PHP Laravel MongoDB SCRAM Failure: invalid salt length of 16 in sasl step2

Question

Hoping you are doing great.

We are recently trying to migrate to Azure Cosmos and facing the following issue while trying to connect our Laravel Application with Mongodb. Connection with Studio 3T works fine.

Connection URI:

mongodb+srv://[email protected]/?tls=true&authMechanism=SCRAM-SHA-256&retrywrites=false&maxIdleTimeMS=120000

Any help would be greatly appreciated.

Answer 1

I'm encountering the same issue and raised a SR on Microsoft. They confirmed this to be a bug:

I am writing to inform you that I have checked with our product team, and they have confirmed the presence of a bug in connecting vCore MongoDB for CosmosDB cluster with Mongo PHP driver.
[...]
there is currently no ETA available

Answer 2

I think Microsoft is sending a salt appropriate to SHA-1 when it should be longer for SHA-256.

SHA-1 has a 160-bit = 20 byte length, but apparently the last four are replaced with 0x1 so 16 is the appropriate length of the decoded salt. SHA-256 is 256-bit = 32 bytes, 32 - 4 = 28 bytes should be received. The Mongo driver checks for this and errors out if the user salt is of an incorrect size.