2016-05-16 20:11:33 +00:00
|
|
|
package vault
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/hashicorp/go-uuid"
|
2016-07-05 15:46:21 +00:00
|
|
|
credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"
|
2016-05-16 20:11:33 +00:00
|
|
|
"github.com/hashicorp/vault/logical"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestRequestHandling_Wrapping(t *testing.T) {
|
|
|
|
core, _, root := TestCoreUnsealed(t)
|
|
|
|
|
2017-09-15 13:02:29 +00:00
|
|
|
core.logicalBackends["kv"] = PassthroughBackendFactory
|
2016-05-16 20:11:33 +00:00
|
|
|
|
|
|
|
meUUID, _ := uuid.GenerateUUID()
|
|
|
|
err := core.mount(&MountEntry{
|
2016-05-26 16:55:00 +00:00
|
|
|
Table: mountTableType,
|
|
|
|
UUID: meUUID,
|
|
|
|
Path: "wraptest",
|
2017-09-15 13:02:29 +00:00
|
|
|
Type: "kv",
|
2017-05-09 21:51:09 +00:00
|
|
|
})
|
2016-05-16 20:11:33 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// No duration specified
|
|
|
|
req := &logical.Request{
|
|
|
|
Path: "wraptest/foo",
|
|
|
|
ClientToken: root,
|
|
|
|
Operation: logical.UpdateOperation,
|
2016-05-19 03:06:09 +00:00
|
|
|
Data: map[string]interface{}{
|
|
|
|
"zip": "zap",
|
|
|
|
},
|
2016-05-16 20:11:33 +00:00
|
|
|
}
|
|
|
|
resp, err := core.HandleRequest(req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
req = &logical.Request{
|
|
|
|
Path: "wraptest/foo",
|
|
|
|
ClientToken: root,
|
2016-05-19 03:06:09 +00:00
|
|
|
Operation: logical.ReadOperation,
|
2017-01-04 21:44:03 +00:00
|
|
|
WrapInfo: &logical.RequestWrapInfo{
|
|
|
|
TTL: time.Duration(15 * time.Second),
|
|
|
|
},
|
2016-05-16 20:11:33 +00:00
|
|
|
}
|
|
|
|
resp, err = core.HandleRequest(req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp == nil {
|
|
|
|
t.Fatalf("bad: %v", resp)
|
|
|
|
}
|
|
|
|
if resp.WrapInfo == nil || resp.WrapInfo.TTL != time.Duration(15*time.Second) {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
}
|
2016-07-05 15:46:21 +00:00
|
|
|
|
|
|
|
func TestRequestHandling_LoginWrapping(t *testing.T) {
|
|
|
|
core, _, root := TestCoreUnsealed(t)
|
|
|
|
|
|
|
|
if err := core.loadMounts(); err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
core.credentialBackends["userpass"] = credUserpass.Factory
|
|
|
|
|
|
|
|
// No duration specified
|
|
|
|
req := &logical.Request{
|
|
|
|
Path: "sys/auth/userpass",
|
|
|
|
ClientToken: root,
|
|
|
|
Operation: logical.UpdateOperation,
|
|
|
|
Data: map[string]interface{}{
|
|
|
|
"type": "userpass",
|
|
|
|
},
|
|
|
|
}
|
|
|
|
resp, err := core.HandleRequest(req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
req.Path = "auth/userpass/users/test"
|
|
|
|
req.Data = map[string]interface{}{
|
|
|
|
"password": "foo",
|
|
|
|
"policies": "default",
|
|
|
|
}
|
|
|
|
resp, err = core.HandleRequest(req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
2016-07-05 16:11:40 +00:00
|
|
|
req = &logical.Request{
|
2016-07-05 16:54:27 +00:00
|
|
|
Path: "auth/userpass/login/test",
|
|
|
|
Operation: logical.UpdateOperation,
|
2016-07-05 16:11:40 +00:00
|
|
|
Data: map[string]interface{}{
|
|
|
|
"password": "foo",
|
|
|
|
},
|
|
|
|
}
|
|
|
|
resp, err = core.HandleRequest(req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp == nil {
|
|
|
|
t.Fatalf("bad: %v", resp)
|
|
|
|
}
|
|
|
|
if resp.WrapInfo != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
2016-07-05 15:46:21 +00:00
|
|
|
req = &logical.Request{
|
|
|
|
Path: "auth/userpass/login/test",
|
|
|
|
Operation: logical.UpdateOperation,
|
2017-01-04 21:44:03 +00:00
|
|
|
WrapInfo: &logical.RequestWrapInfo{
|
|
|
|
TTL: time.Duration(15 * time.Second),
|
|
|
|
},
|
2016-07-05 15:46:21 +00:00
|
|
|
Data: map[string]interface{}{
|
|
|
|
"password": "foo",
|
|
|
|
},
|
|
|
|
}
|
|
|
|
resp, err = core.HandleRequest(req)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp == nil {
|
|
|
|
t.Fatalf("bad: %v", resp)
|
|
|
|
}
|
|
|
|
if resp.WrapInfo == nil || resp.WrapInfo.TTL != time.Duration(15*time.Second) {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
}
|