CSHARP-4552: Fix speculative authentication. (#1037)

Author: DmitryLukyanov

src/MongoDB.Driver.Core/Core/Connections/BinaryConnection.cs

@@ -267,8 +267,9 @@ private void OpenHelper(CancellationToken cancellationToken)
                 helper.OpeningConnection();
                 _stream = _streamFactory.CreateStream(_endPoint, cancellationToken);
                 helper.InitializingConnection();
-                handshakeDescription = _connectionInitializer.SendHello(this, cancellationToken);
-                _description = _connectionInitializer.Authenticate(this, handshakeDescription, cancellationToken);
+                var connectionInitializerContext = _connectionInitializer.SendHello(this, cancellationToken);
+                handshakeDescription = connectionInitializerContext.Description;
+                _description = _connectionInitializer.Authenticate(this, connectionInitializerContext, cancellationToken);
                 _sendCompressorType = ChooseSendCompressorTypeIfAny(_description);
 
                 helper.OpenedConnection();
@@ -292,8 +293,9 @@ private async Task OpenHelperAsync(CancellationToken cancellationToken)
                 helper.OpeningConnection();
                 _stream = await _streamFactory.CreateStreamAsync(_endPoint, cancellationToken).ConfigureAwait(false);
                 helper.InitializingConnection();
-                handshakeDescription = await _connectionInitializer.SendHelloAsync(this, cancellationToken).ConfigureAwait(false);
-                _description = await _connectionInitializer.AuthenticateAsync(this, handshakeDescription, cancellationToken).ConfigureAwait(false);
+                var connectionInitializerContext = await _connectionInitializer.SendHelloAsync(this, cancellationToken).ConfigureAwait(false);
+                handshakeDescription = connectionInitializerContext.Description;
+                _description = await _connectionInitializer.AuthenticateAsync(this, connectionInitializerContext, cancellationToken).ConfigureAwait(false);
                 _sendCompressorType = ChooseSendCompressorTypeIfAny(_description);
 
                 helper.OpenedConnection();

src/MongoDB.Driver.Core/Core/Connections/ConnectionInitializer.cs

@@ -46,12 +46,13 @@ public ConnectionInitializer(
             _serverApi = serverApi;
         }
 
-        public ConnectionDescription Authenticate(IConnection connection, ConnectionDescription description, CancellationToken cancellationToken)
+        public ConnectionDescription Authenticate(IConnection connection, ConnectionInitializerContext connectionInitializerContext, CancellationToken cancellationToken)
         {
             Ensure.IsNotNull(connection, nameof(connection));
-            Ensure.IsNotNull(description, nameof(description));
+            Ensure.IsNotNull(connectionInitializerContext, nameof(connectionInitializerContext));
+            var authenticators = Ensure.IsNotNull(connectionInitializerContext.Authenticators, nameof(connectionInitializerContext.Authenticators));
+            var description = Ensure.IsNotNull(connectionInitializerContext.Description, nameof(connectionInitializerContext.Description));
 
-            var authenticators = GetAuthenticators(connection.Settings);
             AuthenticationHelper.Authenticate(connection, description, authenticators, cancellationToken);
 
             var connectionIdServerValue = description.HelloResult.ConnectionIdServerValue;
@@ -77,12 +78,13 @@ public ConnectionDescription Authenticate(IConnection connection, ConnectionDesc
             return description;
         }
 
-        public async Task<ConnectionDescription> AuthenticateAsync(IConnection connection, ConnectionDescription description, CancellationToken cancellationToken)
+        public async Task<ConnectionDescription> AuthenticateAsync(IConnection connection, ConnectionInitializerContext connectionInitializerContext, CancellationToken cancellationToken)
         {
             Ensure.IsNotNull(connection, nameof(connection));
-            Ensure.IsNotNull(description, nameof(description));
+            Ensure.IsNotNull(connectionInitializerContext, nameof(connectionInitializerContext));
+            var authenticators = Ensure.IsNotNull(connectionInitializerContext.Authenticators, nameof(connectionInitializerContext.Authenticators));
+            var description = Ensure.IsNotNull(connectionInitializerContext.Description, nameof(connectionInitializerContext.Description));
 
-            var authenticators = GetAuthenticators(connection.Settings);
             await AuthenticationHelper.AuthenticateAsync(connection, description, authenticators, cancellationToken).ConfigureAwait(false);
 
             var connectionIdServerValue = description.HelloResult.ConnectionIdServerValue;
@@ -110,7 +112,7 @@ public async Task<ConnectionDescription> AuthenticateAsync(IConnection connectio
             return description;
         }
 
