2023-03-15 16:00:52 +00:00
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
2015-04-13 21:12:03 +00:00
package audit
import (
"bytes"
2018-03-08 19:21:11 +00:00
"context"
2016-01-07 20:10:05 +00:00
"encoding/json"
2021-04-08 16:43:39 +00:00
"errors"
"fmt"
2015-08-05 14:44:48 +00:00
"strings"
2015-04-13 21:12:03 +00:00
"testing"
2016-05-08 01:08:13 +00:00
"time"
2015-04-13 21:12:03 +00:00
2018-09-18 03:03:00 +00:00
"github.com/hashicorp/vault/helper/namespace"
2019-04-13 07:44:06 +00:00
"github.com/hashicorp/vault/sdk/helper/jsonutil"
2019-04-12 21:54:35 +00:00
"github.com/hashicorp/vault/sdk/helper/salt"
"github.com/hashicorp/vault/sdk/logical"
2015-04-13 21:12:03 +00:00
)
func TestFormatJSON_formatRequest ( t * testing . T ) {
2018-03-08 19:21:11 +00:00
salter , err := salt . NewSalt ( context . Background ( ) , nil , nil )
2017-05-24 00:36:20 +00:00
if err != nil {
t . Fatal ( err )
}
2018-03-08 19:21:11 +00:00
saltFunc := func ( context . Context ) ( * salt . Salt , error ) {
2017-05-24 00:36:20 +00:00
return salter , nil
}
2017-06-05 22:04:31 +00:00
expectedResultStr := fmt . Sprintf ( testFormatJSONReqBasicStrFmt , salter . GetIdentifiedHMAC ( "foo" ) )
2020-05-29 17:30:47 +00:00
issueTime , _ := time . Parse ( time . RFC3339 , "2020-05-28T13:40:18-05:00" )
2015-04-13 21:12:03 +00:00
cases := map [ string ] struct {
2017-06-05 22:04:31 +00:00
Auth * logical . Auth
Req * logical . Request
Err error
Prefix string
ExpectedStr string
2015-04-13 21:12:03 +00:00
} {
"auth, request" : {
2018-10-15 16:56:24 +00:00
& logical . Auth {
2019-06-14 14:17:04 +00:00
ClientToken : "foo" ,
Accessor : "bar" ,
DisplayName : "testtoken" ,
EntityID : "foobarentity" ,
NoDefaultPolicy : true ,
Policies : [ ] string { "root" } ,
TokenType : logical . TokenTypeService ,
2020-05-29 17:30:47 +00:00
LeaseOptions : logical . LeaseOptions {
TTL : time . Hour * 4 ,
IssueTime : issueTime ,
} ,
2018-10-15 16:56:24 +00:00
} ,
2015-04-13 21:12:03 +00:00
& logical . Request {
2016-01-07 15:30:47 +00:00
Operation : logical . UpdateOperation ,
2015-04-13 21:12:03 +00:00
Path : "/foo" ,
2015-06-19 03:14:20 +00:00
Connection : & logical . Connection {
RemoteAddr : "127.0.0.1" ,
} ,
2017-01-04 21:44:03 +00:00
WrapInfo : & logical . RequestWrapInfo {
TTL : 60 * time . Second ,
} ,
2017-02-02 19:49:20 +00:00
Headers : map [ string ] [ ] string {
2021-04-08 16:43:39 +00:00
"foo" : { "bar" } ,
2017-02-02 19:49:20 +00:00
} ,
2015-04-13 21:12:03 +00:00
} ,
2015-06-19 03:14:20 +00:00
errors . New ( "this is an error" ) ,
2017-02-11 00:56:28 +00:00
"" ,
2017-06-05 22:04:31 +00:00
expectedResultStr ,
2017-02-11 00:56:28 +00:00
} ,
"auth, request with prefix" : {
2018-10-15 16:56:24 +00:00
& logical . Auth {
2019-06-14 14:17:04 +00:00
ClientToken : "foo" ,
Accessor : "bar" ,
EntityID : "foobarentity" ,
DisplayName : "testtoken" ,
NoDefaultPolicy : true ,
Policies : [ ] string { "root" } ,
TokenType : logical . TokenTypeService ,
2020-05-29 17:30:47 +00:00
LeaseOptions : logical . LeaseOptions {
TTL : time . Hour * 4 ,
IssueTime : issueTime ,
} ,
2018-10-15 16:56:24 +00:00
} ,
2017-02-11 00:56:28 +00:00
& logical . Request {
Operation : logical . UpdateOperation ,
Path : "/foo" ,
