open-vault/http/sys_auth_test.go

package http

import (
	"encoding/json"
	"reflect"
	"testing"

	"github.com/hashicorp/vault/vault"
)

func TestSysAuth(t *testing.T) {
	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := TestServer(t, core)
	defer ln.Close()
	TestServerAuth(t, addr, token)

	resp := testHttpGet(t, token, addr+"/v1/sys/auth")

	var actual map[string]interface{}
	expected := map[string]interface{}{
		"lease_id":       "",
		"renewable":      false,
		"lease_duration": json.Number("0"),
		"wrap_info":      nil,
		"warnings":       nil,
		"auth":           nil,
		"data": map[string]interface{}{
			"token/": map[string]interface{}{
				"description": "token based credentials",
				"type":        "token",
				"config": map[string]interface{}{
					"default_lease_ttl": json.Number("0"),
					"max_lease_ttl":     json.Number("0"),
				},
				"local": false,
			},
		},
		"token/": map[string]interface{}{
			"description": "token based credentials",
			"type":        "token",
			"config": map[string]interface{}{
				"default_lease_ttl": json.Number("0"),
				"max_lease_ttl":     json.Number("0"),
			},
			"local": false,
		},
	}
	testResponseStatus(t, resp, 200)
	testResponseBody(t, resp, &actual)

	expected["request_id"] = actual["request_id"]
	for k, v := range actual["data"].(map[string]interface{}) {
		if v.(map[string]interface{})["accessor"] == "" {
			t.Fatalf("no accessor from %s", k)
		}
		expected[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]
		expected["data"].(map[string]interface{})[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]
	}

	if !reflect.DeepEqual(actual, expected) {
		t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)
	}
}

func TestSysEnableAuth(t *testing.T) {
	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := TestServer(t, core)
	defer ln.Close()
	TestServerAuth(t, addr, token)

	resp := testHttpPost(t, token, addr+"/v1/sys/auth/foo", map[string]interface{}{
		"type":        "noop",
		"description": "foo",
	})
	testResponseStatus(t, resp, 204)

	resp = testHttpGet(t, token, addr+"/v1/sys/auth")

	var actual map[string]interface{}
	expected := map[string]interface{}{
		"lease_id":       "",
		"renewable":      false,
		"lease_duration": json.Number("0"),
		"wrap_info":      nil,
		"warnings":       nil,
		"auth":           nil,
		"data": map[string]interface{}{
			"foo/": map[string]interface{}{
				"description": "foo",
				"type":        "noop",
				"config": map[string]interface{}{
					"default_lease_ttl": json.Number("0"),
					"max_lease_ttl":     json.Number("0"),
				},
				"local": false,
			},
			"token/": map[string]interface{}{
				"description": "token based credentials",
				"type":        "token",
				"config": map[string]interface{}{
					"default_lease_ttl": json.Number("0"),
					"max_lease_ttl":     json.Number("0"),
				},
				"local": false,
			},
		},
		"foo/": map[string]interface{}{
			"description": "foo",
			"type":        "noop",
			"config": map[string]interface{}{
				"default_lease_ttl": json.Number("0"),
				"max_lease_ttl":     json.Number("0"),
			},
			"local": false,
		},
		"token/": map[string]interface{}{
			"description": "token based credentials",
			"type":        "token",
			"config": map[string]interface{}{
				"default_lease_ttl": json.Number("0"),
				"max_lease_ttl":     json.Number("0"),
			},
			"local": false,
		},
	}
	testResponseStatus(t, resp, 200)
	testResponseBody(t, resp, &actual)

	expected["request_id"] = actual["request_id"]
	for k, v := range actual["data"].(map[string]interface{}) {
		if v.(map[string]interface{})["accessor"] == "" {
			t.Fatalf("no accessor from %s", k)
		}
		expected[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]
		expected["data"].(map[string]interface{})[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]
	}

	if !reflect.DeepEqual(actual, expected) {
		t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)
	}
}

