open-vault/api/client_test.go

package api

import (
	"bytes"
	"io"
	"net/http"
	"os"
	"strings"
	"testing"

	"github.com/hashicorp/vault/sdk/helper/consts"
)

func init() {
	// Ensure our special envvars are not present
	os.Setenv("VAULT_ADDR", "")
	os.Setenv("VAULT_TOKEN", "")
}

func TestDefaultConfig_envvar(t *testing.T) {
	os.Setenv("VAULT_ADDR", "https://vault.mycompany.com")
	defer os.Setenv("VAULT_ADDR", "")

	config := DefaultConfig()
	if config.Address != "https://vault.mycompany.com" {
		t.Fatalf("bad: %s", config.Address)
	}

	os.Setenv("VAULT_TOKEN", "testing")
	defer os.Setenv("VAULT_TOKEN", "")

	client, err := NewClient(config)
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	if token := client.Token(); token != "testing" {
		t.Fatalf("bad: %s", token)
	}
}

func TestClientDefaultHttpClient(t *testing.T) {
	_, err := NewClient(&Config{
		HttpClient: http.DefaultClient,
	})
	if err != nil {
		t.Fatal(err)
	}
}

func TestClientNilConfig(t *testing.T) {
	client, err := NewClient(nil)
	if err != nil {
		t.Fatal(err)
	}
	if client == nil {
		t.Fatal("expected a non-nil client")
	}
}

func TestClientSetAddress(t *testing.T) {
	client, err := NewClient(nil)
	if err != nil {
		t.Fatal(err)
	}
	if err := client.SetAddress("http://172.168.2.1:8300"); err != nil {
		t.Fatal(err)
	}
	if client.addr.Host != "172.168.2.1:8300" {
		t.Fatalf("bad: expected: '172.168.2.1:8300' actual: %q", client.addr.Host)
	}
}

func TestClientToken(t *testing.T) {
	tokenValue := "foo"
	handler := func(w http.ResponseWriter, req *http.Request) {}

	config, ln := testHTTPServer(t, http.HandlerFunc(handler))
	defer ln.Close()

	client, err := NewClient(config)
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	client.SetToken(tokenValue)

	// Verify the token is set
	if v := client.Token(); v != tokenValue {
		t.Fatalf("bad: %s", v)
	}

	client.ClearToken()

	if v := client.Token(); v != "" {
		t.Fatalf("bad: %s", v)
	}
}

func TestClientBadToken(t *testing.T) {
	handler := func(w http.ResponseWriter, req *http.Request) {}

	config, ln := testHTTPServer(t, http.HandlerFunc(handler))
	defer ln.Close()

	client, err := NewClient(config)
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	client.SetToken("foo")
	_, err = client.RawRequest(client.NewRequest("PUT", "/"))
	if err != nil {
		t.Fatal(err)
	}

	client.SetToken("foo\u007f")
	_, err = client.RawRequest(client.NewRequest("PUT", "/"))
	if err == nil || !strings.Contains(err.Error(), "printable") {
		t.Fatalf("expected error due to bad token")
	}
}

func TestClientRedirect(t *testing.T) {
	primary := func(w http.ResponseWriter, req *http.Request) {
		w.Write([]byte("test"))
	}
	config, ln := testHTTPServer(t, http.HandlerFunc(primary))
	defer ln.Close()

	standby := func(w http.ResponseWriter, req *http.Request) {
		w.Header().Set("Location", config.Address)
		w.WriteHeader(307)
	}
	config2, ln2 := testHTTPServer(t, http.HandlerFunc(standby))
	defer ln2.Close()

	client, err := NewClient(config2)
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	// Set the token manually
	client.SetToken("foo")

	// Do a raw "/" request
	resp, err := client.RawRequest(client.NewRequest("PUT", "/"))
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	// Copy the response
	var buf bytes.Buffer
	io.Copy(&buf, resp.Body)

