring-and-pooling/unified-cmap-node-specs' ); runUnifiedSuite(unifiedTests); + + describe('ConnectionPoolCreatedEvent', () => { + let client: MongoClient; + beforeEach(async function () { + client = this.configuration.newClient(); + }); + + afterEach(async function () { + await client.close(); + }); + + describe('constructor()', () => { + it('when auth is enabled redacts credentials from options', { + metadata: { requires: { auth: 'enabled' } }, + async test() { + const poolCreated = once(client, 'connectionPoolCreated'); + await client.connect(); + const [event] = await poolCreated; + expect(event).to.have.deep.nested.property('options.credentials', {}); + + const poolOptions = Array.from(client.topology?.s.servers.values() ?? []).map( + s => s.pool.options + ); + expect(poolOptions).to.have.length.of.at.least(1); + + for (const { credentials = {} } of poolOptions) { + expect( + Object.keys(credentials), + 'pool.options.credentials must exist and have keys' + ).to.not.equal(0); + } + } + }); + + it('when auth is disabled does not add a credentials property to options', { + metadata: { requires: { auth: 'disabled' } }, + async test() { + const poolCreated = once(client, 'connectionPoolCreated'); + await client.connect(); + const [event] = await poolCreated; + expect(event).to.not.have.nested.property('options.credentials'); + } + }); + }); + }); });