def test_info(self):
self.server.start(30)
info = self.server.info()
for item in ("mongodb_uri", "statuses", "serverInfo", "procInfo",
"orchestration"):
self.assertTrue(item in info)
self.assertTrue(info['mongodb_uri'].find(self.server.hostname))
self.assertTrue(info['mongodb_uri'].find('mongodb://') == 0)
fd_log, log_path = tempfile.mkstemp()
os.close(fd_log)
db_path = tempfile.mkdtemp()
params = {'logpath': log_path, 'dbpath': db_path}
server2 = Server(self.mongod, params)
server2.start()
info2 = server2.info()
for param, value in params.items():
self.assertTrue(
info2['procInfo']['params'].get(param, value) == value)
server2.stop()
info = server2.info()
self.assertEqual(len(info['serverInfo']), 0)
self.assertEqual(len(info['statuses']), 0)
self.assertEqual(info['orchestration'], 'servers')
server2.cleanup()
class ServerAuthTestCase(unittest.TestCase):
def setUp(self):
PortPool().change_range()
self.mongod = os.path.join(os.environ.get('MONGOBIN', ''), 'mongod')
self.server = Server(self.mongod, {}, auth_key='secret', login='******', password='******')
self.server.start()
def tearDown(self):
if hasattr(self, 'server'):
self.server.stop()
self.server.cleanup()
def test_mongos(self):
self.server.stop()
self.server.cleanup()
self.server = Server(self.mongod, {'configsvr': True}, auth_key='secret')
self.server.start(30)
mongos = os.path.join(os.environ.get('MONGOBIN', ''), 'mongos')
self.server2 = Server(mongos, {'configdb': self.server.info()['uri']}, auth_key='secret', login='******', password='******')
self.server2.start()
for server in (self.server, self.server2):
c = pymongo.MongoClient(server.host, server.port)
self.assertRaises(pymongo.errors.OperationFailure, c.admin.collection_names)
self.assertTrue(c.admin.authenticate('admin', 'admin'))
self.assertTrue(isinstance(c.admin.collection_names(), list))
self.assertTrue(c.admin.logout() is None)
self.assertRaises(pymongo.errors.OperationFailure, c.admin.collection_names)
self.server2.stop()
self.server2.cleanup()
def test_auth_connection(self):
self.assertTrue(isinstance(self.server.connection.admin.collection_names(), list))
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertRaises(pymongo.errors.OperationFailure, c.admin.collection_names)
self.server.restart()
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertRaises(pymongo.errors.OperationFailure, c.admin.collection_names)
def test_auth_admin(self):
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertRaises(pymongo.errors.OperationFailure, c.admin.collection_names)
self.assertTrue(c.admin.authenticate('admin', 'admin'))
self.assertTrue(isinstance(c.admin.collection_names(), list))
self.assertTrue(c.admin.logout() is None)
self.assertRaises(pymongo.errors.OperationFailure, c.admin.collection_names)
def test_auth_collection(self):
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertTrue(c.admin.authenticate('admin', 'admin'))
db = c.test_server_auth
db.add_user('user', 'userpass', roles=['readWrite'])
c.admin.logout()
self.assertTrue(db.authenticate('user', 'userpass'))
self.assertTrue(db.foo.insert({'foo': 'bar'}, safe=True, wtimeout=1000))
self.assertTrue(isinstance(db.foo.find_one(), dict))
db.logout()
self.assertRaises(pymongo.errors.OperationFailure, db.foo.find_one)
def test_info(self):
self.server.start(30)
info = self.server.info()
for item in ("uri", "mongodb_uri", "statuses", "serverInfo", "procInfo", "orchestration"):
self.assertTrue(item in info)
self.assertTrue(info['mongodb_uri'].find(info['uri']))
self.assertTrue(info['mongodb_uri'].find('mongodb://') == 0)
fd_log, log_path = tempfile.mkstemp()
os.close(fd_log)
db_path = tempfile.mkdtemp()
params = {'logpath': log_path, 'dbpath': db_path}
server2 = Server(self.mongod, params)
server2.start()
info2 = server2.info()
