open-vault/command/command_test.go

package command

import (
	"context"
	"encoding/base64"
	"net"
	"net/http"
	"strings"
	"testing"
	"time"

	log "github.com/hashicorp/go-hclog"
	kv "github.com/hashicorp/vault-plugin-secrets-kv"
	"github.com/hashicorp/vault/api"
	"github.com/hashicorp/vault/audit"
	"github.com/hashicorp/vault/builtin/logical/pki"
	"github.com/hashicorp/vault/builtin/logical/ssh"
	"github.com/hashicorp/vault/builtin/logical/transit"
	"github.com/hashicorp/vault/helper/builtinplugins"
	"github.com/hashicorp/vault/sdk/logical"
	"github.com/hashicorp/vault/sdk/physical/inmem"
	"github.com/hashicorp/vault/vault"
	"github.com/mitchellh/cli"

	auditFile "github.com/hashicorp/vault/builtin/audit/file"
	credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"
	vaulthttp "github.com/hashicorp/vault/http"
)

var (
	defaultVaultLogger = log.NewNullLogger()

	defaultVaultCredentialBackends = map[string]logical.Factory{
		"userpass": credUserpass.Factory,
	}

	defaultVaultAuditBackends = map[string]audit.Factory{
		"file": auditFile.Factory,
	}

	defaultVaultLogicalBackends = map[string]logical.Factory{
		"generic-leased": vault.LeasedPassthroughBackendFactory,
		"pki":            pki.Factory,
		"ssh":            ssh.Factory,
		"transit":        transit.Factory,
		"kv":             kv.Factory,
	}
)

// assertNoTabs asserts the CLI help has no tab characters.
func assertNoTabs(tb testing.TB, c cli.Command) {
	tb.Helper()

	if strings.ContainsRune(c.Help(), '\t') {
		tb.Errorf("%#v help output contains tabs", c)
	}
}

// testVaultServer creates a test vault cluster and returns a configured API
// client and closer function.
func testVaultServer(tb testing.TB) (*api.Client, func()) {
	tb.Helper()

	client, _, closer := testVaultServerUnseal(tb)
	return client, closer
}

func testVaultServerAllBackends(tb testing.TB) (*api.Client, func()) {
	tb.Helper()

	client, _, closer := testVaultServerCoreConfig(tb, &vault.CoreConfig{
		DisableMlock:       true,
		DisableCache:       true,
		Logger:             defaultVaultLogger,
		CredentialBackends: credentialBackends,
		AuditBackends:      auditBackends,
		LogicalBackends:    logicalBackends,
		BuiltinRegistry:    builtinplugins.Registry,
	})
	return client, closer
}

// testVaultServerUnseal creates a test vault cluster and returns a configured
// API client, list of unseal keys (as strings), and a closer function.
func testVaultServerUnseal(tb testing.TB) (*api.Client, []string, func()) {
	tb.Helper()

	return testVaultServerCoreConfig(tb, &vault.CoreConfig{
		DisableMlock:       true,
		DisableCache:       true,
		Logger:             defaultVaultLogger,
		CredentialBackends: defaultVaultCredentialBackends,
		AuditBackends:      defaultVaultAuditBackends,
		LogicalBackends:    defaultVaultLogicalBackends,
		BuiltinRegistry:    builtinplugins.Registry,
	})
}

// testVaultServerUnseal creates a test vault cluster and returns a configured
// API client, list of unseal keys (as strings), and a closer function
// configured with the given plugin directory.
func testVaultServerPluginDir(tb testing.TB, pluginDir string) (*api.Client, []string, func()) {
	tb.Helper()

	return testVaultServerCoreConfig(tb, &vault.CoreConfig{
		DisableMlock:       true,
		DisableCache:       true,
		Logger:             defaultVaultLogger,
		CredentialBackends: defaultVaultCredentialBackends,
		AuditBackends:      defaultVaultAuditBackends,
		LogicalBackends:    defaultVaultLogicalBackends,
		PluginDirectory:    pluginDir,
		BuiltinRegistry:    builtinplugins.Registry,
	})
}

