Add CSOT to field Encryption/Decryption. (#1308)

JAVA-4055

Author: vbabanin

driver-core/src/main/com/mongodb/ClientEncryptionSettings.java

@@ -17,14 +17,18 @@
 package com.mongodb;
 
 import com.mongodb.annotations.NotThreadSafe;
+import com.mongodb.lang.Nullable;
 
 import javax.net.ssl.SSLContext;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.concurrent.TimeUnit;
 import java.util.function.Supplier;
 
+import static com.mongodb.assertions.Assertions.isTrueArgument;
 import static com.mongodb.assertions.Assertions.notNull;
 import static java.util.Collections.unmodifiableMap;
+import static java.util.concurrent.TimeUnit.MILLISECONDS;
 
 /**
  * The client-side settings for data key creation and explicit encryption.
@@ -42,6 +46,8 @@ public final class ClientEncryptionSettings {
     private final Map<String, Map<String, Object>> kmsProviders;
     private final Map<String, Supplier<Map<String, Object>>> kmsProviderPropertySuppliers;
     private final Map<String, SSLContext> kmsProviderSslContextMap;
+    @Nullable
+    private final Long timeoutMS;
     /**
      * A builder for {@code ClientEncryptionSettings} so that {@code ClientEncryptionSettings} can be immutable, and to support easier
      * construction through chaining.
@@ -53,6 +59,8 @@ public static final class Builder {
         private Map<String, Map<String, Object>> kmsProviders;
         private Map<String, Supplier<Map<String, Object>>> kmsProviderPropertySuppliers = new HashMap<>();
         private Map<String, SSLContext> kmsProviderSslContextMap = new HashMap<>();
+        @Nullable
+        private Long timeoutMS;
 
         /**
          * Sets the {@link MongoClientSettings} that will be used to access the key vault.
@@ -120,6 +128,43 @@ public Builder kmsProviderSslContextMap(final Map<String, SSLContext> kmsProvide
             return this;
         }
 
+        /**
+         * Sets the time limit for the full execution of an operation.
+         *
+         * <ul>
+         *   <li>{@code null} means that the timeout mechanism for operations will defer to using:
+         *    <ul>
+         *        <li>{@code waitQueueTimeoutMS}: The maximum wait time in milliseconds that a thread may wait for a connection to become
+         *        available</li>
+         *        <li>{@code socketTimeoutMS}: How long a send or receive on a socket can take before timing out.</li>
+         *        <li>{@code wTimeoutMS}: How long the server will wait for the write concern to be fulfilled before timing out.</li>
+         *        <li>{@code maxTimeMS}: The cumulative time limit for processing operations on a cursor.
+         *        See: <a href="https://docs.mongodb.com/manual/reference/method/cursor.maxTimeMS">cursor.maxTimeMS</a>.</li>
+         *        <li>{@code maxCommitTimeMS}: The maximum amount of time to allow a single {@code commitTransaction} command to execute.
+         *        See: {@link TransactionOptions#getMaxCommitTime}.</li>
+         *   </ul>
+         *   </li>
+         *   <li>{@code 0} means infinite timeout.</li>
+         *    <li>{@code > 0} The time limit to use for the full execution of an operation.</li>
+         * </ul>
+         *
+         * <p><strong>Note:</strong> The timeout set through this method overrides the timeout defined in the key vault client settings
+         * specified in {@link #keyVaultMongoClientSettings(MongoClientSettings)}.
+         * Essentially, for operations that require accessing the key vault, the remaining timeout from the initial operation
+         * determines the duration allowed for key vault access.</p>
+         *
+         * @param timeout the timeout
+         * @param timeUnit the time unit
+         * @return this
+         * @since CSOT
+         * @see #getTimeout
+         */
+        public ClientEncryptionSettings.Builder timeout(final long timeout, final TimeUnit timeUnit) {
+            isTrueArgument("timeoutMS must be >= 0", timeout >= 0);
+            this.timeoutMS = MILLISECONDS.convert(timeout, timeUnit);
+            return this;
+        }
+
         /**
          * Build an instance of {@code ClientEncryptionSettings}.
          *
@@ -253,12 +298,45 @@ public Map<String, SSLContext> getKmsProviderSslContextMap() {
         return unmodifiableMap(kmsProviderSslContextMap);
     }
 
