GODRIVER-3331 Fix default authSource for SRV connections (#1795)

Author: blink1073

.evergreen/config.yml

@@ -1804,7 +1804,7 @@ tasks:
   - name: "testgcpkms-task"
     commands:
     - command: shell.exec
-      type: setup
+      type: test
       params:
         shell: "bash"
         working_dir: src/go.mongodb.org/mongo-driver
@@ -1893,7 +1893,7 @@ tasks:
   - name: "testazurekms-task"
     commands:
     - command: shell.exec
-      type: setup
+      type: test
       params:
         shell: "bash"
         working_dir: src/go.mongodb.org/mongo-driver
@@ -1964,6 +1964,7 @@ tasks:
           role_arn: ${LAMBDA_AWS_ROLE_ARN}
           duration_seconds: 3600
       - command: shell.exec
+        type: test
         params:
           working_dir: src/go.mongodb.org/mongo-driver
           shell: bash
@@ -1986,6 +1987,7 @@ tasks:
   - name: "oidc-auth-test-azure"
     commands:
     - command: shell.exec
+      type: test
       params:
         working_dir: src/go.mongodb.org/mongo-driver
         shell: bash
@@ -2011,6 +2013,7 @@ tasks:
   - name: "oidc-auth-test-gcp"
     commands:
     - command: shell.exec
+      type: test
       params:
         working_dir: src/go.mongodb.org/mongo-driver
         shell: bash
@@ -2735,7 +2738,7 @@ buildvariants:
   - name: testoidc-variant
     display_name: "OIDC"
     run_on:
-      - ubuntu2204-large
+      - ubuntu2204-small
     expansions:
       GO_DIST: "/opt/golang/go1.22"
     tasks:

mongo/options/clientoptions_test.go

@@ -589,7 +589,7 @@ func TestClientOptions(t *testing.T) {
 				},
 			},
 			{
-				"tmp",
+				"oidc azure",
 				"mongodb://example.com/?authMechanism=MONGODB-OIDC&authMechanismProperties=TOKEN_RESOURCE:mongodb://test-cluster,ENVIRONMENT:azureManagedIdentities",
 				&ClientOptions{
 					Hosts: []string{"example.com"},
@@ -600,6 +600,18 @@ func TestClientOptions(t *testing.T) {
 					HTTPClient: httputil.DefaultHTTPClient,
 				},
 			},
+			{
+				"oidc gcp",
+				"mongodb://test.mongodb.net/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:gcp,TOKEN_RESOURCE:mongodb://test-cluster",
+				&ClientOptions{
+					Hosts: []string{"test.mongodb.net"},
+					Auth: &Credential{AuthMechanism: "MONGODB-OIDC", AuthSource: "$external", AuthMechanismProperties: map[string]string{
+						"ENVIRONMENT":    "gcp",
+						"TOKEN_RESOURCE": "mongodb://test-cluster"}},
+					err:        nil,
+					HTTPClient: httputil.DefaultHTTPClient,
+				},
+			},
 			{
 				"comma in key:value pair causes error",
 				"mongodb://example.com/?authMechanismProperties=TOKEN_RESOURCE:mongodb://host1%2Chost2",

x/mongo/driver/connstring/connstring.go

@@ -297,6 +297,10 @@ func (u *ConnString) setDefaultAuthParams(dbName string) error {
 		}
 		fallthrough
 	case "mongodb-aws", "mongodb-x509", "mongodb-oidc":
+		// dns.LookupTXT will get "authSource=admin" from Atlas hosts.
+		if u.AuthSource == "admin" {
+			u.AuthSource = "$external"
+		}
 		if u.AuthSource == "" {
 			u.AuthSource = "$external"
 		} else if u.AuthSource != "$external" {

x/mongo/driver/connstring/connstring_test.go

@@ -90,6 +90,28 @@ func TestAuthSource(t *testing.T) {
 			}
 		})
 	}
+
+	tests = []struct {
+		s        string
+		expected string
+		err      bool
+	}{
+		{s: "authMechanismProperties=ENVIRONMENT:gcp,TOKEN_RESOURCE:mongodb://test-cluster", expected: "$external"},
+	}
+
+	for _, test := range tests {
+		s := fmt.Sprintf("mongodb://test.mongodb.net/?authMechanism=MONGODB-OIDC&/%s", test.s)
+		t.Run(s, func(t *testing.T) {
+			cs, err := connstring.ParseAndValidate(s)
+			if test.err {
+				require.Error(t, err)
+			} else {
+				require.NoError(t, err)
+				require.Equal(t, test.expected, cs.AuthSource)
+			}
+		})
+	}
+
 }
 
 func TestConnect(t *testing.T) {