add missing fields to auth response

* token_policies
* entity_id
* token_type
* orphan

CHANGELOG.md

@@ -4,7 +4,11 @@
 * Correctly parse Map field for token metadata (#34)
 * Correctly map token policies on lookup (#35)
 
+### Features
+* Support for token types (#26)
+
 ### Improvements
+* Added `entity_id`, `token_policies`, `token_type` and `orphan` flags to auth response
 * Minor dependency updates
 
 

src/main/java/de/stklcode/jvault/connector/model/response/embedded/AuthData.java

@@ -39,6 +39,9 @@ public final class AuthData {
     @JsonProperty("policies")
     private List<String> policies;
 
+    @JsonProperty("token_policies")
+    private List<String> tokenPolicies;
+
     @JsonProperty("metadata")
     private Map<String, Object> metadata;
 
@@ -48,6 +51,15 @@ public final class AuthData {
     @JsonProperty("renewable")
     private boolean renewable;
 
+    @JsonProperty("entity_id")
+    private String entityId;
+
+    @JsonProperty("token_type")
+    private String tokenType;
+
+    @JsonProperty("orphan")
+    private boolean orphan;
+
     /**
      * @return Client token
      */
@@ -56,10 +68,11 @@ public final class AuthData {
     }
 
     /**
-     * @return Token accessor
+     * @return Token type
+     * @since 0.9
      */
-    public String getAccessor() {
+    public String getTokenType() {
-        return accessor;
+        return tokenType;
     }
 
     /**
@@ -69,6 +82,14 @@ public final class AuthData {
         return policies;
     }
 
+    /**
+     * @return List of policies associated with the ooken
+     * @since 0.9
+     */
+    public List<String> getTokenPolicies() {
+        return tokenPolicies;
+    }
+
     /**
      * @return Metadata
      */
@@ -89,4 +110,27 @@ public final class AuthData {
     public boolean isRenewable() {
         return renewable;
     }
+
+    /**
+     * @return Entity ID
+     * @since 0.9
+     */
+    public String getEntityId() {
+        return entityId;
+    }
+
+    /**
+     * @return Token accessor
+     */
+    public String getAccessor() {
+        return accessor;
+    }
+
+    /**
+     * @return Token is orphan
+     * @since 0.9
+     */
+    public boolean isOrphan() {
+        return orphan;
+    }
 }

src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorTest.java

@@ -1050,8 +1050,12 @@ public class HTTPVaultConnectorTest {
                 assertThat("Invalid token ID returned.", res.getAuth().getClientToken(), is("test-id"));
                 assertThat("Invalid number of policies returned.", res.getAuth().getPolicies(), hasSize(1));
                 assertThat("Root policy not inherited.", res.getAuth().getPolicies(), contains("root"));
+                assertThat("Invalid number of token policies returned.", res.getAuth().getTokenPolicies(), hasSize(1));
+                assertThat("Root policy not inherited for token.", res.getAuth().getTokenPolicies(), contains("root"));
+                assertThat("Unexpected token type.", res.getAuth().getTokenType(), is(Token.Type.SERVICE.value()));
                 assertThat("Metadata unexpected.", res.getAuth().getMetadata(), is(nullValue()));
                 assertThat("Root token should not be renewable", res.getAuth().isRenewable(), is(false));
+                assertThat("Root token should not be orphan", res.getAuth().isOrphan(), is(false));
 
                 // Starting with Vault 1.0 a warning "cusotm ID uses weaker SHA1..." is given.
                 if (VAULT_VERSION.startsWith("1.")) {
@@ -1075,12 +1079,12 @@ public class HTTPVaultConnectorTest {
                 AuthResponse res = connector.createToken(token);
                 assertThat("Invalid token ID returned.", res.getAuth().getClientToken(), is("test-id2"));
                 assertThat("Invalid number of policies returned.", res.getAuth().getPolicies(), hasSize(1));
-                assertThat("Root policy not inherited.", res.getAuth().getPolicies(), contains("testpolicy"));
+                assertThat("Custom policy not set.", res.getAuth().getPolicies(), contains("testpolicy"));
                 assertThat("Metadata not given.", res.getAuth().getMetadata(), is(notNullValue()));
                 assertThat("Metadata not correct.", res.getAuth().getMetadata().get("foo"), is("bar"));
                 assertThat("Token should be renewable", res.getAuth().isRenewable(), is(true));
             } catch (VaultConnectorException e) {
-                fail("Secret written to inaccessible path.");
+                fail("Token createion failed: " + e.getMessage());
             }
 
