Merge pull request #1107

Author: alcaeus

config.m4

@@ -390,7 +390,8 @@ if test "$PHP_MONGODB" != "no"; then
 
     dnl If compiling without libmongocrypt, use kms_message sources bundled with libmongoc.
     dnl If compiling with libmongocrypt, kms_message bundled with libmongocrypt is used as it is most likely newer.
-    if test "$PHP_MONGODB_CLIENT_SIDE_ENCRYPTION" != "yes" && "$PHP_MONGODB_SSL" != "no"; then
+    if test "$PHP_MONGODB_CLIENT_SIDE_ENCRYPTION" != "yes" && test "$PHP_MONGODB_SSL" != "no"; then
+      AC_SUBST(MONGOC_ENABLE_MONGODB_AWS_AUTH, 1)
       PHP_MONGODB_ADD_SOURCES([src/libmongoc/src/kms-message/src/], $PHP_MONGODB_KMS_MESSAGE_SOURCES, $PHP_MONGODB_BUNDLED_CFLAGS)
       PHP_MONGODB_ADD_INCLUDE([src/libmongoc/src/kms-message/src/])
       PHP_MONGODB_ADD_BUILD_DIR([src/libmongoc/src/kms-message/src/])
@@ -416,6 +417,8 @@ if test "$PHP_MONGODB" != "no"; then
     fi
 
     if test "$PHP_MONGODB_CLIENT_SIDE_ENCRYPTION" = "yes"; then
+      dnl Since libmongocrypt adds kms-message, we can enable AWS auth in this case
+      AC_SUBST(MONGOC_ENABLE_MONGODB_AWS_AUTH, 1)
       AC_SUBST(MONGOCRYPT_ENABLE_TRACE, 1)
 
       dnl Generated with: find src/libmongocrypt/src -maxdepth 1 -name '*.c' -print0 | cut -sz -d / -f 4- | sort -dz | tr '\000' ' '

config.w32

@@ -213,6 +213,7 @@ if (PHP_MONGODB != "no") {
     mongoc_opts.MONGOC_ENABLE_CRYPTO_LIBCRYPTO = 1;
     mongoc_opts.MONGOC_ENABLE_SSL = 1;
     mongoc_opts.MONGOC_ENABLE_CRYPTO = 1;
+    mongoc_opts.MONGOC_ENABLE_MONGODB_AWS_AUTH = 1;
 
     ADD_FLAG("CFLAGS_MONGODB", "/D KMS_MSG_STATIC=1 /D KMS_MESSAGE_ENABLE_CRYPTO=1 /D KMS_MESSAGE_ENABLE_CRYPTO_LIBCRYPTO=1");
   } else {

php_phongo.c

@@ -1374,8 +1374,9 @@ static bool php_phongo_uri_finalize_auth(mongoc_uri_t* uri) /* {{{ */
 			}
 		}
 
-		/* MONGODB-X509 is the only mechanism that doesn't require username */
-		if (strcasecmp(mongoc_uri_get_auth_mechanism(uri), "MONGODB-X509")) {
+		/* Mechanisms other than MONGODB-X509 and MONGODB-AWS require a username */
+		if (strcasecmp(mongoc_uri_get_auth_mechanism(uri), "MONGODB-X509") &&
+			strcasecmp(mongoc_uri_get_auth_mechanism(uri), "MONGODB-AWS")) {
 			if (!mongoc_uri_get_username(uri) ||
 				!strcmp(mongoc_uri_get_username(uri), "")) {
 				phongo_throw_exception(PHONGO_ERROR_INVALID_ARGUMENT, "Failed to parse URI options: '%s' authentication mechanism requires username.", mongoc_uri_get_auth_mechanism(uri));

tests/manager/manager-ctor-auth_mechanism-001.phpt

@@ -7,9 +7,11 @@ $tests = [
     ['mongodb://[email protected]/?authMechanism=MONGODB-X509', []],
     ['mongodb://127.0.0.1/?authMechanism=MONGODB-X509', []],
     ['mongodb://[email protected]/?authMechanism=GSSAPI', []],
+    ['mongodb://127.0.0.1/?authMechanism=MONGODB-AWS', []],
     [null, ['authMechanism' => 'MONGODB-X509', 'username' => 'username']],
     [null, ['authMechanism' => 'MONGODB-X509']],
     [null, ['authMechanism' => 'GSSAPI', 'username' => 'username']],
+    [null, ['authMechanism' => 'MONGODB-AWS']],
 ];
 
 foreach ($tests as $test) {