for param, value in params.items():
self.assertTrue(info2['procInfo']['params'].get(param, value) == value)
server2.stop()
info = server2.info()
self.assertEqual(len(info['serverInfo']), 0)
self.assertEqual(len(info['statuses']), 0)
self.assertEqual(info['orchestration'], 'servers')
server2.cleanup()
def test_operations(self):
server_id = self.servers.create('mongod', {}, autostart=False)
self.assertTrue(len(self.servers) == 1)
self.assertTrue(server_id in self.servers)
server_id2 = 'server-id2'
server2 = Server(os.path.join(os.environ.get('MONGOBIN', ''), 'mongod'), {})
server2.start(30)
server2_pid = server2.info()['procInfo']['pid']
self.servers[server_id2] = server2
self.assertTrue(self.servers[server_id2]['procInfo']['pid'] == server2_pid)
self.assertTrue(server_id2 in self.servers)
for h_id in self.servers:
self.assertTrue(h_id in (server_id, server_id2))
operator.delitem(self.servers, server_id2)
self.assertFalse(server_id2 in self.servers)
server2.stop()
server2.cleanup()
def test_operations(self):
server_id = self.servers.create('mongod', {}, autostart=False)
self.assertTrue(len(self.servers) == 1)
self.assertTrue(server_id in self.servers)
server_id2 = 'server-id2'
server2 = Server(os.path.join(os.environ.get('MONGOBIN', ''), 'mongod'), {})
server2.start(30)
server2_pid = server2.info()['procInfo']['pid']
self.servers[server_id2] = server2
self.assertTrue(self.servers[server_id2]['procInfo']['pid'] == server2_pid)
self.assertTrue(server_id2 in self.servers)
for h_id in self.servers:
self.assertTrue(h_id in (server_id, server_id2))
operator.delitem(self.servers, server_id2)
self.assertFalse(server_id2 in self.servers)
server2.stop()
server2.cleanup()
class ServerTestCase(unittest.TestCase):
def setUp(self):
PortPool().change_range()
self.mongod = os.path.join(os.environ.get('MONGOBIN', ''), 'mongod')
self.server = Server(self.mongod, {})
def tearDown(self):
if hasattr(self, 'server'):
self.server.stop()
self.server.cleanup()
def test_server(self):
self.assertTrue(isinstance(self.server, Server))
def test_init_path(self):
self.server.cleanup()
mongod = os.path.join(os.environ.get('MONGOBIN', ''), 'mongod')
log_dir = os.path.join(tempfile.gettempdir(),
os.path.split(tempfile.mktemp())[-1])
log_path = tempfile.mktemp(dir=log_dir)
db_path = os.path.join(tempfile.gettempdir(),
os.path.split(tempfile.mktemp())[-1])
self.assertFalse(os.path.exists(log_dir))
self.assertFalse(os.path.exists(db_path))
self.server = Server(mongod, {'logpath': log_path, 'dbpath': db_path})
self.assertTrue(os.path.exists(log_dir))
self.assertTrue(os.path.exists(db_path))
def test_mongos(self):
self.server.cleanup()
self.server = Server(self.mongod, {'configsvr': True})
self.server.start(30)
mongos = os.path.join(os.environ.get('MONGOBIN', ''), 'mongos')
self.server2 = Server(mongos, {'configdb': self.server.hostname})
self.assertTrue(self.server2.start())
self.assertTrue(self.server2.info()['statuses'].get('mongos', False))
self.server2.stop()
self.server2.cleanup()
def test_run_command(self):
self.server.start(30)
def test_info(self):
self.server.start(30)
info = self.server.info()
for item in ("mongodb_uri", "statuses", "serverInfo", "procInfo",
"orchestration"):
self.assertTrue(item in info)
self.assertTrue(info['mongodb_uri'].find(self.server.hostname))
self.assertTrue(info['mongodb_uri'].find('mongodb://') == 0)
fd_log, log_path = tempfile.mkstemp()
os.close(fd_log)
db_path = tempfile.mkdtemp()
params = {'logpath': log_path, 'dbpath': db_path}
server2 = Server(self.mongod, params)
server2.start()
info2 = server2.info()
for param, value in params.items():
self.assertTrue(
info2['procInfo']['params'].get(param, value) == value)
server2.stop()
info = server2.info()
self.assertEqual(len(info['serverInfo']), 0)
