chore: make prepare() async

Author: baileympearson

src/cmap/auth/auth_provider.ts

@@ -45,12 +45,12 @@ export class AuthProvider {
    * @param handshakeDoc - The document used for the initial handshake on a connection
    * @param authContext - Context for authentication flow
    */
-  prepare(
+  async prepare(
     handshakeDoc: HandshakeDocument,
-    authContext: AuthContext,
-    callback: Callback<HandshakeDocument>
-  ): void {
-    callback(undefined, handshakeDoc);
+    /* eslint @typescript-eslint/no-unused-vars : 0 */
+    authContext: AuthContext
+  ): Promise<HandshakeDocument> {
+    return handshakeDoc;
   }
 
   /**

src/cmap/auth/mongodb_oidc.ts

@@ -106,37 +106,24 @@ export class MongoDBOIDC extends AuthProvider {
   /**
    * Add the speculative auth for the initial handshake.
    */
-  override prepare(
+  override async prepare(
     handshakeDoc: HandshakeDocument,
-    authContext: AuthContext,
-    callback: Callback<HandshakeDocument>
-  ): void {
+    authContext: AuthContext
+  ): Promise<HandshakeDocument> {
     const { credentials } = authContext;
 
     if (!credentials) {
-      return callback(new MongoMissingCredentialsError('AuthContext must provide credentials.'));
+      throw new MongoMissingCredentialsError('AuthContext must provide credentials.');
     }
 
-    getWorkflow(credentials, (error, workflow) => {
-      if (error) {
-        return callback(error);
-      }
-      if (!workflow) {
-        return callback(
-          new MongoRuntimeError(
-            `Could not load workflow for provider ${credentials.mechanismProperties.PROVIDER_NAME}`
-          )
-        );
-      }
-      workflow.speculativeAuth().then(
-        result => {
-          return callback(undefined, { ...handshakeDoc, ...result });
-        },
-        error => {
-          callback(error);
-        }
+    const workflow = getWorkflow(credentials);
+    if (!workflow) {
+      throw new MongoRuntimeError(
+        `Could not load workflow for provider ${credentials.mechanismProperties.PROVIDER_NAME}`
       );
-    });
+    }
+    const result = await workflow.speculativeAuth();
+    return { ...handshakeDoc, ...result };
   }
 }
 

src/cmap/auth/scram.ts

@@ -1,4 +1,5 @@
 import * as crypto from 'crypto';
+import { promisify } from 'util';
 
 import { Binary, Document } from '../../bson';
 import { saslprep } from '../../deps';
@@ -19,37 +20,37 @@ type CryptoMethod = 'sha1' | 'sha256';
 
 class ScramSHA extends AuthProvider {
   cryptoMethod: CryptoMethod;
+  randomBytesAsync: (size: number) => Promise<Buffer>;
   constructor(cryptoMethod: CryptoMethod) {
     super();
     this.cryptoMethod = cryptoMethod || 'sha1';
+    this.randomBytesAsync = promisify(crypto.randomBytes);
   }
 
-  override prepare(handshakeDoc: HandshakeDocument, authContext: AuthContext, callback: Callback) {
+  override async prepare(
+    handshakeDoc: HandshakeDocument,
+    authContext: AuthContext
+  ): Promise<HandshakeDocument> {
     const cryptoMethod = this.cryptoMethod;
     const credentials = authContext.credentials;
     if (!credentials) {
-      return callback(new MongoMissingCredentialsError('AuthContext must provide credentials.'));
+      throw new MongoMissingCredentialsError('AuthContext must provide credentials.');
     }
     if (cryptoMethod === 'sha256' && saslprep == null) {
       emitWarning('Warning: no saslprep library specified. Passwords will not be sanitized');
     }
 
-    crypto.randomBytes(24, (err, nonce) => {
-      if (err) {
-        return callback(err);
-      }
+    const nonce = await this.randomBytesAsync(24);
+    // store the nonce for later use
+    Object.assign(authContext, { nonce });
 
-      // store the nonce for later use
-      Object.assign(authContext, { nonce });
-
-      const request = Object.assign({}, handshakeDoc, {
-        speculativeAuthenticate: Object.assign(makeFirstMessage(cryptoMethod, credentials, nonce), {
-          db: credentials.source
-        })
-      });
-
-      callback(undefined, request);
+    const request = Object.assign({}, handshakeDoc, {
+      speculativeAuthenticate: Object.assign(makeFirstMessage(cryptoMethod, credentials, nonce), {
+        db: credentials.source
+      })
     });
+
+    return request;
   }
 