+    /**
+     * The time limit for the full execution of an operation.
+     *
+     * <p>If set the following deprecated options will be ignored:
+     * {@code waitQueueTimeoutMS}, {@code socketTimeoutMS}, {@code wTimeoutMS}, {@code maxTimeMS} and {@code maxCommitTimeMS}</p>
+     *
+     * <ul>
+     *   <li>{@code null} means that the timeout mechanism for operations will defer to using:
+     *    <ul>
+     *        <li>{@code waitQueueTimeoutMS}: The maximum wait time in milliseconds that a thread may wait for a connection to become
+     *        available</li>
+     *        <li>{@code socketTimeoutMS}: How long a send or receive on a socket can take before timing out.</li>
+     *        <li>{@code wTimeoutMS}: How long the server will wait for the write concern to be fulfilled before timing out.</li>
+     *        <li>{@code maxTimeMS}: The cumulative time limit for processing operations on a cursor.
+     *        See: <a href="https://docs.mongodb.com/manual/reference/method/cursor.maxTimeMS">cursor.maxTimeMS</a>.</li>
+     *        <li>{@code maxCommitTimeMS}: The maximum amount of time to allow a single {@code commitTransaction} command to execute.
+     *        See: {@link TransactionOptions#getMaxCommitTime}.</li>
+     *   </ul>
+     *   </li>
+     *   <li>{@code 0} means infinite timeout.</li>
+     *    <li>{@code > 0} The time limit to use for the full execution of an operation.</li>
+     * </ul>
+     *
+     * @param timeUnit the time unit
+     * @return the timeout in the given time unit
+     * @since CSOT
+     */
+    @Nullable
+    public Long getTimeout(final TimeUnit timeUnit) {
+        return timeoutMS == null ? null : timeUnit.convert(timeoutMS, MILLISECONDS);
+    }
+
     private ClientEncryptionSettings(final Builder builder) {
         this.keyVaultMongoClientSettings = notNull("keyVaultMongoClientSettings", builder.keyVaultMongoClientSettings);
         this.keyVaultNamespace = notNull("keyVaultNamespace", builder.keyVaultNamespace);
         this.kmsProviders = notNull("kmsProviders", builder.kmsProviders);
         this.kmsProviderPropertySuppliers = notNull("kmsProviderPropertySuppliers", builder.kmsProviderPropertySuppliers);
         this.kmsProviderSslContextMap = notNull("kmsProviderSslContextMap", builder.kmsProviderSslContextMap);
+        timeoutMS = builder.timeoutMS;
     }
 
 }

driver-core/src/main/com/mongodb/internal/TimeoutContext.java

@@ -51,10 +51,14 @@ public static MongoOperationTimeoutException createMongoTimeoutException(final S
     }
 
     public static MongoOperationTimeoutException createMongoTimeoutException(final Throwable cause) {
+        return createMongoTimeoutException("Operation timed out: " + cause.getMessage(), cause);
+    }
+
+    public static MongoOperationTimeoutException createMongoTimeoutException(final String message, final Throwable cause) {
         if (cause instanceof MongoOperationTimeoutException) {
             return (MongoOperationTimeoutException) cause;
         }
-        return new MongoOperationTimeoutException("Operation timed out: " + cause.getMessage(), cause);
+        return new MongoOperationTimeoutException(message, cause);
     }
 
     public static TimeoutContext createMaintenanceTimeoutContext(final TimeoutSettings timeoutSettings) {
@@ -65,6 +69,10 @@ public TimeoutContext(final TimeoutSettings timeoutSettings) {
         this(false, timeoutSettings, calculateTimeout(timeoutSettings.getTimeoutMS()));
     }
 
+    public TimeoutContext(final TimeoutSettings timeoutSettings, @Nullable final Timeout timeout) {
+        this(false, timeoutSettings, timeout);
+    }
+
     TimeoutContext(final boolean isMaintenanceContext, final TimeoutSettings timeoutSettings, @Nullable final Timeout timeout) {
         this.isMaintenanceContext = isMaintenanceContext;
         this.timeoutSettings = timeoutSettings;
@@ -271,4 +279,9 @@ public Timeout startWaitQueueTimeout(final StartTime checkoutStart) {
     public int getConnectTimeoutMs() {
         return (int) getTimeoutSettings().getConnectTimeoutMS();
     }
+
+    @Nullable
+    public Timeout getTimeout() {
+        return timeout;
+    }
 }

driver-core/src/main/com/mongodb/internal/connection/OperationContext.java

@@ -43,11 +43,6 @@ public OperationContext(final RequestContext requestContext, final SessionContex
         this(NEXT_ID.incrementAndGet(), requestContext, sessionContext, timeoutContext, serverApi);
     }
 