	// Verify we got the response from the primary
	if buf.String() != "test" {
		t.Fatalf("Bad: %s", buf.String())
	}
}

func TestClientEnvSettings(t *testing.T) {
	cwd, _ := os.Getwd()
	oldCACert := os.Getenv(EnvVaultCACert)
	oldCAPath := os.Getenv(EnvVaultCAPath)
	oldClientCert := os.Getenv(EnvVaultClientCert)
	oldClientKey := os.Getenv(EnvVaultClientKey)
	oldSkipVerify := os.Getenv(EnvVaultSkipVerify)
	oldMaxRetries := os.Getenv(EnvVaultMaxRetries)
	os.Setenv(EnvVaultCACert, cwd+"/test-fixtures/keys/cert.pem")
	os.Setenv(EnvVaultCAPath, cwd+"/test-fixtures/keys")
	os.Setenv(EnvVaultClientCert, cwd+"/test-fixtures/keys/cert.pem")
	os.Setenv(EnvVaultClientKey, cwd+"/test-fixtures/keys/key.pem")
	os.Setenv(EnvVaultSkipVerify, "true")
	os.Setenv(EnvVaultMaxRetries, "5")
	defer os.Setenv(EnvVaultCACert, oldCACert)
	defer os.Setenv(EnvVaultCAPath, oldCAPath)
	defer os.Setenv(EnvVaultClientCert, oldClientCert)
	defer os.Setenv(EnvVaultClientKey, oldClientKey)
	defer os.Setenv(EnvVaultSkipVerify, oldSkipVerify)
	defer os.Setenv(EnvVaultMaxRetries, oldMaxRetries)

	config := DefaultConfig()
	if err := config.ReadEnvironment(); err != nil {
		t.Fatalf("error reading environment: %v", err)
	}

	tlsConfig := config.HttpClient.Transport.(*http.Transport).TLSClientConfig
	if len(tlsConfig.RootCAs.Subjects()) == 0 {
		t.Fatalf("bad: expected a cert pool with at least one subject")
	}
	if tlsConfig.GetClientCertificate == nil {
		t.Fatalf("bad: expected client tls config to have a certificate getter")
	}
	if tlsConfig.InsecureSkipVerify != true {
		t.Fatalf("bad: %v", tlsConfig.InsecureSkipVerify)
	}
}

func TestClientDeprecatedEnvSettings(t *testing.T) {
	oldInsecure := os.Getenv(EnvVaultInsecure)
	os.Setenv(EnvVaultInsecure, "true")
	defer os.Setenv(EnvVaultInsecure, oldInsecure)

	config := DefaultConfig()
	if err := config.ReadEnvironment(); err != nil {
		t.Fatalf("error reading environment: %v", err)
	}

	tlsConfig := config.HttpClient.Transport.(*http.Transport).TLSClientConfig
	if tlsConfig.InsecureSkipVerify != true {
		t.Fatalf("bad: %v", tlsConfig.InsecureSkipVerify)
	}
}

func TestClientEnvNamespace(t *testing.T) {
	var seenNamespace string
	handler := func(w http.ResponseWriter, req *http.Request) {
		seenNamespace = req.Header.Get(consts.NamespaceHeaderName)
	}
	config, ln := testHTTPServer(t, http.HandlerFunc(handler))
	defer ln.Close()

	oldVaultNamespace := os.Getenv(EnvVaultNamespace)
	defer os.Setenv(EnvVaultNamespace, oldVaultNamespace)
	os.Setenv(EnvVaultNamespace, "test")

	client, err := NewClient(config)
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	_, err = client.RawRequest(client.NewRequest("GET", "/"))
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	if seenNamespace != "test" {
		t.Fatalf("Bad: %s", seenNamespace)
	}
}

func TestParsingRateAndBurst(t *testing.T) {
	var (
		correctFormat                    = "400:400"
		observedRate, observedBurst, err = parseRateLimit(correctFormat)
		expectedRate, expectedBurst      = float64(400), 400
	)
	if err != nil {
		t.Error(err)
	}
	if expectedRate != observedRate {
		t.Errorf("Expected rate %v but found %v", expectedRate, observedRate)
	}
	if expectedBurst != observedBurst {
		t.Errorf("Expected burst %v but found %v", expectedBurst, observedBurst)
	}
}

