This is a minor refactoring on existing SCRAMSHA1AuthMechanism.

Common logic is moved to a new parent class SCRAMSHAAuthMechanism. Descendant classes SCRAMSHA1AuthMechanism and SCRAMSHA256AuthMechanism only customize the hash function to use.

This PR doesn't implement the handshake mentioned in pharo-nosql#87.

mc/Mongo-Core.package/MONGODBCRAuthMechanism.class/class/description.st

@@ -0,0 +1,3 @@
+accessing
+description
+	^ 'Challenge Response'

mc/Mongo-Core.package/MONGODBCRAuthMechanism.class/class/isAbstract.st

@@ -0,0 +1,3 @@
+accessing
+isAbstract
+	^ false

mc/Mongo-Core.package/MongoAuthMechanism.class/class/description.st

@@ -0,0 +1,3 @@
+accessing
+description
+	^ self subclassResponsibility 

mc/Mongo-Core.package/MongoAuthMechanism.class/class/isAbstract.st

@@ -0,0 +1,3 @@
+accessing
+isAbstract
+	^ true

mc/Mongo-Core.package/NoAuthMechanism.class/class/description.st

@@ -0,0 +1,3 @@
+accessing
+description
+	^ 'No authentication'

mc/Mongo-Core.package/NoAuthMechanism.class/class/isAbstract.st

@@ -0,0 +1,3 @@
+accessing
+isAbstract
+	^ false

mc/Mongo-Core.package/NoAuthMechanism.class/instance/authenticateUsername.password.forcedDatabase..st

@@ -0,0 +1,2 @@
+operations
+authenticateUsername: user password: pass forcedDatabase: aDatabase

mc/Mongo-Core.package/NoAuthMechanism.class/properties.json

@@ -0,0 +1,11 @@
+{
+	"commentStamp" : "",
+	"super" : "MongoAuthMechanism",
+	"category" : "Mongo-Core-Auth",
+	"classinstvars" : [ ],
+	"pools" : [ ],
+	"classvars" : [ ],
+	"instvars" : [ ],
+	"name" : "NoAuthMechanism",
+	"type" : "normal"
+}

mc/Mongo-Core.package/SCRAMAuthMechanism.class/README.md

@@ -0,0 +1 @@
+I implement SCRAM-SHA1 auth mechanism

mc/Mongo-Core.package/SCRAMAuthMechanism.class/class/authenticateAgainstAdmin.st

@@ -0,0 +1,3 @@
+accessing
+authenticateAgainstAdmin
+	overrideDB := true

mc/Mongo-Core.package/SCRAMAuthMechanism.class/class/isAbstract.st

@@ -0,0 +1,3 @@
+testing
+isAbstract
+	^ true

mc/Mongo-Core.package/SCRAMSHA1AuthMechanism.class/instance/authenticateUsername.password.forcedDatabase..st → mc/Mongo-Core.package/SCRAMAuthMechanism.class/instance/authenticateUsername.password.forcedDatabase..st

@@ -5,7 +5,7 @@ authenticateUsername: username password: password forcedDatabase: database
 	firstBare := 'n=' , username , ',r=' , nonce.
 	op := OrderedIdentityDictionary new
 		add: #saslStart -> 1;
-		add: #mechanism -> 'SCRAM-SHA-1';
+		add: #mechanism -> self mechanismName;
 		add: #payload -> ('n,,' , firstBare) asByteArray;
 		add: #autoAuthorize -> 1;
 		yourself.
@@ -21,16 +21,16 @@ authenticateUsername: username password: password forcedDatabase: database
 		ifFalse: [ ^ false	"Server returned an invalid nonce." ].
 	without_proof := 'c=biws,r=' , rnonce.
 	derivedKey := PBKDF2 new
-		hashFunction: SHA1;
+		hashFunction: self hashFunction;
 		password: (self digestUsername: username password: password);
 		salt: salt base64Decoded;
 		iterations: iterations asInteger;
 		length: 20;
 		deriveKey.
-	clientKey := (HMAC on: SHA1 new)
+	clientKey := (HMAC on: self hashFunction new)
 		key: derivedKey;
 		digestMessage: 'Client Key'.
-	storedKey := SHA1 hashMessage: clientKey.
+	storedKey := self hashFunction hashMessage: clientKey.
 	authMsg := ','
 		join:
 			{firstBare.
@@ -53,10 +53,10 @@ authenticateUsername: username password: password forcedDatabase: database
 		on: MongoCommandError
 		do: [ ^ false ].
 	parsed := self parseScramResponse: (resp at: #payload).
-	serverKey := (HMAC on: SHA1 new)
+	serverKey := (HMAC on: self hashFunction new)
 		key: derivedKey;
 		digestMessage: 'Server Key'.
-	serverSig := ((HMAC on: SHA1 new)
+	serverSig := ((HMAC on: self hashFunction new)
 		key: serverKey;
 		digestMessage: authMsg) base64Encoded.
 	(parsed at: #v) = serverSig

