db/mongodb: allow implying many params

author: Mike Crute <mike@crute.us> 2022-05-22 00:59:40 -0700
committer: Mike Crute <mike@crute.us> 2022-05-22 00:59:40 -0700
commit: d25729cef991e6136eede4931e3d46a76d473391 (patch)
tree: 3bf92d4f5160f21eb524b84885690bc4fd0ef6f9
parent: 133e0f14fb906f8acac6cf05e7fe7f9ed45aa8b5 (diff)
download: golib-d25729cef991e6136eede4931e3d46a76d473391.tar.bz2
golib-d25729cef991e6136eede4931e3d46a76d473391.tar.xz
golib-d25729cef991e6136eede4931e3d46a76d473391.zip
1 files changed, 31 insertions, 3 deletions
diff --git a/db/mongodb/client.go b/db/mongodb/client.go
index c423d99..1f3815d 100644
--- a/db/mongodb/client.go
+++ b/db/mongodb/client.go
@@ -3,7 +3,9 @@ package mongodb
 import (
        "context"
        "fmt"
+        "net"
        "net/url"
+        "strings"
        "go.mongodb.org/mongo-driver/bson"
        "go.mongodb.org/mongo-driver/mongo"
@@ -24,20 +26,46 @@ type Mongo struct {
        db     *mongo.Database
 }
-func Connect(ctx context.Context, uri, materialSet string, vc vault.VaultClient) (*Mongo, error) {
+func Connect(ctx context.Context, uri string, vc vault.VaultClient) (*Mongo, error) {
        db := &Mongo{}
-        cred, err := vc.DbCredential(ctx, materialSet)
+        // Prefix uri with mongodb:// unless it already includes one of the
+        // standard prefixes (only these two are valid). Otherwise if scheme is
+        // omitted then url parsing will fail to capture the username for Vault
+        // lookup.
+        if !strings.HasPrefix(uri, "mongodb://") && !strings.HasPrefix(uri, "mongodb+srv://") {
+                uri = "mongodb://" + uri
+        }
+        u, err := url.Parse(uri)
        if err != nil {
                return nil, err
        }
-        u, err := url.Parse(uri)
+        // The username provided by the user (there should be no
+        // password) will be a reference to a vault material with the
+        // prefix database/creds/. This needs to be replaced with the real
+        // username/password pair fetched from Vault before attempting to
+        // connect.
+        cred, err := vc.DbCredential(ctx, u.User.Username())
        if err != nil {
                return nil, err
        }
        u.User = url.UserPassword(cred.Username, cred.Password)
+        // User may imply the default port
+        if u.Port() == "" {
+                u.Host = net.JoinHostPort(u.Host, "27017")
+        }
+        // Users should generally authenticate against the admin collection so
+        // they should only specify it if they need to override that.
+        if u.Query().Get("authSource") == "" {
+                pq := u.Query()
+                pq.Add("authSource", "admin")
+                u.RawQuery = pq.Encode()
+        }
        cs, err := connstring.ParseAndValidate(u.String())
        if err != nil {
                return nil, err
author	Mike Crute <mike@crute.us>	2022-05-22 00:59:40 -0700
committer	Mike Crute <mike@crute.us>	2022-05-22 00:59:40 -0700
commit	d25729cef991e6136eede4931e3d46a76d473391 (patch)
tree	3bf92d4f5160f21eb524b84885690bc4fd0ef6f9
parent	133e0f14fb906f8acac6cf05e7fe7f9ed45aa8b5 (diff)
download	golib-d25729cef991e6136eede4931e3d46a76d473391.tar.bz2 golib-d25729cef991e6136eede4931e3d46a76d473391.tar.xz golib-d25729cef991e6136eede4931e3d46a76d473391.zip

diff --git a/db/mongodb/client.go b/db/mongodb/client.go index c423d99..1f3815d 100644 --- a/db/mongodb/client.go +++ b/db/mongodb/client.go
@@ -3,7 +3,9 @@ package mongodb
3	import (	3	import (
4	"context"	4	"context"
5	"fmt"	5	"fmt"
		6	"net"
6	"net/url"	7	"net/url"
		8	"strings"
7		9
8	"go.mongodb.org/mongo-driver/bson"	10	"go.mongodb.org/mongo-driver/bson"
9	"go.mongodb.org/mongo-driver/mongo"	11	"go.mongodb.org/mongo-driver/mongo"
@@ -24,20 +26,46 @@ type Mongo struct {
24	db *mongo.Database	26	db *mongo.Database
25	}	27	}
26		28
27	func Connect(ctx context.Context, uri, materialSet string, vc vault.VaultClient) (*Mongo, error) {	29	func Connect(ctx context.Context, uri string, vc vault.VaultClient) (*Mongo, error) {
28	db := &Mongo{}	30	db := &Mongo{}
29		31
30	cred, err := vc.DbCredential(ctx, materialSet)	32	// Prefix uri with mongodb:// unless it already includes one of the
		33	// standard prefixes (only these two are valid). Otherwise if scheme is
		34	// omitted then url parsing will fail to capture the username for Vault
		35	// lookup.
		36	if !strings.HasPrefix(uri, "mongodb://") && !strings.HasPrefix(uri, "mongodb+srv://") {
		37	uri = "mongodb://" + uri
		38	}
		39
		40	u, err := url.Parse(uri)
31	if err != nil {	41	if err != nil {
32	return nil, err	42	return nil, err
33	}	43	}
34		44
35	u, err := url.Parse(uri)	45	// The username provided by the user (there should be no
		46	// password) will be a reference to a vault material with the
		47	// prefix database/creds/. This needs to be replaced with the real
		48	// username/password pair fetched from Vault before attempting to
		49	// connect.
		50	cred, err := vc.DbCredential(ctx, u.User.Username())
36	if err != nil {	51	if err != nil {
37	return nil, err	52	return nil, err
38	}	53	}
39	u.User = url.UserPassword(cred.Username, cred.Password)	54	u.User = url.UserPassword(cred.Username, cred.Password)
40		55
		56	// User may imply the default port
		57	if u.Port() == "" {
		58	u.Host = net.JoinHostPort(u.Host, "27017")
		59	}
		60
		61	// Users should generally authenticate against the admin collection so
		62	// they should only specify it if they need to override that.
		63	if u.Query().Get("authSource") == "" {
		64	pq := u.Query()
		65	pq.Add("authSource", "admin")
		66	u.RawQuery = pq.Encode()
		67	}
		68
41	cs, err := connstring.ParseAndValidate(u.String())	69	cs, err := connstring.ParseAndValidate(u.String())
42	if err != nil {	70	if err != nil {
43	return nil, err	71	return nil, err