Token store tests (#4549)
* Expand revocation test to cover non-registered tokens case * Bump sleep times back down a bit
This commit is contained in:
Calvin Leung Huang
GitHub
parent
6b2593ff54
commit
0ad08b3cb9
|
|
@ -417,7 +417,38 @@ func TestTokenStore_HandleRequest_RevokeAccessor(t *testing.T) {
|
|||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
|
||||
time.Sleep(300 * time.Millisecond)
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
out, err = ts.Lookup(context.Background(), "tokenid")
|
||||
if err != nil {
|
||||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
|
||||
if out != nil {
|
||||
t.Fatalf("bad:\ngot %#v\nexpected: nil\n", out)
|
||||
}
|
||||
|
||||
// Now test without registering the token through the expiration manager
|
||||
testMakeToken(t, ts, root, "tokenid", "", []string{"foo"})
|
||||
out, err = ts.Lookup(context.Background(), "tokenid")
|
||||
if err != nil {
|
||||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
if out == nil {
|
||||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
|
||||
req = logical.TestRequest(t, logical.UpdateOperation, "revoke-accessor")
|
||||
req.Data = map[string]interface{}{
|
||||
"accessor": out.Accessor,
|
||||
}
|
||||
|
||||
_, err = ts.HandleRequest(context.Background(), req)
|
||||
if err != nil {
|
||||
t.Fatalf("err: %s", err)
|
||||
}
|
||||
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
out, err = ts.Lookup(context.Background(), "tokenid")
|
||||
if err != nil {
|
||||
|
|
@ -744,7 +775,7 @@ func TestTokenStore_Revoke_Leases(t *testing.T) {
|
|||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
|
||||
time.Sleep(300 * time.Millisecond)
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
// Verify the lease is gone
|
||||
out, err := ts.expiration.loadEntry(leaseID)
|
||||
|
|
@ -903,7 +934,7 @@ func TestTokenStore_RevokeSelf(t *testing.T) {
|
|||
t.Fatalf("err: %v\nresp: %#v", err, resp)
|
||||
}
|
||||
|
||||
time.Sleep(300 * time.Millisecond)
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
lookup := []string{ent1.ID, ent2.ID, ent3.ID, ent4.ID}
|
||||
for _, id := range lookup {
|
||||
|
|
@ -1431,7 +1462,7 @@ func TestTokenStore_HandleRequest_Revoke(t *testing.T) {
|
|||
t.Fatalf("bad: %#v", resp)
|
||||
}
|
||||
|
||||
time.Sleep(300 * time.Millisecond)
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
out, err := ts.Lookup(context.Background(), "child")
|
||||
if err != nil {
|
||||
|
|
@ -1449,6 +1480,41 @@ func TestTokenStore_HandleRequest_Revoke(t *testing.T) {
|
|||
if out != nil {
|
||||
t.Fatalf("bad: %v", out)
|
||||
}
|
||||
|
||||
// Now test without registering the tokens through the expiration manager
|
||||
testMakeToken(t, ts, root, "child", "", []string{"root", "foo"})
|
||||
testMakeToken(t, ts, "child", "sub-child", "", []string{"foo"})
|
||||
|
||||
req = logical.TestRequest(t, logical.UpdateOperation, "revoke")
|
||||
req.Data = map[string]interface{}{
|
||||
"token": "child",
|
||||
}
|
||||
resp, err = ts.HandleRequest(context.Background(), req)
|
||||
if err != nil || (resp != nil && resp.IsError()) {
|
||||
t.Fatalf("err: %v\nresp: %#v", err, resp)
|
||||
}
|
||||
if resp != nil {
|
||||
t.Fatalf("bad: %#v", resp)
|
||||
}
|
||||
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
out, err = ts.Lookup(context.Background(), "child")
|
||||
if err != nil {
|
||||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
if out != nil {
|
||||
t.Fatalf("bad: %#v", out)
|
||||
}
|
||||
|
||||
// Sub-child should not exist
|
||||
out, err = ts.Lookup(context.Background(), "sub-child")
|
||||
if err != nil {
|
||||
t.Fatalf("err: %v", err)
|
||||
}
|
||||
if out != nil {
|
||||
t.Fatalf("bad: %v", out)
|
||||
}
|
||||
}
|
||||
|
||||
func TestTokenStore_HandleRequest_RevokeOrphan(t *testing.T) {
|
||||
|
|
@ -1469,7 +1535,7 @@ func TestTokenStore_HandleRequest_RevokeOrphan(t *testing.T) {
|
|||
t.Fatalf("bad: %#v", resp)
|
||||
}
|
||||
|
||||
time.Sleep(300 * time.Millisecond)
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
out, err := ts.Lookup(context.Background(), "child")
|
||||
if err != nil {
|
||||
|
|
@ -1524,7 +1590,7 @@ func TestTokenStore_HandleRequest_RevokeOrphan_NonRoot(t *testing.T) {
|
|||
t.Fatalf("did not get error when non-root revoking itself with orphan flag; resp is %#v", resp)
|
||||
}
|
||||
|
||||
time.Sleep(300 * time.Millisecond)
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
// Should still exist
|
||||
out, err = ts.Lookup(context.Background(), "child")
|
||||
|
|
@ -3836,11 +3902,11 @@ func TestTokenStore_TidyLeaseRevocation(t *testing.T) {
|
|||
leases := []string{}
|
||||
|
||||
for i := 0; i < 10; i++ {
|
||||
leaseId, err := exp.Register(req, resp)
|
||||
leaseID, err := exp.Register(req, resp)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
leases = append(leases, leaseId)
|
||||
leases = append(leases, leaseID)
|
||||
}
|
||||
|
||||
sort.Strings(leases)
|
||||
|
|
@ -3893,7 +3959,7 @@ func TestTokenStore_TidyLeaseRevocation(t *testing.T) {
|
|||
// Call tidy
|
||||
ts.handleTidy(context.Background(), nil, nil)
|
||||
|
||||
time.Sleep(300 * time.Millisecond)
|
||||
time.Sleep(200 * time.Millisecond)
|
||||
|
||||
// Verify leases are gone
|
||||
storedLeases, err = exp.lookupLeasesByToken(tut)
|
||||
|
|
|
|||
Loading…
Reference in a new issue