   override auth(authContext: AuthContext, callback: Callback) {

src/cmap/auth/x509.ts

@@ -6,20 +6,19 @@ import { AuthContext, AuthProvider } from './auth_provider';
 import type { MongoCredentials } from './mongo_credentials';
 
 export class X509 extends AuthProvider {
-  override prepare(
+  override async prepare(
     handshakeDoc: HandshakeDocument,
-    authContext: AuthContext,
-    callback: Callback
-  ): void {
+    authContext: AuthContext
+  ): Promise<HandshakeDocument> {
     const { credentials } = authContext;
     if (!credentials) {
-      return callback(new MongoMissingCredentialsError('AuthContext must provide credentials.'));
+      throw new MongoMissingCredentialsError('AuthContext must provide credentials.');
     }
     Object.assign(handshakeDoc, {
       speculativeAuthenticate: x509AuthenticateCommand(credentials)
     });
 
-    callback(undefined, handshakeDoc);
+    return handshakeDoc;
   }
 
   override auth(authContext: AuthContext, callback: Callback): void {

src/cmap/connect.ts

@@ -119,93 +119,92 @@ function performInitialHandshake(
 
   const authContext = new AuthContext(conn, credentials, options);
   conn.authContext = authContext;
-  prepareHandshakeDocument(authContext, (err, handshakeDoc) => {
-    if (err || !handshakeDoc) {
-      return callback(err);
-    }
-
-    const handshakeOptions: Document = Object.assign({}, options);
-    if (typeof options.connectTimeoutMS === 'number') {
-      // The handshake technically is a monitoring check, so its socket timeout should be connectTimeoutMS
-      handshakeOptions.socketTimeoutMS = options.connectTimeoutMS;
-    }
-
-    const start = new Date().getTime();
-    conn.command(ns('admin.$cmd'), handshakeDoc, handshakeOptions, (err, response) => {
-      if (err) {
-        callback(err);
-        return;
+  prepareHandshakeDocument(authContext).then(
+    handshakeDoc => {
+      const handshakeOptions: Document = Object.assign({}, options);
+      if (typeof options.connectTimeoutMS === 'number') {
+        // The handshake technically is a monitoring check, so its socket timeout should be connectTimeoutMS
+        handshakeOptions.socketTimeoutMS = options.connectTimeoutMS;
       }
 
-      if (response?.ok === 0) {
-        callback(new MongoServerError(response));
-        return;
-      }
+      const start = new Date().getTime();
+      conn.command(ns('admin.$cmd'), handshakeDoc, handshakeOptions, (err, response) => {
+        if (err) {
+          callback(err);
+          return;
+        }
 
-      if (!('isWritablePrimary' in response)) {
-        // Provide hello-style response document.
-        response.isWritablePrimary = response[LEGACY_HELLO_COMMAND];
-      }
+        if (response?.ok === 0) {
+          callback(new MongoServerError(response));
+          return;
+        }
 
-      if (response.helloOk) {
-        conn.helloOk = true;
-      }
+        if (!('isWritablePrimary' in response)) {
+          // Provide hello-style response document.
+          response.isWritablePrimary = response[LEGACY_HELLO_COMMAND];
+        }
 
-      const supportedServerErr = checkSupportedServer(response, options);
-      if (supportedServerErr) {
-        callback(supportedServerErr);
-        return;
-      }
+        if (response.helloOk) {
+          conn.helloOk = true;
+        }
 
-      if (options.loadBalanced) {
-        if (!response.serviceId) {
-          return callback(
-            new MongoCompatibilityError(
-              'Driver attempted to initialize in load balancing mode, ' +
-                'but the server does not support this mode.'
-            )
-          );
+        const supportedServerErr = checkSupportedServer(response, options);
+        if (supportedServerErr) {
+          callback(supportedServerErr);
+          return;
         }
-      }
 
