2015-03-16 04:18:25 +00:00
|
|
|
package http
|
|
|
|
|
|
|
|
import (
|
2016-07-06 16:25:40 +00:00
|
|
|
"encoding/json"
|
2015-03-16 04:18:25 +00:00
|
|
|
"reflect"
|
|
|
|
"testing"
|
|
|
|
|
2015-09-03 14:20:44 +00:00
|
|
|
"github.com/fatih/structs"
|
2015-03-16 04:18:25 +00:00
|
|
|
"github.com/hashicorp/vault/vault"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestSysMounts(t *testing.T) {
|
2015-03-29 23:14:54 +00:00
|
|
|
core, _, token := vault.TestCoreUnsealed(t)
|
2015-03-16 04:18:25 +00:00
|
|
|
ln, addr := TestServer(t, core)
|
|
|
|
defer ln.Close()
|
2015-03-29 23:14:54 +00:00
|
|
|
TestServerAuth(t, addr, token)
|
2015-03-16 04:18:25 +00:00
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp := testHttpGet(t, token, addr+"/v1/sys/mounts")
|
2015-03-16 04:18:25 +00:00
|
|
|
|
|
|
|
var actual map[string]interface{}
|
|
|
|
expected := map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
},
|
2015-03-16 04:18:25 +00:00
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-03-16 04:18:25 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-03-16 04:18:25 +00:00
|
|
|
},
|
2015-09-10 01:58:09 +00:00
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2015-03-16 04:18:25 +00:00
|
|
|
}
|
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-03-16 04:18:25 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad: %#v", actual)
|
|
|
|
}
|
|
|
|
}
|
2015-03-16 17:36:29 +00:00
|
|
|
|
|
|
|
func TestSysMount(t *testing.T) {
|
2015-03-29 23:14:54 +00:00
|
|
|
core, _, token := vault.TestCoreUnsealed(t)
|
2015-03-16 17:36:29 +00:00
|
|
|
ln, addr := TestServer(t, core)
|
|
|
|
defer ln.Close()
|
2015-03-29 23:14:54 +00:00
|
|
|
TestServerAuth(t, addr, token)
|
2015-03-16 17:36:29 +00:00
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp := testHttpPost(t, token, addr+"/v1/sys/mounts/foo", map[string]interface{}{
|
2015-03-16 17:36:29 +00:00
|
|
|
"type": "generic",
|
|
|
|
"description": "foo",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/mounts")
|
2015-03-16 17:36:29 +00:00
|
|
|
|
|
|
|
var actual map[string]interface{}
|
|
|
|
expected := map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"foo/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
},
|
2015-03-16 17:36:29 +00:00
|
|
|
"foo/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-03-16 17:36:29 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-03-16 17:36:29 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-03-16 17:36:29 +00:00
|
|
|
},
|
2015-09-10 01:58:09 +00:00
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2015-03-16 17:36:29 +00:00
|
|
|
}
|
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-03-16 17:36:29 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad: %#v", actual)
|
2015-04-07 17:54:58 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-06-16 17:02:15 +00:00
|
|
|
func TestSysMount_put(t *testing.T) {
|
|
|
|
core, _, token := vault.TestCoreUnsealed(t)
|
|
|
|
ln, addr := TestServer(t, core)
|
|
|
|
defer ln.Close()
|
|
|
|
TestServerAuth(t, addr, token)
|
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp := testHttpPut(t, token, addr+"/v1/sys/mounts/foo", map[string]interface{}{
|
2015-06-16 17:02:15 +00:00
|
|
|
"type": "generic",
|
|
|
|
"description": "foo",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
|
|
|
// The TestSysMount test tests the thing is actually created. See that test
|
|
|
|
// for more info.
