[SERVER-75825] Remove mechanism activation checks in SaslOIDCServerMechanism Created: 07/Apr/23 Updated: 10/Apr/23 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | neweng | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Assigned Teams: |
Server Security
|
| Participants: |
| Description |
|
SaslOIDCServerMechanism checks whether the OIDC mechanism is activated before performing OIDC authentication steps, or before affirming that it is able to auth a user. These checks are unnecessary. The SASLMechanismRegistry will perform these checks before loading SaslOIDCServerMechanism's factory. Additional defense is unnecessary, and prevents us from easily invoking the Mechanism in a unittest. |