self.assertEqual(len(info['statuses']), 0)
self.assertEqual(info['orchestration'], 'servers')
server2.cleanup()
def test_command(self):
self.assertRaises(pymongo.errors.PyMongoError, self.server.run_command,
'serverStatus', None, False)
self.server.start(30)
self.assertEqual(
self.server.run_command('serverStatus', arg=None,
is_eval=False).get('ok', -1), 1)
self.assertEqual(
self.server.run_command('db.getName()', arg=None, is_eval=True),
'admin')
def test_start(self):
self.assertNotIn('pid', self.server.info()['procInfo'])
self.assertTrue(self.server.start(30))
self.assertTrue(self.server.info()['procInfo']['pid'] > 0)
fake_server = Server('fake_proc_', {})
self.assertRaises(OSError, fake_server.start, 5)
fake_server.cleanup()
def test_start_with_repair(self):
self.server.cleanup()
self.server = Server(self.mongod, {"journal": False})
self.server.start(30)
os.kill(self.server.pid, 9)
self.assertTrue(self.server._is_locked)
self.assertTrue(self.server.start(20))
def test_stop(self):
self.assertTrue(self.server.start(60))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server = self.server.hostname.split(':')[0]
s.connect((server, self.server.cfg['port']))
self.assertTrue(self.server.stop())
self.assertRaises(socket.error, s.connect,
(server, self.server.cfg['port']))
def test_restart(self):
self.assertTrue(self.server.start(30))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server = self.server.hostname.split(':')[0]
s.connect((server, self.server.cfg['port']))
s.shutdown(0)
s.close()
self.assertTrue(self.server.restart(30))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((server, self.server.cfg['port']))
s.shutdown(0)
s.close()
def test_is_alive(self):
self.server.start()
self.assertTrue(self.server.is_alive)
self.server.stop()
self.assertFalse(self.server.is_alive)
self.server.restart()
self.assertTrue(self.server.is_alive)
def test_set_parameter(self):
cfg = {
"setParameter": {
"textSearchEnabled": True,
"enableTestCommands": 1
}
}
server = Server(self.mongod, cfg)
server.start()
c = pymongo.MongoClient(server.hostname)
c.foo.bar.insert({"data": "text stuff"})
# No Exception.
c.foo.bar.ensure_index([("data", pymongo.TEXT)])
# No Exception.
c.admin.command("sleep", secs=1)
def test_cleanup(self):
self.server.start(80)
self.assertTrue(os.path.exists(self.server.cfg['dbpath']))
self.assertTrue(os.path.exists(self.server.config_path))
self.server.stop()
self.server.cleanup()
self.assertFalse(os.path.exists(self.server.cfg['dbpath']))
self.assertFalse(os.path.exists(self.server.config_path))
def test_reset(self):
self.server.stop()
self.assertRaises(pymongo.errors.ConnectionFailure,
pymongo.MongoClient, self.server.hostname)
self.server.reset()
# No ConnectionFailure.
pymongo.MongoClient(self.server.hostname)
class ServerTestCase(unittest.TestCase):
def setUp(self):
PortPool().change_range()
self.mongod = os.path.join(os.environ.get('MONGOBIN', ''), 'mongod')
self.server = Server(self.mongod, {})
def tearDown(self):
if hasattr(self, 'server'):
self.server.stop()
self.server.cleanup()
def test_server(self):
self.assertTrue(isinstance(self.server, Server))
def test_init_path(self):
self.server.cleanup()
mongod = os.path.join(os.environ.get('MONGOBIN', ''), 'mongod')
log_dir = os.path.join(tempfile.gettempdir(), os.path.split(tempfile.mktemp())[-1])
log_path = tempfile.mktemp(dir=log_dir)
db_path = os.path.join(tempfile.gettempdir(), os.path.split(tempfile.mktemp())[-1])
self.assertFalse(os.path.exists(log_dir))
self.assertFalse(os.path.exists(db_path))
self.server = Server(mongod, {'logpath': log_path, 'dbpath': db_path})
self.assertTrue(os.path.exists(log_dir))
self.assertTrue(os.path.exists(db_path))
def test_mongos(self):
self.server.cleanup()
self.server = Server(self.mongod, {'configsvr': True})
