run all builtins as plugins

api/sys_auth.go

@@ -82,15 +82,13 @@ type EnableAuthOptions struct {
 	Description string            `json:"description"`
 	Config      AuthConfigInput   `json:"config"`
 	Local       bool              `json:"local"`
-	PluginName  string            `json:"plugin_name,omitempty"`
 	SealWrap    bool              `json:"seal_wrap" mapstructure:"seal_wrap"`
 	Options     map[string]string `json:"options" mapstructure:"options"`
 }
 
 type AuthConfigInput struct {
 	DefaultLeaseTTL           string   `json:"default_lease_ttl" mapstructure:"default_lease_ttl"`
 	MaxLeaseTTL               string   `json:"max_lease_ttl" mapstructure:"max_lease_ttl"`
-	PluginName                string   `json:"plugin_name,omitempty" mapstructure:"plugin_name"`
 	AuditNonHMACRequestKeys   []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"`
 	AuditNonHMACResponseKeys  []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"`
 	ListingVisibility         string   `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"`
@@ -110,7 +108,6 @@ type AuthMount struct {
 type AuthConfigOutput struct {
 	DefaultLeaseTTL           int      `json:"default_lease_ttl" mapstructure:"default_lease_ttl"`
 	MaxLeaseTTL               int      `json:"max_lease_ttl" mapstructure:"max_lease_ttl"`
-	PluginName                string   `json:"plugin_name,omitempty" mapstructure:"plugin_name"`
 	AuditNonHMACRequestKeys   []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"`
 	AuditNonHMACResponseKeys  []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"`
 	ListingVisibility         string   `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"`

api/sys_mounts.go

@@ -134,7 +134,6 @@ type MountInput struct {
 	Config      MountConfigInput  `json:"config"`
 	Options     map[string]string `json:"options"`
 	Local       bool              `json:"local"`
-	PluginName  string            `json:"plugin_name,omitempty"`
 	SealWrap    bool              `json:"seal_wrap" mapstructure:"seal_wrap"`
 }
 
@@ -144,7 +143,6 @@ type MountConfigInput struct {
 	Description               *string           `json:"description,omitempty" mapstructure:"description"`
 	MaxLeaseTTL               string            `json:"max_lease_ttl" mapstructure:"max_lease_ttl"`
 	ForceNoCache              bool              `json:"force_no_cache" mapstructure:"force_no_cache"`
-	PluginName                string            `json:"plugin_name,omitempty" mapstructure:"plugin_name"`
 	AuditNonHMACRequestKeys   []string          `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"`
 	AuditNonHMACResponseKeys  []string          `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"`
 	ListingVisibility         string            `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"`
@@ -165,7 +163,6 @@ type MountConfigOutput struct {
 	DefaultLeaseTTL           int      `json:"default_lease_ttl" mapstructure:"default_lease_ttl"`
 	MaxLeaseTTL               int      `json:"max_lease_ttl" mapstructure:"max_lease_ttl"`
 	ForceNoCache              bool     `json:"force_no_cache" mapstructure:"force_no_cache"`
-	PluginName                string   `json:"plugin_name,omitempty" mapstructure:"plugin_name"`
 	AuditNonHMACRequestKeys   []string `json:"audit_non_hmac_request_keys,omitempty" mapstructure:"audit_non_hmac_request_keys"`
 	AuditNonHMACResponseKeys  []string `json:"audit_non_hmac_response_keys,omitempty" mapstructure:"audit_non_hmac_response_keys"`
 	ListingVisibility         string   `json:"listing_visibility,omitempty" mapstructure:"listing_visibility"`

api/sys_plugins.go

@@ -4,10 +4,15 @@ import (
 	"context"
 	"fmt"
 	"net/http"
+
+	"github.com/hashicorp/vault/helper/consts"
 )
 
 // ListPluginsInput is used as input to the ListPlugins function.
-type ListPluginsInput struct{}
+type ListPluginsInput struct {
+	// Type of the plugin. Required.
+	Type consts.PluginType `json:"type"`
+}
 
 // ListPluginsResponse is the response from the ListPlugins call.
 type ListPluginsResponse struct {
@@ -18,7 +23,7 @@ type ListPluginsResponse struct {
 // ListPlugins lists all plugins in the catalog and returns their names as a
 // list of strings.
 func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
-	path := "/v1/sys/plugins/catalog"
+	path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Type)
 	req := c.c.NewRequest("LIST", path)
 
 	ctx, cancelFunc := context.WithCancel(context.Background())
@@ -44,6 +49,9 @@ func (c *Sys) ListPlugins(i *ListPluginsInput) (*ListPluginsResponse, error) {
 // GetPluginInput is used as input to the GetPlugin function.
 type GetPluginInput struct {
 	Name string `json:"-"`
+
+	// Type of the plugin. Required.
+	Type consts.PluginType `json:"type"`
 }
 
