open-vault/command/auth_test.go

package command

import (
	"fmt"
	"io"
	"io/ioutil"
	"os"
	"path/filepath"
	"strings"
	"testing"

	"github.com/hashicorp/vault/api"
	tokenDisk "github.com/hashicorp/vault/builtin/token/disk"
	"github.com/hashicorp/vault/command/token"
	"github.com/hashicorp/vault/http"
	"github.com/hashicorp/vault/vault"
	"github.com/mitchellh/cli"
)

func TestAuth_methods(t *testing.T) {
	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	testAuthInit(t)

	ui := new(cli.MockUi)
	c := &AuthCommand{
		Meta: Meta{
			ClientToken: token,
			Ui:          ui,
		},
	}

	args := []string{
		"-address", addr,
		"-methods",
	}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	output := ui.OutputWriter.String()
	if !strings.Contains(output, "token") {
		t.Fatalf("bad: %#v", output)
	}
}

func TestAuth_token(t *testing.T) {
	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	testAuthInit(t)

	ui := new(cli.MockUi)
	c := &AuthCommand{
		Meta: Meta{
			Ui: ui,
		},
	}

	args := []string{
		"-address", addr,
		token,
	}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	helper, err := c.TokenHelper()
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	actual, err := helper.Get()
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	if actual != token {
		t.Fatalf("bad: %s", actual)
	}
}

func TestAuth_stdin(t *testing.T) {
	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	testAuthInit(t)

	stdinR, stdinW := io.Pipe()
	ui := new(cli.MockUi)
	c := &AuthCommand{
		Meta: Meta{
			Ui: ui,
		},
		testStdin: stdinR,
	}

	go func() {
		stdinW.Write([]byte(token))
		stdinW.Close()
	}()

	args := []string{
		"-address", addr,
		"-",
	}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}
}

func TestAuth_badToken(t *testing.T) {
	core, _, _ := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	testAuthInit(t)

	ui := new(cli.MockUi)
	c := &AuthCommand{
		Meta: Meta{
			Ui: ui,
		},
	}

	args := []string{
		"-address", addr,
		"not-a-valid-token",
	}
	if code := c.Run(args); code != 1 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}
}

func TestAuth_method(t *testing.T) {
	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := http.TestServer(t, core)
	defer ln.Close()

	testAuthInit(t)

	ui := new(cli.MockUi)
	c := &AuthCommand{
		Handlers: map[string]AuthHandler{
			"test": &testAuthHandler{},
		},
		Meta: Meta{
			Ui: ui,
		},
	}

	args := []string{
		"-address", addr,
		"-method=test",
		"foo=" + token,
	}
	if code := c.Run(args); code != 0 {
		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
	}

	helper, err := c.TokenHelper()
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	actual, err := helper.Get()
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	if actual != token {
		t.Fatalf("bad: %s", actual)
	}
}

func testAuthInit(t *testing.T) {
	td, err := ioutil.TempDir("", "vault")
	if err != nil {
		t.Fatalf("err: %s", err)
	}

	// Set the HOME env var so we get that right
	os.Setenv("HOME", td)

	// Write a .vault config to use our custom token helper
	config := fmt.Sprintf(
		"token_helper = \"%s\"\n", token.TestProcessPath(t))
	ioutil.WriteFile(filepath.Join(td, ".vault"), []byte(config), 0644)
}

func TestHelperProcess(t *testing.T) {
	token.TestHelperProcessCLI(t, &tokenDisk.Command{})
}

type testAuthHandler struct{}

func (h *testAuthHandler) Auth(c *api.Client, m map[string]string) (string, error) {
	return m["foo"], nil
}

func (h *testAuthHandler) Help() string { return "" }
command/auth: boilerplate 2015-03-29 23:42:45 +00:00			`package command`

			`import (`
command/auth: tests work wihtout vault installed 2015-03-30 18:07:31 +00:00			`"fmt"`
Add test for stdin input Shamelessly borrowed this pattern from write_test.go 2015-05-23 18:22:35 +00:00			`"io"`
command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`"io/ioutil"`
			`"os"`
command/auth: tests work wihtout vault installed 2015-03-30 18:07:31 +00:00			`"path/filepath"`
command/mounts: columnize 2015-04-02 00:01:10 +00:00			`"strings"`
command/auth: boilerplate 2015-03-29 23:42:45 +00:00			`"testing"`

credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`"github.com/hashicorp/vault/api"`
command/auth: tests work wihtout vault installed 2015-03-30 18:07:31 +00:00			`tokenDisk "github.com/hashicorp/vault/builtin/token/disk"`
			`"github.com/hashicorp/vault/command/token"`
command/auth: validate the token 2015-03-31 22:15:08 +00:00			`"github.com/hashicorp/vault/http"`
			`"github.com/hashicorp/vault/vault"`
command/auth: boilerplate 2015-03-29 23:42:45 +00:00			`"github.com/mitchellh/cli"`
			`)`

command/mounts: columnize 2015-04-02 00:01:10 +00:00			`func TestAuth_methods(t *testing.T) {`
			`core, _, token := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`testAuthInit(t)`