// testVaultServerCoreConfig creates a new vault cluster with the given core
// configuration. This is a lower-level test helper.
func testVaultServerCoreConfig(tb testing.TB, coreConfig *vault.CoreConfig) (*api.Client, []string, func()) {
	tb.Helper()

	cluster := vault.NewTestCluster(tb, coreConfig, &vault.TestClusterOptions{
		HandlerFunc: vaulthttp.Handler,
		NumCores:    1, // Default is 3, but we don't need that many
	})
	cluster.Start()

	// Make it easy to get access to the active
	core := cluster.Cores[0].Core
	vault.TestWaitActive(tb, core)

	// Get the client already setup for us!
	client := cluster.Cores[0].Client
	client.SetToken(cluster.RootToken)

	// Convert the unseal keys to base64 encoded, since these are how the user
	// will get them.
	unsealKeys := make([]string, len(cluster.BarrierKeys))
	for i := range unsealKeys {
		unsealKeys[i] = base64.StdEncoding.EncodeToString(cluster.BarrierKeys[i])
	}

	return client, unsealKeys, func() { defer cluster.Cleanup() }
}

// testVaultServerUninit creates an uninitialized server.
func testVaultServerUninit(tb testing.TB) (*api.Client, func()) {
	tb.Helper()

	inm, err := inmem.NewInmem(nil, defaultVaultLogger)
	if err != nil {
		tb.Fatal(err)
	}

	core, err := vault.NewCore(&vault.CoreConfig{
		DisableMlock:       true,
		DisableCache:       true,
		Logger:             defaultVaultLogger,
		Physical:           inm,
		CredentialBackends: defaultVaultCredentialBackends,
		AuditBackends:      defaultVaultAuditBackends,
		LogicalBackends:    defaultVaultLogicalBackends,
		BuiltinRegistry:    builtinplugins.Registry,
	})
	if err != nil {
		tb.Fatal(err)
	}

	ln, addr := vaulthttp.TestServer(tb, core)

	client, err := api.NewClient(&api.Config{
		Address: addr,
	})
	if err != nil {
		tb.Fatal(err)
	}

	return client, func() { ln.Close() }
}

// testVaultServerBad creates an http server that returns a 500 on each request
// to simulate failures.
func testVaultServerBad(tb testing.TB) (*api.Client, func()) {
	tb.Helper()

	listener, err := net.Listen("tcp", "127.0.0.1:0")
	if err != nil {
		tb.Fatal(err)
	}

	server := &http.Server{
		Addr: "127.0.0.1:0",
		Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			http.Error(w, "500 internal server error", http.StatusInternalServerError)
		}),
		ReadTimeout:       1 * time.Second,
		ReadHeaderTimeout: 1 * time.Second,
		WriteTimeout:      1 * time.Second,
		IdleTimeout:       1 * time.Second,
	}

	go func() {
		if err := server.Serve(listener); err != nil && err != http.ErrServerClosed {
			tb.Fatal(err)
		}
	}()

	client, err := api.NewClient(&api.Config{
		Address: "http://" + listener.Addr().String(),
	})
	if err != nil {
		tb.Fatal(err)
	}

	return client, func() {
		ctx, done := context.WithTimeout(context.Background(), 5*time.Second)
		defer done()

		server.Shutdown(ctx)
	}
}

// testTokenAndAccessor creates a new authentication token capable of being renewed with
// the default policy attached. It returns the token and it's accessor.
func testTokenAndAccessor(tb testing.TB, client *api.Client) (string, string) {
	tb.Helper()

	secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{
		Policies: []string{"default"},
		TTL:      "30m",
	})
	if err != nil {
		tb.Fatal(err)
	}
	if secret == nil || secret.Auth == nil || secret.Auth.ClientToken == "" {
		tb.Fatalf("missing auth data: %#v", secret)
	}
	return secret.Auth.ClientToken, secret.Auth.Accessor
}