func TestParsingRateOnly(t *testing.T) {
	var (
		correctFormat                    = "400"
		observedRate, observedBurst, err = parseRateLimit(correctFormat)
		expectedRate, expectedBurst      = float64(400), 400
	)
	if err != nil {
		t.Error(err)
	}
	if expectedRate != observedRate {
		t.Errorf("Expected rate %v but found %v", expectedRate, observedRate)
	}
	if expectedBurst != observedBurst {
		t.Errorf("Expected burst %v but found %v", expectedBurst, observedBurst)
	}
}

func TestParsingErrorCase(t *testing.T) {
	var incorrectFormat = "foobar"
	var _, _, err = parseRateLimit(incorrectFormat)
	if err == nil {
		t.Error("Expected error, found no error")
	}
}

func TestClientTimeoutSetting(t *testing.T) {
	oldClientTimeout := os.Getenv(EnvVaultClientTimeout)
	os.Setenv(EnvVaultClientTimeout, "10")
	defer os.Setenv(EnvVaultClientTimeout, oldClientTimeout)
	config := DefaultConfig()
	config.ReadEnvironment()
	_, err := NewClient(config)
	if err != nil {
		t.Fatal(err)
	}
}

type roundTripperFunc func(*http.Request) (*http.Response, error)

func (rt roundTripperFunc) RoundTrip(r *http.Request) (*http.Response, error) {
	return rt(r)
}

func TestClientNonTransportRoundTripper(t *testing.T) {
	client := &http.Client{
		Transport: roundTripperFunc(http.DefaultTransport.RoundTrip),
	}

	_, err := NewClient(&Config{
		HttpClient: client,
	})
	if err != nil {
		t.Fatal(err)
	}
}

func TestClone(t *testing.T) {
	client1, err1 := NewClient(nil)
	if err1 != nil {
		t.Fatalf("NewClient failed: %v", err1)
	}
	client2, err2 := client1.Clone()
	if err2 != nil {
		t.Fatalf("Clone failed: %v", err2)
	}

	_ = client2
}
api: store token cookie, tests 2015-03-11 22:42:08 +00:00			`package api`

			`import (`
api: Support redirect for HA 2015-04-20 18:30:35 +00:00			`"bytes"`
			`"io"`
api: store token cookie, tests 2015-03-11 22:42:08 +00:00			`"net/http"`
Read environment variables for VAULT_HTTP_ADDR and VAULT_TOKEN 2015-04-23 15:43:20 +00:00			`"os"`
Don't allow non-printable characters in the API client's token (#3841) 2018-01-25 00:57:49 +00:00			`"strings"`
api: store token cookie, tests 2015-03-11 22:42:08 +00:00			`"testing"`
Add backwards compat support for API env vars (#7135) Several env vars got renamed in https://github.com/hashicorp/vault/pull/6306. This re-adds support for those. Indirectly addresses https://github.com/hashicorp/consul-template/pull/1233 although they should still update to the new values. 2019-07-17 10:29:25 +00:00
			`"github.com/hashicorp/vault/sdk/helper/consts"`
api: store token cookie, tests 2015-03-11 22:42:08 +00:00			`)`

Read environment variables for VAULT_HTTP_ADDR and VAULT_TOKEN 2015-04-23 15:43:20 +00:00			`func init() {`
			`// Ensure our special envvars are not present`
Use VAULT_ADDR instead 2015-04-23 15:46:22 +00:00			`os.Setenv("VAULT_ADDR", "")`
Read environment variables for VAULT_HTTP_ADDR and VAULT_TOKEN 2015-04-23 15:43:20 +00:00			`os.Setenv("VAULT_TOKEN", "")`
			`}`

			`func TestDefaultConfig_envvar(t *testing.T) {`
Use VAULT_ADDR instead 2015-04-23 15:46:22 +00:00			`os.Setenv("VAULT_ADDR", "https://vault.mycompany.com")`
			`defer os.Setenv("VAULT_ADDR", "")`
Read environment variables for VAULT_HTTP_ADDR and VAULT_TOKEN 2015-04-23 15:43:20 +00:00
			`config := DefaultConfig()`
			`if config.Address != "https://vault.mycompany.com" {`
			`t.Fatalf("bad: %s", config.Address)`
			`}`

