feat(NODE-7047): use custom credential provider first

durran · durran · commit 04f86773964c · 2025-09-09T14:04:44.000-04:00
diff --git a/src/cmap/auth/mongodb_aws.ts b/src/cmap/auth/mongodb_aws.ts
@@ -63,7 +63,8 @@ export class MongoDBAWS extends AuthProvider {
       );
     }
 
-    if (!authContext.credentials.username) {
+    // If a custom credential provider is present we will use that first.
+    if (this.credentialProvider || !authContext.credentials.username) {
       authContext.credentials = await makeTempCredentials(
         authContext.credentials,
         this.credentialFetcher
diff --git a/test/integration/auth/mongodb_aws.test.ts b/test/integration/auth/mongodb_aws.test.ts
@@ -144,12 +144,6 @@ describe('MONGODB-AWS', function () {
         this.skipReason = 'only relevant to AssumeRoleWithWebIdentity with SDK installed';
         return this.skip();
       }
-      // If we have a username the credentials have been set from the URI, options, or environment
-      // variables per the auth spec stated order.
-      if (client.options.credentials.username) {
-        this.skipReason = 'Credentials in the URI on env variables will not use custom provider.';
-        return this.skip();
-      }
     });
 
     it('authenticates with a user provided credentials provider', async function () {

Original file line number	Diff line number	Diff line change
`@@ -63,7 +63,8 @@ export class MongoDBAWS extends AuthProvider {`
`63`	`63`	`);`
`64`	`64`	`}`
`65`	`65`
`66`		`- if (!authContext.credentials.username) {`
	`66`	`+ // If a custom credential provider is present we will use that first.`
	`67`	`+ if (this.credentialProvider \|\| !authContext.credentials.username) {`
`67`	`68`	`authContext.credentials = await makeTempCredentials(`
`68`	`69`	`authContext.credentials,`
`69`	`70`	`this.credentialFetcher`