func testClient(tb testing.TB, addr string, token string) *api.Client {
	tb.Helper()
	config := api.DefaultConfig()
	config.Address = addr
	client, err := api.NewClient(config)
	if err != nil {
		tb.Fatal(err)
	}
	client.SetToken(token)

	return client
}
command: load configuration 2015-03-30 17:25:24 +00:00			`package command`

command/revoke: revoke 2015-04-01 02:21:02 +00:00			`import (`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`"context"`
			`"encoding/base64"`
			`"net"`
			`"net/http"`
			`"strings"`
command/revoke: revoke 2015-04-01 02:21:02 +00:00			`"testing"`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`"time"`
command/revoke: revoke 2015-04-01 02:21:02 +00:00
Move to "github.com/hashicorp/go-hclog" (#4227) * logbridge with hclog and identical output * Initial search & replace This compiles, but there is a fair amount of TODO and commented out code, especially around the plugin logclient/logserver code. * strip logbridge * fix majority of tests * update logxi aliases * WIP fixing tests * more test fixes * Update test to hclog * Fix format * Rename hclog -> log * WIP making hclog and logxi love each other * update logger_test.go * clean up merged comments * Replace RawLogger interface with a Logger * Add some logger names * Replace Trace with Debug * update builtin logical logging patterns * Fix build errors * More log updates * update log approach in command and builtin * More log updates * update helper, http, and logical directories * Update loggers * Log updates * Update logging * Update logging * Update logging * Update logging * update logging in physical * prefixing and lowercase * Update logging * Move phyisical logging name to server command * Fix som tests * address jims feedback so far * incorporate brians feedback so far * strip comments * move vault.go to logging package * update Debug to Trace * Update go-plugin deps * Update logging based on review comments * Updates from review * Unvendor logxi * Remove null_logger.go 2018-04-03 00:46:59 +00:00			`log "github.com/hashicorp/go-hclog"`
Run goimports across the repository (#6010) The result will still pass gofmtcheck and won't trigger additional changes if someone isn't using goimports, but it will avoid the piecemeal imports changes we've been seeing. 2019-01-09 00:48:57 +00:00			`kv "github.com/hashicorp/vault-plugin-secrets-kv"`
command/revoke: revoke 2015-04-01 02:21:02 +00:00			`"github.com/hashicorp/vault/api"`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`"github.com/hashicorp/vault/audit"`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`"github.com/hashicorp/vault/builtin/logical/pki"`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`"github.com/hashicorp/vault/builtin/logical/ssh"`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`"github.com/hashicorp/vault/builtin/logical/transit"`
Run all builtins as plugins (#5536) 2018-11-07 01:21:24 +00:00			`"github.com/hashicorp/vault/helper/builtinplugins"`
Create sdk/ and api/ submodules (#6583) 2019-04-12 21:54:35 +00:00			`"github.com/hashicorp/vault/sdk/logical"`
			`"github.com/hashicorp/vault/sdk/physical/inmem"`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`"github.com/hashicorp/vault/vault"`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`"github.com/mitchellh/cli"`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`auditFile "github.com/hashicorp/vault/builtin/audit/file"`
			`credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`vaulthttp "github.com/hashicorp/vault/http"`
command/revoke: revoke 2015-04-01 02:21:02 +00:00			`)`

