luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Merge pull request #766 from hashicorp/issue-766 

Display whether a token is an orphan on lookup.
This commit is contained in:
Jeff Mitchell 2015-11-09 13:20:42 -05:00
parent 10913e2e6b 5783f547ab
commit 3717b31b63
4 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -33,6 +33,8 @@ IMPROVEMENTS:
* core: Tokens can now renew themselves [GH-455] * core: Tokens can now renew themselves [GH-455]
* core: Base64-encoded PGP keys can be used with the CLI for `init` and * core: Base64-encoded PGP keys can be used with the CLI for `init` and
`rekey` operations [GH-653] `rekey` operations [GH-653]
* credential/token: Display whether or not a token is an orphan in the output
of a lookup call [GH-766]
* logical: Allow `.` in path-based variables in many more locations [GH-244] * logical: Allow `.` in path-based variables in many more locations [GH-244]
* logical: Responses now contain a "warnings" key containing a list of * logical: Responses now contain a "warnings" key containing a list of
warnings returned from the server. These are conditions that did not require warnings returned from the server. These are conditions that did not require

1
http/logical_test.go
View File

@ -121,6 +121,7 @@ func TestLogical_StandbyRedirect(t *testing.T) {
"path": "auth/token/root", "path": "auth/token/root",
"policies": []interface{}{"root"}, "policies": []interface{}{"root"},
"display_name": "root", "display_name": "root",
"orphan": true,
"id": root, "id": root,
"ttl": float64(0), "ttl": float64(0),
}, },

6
vault/token_store.go
View File

@ -800,10 +800,16 @@ func (ts *TokenStore) handleLookup(
"meta": out.Meta, "meta": out.Meta,
"display_name": out.DisplayName, "display_name": out.DisplayName,
"num_uses": out.NumUses, "num_uses": out.NumUses,
"orphan": false,
"creation_time": int(out.CreationTime), "creation_time": int(out.CreationTime),
"ttl": int(out.TTL.Seconds()), "ttl": int(out.TTL.Seconds()),
}, },
} }
if out.Parent == "" {
resp.Data["orphan"] = true
}
return resp, nil return resp, nil
} }

30
vault/token_store_test.go
View File

@ -866,12 +866,39 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) {
"path": "auth/token/root", "path": "auth/token/root",
"meta": map[string]string(nil), "meta": map[string]string(nil),
"display_name": "root", "display_name": "root",
"orphan": true,
"num_uses": 0, "num_uses": 0,
"ttl": 0, "ttl": 0,
} }
delete(resp.Data, "creation_time") delete(resp.Data, "creation_time")
if !reflect.DeepEqual(resp.Data, exp) { if !reflect.DeepEqual(resp.Data, exp) {
t.Fatalf("bad: %#v exp: %#v", resp.Data, exp) t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp)
}
testMakeToken(t, ts, root, "client", []string{"foo"})
req = logical.TestRequest(t, logical.ReadOperation, "lookup/client")
resp, err = ts.HandleRequest(req)
if err != nil {
t.Fatalf("err: %v %v", err, resp)
}
if resp == nil {
t.Fatalf("bad: %#v", resp)
}
exp = map[string]interface{}{
"id": "client",
"policies": []string{"foo"},
"path": "auth/token/create",
"meta": map[string]string(nil),
"display_name": "token",
"orphan": false,
"num_uses": 0,
"ttl": 2592000,
}
delete(resp.Data, "creation_time")
if !reflect.DeepEqual(resp.Data, exp) {
t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp)
} }
} }
@ -933,6 +960,7 @@ func TestTokenStore_HandleRequest_LookupSelf(t *testing.T) {
"path": "auth/token/root", "path": "auth/token/root",
"meta": map[string]string(nil), "meta": map[string]string(nil),
"display_name": "root", "display_name": "root",
"orphan": true,
"num_uses": 0, "num_uses": 0,
"ttl": 0, "ttl": 0,
} }