self.server.start(30)
mongos = os.path.join(os.environ.get('MONGOBIN', ''), 'mongos')
self.server2 = Server(mongos, {'configdb': self.server.info()['uri']})
self.assertTrue(self.server2.start())
self.assertTrue(self.server2.info()['statuses'].get('mongos', False))
self.server2.stop()
self.server2.cleanup()
def test_run_command(self):
self.server.start(30)
def test_info(self):
self.server.start(30)
info = self.server.info()
for item in ("uri", "mongodb_uri", "statuses", "serverInfo", "procInfo", "orchestration"):
self.assertTrue(item in info)
self.assertTrue(info['mongodb_uri'].find(info['uri']))
self.assertTrue(info['mongodb_uri'].find('mongodb://') == 0)
fd_log, log_path = tempfile.mkstemp()
os.close(fd_log)
db_path = tempfile.mkdtemp()
params = {'logpath': log_path, 'dbpath': db_path}
server2 = Server(self.mongod, params)
server2.start()
info2 = server2.info()
for param, value in params.items():
self.assertTrue(info2['procInfo']['params'].get(param, value) == value)
server2.stop()
info = server2.info()
self.assertEqual(len(info['serverInfo']), 0)
self.assertEqual(len(info['statuses']), 0)
self.assertEqual(info['orchestration'], 'servers')
server2.cleanup()
def test_command(self):
self.assertRaises(pymongo.errors.PyMongoError, self.server.run_command, 'serverStatus', None, False)
self.server.start(30)
self.assertEqual(self.server.run_command('serverStatus', arg=None, is_eval=False).get('ok', -1), 1)
self.assertEqual(self.server.run_command('db.getName()', arg=None, is_eval=True), 'admin')
def test_start(self):
self.assertNotIn('pid', self.server.info()['procInfo'])
self.assertTrue(self.server.start(30))
self.assertTrue(self.server.info()['procInfo']['pid'] > 0)
fake_server = Server('fake_proc_', {})
self.assertRaises(OSError, fake_server.start, 5)
fake_server.cleanup()
def test_start_with_repair(self):
self.server.cleanup()
self.server = Server(self.mongod, {"journal": False})
self.server.start(30)
os.kill(self.server.pid, 9)
self.assertTrue(self.server._is_locked)
self.assertTrue(self.server.start(20))
def test_stop(self):
self.assertTrue(self.server.start(60))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server = self.server.hostname.split(':')[0]
s.connect((server, self.server.cfg['port']))
self.assertTrue(self.server.stop())
self.assertRaises(socket.error, s.connect, (server, self.server.cfg['port']))
def test_restart(self):
self.assertTrue(self.server.start(30))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
server = self.server.hostname.split(':')[0]
s.connect((server, self.server.cfg['port']))
s.shutdown(0)
s.close()
self.assertTrue(self.server.restart(30))
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((server, self.server.cfg['port']))
s.shutdown(0)
s.close()
def test_is_alive(self):
self.server.start()
self.assertTrue(self.server.is_alive)
self.server.stop()
self.assertFalse(self.server.is_alive)
self.server.restart()
self.assertTrue(self.server.is_alive)
def test_set_parameter(self):
cfg = {"setParameter": {"textSearchEnabled": True,
"enableTestCommands": 1}}
server = Server(self.mongod, cfg)
server.start()
c = pymongo.MongoClient(server.hostname)
c.foo.bar.insert({"data": "text stuff"})
# No Exception.
c.foo.bar.ensure_index([("data", pymongo.TEXT)])
# No Exception.
c.admin.command("sleep", secs=1)
def test_cleanup(self):
self.server.start(80)
self.assertTrue(os.path.exists(self.server.cfg['dbpath']))
self.assertTrue(os.path.exists(self.server.config_path))
self.server.stop()
self.server.cleanup()
self.assertFalse(os.path.exists(self.server.cfg['dbpath']))
self.assertFalse(os.path.exists(self.server.config_path))
def test_reset(self):
self.server.stop()
self.assertRaises(pymongo.errors.ConnectionFailure,
pymongo.MongoClient, self.server.hostname)
self.server.reset()
