CDRIVER-4489 add mongoc_oidc_cache_t (#2119)

`mongoc_oidc_cache_t` is an internal component intended to be used for OIDC auth. Implements the "Client Cache" (not the "Connection Cache") from the auth spec.

Author: kevinAlbs

src/common/src/common-macros-private.h

@@ -96,4 +96,16 @@
 #define MC_DISABLE_IMPLICIT_WARNING_END
 #endif
 
+// Disable the -Wcast-qual warning
+#if defined(__GNUC__)
+#define MC_DISABLE_CAST_QUAL_WARNING_BEGIN MC_PRAGMA_DIAGNOSTIC_PUSH _Pragma("GCC diagnostic ignored \"-Wcast-qual\"")
+#define MC_DISABLE_CAST_QUAL_WARNING_END MC_PRAGMA_DIAGNOSTIC_POP
+#elif defined(__clang__)
+#define MC_DISABLE_CAST_QUAL_WARNING_BEGIN MC_PRAGMA_DIAGNOSTIC_PUSH _Pragma("clang diagnostic ignored \"-Wcast-qual\"")
+#define MC_DISABLE_CAST_QUAL_WARNING_END MC_PRAGMA_DIAGNOSTIC_POP
+#else
+#define MC_DISABLE_CAST_QUAL_WARNING_BEGIN
+#define MC_DISABLE_CAST_QUAL_WARNING_END
+#endif
+
 #endif /* MONGO_C_DRIVER_COMMON_MACROS_PRIVATE_H */

src/libmongoc/CMakeLists.txt

@@ -594,6 +594,7 @@ set (MONGOC_SOURCES
    ${PROJECT_SOURCE_DIR}/src/mongoc/mongoc-log-and-monitor-private.c
    ${PROJECT_SOURCE_DIR}/src/mongoc/mongoc-memcmp.c
    ${PROJECT_SOURCE_DIR}/src/mongoc/mongoc-cmd.c
+   ${PROJECT_SOURCE_DIR}/src/mongoc/mongoc-oidc-cache.c
    ${PROJECT_SOURCE_DIR}/src/mongoc/mongoc-oidc-callback.c
    ${PROJECT_SOURCE_DIR}/src/mongoc/mongoc-oidc-env.c
    ${PROJECT_SOURCE_DIR}/src/mongoc/mongoc-opcode.c
@@ -1092,6 +1093,7 @@ set (test-libmongoc-sources
    ${PROJECT_SOURCE_DIR}/tests/test-mongoc-max-staleness.c
    ${PROJECT_SOURCE_DIR}/tests/test-mongoc-mongos-pinning.c
    ${PROJECT_SOURCE_DIR}/tests/test-mongoc-oidc-callback.c
+   ${PROJECT_SOURCE_DIR}/tests/test-mongoc-oidc-cache.c
    ${PROJECT_SOURCE_DIR}/tests/test-mongoc-opts.c
    ${PROJECT_SOURCE_DIR}/tests/test-mongoc-primary-stepdown.c
    ${PROJECT_SOURCE_DIR}/tests/test-mongoc-queue.c

src/libmongoc/src/mongoc/mongoc-oidc-cache-private.h

@@ -0,0 +1,66 @@
+/*
+ * Copyright 2009-present MongoDB, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MONGOC_OIDC_CACHE_PRIVATE_H
+#define MONGOC_OIDC_CACHE_PRIVATE_H
+
+#include <mongoc/mongoc-oidc-callback.h>
+#include <mongoc/mongoc-sleep.h>
+
+// mongoc_oidc_cache_t implements the OIDC spec "Client Cache".
+// Stores the OIDC callback, cache, and lock.
+// Expected to be shared among all clients in a pool.
+typedef struct mongoc_oidc_cache_t mongoc_oidc_cache_t;
+
+mongoc_oidc_cache_t *
+mongoc_oidc_cache_new(void);
+
+// mongoc_oidc_cache_set_callback sets the token callback.
+// Not thread safe. Call before any authentication can occur.
+void
+mongoc_oidc_cache_set_callback(mongoc_oidc_cache_t *cache, const mongoc_oidc_callback_t *cb);
+
+// mongoc_oidc_cache_get_callback gets the token callback.
+const mongoc_oidc_callback_t *
+mongoc_oidc_cache_get_callback(const mongoc_oidc_cache_t *cache);
+
+// mongoc_oidc_cache_set_usleep_fn sets a custom sleep function.
+// Not thread safe. Call before any authentication can occur.
+void
+mongoc_oidc_cache_set_usleep_fn(mongoc_oidc_cache_t *cache, mongoc_usleep_func_t usleep_fn, void *usleep_data);
+
+// mongoc_oidc_cache_get_token returns a token or NULL on error. Thread safe.
+// Sets *found_in_cache to indicate if the returned token came from the cache or callback.
+// Calls sleep if needed to enforce 100ms delay between calls to the callback.
+char *
+mongoc_oidc_cache_get_token(mongoc_oidc_cache_t *cache, bool *found_in_cache, bson_error_t *error);
+
+// mongoc_oidc_cache_get_cached_token returns a cached token or NULL if none is cached. Thread safe.
+char *
+mongoc_oidc_cache_get_cached_token(const mongoc_oidc_cache_t *cache);
+
+// mongoc_oidc_cache_set_cached_token overwrites the cached token. Useful for tests. Thread safe.
+void
+mongoc_oidc_cache_set_cached_token(mongoc_oidc_cache_t *cache, const char *token);
+
+// mongoc_oidc_cache_invalidate_token invalidates the cached token if it matches `token`. Thread safe.
+void
+mongoc_oidc_cache_invalidate_token(mongoc_oidc_cache_t *cache, const char *token);
+
+void
+mongoc_oidc_cache_destroy(mongoc_oidc_cache_t *);
+
+#endif // MONGOC_OIDC_CACHE_PRIVATE_H

