Skip to content

Commit

Permalink
Fixed tests
Browse files Browse the repository at this point in the history
  • Loading branch information
michelvocks committed Apr 8, 2019
1 parent 06a30ab commit 5879275
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 33 deletions.
10 changes: 5 additions & 5 deletions vault/token_store.go
Original file line number Diff line number Diff line change
Expand Up @@ -2117,7 +2117,7 @@ func (ts *TokenStore) handleCreateCommon(ctx context.Context, req *logical.Reque
NumUses int `mapstructure:"num_uses"`
Period string
Type string `mapstructure:"type"`
EntityAlias string
EntityAlias string `mapstructure:"entity_alias"`
}
if err := mapstructure.WeakDecode(req.Data, &data); err != nil {
return logical.ErrorResponse(fmt.Sprintf(
Expand Down Expand Up @@ -2223,13 +2223,13 @@ func (ts *TokenStore) handleCreateCommon(ctx context.Context, req *logical.Reque
}

// Get mount accessor which is required to lookup entity alias
mountValidationResp := ts.core.router.validateMountByAccessor("auth_token_")
mountValidationResp := ts.core.router.MatchingMountByAccessor(req.MountAccessor)
if mountValidationResp == nil {
return logical.ErrorResponse("auth token mount accessor not found"), nil
}

// Verify that the alias exist
aliasByFactors, err := ts.core.identityStore.MemDBAliasByFactors(mountValidationResp.MountAccessor, data.EntityAlias, false, false)
aliasByFactors, err := ts.core.identityStore.MemDBAliasByFactors(mountValidationResp.Accessor, data.EntityAlias, false, false)
if err != nil {
return logical.ErrorResponse(err.Error()), nil
}
Expand All @@ -2239,8 +2239,8 @@ func (ts *TokenStore) handleCreateCommon(ctx context.Context, req *logical.Reque
// Entity alias does not exist. Create a new entity and entity alias
newAlias := &logical.Alias{
Name: data.EntityAlias,
MountAccessor: mountValidationResp.MountAccessor,
MountType: mountValidationResp.MountType,
MountAccessor: mountValidationResp.Accessor,
MountType: mountValidationResp.Type,
}

newEntity, err := ts.core.identityStore.CreateOrFetchEntity(ctx, newAlias)
Expand Down
59 changes: 31 additions & 28 deletions vault/token_store_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"encoding/json"
"fmt"
"github.com/mitchellh/mapstructure"
"path"
"reflect"
"sort"
Expand All @@ -19,9 +20,9 @@ import (
"github.com/hashicorp/errwrap"
"github.com/hashicorp/go-hclog"
"github.com/hashicorp/go-uuid"
"github.com/hashicorp/vault/helper/identity"
"github.com/hashicorp/vault/helper/locksutil"
"github.com/hashicorp/vault/helper/namespace"
"github.com/hashicorp/vault/helper/identity"
"github.com/hashicorp/vault/logical"
)

Expand Down Expand Up @@ -2658,13 +2659,14 @@ func TestTokenStore_HandleRequest_CreateToken_ExistingEntityAlias(t *testing.T)

// Create token role
resp, err = core.HandleRequest(ctx, &logical.Request{
Path: "auth/token/roles/" + testRoleName,
Operation: logical.CreateOperation,
Path: "auth/token/roles/" + testRoleName,
ClientToken: root,
Operation: logical.CreateOperation,
Data: map[string]interface{}{
"orphan": true,
"period": "72h",
"path_suffix": "happenin",
"bound_cidrs": []string{"0.0.0.0/0"},
"orphan": true,
"period": "72h",
"path_suffix": "happenin",
"bound_cidrs": []string{"0.0.0.0/0"},
"allowed_entity_aliases": []string{"test1", "test2", entityAliasName},
},
})
Expand All @@ -2673,11 +2675,10 @@ func TestTokenStore_HandleRequest_CreateToken_ExistingEntityAlias(t *testing.T)
}

resp, err = core.HandleRequest(ctx, &logical.Request{
Path: "auth/token/create",
Path: "auth/token/create/" + testRoleName,
Operation: logical.UpdateOperation,
ClientToken: root,
Data: map[string]interface{}{
"role_name": testRoleName,
"entity_alias": entityAliasName,
},
})
Expand Down Expand Up @@ -2711,12 +2712,13 @@ func TestTokenStore_HandleRequest_CreateToken_NonExistingEntityAlias(t *testing.