func TestSysDisableAuth(t *testing.T) {
	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := TestServer(t, core)
	defer ln.Close()
	TestServerAuth(t, addr, token)

	resp := testHttpPost(t, token, addr+"/v1/sys/auth/foo", map[string]interface{}{
		"type":        "noop",
		"description": "foo",
	})
	testResponseStatus(t, resp, 204)

	resp = testHttpDelete(t, token, addr+"/v1/sys/auth/foo")
	testResponseStatus(t, resp, 204)

	resp = testHttpGet(t, token, addr+"/v1/sys/auth")

	var actual map[string]interface{}
	expected := map[string]interface{}{
		"lease_id":       "",
		"renewable":      false,
		"lease_duration": json.Number("0"),
		"wrap_info":      nil,
		"warnings":       nil,
		"auth":           nil,
		"data": map[string]interface{}{
			"token/": map[string]interface{}{
				"config": map[string]interface{}{
					"default_lease_ttl": json.Number("0"),
					"max_lease_ttl":     json.Number("0"),
				},
				"description": "token based credentials",
				"type":        "token",
				"local":       false,
			},
		},
		"token/": map[string]interface{}{
			"config": map[string]interface{}{
				"default_lease_ttl": json.Number("0"),
				"max_lease_ttl":     json.Number("0"),
			},
			"description": "token based credentials",
			"type":        "token",
			"local":       false,
		},
	}
	testResponseStatus(t, resp, 200)
	testResponseBody(t, resp, &actual)

	expected["request_id"] = actual["request_id"]
	for k, v := range actual["data"].(map[string]interface{}) {
		if v.(map[string]interface{})["accessor"] == "" {
			t.Fatalf("no accessor from %s", k)
		}
		expected[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]
		expected["data"].(map[string]interface{})[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]
	}

	if !reflect.DeepEqual(actual, expected) {
		t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)
	}
}
http: auth handlers 2015-04-01 03:24:51 +00:00			`package http`

			`import (`
Added JSON Decode and Encode helpers. Changed all the occurances of Unmarshal to use the helpers. Fixed http/ package tests. 2016-07-06 16:25:40 +00:00			`"encoding/json"`
http: auth handlers 2015-04-01 03:24:51 +00:00			`"reflect"`
			`"testing"`

			`"github.com/hashicorp/vault/vault"`
			`)`

			`func TestSysAuth(t *testing.T) {`
			`core, _, token := vault.TestCoreUnsealed(t)`
			`ln, addr := TestServer(t, core)`
			`defer ln.Close()`
			`TestServerAuth(t, addr, token)`

Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`resp := testHttpGet(t, token, addr+"/v1/sys/auth")`
http: auth handlers 2015-04-01 03:24:51 +00:00
			`var actual map[string]interface{}`
			`expected := map[string]interface{}{`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00			`"lease_id": "",`
			`"renewable": false,`
			`"lease_duration": json.Number("0"),`
			`"wrap_info": nil,`
			`"warnings": nil,`
			`"auth": nil,`
			`"data": map[string]interface{}{`
			`"token/": map[string]interface{}{`
			`"description": "token based credentials",`
			`"type": "token",`
			`"config": map[string]interface{}{`
			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
			`},`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00			`},`
			`},`
http: fix tests 2015-04-05 00:42:19 +00:00			`"token/": map[string]interface{}{`
http: auth handlers 2015-04-01 03:24:51 +00:00			`"description": "token based credentials",`
			`"type": "token",`
Fix the test cases 2016-06-20 19:55:21 +00:00			`"config": map[string]interface{}{`
Added JSON Decode and Encode helpers. Changed all the occurances of Unmarshal to use the helpers. Fixed http/ package tests. 2016-07-06 16:25:40 +00:00			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
Fix the test cases 2016-06-20 19:55:21 +00:00			`},`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
http: auth handlers 2015-04-01 03:24:51 +00:00			`},`
			`}`
			`testResponseStatus(t, resp, 200)`
			`testResponseBody(t, resp, &actual)`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00
			`expected["request_id"] = actual["request_id"]`
Create and persist human-friendly-ish mount accessors (#2918) 2017-06-26 17:14:36 +00:00			`for k, v := range actual["data"].(map[string]interface{}) {`
			`if v.(map[string]interface{})["accessor"] == "" {`
			`t.Fatalf("no accessor from %s", k)`
			`}`
			`expected[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]`
			`expected["data"].(map[string]interface{})[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]`
			`}`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00
http: auth handlers 2015-04-01 03:24:51 +00:00			`if !reflect.DeepEqual(actual, expected) {`
Fix the test cases 2016-06-20 19:55:21 +00:00			`t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)`
http: auth handlers 2015-04-01 03:24:51 +00:00			`}`
			`}`

