MCPcopy
hub / github.com/mongodb/node-mongodb-native / makeKerberosClient

Function makeKerberosClient

src/cmap/auth/gssapi.ts:71–110  ·  view source on GitHub ↗
({
  options: {
    hostAddress,
    runtime: { os }
  },
  credentials
}: AuthContext)

Source from the content-addressed store, hash-verified

69}
70
71async function makeKerberosClient({
72 options: {
73 hostAddress,
74 runtime: { os }
75 },
76 credentials
77}: AuthContext): Promise<KerberosClient> {
78 if (!hostAddress || typeof hostAddress.host !== 'string' || !credentials) {
79 throw new MongoInvalidArgumentError(
80 'Connection must have host and port and credentials defined.'
81 );
82 }
83
84 loadKrb();
85 if ('kModuleError' in krb) {
86 throw krb['kModuleError'];
87 }
88 const { initializeClient } = krb;
89
90 const { username, password } = credentials;
91 const mechanismProperties = credentials.mechanismProperties as MechanismProperties;
92
93 const serviceName = mechanismProperties.SERVICE_NAME ?? 'mongodb';
94
95 const host = await performGSSAPICanonicalizeHostName(hostAddress.host, mechanismProperties);
96
97 const initOptions = {};
98 if (password != null) {
99 // TODO(NODE-5139): These do not match the typescript options in initializeClient
100 Object.assign(initOptions, { user: username, password: password });
101 }
102
103 const spnHost = mechanismProperties.SERVICE_HOST ?? host;
104 let spn = `${serviceName}${os.platform() === 'win32' ? '/' : '@'}${spnHost}`;
105 if ('SERVICE_REALM' in mechanismProperties) {
106 spn = `${spn}@${mechanismProperties.SERVICE_REALM}`;
107 }
108
109 return await initializeClient(spn, initOptions);
110}
111
112function saslStart(payload: string) {
113 return {

Callers 1

authMethod · 0.85

Calls 2

loadKrbFunction · 0.85

Tested by

no test coverage detected