2016-09-21 14:29:42 +00:00
|
|
|
package audit
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
2018-03-08 19:21:11 +00:00
|
|
|
"context"
|
2016-09-21 14:29:42 +00:00
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"errors"
|
|
|
|
|
2017-06-05 22:04:31 +00:00
|
|
|
"fmt"
|
2017-10-11 17:21:20 +00:00
|
|
|
|
2018-09-18 03:03:00 +00:00
|
|
|
"github.com/hashicorp/vault/helper/namespace"
|
2019-04-12 21:54:35 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/helper/salt"
|
|
|
|
"github.com/hashicorp/vault/sdk/logical"
|
2016-09-21 14:29:42 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestFormatJSONx_formatRequest(t *testing.T) {
|
2018-03-08 19:21:11 +00:00
|
|
|
salter, err := salt.NewSalt(context.Background(), nil, nil)
|
2017-05-24 00:36:20 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatal(err)
|
|
|
|
}
|
2018-03-08 19:21:11 +00:00
|
|
|
saltFunc := func(context.Context) (*salt.Salt, error) {
|
2017-05-24 00:36:20 +00:00
|
|
|
return salter, nil
|
|
|
|
}
|
2017-06-05 22:04:31 +00:00
|
|
|
|
|
|
|
fooSalted := salter.GetIdentifiedHMAC("foo")
|
2020-05-29 17:30:47 +00:00
|
|
|
issueTime, _ := time.Parse(time.RFC3339, "2020-05-28T13:40:18-05:00")
|
2017-06-05 22:04:31 +00:00
|
|
|
|
2016-09-21 14:29:42 +00:00
|
|
|
cases := map[string]struct {
|
2017-06-05 22:04:31 +00:00
|
|
|
Auth *logical.Auth
|
|
|
|
Req *logical.Request
|
|
|
|
Err error
|
|
|
|
Prefix string
|
|
|
|
Result string
|
|
|
|
ExpectedStr string
|
2016-09-21 14:29:42 +00:00
|
|
|
}{
|
|
|
|
"auth, request": {
|
2018-10-15 16:56:24 +00:00
|
|
|
&logical.Auth{
|
2019-06-14 14:17:04 +00:00
|
|
|
ClientToken: "foo",
|
|
|
|
Accessor: "bar",
|
|
|
|
DisplayName: "testtoken",
|
|
|
|
EntityID: "foobarentity",
|
|
|
|
NoDefaultPolicy: true,
|
|
|
|
Policies: []string{"root"},
|
|
|
|
TokenType: logical.TokenTypeService,
|
2020-05-29 17:30:47 +00:00
|
|
|
LeaseOptions: logical.LeaseOptions{
|
|
|
|
TTL: time.Hour * 4,
|
|
|
|
IssueTime: issueTime,
|
|
|
|
},
|
2018-10-15 16:56:24 +00:00
|
|
|
},
|
2016-09-21 14:29:42 +00:00
|
|
|
&logical.Request{
|
2019-05-28 21:24:30 +00:00
|
|
|
ID: "request",
|
|
|
|
ClientToken: "foo",
|
|
|
|
ClientTokenAccessor: "bar",
|
|
|
|
Operation: logical.UpdateOperation,
|
|
|
|
Path: "/foo",
|
2016-09-21 14:29:42 +00:00
|
|
|
Connection: &logical.Connection{
|
|
|
|
RemoteAddr: "127.0.0.1",
|
|
|
|
},
|
2017-01-04 21:44:03 +00:00
|
|
|
WrapInfo: &logical.RequestWrapInfo{
|
|
|
|
TTL: 60 * time.Second,
|
|
|
|
},
|
2017-02-02 19:49:20 +00:00
|
|
|
Headers: map[string][]string{
|
|
|
|
"foo": []string{"bar"},
|
|
|
|
},
|
2019-05-28 21:24:30 +00:00
|
|
|
PolicyOverride: true,
|
2016-09-21 14:29:42 +00:00
|
|
|
},
|
|
|
|
errors.New("this is an error"),
|
|
|
|
"",
|
2017-02-11 00:56:28 +00:00
|
|
|
"",
|
2020-05-29 17:30:47 +00:00
|
|
|
fmt.Sprintf(`<json:object name="auth"><json:string name="accessor">bar</json:string><json:string name="client_token">%s</json:string><json:string name="display_name">testtoken</json:string><json:string name="entity_id">foobarentity</json:string><json:boolean name="no_default_policy">true</json:boolean><json:array name="policies"><json:string>root</json:string></json:array><json:string name="token_issue_time">2020-05-28T13:40:18-05:00</json:string><json:number name="token_ttl">14400</json:number><json:string name="token_type">service</json:string></json:object><json:string name="error">this is an error</json:string><json:object name="request"><json:string name="client_token">%s</json:string><json:string name="client_token_accessor">bar</json:string><json:object name="headers"><json:array name="foo"><json:string>bar</json:string></json:array></json:object><json:string name="id">request</json:string><json:object name="namespace"><json:string name="id">root</json:string></json:object><json:string name="operation">update</json:string><json:string name="path">/foo</json:string><json:boolean name="policy_override">true</json:boolean><json:string name="remote_address">127.0.0.1</json:string><json:number name="wrap_ttl">60</json:number></json:object><json:string name="type">request</json:string>`,
|
2019-05-28 21:24:30 +00:00
|
|
|
fooSalted, fooSalted),
|