 // GetPluginResponse is the response from the GetPlugin call.
@@ -56,7 +64,7 @@ type GetPluginResponse struct {
 }
 
 func (c *Sys) GetPlugin(i *GetPluginInput) (*GetPluginResponse, error) {
-	path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Name)
+	path := fmt.Sprintf("/v1/sys/plugins/catalog/%s/%s", i.Type, i.Name)
 	req := c.c.NewRequest(http.MethodGet, path)
 
 	ctx, cancelFunc := context.WithCancel(context.Background())
@@ -82,6 +90,9 @@ type RegisterPluginInput struct {
 	// Name is the name of the plugin. Required.
 	Name string `json:"-"`
 
+	// Type of the plugin. Required.
+	Type consts.PluginType `json:"type"`
+
 	// Args is the list of args to spawn the process with.
 	Args []string `json:"args,omitempty"`
 
@@ -94,7 +105,7 @@ type RegisterPluginInput struct {
 
 // RegisterPlugin registers the plugin with the given information.
 func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
-	path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Name)
+	path := fmt.Sprintf("/v1/sys/plugins/catalog/%s/%s", i.Type, i.Name)
 	req := c.c.NewRequest(http.MethodPut, path)
 	if err := req.SetJSONBody(i); err != nil {
 		return err
@@ -113,12 +124,15 @@ func (c *Sys) RegisterPlugin(i *RegisterPluginInput) error {
 type DeregisterPluginInput struct {
 	// Name is the name of the plugin. Required.
 	Name string `json:"-"`
+
+	// Type of the plugin. Required.
+	Type consts.PluginType `json:"type"`
 }
 
 // DeregisterPlugin removes the plugin with the given name from the plugin
 // catalog.
 func (c *Sys) DeregisterPlugin(i *DeregisterPluginInput) error {
-	path := fmt.Sprintf("/v1/sys/plugins/catalog/%s", i.Name)
+	path := fmt.Sprintf("/v1/sys/plugins/catalog/%s/%s", i.Type, i.Name)
 	req := c.c.NewRequest(http.MethodDelete, path)
 
 	ctx, cancelFunc := context.WithCancel(context.Background())

builtin/credential/app-id/backend_test.go

@@ -26,7 +26,7 @@ func TestBackend_basic(t *testing.T) {
 		return b, nil
 	}
 	logicaltest.Test(t, logicaltest.TestCase{
-		Factory: factory,
+		CredentialFactory: factory,
 		Steps: []logicaltest.TestStep{
 			testAccStepMapAppId(t),
 			testAccStepMapUserId(t),
@@ -65,7 +65,7 @@ func TestBackend_basic(t *testing.T) {
 
 func TestBackend_cidr(t *testing.T) {
 	logicaltest.Test(t, logicaltest.TestCase{
-		Factory: Factory,
+		CredentialFactory: Factory,
 		Steps: []logicaltest.TestStep{
 			testAccStepMapAppIdDisplayName(t),
 			testAccStepMapUserIdCidr(t, "192.168.1.0/16"),
@@ -78,7 +78,7 @@ func TestBackend_cidr(t *testing.T) {
 
 func TestBackend_displayName(t *testing.T) {
 	logicaltest.Test(t, logicaltest.TestCase{
-		Factory: Factory,
+		CredentialFactory: Factory,
 		Steps: []logicaltest.TestStep{
 			testAccStepMapAppIdDisplayName(t),
 			testAccStepMapUserId(t),
@@ -93,8 +93,9 @@ func TestBackend_displayName(t *testing.T) {
 
 func testAccStepMapAppId(t *testing.T) logicaltest.TestStep {
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "map/app-id/foo",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "map/app-id/foo",
 		Data: map[string]interface{}{
 			"value": "foo,bar",
 		},
@@ -103,8 +104,9 @@ func testAccStepMapAppId(t *testing.T) logicaltest.TestStep {
 