src/libmongoc/src/mongoc/mongoc-oidc-cache.c

@@ -0,0 +1,229 @@
+/*
+ * Copyright 2009-present MongoDB, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <common-macros-private.h> // MC_DISABLE_CAST_QUAL_WARNING_BEGIN
+#include <common-thread-private.h>
+#include <mongoc/mongoc-error-private.h>
+#include <mongoc/mongoc-oidc-cache-private.h>
+#include <mongoc/mongoc-oidc-callback-private.h>
+
+#include <mlib/duration.h>
+#include <mlib/time_point.h>
+
+#define SET_ERROR(...) _mongoc_set_error(error, MONGOC_ERROR_CLIENT, MONGOC_ERROR_CLIENT_AUTHENTICATE, __VA_ARGS__)
+
+struct mongoc_oidc_cache_t {
+   // callback is owned. NULL if unset. Not guarded by lock. Set before requesting tokens.
+   mongoc_oidc_callback_t *callback;
+
+   // usleep_fn is used to sleep between calls to the callback. Not guarded by lock. Set before requesting tokens.
+   mongoc_usleep_func_t usleep_fn;
+   void *usleep_data;
+
+   // lock is used to prevent concurrent calls to callback. Guards access to token, last_called, and ever_called.
+   bson_shared_mutex_t lock;
+
+   // token is a cached OIDC access token.
+   char *token;
+
+   // last_call tracks the time just after the last call to the callback.
+   mlib_time_point last_called;
+
+   // ever_called is set to true after the first call to the callback.
+   bool ever_called;
+};
+
+mongoc_oidc_cache_t *
+mongoc_oidc_cache_new(void)
+{
+   mongoc_oidc_cache_t *oidc = bson_malloc0(sizeof(mongoc_oidc_cache_t));
+   oidc->usleep_fn = mongoc_usleep_default_impl;
+   bson_shared_mutex_init(&oidc->lock);
+   return oidc;
+}
+
+void
+mongoc_oidc_cache_set_callback(mongoc_oidc_cache_t *cache, const mongoc_oidc_callback_t *cb)
+{
+   BSON_ASSERT_PARAM(cache);
+   BSON_OPTIONAL_PARAM(cb);
+
+   BSON_ASSERT(!cache->ever_called);
+
+   if (cache->callback) {
+      mongoc_oidc_callback_destroy(cache->callback);
+   }
+   cache->callback = cb ? mongoc_oidc_callback_copy(cb) : NULL;
+}
+
+const mongoc_oidc_callback_t *
+mongoc_oidc_cache_get_callback(const mongoc_oidc_cache_t *cache)
+{
+   BSON_ASSERT_PARAM(cache);
+
+   return cache->callback;
+}
+
+void
+mongoc_oidc_cache_set_usleep_fn(mongoc_oidc_cache_t *cache, mongoc_usleep_func_t usleep_fn, void *usleep_data)
+{
+   BSON_ASSERT_PARAM(cache);
+   BSON_OPTIONAL_PARAM(usleep_fn);
+   BSON_OPTIONAL_PARAM(usleep_data);
+
+   BSON_ASSERT(!cache->ever_called);
+
+   cache->usleep_fn = usleep_fn ? usleep_fn : mongoc_usleep_default_impl;
+   cache->usleep_data = usleep_data;
+}
+
+void
+mongoc_oidc_cache_destroy(mongoc_oidc_cache_t *cache)
+{
+   if (!cache) {
+      return;
+   }
+   bson_free(cache->token);
+   bson_shared_mutex_destroy(&cache->lock);
+   mongoc_oidc_callback_destroy(cache->callback);
+   bson_free(cache);
+}
+
+char *
+mongoc_oidc_cache_get_cached_token(const mongoc_oidc_cache_t *cache)
+{
+   BSON_ASSERT_PARAM(cache);
+
+   // Cast away const to lock. This function is logically const (read-only).
+   MC_DISABLE_CAST_QUAL_WARNING_BEGIN
+   bson_shared_mutex_lock_shared(&((mongoc_oidc_cache_t *)cache)->lock);
+   char *token = bson_strdup(cache->token);
+   bson_shared_mutex_unlock_shared(&((mongoc_oidc_cache_t *)cache)->lock);
+   MC_DISABLE_CAST_QUAL_WARNING_END
+   return token;
+}
+
+void
+mongoc_oidc_cache_set_cached_token(mongoc_oidc_cache_t *cache, const char *token)
+{
+   BSON_ASSERT_PARAM(cache);
+   BSON_OPTIONAL_PARAM(token);
+
+   char *old_token;
+
+   // Lock to update token:
+   {
+      bson_shared_mutex_lock(&cache->lock);
+      old_token = cache->token;
+      cache->token = bson_strdup(token);
+      bson_shared_mutex_unlock(&cache->lock);
+   }
+   bson_free(old_token);
+}
+
+char *
+mongoc_oidc_cache_get_token(mongoc_oidc_cache_t *cache, bool *found_in_cache, bson_error_t *error)
+{
+   BSON_ASSERT_PARAM(cache);