-    public static OperationContext todoOperationContext() {
-        // TODO (CSOT) - JAVA-4055 : should be removed during crypt work
-        return simpleOperationContext(TimeoutSettings.DEFAULT, null);
-    }
-
     public static OperationContext simpleOperationContext(
             final TimeoutSettings timeoutSettings, @Nullable final ServerApi serverApi) {
         return new OperationContext(
@@ -57,6 +52,14 @@ public static OperationContext simpleOperationContext(
                 serverApi);
     }
 
+    public static OperationContext simpleOperationContext(final TimeoutContext timeoutContext) {
+        return new OperationContext(
+                IgnorableRequestContext.INSTANCE,
+                NoOpSessionContext.INSTANCE,
+                timeoutContext,
+                null);
+    }
+
     public OperationContext withSessionContext(final SessionContext sessionContext) {
         return new OperationContext(id, requestContext, sessionContext, timeoutContext, serverApi);
     }

driver-core/src/test/functional/com/mongodb/client/CommandMonitoringTestHelper.java

@@ -29,6 +29,7 @@
 import org.bson.BsonInt32;
 import org.bson.BsonInt64;
 import org.bson.BsonString;
+import org.bson.BsonType;
 import org.bson.BsonValue;
 import org.bson.codecs.BsonDocumentCodec;
 import org.bson.codecs.BsonValueCodecProvider;
@@ -224,25 +225,33 @@ private static CommandSucceededEvent massageActualCommandSucceededEvent(final Co
     private static CommandStartedEvent massageActualCommandStartedEvent(final CommandStartedEvent event,
                                                                         @Nullable final Map<String, BsonDocument> lsidMap,
                                                                         final CommandStartedEvent expectedCommandStartedEvent) {
-        BsonDocument command = getWritableCloneOfCommand(event.getCommand());
+        BsonDocument actualCommand = getWritableCloneOfCommand(event.getCommand());
+        BsonDocument expectedCommand = expectedCommandStartedEvent.getCommand();
 
-        massageCommand(event, command);
+        massageCommand(event, actualCommand);
 
-        if (command.containsKey("readConcern") && (command.getDocument("readConcern").containsKey("afterClusterTime"))) {
-            command.getDocument("readConcern").put("afterClusterTime", new BsonInt32(42));
+        if (actualCommand.containsKey("readConcern") && (actualCommand.getDocument("readConcern").containsKey("afterClusterTime"))) {
+            actualCommand.getDocument("readConcern").put("afterClusterTime", new BsonInt32(42));
         }
-        // Tests expect maxTimeMS to be int32, but Java API requires maxTime to be a long.  This massage seems preferable to casting
-        if (command.containsKey("maxTimeMS")) {
-            command.put("maxTimeMS", new BsonInt32(command.getNumber("maxTimeMS").intValue()));
+        if (actualCommand.containsKey("maxTimeMS")  && !isExpectedMaxTimeMsLong(expectedCommand)) {
+            // Some tests expect maxTimeMS to be int32, but Java API requires maxTime to be a long.  This massage seems preferable to casting
+            actualCommand.put("maxTimeMS", new BsonInt32(actualCommand.getNumber("maxTimeMS").intValue()));
         }
         // Tests do not expect the "ns" field in a result after running createIndex.
-        if (command.containsKey("createIndexes") && command.containsKey("indexes")) {
-            massageCommandIndexes(command.getArray("indexes"));
+        if (actualCommand.containsKey("createIndexes") && actualCommand.containsKey("indexes")) {
+            massageCommandIndexes(actualCommand.getArray("indexes"));
         }
-        massageActualCommand(command, expectedCommandStartedEvent.getCommand());
+        massageActualCommand(actualCommand, expectedCommand);
 
         return new CommandStartedEvent(event.getRequestContext(), event.getOperationId(), event.getRequestId(),
-                event.getConnectionDescription(), event.getDatabaseName(), event.getCommandName(), command);
+                event.getConnectionDescription(), event.getDatabaseName(), event.getCommandName(), actualCommand);
+    }
+
+    private static boolean isExpectedMaxTimeMsLong(final BsonDocument expectedCommand) {
+        if (expectedCommand.containsKey("maxTimeMS")) {
+            return expectedCommand.get("maxTimeMS").getBsonType() == BsonType.INT64;
+        }
+        return false;
     }
 
     private static void massageCommandIndexes(final BsonArray indexes) {

driver-core/src/test/functional/com/mongodb/client/CrudTestHelper.java

@@ -21,7 +21,10 @@
 import org.bson.BsonType;
 import org.bson.BsonValue;
 
