/**
* Authenticates a connection
*
* Returns:
* 0: when authentication (or getting nonce) fails, or unknown auth mechanism is set - with the error_message set
* 1: when it worked
* 2: when no need to authenticate (i.e. no credentials provided)
*/
int mongo_connection_authenticate(mongo_con_manager *manager, mongo_connection *con, mongo_server_options *options, mongo_server_def *server_def, char **error_message)
{
char *nonce;
int retval = 0;
switch (server_def->mechanism) {
case MONGO_AUTH_MECHANISM_MONGODB_CR:
if (!server_def->db || !server_def->username || !server_def->password) {
return 2;
}
nonce = mongo_connection_getnonce(manager, con, options, error_message);
if (!nonce) {
return 0;
}
retval = mongo_connection_authenticate_mongodb_cr(manager, con, options, server_def->authdb ? server_def->authdb : server_def->db, server_def->username, server_def->password, nonce, error_message);
free(nonce);
break;
case MONGO_AUTH_MECHANISM_MONGODB_X509:
retval = mongo_connection_authenticate_mongodb_x509(manager, con, options, server_def->authdb ? server_def->authdb : server_def->db, server_def->username, error_message);
break;
default:
*error_message = strdup("Only MongoDB-CR and MONGODB-X509 authentication mechanisms is supported by this build");
return 0;
}
return retval;
}
/* Helpers */
static int authenticate_connection(mongo_con_manager *manager, mongo_connection *con, mongo_server_options *options, char *database, char *username, char *password, char **error_message)
{
char *nonce;
int retval = 0;
nonce = mongo_connection_getnonce(manager, con, options, error_message);
if (!nonce) {
return 0;
}
retval = mongo_connection_authenticate(manager, con, options, database, username, password, nonce, error_message);
free(nonce);
return retval;
}