open-vault/http/sys_seal_test.go

132 lines
2.8 KiB
Go
Raw Normal View History

2015-03-12 17:46:45 +00:00
package http
import (
2015-03-12 18:12:44 +00:00
"encoding/hex"
2015-03-12 17:46:45 +00:00
"net/http"
"reflect"
"testing"
2015-03-13 18:11:59 +00:00
"github.com/hashicorp/vault/vault"
2015-03-12 17:46:45 +00:00
)
func TestSysSealStatus(t *testing.T) {
2015-03-13 18:11:59 +00:00
core := vault.TestCore(t)
vault.TestCoreInit(t, core)
2015-03-13 18:13:33 +00:00
ln, addr := TestServer(t, core)
2015-03-12 17:46:45 +00:00
defer ln.Close()
2015-03-12 17:47:31 +00:00
resp, err := http.Get(addr + "/v1/sys/seal-status")
2015-03-12 17:46:45 +00:00
if err != nil {
t.Fatalf("err: %s", err)
}
var actual map[string]interface{}
expected := map[string]interface{}{
"sealed": true,
"t": float64(1),
"n": float64(1),
"progress": float64(0),
}
testResponseStatus(t, resp, 200)
testResponseBody(t, resp, &actual)
if !reflect.DeepEqual(actual, expected) {
t.Fatalf("bad: %#v", actual)
}
}
2015-03-12 18:12:44 +00:00
func TestSysSealStatus_uninit(t *testing.T) {
core := vault.TestCore(t)
ln, addr := TestServer(t, core)
defer ln.Close()
resp, err := http.Get(addr + "/v1/sys/seal-status")
if err != nil {
t.Fatalf("err: %s", err)
}
testResponseStatus(t, resp, 400)
}
2015-03-12 18:12:44 +00:00
func TestSysSeal(t *testing.T) {
2015-03-31 16:59:02 +00:00
core, _, token := vault.TestCoreUnsealed(t)
2015-03-13 18:13:33 +00:00
ln, addr := TestServer(t, core)
2015-03-12 18:12:44 +00:00
defer ln.Close()
2015-03-31 16:59:02 +00:00
TestServerAuth(t, addr, token)
2015-03-12 18:12:44 +00:00
2015-08-22 00:36:19 +00:00
resp := testHttpPut(t, token, addr+"/v1/sys/seal", nil)
2015-03-12 18:12:44 +00:00
testResponseStatus(t, resp, 204)
check, err := core.Sealed()
if err != nil {
t.Fatalf("err: %s", err)
}
if !check {
t.Fatal("should be sealed")
}
}
func TestSysSeal_unsealed(t *testing.T) {
2015-03-31 18:45:44 +00:00
core, _, token := vault.TestCoreUnsealed(t)
2015-03-13 18:13:33 +00:00
ln, addr := TestServer(t, core)
2015-03-12 18:12:44 +00:00
defer ln.Close()
2015-03-31 18:45:44 +00:00
TestServerAuth(t, addr, token)
2015-03-12 18:12:44 +00:00
2015-08-22 00:36:19 +00:00
resp := testHttpPut(t, token, addr+"/v1/sys/seal", nil)
2015-03-12 18:12:44 +00:00
testResponseStatus(t, resp, 204)
check, err := core.Sealed()
if err != nil {
t.Fatalf("err: %s", err)
}
if !check {
t.Fatal("should be sealed")
}
}
func TestSysUnseal(t *testing.T) {
2015-03-13 18:11:59 +00:00
core := vault.TestCore(t)
key, _ := vault.TestCoreInit(t, core)
2015-03-13 18:13:33 +00:00
ln, addr := TestServer(t, core)
2015-03-12 18:12:44 +00:00
defer ln.Close()
2015-08-22 00:36:19 +00:00
resp := testHttpPut(t, "", addr+"/v1/sys/unseal", map[string]interface{}{
2015-03-16 00:10:33 +00:00
"key": hex.EncodeToString(key),
2015-03-12 18:12:44 +00:00
})
var actual map[string]interface{}
expected := map[string]interface{}{
"sealed": false,
"t": float64(1),
"n": float64(1),
"progress": float64(0),
}
testResponseStatus(t, resp, 200)
testResponseBody(t, resp, &actual)
if !reflect.DeepEqual(actual, expected) {
t.Fatalf("bad: %#v", actual)
}
}
func TestSysUnseal_badKey(t *testing.T) {
2015-03-13 18:11:59 +00:00
core := vault.TestCore(t)
vault.TestCoreInit(t, core)
2015-03-13 18:13:33 +00:00
ln, addr := TestServer(t, core)
2015-03-12 18:12:44 +00:00
defer ln.Close()
2015-08-22 00:36:19 +00:00
resp := testHttpPut(t, "", addr+"/v1/sys/unseal", map[string]interface{}{
"key": "0123",
2015-03-12 18:12:44 +00:00
})
var actual map[string]interface{}
expected := map[string]interface{}{
"sealed": true,
"t": float64(1),
"n": float64(1),
"progress": float64(0),
}
testResponseStatus(t, resp, 200)
testResponseBody(t, resp, &actual)
if !reflect.DeepEqual(actual, expected) {
t.Fatalf("bad: %#v", actual)
}
}