Initial Import

src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorTest.java

@@ -0,0 +1,377 @@
+package de.stklcode.jvault.connector;
+
+import de.stklcode.jvault.connector.test.VaultConfiguration;
+import de.stklcode.jvault.connector.exception.InvalidRequestException;
+import de.stklcode.jvault.connector.exception.PermissionDeniedException;
+import de.stklcode.jvault.connector.exception.VaultConnectorException;
+import de.stklcode.jvault.connector.factory.VaultConnectorFactory;
+import de.stklcode.jvault.connector.model.AuthBackend;
+import de.stklcode.jvault.connector.model.response.AuthResponse;
+import de.stklcode.jvault.connector.model.response.SealResponse;
+import de.stklcode.jvault.connector.model.response.SecretResponse;
+import de.stklcode.jvault.connector.model.response.TokenResponse;
+import org.junit.*;
+import org.junit.rules.TemporaryFolder;
+
+import java.io.BufferedWriter;
+import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
+import java.net.ServerSocket;
+import java.util.List;
+
+import static org.hamcrest.CoreMatchers.hasItem;
+import static org.hamcrest.CoreMatchers.hasItems;
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.hamcrest.Matchers.greaterThan;
+import static org.hamcrest.core.Is.is;
+import static org.junit.Assert.*;
+import static org.junit.Assume.assumeFalse;
+import static org.junit.Assume.assumeNotNull;
+import static org.junit.Assume.assumeTrue;
+
+/**
+ * JUnit Test for HTTP Vault connector.
+ *
+ * @author  Stefan Kalscheuer
+ * @since   0.1
+ */
+public class HTTPVaultConnectorTest {
+    private static String KEY = "81011a8061e5c028bd0d9503eeba40bd9054b9af0408d080cb24f57405c27a61";
+    private static String TOKEN_ROOT = "d1bd50e2-587b-6e68-d80b-a9a507625cb7";
+    private static String USER_VALID = "validUser";
+    private static String PASS_VALID = "validPass";
+    private static String APP_ID = "152AEA38-85FB-47A8-9CBD-612D645BFACA";
+    private static String USER_ID = "5ADF8218-D7FB-4089-9E38-287465DBF37E";
+    private static String SECRET_PATH = "userstore";
+    private static String SECRET_KEY = "foo";
+    private static String SECRET_VALUE = "bar";
+
+    private Process vaultProcess;
+    private VaultConnector connector;
+
+    @Rule
+    public TemporaryFolder tmpDir =  new TemporaryFolder();
+
+    /**
+     * Initialize Vault instance with generated configuration and provided file backend.
+     * Requires "vault" binary to be in current user's executable path. Not using MLock, so no extended rights required.
+     */
+    @Before
+    public void setUp() {
+        /* Initialize Vault */
+        VaultConfiguration config = initializeVault();
+        try {
+            Thread.sleep(1000);
+        } catch (InterruptedException e) {
+            e.printStackTrace();
+        }
+        /* Initialize connector */
+        connector = VaultConnectorFactory.httpFactory()
+                .withHost(config.getHost())
+                .withPort(config.getPort())
+                .withoutTLS()
+                .build();
+        /* Unseal Vault and check result */
+        SealResponse sealStatus = connector.unseal(KEY);
+        assumeNotNull(sealStatus);
+        assumeFalse(sealStatus.isSealed());
+    }
+
+    @After
+    public void tearDown() {
+        if (vaultProcess != null && vaultProcess.isAlive())
+            vaultProcess.destroy();
+    }
+
+    /**
+     * Test listing of authentication backends
+     */
+    @Test
+    public void authMethodsTest() {
+        /* Authenticate as valid user */
+        try {
+            connector.authToken(TOKEN_ROOT);
+        }
+        catch(VaultConnectorException ignored) {
+        }
+        assumeTrue(connector.isAuthorized());
+
+        List<AuthBackend> supportedBackends = null;
+        try {
+            supportedBackends = connector.getAuthBackends();
+        } catch (VaultConnectorException e) {
+            fail("Could not list supported auth backends: " + e.getMessage());
+        }
+        assertThat(supportedBackends.size(), is(3));
+        assertThat(supportedBackends, hasItems(AuthBackend.TOKEN, AuthBackend.USERPASS, AuthBackend.APPID));
+    }
+
+    /**
+     * Test authentication using token.
+     */
+    @Test
+    public void authTokenTest() {
+        TokenResponse res = null;
+        try {
+            res = connector.authToken("52135869df23a5e64c5d33a9785af5edb456b8a4a235d1fe135e6fba1c35edf6");
+            fail("Logged in with invalid token");
+        } catch (VaultConnectorException ignored) {
+        }
+
+        try {
+            res = connector.authToken(TOKEN_ROOT);
+            assertNotNull("Login failed with valid token", res);
+            assertThat("Login failed with valid token", connector.isAuthorized(), is(true));
+        } catch (VaultConnectorException ignored) {
+            fail("Login failed with valid token");
+        }
+    }
+
+    /**
+     * Test authentication using username and password.
