65845c7531
* VAULT-1564 report in-flight requests * adding a changelog * Changing some variable names and fixing comments * minor style change * adding unauthenticated support for in-flight-req * adding documentation for the listener.profiling stanza * adding an atomic counter for the inflight requests addressing comments * addressing comments * logging completed requests * fixing a test * providing log_requests_info as a config option to determine at which level requests should be logged * removing a member and a method from the StatusHeaderResponseWriter struct * adding api docks * revert changes in NewHTTPResponseWriter * Fix logging invalid log_requests_info value * Addressing comments * Fixing a test * use an tomic value for logRequestsInfo, and moving the CreateClientID function to Core * fixing go.sum * minor refactoring * protecting InFlightRequests from data race * another try on fixing a data race * another try to fix a data race * addressing comments * fixing couple of tests * changing log_requests_info to log_requests_level * minor style change * fixing a test * removing the lock in InFlightRequests * use single-argument form for interface assertion * adding doc for the new configuration paramter * adding the new doc to the nav data file * minor fix
104 lines
2.9 KiB
Go
104 lines
2.9 KiB
Go
package logical
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"encoding/base64"
|
|
"encoding/json"
|
|
"testing"
|
|
)
|
|
|
|
func TestJSONSerialization(t *testing.T) {
|
|
tt := TokenTypeDefaultBatch
|
|
s, err := json.Marshal(tt)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
var utt TokenType
|
|
err = json.Unmarshal(s, &utt)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if tt != utt {
|
|
t.Fatalf("expected %v, got %v", tt, utt)
|
|
}
|
|
|
|
utt = TokenTypeDefault
|
|
err = json.Unmarshal([]byte(`"default-batch"`), &utt)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if tt != utt {
|
|
t.Fatalf("expected %v, got %v", tt, utt)
|
|
}
|
|
|
|
// Test on an empty value, which should unmarshal into TokenTypeDefault
|
|
tt = TokenTypeDefault
|
|
err = json.Unmarshal([]byte(`""`), &utt)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if tt != utt {
|
|
t.Fatalf("expected %v, got %v", tt, utt)
|
|
}
|
|
}
|
|
|
|
// TestCreateClientID verifies that CreateClientID uses the entity ID for a token
|
|
// entry if one exists, and creates an appropriate client ID otherwise.
|
|
func TestCreateClientID(t *testing.T) {
|
|
entry := TokenEntry{NamespaceID: "namespaceFoo", Policies: []string{"bar", "baz", "foo", "banana"}}
|
|
id, isTWE := entry.CreateClientID()
|
|
if !isTWE {
|
|
t.Fatalf("TWE token should return true value in isTWE bool")
|
|
}
|
|
expectedIDPlaintext := "banana" + string(SortedPoliciesTWEDelimiter) + "bar" +
|
|
string(SortedPoliciesTWEDelimiter) + "baz" +
|
|
string(SortedPoliciesTWEDelimiter) + "foo" + string(ClientIDTWEDelimiter) + "namespaceFoo"
|
|
|
|
hashed := sha256.Sum256([]byte(expectedIDPlaintext))
|
|
expectedID := base64.StdEncoding.EncodeToString(hashed[:])
|
|
if expectedID != id {
|
|
t.Fatalf("wrong ID: expected %s, found %s", expectedID, id)
|
|
}
|
|
// Test with entityID
|
|
entry = TokenEntry{EntityID: "entityFoo", NamespaceID: "namespaceFoo", Policies: []string{"bar", "baz", "foo", "banana"}}
|
|
id, isTWE = entry.CreateClientID()
|
|
if isTWE {
|
|
t.Fatalf("token with entity should return false value in isTWE bool")
|
|
}
|
|
if id != "entityFoo" {
|
|
t.Fatalf("client ID should be entity ID")
|
|
}
|
|
|
|
// Test without namespace
|
|
entry = TokenEntry{Policies: []string{"bar", "baz", "foo", "banana"}}
|
|
id, isTWE = entry.CreateClientID()
|
|
if !isTWE {
|
|
t.Fatalf("TWE token should return true value in isTWE bool")
|
|
}
|
|
expectedIDPlaintext = "banana" + string(SortedPoliciesTWEDelimiter) + "bar" +
|
|
string(SortedPoliciesTWEDelimiter) + "baz" +
|
|
string(SortedPoliciesTWEDelimiter) + "foo" + string(ClientIDTWEDelimiter)
|
|
|
|
hashed = sha256.Sum256([]byte(expectedIDPlaintext))
|
|
expectedID = base64.StdEncoding.EncodeToString(hashed[:])
|
|
if expectedID != id {
|
|
t.Fatalf("wrong ID: expected %s, found %s", expectedID, id)
|
|
}
|
|
|
|
// Test without policies
|
|
entry = TokenEntry{NamespaceID: "namespaceFoo"}
|
|
id, isTWE = entry.CreateClientID()
|
|
if !isTWE {
|
|
t.Fatalf("TWE token should return true value in isTWE bool")
|
|
}
|
|
expectedIDPlaintext = "namespaceFoo"
|
|
|
|
hashed = sha256.Sum256([]byte(expectedIDPlaintext))
|
|
expectedID = base64.StdEncoding.EncodeToString(hashed[:])
|
|
if expectedID != id {
|
|
t.Fatalf("wrong ID: expected %s, found %s", expectedID, id)
|
|
}
|
|
}
|