 func testAccStepMapAppIdDisplayName(t *testing.T) logicaltest.TestStep {
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "map/app-id/foo",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "map/app-id/foo",
 		Data: map[string]interface{}{
 			"display_name": "tubbin",
 			"value":        "foo,bar",
@@ -114,8 +116,9 @@ func testAccStepMapAppIdDisplayName(t *testing.T) logicaltest.TestStep {
 
 func testAccStepMapUserId(t *testing.T) logicaltest.TestStep {
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "map/user-id/42",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "map/user-id/42",
 		Data: map[string]interface{}{
 			"value": "foo",
 		},
@@ -124,15 +127,17 @@ func testAccStepMapUserId(t *testing.T) logicaltest.TestStep {
 
 func testAccStepDeleteUserId(t *testing.T) logicaltest.TestStep {
 	return logicaltest.TestStep{
-		Operation: logical.DeleteOperation,
-		Path:      "map/user-id/42",
+		IsAuthBackendRequest: true,
+		Operation:            logical.DeleteOperation,
+		Path:                 "map/user-id/42",
 	}
 }
 
 func testAccStepMapUserIdCidr(t *testing.T, cidr string) logicaltest.TestStep {
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "map/user-id/42",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "map/user-id/42",
 		Data: map[string]interface{}{
 			"value":      "foo",
 			"cidr_block": cidr,
@@ -148,8 +153,9 @@ func testAccLogin(t *testing.T, display string) logicaltest.TestStep {
 		return nil
 	}
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "login",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "login",
 		Data: map[string]interface{}{
 			"app_id":  "foo",
 			"user_id": "42",
@@ -172,8 +178,9 @@ func testAccLoginAppIDInPath(t *testing.T, display string) logicaltest.TestStep
 		return nil
 	}
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "login/foo",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "login/foo",
 		Data: map[string]interface{}{
 			"user_id": "42",
 		},
@@ -194,8 +201,9 @@ func testAccLoginCidr(t *testing.T, ip string, err bool) logicaltest.TestStep {
 	}
 
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "login",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "login",
 		Data: map[string]interface{}{
 			"app_id":  "foo",
 			"user_id": "42",
@@ -210,8 +218,9 @@ func testAccLoginCidr(t *testing.T, ip string, err bool) logicaltest.TestStep {
 
 func testAccLoginInvalid(t *testing.T) logicaltest.TestStep {
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "login",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "login",
 		Data: map[string]interface{}{
 			"app_id":  "foo",
 			"user_id": "48",
@@ -225,8 +234,9 @@ func testAccLoginInvalid(t *testing.T) logicaltest.TestStep {
 
 func testAccLoginDeleted(t *testing.T) logicaltest.TestStep {
 	return logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "login",
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "login",
 		Data: map[string]interface{}{
 			"app_id":  "foo",
 			"user_id": "42",

builtin/credential/aws/backend_test.go

@@ -476,40 +476,44 @@ func TestBackend_ConfigClient(t *testing.T) {
 	}
 
 	stepCreate := logicaltest.TestStep{
-		Operation: logical.CreateOperation,
-		Path:      "config/client",
-		Data:      data,
+		IsAuthBackendRequest: true,
+		Operation:            logical.CreateOperation,
+		Path:                 "config/client",
+		Data:                 data,
 	}
 
 	stepUpdate := logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "config/client",
-		Data:      data,
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "config/client",
+		Data:                 data,
 	}
 
 	data3 := map[string]interface{}{"access_key": "",
 		"secret_key": "mCtSM8ZUEQ3mOFVZYPBQkf2sO6F/W7a5TVzrl3Oj",
 	}
 	stepInvalidAccessKey := logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "config/client",
-		Data:      data3,
-		ErrorOk:   true,
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "config/client",
+		Data:                 data3,
+		ErrorOk:              true,
 	}
 
 	data4 := map[string]interface{}{"access_key": "accesskey",
 		"secret_key": "",
 	}
 	stepInvalidSecretKey := logicaltest.TestStep{
-		Operation: logical.UpdateOperation,
-		Path:      "config/client",
-		Data:      data4,
-		ErrorOk:   true,
+		IsAuthBackendRequest: true,
+		Operation:            logical.UpdateOperation,
+		Path:                 "config/client",
+		Data:                 data4,
+		ErrorOk:              true,
 	}
 
 	logicaltest.Test(t, logicaltest.TestCase{
-		AcceptanceTest: false,
-		Backend:        b,
+		AcceptanceTest:    false,
+		CredentialBackend: b,
 		Steps: []logicaltest.TestStep{
 			stepCreate,
 			stepInvalidAccessKey,