Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(NODE-5939): Implement 6.x: cache the AWS credentials provider in the MONGODB-AWS auth logic #3991

Merged
merged 21 commits into from
Feb 21, 2024
Merged

feat(NODE-5939): Implement 6.x: cache the AWS credentials provider in the MONGODB-AWS auth logic #3991

merged 21 commits into from
Feb 21, 2024

Conversation

alenakhineika
Copy link
Contributor

@alenakhineika alenakhineika commented Feb 13, 2024
edited
Loading

Description

Cashing credentials is required by the spec.

The AWS credentials provider instance itself is implemented as a smart credentials cache. It will issue at most one request to IMDS, and will only issue another request when the credentials are about to expire.

Instead of creating a new AWS provider for each authentication, we cache the AWS credentials provider per client.

What is changing?

  • Refactor AUTH_PROVIDERS to have factory functions instead of creating providers

  • Create instances of auth providers in MongoClient and cache them when requested per client to ensure that cached credentials are not shared with other clients

    • Expose the getAuthProvider() function per ClientOptions, so it can be requested by connection and monitoring to communicate with auth providers
    • A client can have more than one auth provider because while connecting we can e.g. switch from MONGODB_DEFAULT to MONGODB_SCRAM_SHA256

  • Cache AWS provider per MongoDBAWS. AWS SDK will cache the first HTTP request as long as the provider is not reconstructed. We refactor the codebase to ensure that the AWS provider is stored per the MongoDBAWS instance to prevent overwhelming the auth endpoint

Is there new documentation needed for these changes?

None

What is the motivation for this change?

NODE-5616

Release Highlight

Caching AWS credentials provider per client

Instead of creating a new AWS provider for each authentication, we cache the AWS credentials provider per client to prevent overwhelming the auth endpoint and ensure that cached credentials are not shared with other clients.

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@alenakhineika alenakhineika changed the title feat(NODE-5616): cache the AWS credentials provider in the MONGODB-AWS auth logic feat(NODE-5939): Implement 6.x: cache the AWS credentials provider in the MONGODB-AWS auth logic Feb 15, 2024
@alenakhineika alenakhineika marked this pull request as ready for review February 16, 2024 14:41
@durran durran self-assigned this Feb 19, 2024
@durran durran added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Feb 19, 2024
durran
durran requested changes Feb 19, 2024
View reviewed changes
src/mongo_client.ts Outdated Show resolved Hide resolved
src/mongo_client.ts Outdated Show resolved Hide resolved
test/integration/auth/mongodb_aws.test.ts Show resolved Hide resolved
@durran durran added Team Review Needs review from team and removed Primary Review In Review with primary reviewer, not yet ready for team's eyes labels Feb 20, 2024
@alenakhineika alenakhineika mentioned this pull request Feb 22, 2024
Merged
5 tasks
@akanchhaS akanchhaS mentioned this pull request May 18, 2024
Open
@lydmoon lydmoon mentioned this pull request May 19, 2024
Open
@lryanle lryanle mentioned this pull request May 21, 2024
Open
@baby636 baby636 mentioned this pull request May 21, 2024
Open
@IdrizMirena IdrizMirena mentioned this pull request May 22, 2024
Open
@mkusztal mkusztal mentioned this pull request May 24, 2024
Open
@NotZarifGithub NotZarifGithub mentioned this pull request May 24, 2024
Open
@arenault-pass arenault-pass mentioned this pull request May 24, 2024
Closed
@lryanle lryanle mentioned this pull request May 24, 2024
Open
@akanchhaS akanchhaS mentioned this pull request May 25, 2024
Open
@boytur boytur mentioned this pull request May 25, 2024
Closed
@lydmoon lydmoon mentioned this pull request May 25, 2024
Open
@boytur boytur mentioned this pull request May 26, 2024
Open
@mkusztal mkusztal mentioned this pull request May 27, 2024
Open
@lydmoon lydmoon mentioned this pull request May 27, 2024
Open
@akanchhaS akanchhaS mentioned this pull request May 27, 2024
Open
@mkusztal mkusztal mentioned this pull request May 28, 2024
Open
@lryanle lryanle mentioned this pull request May 28, 2024
Open
@boytur boytur mentioned this pull request May 28, 2024
Open
@NotZarifGithub NotZarifGithub mentioned this pull request May 28, 2024
Open
This was referenced Jun 2, 2024
Open
Merged
@lydmoon lydmoon mentioned this pull request Jun 6, 2024
Open
@NotZarifGithub NotZarifGithub mentioned this pull request Jun 6, 2024
Open
@akanchhaS akanchhaS mentioned this pull request Jun 6, 2024
Open
@lryanle lryanle mentioned this pull request Jun 6, 2024
Open
@mkusztal mkusztal mentioned this pull request Jun 7, 2024
Open
@astitva3110 astitva3110 mentioned this pull request Jun 8, 2024
Open
@gardnern gardnern mentioned this pull request Jun 18, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aditi-khare-mongoDB aditi-khare-mongoDB aditi-khare-mongoDB approved these changes

@durran durran durran approved these changes

Assignees

@durran durran

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@alenakhineika @durran @aditi-khare-mongoDB