chore: support for OIDC connectivity between the MCP Server and a MongoDB Cluster MCP-84 #450
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
chore: first approach to OIDC integration chore: linter warnings chore: add jira auto-closing automation - MCP-102 (#441) chore: add jira auto-closing automation - MCP-102 (#441) chore: fix apix action version (#448) chore: fix linter checks chore: fix tests and eslint config Ignores any javascript or typescript file that is a test fixture. chore: more clean up chore: add test for token refresh chore: fix tests and eslint checks
There was a problem hiding this comment.
Pull Request Overview
This PR implements OIDC (OpenID Connect) authentication support for MongoDB connections, enabling the MCP Server to connect to MongoDB clusters using OIDC authentication flows. The changes introduce comprehensive OIDC support including both authorization code flow and device flow authentication patterns.
- Adds OIDC authentication support with auth flow and device flow mechanisms
- Updates ConnectionManager to handle OIDC connection states and authentication flows
- Expands test infrastructure to support OIDC testing with mock providers and enhanced MongoDB integration testing
Reviewed Changes
Copilot reviewed 19 out of 20 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| src/common/connectionManager.ts | Core OIDC implementation with connection state management and authentication flow handling |
| src/common/config.ts | Enhanced driver options configuration and OIDC-related type definitions |
| tests/integration/common/connectionManager.oidc.test.ts | Comprehensive OIDC integration tests covering both auth flows |
| tests/integration/tools/mongodb/mongodbHelpers.ts | Enhanced test helpers with server version detection and OIDC test support |
| src/tools/mongodb/mongodbTool.ts | Added OIDC device flow user prompts for authentication completion |
| tests/integration/helpers.ts | Updated test infrastructure to support driver options configuration |
| package.json | Added OIDC mock provider and semver dependencies for testing |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed changes
This allows users to use OIDC authentication between the MCP Server and the MongoDB Cluster. It adds a test suite to ensure that the different flows do work as expected.
There is a small change on the test suite. Now describeWithMongoDb allows to specify the mongodb version to download. This is useful if we want to test OIDC in other versions. Also, defaults testing in MongoDB enterprise, as it's like community but with more capabilities, and allows us to test OIDC.
Checklist