b4c3aca7a1
* Squash pki/acme package down to pki folder Without refactoring most of PKI to export the storage layer, which we were initially hesitant about, it would be nearly impossible to have the ACME layer handle its own storage while being in the acme/ subpackage under the pki package. Thus, merge the two packages together again. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Properly format errors for missing parameters When missing required ACME request parameters, don't return Vault-level errors, but drop into the PKI package to return properly-formatted ACME error messages. Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Error type clarifications Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Fix GetOk with type conversion calls Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> --------- Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
40 lines
749 B
Go
40 lines
749 B
Go
package pki
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestAcmeNonces(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
a := NewACMEState()
|
|
|
|
// Simple operation should succeed.
|
|
nonce, _, err := a.GetNonce()
|
|
require.NoError(t, err)
|
|
require.NotEmpty(t, nonce)
|
|
|
|
require.True(t, a.RedeemNonce(nonce))
|
|
require.False(t, a.RedeemNonce(nonce))
|
|
|
|
// Redeeming in opposite order should work.
|
|
var nonces []string
|
|
for i := 0; i < len(nonce); i++ {
|
|
nonce, _, err = a.GetNonce()
|
|
require.NoError(t, err)
|
|
require.NotEmpty(t, nonce)
|
|
}
|
|
|
|
for i := len(nonces) - 1; i >= 0; i-- {
|
|
nonce = nonces[i]
|
|
require.True(t, a.RedeemNonce(nonce))
|
|
}
|
|
|
|
for i := 0; i < len(nonces); i++ {
|
|
nonce = nonces[i]
|
|
require.False(t, a.RedeemNonce(nonce))
|
|
}
|
|
}
|