OIDC admin credentials (#1413)

JAVA-5450
# Conflicts:
#	driver-sync/src/test/functional/com/mongodb/internal/connection/OidcAuthenticationProseTests.java

Author: katcharov

.evergreen/run-mongodb-oidc-test.sh

@@ -34,7 +34,12 @@ fi
 which java
 export OIDC_TESTS_ENABLED=true
 
-./gradlew -Dorg.mongodb.test.uri="$MONGODB_URI" \
+# use admin credentials for tests
+TO_REPLACE="mongodb://"
+REPLACEMENT="mongodb://$OIDC_ADMIN_USER:$OIDC_ADMIN_PWD@"
+ADMIN_URI=${MONGODB_URI/$TO_REPLACE/$REPLACEMENT}
+
+./gradlew -Dorg.mongodb.test.uri="$ADMIN_URI" \
   --stacktrace --debug --info --no-build-cache driver-core:cleanTest \
   driver-sync:test --tests OidcAuthenticationProseTests --tests UnifiedAuthTest \
   driver-reactive-streams:test --tests OidcAuthenticationAsyncProseTests \

driver-sync/src/test/functional/com/mongodb/client/unified/Entities.java

@@ -18,6 +18,7 @@
 
 import com.mongodb.ClientEncryptionSettings;
 import com.mongodb.ClientSessionOptions;
+import com.mongodb.ConnectionString;
 import com.mongodb.MongoClientSettings;
 import com.mongodb.MongoCredential;
 import com.mongodb.ReadConcern;
@@ -535,6 +536,11 @@ private void initClient(final BsonDocument entity, final String id,
                                         "Unsupported authMechanismProperties for authMechanism: " + value);
                             }
 
+                            // override the org.mongodb.test.uri connection string
+                            String uri = getenv("MONGODB_URI");
+                            ConnectionString cs = new ConnectionString(uri);
+                            clientSettingsBuilder.applyConnectionString(cs);
+
                             String env = assertNotNull(getenv("OIDC_ENV"));
                             MongoCredential oidcCredential = MongoCredential
                                     .createOidcCredential(null)

driver-sync/src/test/functional/com/mongodb/internal/connection/OidcAuthenticationProseTests.java

@@ -232,6 +232,29 @@ public void test2p4InvalidClientConfigurationWithCallback() {
                 () -> performFind(settings));
     }
 
+    @Test
+    public void test2p5InvalidAllowedHosts() {
+        assumeTestEnvironment();
+
+        String uri = "mongodb://localhost/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:azure,TOKEN_RESOURCE:123";
+        ConnectionString cs = new ConnectionString(uri);
+        MongoCredential credential = assertNotNull(cs.getCredential())
+                .withMechanismProperty("ALLOWED_HOSTS", Collections.emptyList());
+        MongoClientSettings settings = MongoClientSettings.builder()
+                .applicationName(appName)
+                .applyConnectionString(cs)
+                .retryReads(false)
+                .credential(credential)
+                .build();
+        assertCause(IllegalArgumentException.class,
+                "ALLOWED_HOSTS must be specified only when OIDC_HUMAN_CALLBACK is specified",
+                () -> {
+                    try (MongoClient mongoClient = createMongoClient(settings)) {
+                        performFind(mongoClient);
+                    }
+                });
+    }
+
     @Test
     public void test3p1AuthFailsWithCachedToken() throws ExecutionException, InterruptedException, NoSuchFieldException, IllegalAccessException {
         TestCallback callbackWrapped = createCallback();