-        public ConnectionDescription SendHello(IConnection connection, CancellationToken cancellationToken)
+        public ConnectionInitializerContext SendHello(IConnection connection, CancellationToken cancellationToken)
         {
             Ensure.IsNotNull(connection, nameof(connection));
             var authenticators = GetAuthenticators(connection.Settings);
@@ -122,10 +124,10 @@ public ConnectionDescription SendHello(IConnection connection, CancellationToken
                 throw new InvalidOperationException("Driver attempted to initialize in load balancing mode, but the server does not support this mode.");
             }
 
-            return new ConnectionDescription(connection.ConnectionId, helloResult);
+            return new (new ConnectionDescription(connection.ConnectionId, helloResult), authenticators);
         }
 
-        public async Task<ConnectionDescription> SendHelloAsync(IConnection connection, CancellationToken cancellationToken)
+        public async Task<ConnectionInitializerContext> SendHelloAsync(IConnection connection, CancellationToken cancellationToken)
         {
             Ensure.IsNotNull(connection, nameof(connection));
             var authenticators = GetAuthenticators(connection.Settings);
@@ -137,7 +139,7 @@ public async Task<ConnectionDescription> SendHelloAsync(IConnection connection,
                 throw new InvalidOperationException("Driver attempted to initialize in load balancing mode, but the server does not support this mode.");
             }
 
-            return new ConnectionDescription(connection.ConnectionId, helloResult);
+            return new (new ConnectionDescription(connection.ConnectionId, helloResult), authenticators);
         }
 
         // private methods

src/MongoDB.Driver.Core/Core/Connections/IConnectionInitializer.cs

@@ -1,4 +1,4 @@
-/* Copyright 2013-present MongoDB Inc.
+/* Copyright 2010-present MongoDB Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -13,16 +13,31 @@
 * limitations under the License.
 */
 
+using System.Collections.Generic;
 using System.Threading;
 using System.Threading.Tasks;
+using MongoDB.Driver.Core.Authentication;
+using MongoDB.Driver.Core.Misc;
 
 namespace MongoDB.Driver.Core.Connections
 {
+    internal sealed class ConnectionInitializerContext
+    {
+        public ConnectionInitializerContext(ConnectionDescription description, IReadOnlyList<IAuthenticator> authenticators)
+        {
+            Description = Ensure.IsNotNull(description, nameof(description));
+            Authenticators = Ensure.IsNotNull(authenticators, nameof(authenticators));
+        }
+
+        public IReadOnlyList<IAuthenticator> Authenticators { get; }
+        public ConnectionDescription Description { get; }
+    }
+
     internal interface IConnectionInitializer
     {
-        ConnectionDescription Authenticate(IConnection connection, ConnectionDescription description, CancellationToken cancellationToken);
-        Task<ConnectionDescription> AuthenticateAsync(IConnection connection, ConnectionDescription description, CancellationToken cancellationToken);
-        ConnectionDescription SendHello(IConnection connection, CancellationToken cancellationToken);
-        Task<ConnectionDescription> SendHelloAsync(IConnection connection, CancellationToken cancellationToken);
+        ConnectionDescription Authenticate(IConnection connection, ConnectionInitializerContext connectionInitializerContext, CancellationToken cancellationToken);
+        Task<ConnectionDescription> AuthenticateAsync(IConnection connection, ConnectionInitializerContext connectionInitializerContext, CancellationToken cancellationToken);
+        ConnectionInitializerContext SendHello(IConnection connection, CancellationToken cancellationToken);
+        Task<ConnectionInitializerContext> SendHelloAsync(IConnection connection, CancellationToken cancellationToken);
     }
 }

tests/MongoDB.Driver.Core.Tests/Core/Connections/BinaryConnectionTests.cs

@@ -1,4 +1,4 @@
-/* Copyright 2013-present MongoDB Inc.
+/* Copyright 2010-present MongoDB Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
@@ -14,6 +14,7 @@
 */
 
 using System;
+using System.Collections.Generic;
 using System.IO;
 using System.Net;
 using System.Net.Sockets;
@@ -23,6 +24,7 @@
 using MongoDB.Bson;
 using MongoDB.Bson.Serialization.Serializers;
 using MongoDB.TestHelpers.XunitExtensions;
+using MongoDB.Driver.Core.Authentication;
 using MongoDB.Driver.Core.Clusters;
 using MongoDB.Driver.Core.Configuration;
 using MongoDB.Driver.Core.Events;
@@ -32,19 +34,24 @@
 using MongoDB.Driver.Core.TestHelpers.Logging;
 using MongoDB.Driver.Core.WireProtocol.Messages;
 using MongoDB.Driver.Core.WireProtocol.Messages.Encoders;
+using MongoDB.Driver.Core.WireProtocol.Messages.Encoders.BinaryEncoders;
 using Moq;
 using Xunit;
 