             /* Overwrite token should fail as of Vault 0.8.0 */
@@ -1102,6 +1106,26 @@ public class HTTPVaultConnectorTest {
                 /* Assert that the exception does not reveal token ID */
                 assertThat(stackTrace(e), not(stringContainsInOrder(token.getId())));
             }
+
+            /* Create token with batch type */
+            token = Token.builder()
+                    .withDisplayName("test name 3")
+                    .withPolicy("batchpolicy")
+                    .withoutDefaultPolicy()
+                    .withType(Token.Type.BATCH)
+                    .build();
+            try {
+                AuthResponse res = connector.createToken(token);
+                assertThat("Unexpected token prefix", res.getAuth().getClientToken(), startsWith("b."));
+                assertThat("Invalid number of policies returned.", res.getAuth().getPolicies(), hasSize(1));
+                assertThat("Custom policy policy not set.", res.getAuth().getPolicies(), contains("batchpolicy"));
+                assertThat("Token should not be renewable", res.getAuth().isRenewable(), is(false));
+                assertThat("Token should not be orphan", res.getAuth().isOrphan(), is(false));
+                assertThat("Specified token Type not set", res.getAuth().getTokenType(), is(Token.Type.BATCH.value()));
+
+            } catch (VaultConnectorException e) {
+                fail("Token createion failed: " + e.getMessage());
+            }
         }
 
         /**

src/test/java/de/stklcode/jvault/connector/model/response/AuthResponseTest.java

@@ -44,6 +44,9 @@ public class AuthResponseTest {
     private static final String AUTH_META_VALUE = "armon";
     private static final Integer AUTH_LEASE_DURATION = 3600;
     private static final Boolean AUTH_RENEWABLE = true;
+    private static final String AUTH_ENTITY_ID = "";
+    private static final String AUTH_TOKEN_TYPE = "service";
+    private static final Boolean AUTH_ORPHAN = false;
 
     private static final String RES_JSON = "{\n" +
             "  \"auth\": {\n" +
@@ -53,11 +56,18 @@ public class AuthResponseTest {
             "      \"" + AUTH_POLICY_1 + "\", \n" +
             "      \"" + AUTH_POLICY_2 + "\"\n" +
             "    ],\n" +
+            "    \"token_policies\": [\n" +
+            "      \"" + AUTH_POLICY_2 + "\",\n" +
+            "      \"" + AUTH_POLICY_1 + "\" \n" +
+            "    ],\n" +
             "    \"metadata\": {\n" +
             "      \"" + AUTH_META_KEY + "\": \"" + AUTH_META_VALUE + "\"\n" +
             "    },\n" +
             "    \"lease_duration\": " + AUTH_LEASE_DURATION + ",\n" +
-            "    \"renewable\": " + AUTH_RENEWABLE + "\n" +
+            "    \"renewable\": " + AUTH_RENEWABLE + ",\n" +
+            "    \"entity_id\": \"" + AUTH_ENTITY_ID + "\",\n" +
+            "    \"token_type\": \"" + AUTH_TOKEN_TYPE + "\",\n" +
+            "    \"orphan\": " + AUTH_ORPHAN + "\n" +
             "  }\n" +
             "}";
 
@@ -104,8 +114,16 @@ public class AuthResponseTest {
             assertThat("Incorrect auth client token", data.getClientToken(), is(AUTH_CLIENT_TOKEN));
             assertThat("Incorrect auth lease duration", data.getLeaseDuration(), is(AUTH_LEASE_DURATION));
             assertThat("Incorrect auth renewable flag", data.isRenewable(), is(AUTH_RENEWABLE));
+            assertThat("Incorrect auth orphan flag", data.isOrphan(), is(AUTH_ORPHAN));
+            assertThat("Incorrect auth token type", data.getTokenType(), is(AUTH_TOKEN_TYPE));
+            assertThat("Incorrect auth entity id", data.getEntityId(), is(AUTH_ENTITY_ID));
             assertThat("Incorrect number of policies", data.getPolicies(), hasSize(2));
-            assertThat("Incorrect auth policies", data.getPolicies(), containsInAnyOrder(AUTH_POLICY_1, AUTH_POLICY_2));
+            assertThat("Incorrect auth policies", data.getPolicies(), containsInRelativeOrder(AUTH_POLICY_1, AUTH_POLICY_2));
+            assertThat("Incorrect number of token policies", data.getTokenPolicies(), hasSize(2));
+            assertThat("Incorrect token policies", data.getTokenPolicies(), containsInRelativeOrder(AUTH_POLICY_2, AUTH_POLICY_1));
+            assertThat("Incorrect auth metadata size", data.getMetadata().entrySet(), hasSize(1));
+            assertThat("Incorrect auth metadata", data.getMetadata().get(AUTH_META_KEY), is(AUTH_META_VALUE));
+
         } catch (IOException e) {
             fail("AuthResponse deserialization failed: " + e.getMessage());
         }