package http import ( "encoding/json" "reflect" "testing" "github.com/hashicorp/vault/vault" ) func TestSysAudit(t *testing.T) { core, _, token := vault.TestCoreUnsealed(t) ln, addr := TestServer(t, core) defer ln.Close() TestServerAuth(t, addr, token) resp := testHttpPost(t, token, addr+"/v1/sys/audit/noop", map[string]interface{}{ "type": "noop", }) testResponseStatus(t, resp, 204) resp = testHttpGet(t, token, addr+"/v1/sys/audit") var actual map[string]interface{} expected := map[string]interface{}{ "lease_id": "", "renewable": false, "lease_duration": json.Number("0"), "wrap_info": nil, "warnings": nil, "auth": nil, "data": map[string]interface{}{ "noop/": map[string]interface{}{ "path": "noop/", "type": "noop", "description": "", "options": map[string]interface{}{}, }, }, "noop/": map[string]interface{}{ "path": "noop/", "type": "noop", "description": "", "options": map[string]interface{}{}, }, } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) expected["request_id"] = actual["request_id"] if !reflect.DeepEqual(actual, expected) { t.Fatalf("bad: expected:\n%#v actual:\n%#v\n", expected, actual) } } func TestSysDisableAudit(t *testing.T) { core, _, token := vault.TestCoreUnsealed(t) ln, addr := TestServer(t, core) defer ln.Close() TestServerAuth(t, addr, token) resp := testHttpPost(t, token, addr+"/v1/sys/audit/foo", map[string]interface{}{ "type": "noop", }) testResponseStatus(t, resp, 204) resp = testHttpDelete(t, token, addr+"/v1/sys/audit/foo") testResponseStatus(t, resp, 204) resp = testHttpGet(t, token, addr+"/v1/sys/audit") var actual map[string]interface{} expected := map[string]interface{}{ "lease_id": "", "renewable": false, "lease_duration": json.Number("0"), "wrap_info": nil, "warnings": nil, "auth": nil, "data": map[string]interface{}{}, } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) expected["request_id"] = actual["request_id"] if !reflect.DeepEqual(actual, expected) { t.Fatalf("bad:\nactual: %#v\nexpected: %#v\n", actual, expected) } } func TestSysAuditHash(t *testing.T) { core, _, token := vault.TestCoreUnsealed(t) ln, addr := TestServer(t, core) defer ln.Close() TestServerAuth(t, addr, token) resp := testHttpPost(t, token, addr+"/v1/sys/audit/noop", map[string]interface{}{ "type": "noop", }) testResponseStatus(t, resp, 204) resp = testHttpPost(t, token, addr+"/v1/sys/audit-hash/noop", map[string]interface{}{ "input": "bar", }) var actual map[string]interface{} expected := map[string]interface{}{ "lease_id": "", "renewable": false, "lease_duration": json.Number("0"), "wrap_info": nil, "warnings": nil, "auth": nil, "data": map[string]interface{}{ "hash": "hmac-sha256:f9320baf0249169e73850cd6156ded0106e2bb6ad8cab01b7bbbebe6d1065317", }, "hash": "hmac-sha256:f9320baf0249169e73850cd6156ded0106e2bb6ad8cab01b7bbbebe6d1065317", } testResponseStatus(t, resp, 200) testResponseBody(t, resp, &actual) expected["request_id"] = actual["request_id"] if !reflect.DeepEqual(actual, expected) { t.Fatalf("bad: expected:\n%#v\n, got:\n%#v\n", expected, actual) } }