Add more testing helper functions 2017-09-05 03:58:18 +00:00			`var (`
Move to "github.com/hashicorp/go-hclog" (#4227) * logbridge with hclog and identical output * Initial search & replace This compiles, but there is a fair amount of TODO and commented out code, especially around the plugin logclient/logserver code. * strip logbridge * fix majority of tests * update logxi aliases * WIP fixing tests * more test fixes * Update test to hclog * Fix format * Rename hclog -> log * WIP making hclog and logxi love each other * update logger_test.go * clean up merged comments * Replace RawLogger interface with a Logger * Add some logger names * Replace Trace with Debug * update builtin logical logging patterns * Fix build errors * More log updates * update log approach in command and builtin * More log updates * update helper, http, and logical directories * Update loggers * Log updates * Update logging * Update logging * Update logging * Update logging * update logging in physical * prefixing and lowercase * Update logging * Move phyisical logging name to server command * Fix som tests * address jims feedback so far * incorporate brians feedback so far * strip comments * move vault.go to logging package * update Debug to Trace * Update go-plugin deps * Update logging based on review comments * Updates from review * Unvendor logxi * Remove null_logger.go 2018-04-03 00:46:59 +00:00			`defaultVaultLogger = log.NewNullLogger()`
Add more testing helper functions 2017-09-05 03:58:18 +00:00
			`defaultVaultCredentialBackends = map[string]logical.Factory{`
			`"userpass": credUserpass.Factory,`
			`}`

			`defaultVaultAuditBackends = map[string]audit.Factory{`
			`"file": auditFile.Factory,`
			`}`

			`defaultVaultLogicalBackends = map[string]logical.Factory{`
			`"generic-leased": vault.LeasedPassthroughBackendFactory,`
			`"pki": pki.Factory,`
			`"ssh": ssh.Factory,`
			`"transit": transit.Factory,`
Kv preflight (#4430) * Update kv command to use a preflight check * Make the existing ui endpoint return the allowed mounts * Add kv subcommand tests * Enable `-field` in `vault kv get/put` (#4426) * Enable `-field` in `vault kv get/put` Fixes #4424 * Unify nil value handling * Use preflight helper * Update vkv plugin * Add all the mount info when authenticated * Add fix the error message on put * add metadata test * No need to sort the capabilities * Remove the kv client header * kv patch command (#4432) * Fix test * Fix tests * Use permission denied instead of entity disabled 2018-04-23 22:00:02 +00:00			`"kv": kv.Factory,`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`}`
			`)`

			`// assertNoTabs asserts the CLI help has no tab characters.`
			`func assertNoTabs(tb testing.TB, c cli.Command) {`
			`tb.Helper()`

			`if strings.ContainsRune(c.Help(), '\t') {`
			`tb.Errorf("%#v help output contains tabs", c)`
			`}`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`}`

Add more testing helper functions 2017-09-05 03:58:18 +00:00			`// testVaultServer creates a test vault cluster and returns a configured API`
			`// client and closer function.`
			`func testVaultServer(tb testing.TB) (*api.Client, func()) {`
			`tb.Helper()`

			`client, _, closer := testVaultServerUnseal(tb)`
			`return client, closer`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`}`

Adding tests to ensure all backends are mountable (#3861) 2018-02-01 16:30:04 +00:00			`func testVaultServerAllBackends(tb testing.TB) (*api.Client, func()) {`
			`tb.Helper()`

			`client, _, closer := testVaultServerCoreConfig(tb, &vault.CoreConfig{`
			`DisableMlock: true,`
			`DisableCache: true,`
			`Logger: defaultVaultLogger,`
			`CredentialBackends: credentialBackends,`
			`AuditBackends: auditBackends,`
			`LogicalBackends: logicalBackends,`
Run all builtins as plugins (#5536) 2018-11-07 01:21:24 +00:00			`BuiltinRegistry: builtinplugins.Registry,`
Adding tests to ensure all backends are mountable (#3861) 2018-02-01 16:30:04 +00:00			`})`
			`return client, closer`
			`}`

Add more testing helper functions 2017-09-05 03:58:18 +00:00			`// testVaultServerUnseal creates a test vault cluster and returns a configured`
			`// API client, list of unseal keys (as strings), and a closer function.`
			`func testVaultServerUnseal(tb testing.TB) (*api.Client, []string, func()) {`
			`tb.Helper()`