			`os.Setenv("VAULT_TOKEN", "testing")`
			`defer os.Setenv("VAULT_TOKEN", "")`

			`client, err := NewClient(config)`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`if token := client.Token(); token != "testing" {`
			`t.Fatalf("bad: %s", token)`
			`}`
			`}`

Fix panic when setting a client http client with no transport (#3437) Fixes #3436 2017-10-09 12:49:20 +00:00			`func TestClientDefaultHttpClient(t *testing.T) {`
			`_, err := NewClient(&Config{`
			`HttpClient: http.DefaultClient,`
			`})`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`}`

Use default config and read environment by default while creating client object 2016-08-12 15:37:13 +00:00			`func TestClientNilConfig(t *testing.T) {`
			`client, err := NewClient(nil)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`if client == nil {`
			`t.Fatal("expected a non-nil client")`
			`}`
			`}`

			`func TestClientSetAddress(t *testing.T) {`
			`client, err := NewClient(nil)`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`if err := client.SetAddress("http://172.168.2.1:8300"); err != nil {`
			`t.Fatal(err)`
			`}`
			`if client.addr.Host != "172.168.2.1:8300" {`
			`t.Fatalf("bad: expected: '172.168.2.1:8300' actual: %q", client.addr.Host)`
			`}`
			`}`

api: store token cookie, tests 2015-03-11 22:42:08 +00:00			`func TestClientToken(t *testing.T) {`
			`tokenValue := "foo"`
Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`handler := func(w http.ResponseWriter, req *http.Request) {}`
api: store token cookie, tests 2015-03-11 22:42:08 +00:00
			`config, ln := testHTTPServer(t, http.HandlerFunc(handler))`
			`defer ln.Close()`

			`client, err := NewClient(config)`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`client.SetToken(tokenValue)`
api: store token cookie, tests 2015-03-11 22:42:08 +00:00
			`// Verify the token is set`
			`if v := client.Token(); v != tokenValue {`
			`t.Fatalf("bad: %s", v)`
			`}`

			`client.ClearToken()`

			`if v := client.Token(); v != "" {`
			`t.Fatalf("bad: %s", v)`
			`}`
			`}`
api: SetToken 2015-03-31 04:20:23 +00:00
Don't allow non-printable characters in the API client's token (#3841) 2018-01-25 00:57:49 +00:00			`func TestClientBadToken(t *testing.T) {`
			`handler := func(w http.ResponseWriter, req *http.Request) {}`

			`config, ln := testHTTPServer(t, http.HandlerFunc(handler))`
			`defer ln.Close()`

			`client, err := NewClient(config)`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`client.SetToken("foo")`
			`_, err = client.RawRequest(client.NewRequest("PUT", "/"))`
			`if err != nil {`
			`t.Fatal(err)`
			`}`

			`client.SetToken("foo\u007f")`
			`_, err = client.RawRequest(client.NewRequest("PUT", "/"))`
			`if err == nil \|\| !strings.Contains(err.Error(), "printable") {`
			`t.Fatalf("expected error due to bad token")`
			`}`
			`}`

api: Support redirect for HA 2015-04-20 18:30:35 +00:00			`func TestClientRedirect(t *testing.T) {`
			`primary := func(w http.ResponseWriter, req *http.Request) {`
			`w.Write([]byte("test"))`
			`}`
			`config, ln := testHTTPServer(t, http.HandlerFunc(primary))`
			`defer ln.Close()`

			`standby := func(w http.ResponseWriter, req *http.Request) {`
			`w.Header().Set("Location", config.Address)`
			`w.WriteHeader(307)`
			`}`
			`config2, ln2 := testHTTPServer(t, http.HandlerFunc(standby))`
			`defer ln2.Close()`

			`client, err := NewClient(config2)`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

Update documentation around cookies 2015-09-03 14:36:59 +00:00			`// Set the token manually`
api: Support redirect for HA 2015-04-20 18:30:35 +00:00			`client.SetToken("foo")`