|
|
|
|
}
|
|
|
|
|
2015-04-07 17:54:58 +00:00
|
|
|
func TestSysRemount(t *testing.T) {
|
|
|
|
core, _, token := vault.TestCoreUnsealed(t)
|
|
|
|
ln, addr := TestServer(t, core)
|
|
|
|
defer ln.Close()
|
|
|
|
TestServerAuth(t, addr, token)
|
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp := testHttpPost(t, token, addr+"/v1/sys/mounts/foo", map[string]interface{}{
|
2015-04-07 17:54:58 +00:00
|
|
|
"type": "generic",
|
|
|
|
"description": "foo",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/remount", map[string]interface{}{
|
2015-04-07 17:54:58 +00:00
|
|
|
"from": "foo",
|
|
|
|
"to": "bar",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/mounts")
|
2015-04-07 17:54:58 +00:00
|
|
|
|
|
|
|
var actual map[string]interface{}
|
|
|
|
expected := map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"bar/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
},
|
2015-04-07 17:54:58 +00:00
|
|
|
"bar/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-04-07 17:54:58 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-04-07 17:54:58 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-04-07 17:54:58 +00:00
|
|
|
},
|
2015-09-10 01:58:09 +00:00
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2015-04-07 17:54:58 +00:00
|
|
|
}
|
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-04-07 17:54:58 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad: %#v", actual)
|
2015-03-16 17:36:29 +00:00
|
|
|
}
|
|
|
|
}
|
2015-03-16 17:41:08 +00:00
|
|
|
|
|
|
|
func TestSysUnmount(t *testing.T) {
|
2015-03-29 23:14:54 +00:00
|
|
|
core, _, token := vault.TestCoreUnsealed(t)
|
2015-03-16 17:41:08 +00:00
|
|
|
ln, addr := TestServer(t, core)
|
|
|
|
defer ln.Close()
|
2015-03-29 23:14:54 +00:00
|
|
|
TestServerAuth(t, addr, token)
|
2015-03-16 17:41:08 +00:00
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp := testHttpPost(t, token, addr+"/v1/sys/mounts/foo", map[string]interface{}{
|
2015-03-16 17:41:08 +00:00
|
|
|
"type": "generic",
|
|
|
|
"description": "foo",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp = testHttpDelete(t, token, addr+"/v1/sys/mounts/foo")
|
2015-03-16 17:41:08 +00:00
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
2015-08-22 00:36:19 +00:00
|
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/mounts")
|
2015-03-16 17:41:08 +00:00
|
|
|
|
|
|
|
var actual map[string]interface{}
|
|
|
|
expected := map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
},
|
2015-03-16 17:41:08 +00:00
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-03-16 17:41:08 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
2015-08-31 18:27:49 +00:00
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-08-31 18:27:49 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-03-16 17:41:08 +00:00
|
|
|
},
|
2015-09-10 01:58:09 +00:00
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2015-03-16 17:41:08 +00:00
|
|
|
}
|
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-03-16 17:41:08 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad: %#v", actual)
|
|
|
|
}
|
|
|
|
}
|
2015-09-02 21:46:15 +00:00
|
|
|
|
|
|
|
func TestSysTuneMount(t *testing.T) {
|
|
|
|
core, _, token := vault.TestCoreUnsealed(t)
|
|
|
|
ln, addr := TestServer(t, core)
|
|
|
|
defer ln.Close()
|
|
|
|
TestServerAuth(t, addr, token)
|
|
|
|
|
|
|
|
resp := testHttpPost(t, token, addr+"/v1/sys/mounts/foo", map[string]interface{}{
|
|
|
|
"type": "generic",
|
|
|
|
"description": "foo",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
|
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/mounts")
|
|
|
|
|
|
|
|
var actual map[string]interface{}
|
|
|
|
expected := map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"foo/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
},
|
2015-09-02 21:46:15 +00:00
|
|
|
"foo/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2015-09-10 01:58:09 +00:00