# No ConnectionFailure.
pymongo.MongoClient(self.server.hostname)
class ServerAuthTestCase(unittest.TestCase):
def setUp(self):
PortPool().change_range()
self.mongod = os.path.join(os.environ.get('MONGOBIN', ''), 'mongod')
self.server = Server(self.mongod, {},
auth_key='secret',
login='******',
password='******')
self.server.start()
def tearDown(self):
if hasattr(self, 'server'):
self.server.stop()
self.server.cleanup()
def test_mongodb_auth_uri(self):
self.assertIn('mongodb_auth_uri', self.server.info())
auth_uri = self.server.info()['mongodb_auth_uri']
self.assertIn(self.server.hostname, auth_uri)
self.assertIn('admin:admin', auth_uri)
self.assertIn('authSource=admin', auth_uri)
def test_mongos(self):
self.server.stop()
self.server.cleanup()
self.server = Server(self.mongod, {'configsvr': True},
auth_key='secret')
self.server.start(30)
mongos = os.path.join(os.environ.get('MONGOBIN', ''), 'mongos')
self.server2 = Server(mongos, {'configdb': self.server.hostname},
auth_key='secret',
login='******',
password='******')
self.server2.start()
for server in (self.server, self.server2):
c = pymongo.MongoClient(server.host, server.port)
self.assertRaises(pymongo.errors.OperationFailure,
c.admin.collection_names)
self.assertTrue(c.admin.authenticate('admin', 'admin'))
self.assertTrue(isinstance(c.admin.collection_names(), list))
self.assertTrue(c.admin.logout() is None)
self.assertRaises(pymongo.errors.OperationFailure,
c.admin.collection_names)
self.server2.stop()
self.server2.cleanup()
def test_auth_connection(self):
self.assertTrue(
isinstance(self.server.connection.admin.collection_names(), list))
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertRaises(pymongo.errors.OperationFailure,
c.admin.collection_names)
self.server.restart()
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertRaises(pymongo.errors.OperationFailure,
c.admin.collection_names)
def test_auth_admin(self):
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertRaises(pymongo.errors.OperationFailure,
c.admin.collection_names)
self.assertTrue(c.admin.authenticate('admin', 'admin'))
self.assertTrue(isinstance(c.admin.collection_names(), list))
self.assertTrue(c.admin.logout() is None)
self.assertRaises(pymongo.errors.OperationFailure,
c.admin.collection_names)
def test_auth_collection(self):
c = pymongo.MongoClient(self.server.host, self.server.port)
self.assertTrue(c.admin.authenticate('admin', 'admin'))
db = c.test_server_auth
db.add_user('user', 'userpass', roles=['readWrite'])
c.admin.logout()
self.assertTrue(db.authenticate('user', 'userpass'))
self.assertTrue(db.foo.insert({'foo': 'bar'}, wtimeout=1000))
self.assertTrue(isinstance(db.foo.find_one(), dict))
db.logout()
self.assertRaises(pymongo.errors.OperationFailure, db.foo.find_one)
class ServerSSLTestCase(SSLTestCase):
def setUp(self):
self.mongod_name = os.path.join(os.environ.get('MONGOBIN', ''),
'mongod')
def tearDown(self):
if hasattr(self, 'server'):
self.server.stop()
self.server.cleanup()
def test_ssl_auth(self):
if SERVER_VERSION < (2, 4):
raise SkipTest("Need to be able to set 'authenticationMechanisms' "
"parameter to test.")
proc_params = {
'setParameter': {
'authenticationMechanisms': 'MONGODB-X509'
}
}
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
# Should not raise an Exception.
self.server = Server(self.mongod_name,
proc_params,
ssl_params,
login=TEST_SUBJECT,
auth_source='$external')
self.server.start()
# Should create an extra user. Doesn't raise.
client = pymongo.MongoClient(self.server.hostname,
ssl_certfile=DEFAULT_CLIENT_CERT,
ssl_cert_reqs=ssl.CERT_NONE)
client['$external'].authenticate(DEFAULT_SUBJECT,
mechanism='MONGODB-X509')
# Should also create the user we requested. Doesn't raise.
client = pymongo.MongoClient(self.server.hostname,
ssl_certfile=certificate('client.pem'),
ssl_cert_reqs=ssl.CERT_NONE)
client['$external'].authenticate(TEST_SUBJECT,
mechanism='MONGODB-X509')
def test_scram_with_ssl(self):
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
# Should not raise an Exception.
self.server = Server(self.mongod_name, {},
ssl_params,
login='******',
password='******')
self.server.start()
# Should create the user we requested. No raise on authenticate.
client = pymongo.MongoClient(self.server.hostname,
ssl_certfile=certificate('client.pem'),
ssl_cert_reqs=ssl.CERT_NONE)
client.admin.authenticate('luke', 'ekul')
# This should be the only user.
self.assertEqual(len(client.admin.command('usersInfo')['users']), 1)
self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_ssl(self):
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
# Should not raise an Exception.
self.server = Server(self.mongod_name, {}, ssl_params)
self.server.start()
# Server should require SSL.
with self.assertRaises(pymongo.errors.ConnectionFailure):
connected(pymongo.MongoClient(self.server.hostname))
# Doesn't raise with certificate provided.
connected(
pymongo.MongoClient(self.server.hostname,
ssl_certfile=certificate('client.pem'),
ssl_cert_reqs=ssl.CERT_NONE))
def test_mongodb_auth_uri(self):
if SERVER_VERSION < (2, 4):
raise SkipTest("Need to be able to set 'authenticationMechanisms' "
"parameter to test.")
