303c2aee7c
* Update tooling * Run gofumpt * go mod vendor
78 lines
1.9 KiB
Go
78 lines
1.9 KiB
Go
package http
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"reflect"
|
|
"testing"
|
|
|
|
"github.com/hashicorp/vault/vault"
|
|
)
|
|
|
|
func TestSysConfigCors(t *testing.T) {
|
|
var resp *http.Response
|
|
|
|
core, _, token := vault.TestCoreUnsealed(t)
|
|
ln, addr := TestServer(t, core)
|
|
defer ln.Close()
|
|
TestServerAuth(t, addr, token)
|
|
|
|
corsConf := core.CORSConfig()
|
|
|
|
// Try to enable CORS without providing a value for allowed_origins
|
|
resp = testHttpPut(t, token, addr+"/v1/sys/config/cors", map[string]interface{}{
|
|
"allowed_headers": "X-Custom-Header",
|
|
})
|
|
|
|
testResponseStatus(t, resp, 500)
|
|
|
|
// Enable CORS, but provide an origin this time.
|
|
resp = testHttpPut(t, token, addr+"/v1/sys/config/cors", map[string]interface{}{
|
|
"allowed_origins": addr,
|
|
"allowed_headers": "X-Custom-Header",
|
|
})
|
|
|
|
testResponseStatus(t, resp, 204)
|
|
|
|
// Read the CORS configuration
|
|
resp = testHttpGet(t, token, addr+"/v1/sys/config/cors")
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
var actual map[string]interface{}
|
|
var expected map[string]interface{}
|
|
|
|
lenStdHeaders := len(corsConf.AllowedHeaders)
|
|
|
|
expectedHeaders := make([]interface{}, lenStdHeaders)
|
|
|
|
for i := range corsConf.AllowedHeaders {
|
|
expectedHeaders[i] = corsConf.AllowedHeaders[i]
|
|
}
|
|
|
|
expected = map[string]interface{}{
|
|
"lease_id": "",
|
|
"renewable": false,
|
|
"lease_duration": json.Number("0"),
|
|
"wrap_info": nil,
|
|
"warnings": nil,
|
|
"auth": nil,
|
|
"data": map[string]interface{}{
|
|
"enabled": true,
|
|
"allowed_origins": []interface{}{addr},
|
|
"allowed_headers": expectedHeaders,
|
|
},
|
|
"enabled": true,
|
|
"allowed_origins": []interface{}{addr},
|
|
"allowed_headers": expectedHeaders,
|
|
}
|
|
|
|
testResponseStatus(t, resp, 200)
|
|
|
|
testResponseBody(t, resp, &actual)
|
|
expected["request_id"] = actual["request_id"]
|
|
|
|
if !reflect.DeepEqual(actual, expected) {
|
|
t.Fatalf("bad: expected: %#v\nactual: %#v", expected, actual)
|
|
}
|
|
}
|