open-vault/audit/format_json_test.go

144 lines
3.6 KiB
Go
Raw Normal View History

2015-04-13 21:12:03 +00:00
package audit
import (
"bytes"
"context"
"encoding/json"
2015-08-05 14:44:48 +00:00
"strings"
2015-04-13 21:12:03 +00:00
"testing"
2016-05-08 01:08:13 +00:00
"time"
2015-04-13 21:12:03 +00:00
2015-06-19 03:14:20 +00:00
"errors"
"fmt"
"github.com/hashicorp/vault/helper/jsonutil"
2018-09-18 03:03:00 +00:00
"github.com/hashicorp/vault/helper/namespace"
2016-09-21 14:29:42 +00:00
"github.com/hashicorp/vault/helper/salt"
"github.com/hashicorp/vault/logical"
2015-04-13 21:12:03 +00:00
)
func TestFormatJSON_formatRequest(t *testing.T) {
salter, err := salt.NewSalt(context.Background(), nil, nil)
if err != nil {
t.Fatal(err)
}
saltFunc := func(context.Context) (*salt.Salt, error) {
return salter, nil
}
expectedResultStr := fmt.Sprintf(testFormatJSONReqBasicStrFmt, salter.GetIdentifiedHMAC("foo"))
2015-04-13 21:12:03 +00:00
cases := map[string]struct {
Auth *logical.Auth
Req *logical.Request
Err error
Prefix string
ExpectedStr string
2015-04-13 21:12:03 +00:00
}{
"auth, request": {
2018-10-15 16:56:24 +00:00
&logical.Auth{
ClientToken: "foo",
Accessor: "bar",
DisplayName: "testtoken",
Policies: []string{"root"},
TokenType: logical.TokenTypeService,
2018-10-15 16:56:24 +00:00
},
2015-04-13 21:12:03 +00:00
&logical.Request{
2016-01-07 15:30:47 +00:00
Operation: logical.UpdateOperation,
2015-04-13 21:12:03 +00:00
Path: "/foo",
2015-06-19 03:14:20 +00:00
Connection: &logical.Connection{
RemoteAddr: "127.0.0.1",
},
2017-01-04 21:44:03 +00:00
WrapInfo: &logical.RequestWrapInfo{
TTL: 60 * time.Second,
},
Headers: map[string][]string{
"foo": []string{"bar"},
},
2015-04-13 21:12:03 +00:00
},
2015-06-19 03:14:20 +00:00
errors.New("this is an error"),
"",
expectedResultStr,
},
"auth, request with prefix": {
2018-10-15 16:56:24 +00:00
&logical.Auth{
ClientToken: "foo",
Accessor: "bar",
DisplayName: "testtoken",
Policies: []string{"root"},
TokenType: logical.TokenTypeService,
2018-10-15 16:56:24 +00:00
},
&logical.Request{
Operation: logical.UpdateOperation,
Path: "/foo",
Connection: &logical.Connection{
RemoteAddr: "127.0.0.1",
},
WrapInfo: &logical.RequestWrapInfo{
TTL: 60 * time.Second,
},
Headers: map[string][]string{
"foo": []string{"bar"},
},
},
errors.New("this is an error"),
"@cee: ",
expectedResultStr,
2015-04-13 21:12:03 +00:00
},
}
for name, tc := range cases {
var buf bytes.Buffer
2016-09-21 14:29:42 +00:00
formatter := AuditFormatter{
AuditFormatWriter: &JSONFormatWriter{
Prefix: tc.Prefix,
SaltFunc: saltFunc,
},
2016-09-21 14:29:42 +00:00
}
config := FormatterConfig{
HMACAccessor: false,
}
in := &LogInput{
Auth: tc.Auth,
Request: tc.Req,
OuterErr: tc.Err,
}
2018-09-18 03:03:00 +00:00
if err := formatter.FormatRequest(namespace.RootContext(nil), &buf, config, in); err != nil {
2015-04-13 21:12:03 +00:00
t.Fatalf("bad: %s\nerr: %s", name, err)
}
if !strings.HasPrefix(buf.String(), tc.Prefix) {
t.Fatalf("no prefix: %s \n log: %s\nprefix: %s", name, expectedResultStr, tc.Prefix)
}
2016-09-21 14:29:42 +00:00
var expectedjson = new(AuditRequestEntry)
if err := jsonutil.DecodeJSON([]byte(expectedResultStr), &expectedjson); err != nil {
2015-08-05 14:44:48 +00:00
t.Fatalf("bad json: %s", err)
}
2018-09-18 03:03:00 +00:00
expectedjson.Request.Namespace = AuditNamespace{ID: "root"}
2015-08-05 14:44:48 +00:00
2016-09-21 14:29:42 +00:00
var actualjson = new(AuditRequestEntry)
if err := jsonutil.DecodeJSON([]byte(buf.String())[len(tc.Prefix):], &actualjson); err != nil {
2015-08-05 14:44:48 +00:00
t.Fatalf("bad json: %s", err)
}
expectedjson.Time = actualjson.Time
expectedBytes, err := json.Marshal(expectedjson)
if err != nil {
t.Fatalf("unable to marshal json: %s", err)
}
if !strings.HasSuffix(strings.TrimSpace(buf.String()), string(expectedBytes)) {
2015-04-13 21:12:03 +00:00
t.Fatalf(
2015-08-05 14:44:48 +00:00
"bad: %s\nResult:\n\n'%s'\n\nExpected:\n\n'%s'",
name, buf.String(), string(expectedBytes))
2015-04-13 21:12:03 +00:00
}
}
}
const testFormatJSONReqBasicStrFmt = `{"time":"2015-08-05T13:45:46Z","type":"request","auth":{"client_token":"%s","accessor":"bar","display_name":"testtoken","policies":["root"],"metadata":null,"entity_id":"","token_type":"service"},"request":{"operation":"update","path":"/foo","data":null,"wrap_ttl":60,"remote_address":"127.0.0.1","headers":{"foo":["bar"]}},"error":"this is an error"}
2015-04-13 21:12:03 +00:00
`