feat: set credential provider as auth mech prop

Author: durran

src/cmap/auth/mongo_credentials.ts

@@ -6,6 +6,7 @@ import {
   MongoInvalidArgumentError,
   MongoMissingCredentialsError
 } from '../../error';
+import type { AWSCredentialProvider } from './aws_temporary_credentials';
 import { GSSAPICanonicalizationValue } from './gssapi';
 import type { OIDCCallbackFunction } from './mongodb_oidc';
 import { AUTH_MECHS_AUTH_SRC_EXTERNAL, AuthMechanism } from './providers';
@@ -68,6 +69,8 @@ export interface AuthMechanismProperties extends Document {
   ALLOWED_HOSTS?: string[];
   /** The resource token for OIDC auth in Azure and GCP. */
   TOKEN_RESOURCE?: string;
+  /** A custom AWS credential provider to use. */
+  AWS_CREDENTIAL_PROVIDER?: AWSCredentialProvider;
 }
 
 /** @public */

src/connection_string.ts

@@ -3,7 +3,6 @@ import ConnectionString from 'mongodb-connection-string-url';
 import { URLSearchParams } from 'url';
 
 import type { Document } from './bson';
-import { type AWSCredentialProvider } from './cmap/auth/aws_temporary_credentials';
 import { MongoCredentials } from './cmap/auth/mongo_credentials';
 import { AUTH_MECHS_AUTH_SRC_EXTERNAL, AuthMechanism } from './cmap/auth/providers';
 import { addContainerMetadata, makeClientMetadata } from './cmap/handshake/client_metadata';
@@ -752,14 +751,6 @@ export const OPTIONS = {
   autoSelectFamilyAttemptTimeout: {
     type: 'uint'
   },
-  awsCredentialsProvider: {
-    transform({ values: [value] }): AWSCredentialProvider {
-      if (typeof value === 'function') {
-        return value as AWSCredentialProvider;
-      }
-      throw new MongoParseError(`Option awsCredentialProvider must be a function, got ${value}`);
-    }
-  },
   bsonRegExp: {
     type: 'boolean'
   },

src/mongo_client.ts

@@ -5,7 +5,6 @@ import type { ConnectionOptions as TLSConnectionOptions, TLSSocketOptions } from
 import { type BSONSerializeOptions, type Document, resolveBSONOptions } from './bson';
 import { ChangeStream, type ChangeStreamDocument, type ChangeStreamOptions } from './change_stream';
 import type { AutoEncrypter, AutoEncryptionOptions } from './client-side-encryption/auto_encrypter';
-import { type AWSCredentialProvider } from './cmap/auth/aws_temporary_credentials';
 import {
   type AuthMechanismProperties,
   DEFAULT_ALLOWED_HOSTS,
@@ -300,10 +299,6 @@ export interface MongoClientOptions extends BSONSerializeOptions, SupportedNodeC
    * TODO: NODE-5671 - remove internal flag
    */
   mongodbLogMaxDocumentLength?: number;
-  /**
-   * A custom AWS SDK credentials provider to use instead of the default.
-   */
-  awsCredentialsProvider?: AWSCredentialProvider;
 
   /** @internal */
   __skipPingOnConnect?: boolean;

src/mongo_client_auth_providers.ts

@@ -69,6 +69,8 @@ export class MongoClientAuthProviders {
     let provider;
     if (name === AuthMechanism.MONGODB_OIDC) {
       provider = providerFunction(this.getWorkflow(authMechanismProperties));
+    } else if (name === AuthMechanism.MONGODB_AWS) {
+      provider = providerFunction(authMechanismProperties.AWS_CREDENTIAL_PROVIDER);
     } else {
       provider = providerFunction();
     }