proc_params = {
'setParameter': {
'authenticationMechanisms': 'MONGODB-X509'
}
}
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
self.server = Server(self.mongod_name,
proc_params,
ssl_params,
login=TEST_SUBJECT,
auth_source='$external')
self.server.start()
self.assertIn('mongodb_auth_uri', self.server.info())
auth_uri = self.server.info()['mongodb_auth_uri']
self.assertIn(self.server.hostname, auth_uri)
self.assertIn(TEST_SUBJECT, auth_uri)
self.assertIn('authSource=$external', auth_uri)
self.assertIn('authMechanism=MONGODB-X509', auth_uri)
class ServerSSLTestCase(SSLTestCase):
def tearDown(self):
self.server.stop()
self.server.cleanup()
def test_ssl_auth(self):
if SERVER_VERSION < (2, 4):
raise SkipTest("Need to be able to set 'authenticationMechanisms' "
"parameter to test.")
proc_params = {
'setParameter': {
'authenticationMechanisms': 'MONGODB-X509'
}
}
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
# Should not raise an Exception.
self.server = Server(
'mongod', proc_params, ssl_params,
login=TEST_SUBJECT, auth_source='$external')
self.server.start()
# Should create an extra user. Doesn't raise.
client = pymongo.MongoClient(
self.server.hostname, ssl_certfile=DEFAULT_CLIENT_CERT,
ssl_cert_reqs=ssl.CERT_NONE)
client['$external'].authenticate(
DEFAULT_SUBJECT, mechanism='MONGODB-X509')
# Should also create the user we requested. Doesn't raise.
client = pymongo.MongoClient(
self.server.hostname, ssl_certfile=certificate('client.pem'),
ssl_cert_reqs=ssl.CERT_NONE)
client['$external'].authenticate(
TEST_SUBJECT, mechanism='MONGODB-X509')
def test_scram_with_ssl(self):
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
# Should not raise an Exception.
self.server = Server(
'mongod', {}, ssl_params, login='******', password='******')
self.server.start()
# Should create the user we requested. No raise on authenticate.
client = pymongo.MongoClient(
self.server.hostname, ssl_certfile=certificate('client.pem'),
ssl_cert_reqs=ssl.CERT_NONE)
client.admin.authenticate('luke', 'ekul')
# This should be the only user.
self.assertEqual(len(client.admin.command('usersInfo')['users']), 1)
self.assertFalse(client['$external'].command('usersInfo')['users'])
def test_ssl(self):
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
# Should not raise an Exception.
self.server = Server('mongod', {}, ssl_params)
self.server.start()
# Server should require SSL.
with self.assertRaises(pymongo.errors.ConnectionFailure):
connected(pymongo.MongoClient(self.server.hostname))
# Doesn't raise with certificate provided.
connected(pymongo.MongoClient(
self.server.hostname, ssl_certfile=certificate('client.pem'),
ssl_cert_reqs=ssl.CERT_NONE))
def test_mongodb_auth_uri(self):
if SERVER_VERSION < (2, 4):
raise SkipTest("Need to be able to set 'authenticationMechanisms' "
"parameter to test.")
proc_params = {
'setParameter': {
'authenticationMechanisms': 'MONGODB-X509'
}
}
ssl_params = {
'sslPEMKeyFile': certificate('server.pem'),
'sslCAFile': certificate('ca.pem'),
'sslMode': 'requireSSL',
'sslAllowInvalidCertificates': True
}
self.server = Server(
'mongod', proc_params, ssl_params,
login=TEST_SUBJECT, auth_source='$external')
self.server.start()
self.assertIn('mongodb_auth_uri', self.server.info())
auth_uri = self.server.info()['mongodb_auth_uri']
self.assertIn(self.server.hostname, auth_uri)
self.assertIn(TEST_SUBJECT, auth_uri)
self.assertIn('authSource=$external', auth_uri)
self.assertIn('authMechanism=MONGODB-X509', auth_uri)
