2015-04-11 21:46:09 +00:00
|
|
|
package framework
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
"github.com/hashicorp/vault/logical"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestLeaseExtend(t *testing.T) {
|
2016-01-29 20:27:01 +00:00
|
|
|
|
|
|
|
testSysView := logical.StaticSystemView{
|
|
|
|
DefaultLeaseTTLVal: 5 * time.Hour,
|
|
|
|
MaxLeaseTTLVal: 30 * time.Hour,
|
|
|
|
}
|
|
|
|
|
2015-04-11 21:46:09 +00:00
|
|
|
now := time.Now().UTC().Round(time.Hour)
|
|
|
|
|
|
|
|
cases := map[string]struct {
|
2016-01-29 20:27:01 +00:00
|
|
|
BackendDefault time.Duration
|
|
|
|
BackendMax time.Duration
|
|
|
|
Increment time.Duration
|
|
|
|
Result time.Duration
|
|
|
|
Error bool
|
2015-04-11 21:46:09 +00:00
|
|
|
}{
|
2016-01-30 01:02:15 +00:00
|
|
|
"valid request, good bounds, increment is preferred": {
|
2016-01-29 20:27:01 +00:00
|
|
|
BackendDefault: 30 * time.Hour,
|
|
|
|
Increment: 1 * time.Hour,
|
2016-01-30 01:02:15 +00:00
|
|
|
Result: 1 * time.Hour,
|
2016-01-29 20:27:01 +00:00
|
|
|
},
|
|
|
|
|
2016-01-30 01:02:15 +00:00
|
|
|
"valid request, zero backend default, uses increment": {
|
2016-01-29 20:27:01 +00:00
|
|
|
BackendDefault: 0,
|
|
|
|
Increment: 1 * time.Hour,
|
|
|
|
Result: 1 * time.Hour,
|
|
|
|
},
|
|
|
|
|
2016-01-30 01:02:15 +00:00
|
|
|
"lease increment is zero, uses backend default": {
|
2016-01-29 20:27:01 +00:00
|
|
|
BackendDefault: 30 * time.Hour,
|
|
|
|
Increment: 0,
|
|
|
|
Result: 30 * time.Hour,
|
2015-04-11 21:46:09 +00:00
|
|
|
},
|
2015-04-11 23:28:16 +00:00
|
|
|
|
2016-01-30 01:02:15 +00:00
|
|
|
"lease increment and default are zero, uses systemview": {
|
2016-01-29 20:27:01 +00:00
|
|
|
BackendDefault: 0,
|
|
|
|
Increment: 0,
|
|
|
|
Result: 5 * time.Hour,
|
2015-04-11 23:28:16 +00:00
|
|
|
},
|
2015-04-11 21:46:09 +00:00
|
|
|
|
2016-01-29 20:27:01 +00:00
|
|
|
"backend max and associated request are too long": {
|
|
|
|
BackendDefault: 40 * time.Hour,
|
|
|
|
BackendMax: 45 * time.Hour,
|
|
|
|
Result: 30 * time.Hour,
|
2015-04-11 21:51:00 +00:00
|
|
|
},
|
|
|
|
|
2016-01-30 01:02:15 +00:00
|
|
|
"all request values are larger than the system view, so the system view limits": {
|
2016-01-29 20:27:01 +00:00
|
|
|
BackendDefault: 40 * time.Hour,
|
|
|
|
BackendMax: 50 * time.Hour,
|
|
|
|
Increment: 40 * time.Hour,
|
|
|
|
Result: 30 * time.Hour,
|
2015-04-11 21:46:09 +00:00
|
|
|
},
|
2015-04-11 21:51:00 +00:00
|
|
|
|
2016-01-29 20:27:01 +00:00
|
|
|
"request within backend max": {
|
|
|
|
BackendDefault: 9 * time.Hour,
|
|
|
|
BackendMax: 5 * time.Hour,
|
|
|
|
Increment: 4 * time.Hour,
|
2016-01-30 01:02:15 +00:00
|
|
|
Result: 4 * time.Hour,
|
2015-04-11 23:41:08 +00:00
|
|
|
},
|
|
|
|
|
2016-01-29 20:27:01 +00:00
|
|
|
"request outside backend max": {
|
|
|
|
BackendDefault: 9 * time.Hour,
|
|
|
|
BackendMax: 4 * time.Hour,
|
|
|
|
Increment: 5 * time.Hour,
|
|
|
|
Result: 4 * time.Hour,
|
2015-04-11 23:41:08 +00:00
|
|
|
},
|
|
|
|
|
2016-01-29 20:27:01 +00:00
|
|
|
"request is negative, no backend default, use sysview": {
|
|
|
|
Increment: -7 * time.Hour,
|
|
|
|
Result: 5 * time.Hour,
|
2015-04-11 21:51:00 +00:00
|
|
|
},
|
2015-06-17 21:24:12 +00:00
|
|
|
|
2016-01-29 20:27:01 +00:00
|
|
|
"lease increment too large": {
|
|
|
|
Increment: 40 * time.Hour,
|
|
|
|
Result: 30 * time.Hour,
|
2015-06-17 21:24:12 +00:00
|
|
|
},
|
2015-04-11 21:46:09 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
for name, tc := range cases {
|
|
|
|
req := &logical.Request{
|
|
|
|
Auth: &logical.Auth{
|
|
|
|
LeaseOptions: logical.LeaseOptions{
|
2015-08-21 05:27:01 +00:00
|
|
|
TTL: 1 * time.Hour,
|
|
|
|
IssueTime: now,
|
2016-01-29 20:27:01 +00:00
|
|
|
Increment: tc.Increment,
|
2015-04-11 21:46:09 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
2016-01-29 20:27:01 +00:00
|
|
|
callback := LeaseExtend(tc.BackendDefault, tc.BackendMax, testSysView)
|
2015-04-11 21:46:09 +00:00
|
|
|
resp, err := callback(req, nil)
|
2015-04-11 21:51:00 +00:00
|
|
|
if (err != nil) != tc.Error {
|
2015-04-11 21:46:09 +00:00
|
|
|
t.Fatalf("bad: %s\nerr: %s", name, err)
|
|
|
|
}
|
2015-04-11 21:51:00 +00:00
|
|
|
if tc.Error {
|
|
|
|
continue
|
|
|
|
}
|
2015-04-11 21:46:09 +00:00
|
|
|
|
|
|
|
// Round it to the nearest hour
|
2015-08-21 00:47:17 +00:00
|
|
|
lease := now.Add(resp.Auth.TTL).Round(time.Hour).Sub(now)
|
2015-04-11 21:46:09 +00:00
|
|
|
if lease != tc.Result {
|
|
|
|
t.Fatalf("bad: %s\nlease: %s", name, lease)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|