			`func TestSysEnableAuth(t *testing.T) {`
			`core, _, token := vault.TestCoreUnsealed(t)`
			`ln, addr := TestServer(t, core)`
			`defer ln.Close()`
			`TestServerAuth(t, addr, token)`

Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`resp := testHttpPost(t, token, addr+"/v1/sys/auth/foo", map[string]interface{}{`
http: auth handlers 2015-04-01 03:24:51 +00:00			`"type": "noop",`
			`"description": "foo",`
			`})`
			`testResponseStatus(t, resp, 204)`

Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`resp = testHttpGet(t, token, addr+"/v1/sys/auth")`
http: auth handlers 2015-04-01 03:24:51 +00:00
			`var actual map[string]interface{}`
			`expected := map[string]interface{}{`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00			`"lease_id": "",`
			`"renewable": false,`
			`"lease_duration": json.Number("0"),`
			`"wrap_info": nil,`
			`"warnings": nil,`
			`"auth": nil,`
			`"data": map[string]interface{}{`
			`"foo/": map[string]interface{}{`
			`"description": "foo",`
			`"type": "noop",`
			`"config": map[string]interface{}{`
			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
			`},`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00			`},`
			`"token/": map[string]interface{}{`
			`"description": "token based credentials",`
			`"type": "token",`
			`"config": map[string]interface{}{`
			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
			`},`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00			`},`
			`},`
http: fix tests 2015-04-05 00:42:19 +00:00			`"foo/": map[string]interface{}{`
http: auth handlers 2015-04-01 03:24:51 +00:00			`"description": "foo",`
			`"type": "noop",`
Fix the test cases 2016-06-20 19:55:21 +00:00			`"config": map[string]interface{}{`
Added JSON Decode and Encode helpers. Changed all the occurances of Unmarshal to use the helpers. Fixed http/ package tests. 2016-07-06 16:25:40 +00:00			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
Fix the test cases 2016-06-20 19:55:21 +00:00			`},`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
http: auth handlers 2015-04-01 03:24:51 +00:00			`},`
http: fix tests 2015-04-05 00:42:19 +00:00			`"token/": map[string]interface{}{`
http: auth handlers 2015-04-01 03:24:51 +00:00			`"description": "token based credentials",`
			`"type": "token",`
Fix the test cases 2016-06-20 19:55:21 +00:00			`"config": map[string]interface{}{`
Added JSON Decode and Encode helpers. Changed all the occurances of Unmarshal to use the helpers. Fixed http/ package tests. 2016-07-06 16:25:40 +00:00			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
Fix the test cases 2016-06-20 19:55:21 +00:00			`},`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
http: auth handlers 2015-04-01 03:24:51 +00:00			`},`
			`}`
			`testResponseStatus(t, resp, 200)`
			`testResponseBody(t, resp, &actual)`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00
			`expected["request_id"] = actual["request_id"]`
Create and persist human-friendly-ish mount accessors (#2918) 2017-06-26 17:14:36 +00:00			`for k, v := range actual["data"].(map[string]interface{}) {`
			`if v.(map[string]interface{})["accessor"] == "" {`
			`t.Fatalf("no accessor from %s", k)`
			`}`
			`expected[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]`
			`expected["data"].(map[string]interface{})[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]`
			`}`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00
http: auth handlers 2015-04-01 03:24:51 +00:00			`if !reflect.DeepEqual(actual, expected) {`
Fix the test cases 2016-06-20 19:55:21 +00:00			`t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)`
http: auth handlers 2015-04-01 03:24:51 +00:00			`}`
			`}`