2017-02-11 00:56:28 +00:00
|
|
|
},
|
|
|
|
"auth, request with prefix": {
|
2018-10-15 16:56:24 +00:00
|
|
|
&logical.Auth{
|
2019-06-14 14:17:04 +00:00
|
|
|
ClientToken: "foo",
|
|
|
|
Accessor: "bar",
|
|
|
|
DisplayName: "testtoken",
|
|
|
|
NoDefaultPolicy: true,
|
|
|
|
EntityID: "foobarentity",
|
|
|
|
Policies: []string{"root"},
|
|
|
|
TokenType: logical.TokenTypeService,
|
2020-05-29 17:30:47 +00:00
|
|
|
LeaseOptions: logical.LeaseOptions{
|
|
|
|
TTL: time.Hour * 4,
|
|
|
|
IssueTime: issueTime,
|
|
|
|
},
|
2018-10-15 16:56:24 +00:00
|
|
|
},
|
2017-02-11 00:56:28 +00:00
|
|
|
&logical.Request{
|
2019-05-28 21:24:30 +00:00
|
|
|
ID: "request",
|
|
|
|
ClientToken: "foo",
|
|
|
|
ClientTokenAccessor: "bar",
|
|
|
|
Operation: logical.UpdateOperation,
|
|
|
|
Path: "/foo",
|
2017-02-11 00:56:28 +00:00
|
|
|
Connection: &logical.Connection{
|
|
|
|
RemoteAddr: "127.0.0.1",
|
|
|
|
},
|
|
|
|
WrapInfo: &logical.RequestWrapInfo{
|
|
|
|
TTL: 60 * time.Second,
|
|
|
|
},
|
|
|
|
Headers: map[string][]string{
|
|
|
|
"foo": []string{"bar"},
|
|
|
|
},
|
2019-05-28 21:24:30 +00:00
|
|
|
PolicyOverride: true,
|
2017-02-11 00:56:28 +00:00
|
|
|
},
|
|
|
|
errors.New("this is an error"),
|
|
|
|
"",
|
|
|
|
"@cee: ",
|
2020-05-29 17:30:47 +00:00
|
|
|
fmt.Sprintf(`<json:object name="auth"><json:string name="accessor">bar</json:string><json:string name="client_token">%s</json:string><json:string name="display_name">testtoken</json:string><json:string name="entity_id">foobarentity</json:string><json:boolean name="no_default_policy">true</json:boolean><json:array name="policies"><json:string>root</json:string></json:array><json:string name="token_issue_time">2020-05-28T13:40:18-05:00</json:string><json:number name="token_ttl">14400</json:number><json:string name="token_type">service</json:string></json:object><json:string name="error">this is an error</json:string><json:object name="request"><json:string name="client_token">%s</json:string><json:string name="client_token_accessor">bar</json:string><json:object name="headers"><json:array name="foo"><json:string>bar</json:string></json:array></json:object><json:string name="id">request</json:string><json:object name="namespace"><json:string name="id">root</json:string></json:object><json:string name="operation">update</json:string><json:string name="path">/foo</json:string><json:boolean name="policy_override">true</json:boolean><json:string name="remote_address">127.0.0.1</json:string><json:number name="wrap_ttl">60</json:number></json:object><json:string name="type">request</json:string>`,
|
2019-05-28 21:24:30 +00:00
|
|
|
fooSalted, fooSalted),
|
2016-09-21 14:29:42 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for name, tc := range cases {
|
|
|
|
var buf bytes.Buffer
|
|
|
|
formatter := AuditFormatter{
|
2017-02-11 00:56:28 +00:00
|
|
|
AuditFormatWriter: &JSONxFormatWriter{
|
2017-05-24 00:36:20 +00:00
|
|
|
Prefix: tc.Prefix,
|
|
|
|
SaltFunc: saltFunc,
|
2017-02-11 00:56:28 +00:00
|
|
|
},
|
2016-09-21 14:29:42 +00:00
|
|
|
}
|
|
|
|
config := FormatterConfig{
|
2017-06-05 22:04:31 +00:00
|
|
|
OmitTime: true,
|
|
|
|
HMACAccessor: false,
|
2016-09-21 14:29:42 +00:00
|
|
|
}
|
2019-05-22 22:52:53 +00:00
|
|
|
in := &logical.LogInput{
|
2018-03-02 17:18:39 +00:00
|
|
|
Auth: tc.Auth,
|
|
|
|
Request: tc.Req,
|
|
|
|
OuterErr: tc.Err,
|
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
if err := formatter.FormatRequest(namespace.RootContext(nil), &buf, config, in); err != nil {
|
2016-09-21 14:29:42 +00:00
|
|
|
t.Fatalf("bad: %s\nerr: %s", name, err)
|
|
|
|
}
|
|
|
|
|
2017-02-11 00:56:28 +00:00
|
|
|
if !strings.HasPrefix(buf.String(), tc.Prefix) {
|
|
|
|
t.Fatalf("no prefix: %s \n log: %s\nprefix: %s", name, tc.Result, tc.Prefix)
|
|
|
|
}
|
|
|
|
|
2017-06-05 22:04:31 +00:00
|
|
|
if !strings.HasSuffix(strings.TrimSpace(buf.String()), string(tc.ExpectedStr)) {
|
2016-09-21 14:29:42 +00:00
|
|
|
t.Fatalf(
|
|
|
|
"bad: %s\nResult:\n\n'%s'\n\nExpected:\n\n'%s'",
|
2017-06-05 22:04:31 +00:00
|
|
|
name, strings.TrimSpace(buf.String()), string(tc.ExpectedStr))
|
2016-09-21 14:29:42 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|