Revert "feat!(devtools-connect): update oidc MONGOSH-1790 (#347)"

mabaasit · web-flow · commit be5803fe20d6 · 2024-06-06T16:48:00.000+02:00
This reverts commit bd7ed21.
diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/devtools-connect/package.json b/packages/devtools-connect/package.json
@@ -54,12 +54,12 @@
     "system-ca": "^1.0.2"
   },
   "peerDependencies": {
-    "@mongodb-js/oidc-plugin": "^1.0.0",
+    "@mongodb-js/oidc-plugin": "^0.4.0",
     "mongodb": "^5.8.1 || ^6.0.0",
     "mongodb-log-writer": "^1.4.2"
   },
   "devDependencies": {
-    "@mongodb-js/oidc-plugin": "^1.0.0",
+    "@mongodb-js/oidc-plugin": "^0.4.0",
     "@mongodb-js/saslprep": "^1.1.7",
     "@types/lodash.merge": "^4.6.7",
     "@types/mocha": "^9.0.0",
diff --git a/packages/devtools-connect/src/ipc-rpc-state-share.spec.ts b/packages/devtools-connect/src/ipc-rpc-state-share.spec.ts
@@ -102,65 +102,71 @@ describe('IPC RPC state sharing', function () {
 
   describe('StateShareServer/StateShareClient', function () {
     let fakeState: DevtoolsConnectionState;
-    let callback: sinon.SinonStub;
+    let request: sinon.SinonStub;
+    let refresh: sinon.SinonStub;
     let server: StateShareServer;
     let client: StateShareClient;
 
     beforeEach(function () {
-      callback = sinon.stub();
+      request = sinon.stub();
+      refresh = sinon.stub();
       fakeState = {
         productName: 'MongoDB Something',
         oidcPlugin: {
           mongoClientOptions: {
             authMechanismProperties: {
-              OIDC_HUMAN_CALLBACK: callback,
+              REFRESH_TOKEN_CALLBACK: refresh,
+              REQUEST_TOKEN_CALLBACK: request,
             },
           },
         },
       } as unknown as DevtoolsConnectionState;
+      request.resolves({ accessToken: 'req-accesstoken' });
+      refresh.resolves({ accessToken: 'ref-accesstoken' });
     });
 
     afterEach(async function () {
       await server.close();
     });
 
     it('can be used to share OIDC state', async function () {
-      callback.resolves({ accessToken: 'req-accesstoken' });
       server = await StateShareServer.create(fakeState);
       client = new StateShareClient(server.handle);
       const result =
-        await client.oidcPlugin.mongoClientOptions.authMechanismProperties.OIDC_HUMAN_CALLBACK(
+        await client.oidcPlugin.mongoClientOptions.authMechanismProperties.REQUEST_TOKEN_CALLBACK(
           {
-            idpInfo: {
-              issuer: 'http://localhost/',
-              clientId: 'clientId',
-            },
-            version: 1,
+            issuer: 'http://localhost/',
+            clientId: 'clientId',
+          },
+          {
+            version: 0,
           }
         );
       expect(result).to.deep.equal({ accessToken: 'req-accesstoken' });
     });
 
     it('supports timeoutContext', async function () {
-      callback.callsFake((params: { timeoutContext: AbortSignal }) => {
-        return new Promise((resolve, reject) =>
-          params.timeoutContext.addEventListener('abort', () =>
-            reject(new Error('aborted'))
-          )
-        );
-      });
+      refresh.callsFake(
+        (_idpInfo: unknown, ctx: { timeoutContext: AbortSignal }) => {
+          return new Promise((resolve, reject) =>
+            ctx.timeoutContext.addEventListener('abort', () =>
+              reject(new Error('aborted'))
+            )
+          );
+        }
+      );
       server = await StateShareServer.create(fakeState);
       client = new StateShareClient(server.handle);
 
