From ad7cb2c8f128a19f580775198db0fa888e1cc5db Mon Sep 17 00:00:00 2001 From: vishalnayak Date: Wed, 6 Jul 2016 12:25:40 -0400 Subject: [PATCH] Added JSON Decode and Encode helpers. Changed all the occurances of Unmarshal to use the helpers. Fixed http/ package tests. --- api/logical.go | 7 +- api/response.go | 11 +-- api/secret.go | 7 +- audit/format_json_test.go | 5 +- builtin/credential/aws-ec2/path_login.go | 5 +- builtin/logical/rabbitmq/backend_test.go | 4 +- builtin/logical/rabbitmq/path_roles.go | 5 +- builtin/logical/transit/lock_manager.go | 4 +- builtin/logical/transit/policy.go | 10 ++- command/format_test.go | 4 +- helper/certutil/helpers.go | 6 +- helper/kv-builder/builder.go | 6 +- helper/mfa/duo/duo_test.go | 28 +++---- helper/pgpkeys/keybase.go | 5 +- http/handler.go | 4 +- http/handler_test.go | 13 ++-- http/http_test.go | 4 +- http/logical_test.go | 18 +++-- http/sys_auth_test.go | 17 +++-- http/sys_generate_root_test.go | 49 ++++++------ http/sys_lease_test.go | 5 +- http/sys_mount_test.go | 97 ++++++++++++------------ http/sys_rekey_test.go | 33 ++++---- http/sys_rotate_test.go | 3 +- http/sys_seal_test.go | 34 +++++---- logical/framework/path_struct.go | 3 +- logical/framework/wal.go | 3 +- logical/storage.go | 17 +++-- physical/file.go | 5 +- vault/audit.go | 3 +- vault/auth.go | 3 +- vault/barrier_aes_gcm.go | 4 +- vault/expiration.go | 3 +- vault/keyring.go | 6 +- vault/logical_cubbyhole.go | 3 +- vault/logical_passthrough.go | 4 +- vault/mount.go | 3 +- vault/rekey.go | 3 +- vault/seal.go | 3 +- vault/token_store.go | 3 +- 40 files changed, 236 insertions(+), 214 deletions(-) diff --git a/api/logical.go b/api/logical.go index 2e967f445..fb8288e73 100644 --- a/api/logical.go +++ b/api/logical.go @@ -2,8 +2,9 @@ package api import ( "bytes" - "encoding/json" "fmt" + + "github.com/hashicorp/vault/helper/jsonutil" ) const ( @@ -113,9 +114,7 @@ func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { wrappedSecret := new(Secret) buf := bytes.NewBufferString(secret.Data["response"].(string)) - dec := json.NewDecoder(buf) - dec.UseNumber() - if err := dec.Decode(wrappedSecret); err != nil { + if err := jsonutil.DecodeJSONFromReader(buf, wrappedSecret); err != nil { return nil, fmt.Errorf("error unmarshaling wrapped secret: %s", err) } diff --git a/api/response.go b/api/response.go index a646a0da2..7c8ac9f97 100644 --- a/api/response.go +++ b/api/response.go @@ -2,10 +2,11 @@ package api import ( "bytes" - "encoding/json" "fmt" "io" "net/http" + + "github.com/hashicorp/vault/helper/jsonutil" ) // Response is a raw response that wraps an HTTP response. @@ -17,9 +18,7 @@ type Response struct { // will consume the response body, but will not close it. Close must // still be called. func (r *Response) DecodeJSON(out interface{}) error { - dec := json.NewDecoder(r.Body) - dec.UseNumber() - return dec.Decode(out) + return jsonutil.DecodeJSONFromReader(r.Body, out) } // Error returns an error response if there is one. If there is an error, @@ -42,9 +41,7 @@ func (r *Response) Error() error { // in a bytes.Reader here so that the JSON decoder doesn't move the // read pointer for the original buffer. var resp ErrorResponse - dec := json.NewDecoder(bytes.NewReader(bodyBuf.Bytes())) - dec.UseNumber() - if err := dec.Decode(&resp); err != nil { + if err := jsonutil.DecodeJSON(bodyBuf.Bytes(), &resp); err != nil { // Ignore the decoding error and just drop the raw response return fmt.Errorf( "Error making API request.\n\n"+ diff --git a/api/secret.go b/api/secret.go index d0a539e47..8ac70ba25 100644 --- a/api/secret.go +++ b/api/secret.go @@ -1,9 +1,10 @@ package api import ( - "encoding/json" "io" "time" + + "github.com/hashicorp/vault/helper/jsonutil" ) // Secret is the structure returned for every secret within Vault. @@ -56,9 +57,7 @@ type SecretAuth struct { func ParseSecret(r io.Reader) (*Secret, error) { // First decode the JSON into a map[string]interface{} var secret Secret - dec := json.NewDecoder(r) - dec.UseNumber() - if err := dec.Decode(&secret); err != nil { + if err := jsonutil.DecodeJSONFromReader(r, &secret); err != nil { return nil, err } diff --git a/audit/format_json_test.go b/audit/format_json_test.go index 87845eb15..e2e7c9488 100644 --- a/audit/format_json_test.go +++ b/audit/format_json_test.go @@ -9,6 +9,7 @@ import ( "errors" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) @@ -42,12 +43,12 @@ func TestFormatJSON_formatRequest(t *testing.T) { } var expectedjson = new(JSONRequestEntry) - if err := json.Unmarshal([]byte(tc.Result), &expectedjson); err != nil { + if err := jsonutil.DecodeJSON([]byte(tc.Result), &expectedjson); err != nil { t.Fatalf("bad json: %s", err) } var actualjson = new(JSONRequestEntry) - if err := json.Unmarshal([]byte(buf.String()), &actualjson); err != nil { + if err := jsonutil.DecodeJSON([]byte(buf.String()), &actualjson); err != nil { t.Fatalf("bad json: %s", err) } diff --git a/builtin/credential/aws-ec2/path_login.go b/builtin/credential/aws-ec2/path_login.go index bab849542..5ab184311 100644 --- a/builtin/credential/aws-ec2/path_login.go +++ b/builtin/credential/aws-ec2/path_login.go @@ -1,7 +1,6 @@ package awsec2 import ( - "encoding/json" "encoding/pem" "fmt" "time" @@ -9,6 +8,7 @@ import ( "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/service/ec2" "github.com/fullsailor/pkcs7" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/helper/strutil" "github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/logical/framework" @@ -191,8 +191,7 @@ func (b *backend) parseIdentityDocument(s logical.Storage, pkcs7B64 string) (*id } var identityDoc identityDocument - err = json.Unmarshal(pkcs7Data.Content, &identityDoc) - if err != nil { + if err := jsonutil.DecodeJSON(pkcs7Data.Content, &identityDoc); err != nil { return nil, err } diff --git a/builtin/logical/rabbitmq/backend_test.go b/builtin/logical/rabbitmq/backend_test.go index 0fab562e6..302090503 100644 --- a/builtin/logical/rabbitmq/backend_test.go +++ b/builtin/logical/rabbitmq/backend_test.go @@ -1,12 +1,12 @@ package rabbitmq import ( - "encoding/json" "fmt" "log" "os" "testing" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" logicaltest "github.com/hashicorp/vault/logical/testing" "github.com/michaelklishin/rabbit-hole" @@ -189,7 +189,7 @@ func testAccStepReadRole(t *testing.T, name, tags, rawVHosts string) logicaltest } var vhosts map[string]vhostPermission - if err := json.Unmarshal([]byte(rawVHosts), &vhosts); err != nil { + if err := jsonutil.DecodeJSON([]byte(rawVHosts), &vhosts); err != nil { return fmt.Errorf("bad expected vhosts %#v: %s", vhosts, err) } diff --git a/builtin/logical/rabbitmq/path_roles.go b/builtin/logical/rabbitmq/path_roles.go index b6bf1d07d..bb03d3d77 100644 --- a/builtin/logical/rabbitmq/path_roles.go +++ b/builtin/logical/rabbitmq/path_roles.go @@ -1,10 +1,10 @@ package rabbitmq import ( - "encoding/json" "fmt" "github.com/fatih/structs" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/logical/framework" ) @@ -122,8 +122,7 @@ func (b *backend) pathRoleUpdate(req *logical.Request, d *framework.FieldData) ( var vhosts map[string]vhostPermission if len(rawVHosts) > 0 { - err := json.Unmarshal([]byte(rawVHosts), &vhosts) - if err != nil { + if err := jsonutil.DecodeJSON([]byte(rawVHosts), &vhosts); err != nil { return logical.ErrorResponse(fmt.Sprintf("failed to unmarshal vhosts: %s", err)), nil } } diff --git a/builtin/logical/transit/lock_manager.go b/builtin/logical/transit/lock_manager.go index 4d8ccd25c..7c27748e9 100644 --- a/builtin/logical/transit/lock_manager.go +++ b/builtin/logical/transit/lock_manager.go @@ -1,11 +1,11 @@ package transit import ( - "encoding/json" "errors" "fmt" "sync" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) @@ -321,7 +321,7 @@ func (lm *lockManager) getStoredPolicy(storage logical.Storage, name string) (*P policy := &Policy{ Keys: KeyEntryMap{}, } - err = json.Unmarshal(raw.Value, policy) + err = jsonutil.DecodeJSON(raw.Value, policy) if err != nil { return nil, err } diff --git a/builtin/logical/transit/policy.go b/builtin/logical/transit/policy.go index b9ede365c..444c9c3bc 100644 --- a/builtin/logical/transit/policy.go +++ b/builtin/logical/transit/policy.go @@ -12,6 +12,7 @@ import ( "time" "github.com/hashicorp/vault/helper/certutil" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/helper/kdf" "github.com/hashicorp/vault/logical" ) @@ -42,12 +43,13 @@ func (kem KeyEntryMap) MarshalJSON() ([]byte, error) { } // MarshalJSON implements JSON unmarshaling -func (kem KeyEntryMap) UnmarshalJSON(data []byte) error { +func (kem KeyEntryMap) DecodeJSON(data []byte) error { intermediate := map[string]KeyEntry{} - err := json.Unmarshal(data, &intermediate) - if err != nil { + + if err := jsonutil.DecodeJSON(data, &intermediate); err != nil { return err } + for k, v := range intermediate { keyval, err := strconv.Atoi(k) if err != nil { @@ -106,7 +108,7 @@ func (p *Policy) loadArchive(storage logical.Storage) (*ArchivedKeys, error) { return archive, nil } - if err := json.Unmarshal(raw.Value, archive); err != nil { + if err := jsonutil.DecodeJSON(raw.Value, archive); err != nil { return nil, err } diff --git a/command/format_test.go b/command/format_test.go index b7b3a8521..8e32d2419 100644 --- a/command/format_test.go +++ b/command/format_test.go @@ -1,12 +1,12 @@ package command import ( - "encoding/json" "strings" "testing" "github.com/ghodss/yaml" "github.com/hashicorp/vault/api" + "github.com/hashicorp/vault/helper/jsonutil" ) var output string @@ -43,7 +43,7 @@ func TestJsonFormatter(t *testing.T) { t.Fatal(err) } var newUi mockUi - if err := json.Unmarshal([]byte(output), &newUi); err != nil { + if err := jsonutil.DecodeJSON([]byte(output), &newUi); err != nil { t.Fatal(err) } if newUi.SampleData != ui.SampleData { diff --git a/helper/certutil/helpers.go b/helper/certutil/helpers.go index 4327f4525..816d7cfd8 100644 --- a/helper/certutil/helpers.go +++ b/helper/certutil/helpers.go @@ -9,13 +9,13 @@ import ( "crypto/rsa" "crypto/sha1" "crypto/x509" - "encoding/json" "encoding/pem" "fmt" "math/big" "strconv" "strings" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/mitchellh/mapstructure" ) @@ -84,14 +84,14 @@ func ParsePKIMap(data map[string]interface{}) (*ParsedCertBundle, error) { // JSON not coming from the PKI backend. func ParsePKIJSON(input []byte) (*ParsedCertBundle, error) { result := &CertBundle{} - err := json.Unmarshal(input, &result) + err := jsonutil.DecodeJSON(input, &result) if err == nil { return result.ToParsedCertBundle() } var secret Secret - err = json.Unmarshal(input, &secret) + err = jsonutil.DecodeJSON(input, &secret) if err == nil { return ParsePKIMap(secret.Data) diff --git a/helper/kv-builder/builder.go b/helper/kv-builder/builder.go index f83eaf6c2..e5a0ad781 100644 --- a/helper/kv-builder/builder.go +++ b/helper/kv-builder/builder.go @@ -2,12 +2,13 @@ package kvbuilder import ( "bytes" - "encoding/json" "fmt" "io" "io/ioutil" "os" "strings" + + "github.com/hashicorp/vault/helper/jsonutil" ) // Builder is a struct to build a key/value mapping based on a list @@ -111,6 +112,5 @@ func (b *Builder) add(raw string) error { } func (b *Builder) addReader(r io.Reader) error { - dec := json.NewDecoder(r) - return dec.Decode(&b.result) + return jsonutil.DecodeJSONFromReader(r, &b.result) } diff --git a/helper/mfa/duo/duo_test.go b/helper/mfa/duo/duo_test.go index e01272d35..fd31128ef 100644 --- a/helper/mfa/duo/duo_test.go +++ b/helper/mfa/duo/duo_test.go @@ -1,20 +1,20 @@ package duo import ( - "encoding/json" "net/url" "strings" "testing" "github.com/duosecurity/duo_api_golang/authapi" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) type MockClientData struct { - PreauthData *authapi.PreauthResult + PreauthData *authapi.PreauthResult PreauthError error - AuthData *authapi.AuthResult - AuthError error + AuthData *authapi.AuthResult + AuthError error } type MockAuthClient struct { @@ -29,15 +29,15 @@ func (c *MockAuthClient) Auth(factor string, options ...func(*url.Values)) (*aut return c.MockData.AuthData, c.MockData.AuthError } -func MockGetDuoAuthClient(data *MockClientData) func (*logical.Request, *DuoConfig) (AuthClient, error) { - return func (*logical.Request, *DuoConfig) (AuthClient, error) { +func MockGetDuoAuthClient(data *MockClientData) func(*logical.Request, *DuoConfig) (AuthClient, error) { + return func(*logical.Request, *DuoConfig) (AuthClient, error) { return getDuoAuthClient(data), nil } } func getDuoAuthClient(data *MockClientData) AuthClient { var c MockAuthClient - // set default response to be successful + // set default response to be successful preauthSuccessJSON := ` { "Stat": "OK", @@ -49,7 +49,7 @@ func getDuoAuthClient(data *MockClientData) AuthClient { }` if data.PreauthData == nil { data.PreauthData = &authapi.PreauthResult{} - json.Unmarshal([]byte(preauthSuccessJSON), data.PreauthData) + jsonutil.DecodeJSON([]byte(preauthSuccessJSON), data.PreauthData) } authSuccessJSON := ` @@ -61,7 +61,7 @@ func getDuoAuthClient(data *MockClientData) AuthClient { }` if data.AuthData == nil { data.AuthData = &authapi.AuthResult{} - json.Unmarshal([]byte(authSuccessJSON), data.AuthData) + jsonutil.DecodeJSON([]byte(authSuccessJSON), data.AuthData) } c.MockData = data @@ -76,9 +76,9 @@ func TestDuoHandlerSuccess(t *testing.T) { UsernameFormat: "%s", } duoAuthClient := getDuoAuthClient(&MockClientData{}) - resp, err := duoHandler(duoConfig, duoAuthClient, &duoAuthRequest { + resp, err := duoHandler(duoConfig, duoAuthClient, &duoAuthRequest{ successResp: successResp, - username: "", + username: "", }) if err != nil { t.Fatalf(err.Error()) @@ -98,7 +98,7 @@ func TestDuoHandlerReject(t *testing.T) { "Status_Msg": "Invalid auth" } }` - json.Unmarshal([]byte(authRejectJSON), AuthData) + jsonutil.DecodeJSON([]byte(authRejectJSON), AuthData) successResp := &logical.Response{ Auth: &logical.Auth{}, } @@ -109,9 +109,9 @@ func TestDuoHandlerReject(t *testing.T) { duoAuthClient := getDuoAuthClient(&MockClientData{ AuthData: AuthData, }) - resp, err := duoHandler(duoConfig, duoAuthClient, &duoAuthRequest { + resp, err := duoHandler(duoConfig, duoAuthClient, &duoAuthRequest{ successResp: successResp, - username: "user", + username: "user", }) if err != nil { t.Fatalf(err.Error()) diff --git a/helper/pgpkeys/keybase.go b/helper/pgpkeys/keybase.go index c340972c6..d7ad5ca88 100644 --- a/helper/pgpkeys/keybase.go +++ b/helper/pgpkeys/keybase.go @@ -3,11 +3,11 @@ package pgpkeys import ( "bytes" "encoding/base64" - "encoding/json" "fmt" "strings" "github.com/hashicorp/go-cleanhttp" + "github.com/hashicorp/vault/helper/jsonutil" "golang.org/x/crypto/openpgp" ) @@ -70,8 +70,7 @@ func FetchKeybasePubkeys(input []string) (map[string]string, error) { Them: []them{}, } - dec := json.NewDecoder(resp.Body) - if err := dec.Decode(out); err != nil { + if err := jsonutil.DecodeJSONFromReader(resp.Body, out); err != nil { return nil, err } diff --git a/http/handler.go b/http/handler.go index aef85e975..10df792a3 100644 --- a/http/handler.go +++ b/http/handler.go @@ -11,6 +11,7 @@ import ( "time" "github.com/hashicorp/errwrap" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/vault" ) @@ -81,8 +82,7 @@ func stripPrefix(prefix, path string) (string, bool) { } func parseRequest(r *http.Request, out interface{}) error { - dec := json.NewDecoder(r.Body) - err := dec.Decode(out) + err := jsonutil.DecodeJSONFromReader(r.Body, out) if err != nil && err != io.EOF { return fmt.Errorf("Failed to parse JSON input: %s", err) } diff --git a/http/handler_test.go b/http/handler_test.go index 0c43297fb..3a9db890a 100644 --- a/http/handler_test.go +++ b/http/handler_test.go @@ -2,6 +2,7 @@ package http import ( "bytes" + "encoding/json" "errors" "net/http" "net/http/httptest" @@ -38,24 +39,24 @@ func TestSysMounts_headerAuth(t *testing.T) { "description": "generic secret storage", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "sys/": map[string]interface{}{ "description": "system endpoints used for control, policy and debugging", "type": "system", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "cubbyhole/": map[string]interface{}{ "description": "per-token private secret storage", "type": "cubbyhole", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } diff --git a/http/http_test.go b/http/http_test.go index 41164c132..86ddde4d9 100644 --- a/http/http_test.go +++ b/http/http_test.go @@ -10,6 +10,7 @@ import ( "time" "github.com/hashicorp/go-cleanhttp" + "github.com/hashicorp/vault/helper/jsonutil" ) func testHttpGet(t *testing.T, token string, addr string) *http.Response { @@ -93,8 +94,7 @@ func testResponseStatus(t *testing.T, resp *http.Response, code int) { func testResponseBody(t *testing.T, resp *http.Response, out interface{}) { defer resp.Body.Close() - dec := json.NewDecoder(resp.Body) - if err := dec.Decode(out); err != nil { + if err := jsonutil.DecodeJSONFromReader(resp.Body, out); err != nil { t.Fatalf("err: %s", err) } } diff --git a/http/logical_test.go b/http/logical_test.go index 0a8296ba3..177c7f8d6 100644 --- a/http/logical_test.go +++ b/http/logical_test.go @@ -2,10 +2,12 @@ package http import ( "bytes" + "encoding/json" "io" "log" "os" "reflect" + "strconv" "testing" "time" @@ -39,7 +41,7 @@ func TestLogical(t *testing.T) { var nilWarnings interface{} expected := map[string]interface{}{ "renewable": false, - "lease_duration": float64((30 * 24 * time.Hour) / time.Second), + "lease_duration": json.Number(strconv.Itoa(int((30 * 24 * time.Hour) / time.Second))), "data": map[string]interface{}{ "data": "bar", }, @@ -130,19 +132,19 @@ func TestLogical_StandbyRedirect(t *testing.T) { var nilWarnings interface{} expected := map[string]interface{}{ "renewable": false, - "lease_duration": float64(0), + "lease_duration": json.Number("0"), "data": map[string]interface{}{ "meta": nil, - "num_uses": float64(0), + "num_uses": json.Number("0"), "path": "auth/token/root", "policies": []interface{}{"root"}, "display_name": "root", "orphan": true, "id": root, - "ttl": float64(0), - "creation_ttl": float64(0), + "ttl": json.Number("0"), + "creation_ttl": json.Number("0"), "role": "", - "explicit_max_ttl": float64(0), + "explicit_max_ttl": json.Number("0"), }, "warnings": nilWarnings, "wrap_info": nil, @@ -181,13 +183,13 @@ func TestLogical_CreateToken(t *testing.T) { expected := map[string]interface{}{ "lease_id": "", "renewable": false, - "lease_duration": float64(0), + "lease_duration": json.Number("0"), "data": nil, "wrap_info": nil, "auth": map[string]interface{}{ "policies": []interface{}{"root"}, "metadata": nil, - "lease_duration": float64(0), + "lease_duration": json.Number("0"), "renewable": true, }, "warnings": nilWarnings, diff --git a/http/sys_auth_test.go b/http/sys_auth_test.go index e44a63978..5e11e942a 100644 --- a/http/sys_auth_test.go +++ b/http/sys_auth_test.go @@ -1,6 +1,7 @@ package http import ( + "encoding/json" "reflect" "testing" @@ -21,8 +22,8 @@ func TestSysAuth(t *testing.T) { "description": "token based credentials", "type": "token", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -53,16 +54,16 @@ func TestSysEnableAuth(t *testing.T) { "description": "foo", "type": "noop", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "token/": map[string]interface{}{ "description": "token based credentials", "type": "token", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -94,8 +95,8 @@ func TestSysDisableAuth(t *testing.T) { expected := map[string]interface{}{ "token/": map[string]interface{}{ "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, "description": "token based credentials", "type": "token", diff --git a/http/sys_generate_root_test.go b/http/sys_generate_root_test.go index 768c0ef16..24f212c2d 100644 --- a/http/sys_generate_root_test.go +++ b/http/sys_generate_root_test.go @@ -3,6 +3,7 @@ package http import ( "encoding/base64" "encoding/hex" + "encoding/json" "net/http" "reflect" "testing" @@ -27,8 +28,8 @@ func TestSysGenerateRootAttempt_Status(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "started": false, - "progress": float64(0), - "required": float64(1), + "progress": json.Number("0"), + "required": json.Number("1"), "complete": false, "encoded_root_token": "", "pgp_fingerprint": "", @@ -61,8 +62,8 @@ func TestSysGenerateRootAttempt_Setup_OTP(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "started": true, - "progress": float64(0), - "required": float64(1), + "progress": json.Number("0"), + "required": json.Number("1"), "complete": false, "encoded_root_token": "", "pgp_fingerprint": "", @@ -82,8 +83,8 @@ func TestSysGenerateRootAttempt_Setup_OTP(t *testing.T) { actual = map[string]interface{}{} expected = map[string]interface{}{ "started": true, - "progress": float64(0), - "required": float64(1), + "progress": json.Number("0"), + "required": json.Number("1"), "complete": false, "encoded_root_token": "", "pgp_fingerprint": "", @@ -115,8 +116,8 @@ func TestSysGenerateRootAttempt_Setup_PGP(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "started": true, - "progress": float64(0), - "required": float64(1), + "progress": json.Number("0"), + "required": json.Number("1"), "complete": false, "encoded_root_token": "", "pgp_fingerprint": "816938b8a29146fbe245dd29e7cbaf8e011db793", @@ -151,8 +152,8 @@ func TestSysGenerateRootAttempt_Cancel(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "started": true, - "progress": float64(0), - "required": float64(1), + "progress": json.Number("0"), + "required": json.Number("1"), "complete": false, "encoded_root_token": "", "pgp_fingerprint": "", @@ -178,8 +179,8 @@ func TestSysGenerateRootAttempt_Cancel(t *testing.T) { actual = map[string]interface{}{} expected = map[string]interface{}{ "started": false, - "progress": float64(0), - "required": float64(1), + "progress": json.Number("0"), + "required": json.Number("1"), "complete": false, "encoded_root_token": "", "pgp_fingerprint": "", @@ -265,8 +266,8 @@ func TestSysGenerateRoot_Update_OTP(t *testing.T) { expected := map[string]interface{}{ "complete": true, "nonce": rootGenerationStatus["nonce"].