Today, we parse a command request before parsing and validating the tenantId sent in either the security token or $tenant field. We'd like to instead parse and validate the tenantId before parsing the command and set a separate field on the OpMsg itself with the validated tenantId. That way, when parsing the command request, we can use this validated tenantId when constructing the NamespaceString for the command. In order to do this we'll need to:
*Add an optional field 'tenantId' to OpMsg\https://github.com/mongodb/mongo/blob/fd399c5a5d340f029fcd09b8de112f01d71761f0/src/mongo/rpc/op_msg.h#L54. If this is set, it should mean a validated tenantId was sent with the command (either as security token or $tenant)

• After parsing/validating the tenantId in rpc::readRequestMetadata, set the tenantId field on the OpMsg. We probably should to change auth::readSecurityTokenMetadata and parseDollarTenantFromRequest to return the tenantId as opposed to grabbing it from the opCtx, since we may remove these decorations in the future.
• Move the call to rpc::readRequestMetadata() to before we parse the request:
  • on mongod: it should be moved before we parse the command invocation here
  • on mongos: it should be moved before we parse the command invocation here
• Let's add a test in rpc/metadata_test.cpp that asserts the tenantId field is set on the opMsg after readRequestMetadata() is called only if the tenantId has been validated.