			`func TestSysDisableAuth(t *testing.T) {`
			`core, _, token := vault.TestCoreUnsealed(t)`
			`ln, addr := TestServer(t, core)`
			`defer ln.Close()`
			`TestServerAuth(t, addr, token)`

Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`resp := testHttpPost(t, token, addr+"/v1/sys/auth/foo", map[string]interface{}{`
http: auth handlers 2015-04-01 03:24:51 +00:00			`"type": "noop",`
			`"description": "foo",`
			`})`
			`testResponseStatus(t, resp, 204)`

Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`resp = testHttpDelete(t, token, addr+"/v1/sys/auth/foo")`
http: auth handlers 2015-04-01 03:24:51 +00:00			`testResponseStatus(t, resp, 204)`

Remove cookie authentication. 2015-08-22 00:36:19 +00:00			`resp = testHttpGet(t, token, addr+"/v1/sys/auth")`
http: auth handlers 2015-04-01 03:24:51 +00:00
			`var actual map[string]interface{}`
			`expected := map[string]interface{}{`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00			`"lease_id": "",`
			`"renewable": false,`
			`"lease_duration": json.Number("0"),`
			`"wrap_info": nil,`
			`"warnings": nil,`
			`"auth": nil,`
			`"data": map[string]interface{}{`
			`"token/": map[string]interface{}{`
			`"config": map[string]interface{}{`
			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
			`},`
			`"description": "token based credentials",`
			`"type": "token",`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00			`},`
			`},`
http: fix tests 2015-04-05 00:42:19 +00:00			`"token/": map[string]interface{}{`
Fix the test cases 2016-06-20 19:55:21 +00:00			`"config": map[string]interface{}{`
Added JSON Decode and Encode helpers. Changed all the occurances of Unmarshal to use the helpers. Fixed http/ package tests. 2016-07-06 16:25:40 +00:00			`"default_lease_ttl": json.Number("0"),`
			`"max_lease_ttl": json.Number("0"),`
Fix the test cases 2016-06-20 19:55:21 +00:00			`},`
http: auth handlers 2015-04-01 03:24:51 +00:00			`"description": "token based credentials",`
			`"type": "token",`
Port some replication bits to OSS (#2386) 2017-02-16 20:15:02 +00:00			`"local": false,`
http: auth handlers 2015-04-01 03:24:51 +00:00			`},`
			`}`
			`testResponseStatus(t, resp, 200)`
			`testResponseBody(t, resp, &actual)`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00
			`expected["request_id"] = actual["request_id"]`
Create and persist human-friendly-ish mount accessors (#2918) 2017-06-26 17:14:36 +00:00			`for k, v := range actual["data"].(map[string]interface{}) {`
			`if v.(map[string]interface{})["accessor"] == "" {`
			`t.Fatalf("no accessor from %s", k)`
			`}`
			`expected[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]`
			`expected["data"].(map[string]interface{})[k].(map[string]interface{})["accessor"] = v.(map[string]interface{})["accessor"]`
			`}`
Fix tests and update mapstructure 2016-08-08 20:00:31 +00:00
http: auth handlers 2015-04-01 03:24:51 +00:00			`if !reflect.DeepEqual(actual, expected) {`
Fix the test cases 2016-06-20 19:55:21 +00:00			`t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)`
http: auth handlers 2015-04-01 03:24:51 +00:00			`}`
			`}`