			`ui := new(cli.MockUi)`
			`c := &AuthCommand{`
			`Meta: Meta{`
			`ClientToken: token,`
			`Ui: ui,`
			`},`
			`}`

			`args := []string{`
			`"-address", addr,`
			`"-methods",`
			`}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

			`output := ui.OutputWriter.String()`
			`if !strings.Contains(output, "token") {`
			`t.Fatalf("bad: %#v", output)`
			`}`
			`}`

command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`func TestAuth_token(t *testing.T) {`
command/auth: validate the token 2015-03-31 22:15:08 +00:00			`core, _, token := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`testAuthInit(t)`

			`ui := new(cli.MockUi)`
			`c := &AuthCommand{`
			`Meta: Meta{`
			`Ui: ui,`
			`},`
			`}`

			`args := []string{`
command/auth: validate the token 2015-03-31 22:15:08 +00:00			`"-address", addr,`
			`token,`
command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

			`helper, err := c.TokenHelper()`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`actual, err := helper.Get()`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

command/auth: validate the token 2015-03-31 22:15:08 +00:00			`if actual != token {`
command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`t.Fatalf("bad: %s", actual)`
			`}`
			`}`

Add test for stdin input Shamelessly borrowed this pattern from write_test.go 2015-05-23 18:22:35 +00:00			`func TestAuth_stdin(t *testing.T) {`
			`core, _, token := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`testAuthInit(t)`

			`stdinR, stdinW := io.Pipe()`
			`ui := new(cli.MockUi)`
			`c := &AuthCommand{`
			`Meta: Meta{`
			`Ui: ui,`
			`},`
			`testStdin: stdinR,`
			`}`

			`go func() {`
			`stdinW.Write([]byte(token))`
			`stdinW.Close()`
			`}()`

			`args := []string{`
			`"-address", addr,`
			`"-",`
			`}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`
			`}`

Check for invalid token when authing via cli If a token does not exist, the Read request returns without an error, but the secret returned is `nil`, so we need to check for that. Closes #75 2015-04-29 02:23:26 +00:00			`func TestAuth_badToken(t *testing.T) {`
			`core, _, _ := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`testAuthInit(t)`

			`ui := new(cli.MockUi)`
			`c := &AuthCommand{`
			`Meta: Meta{`
			`Ui: ui,`
			`},`
			`}`

			`args := []string{`
			`"-address", addr,`
			`"not-a-valid-token",`
			`}`
			`if code := c.Run(args); code != 1 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`
			`}`

command/auth: test for other methods 2015-04-06 16:40:47 +00:00			`func TestAuth_method(t *testing.T) {`
			`core, _, token := vault.TestCoreUnsealed(t)`
			`ln, addr := http.TestServer(t, core)`
			`defer ln.Close()`

			`testAuthInit(t)`

			`ui := new(cli.MockUi)`
			`c := &AuthCommand{`
			`Handlers: map[string]AuthHandler{`
			`"test": &testAuthHandler{},`
			`},`
			`Meta: Meta{`
			`Ui: ui,`
			`},`
			`}`

			`args := []string{`
			`"-address", addr,`
			`"-method=test",`
command/auth: unify 2015-04-08 06:29:49 +00:00			`"foo=" + token,`
command/auth: test for other methods 2015-04-06 16:40:47 +00:00			`}`
			`if code := c.Run(args); code != 0 {`
			`t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())`
			`}`

			`helper, err := c.TokenHelper()`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`actual, err := helper.Get()`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

			`if actual != token {`
			`t.Fatalf("bad: %s", actual)`
			`}`
			`}`

command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`func testAuthInit(t *testing.T) {`
			`td, err := ioutil.TempDir("", "vault")`
			`if err != nil {`
			`t.Fatalf("err: %s", err)`
			`}`

command/auth: tests work wihtout vault installed 2015-03-30 18:07:31 +00:00			`// Set the HOME env var so we get that right`
command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`os.Setenv("HOME", td)`
command/auth: tests work wihtout vault installed 2015-03-30 18:07:31 +00:00
			`// Write a .vault config to use our custom token helper`
			`config := fmt.Sprintf(`
			`"token_helper = \"%s\"\n", token.TestProcessPath(t))`
			`ioutil.WriteFile(filepath.Join(td, ".vault"), []byte(config), 0644)`
			`}`

			`func TestHelperProcess(t *testing.T) {`
			`token.TestHelperProcessCLI(t, &tokenDisk.Command{})`
command/auth: setting tokens works 2015-03-30 17:55:41 +00:00			`}`
command/auth: test for other methods 2015-04-06 16:40:47 +00:00
			`type testAuthHandler struct{}`

credential/github: CLI handler 2015-04-06 16:53:43 +00:00			`func (h testAuthHandler) Auth(c api.Client, m map[string]string) (string, error) {`
command/auth: test for other methods 2015-04-06 16:40:47 +00:00			`return m["foo"], nil`
			`}`

			`func (h *testAuthHandler) Help() string { return "" }`