Connection : & logical . Connection {
RemoteAddr : "127.0.0.1" ,
} ,
WrapInfo : & logical . RequestWrapInfo {
TTL : 60 * time . Second ,
} ,
Headers : map [ string ] [ ] string {
2021-04-08 16:43:39 +00:00
"foo" : { "bar" } ,
2017-02-11 00:56:28 +00:00
} ,
} ,
errors . New ( "this is an error" ) ,
"@cee: " ,
2017-06-05 22:04:31 +00:00
expectedResultStr ,
2015-04-13 21:12:03 +00:00
} ,
}
for name , tc := range cases {
var buf bytes . Buffer
2016-09-21 14:29:42 +00:00
formatter := AuditFormatter {
2017-02-11 00:56:28 +00:00
AuditFormatWriter : & JSONFormatWriter {
2017-05-24 00:36:20 +00:00
Prefix : tc . Prefix ,
SaltFunc : saltFunc ,
2017-02-11 00:56:28 +00:00
} ,
2016-09-21 14:29:42 +00:00
}
2017-06-05 22:04:31 +00:00
config := FormatterConfig {
HMACAccessor : false ,
}
2019-05-22 22:52:53 +00:00
in := & logical . LogInput {
2018-03-02 17:18:39 +00:00
Auth : tc . Auth ,
Request : tc . Req ,
OuterErr : tc . Err ,
}
2018-09-18 03:03:00 +00:00
if err := formatter . FormatRequest ( namespace . RootContext ( nil ) , & buf , config , in ) ; err != nil {
2015-04-13 21:12:03 +00:00
t . Fatalf ( "bad: %s\nerr: %s" , name , err )
}
2017-02-11 00:56:28 +00:00
if ! strings . HasPrefix ( buf . String ( ) , tc . Prefix ) {
2017-06-05 22:04:31 +00:00
t . Fatalf ( "no prefix: %s \n log: %s\nprefix: %s" , name , expectedResultStr , tc . Prefix )
2017-02-11 00:56:28 +00:00
}
2021-04-08 16:43:39 +00:00
expectedjson := new ( AuditRequestEntry )
2017-06-05 22:04:31 +00:00
if err := jsonutil . DecodeJSON ( [ ] byte ( expectedResultStr ) , & expectedjson ) ; err != nil {
2015-08-05 14:44:48 +00:00
t . Fatalf ( "bad json: %s" , err )
}
2019-05-28 21:24:30 +00:00
expectedjson . Request . Namespace = & AuditNamespace { ID : "root" }
2015-08-05 14:44:48 +00:00
2021-04-08 16:43:39 +00:00
actualjson := new ( AuditRequestEntry )
2017-02-11 00:56:28 +00:00
if err := jsonutil . DecodeJSON ( [ ] byte ( buf . String ( ) ) [ len ( tc . Prefix ) : ] , & actualjson ) ; err != nil {
2015-08-05 14:44:48 +00:00
t . Fatalf ( "bad json: %s" , err )
}
expectedjson . Time = actualjson . Time
expectedBytes , err := json . Marshal ( expectedjson )
if err != nil {
t . Fatalf ( "unable to marshal json: %s" , err )
}
2017-02-11 00:56:28 +00:00
if ! strings . HasSuffix ( strings . TrimSpace ( buf . String ( ) ) , string ( expectedBytes ) ) {
2015-04-13 21:12:03 +00:00
t . Fatalf (
2022-08-03 18:32:45 +00:00
"bad: %s\nResult:\n\n%q\n\nExpected:\n\n%q" ,
2015-08-05 14:44:48 +00:00
name , buf . String ( ) , string ( expectedBytes ) )
2015-04-13 21:12:03 +00:00
}
}
}
2020-05-29 17:30:47 +00:00
const testFormatJSONReqBasicStrFmt = ` { "time" : "2015-08-05T13:45:46Z" , "type" : "request" , "auth" : { "client_token" : "%s" , "accessor" : "bar" , "display_name" : "testtoken" , "policies" : [ "root" ] , "no_default_policy" : true , "metadata" : null , "entity_id" : "foobarentity" , "token_type" : "service" , "token_ttl" : 14400 , "token_issue_time" : "2020-05-28T13:40:18-05:00" } , "request" : { "operation" : "update" , "path" : "/foo" , "data" : null , "wrap_ttl" : 60 , "remote_address" : "127.0.0.1" , "headers" : { "foo" : [ "bar" ] } } , "error" : "this is an error" }
2015-04-13 21:12:03 +00:00
`