       const abortController = new AbortController();
       const result =
-        client.oidcPlugin.mongoClientOptions.authMechanismProperties.OIDC_HUMAN_CALLBACK(
+        client.oidcPlugin.mongoClientOptions.authMechanismProperties.REFRESH_TOKEN_CALLBACK(
           {
-            idpInfo: {
-              issuer: 'http://localhost/',
-              clientId: 'clientId',
-            },
-            version: 1,
+            issuer: 'http://localhost/',
+            clientId: 'clientId',
+          },
+          {
+            version: 0,
             timeoutContext: abortController.signal,
           }
         );
diff --git a/packages/devtools-connect/src/ipc-rpc-state-share.ts b/packages/devtools-connect/src/ipc-rpc-state-share.ts
@@ -1,7 +1,8 @@
 import type {
   MongoDBOIDCPlugin,
+  IdPServerInfo,
   IdPServerResponse,
-  OIDCCallbackParams,
+  OIDCCallbackContext,
 } from '@mongodb-js/oidc-plugin';
 import type { DevtoolsConnectionState } from './connect';
 import { createServer as createHTTPServer, request } from 'http';
@@ -224,21 +225,26 @@ export class StateShareServer extends RpcServer {
 
   // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
   protected async handleRpc(content: any): Promise<Record<string, unknown>> {
+    const oidcCallbacks =
+      this.state.oidcPlugin.mongoClientOptions.authMechanismProperties;
+    let oidcMethod: keyof typeof oidcCallbacks;
     switch (content.method) {
       case 'oidc:_abort':
         this.abortContexts.get(content.timeoutContextId)?.abort();
         return {};
-      case 'oidc:OIDC_HUMAN_CALLBACK': {
+      case 'oidc:REQUEST_TOKEN_CALLBACK':
+        oidcMethod = 'REQUEST_TOKEN_CALLBACK';
+      // fallthrough
+      case 'oidc:REFRESH_TOKEN_CALLBACK': {
+        oidcMethod ??= 'REFRESH_TOKEN_CALLBACK';
+
         const abortController = new AbortController();
         this.abortContexts.set(content.timeoutContextId, abortController);
         try {
-          const result =
-            await this.state.oidcPlugin.mongoClientOptions.authMechanismProperties.OIDC_HUMAN_CALLBACK(
-              {
-                ...content.callbackParams,
-                timeoutContext: abortController.signal,
-              }
-            );
+          const result = await oidcCallbacks[oidcMethod](content.info, {
+            ...content.context,
+            timeoutContext: abortController.signal,
+          });
           return { result };
         } finally {
           this.abortContexts.delete(content.timeoutContextId);
@@ -269,9 +275,13 @@ export class StateShareClient extends RpcClient {
       logger: new EventEmitter(),
       mongoClientOptions: {
         authMechanismProperties: {
-          OIDC_HUMAN_CALLBACK: this._oidcCallback.bind(
+          REQUEST_TOKEN_CALLBACK: this._oidcCallback.bind(
+            this,
+            'oidc:REQUEST_TOKEN_CALLBACK'
+          ),
+          REFRESH_TOKEN_CALLBACK: this._oidcCallback.bind(
             this,
-            'oidc:OIDC_HUMAN_CALLBACK'
+            'oidc:REFRESH_TOKEN_CALLBACK'
           ),
         },
       },
@@ -280,12 +290,13 @@ export class StateShareClient extends RpcClient {
 
   private async _oidcCallback(
     method: string,
-    params: OIDCCallbackParams
+    info: IdPServerInfo,
+    _context: OIDCCallbackContext
   ): Promise<IdPServerResponse> {
     const timeoutContextId = (await promisify(crypto.randomBytes)(16)).toString(
       'base64'
     );
-    const { timeoutContext, ...callbackParams } = params;
+    const { timeoutContext, ...context } = _context;
     const abort = async () => {
       await this.makeRpcCall({
         method: 'oidc:_abort',
@@ -297,7 +308,8 @@ export class StateShareClient extends RpcClient {
       const { result } = await this.makeRpcCall({
         method,
         timeoutContextId,
-        callbackParams,
+        context,
+        info,
       });
       return result as IdPServerResponse;
     } finally {