			`return testVaultServerCoreConfig(tb, &vault.CoreConfig{`
			`DisableMlock: true,`
			`DisableCache: true,`
			`Logger: defaultVaultLogger,`
			`CredentialBackends: defaultVaultCredentialBackends,`
			`AuditBackends: defaultVaultAuditBackends,`
			`LogicalBackends: defaultVaultLogicalBackends,`
Run all builtins as plugins (#5536) 2018-11-07 01:21:24 +00:00			`BuiltinRegistry: builtinplugins.Registry,`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`})`
			`}`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00
Add plugin CLI for interacting with the plugin catalog (#4911) * Add 'plugin list' command * Add 'plugin register' command * Add 'plugin deregister' command * Use a shared plugin helper * Add 'plugin read' command * Rename to plugin info * Add base plugin for help text * Fix arg ordering * Add docs * Rearrange to alphabetize * Fix arg ordering in example * Don't use "sudo" in command description 2018-07-13 17:35:08 +00:00			`// testVaultServerUnseal creates a test vault cluster and returns a configured`
			`// API client, list of unseal keys (as strings), and a closer function`
			`// configured with the given plugin directory.`
			`func testVaultServerPluginDir(tb testing.TB, pluginDir string) (*api.Client, []string, func()) {`
			`tb.Helper()`

			`return testVaultServerCoreConfig(tb, &vault.CoreConfig{`
			`DisableMlock: true,`
			`DisableCache: true,`
			`Logger: defaultVaultLogger,`
			`CredentialBackends: defaultVaultCredentialBackends,`
			`AuditBackends: defaultVaultAuditBackends,`
			`LogicalBackends: defaultVaultLogicalBackends,`
			`PluginDirectory: pluginDir,`
Run all builtins as plugins (#5536) 2018-11-07 01:21:24 +00:00			`BuiltinRegistry: builtinplugins.Registry,`
Add plugin CLI for interacting with the plugin catalog (#4911) * Add 'plugin list' command * Add 'plugin register' command * Add 'plugin deregister' command * Use a shared plugin helper * Add 'plugin read' command * Rename to plugin info * Add base plugin for help text * Fix arg ordering * Add docs * Rearrange to alphabetize * Fix arg ordering in example * Don't use "sudo" in command description 2018-07-13 17:35:08 +00:00			`})`
			`}`

Add more testing helper functions 2017-09-05 03:58:18 +00:00			`// testVaultServerCoreConfig creates a new vault cluster with the given core`
			`// configuration. This is a lower-level test helper.`
			`func testVaultServerCoreConfig(tb testing.TB, coreConfig vault.CoreConfig) (api.Client, []string, func()) {`
			`tb.Helper()`

			`cluster := vault.NewTestCluster(tb, coreConfig, &vault.TestClusterOptions{`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`HandlerFunc: vaulthttp.Handler,`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`NumCores: 1, // Default is 3, but we don't need that many`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`})`
			`cluster.Start()`

Add more testing helper functions 2017-09-05 03:58:18 +00:00			`// Make it easy to get access to the active`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`core := cluster.Cores[0].Core`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`vault.TestWaitActive(tb, core)`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`// Get the client already setup for us!`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`client := cluster.Cores[0].Client`
			`client.SetToken(cluster.RootToken)`

Add more testing helper functions 2017-09-05 03:58:18 +00:00			`// Convert the unseal keys to base64 encoded, since these are how the user`
			`// will get them.`
			`unsealKeys := make([]string, len(cluster.BarrierKeys))`
			`for i := range unsealKeys {`
			`unsealKeys[i] = base64.StdEncoding.EncodeToString(cluster.BarrierKeys[i])`
			`}`

			`return client, unsealKeys, func() { defer cluster.Cleanup() }`
			`}`

			`// testVaultServerUninit creates an uninitialized server.`
			`func testVaultServerUninit(tb testing.TB) (*api.Client, func()) {`
			`tb.Helper()`