 namespace MongoDB.Driver.Core.Connections
 {
     public class BinaryConnectionTests : LoggableTestClass
     {
+        private ConnectionInitializerContext _connectionInitializerContext;
         private Mock<IConnectionInitializer> _mockConnectionInitializer;
         private ConnectionDescription _connectionDescription;
+        private readonly IReadOnlyList<IAuthenticator> __emptyAuthenticators = new IAuthenticator[0];
         private DnsEndPoint _endPoint;
         private EventCapturer _capturedEvents;
         private MessageEncoderSettings _messageEncoderSettings = new MessageEncoderSettings();
         private Mock<IStreamFactory> _mockStreamFactory;
+        private readonly ServerId _serverId;
+
         private BinaryConnection _subject;
 
         public BinaryConnectionTests(Xunit.Abstractions.ITestOutputHelper output) : base(output)
@@ -53,27 +60,28 @@ public BinaryConnectionTests(Xunit.Abstractions.ITestOutputHelper output) : base
             _mockStreamFactory = new Mock<IStreamFactory>();
 
             _endPoint = new DnsEndPoint("localhost", 27017);
-            var serverId = new ServerId(new ClusterId(), _endPoint);
-            var connectionId = new ConnectionId(serverId);
+            _serverId = new ServerId(new ClusterId(), _endPoint);
+            var connectionId = new ConnectionId(_serverId);
             var helloResult = new HelloResult(new BsonDocument { { "ok", 1 }, { "maxMessageSizeBytes", 48000000 }, { "maxWireVersion", WireVersion.Server36 } });
             _connectionDescription = new ConnectionDescription(connectionId, helloResult);
+            _connectionInitializerContext = new ConnectionInitializerContext(_connectionDescription, __emptyAuthenticators);
 
             _mockConnectionInitializer = new Mock<IConnectionInitializer>();
             _mockConnectionInitializer
                 .Setup(i => i.SendHello(It.IsAny<IConnection>(), CancellationToken.None))
-                .Returns(_connectionDescription);
+                .Returns(_connectionInitializerContext);
             _mockConnectionInitializer
-                .Setup(i => i.Authenticate(It.IsAny<IConnection>(), It.IsAny<ConnectionDescription>(), CancellationToken.None))
+                .Setup(i => i.Authenticate(It.IsAny<IConnection>(), It.IsAny<ConnectionInitializerContext>(), CancellationToken.None))
                 .Returns(_connectionDescription);
             _mockConnectionInitializer
                 .Setup(i => i.SendHelloAsync(It.IsAny<IConnection>(), CancellationToken.None))
-                .ReturnsAsync(_connectionDescription);
+                .ReturnsAsync(_connectionInitializerContext);
             _mockConnectionInitializer
-                .Setup(i => i.AuthenticateAsync(It.IsAny<IConnection>(), It.IsAny<ConnectionDescription>(), CancellationToken.None))
+                .Setup(i => i.AuthenticateAsync(It.IsAny<IConnection>(), It.IsAny<ConnectionInitializerContext>(), CancellationToken.None))
                 .ReturnsAsync(_connectionDescription);
 
             _subject = new BinaryConnection(
-                serverId: serverId,
+                serverId: _serverId,
                 endPoint: _endPoint,
                 settings: new ConnectionSettings(),
                 streamFactory: _mockStreamFactory.Object,
@@ -94,8 +102,7 @@ public void Dispose_should_raise_the_correct_events()
 
         [Theory]
         [ParameterAttributeData]
-        public void Open_should_always_create_description_if_handshake_was_successful(
-            [Values(false, true)] bool async)
+        public void Open_should_always_create_description_if_handshake_was_successful([Values(false, true)] bool async)
         {
             var serviceId = ObjectId.GenerateNewId();
             var connectionDescription = new ConnectionDescription(
@@ -105,15 +112,15 @@ public void Open_should_always_create_description_if_handshake_was_successful(
             var socketException = new SocketException();
             _mockConnectionInitializer
                 .Setup(i => i.SendHello(It.IsAny<IConnection>(), CancellationToken.None))
-                .Returns(connectionDescription);
+                .Returns(new ConnectionInitializerContext(connectionDescription, __emptyAuthenticators));
             _mockConnectionInitializer
                 .Setup(i => i.SendHelloAsync(It.IsAny<IConnection>(), CancellationToken.None))
-                .ReturnsAsync(connectionDescription);
+                .ReturnsAsync(new ConnectionInitializerContext(connectionDescription, __emptyAuthenticators));
             _mockConnectionInitializer
-                .Setup(i => i.Authenticate(It.IsAny<IConnection>(), It.IsAny<ConnectionDescription>(), CancellationToken.None))
+                .Setup(i => i.Authenticate(It.IsAny<IConnection>(), It.IsAny<ConnectionInitializerContext>(), CancellationToken.None))
                 .Throws(socketException);
             _mockConnectionInitializer
-                .Setup(i => i.AuthenticateAsync(It.IsAny<IConnection>(), It.IsAny<ConnectionDescription>(), CancellationToken.None))
+                .Setup(i => i.AuthenticateAsync(It.IsAny<IConnection>(), It.IsAny<ConnectionInitializerContext>(), CancellationToken.None))
                 .ThrowsAsync(socketException);
 