// Create token role
resp, err := core.HandleRequest(ctx, &logical.Request{
Path: "auth/token/roles/" + testRoleName,
Operation: logical.CreateOperation,
Path: "auth/token/roles/" + testRoleName,
ClientToken: root,
Operation: logical.CreateOperation,
Data: map[string]interface{}{
"period": "72h",
"path_suffix": "happenin",
"bound_cidrs": []string{"0.0.0.0/0"},
"period": "72h",
"path_suffix": "happenin",
"bound_cidrs": []string{"0.0.0.0/0"},
"allowed_entity_aliases": []string{"test1", "test2"},
},
})
Expand All @@ -2726,11 +2728,10 @@ func TestTokenStore_HandleRequest_CreateToken_NonExistingEntityAlias(t *testing.

// Create token with non existing entity alias
resp, err = core.HandleRequest(ctx, &logical.Request{
Path: "auth/token/create",
Path: "auth/token/create/" + testRoleName,
Operation: logical.UpdateOperation,
ClientToken: root,
Data: map[string]interface{}{
"role_name": testRoleName,
"entity_alias": entityAliasName,
},
})
Expand All @@ -2751,15 +2752,16 @@ func TestTokenStore_HandleRequest_CreateToken_NonExistingEntityAlias(t *testing.
}

// Get the attached alias information
aliases, ok := resp.Data["aliases"].([]identity.Alias)
if !ok {
t.Fatalf("failed to parse attached aliases. Resp: %#v", resp.Data)
}
aliases := resp.Data["aliases"].([]interface{})
if len(aliases) != 1 {
t.Fatalf("expected one attached alias but got %d", len(aliases))
t.Fatalf("expected only one alias but got %d; Aliases: %#v", len(aliases), aliases)
}
if aliases[0].Name != entityAliasName {
t.Fatalf("alias name should be '%s' but is '%s'", entityAliasName, aliases[0].Name)
alias := &identity.Alias{}
mapstructure.Decode(aliases[0], alias)

// Validate
if alias.Name != entityAliasName {
t.Fatalf("alias name should be '%s' but is '%s'", entityAliasName, alias.Name)
}
}

Expand All @@ -2786,7 +2788,7 @@ func TestTokenStore_HandleRequest_CreateToken_NotAllowedEntityAlias(t *testing.T
entityID := resp.Data["id"].(string)

// Find mount accessor
resp, err = core.systemBackend.HandleRequest(namespace.RootContext(nil), &logical.Request{
resp, err = core.systemBackend.HandleRequest(ctx, &logical.Request{
Path: "auth",
Operation: logical.ReadOperation,
})
Expand All @@ -2808,10 +2810,11 @@ func TestTokenStore_HandleRequest_CreateToken_NotAllowedEntityAlias(t *testing.T

// Create token role
resp, err = core.HandleRequest(ctx, &logical.Request{
Path: "auth/token/roles/" + testRoleName,
Operation: logical.CreateOperation,
Path: "auth/token/roles/" + testRoleName,
ClientToken: root,
Operation: logical.CreateOperation,
Data: map[string]interface{}{
"period": "72h",
"period": "72h",
"allowed_entity_aliases": []string{"test1", "test2", "testentityaliasn"},
},
})
Expand All @@ -2820,7 +2823,7 @@ func TestTokenStore_HandleRequest_CreateToken_NotAllowedEntityAlias(t *testing.T
}

resp, _ = core.HandleRequest(ctx, &logical.Request{
Path: "auth/token/create",
Path: "auth/token/create/" + testRoleName,
Operation: logical.UpdateOperation,
ClientToken: root,
Data: map[string]interface{}{
Expand Down

0 comments on commit 5879275

Please sign in to comment.