-import static org.junit.Assert.assertEquals;
+import java.util.List;
+import java.util.stream.Collectors;
+
+import static java.util.Collections.singletonList;
 
 public final class CrudTestHelper {
 
@@ -32,15 +35,12 @@ public static void replaceTypeAssertionWithActual(final BsonDocument expected, f
                 BsonDocument valueDocument = value.asDocument();
                 BsonValue actualValue = actual.get(key);
                 if (valueDocument.size() == 1 && valueDocument.getFirstKey().equals("$$type")) {
-                    String type = valueDocument.getString("$$type").getValue();
-                    if (type.equals("binData")) {
-                        assertEquals(BsonType.BINARY, actualValue.getBsonType());
-                        expected.put(key, actualValue);
-                    } else if (type.equals("long")) {
-                        assertEquals(BsonType.INT64, actualValue.getBsonType());
+                    List<String> types = getExpectedTypes(valueDocument.get("$$type"));
+                    String actualType = asTypeString(actualValue.getBsonType());
+                    if (types.contains(actualType)) {
                         expected.put(key, actualValue);
                     } else {
-                        throw new UnsupportedOperationException("Unsupported type: " + type);
+                        throw new UnsupportedOperationException("Unsupported type: " + actualValue);
                     }
                 } else if (actualValue != null && actualValue.isDocument()) {
                     replaceTypeAssertionWithActual(valueDocument, actualValue.asDocument());
@@ -53,6 +53,31 @@ public static void replaceTypeAssertionWithActual(final BsonDocument expected, f
         }
     }
 
+    private static String asTypeString(final BsonType bsonType) {
+        switch (bsonType) {
+            case BINARY:
+                return "binData";
+            case INT32:
+                return "int";
+            case INT64:
+                return "long";
+            default:
+                throw new UnsupportedOperationException("Unsupported bson type conversion to string: " + bsonType);
+        }
+    }
+
+    private static List<String> getExpectedTypes(final BsonValue expectedTypes) {
+        List<String> types;
+        if (expectedTypes.isString()) {
+            types = singletonList(expectedTypes.asString().getValue());
+        } else if (expectedTypes.isArray()) {
+            types = expectedTypes.asArray().stream().map(type -> type.asString().getValue()).collect(Collectors.toList());
+        } else {
+            throw new UnsupportedOperationException("Unsupported type for $$type value");
+        }
+        return types;
+    }
+
     private static void replaceTypeAssertionWithActual(final BsonArray expected, final BsonArray actual) {
         for (int i = 0; i < expected.size(); i++) {
             BsonValue value = expected.get(i);
@@ -63,6 +88,7 @@ private static void replaceTypeAssertionWithActual(final BsonArray expected, fin
             }
         }
     }
+
     private CrudTestHelper() {
     }
 

driver-core/src/test/resources/client-side-encryption/legacy/timeoutMS.json

@@ -100,6 +100,7 @@
   "tests": [
     {
       "description": "timeoutMS applied to listCollections to get collection schema",
+      "comment": "Updated timeoutMS and blockTimeMS manually to address race conditions in tests with SSL handshake.",
       "failPoint": {
         "configureFailPoint": "failCommand",
         "mode": {
@@ -110,7 +111,7 @@
             "listCollections"
           ],
           "blockConnection": true,
-          "blockTimeMS": 60
+          "blockTimeMS": 100
         }
       },
       "clientOptions": {
@@ -119,7 +120,7 @@
             "aws": {}
           }
         },
-        "timeoutMS": 50
+        "timeoutMS": 90
       },
       "operations": [
         {

driver-legacy/src/test/functional/com/mongodb/ClientSideEncryptionLegacyTest.java

@@ -47,6 +47,7 @@ protected MongoDatabase getDatabase(final String databaseName) {
 
     @After
     public void cleanUp() {
+        super.cleanUp();
         if (mongoClient != null) {
             mongoClient.close();
         }