             Exception exception;
@@ -131,6 +138,68 @@ public void Open_should_always_create_description_if_handshake_was_successful(
             ex.InnerException.Should().BeOfType<SocketException>();
         }
 
+        [Theory]
+        [ParameterAttributeData]
+        public async Task Open_should_create_authenticators_only_once(
+            [Values(false, true)] bool async)
+        {
+            var connectionDescription = new ConnectionDescription(
+                new ConnectionId(new ServerId(new ClusterId(), _endPoint)),
+                new HelloResult(new BsonDocument()));
+
+            using var memoryStream = new MemoryStream();
+            var clonedMessageEncoderSettings = _messageEncoderSettings.Clone();
+            var encoderFactory = new BinaryMessageEncoderFactory(memoryStream, clonedMessageEncoderSettings, compressorSource: null);
+            var encoder = encoderFactory.GetCommandResponseMessageEncoder();
+            encoder.WriteMessage(CreateResponseMessage());
+            var mockStreamFactory = new Mock<IStreamFactory>();
+            using var stream = new IgnoreWritesMemoryStream(memoryStream.ToArray());
+            mockStreamFactory
+                .Setup(s => s.CreateStream(It.IsAny<EndPoint>(), CancellationToken.None))
+                .Returns(stream);
+            mockStreamFactory
+                .Setup(s => s.CreateStreamAsync(It.IsAny<EndPoint>(), CancellationToken.None))
+                .ReturnsAsync(stream);
+
+            var connectionInitializer = new ConnectionInitializer(
+                null,
+                new CompressorConfiguration[0],
+                new ServerApi(ServerApiVersion.V1)); // use serverApi to choose command message protocol
+            var authenticatorFactoryMock = new Mock<IAuthenticatorFactory>();
+            authenticatorFactoryMock
+                .Setup(a => a.Create())
+                .Returns(Mock.Of<IAuthenticator>(a => a.CustomizeInitialHelloCommand(It.IsAny<BsonDocument>()) == new BsonDocument(OppressiveLanguageConstants.LegacyHelloCommandName, 1)));
+
+            using var subject = new BinaryConnection(
+                serverId: _serverId,
+                endPoint: _endPoint,
+                settings: new ConnectionSettings(new[] { authenticatorFactoryMock.Object }),
+                streamFactory: mockStreamFactory.Object,
+                connectionInitializer: connectionInitializer,
+                eventSubscriber: _capturedEvents,
+                LoggerFactory);
+
+            if (async)
+            {
+                await subject.OpenAsync(CancellationToken.None);
+            }
+            else
+            {
+                subject.Open(CancellationToken.None);
+            }
+
+            authenticatorFactoryMock.Verify(f => f.Create(), Times.Once());
+
+            ResponseMessage CreateResponseMessage()
+            {
+                var section0Document = $"{{ {OppressiveLanguageConstants.LegacyHelloResponseIsWritablePrimaryFieldName} : true, ok : 1, connectionId : 1 }}";
+                var section0 = new Type0CommandMessageSection<RawBsonDocument>(
+                    new RawBsonDocument(BsonDocument.Parse(section0Document).ToBson()),
+                    RawBsonDocumentSerializer.Instance);
+                return new CommandResponseMessage(new CommandMessage(1, RequestMessage.CurrentGlobalRequestId + 1, new[] { section0 }, false));
+            }
+        }
+
         [Theory]
         [ParameterAttributeData]
         public void Open_should_throw_an_ObjectDisposedException_if_the_connection_is_disposed(
@@ -161,7 +230,7 @@ public void Open_should_raise_the_correct_events_upon_failure(
             Action act;
             if (async)
             {
-                var result = new TaskCompletionSource<ConnectionDescription>();
+                var result = new TaskCompletionSource<ConnectionInitializerContext>();
                 result.SetException(new SocketException());
                 _mockConnectionInitializer.Setup(i => i.SendHelloAsync(It.IsAny<IConnection>(), It.IsAny<CancellationToken>()))
                     .Returns(result.Task);
@@ -803,5 +872,15 @@ public void SendMessages_should_put_the_messages_on_the_stream_and_raise_the_cor
                 _capturedEvents.Any().Should().BeFalse();
             }
         }
+
+        // nested type
+        private sealed class IgnoreWritesMemoryStream : MemoryStream
+        {
+            public IgnoreWritesMemoryStream(byte[] bytes) : base(bytes) { }
+            public override void Write(byte[] buffer, int offset, int count)
+            {
+                // Do nothing
+            }
+        }
     }
 }