mc/Mongo-Core.package/SCRAMAuthMechanism.class/instance/hashFunction.st

@@ -0,0 +1,3 @@
+operations
+hashFunction
+	^ self subclassResponsibility

mc/Mongo-Core.package/SCRAMAuthMechanism.class/instance/mechanismName.st

@@ -0,0 +1,3 @@
+operations
+mechanismName
+    ^ self subclassResponsibility

mc/Mongo-Core.package/SCRAMAuthMechanism.class/properties.json

@@ -0,0 +1,11 @@
+{
+	"commentStamp" : "mikefilonov 6/11/2017 12:24",
+	"super" : "MongoAuthMechanism",
+	"category" : "Mongo-Core-Auth",
+	"classinstvars" : [ ],
+	"pools" : [ ],
+	"classvars" : [ ],
+	"instvars" : [ ],
+	"name" : "SCRAMAuthMechanism",
+	"type" : "normal"
+}

mc/Mongo-Core.package/SCRAMSHA1AuthMechanism.class/README.md

@@ -1,3 +1,3 @@
 I implement the SCRAM-SHA1 authentication mechanism.
 
-See: https://docs.mongodb.com/v4.0/core/security-scram/
+See: https://docs.mongodb.com/v4.0/core/security-scram/

mc/Mongo-Core.package/SCRAMSHA1AuthMechanism.class/class/description.st

@@ -0,0 +1,3 @@
+accessing
+description
+	^ 'SCRAM-SHA-1'

mc/Mongo-Core.package/SCRAMSHA1AuthMechanism.class/class/isAbstract.st

@@ -0,0 +1,3 @@
+accessing
+isAbstract
+	^ false

mc/Mongo-Core.package/SCRAMSHA1AuthMechanism.class/instance/hashFunction.st

@@ -0,0 +1,3 @@
+operations
+hashFunction
+	^ SHA1

mc/Mongo-Core.package/SCRAMSHA1AuthMechanism.class/instance/mechanismName.st

@@ -0,0 +1,3 @@
+operations
+mechanismName
+	^ 'SCRAM-SHA-1'

mc/Mongo-Core.package/SCRAMSHA1AuthMechanism.class/properties.json

@@ -1,11 +1,11 @@
 {
 	"commentStamp" : "MartinDias 10/23/2020 07:50",
-	"super" : "MongoAuthMechanism",
+	"super" : "SCRAMAuthMechanism",
 	"category" : "Mongo-Core-Auth",
 	"classinstvars" : [ ],
 	"pools" : [ ],
 	"classvars" : [ ],
 	"instvars" : [ ],
 	"name" : "SCRAMSHA1AuthMechanism",
 	"type" : "normal"
-}
+}

mc/Mongo-Core.package/SCRAMSHA256AuthMechanism.class/class/description.st

@@ -0,0 +1,3 @@
+accessing
+description
+	^ 'SCRAM-SHA-256'

mc/Mongo-Core.package/SCRAMSHA256AuthMechanism.class/class/isAbstract.st

@@ -0,0 +1,3 @@
+accessing
+isAbstract
+	^ false

mc/Mongo-Core.package/SCRAMSHA256AuthMechanism.class/instance/hashFunction.st

@@ -0,0 +1,3 @@
+operations
+hashFunction
+	^ SHA256

mc/Mongo-Core.package/SCRAMSHA256AuthMechanism.class/instance/mechanismName.st

@@ -0,0 +1,3 @@
+operations
+mechanismName
+	^ 'SCRAM-SHA-256'

mc/Mongo-Core.package/SCRAMSHA256AuthMechanism.class/properties.json

@@ -0,0 +1,11 @@
+{
+	"commentStamp" : "",
+	"super" : "SCRAMAuthMechanism",
+	"category" : "Mongo-Core-Auth",
+	"classinstvars" : [ ],
+	"pools" : [ ],
+	"classvars" : [ ],
+	"instvars" : [ ],
+	"name" : "SCRAMSHA256AuthMechanism",
+	"type" : "normal"
+}