e2fb199ce5
* Add non-hmac request keys * Update comment * Initial audit request keys implementation * Add audit_non_hmac_response_keys * Move where req.NonHMACKeys gets set * Minor refactor * Add params to auth tune endpoints * Sync cache on loadCredentials * Explicitly unset req.NonHMACKeys * Do not error if entry is nil * Add tests * docs: Add params to api sections * Refactor audit.Backend and Formatter interfaces, update audit broker methods * Add audit_broker.go * Fix method call params in audit backends * Remove fields from logical.Request and logical.Response, pass keys via LogInput * Use data.GetOk to allow unsetting existing values * Remove debug lines * Add test for unsetting values * Address review feedback * Initialize values in FormatRequest and FormatResponse using input values * Update docs * Use strutil.StrListContains * Use strutil.StrListContains
72 lines
1.5 KiB
Go
72 lines
1.5 KiB
Go
package audit
|
|
|
|
import (
|
|
"io"
|
|
"io/ioutil"
|
|
"testing"
|
|
|
|
"github.com/hashicorp/vault/helper/salt"
|
|
"github.com/hashicorp/vault/logical"
|
|
)
|
|
|
|
type noopFormatWriter struct {
|
|
salt *salt.Salt
|
|
SaltFunc func() (*salt.Salt, error)
|
|
}
|
|
|
|
func (n *noopFormatWriter) WriteRequest(_ io.Writer, _ *AuditRequestEntry) error {
|
|
return nil
|
|
}
|
|
|
|
func (n *noopFormatWriter) WriteResponse(_ io.Writer, _ *AuditResponseEntry) error {
|
|
return nil
|
|
}
|
|
|
|
func (n *noopFormatWriter) Salt() (*salt.Salt, error) {
|
|
if n.salt != nil {
|
|
return n.salt, nil
|
|
}
|
|
var err error
|
|
n.salt, err = salt.NewSalt(nil, nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return n.salt, nil
|
|
}
|
|
|
|
func TestFormatRequestErrors(t *testing.T) {
|
|
config := FormatterConfig{}
|
|
formatter := AuditFormatter{
|
|
AuditFormatWriter: &noopFormatWriter{},
|
|
}
|
|
|
|
if err := formatter.FormatRequest(ioutil.Discard, config, &LogInput{}); err == nil {
|
|
t.Fatal("expected error due to nil request")
|
|
}
|
|
|
|
in := &LogInput{
|
|
Request: &logical.Request{},
|
|
}
|
|
if err := formatter.FormatRequest(nil, config, in); err == nil {
|
|
t.Fatal("expected error due to nil writer")
|
|
}
|
|
}
|
|
|
|
func TestFormatResponseErrors(t *testing.T) {
|
|
config := FormatterConfig{}
|
|
formatter := AuditFormatter{
|
|
AuditFormatWriter: &noopFormatWriter{},
|
|
}
|
|
|
|
if err := formatter.FormatResponse(ioutil.Discard, config, &LogInput{}); err == nil {
|
|
t.Fatal("expected error due to nil request")
|
|
}
|
|
|
|
in := &LogInput{
|
|
Request: &logical.Request{},
|
|
}
|
|
if err := formatter.FormatResponse(nil, config, in); err == nil {
|
|
t.Fatal("expected error due to nil writer")
|
|
}
|
|
}
|