open-vault/builtin/logical/pki/acme_state_test.go
Alexander Scheel b4c3aca7a1
Merge ACME package back into the PKI package (#19826)
* Squash pki/acme package down to pki folder

Without refactoring most of PKI to export the storage layer, which we
were initially hesitant about, it would be nearly impossible to have the
ACME layer handle its own storage while being in the acme/ subpackage
under the pki package.

Thus, merge the two packages together again.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Properly format errors for missing parameters

When missing required ACME request parameters, don't return Vault-level
errors, but drop into the PKI package to return properly-formatted ACME
error messages.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Error type clarifications

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix GetOk with type conversion calls

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

---------

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-29 21:08:31 +00:00

40 lines
749 B
Go

package pki
import (
"testing"
"github.com/stretchr/testify/require"
)
func TestAcmeNonces(t *testing.T) {
t.Parallel()
a := NewACMEState()
// Simple operation should succeed.
nonce, _, err := a.GetNonce()
require.NoError(t, err)
require.NotEmpty(t, nonce)
require.True(t, a.RedeemNonce(nonce))
require.False(t, a.RedeemNonce(nonce))
// Redeeming in opposite order should work.
var nonces []string
for i := 0; i < len(nonce); i++ {
nonce, _, err = a.GetNonce()
require.NoError(t, err)
require.NotEmpty(t, nonce)
}
for i := len(nonces) - 1; i >= 0; i-- {
nonce = nonces[i]
require.True(t, a.RedeemNonce(nonce))
}
for i := 0; i < len(nonces); i++ {
nonce = nonces[i]
require.False(t, a.RedeemNonce(nonce))
}
}