			`// Do a raw "/" request`
			`resp, err := client.RawRequest(client.NewRequest("PUT", "/"))`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`// Copy the response`
			`var buf bytes.Buffer`
			`io.Copy(&buf, resp.Body)`

			`// Verify we got the response from the primary`
			`if buf.String() != "test" {`
			`t.Fatalf("Bad: %s", buf.String())`
			`}`
			`}`
Move environment variable reading logic to API. This allows the same environment variables to be read, parsed, and used from any API client as was previously handled in the CLI. The CLI now uses the API environment variable reading capability, then overrides any values from command line flags, if necessary. Fixes #618 2015-11-03 19:21:14 +00:00
			`func TestClientEnvSettings(t *testing.T) {`
			`cwd, _ := os.Getwd()`
			`oldCACert := os.Getenv(EnvVaultCACert)`
			`oldCAPath := os.Getenv(EnvVaultCAPath)`
			`oldClientCert := os.Getenv(EnvVaultClientCert)`
			`oldClientKey := os.Getenv(EnvVaultClientKey)`
Support reading Vault's address from Agent's config file (#6306) * Support reading Vault's address from Agent's config file * use consts and switch * Add tls options to agent config vault block * Update command/agent/config/config.go Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com> * remove fmt.Printfs 2019-02-28 22:29:28 +00:00			`oldSkipVerify := os.Getenv(EnvVaultSkipVerify)`
Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00			`oldMaxRetries := os.Getenv(EnvVaultMaxRetries)`
Make the API client retry on 5xx errors. This should help with transient issues. Full control over min/max delays and number of retries (and ability to turn off) is provided in the API and via env vars. Fix tests. 2016-07-06 20:42:34 +00:00			`os.Setenv(EnvVaultCACert, cwd+"/test-fixtures/keys/cert.pem")`
			`os.Setenv(EnvVaultCAPath, cwd+"/test-fixtures/keys")`
			`os.Setenv(EnvVaultClientCert, cwd+"/test-fixtures/keys/cert.pem")`
			`os.Setenv(EnvVaultClientKey, cwd+"/test-fixtures/keys/key.pem")`
Support reading Vault's address from Agent's config file (#6306) * Support reading Vault's address from Agent's config file * use consts and switch * Add tls options to agent config vault block * Update command/agent/config/config.go Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com> * remove fmt.Printfs 2019-02-28 22:29:28 +00:00			`os.Setenv(EnvVaultSkipVerify, "true")`
Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00			`os.Setenv(EnvVaultMaxRetries, "5")`
Make the API client retry on 5xx errors. This should help with transient issues. Full control over min/max delays and number of retries (and ability to turn off) is provided in the API and via env vars. Fix tests. 2016-07-06 20:42:34 +00:00			`defer os.Setenv(EnvVaultCACert, oldCACert)`
			`defer os.Setenv(EnvVaultCAPath, oldCAPath)`
			`defer os.Setenv(EnvVaultClientCert, oldClientCert)`
			`defer os.Setenv(EnvVaultClientKey, oldClientKey)`
Support reading Vault's address from Agent's config file (#6306) * Support reading Vault's address from Agent's config file * use consts and switch * Add tls options to agent config vault block * Update command/agent/config/config.go Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com> * remove fmt.Printfs 2019-02-28 22:29:28 +00:00			`defer os.Setenv(EnvVaultSkipVerify, oldSkipVerify)`
Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00			`defer os.Setenv(EnvVaultMaxRetries, oldMaxRetries)`
Move environment variable reading logic to API. This allows the same environment variables to be read, parsed, and used from any API client as was previously handled in the CLI. The CLI now uses the API environment variable reading capability, then overrides any values from command line flags, if necessary. Fixes #618 2015-11-03 19:21:14 +00:00
			`config := DefaultConfig()`
			`if err := config.ReadEnvironment(); err != nil {`
			`t.Fatalf("error reading environment: %v", err)`
			`}`