			`inm, err := inmem.NewInmem(nil, defaultVaultLogger)`
			`if err != nil {`
			`tb.Fatal(err)`
			`}`

			`core, err := vault.NewCore(&vault.CoreConfig{`
			`DisableMlock: true,`
			`DisableCache: true,`
			`Logger: defaultVaultLogger,`
			`Physical: inm,`
			`CredentialBackends: defaultVaultCredentialBackends,`
			`AuditBackends: defaultVaultAuditBackends,`
			`LogicalBackends: defaultVaultLogicalBackends,`
Run all builtins as plugins (#5536) 2018-11-07 01:21:24 +00:00			`BuiltinRegistry: builtinplugins.Registry,`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`})`
			`if err != nil {`
			`tb.Fatal(err)`
			`}`

			`ln, addr := vaulthttp.TestServer(tb, core)`

			`client, err := api.NewClient(&api.Config{`
			`Address: addr,`
			`})`
			`if err != nil {`
			`tb.Fatal(err)`
			`}`

			`return client, func() { ln.Close() }`
			`}`

			`// testVaultServerBad creates an http server that returns a 500 on each request`
			`// to simulate failures.`
			`func testVaultServerBad(tb testing.TB) (*api.Client, func()) {`
			`tb.Helper()`

			`listener, err := net.Listen("tcp", "127.0.0.1:0")`
			`if err != nil {`
			`tb.Fatal(err)`
			`}`

			`server := &http.Server{`
			`Addr: "127.0.0.1:0",`
			`Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {`
			`http.Error(w, "500 internal server error", http.StatusInternalServerError)`
			`}),`
			`ReadTimeout: 1 * time.Second,`
			`ReadHeaderTimeout: 1 * time.Second,`
			`WriteTimeout: 1 * time.Second,`
			`IdleTimeout: 1 * time.Second,`
			`}`

			`go func() {`
			`if err := server.Serve(listener); err != nil && err != http.ErrServerClosed {`
			`tb.Fatal(err)`
			`}`
			`}()`

			`client, err := api.NewClient(&api.Config{`
			`Address: "http://" + listener.Addr().String(),`
			`})`
			`if err != nil {`
			`tb.Fatal(err)`
			`}`

			`return client, func() {`
			`ctx, done := context.WithTimeout(context.Background(), 5*time.Second)`
			`defer done()`

			`server.Shutdown(ctx)`
			`}`
			`}`

			`// testTokenAndAccessor creates a new authentication token capable of being renewed with`
			`// the default policy attached. It returns the token and it's accessor.`
			`func testTokenAndAccessor(tb testing.TB, client *api.Client) (string, string) {`
			`tb.Helper()`

			`secret, err := client.Auth().Token().Create(&api.TokenCreateRequest{`
			`Policies: []string{"default"},`
			`TTL: "30m",`
			`})`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`if err != nil {`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`tb.Fatal(err)`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`}`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`if secret == nil \|\| secret.Auth == nil \|\| secret.Auth.ClientToken == "" {`
			`tb.Fatalf("missing auth data: %#v", secret)`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`}`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`return secret.Auth.ClientToken, secret.Auth.Accessor`
Add testing harness for a vault cluster 2017-08-28 20:45:20 +00:00			`}`

Add more testing helper functions 2017-09-05 03:58:18 +00:00			`func testClient(tb testing.TB, addr string, token string) *api.Client {`
			`tb.Helper()`
command/revoke: revoke 2015-04-01 02:21:02 +00:00			`config := api.DefaultConfig()`
			`config.Address = addr`
			`client, err := api.NewClient(config)`
			`if err != nil {`
Add more testing helper functions 2017-09-05 03:58:18 +00:00			`tb.Fatal(err)`
command/revoke: revoke 2015-04-01 02:21:02 +00:00			`}`
			`client.SetToken(token)`

			`return client`
			`}`