Add Kubernetes Support for OIDC

XMLWordPrintableJSON

    • Type: Task
    • Resolution: Fixed
    • Priority: Unknown
    • 2.3.0
    • Affects Version/s: None
    • Component/s: Authentication
    • None
    • Needed
    • Hide

      1. What would you like to communicate to the user about this feature?

      Update https://www.mongodb.com/docs/languages/c/c-driver/current/security/authentication/#oidc to show example of Kubernetes.

      2. Would you like the user to see examples of the syntax and/or executable code and its output?

      See PyMongo docs for an example: https://www.mongodb.com/docs/languages/python/pymongo-driver/current/security/authentication/oidc/#kubernetes. Extending existing patterns on the C driver page:

         // Create client configured with Kubernetes OIDC:
   mongoc_client_t *client;
   {
      mongoc_uri_t *uri = mongoc_uri_new_with_error(getenv("MONGODB_URI"), &error);
      ASSERT_WITH_ERROR(uri, error);
      mongoc_uri_set_auth_mechanism(uri, "MONGODB-OIDC");
      bson_t mechanism_properties = BSON_INITIALIZER;
      BSON_APPEND_UTF8(&mechanism_properties, "ENVIRONMENT", "k8s");
      ASSERT(mongoc_uri_set_mechanism_properties(uri, &mechanism_properties));
      client = mongoc_client_new_from_uri_with_error(uri, &error);
      ASSERT_WITH_ERROR(client, error);
      bson_destroy(&mechanism_properties);
      mongoc_uri_destroy(uri);
   }

      3. Which versions of the driver/connector does this apply to?

      C driver 2.3.0 (not-yet released at time of writing).

      Show
      1. What would you like to communicate to the user about this feature? Update https://www.mongodb.com/docs/languages/c/c-driver/current/security/authentication/#oidc to show example of Kubernetes. 2. Would you like the user to see examples of the syntax and/or executable code and its output? See PyMongo docs for an example: https://www.mongodb.com/docs/languages/python/pymongo-driver/current/security/authentication/oidc/#kubernetes . Extending existing patterns on the C driver page: // Create client configured with Kubernetes OIDC: mongoc_client_t *client; { mongoc_uri_t *uri = mongoc_uri_new_with_error(getenv( "MONGODB_URI" ), &error); ASSERT_WITH_ERROR(uri, error); mongoc_uri_set_auth_mechanism(uri, "MONGODB-OIDC" ); bson_t mechanism_properties = BSON_INITIALIZER; BSON_APPEND_UTF8(&mechanism_properties, "ENVIRONMENT" , "k8s" ); ASSERT(mongoc_uri_set_mechanism_properties(uri, &mechanism_properties)); client = mongoc_client_new_from_uri_with_error(uri, &error); ASSERT_WITH_ERROR(client, error); bson_destroy(&mechanism_properties); mongoc_uri_destroy(uri); } 3. Which versions of the driver/connector does this apply to? C driver 2.3.0 (not-yet released at time of writing).
    • None
    • None
    • None
    • None
    • None
    • None

      This ticket was split from DRIVERS-2882, please see that ticket for a detailed description.

            Assignee:
            Kevin Albertson
            Reporter:
            TPM Jira Automations Bot
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: