2023-03-15 16:00:52 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2022-11-23 20:00:18 +00:00
|
|
|
package pkiext
|
|
|
|
|
|
|
|
import (
|
2023-04-25 19:11:35 +00:00
|
|
|
"bufio"
|
|
|
|
"bytes"
|
2022-11-28 15:32:22 +00:00
|
|
|
"crypto"
|
|
|
|
"crypto/x509"
|
|
|
|
"encoding/pem"
|
2022-11-23 20:00:18 +00:00
|
|
|
"fmt"
|
|
|
|
"testing"
|
|
|
|
|
2022-11-28 15:32:22 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/helper/certutil"
|
2022-11-23 20:00:18 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/logical"
|
2022-11-28 15:32:22 +00:00
|
|
|
|
2022-11-23 20:00:18 +00:00
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
)
|
|
|
|
|
|
|
|
func requireFieldsSetInResp(t *testing.T, resp *logical.Response, fields ...string) {
|
|
|
|
var missingFields []string
|
|
|
|
for _, field := range fields {
|
|
|
|
value, ok := resp.Data[field]
|
|
|
|
if !ok || value == nil {
|
|
|
|
missingFields = append(missingFields, field)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
require.Empty(t, missingFields, "The following fields were required but missing from response:\n%v", resp.Data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func requireSuccessNonNilResponse(t *testing.T, resp *logical.Response, err error, msgAndArgs ...interface{}) {
|
|
|
|
require.NoError(t, err, msgAndArgs...)
|
|
|
|
if resp.IsError() {
|
|
|
|
errContext := fmt.Sprintf("Expected successful response but got error: %v", resp.Error())
|
|
|
|
require.Falsef(t, resp.IsError(), errContext, msgAndArgs...)
|
|
|
|
}
|
|
|
|
require.NotNil(t, resp, msgAndArgs...)
|
|
|
|
}
|
|
|
|
|
|
|
|
func requireSuccessNilResponse(t *testing.T, resp *logical.Response, err error, msgAndArgs ...interface{}) {
|
|
|
|
require.NoError(t, err, msgAndArgs...)
|
|
|
|
if resp.IsError() {
|
|
|
|
errContext := fmt.Sprintf("Expected successful response but got error: %v", resp.Error())
|
|
|
|
require.Falsef(t, resp.IsError(), errContext, msgAndArgs...)
|
|
|
|
}
|
|
|
|
if resp != nil {
|
|
|
|
msg := fmt.Sprintf("expected nil response but got: %v", resp)
|
|
|
|
require.Nilf(t, resp, msg, msgAndArgs...)
|
|
|
|
}
|
|
|
|
}
|
2022-11-28 15:32:22 +00:00
|
|
|
|
|
|
|
func parseCert(t *testing.T, pemCert string) *x509.Certificate {
|
|
|
|
block, _ := pem.Decode([]byte(pemCert))
|
|
|
|
require.NotNil(t, block, "failed to decode PEM block")
|
|
|
|
|
|
|
|
cert, err := x509.ParseCertificate(block.Bytes)
|
|
|
|
require.NoError(t, err)
|
|
|
|
return cert
|
|
|
|
}
|
|
|
|
|
|
|
|
func parseKey(t *testing.T, pemKey string) crypto.Signer {
|
|
|
|
block, _ := pem.Decode([]byte(pemKey))
|
|
|
|
require.NotNil(t, block, "failed to decode PEM block")
|
|
|
|
|
|
|
|
key, _, err := certutil.ParseDERKey(block.Bytes)
|
|
|
|
require.NoError(t, err)
|
|
|
|
return key
|
|
|
|
}
|
2023-04-25 19:11:35 +00:00
|
|
|
|
|
|
|
type LogConsumerWriter struct {
|
2023-04-27 13:41:49 +00:00
|
|
|
Consumer func(string)
|
2023-04-25 19:11:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func (l LogConsumerWriter) Write(p []byte) (n int, err error) {
|
|
|
|
// TODO this assumes that we're never passed partial log lines, which
|
|
|
|
// seems a safe assumption for now based on how docker looks to implement
|
|
|
|
// logging, but might change in the future.
|
|
|
|
scanner := bufio.NewScanner(bytes.NewReader(p))
|
|
|
|
scanner.Buffer(make([]byte, 64*1024), bufio.MaxScanTokenSize)
|
|
|
|
for scanner.Scan() {
|
2023-04-27 13:41:49 +00:00
|
|
|
l.Consumer(scanner.Text())
|
2023-04-25 19:11:35 +00:00
|
|
|
}
|
|
|
|
return len(p), nil
|
|
|
|
}
|