2016-05-16 20:11:33 +00:00
|
|
|
package vault
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
2019-01-09 00:48:57 +00:00
|
|
|
uuid "github.com/hashicorp/go-uuid"
|
2016-07-05 15:46:21 +00:00
|
|
|
credUserpass "github.com/hashicorp/vault/builtin/credential/userpass"
|
2018-09-18 03:03:00 +00:00
|
|
|
"github.com/hashicorp/vault/helper/namespace"
|
2019-04-12 21:54:35 +00:00
|
|
|
"github.com/hashicorp/vault/sdk/logical"
|
2016-05-16 20:11:33 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestRequestHandling_Wrapping(t *testing.T) {
|
|
|
|
core, _, root := TestCoreUnsealed(t)
|
|
|
|
|
2017-09-15 13:02:29 +00:00
|
|
|
core.logicalBackends["kv"] = PassthroughBackendFactory
|
2016-05-16 20:11:33 +00:00
|
|
|
|
|
|
|
meUUID, _ := uuid.GenerateUUID()
|
2018-09-18 03:03:00 +00:00
|
|
|
err := core.mount(namespace.RootContext(nil), &MountEntry{
|
2016-05-26 16:55:00 +00:00
|
|
|
Table: mountTableType,
|
|
|
|
UUID: meUUID,
|
|
|
|
Path: "wraptest",
|
2017-09-15 13:02:29 +00:00
|
|
|
Type: "kv",
|
2017-05-09 21:51:09 +00:00
|
|
|
})
|
2016-05-16 20:11:33 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// No duration specified
|
|
|
|
req := &logical.Request{
|
|
|
|
Path: "wraptest/foo",
|
|
|
|
ClientToken: root,
|
|
|
|
Operation: logical.UpdateOperation,
|
2016-05-19 03:06:09 +00:00
|
|
|
Data: map[string]interface{}{
|
|
|
|
"zip": "zap",
|
|
|
|
},
|
2016-05-16 20:11:33 +00:00
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
resp, err := core.HandleRequest(namespace.RootContext(nil), req)
|
2016-05-16 20:11:33 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
req = &logical.Request{
|
|
|
|
Path: "wraptest/foo",
|
|
|
|
ClientToken: root,
|
2016-05-19 03:06:09 +00:00
|
|
|
Operation: logical.ReadOperation,
|
2017-01-04 21:44:03 +00:00
|
|
|
WrapInfo: &logical.RequestWrapInfo{
|
|
|
|
TTL: time.Duration(15 * time.Second),
|
|
|
|
},
|
2016-05-16 20:11:33 +00:00
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
resp, err = core.HandleRequest(namespace.RootContext(nil), req)
|
2016-05-16 20:11:33 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp == nil {
|
|
|
|
t.Fatalf("bad: %v", resp)
|
|
|
|
}
|
|
|
|
if resp.WrapInfo == nil || resp.WrapInfo.TTL != time.Duration(15*time.Second) {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
}
|
2016-07-05 15:46:21 +00:00
|
|
|
|
|
|
|
func TestRequestHandling_LoginWrapping(t *testing.T) {
|
|
|
|
core, _, root := TestCoreUnsealed(t)
|
|
|
|
|
2018-09-18 03:03:00 +00:00
|
|
|
if err := core.loadMounts(namespace.RootContext(nil)); err != nil {
|
2016-07-05 15:46:21 +00:00
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
core.credentialBackends["userpass"] = credUserpass.Factory
|
|
|
|
|
|
|
|
// No duration specified
|
|
|
|
req := &logical.Request{
|
|
|
|
Path: "sys/auth/userpass",
|
|
|
|
ClientToken: root,
|
|
|
|
Operation: logical.UpdateOperation,
|
|
|
|
Data: map[string]interface{}{
|
|
|
|
"type": "userpass",
|
|
|
|
},
|
2018-05-21 18:47:28 +00:00
|
|
|
Connection: &logical.Connection{},
|
2016-07-05 15:46:21 +00:00
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
resp, err := core.HandleRequest(namespace.RootContext(nil), req)
|
2016-07-05 15:46:21 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
|
|
|
req.Path = "auth/userpass/users/test"
|
|
|
|
req.Data = map[string]interface{}{
|
|
|
|
"password": "foo",
|
|
|
|
"policies": "default",
|
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
resp, err = core.HandleRequest(namespace.RootContext(nil), req)
|
2016-07-05 15:46:21 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
2016-07-05 16:11:40 +00:00
|
|
|
req = &logical.Request{
|
2016-07-05 16:54:27 +00:00
|
|
|
Path: "auth/userpass/login/test",
|
|
|
|
Operation: logical.UpdateOperation,
|
2016-07-05 16:11:40 +00:00
|
|
|
Data: map[string]interface{}{
|
|
|
|
"password": "foo",
|
|
|
|
},
|
2018-05-21 18:47:28 +00:00
|
|
|
Connection: &logical.Connection{},
|
2016-07-05 16:11:40 +00:00
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
resp, err = core.HandleRequest(namespace.RootContext(nil), req)
|
2016-07-05 16:11:40 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp == nil {
|
|
|
|
t.Fatalf("bad: %v", resp)
|
|
|
|
}
|
|
|
|
if resp.WrapInfo != nil {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
|
2016-07-05 15:46:21 +00:00
|
|
|
req = &logical.Request{
|
|
|
|
Path: "auth/userpass/login/test",
|
|
|
|
Operation: logical.UpdateOperation,
|
2017-01-04 21:44:03 +00:00
|
|
|
WrapInfo: &logical.RequestWrapInfo{
|
|
|
|
TTL: time.Duration(15 * time.Second),
|
|
|
|
},
|
2016-07-05 15:46:21 +00:00
|
|
|
Data: map[string]interface{}{
|
|
|
|
"password": "foo",
|
|
|
|
},
|
2018-05-21 18:47:28 +00:00
|
|
|
Connection: &logical.Connection{},
|
2016-07-05 15:46:21 +00:00
|
|
|
}
|
2018-09-18 03:03:00 +00:00
|
|
|
resp, err = core.HandleRequest(namespace.RootContext(nil), req)
|
2016-07-05 15:46:21 +00:00
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("err: %v", err)
|
|
|
|
}
|
|
|
|
if resp == nil {
|
|
|
|
t.Fatalf("bad: %v", resp)
|
|
|
|
}
|
|
|
|
if resp.WrapInfo == nil || resp.WrapInfo.TTL != time.Duration(15*time.Second) {
|
|
|
|
t.Fatalf("bad: %#v", resp)
|
|
|
|
}
|
|
|
|
}
|