mongodb · dariakp · Mar 15, 2023 · Mar 13, 2023
@@ -403,7 +403,7 @@ export function parseOptions(
     ) {
       // If authSource was explicitly given and its incorrect, we error
       throw new MongoParseError(
-        `${mongoOptions.credentials} can only have authSource set to '$external'`
+        `authMechanism ${mongoOptions.credentials.mechanism} requires an authSource of '$external'`
       );
     }
 

@@ -237,6 +237,18 @@ describe('Connection String', function () {
     expect(options).to.not.have.property('credentials');
   });
 
+  for (const mechanism of ['GSSAPI', 'MONGODB-X509']) {
+    context(`when the authMechanism is ${mechanism} and authSource is NOT $external`, function () {
+      it('throws a MongoParseError', function () {
+        expect(() =>
+          parseOptions(`mongodb+srv://hostname/?authMechanism=${mechanism}&authSource=invalid`)
+        )
+          .to.throw(MongoParseError)
+          .to.match(/requires an authSource of '\$external'/);
+      });
+    });
+  }
+
   it('should omit credentials and not throw a MongoAPIError if the only auth related option is authSource', async () => {
     // The error we're looking to **not** see is
     // `new MongoInvalidArgumentError('No AuthProvider for ${credentials.mechanism} defined.')`