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2015-09-02 21:46:15 +00:00
|
|
|
}
|
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-09-02 21:46:15 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad: %#v", actual)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Shorter than system default
|
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/mounts/foo/tune", map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"default_lease_ttl": "72h",
|
2015-09-02 21:46:15 +00:00
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
2015-09-09 19:24:45 +00:00
|
|
|
// Longer than system max
|
2015-09-02 21:46:15 +00:00
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/mounts/foo/tune", map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"default_lease_ttl": "72000h",
|
2015-09-02 21:46:15 +00:00
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 400)
|
|
|
|
|
|
|
|
// Longer than system default
|
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/mounts/foo/tune", map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"max_lease_ttl": "72000h",
|
2015-09-02 21:46:15 +00:00
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
|
|
|
// Longer than backend max
|
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/mounts/foo/tune", map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"default_lease_ttl": "72001h",
|
2015-09-02 21:46:15 +00:00
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 400)
|
|
|
|
|
2015-09-03 14:20:44 +00:00
|
|
|
// Shorter than backend default
|
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/mounts/foo/tune", map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"max_lease_ttl": "1h",
|
2015-09-03 14:20:44 +00:00
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 400)
|
|
|
|
|
2015-09-02 21:46:15 +00:00
|
|
|
// Shorter than backend max, longer than system max
|
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/mounts/foo/tune", map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"default_lease_ttl": "71999h",
|
2015-09-02 21:46:15 +00:00
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
|
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/mounts")
|
|
|
|
expected = map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"foo/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("259196400"),
|
|
|
|
"max_lease_ttl": json.Number("259200000"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2016-08-08 20:00:31 +00:00
|
|
|
},
|
|
|
|
},
|
2015-09-02 21:46:15 +00:00
|
|
|
"foo/": map[string]interface{}{
|
|
|
|
"description": "foo",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("259196400"),
|
|
|
|
"max_lease_ttl": json.Number("259200000"),
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
|
|
|
"secret/": map[string]interface{}{
|
|
|
|
"description": "generic secret storage",
|
|
|
|
"type": "generic",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
|
|
|
"sys/": map[string]interface{}{
|
|
|
|
"description": "system endpoints used for control, policy and debugging",
|
|
|
|
"type": "system",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2017-02-16 20:15:02 +00:00
|
|
|
"local": false,
|
2015-09-02 21:46:15 +00:00
|
|
|
},
|
2015-09-10 01:58:09 +00:00
|
|
|
"cubbyhole/": map[string]interface{}{
|
|
|
|
"description": "per-token private secret storage",
|
|
|
|
"type": "cubbyhole",
|
|
|
|
"config": map[string]interface{}{
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("0"),
|
|
|
|
"max_lease_ttl": json.Number("0"),
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2017-02-18 18:51:05 +00:00
|
|
|
"local": true,
|
2015-09-10 01:58:09 +00:00
|
|
|
},
|
2015-09-02 21:46:15 +00:00
|
|
|
}
|
2015-09-03 12:54:59 +00:00
|
|
|
|
2015-09-02 21:46:15 +00:00
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-09-02 21:46:15 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad:\nExpected: %#v\nActual:%#v", expected, actual)