-      // NOTE: This is metadata attached to the connection while porting away from
-      //       handshake being done in the `Server` class. Likely, it should be
-      //       relocated, or at very least restructured.
-      conn.hello = response;
-      conn.lastHelloMS = new Date().getTime() - start;
-
-      if (!response.arbiterOnly && credentials) {
-        // store the response on auth context
-        authContext.response = response;
-
-        const resolvedCredentials = credentials.resolveAuthMechanism(response);
-        const provider = AUTH_PROVIDERS.get(resolvedCredentials.mechanism);
-        if (!provider) {
-          return callback(
-            new MongoInvalidArgumentError(
-              `No AuthProvider for ${resolvedCredentials.mechanism} defined.`
-            )
-          );
+        if (options.loadBalanced) {
+          if (!response.serviceId) {
+            return callback(
+              new MongoCompatibilityError(
+                'Driver attempted to initialize in load balancing mode, ' +
+                  'but the server does not support this mode.'
+              )
+            );
+          }
         }
-        provider.auth(authContext, err => {
-          if (err) {
-            if (err instanceof MongoError) {
-              err.addErrorLabel(MongoErrorLabel.HandshakeError);
-              if (needsRetryableWriteLabel(err, response.maxWireVersion)) {
-                err.addErrorLabel(MongoErrorLabel.RetryableWriteError);
+
+        // NOTE: This is metadata attached to the connection while porting away from
+        //       handshake being done in the `Server` class. Likely, it should be
+        //       relocated, or at very least restructured.
+        conn.hello = response;
+        conn.lastHelloMS = new Date().getTime() - start;
+
+        if (!response.arbiterOnly && credentials) {
+          // store the response on auth context
+          authContext.response = response;
+
+          const resolvedCredentials = credentials.resolveAuthMechanism(response);
+          const provider = AUTH_PROVIDERS.get(resolvedCredentials.mechanism);
+          if (!provider) {
+            return callback(
+              new MongoInvalidArgumentError(
+                `No AuthProvider for ${resolvedCredentials.mechanism} defined.`
+              )
+            );
+          }
+          provider.auth(authContext, err => {
+            if (err) {
+              if (err instanceof MongoError) {
+                err.addErrorLabel(MongoErrorLabel.HandshakeError);
+                if (needsRetryableWriteLabel(err, response.maxWireVersion)) {
+                  err.addErrorLabel(MongoErrorLabel.RetryableWriteError);
+                }
               }
+              return callback(err);
             }
-            return callback(err);
-          }
-          callback(undefined, conn);
-        });
+            callback(undefined, conn);
+          });
 
-        return;
-      }
+          return;
+        }
 
-      callback(undefined, conn);
-    });
-  });
+        callback(undefined, conn);
+      });
+    },
+    error => callback(error)
+  );
 }
 
 export interface HandshakeDocument extends Document {
@@ -226,10 +225,9 @@ export interface HandshakeDocument extends Document {
  *
  * This function is only exposed for testing purposes.
  */
-export function prepareHandshakeDocument(
-  authContext: AuthContext,
-  callback: Callback<HandshakeDocument>
-) {
+export async function prepareHandshakeDocument(
+  authContext: AuthContext
+): Promise<HandshakeDocument> {
   const options = authContext.options;
   const compressors = options.compressors ? options.compressors : [];
   const { serverApi } = authContext.connection;
@@ -253,23 +251,19 @@ export function prepareHandshakeDocument(
       const provider = AUTH_PROVIDERS.get(AuthMechanism.MONGODB_SCRAM_SHA256);
       if (!provider) {
         // This auth mechanism is always present.
-        return callback(
-          new MongoInvalidArgumentError(
-            `No AuthProvider for ${AuthMechanism.MONGODB_SCRAM_SHA256} defined.`
-          )
+        throw new MongoInvalidArgumentError(
+          `No AuthProvider for ${AuthMechanism.MONGODB_SCRAM_SHA256} defined.`
         );
       }
-      return provider.prepare(handshakeDoc, authContext, callback);
+      return provider.prepare(handshakeDoc, authContext);
     }
     const provider = AUTH_PROVIDERS.get(credentials.mechanism);
     if (!provider) {
-      return callback(
-        new MongoInvalidArgumentError(`No AuthProvider for ${credentials.mechanism} defined.`)
-      );
+      throw new MongoInvalidArgumentError(`No AuthProvider for ${credentials.mechanism} defined.`);
     }
-    return provider.prepare(handshakeDoc, authContext, callback);
+    return provider.prepare(handshakeDoc, authContext);
   }
-  callback(undefined, handshakeDoc);
+  return handshakeDoc;
 }
 
 /** @public */

test/tools/uri_spec_runner.ts

@@ -24,7 +24,6 @@ interface UriTest extends UriTestBase {
   };
   options: Record<string, any>;
 }
-
 interface AuthTest extends UriTestBase {
   credential: {
     username: string;

test/unit/cmap/connect.test.ts

@@ -12,7 +12,7 @@ import {
   LEGACY_HELLO_COMMAND,
   MongoCredentials,
   MongoNetworkError,
-  prepareHandshakeDocument as prepareHandshakeDocumentCb
+  prepareHandshakeDocument
 } from '../../mongodb';
 import { genClusterTime } from '../../tools/common';
 import * as mock from '../../tools/mongodb-mock/index';
@@ -206,8 +206,6 @@ describe('Connect Tests', function () {
   });
 
   context('prepareHandshakeDocument', () => {
-    const prepareHandshakeDocument = promisify(prepareHandshakeDocumentCb);
-
     context('when serverApi.version is present', () => {
       const options = {};
       const authContext = {