			`tlsConfig := config.HttpClient.Transport.(*http.Transport).TLSClientConfig`
			`if len(tlsConfig.RootCAs.Subjects()) == 0 {`
			`t.Fatalf("bad: expected a cert pool with at least one subject")`
			`}`
Fix typo in test (and failure) 2017-11-13 15:35:36 +00:00			`if tlsConfig.GetClientCertificate == nil {`
Fix client test 2017-11-12 17:34:56 +00:00			`t.Fatalf("bad: expected client tls config to have a certificate getter")`
Move environment variable reading logic to API. This allows the same environment variables to be read, parsed, and used from any API client as was previously handled in the CLI. The CLI now uses the API environment variable reading capability, then overrides any values from command line flags, if necessary. Fixes #618 2015-11-03 19:21:14 +00:00			`}`
			`if tlsConfig.InsecureSkipVerify != true {`
all: Cleanup from running go vet 2016-04-13 19:38:29 +00:00			`t.Fatalf("bad: %v", tlsConfig.InsecureSkipVerify)`
Move environment variable reading logic to API. This allows the same environment variables to be read, parsed, and used from any API client as was previously handled in the CLI. The CLI now uses the API environment variable reading capability, then overrides any values from command line flags, if necessary. Fixes #618 2015-11-03 19:21:14 +00:00			`}`
			`}`
Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT (#3022) 2017-07-18 13:48:31 +00:00
Add backwards compat support for API env vars (#7135) Several env vars got renamed in https://github.com/hashicorp/vault/pull/6306. This re-adds support for those. Indirectly addresses https://github.com/hashicorp/consul-template/pull/1233 although they should still update to the new values. 2019-07-17 10:29:25 +00:00			`func TestClientDeprecatedEnvSettings(t *testing.T) {`
			`oldInsecure := os.Getenv(EnvVaultInsecure)`
			`os.Setenv(EnvVaultInsecure, "true")`
			`defer os.Setenv(EnvVaultInsecure, oldInsecure)`

			`config := DefaultConfig()`
			`if err := config.ReadEnvironment(); err != nil {`
			`t.Fatalf("error reading environment: %v", err)`
			`}`

			`tlsConfig := config.HttpClient.Transport.(*http.Transport).TLSClientConfig`
			`if tlsConfig.InsecureSkipVerify != true {`
			`t.Fatalf("bad: %v", tlsConfig.InsecureSkipVerify)`
			`}`
			`}`

api.NewClient() now uses $VAULT_NAMESPACE as an input. (#6470) * api.NewClient() now uses $VAULT_NAMESPACE as an input. * Remove bogus comments. 2019-03-25 18:23:59 +00:00			`func TestClientEnvNamespace(t *testing.T) {`
			`var seenNamespace string`
			`handler := func(w http.ResponseWriter, req *http.Request) {`
			`seenNamespace = req.Header.Get(consts.NamespaceHeaderName)`
			`}`
			`config, ln := testHTTPServer(t, http.HandlerFunc(handler))`
			`defer ln.Close()`

			`oldVaultNamespace := os.Getenv(EnvVaultNamespace)`
			`defer os.Setenv(EnvVaultNamespace, oldVaultNamespace)`
			`os.Setenv(EnvVaultNamespace, "test")`

			`client, err := NewClient(config)`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`_, err = client.RawRequest(client.NewRequest("GET", "/"))`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`if seenNamespace != "test" {`
			`t.Fatalf("Bad: %s", seenNamespace)`
			`}`
			`}`

Client side rate limiting (#4421) 2018-05-11 14:42:06 +00:00			`func TestParsingRateAndBurst(t *testing.T) {`
			`var (`
			`correctFormat = "400:400"`
			`observedRate, observedBurst, err = parseRateLimit(correctFormat)`
Fix syntax errors causing api package to fail tests (#4555) 2018-05-11 20:28:03 +00:00			`expectedRate, expectedBurst = float64(400), 400`
Client side rate limiting (#4421) 2018-05-11 14:42:06 +00:00			`)`
			`if err != nil {`
			`t.Error(err)`
			`}`
			`if expectedRate != observedRate {`
			`t.Errorf("Expected rate %v but found %v", expectedRate, observedRate)`
			`}`
			`if expectedBurst != observedBurst {`
Correct variables in "got %v expect %v" errors (#6437) 2019-03-19 16:34:13 +00:00			`t.Errorf("Expected burst %v but found %v", expectedBurst, observedBurst)`
Client side rate limiting (#4421) 2018-05-11 14:42:06 +00:00			`}`
			`}`