(string), - "progress": float64(1), - "required": float64(1), + "progress": json.Number("1"), + "required": json.Number("1"), "started": true, "pgp_fingerprint": "", } @@ -296,14 +297,14 @@ func TestSysGenerateRoot_Update_OTP(t *testing.T) { "id": newRootToken, "display_name": "root", "meta": interface{}(nil), - "num_uses": float64(0), + "num_uses": json.Number("0"), "policies": []interface{}{"root"}, "orphan": true, - "creation_ttl": float64(0), - "ttl": float64(0), + "creation_ttl": json.Number("0"), + "ttl": json.Number("0"), "path": "auth/token/root", "role": "", - "explicit_max_ttl": float64(0), + "explicit_max_ttl": json.Number("0"), } resp = testHttpGet(t, newRootToken, addr+"/v1/auth/token/lookup-self") @@ -347,8 +348,8 @@ func TestSysGenerateRoot_Update_PGP(t *testing.T) { expected := map[string]interface{}{ "complete": true, "nonce": rootGenerationStatus["nonce"].(string), - "progress": float64(1), - "required": float64(1), + "progress": json.Number("1"), + "required": json.Number("1"), "started": true, "pgp_fingerprint": "816938b8a29146fbe245dd29e7cbaf8e011db793", } @@ -379,14 +380,14 @@ func TestSysGenerateRoot_Update_PGP(t *testing.T) { "id": newRootToken, "display_name": "root", "meta": interface{}(nil), - "num_uses": float64(0), + "num_uses": json.Number("0"), "policies": []interface{}{"root"}, "orphan": true, - "creation_ttl": float64(0), - "ttl": float64(0), + "creation_ttl": json.Number("0"), + "ttl": json.Number("0"), "path": "auth/token/root", "role": "", - "explicit_max_ttl": float64(0), + "explicit_max_ttl": json.Number("0"), } resp = testHttpGet(t, newRootToken, addr+"/v1/auth/token/lookup-self") diff --git a/http/sys_lease_test.go b/http/sys_lease_test.go index 72c7af23a..6b7bc3498 100644 --- a/http/sys_lease_test.go +++ b/http/sys_lease_test.go @@ -1,9 +1,9 @@ package http import ( - "encoding/json" "testing" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/vault" ) @@ -25,8 +25,7 @@ func TestSysRenew(t *testing.T) { var result struct { LeaseId string `json:"lease_id"` } - dec := json.NewDecoder(resp.Body) - if err := dec.Decode(&result); err != nil { + if err := jsonutil.DecodeJSONFromReader(resp.Body, &result); err != nil { t.Fatalf("bad: %s", err) } diff --git a/http/sys_mount_test.go b/http/sys_mount_test.go index 478977562..d0041b99c 100644 --- a/http/sys_mount_test.go +++ b/http/sys_mount_test.go @@ -1,6 +1,7 @@ package http import ( + "encoding/json" "reflect" "testing" @@ -22,24 +23,24 @@ func TestSysMounts(t *testing.T) { "description": "generic secret storage", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "sys/": map[string]interface{}{ "description": "system endpoints used for control, policy and debugging", "type": "system", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "cubbyhole/": map[string]interface{}{ "description": "per-token private secret storage", "type": "cubbyhole", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -70,32 +71,32 @@ func TestSysMount(t *testing.T) { "description": "foo", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "secret/": map[string]interface{}{ "description": "generic secret storage", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "sys/": map[string]interface{}{ "description": "system endpoints used for control, policy and debugging", "type": "system", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "cubbyhole/": map[string]interface{}{ "description": "per-token private secret storage", "type": "cubbyhole", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -148,32 +149,32 @@ func TestSysRemount(t *testing.T) { "description": "foo", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "secret/": map[string]interface{}{ "description": "generic secret storage", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "sys/": map[string]interface{}{ "description": "system endpoints used for control, policy and debugging", "type": "system", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "cubbyhole/": map[string]interface{}{ "description": "per-token private secret storage", "type": "cubbyhole", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -207,24 +208,24 @@ func TestSysUnmount(t *testing.T) { "description": "generic secret storage", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "sys/": map[string]interface{}{ "description": "system endpoints used for control, policy and debugging", "type": "system", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "cubbyhole/": map[string]interface{}{ "description": "per-token private secret storage", "type": "cubbyhole", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -255,32 +256,32 @@ func TestSysTuneMount(t *testing.T) { "description": "foo", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "secret/": map[string]interface{}{ "description": "generic secret storage", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "sys/": map[string]interface{}{ "description": "system endpoints used for control, policy and debugging", "type": "system", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "cubbyhole/": map[string]interface{}{ "description": "per-token private secret storage", "type": "cubbyhole", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -332,32 +333,32 @@ func TestSysTuneMount(t *testing.T) { "description": "foo", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(259196400), - "max_lease_ttl": float64(259200000), + "default_lease_ttl": json.Number("259196400"), + "max_lease_ttl": json.Number("259200000"), }, }, "secret/": map[string]interface{}{ "description": "generic secret storage", "type": "generic", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "sys/": map[string]interface{}{ "description": "system endpoints used for control, policy and debugging", "type": "system", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, "cubbyhole/": map[string]interface{}{ "description": "per-token private secret storage", "type": "cubbyhole", "config": map[string]interface{}{ - "default_lease_ttl": float64(0), - "max_lease_ttl": float64(0), + "default_lease_ttl": json.Number("0"), + "max_lease_ttl": json.Number("0"), }, }, } @@ -373,8 +374,8 @@ func TestSysTuneMount(t *testing.T) { resp = testHttpGet(t, token, addr+"/v1/sys/mounts/foo/tune") actual = map[string]interface{}{} expected = map[string]interface{}{ - "default_lease_ttl": float64(259196400), - "max_lease_ttl": float64(259200000), + "default_lease_ttl": json.Number("259196400"), + "max_lease_ttl": json.Number("259200000"), } testResponseStatus(t, resp, 200) @@ -393,8 +394,8 @@ func TestSysTuneMount(t *testing.T) { resp = testHttpGet(t, token, addr+"/v1/sys/mounts/secret/tune") actual = map[string]interface{}{} expected = map[string]interface{}{ - "default_lease_ttl": float64(40), - "max_lease_ttl": float64(80), + "default_lease_ttl": json.Number("40"), + "max_lease_ttl": json.Number("80"), } testResponseStatus(t, resp, 200) diff --git a/http/sys_rekey_test.go b/http/sys_rekey_test.go index dac0d2fb9..ef5fb7343 100644 --- a/http/sys_rekey_test.go +++ b/http/sys_rekey_test.go @@ -2,6 +2,7 @@ package http import ( "encoding/hex" + "encoding/json" "net/http" "reflect" "testing" @@ -23,10 +24,10 @@ func TestSysRekeyInit_Status(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "started": false, - "t": float64(0), - "n": float64(0), - "progress": float64(0), - "required": float64(1), + "t": json.Number("0"), + "n": json.Number("0"), + "progress": json.Number("0"), + "required": json.Number("1"), "pgp_fingerprints": interface{}(nil), "backup": false, "nonce": "", @@ -53,10 +54,10 @@ func TestSysRekeyInit_Setup(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "started": true, - "t": float64(3), - "n": float64(5), - "progress": float64(0), - "required": float64(1), + "t": json.Number("3"), + "n": json.Number("5"), + "progress": json.Number("0"), + "required": json.Number("1"), "pgp_fingerprints": interface{}(nil), "backup": false, } @@ -75,10 +76,10 @@ func TestSysRekeyInit_Setup(t *testing.T) { actual = map[string]interface{}{} expected = map[string]interface{}{ "started": true, - "t": float64(3), - "n": float64(5), - "progress": float64(0), - "required": float64(1), + "t": json.Number("3"), + "n": json.Number("5"), + "progress": json.Number("0"), + "required": json.Number("1"), "pgp_fingerprints": interface{}(nil), "backup": false, } @@ -119,10 +120,10 @@ func TestSysRekeyInit_Cancel(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "started": false, - "t": float64(0), - "n": float64(0), - "progress": float64(0), - "required": float64(1), + "t": json.Number("0"), + "n": json.Number("0"), + "progress": json.Number("0"), + "required": json.Number("1"), "pgp_fingerprints": interface{}(nil), "backup": false, "nonce": "", diff --git a/http/sys_rotate_test.go b/http/sys_rotate_test.go index ce6afb27b..685d9bfb7 100644 --- a/http/sys_rotate_test.go +++ b/http/sys_rotate_test.go @@ -1,6 +1,7 @@ package http import ( + "encoding/json" "reflect" "testing" @@ -20,7 +21,7 @@ func TestSysRotate(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ - "term": float64(2), + "term": json.Number("2"), } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) diff --git a/http/sys_seal_test.go b/http/sys_seal_test.go index e1cca89a6..6c702a3ec 100644 --- a/http/sys_seal_test.go +++ b/http/sys_seal_test.go @@ -2,8 +2,11 @@ package http import ( "encoding/hex" + "encoding/json" + "log" "net/http" "reflect" + "strconv" "testing" "github.com/hashicorp/vault/logical" @@ -24,9 +27,9 @@ func TestSysSealStatus(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "sealed": true, - "t": float64(1), - "n": float64(1), - "progress": float64(0), + "t": json.Number("1"), + "n": json.Number("1"), + "progress": json.Number("0"), } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) @@ -96,9 +99,9 @@ func TestSysUnseal(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "sealed": false, - "t": float64(1), - "n": float64(1), - "progress": float64(0), + "t": json.Number("1"), + "n": json.Number("1"), + "progress": json.Number("0"), } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) @@ -120,9 +123,9 @@ func TestSysUnseal_badKey(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "sealed": true, - "t": float64(1), - "n": float64(1), - "progress": float64(0), + "t": json.Number("1"), + "n": json.Number("1"), + "progress": json.Number("0"), } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) @@ -161,15 +164,16 @@ func TestSysUnseal_Reset(t *testing.T) { var actual map[string]interface{} expected := map[string]interface{}{ "sealed": true, - "t": float64(3), - "n": float64(5), - "progress": float64(i + 1), + "t": json.Number("3"), + "n": json.Number("5"), + "progress": json.Number(strconv.Itoa(i + 1)), } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) if !reflect.DeepEqual(actual, expected) { t.Fatalf("\nexpected:\n%#v\nactual:\n%#v\n", expected, actual) } + log.Printf("reached here\n") } resp = testHttpPut(t, "", addr+"/v1/sys/unseal", map[string]interface{}{ @@ -179,9 +183,9 @@ func TestSysUnseal_Reset(t *testing.T) { actual = map[string]interface{}{} expected := map[string]interface{}{ "sealed": true, - "t": float64(3), - "n": float64(5), - "progress": float64(0), + "t": json.Number("3"), + "n": json.Number("5"), + "progress": json.Number("0"), } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) diff --git a/logical/framework/path_struct.go b/logical/framework/path_struct.go index 8d0fb1c99..ae4f8d220 100644 --- a/logical/framework/path_struct.go +++ b/logical/framework/path_struct.go @@ -4,6 +4,7 @@ import ( "encoding/json" "fmt" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) @@ -31,7 +32,7 @@ func (p *PathStruct) Get(s logical.Storage) (map[string]interface{}, error) { } var result map[string]interface{} - if err := json.Unmarshal(entry.Value, &result); err != nil { + if err := jsonutil.DecodeJSON(entry.Value, &result); err != nil { return nil, err } diff --git a/logical/framework/wal.go b/logical/framework/wal.go index 6e6b234bc..274fa968c 100644 --- a/logical/framework/wal.go +++ b/logical/framework/wal.go @@ -5,6 +5,7 @@ import ( "strings" "time" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) @@ -68,7 +69,7 @@ func GetWAL(s logical.Storage, id string) (*WALEntry, error) { } var raw WALEntry - if err := json.Unmarshal(entry.Value, &raw); err != nil { + if err := jsonutil.DecodeJSON(entry.Value, &raw); err != nil { return nil, err } raw.ID = id diff --git a/logical/storage.go b/logical/storage.go index ec5d75899..f7f4d1a64 100644 --- a/logical/storage.go +++ b/logical/storage.go @@ -1,8 +1,9 @@ package logical import ( - "bytes" - "encoding/json" + "fmt" + + "github.com/hashicorp/vault/helper/jsonutil" ) // Storage is the way that logical backends are able read/write data. @@ -19,20 +20,20 @@ type StorageEntry struct { Value []byte } +// DecodeJSON decodes the 'Value' present in StorageEntry. func (e *StorageEntry) DecodeJSON(out interface{}) error { - return json.Unmarshal(e.Value, out) + return jsonutil.DecodeJSON(e.Value, out) } // StorageEntryJSON creates a StorageEntry with a JSON-encoded value. func StorageEntryJSON(k string, v interface{}) (*StorageEntry, error) { - var buf bytes.Buffer - enc := json.NewEncoder(&buf) - if err := enc.Encode(v); err != nil { - return nil, err + encodedBytes, err := jsonutil.EncodeJSON(v) + if err != nil { + return nil, fmt.Errorf("failed to encode storage entry: %v", err) } return &StorageEntry{ Key: k, - Value: buf.Bytes(), + Value: encodedBytes, }, nil } diff --git a/physical/file.go b/physical/file.go index fd3b05591..b0b481d13 100644 --- a/physical/file.go +++ b/physical/file.go @@ -7,6 +7,8 @@ import ( "os" "path/filepath" "sync" + + "github.com/hashicorp/vault/helper/jsonutil" ) // FileBackend is a physical backend that stores data on disk @@ -68,8 +70,7 @@ func (b *FileBackend) Get(k string) (*Entry, error) { defer f.Close() var entry Entry - dec := json.NewDecoder(f) - if err := dec.Decode(&entry); err != nil { + if err := jsonutil.DecodeJSONFromReader(f, &entry); err != nil { return nil, err } diff --git a/vault/audit.go b/vault/audit.go index 5857bd19f..9688b0367 100644 --- a/vault/audit.go +++ b/vault/audit.go @@ -13,6 +13,7 @@ import ( "github.com/armon/go-metrics" "github.com/hashicorp/go-uuid" "github.com/hashicorp/vault/audit" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/helper/salt" "github.com/hashicorp/vault/logical" ) @@ -141,7 +142,7 @@ func (c *Core) loadAudits() error { defer c.auditLock.Unlock() if raw != nil { - if err := json.Unmarshal(raw.Value, auditTable); err != nil { + if err := jsonutil.DecodeJSON(raw.Value, auditTable); err != nil { c.logger.Printf("[ERR] core: failed to decode audit table: %v", err) return errLoadAuditFailed } diff --git a/vault/auth.go b/vault/auth.go index 922580aa0..ab8151a4b 100644 --- a/vault/auth.go +++ b/vault/auth.go @@ -7,6 +7,7 @@ import ( "strings" "github.com/hashicorp/go-uuid" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) @@ -205,7 +206,7 @@ func (c *Core) loadCredentials() error { defer c.authLock.Unlock() if raw != nil { - if err := json.Unmarshal(raw.Value, authTable); err != nil { + if err := jsonutil.DecodeJSON(raw.Value, authTable); err != nil { c.logger.Printf("[ERR] core: failed to decode auth table: %v", err) return errLoadAuthFailed } diff --git a/vault/barrier_aes_gcm.go b/vault/barrier_aes_gcm.go index 4b98f6a85..d7a6ef52e 100644 --- a/vault/barrier_aes_gcm.go +++ b/vault/barrier_aes_gcm.go @@ -7,13 +7,13 @@ import ( "crypto/rand" "crypto/subtle" "encoding/binary" - "encoding/json" "fmt" "strings" "sync" "time" "github.com/armon/go-metrics" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/physical" ) @@ -377,7 +377,7 @@ func (b *AESGCMBarrier) Unseal(key []byte) error { // Unmarshal the barrier init var init barrierInit - if err := json.Unmarshal(plain, &init); err != nil { + if err := jsonutil.DecodeJSON(plain, &init); err != nil { return fmt.Errorf("failed to unmarshal barrier init file") } diff --git a/vault/expiration.go b/vault/expiration.go index 0b56135ba..88a85d7c5 100644 --- a/vault/expiration.go +++ b/vault/expiration.go @@ -12,6 +12,7 @@ import ( "github.com/armon/go-metrics" "github.com/hashicorp/go-uuid" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) @@ -779,5 +780,5 @@ func (le *leaseEntry) renewable() error { // decodeLeaseEntry is used to reverse encode and return a new entry func decodeLeaseEntry(buf []byte) (*leaseEntry, error) { out := new(leaseEntry) - return out, json.Unmarshal(buf, out) + return out, jsonutil.DecodeJSON(buf, out) } diff --git a/vault/keyring.go b/vault/keyring.go index c4504e892..2cd487118 100644 --- a/vault/keyring.go +++ b/vault/keyring.go @@ -5,6 +5,8 @@ import ( "encoding/json" "fmt" "time" + + "github.com/hashicorp/vault/helper/jsonutil" ) // Keyring is used to manage multiple encryption keys used by @@ -43,7 +45,7 @@ func (k *Key) Serialize() ([]byte, error) { // DeserializeKey is used to deserialize and return a new key func DeserializeKey(buf []byte) (*Key, error) { k := new(Key) - if err := json.Unmarshal(buf, k); err != nil { + if err := jsonutil.DecodeJSON(buf, k); err != nil { return nil, fmt.Errorf("deserialization failed: %v", err) } return k, nil @@ -165,7 +167,7 @@ func (k *Keyring) Serialize() ([]byte, error) { func DeserializeKeyring(buf []byte) (*Keyring, error) { // Deserialize the keyring var enc EncodedKeyring - if err := json.Unmarshal(buf, &enc); err != nil { + if err := jsonutil.DecodeJSON(buf, &enc); err != nil { return nil, fmt.Errorf("deserialization failed: %v", err) } diff --git a/vault/logical_cubbyhole.go b/vault/logical_cubbyhole.go index 5c87885c3..3018822c4 100644 --- a/vault/logical_cubbyhole.go +++ b/vault/logical_cubbyhole.go @@ -5,6 +5,7 @@ import ( "fmt" "strings" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/logical/framework" ) @@ -95,7 +96,7 @@ func (b *CubbyholeBackend) handleRead( // Decode the data var rawData map[string]interface{} - if err := json.Unmarshal(out.Value, &rawData); err != nil { + if err := jsonutil.DecodeJSON(out.Value, &rawData); err != nil { return nil, fmt.Errorf("json decoding failed: %v", err) } diff --git a/vault/logical_passthrough.go b/vault/logical_passthrough.go index b1fe8107d..b90bd9567 100644 --- a/vault/logical_passthrough.go +++ b/vault/logical_passthrough.go @@ -7,6 +7,7 @@ import ( "strings" "time" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" "github.com/hashicorp/vault/logical/framework" ) @@ -108,7 +109,8 @@ func (b *PassthroughBackend) handleRead( // Decode the data var rawData map[string]interface{} - if err := json.Unmarshal(out.Value, &rawData); err != nil { + + if err := jsonutil.DecodeJSON(out.Value, &rawData); err != nil { return nil, fmt.Errorf("json decoding failed: %v", err) } diff --git a/vault/mount.go b/vault/mount.go index d809a9a18..119d5ab3c 100644 --- a/vault/mount.go +++ b/vault/mount.go @@ -9,6 +9,7 @@ import ( "time" "github.com/hashicorp/go-uuid" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/logical" ) @@ -404,7 +405,7 @@ func (c *Core) loadMounts() error { defer c.mountsLock.Unlock() if raw != nil { - if err := json.Unmarshal(raw.Value, mountTable); err != nil { + if err := jsonutil.DecodeJSON(raw.Value, mountTable); err != nil { c.logger.Printf("[ERR] core: failed to decode mount table: %v", err) return errLoadMountsFailed } diff --git a/vault/rekey.go b/vault/rekey.go index 86ee78ba1..d811ae4db 100644 --- a/vault/rekey.go +++ b/vault/rekey.go @@ -7,6 +7,7 @@ import ( "fmt" "github.com/hashicorp/go-uuid" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/helper/pgpkeys" "github.com/hashicorp/vault/physical" "github.com/hashicorp/vault/shamir" @@ -634,7 +635,7 @@ func (c *Core) RekeyRetrieveBackup(recovery bool) (*RekeyBackup, error) { } ret := &RekeyBackup{} - err = json.Unmarshal(entry.Value, ret) + err = jsonutil.DecodeJSON(entry.Value, ret) if err != nil { return nil, err } diff --git a/vault/seal.go b/vault/seal.go index 5b5dbfa1d..6800ef32b 100644 --- a/vault/seal.go +++ b/vault/seal.go @@ -6,6 +6,7 @@ import ( "encoding/json" "fmt" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/physical" "golang.org/x/crypto/openpgp" @@ -117,7 +118,7 @@ func (d *DefaultSeal) BarrierConfig() (*SealConfig, error) { var conf SealConfig // Decode the barrier entry - if err := json.Unmarshal(pe.Value, &conf); err != nil { + if err := jsonutil.DecodeJSON(pe.Value, &conf); err != nil { d.core.logger.Printf("[ERR] core: failed to decode seal configuration: %v", err) return nil, fmt.Errorf("failed to decode seal configuration: %v", err) } diff --git a/vault/token_store.go b/vault/token_store.go index 685285a92..9981365f1 100644 --- a/vault/token_store.go +++ b/vault/token_store.go @@ -10,6 +10,7 @@ import ( "github.com/armon/go-metrics" "github.com/hashicorp/go-uuid" + "github.com/hashicorp/vault/helper/jsonutil" "github.com/hashicorp/vault/helper/policyutil" "github.com/hashicorp/vault/helper/salt" "github.com/hashicorp/vault/helper/strutil" @@ -687,7 +688,7 @@ func (ts *TokenStore) lookupSalted(saltedId string) (*TokenEntry, error) { // Unmarshal the token entry := new(TokenEntry) - if err := json.Unmarshal(raw.Value, entry); err != nil { + if err := jsonutil.DecodeJSON(raw.Value, entry); err != nil { return nil, fmt.Errorf("failed to decode entry: %v", err) }