|
|
|
|
}
|
|
|
|
|
2015-09-03 14:20:44 +00:00
|
|
|
// Check simple configuration endpoint
|
2015-09-02 21:46:15 +00:00
|
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/mounts/foo/tune")
|
2015-09-03 12:54:59 +00:00
|
|
|
actual = map[string]interface{}{}
|
2015-09-02 21:46:15 +00:00
|
|
|
expected = map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("259196400"),
|
|
|
|
"max_lease_ttl": json.Number("259200000"),
|
|
|
|
},
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("259196400"),
|
|
|
|
"max_lease_ttl": json.Number("259200000"),
|
2015-09-02 21:46:15 +00:00
|
|
|
}
|
2015-09-03 12:54:59 +00:00
|
|
|
|
2015-09-02 21:46:15 +00:00
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-09-03 14:20:44 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad:\nExpected: %#v\nActual:%#v", expected, actual)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Set a low max
|
|
|
|
resp = testHttpPost(t, token, addr+"/v1/sys/mounts/secret/tune", map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"default_lease_ttl": "40s",
|
|
|
|
"max_lease_ttl": "80s",
|
2015-09-03 14:20:44 +00:00
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
2015-09-02 21:46:15 +00:00
|
|
|
|
2015-09-03 14:20:44 +00:00
|
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/mounts/secret/tune")
|
|
|
|
actual = map[string]interface{}{}
|
|
|
|
expected = map[string]interface{}{
|
2016-08-08 20:00:31 +00:00
|
|
|
"lease_id": "",
|
|
|
|
"renewable": false,
|
|
|
|
"lease_duration": json.Number("0"),
|
|
|
|
"wrap_info": nil,
|
|
|
|
"warnings": nil,
|
|
|
|
"auth": nil,
|
|
|
|
"data": map[string]interface{}{
|
|
|
|
"default_lease_ttl": json.Number("40"),
|
|
|
|
"max_lease_ttl": json.Number("80"),
|
|
|
|
},
|
2016-07-06 16:25:40 +00:00
|
|
|
"default_lease_ttl": json.Number("40"),
|
|
|
|
"max_lease_ttl": json.Number("80"),
|
2015-09-03 14:20:44 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
2016-08-08 20:00:31 +00:00
|
|
|
expected["request_id"] = actual["request_id"]
|
2015-09-02 21:46:15 +00:00
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
|
|
t.Fatalf("bad:\nExpected: %#v\nActual:%#v", expected, actual)
|
|
|
|
}
|
2015-09-03 14:20:44 +00:00
|
|
|
|
|
|
|
// First try with lease above backend max
|
|
|
|
resp = testHttpPut(t, token, addr+"/v1/secret/foo", map[string]interface{}{
|
|
|
|
"data": "bar",
|
|
|
|
"ttl": "28347h",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
|
|
|
// read secret
|
|
|
|
resp = testHttpGet(t, token, addr+"/v1/secret/foo")
|
|
|
|
var result struct {
|
|
|
|
LeaseID string `json:"lease_id" structs:"lease_id"`
|
|
|
|
LeaseDuration int `json:"lease_duration" structs:"lease_duration"`
|
|
|
|
}
|
|
|
|
|
|
|
|
testResponseBody(t, resp, &result)
|
|
|
|
|
|
|
|
expected = map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"lease_duration": int(80),
|
2015-09-03 14:20:44 +00:00
|
|
|
"lease_id": result.LeaseID,
|
|
|
|
}
|
|
|
|
|
|
|
|
if !reflect.DeepEqual(structs.Map(result), expected) {
|
|
|
|
t.Fatalf("bad:\nExpected: %#v\nActual:%#v", expected, structs.Map(result))
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now with lease TTL unspecified
|
|
|
|
resp = testHttpPut(t, token, addr+"/v1/secret/foo", map[string]interface{}{
|
|
|
|
"data": "bar",
|
|
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
|
|
|
|
// read secret
|
|
|
|
resp = testHttpGet(t, token, addr+"/v1/secret/foo")
|
|
|
|
|
|
|
|
testResponseBody(t, resp, &result)
|
|
|
|
|
|
|
|
expected = map[string]interface{}{
|
2015-09-25 13:46:20 +00:00
|
|
|
"lease_duration": int(40),
|
2015-09-03 14:20:44 +00:00
|
|
|
"lease_id": result.LeaseID,
|
|
|
|
}
|
|
|
|
|
|
|
|
if !reflect.DeepEqual(structs.Map(result), expected) {
|
|
|
|
t.Fatalf("bad:\nExpected: %#v\nActual:%#v", expected, structs.Map(result))
|
|
|
|
}
|
2015-09-02 21:46:15 +00:00
|
|
|
}
|