			`func TestParsingRateOnly(t *testing.T) {`
			`var (`
			`correctFormat = "400"`
			`observedRate, observedBurst, err = parseRateLimit(correctFormat)`
Fix syntax errors causing api package to fail tests (#4555) 2018-05-11 20:28:03 +00:00			`expectedRate, expectedBurst = float64(400), 400`
Client side rate limiting (#4421) 2018-05-11 14:42:06 +00:00			`)`
			`if err != nil {`
			`t.Error(err)`
			`}`
			`if expectedRate != observedRate {`
			`t.Errorf("Expected rate %v but found %v", expectedRate, observedRate)`
			`}`
			`if expectedBurst != observedBurst {`
Correct variables in "got %v expect %v" errors (#6437) 2019-03-19 16:34:13 +00:00			`t.Errorf("Expected burst %v but found %v", expectedBurst, observedBurst)`
Client side rate limiting (#4421) 2018-05-11 14:42:06 +00:00			`}`
			`}`

			`func TestParsingErrorCase(t *testing.T) {`
			`var incorrectFormat = "foobar"`
Fix syntax errors causing api package to fail tests (#4555) 2018-05-11 20:28:03 +00:00			`var _, _, err = parseRateLimit(incorrectFormat)`
Client side rate limiting (#4421) 2018-05-11 14:42:06 +00:00			`if err == nil {`
			`t.Error("Expected error, found no error")`
			`}`
			`}`

Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT (#3022) 2017-07-18 13:48:31 +00:00			`func TestClientTimeoutSetting(t *testing.T) {`
			`oldClientTimeout := os.Getenv(EnvVaultClientTimeout)`
			`os.Setenv(EnvVaultClientTimeout, "10")`
			`defer os.Setenv(EnvVaultClientTimeout, oldClientTimeout)`
			`config := DefaultConfig()`
			`config.ReadEnvironment()`
Redo API client locking (#4551) * Redo API client locking This assigns local values when in critical paths, allowing a single API client to much more quickly and safely pipeline requests. Additionally, in order to take that paradigm all the way it changes how timeouts are set. It now uses a context value set on the request instead of configuring the timeout in the http client per request, which was also potentially quite racy. Trivially tested with VAULT_CLIENT_TIMEOUT=2 vault write pki/root/generate/internal key_type=rsa key_bits=8192 2018-05-25 18:38:06 +00:00			`_, err := NewClient(config)`
Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT (#3022) 2017-07-18 13:48:31 +00:00			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`}`
do not panic when Client.Transport is not *http.Transport (#3440) 2017-10-10 12:46:54 +00:00
			`type roundTripperFunc func(http.Request) (http.Response, error)`

			`func (rt roundTripperFunc) RoundTrip(r http.Request) (http.Response, error) {`
			`return rt(r)`
			`}`

			`func TestClientNonTransportRoundTripper(t *testing.T) {`
			`client := &http.Client{`
			`Transport: roundTripperFunc(http.DefaultTransport.RoundTrip),`
			`}`

			`_, err := NewClient(&Config{`
			`HttpClient: client,`
			`})`
			`if err != nil {`
			`t.Fatal(err)`
			`}`
			`}`
Only call ConfigureTransport if "h2" is not already in NextProtos. Fixes #3435 2017-10-27 18:08:30 +00:00
			`func TestClone(t *testing.T) {`
			`client1, err1 := NewClient(nil)`
			`if err1 != nil {`
			`t.Fatalf("NewClient failed: %v", err1)`
			`}`
			`client2, err2 := client1.Clone()`
			`if err2 != nil {`
			`t.Fatalf("Clone failed: %v", err2)`
			`}`

			`_ = client2`
			`}`