+   BSON_ASSERT_PARAM(found_in_cache);
+   BSON_OPTIONAL_PARAM(error);
+
+   char *token = NULL;
+
+   *found_in_cache = false;
+
+   if (!cache->callback) {
+      SET_ERROR("MONGODB-OIDC requested, but no callback set");
+      return NULL;
+   }
+
+   token = mongoc_oidc_cache_get_cached_token(cache);
+   if (NULL != token) {
+      *found_in_cache = true;
+      return token;
+   }
+
+   // Prepare to call callback outside of lock:
+   mongoc_oidc_credential_t *cred = NULL;
+   mongoc_oidc_callback_params_t *params = mongoc_oidc_callback_params_new();
+   mongoc_oidc_callback_params_set_user_data(params, mongoc_oidc_callback_get_user_data(cache->callback));
+   // From spec: "If CSOT is not applied, then the driver MUST use 1 minute as the timeout."
+   // The timeout parameter (when set) is meant to be directly compared against bson_get_monotonic_time(). It is a
+   // time point, not a duration.
+   mongoc_oidc_callback_params_set_timeout(
+      params, mlib_microseconds_count(mlib_time_add(mlib_now(), mlib_duration(60, s)).time_since_monotonic_start));
+
+   // Obtain write-lock:
+   {
+      bson_shared_mutex_lock(&cache->lock);
+      // Check if another thread populated cache between checking cached token and obtaining write lock:
+      if (cache->token) {
+         *found_in_cache = true;
+         token = bson_strdup(cache->token);
+         goto unlock_and_return;
+      }
+
+      // From spec: "Wait until it has been at least 100ms since the last callback invocation"
+      if (cache->ever_called) {
+         mlib_duration since_last_call = mlib_time_difference(mlib_now(), cache->last_called);
+         if (mlib_duration_cmp(since_last_call, <, (100, ms))) {
+            mlib_duration to_sleep = mlib_duration((100, ms), minus, since_last_call);
+            cache->usleep_fn(mlib_microseconds_count(to_sleep), cache->usleep_data);
+         }
+      }
+
+      // Call callback:
+      cred = mongoc_oidc_callback_get_fn(cache->callback)(params);
+
+      cache->last_called = mlib_now();
+      cache->ever_called = true;
+
+      if (!cred) {
+         SET_ERROR("MONGODB-OIDC callback failed");
+         goto unlock_and_return;
+      }
+
+      token = bson_strdup(mongoc_oidc_credential_get_access_token(cred));
+      cache->token = bson_strdup(token); // Cache a copy.
+
+   unlock_and_return:
+      bson_shared_mutex_unlock(&cache->lock);
+   }
+   mongoc_oidc_callback_params_destroy(params);
+   mongoc_oidc_credential_destroy(cred);
+   return token;
+}
+
+void
+mongoc_oidc_cache_invalidate_token(mongoc_oidc_cache_t *cache, const char *token)
+{
+   BSON_ASSERT_PARAM(cache);
+   BSON_ASSERT_PARAM(token);
+
+   char *old_token = NULL;
+
+   // Lock to clear token
+   {
+      bson_shared_mutex_lock(&cache->lock);
+      if (cache->token && 0 == strcmp(cache->token, token)) {
+         old_token = cache->token;
+         cache->token = NULL;
+      }
+      bson_shared_mutex_unlock(&cache->lock);
+   }
+
+   bson_free(old_token);
+}

src/libmongoc/src/mongoc/mongoc-oidc-callback.c

@@ -28,7 +28,7 @@ struct _mongoc_oidc_callback_t {
 struct _mongoc_oidc_callback_params_t {
    void *user_data;
    char *username;
-   int64_t timeout; // Guarded by timeout_is_set.
+   int64_t timeout; // Guarded by timeout_is_set. In microseconds since monotonic clock start.
    int32_t version;
    bool cancelled_with_timeout;
    bool timeout_is_set;

src/libmongoc/tests/test-libmongoc-main.c

@@ -160,6 +160,7 @@ main(int argc, char *argv[])
    TEST_INSTALL(test_service_gcp_install);
    TEST_INSTALL(test_mcd_nsinfo_install);
    TEST_INSTALL(test_bulkwrite_install);
+   TEST_INSTALL(test_mongoc_oidc_install);
    TEST_INSTALL(test_mongoc_oidc_callback_install);
    TEST_INSTALL(test_secure_channel_install);
    TEST_INSTALL(test_stream_tracker_install);