+     */
+    @Test
+    public void authUserPassTest() {
+        AuthResponse res = null;
+        try {
+            connector.authUserPass("foo", "bar");
+            fail("Logged in with invalid credentials");
+        }
+        catch(VaultConnectorException ignored) {
+        }
+
+        try {
+            res = connector.authUserPass(USER_VALID, PASS_VALID);
+        } catch (VaultConnectorException ignored) {
+            fail("Login failed with valid credentials: Exception thrown");
+        }
+        assertNotNull("Login failed with valid credentials: Response not available", res.getAuth());
+        assertThat("Login failed with valid credentials: Connector not authorized", connector.isAuthorized(), is(true));
+    }
+
+    /**
+     * App-ID authentication roundtrip.
+     */
+    @Test
+    public void authAppIdTest() {
+        authRoot();
+        assumeTrue(connector.isAuthorized());
+
+        /* Register App-ID */
+        try {
+            boolean res = connector.registerAppId(APP_ID, "user", "App Name");
+            assertThat("Failed to register App-ID", res, is(true));
+        }
+        catch (VaultConnectorException e) {
+            fail("Failed to register App-ID: " + e.getMessage());
+        }
+
+        /* Register User-ID */
+        try {
+            boolean res = connector.registerUserId(APP_ID, USER_ID);
+            assertThat("Failed to register App-ID", res, is(true));
+        }
+        catch (VaultConnectorException e) {
+            fail("Failed to register App-ID: " + e.getMessage());
+        }
+
+        connector.resetAuth();
+        assumeFalse(connector.isAuthorized());
+
+        /* Authenticate with created credentials */
+        try {
+            AuthResponse res = connector.authAppId(APP_ID, USER_ID);
+            assertThat("Authorization flag not set after App-ID login.", connector.isAuthorized(), is(true));
+        } catch (VaultConnectorException e) {
+            fail("Failed to authenticate using App-ID: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Test reading of secrets.
+     */
+    @Test
+    public void readSecretTest() {
+        authUser();
+        assumeTrue(connector.isAuthorized());
+
+        /* Try to read path user has no permission to read */
+        SecretResponse res = null;
+        try {
+            res = connector.readSecret("invalid/path");
+            fail("Invalid secret path successfully read.");
+        } catch (VaultConnectorException e) {
+            assertThat(e, instanceOf(PermissionDeniedException.class));
+        }
+        /* Try to read accessible path with known value */
+        try {
+            res = connector.readSecret(SECRET_PATH + "/" + SECRET_KEY);
+            assertThat("Known secret returned invalid value.", res.getValue(), is(SECRET_VALUE));
+        } catch (VaultConnectorException e) {
+            fail("Valid secret path could not be read: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Test listing secrets.
+     */
+    @Test
+    public void listSecretsTest() {
+        authRoot();
+        assumeTrue(connector.isAuthorized());
+        /* Try to list secrets from valid path */
+        try {
+            List<String> secrets = connector.listSecrets(SECRET_PATH);
+            assertThat("Invalid nmber of secrets.", secrets.size(), greaterThan(0));
+            assertThat("Known secret key not found", secrets, hasItem(SECRET_KEY));
+        } catch (VaultConnectorException e) {
+            fail("Secrets could not be listed: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Test writing secrets.
+     */
+    @Test
+    public void writeSecretTest() {
+        authUser();
+        assumeTrue(connector.isAuthorized());
+
+        /* Try to write to null path */
+        try {
+            boolean res = connector.writeSecret(null, "someValue");
+            fail("Secret written to null path.");
+        } catch (VaultConnectorException e) {
+            assertThat(e, instanceOf(InvalidRequestException.class));
+        }
+        /* Try to write to invalid path */
+        try {
+            boolean res = connector.writeSecret("", "someValue");
+            fail("Secret written to invalid path.");
+        } catch (VaultConnectorException e) {
+            assertThat(e, instanceOf(InvalidRequestException.class));
+        }
+        /* Try to write to a path the user has no access for */
+        try {
+            boolean res = connector.writeSecret("invalid/path", "someValue");
+            fail("Secret written to inaccessible path.");
+        } catch (VaultConnectorException e) {
+            assertThat(e, instanceOf(PermissionDeniedException.class));
+        }
+        /* Perform a valid write/read roundtrip to valid path. Also check UTF8-encoding. */
+        try {
+            boolean res = connector.writeSecret(SECRET_PATH + "/temp", "Abc123äöü,!");
+            assertThat("Secret could not be written to valid path.", res, is(true));
+        } catch (VaultConnectorException e) {
+            fail("Secret written to inaccessible path.");
+        }
+        try {
+            SecretResponse res = connector.readSecret(SECRET_PATH + "/temp");
+            assertThat(res.getValue(), is("Abc123äöü,!"));
+        } catch (VaultConnectorException e) {
+            fail("Written secret could not be read.");
+        }
+    }
+
+    /**
+     * Initialize Vault with resource datastore and generated configuration.
+     * @return  Vault Configuration
+     * @throws IllegalStateException
+     */
+    private VaultConfiguration initializeVault() throws IllegalStateException {
+        String dataResource = getClass().getResource("/data_dir").getPath();
+
+        /* Generate vault local unencrypted configuration */
+        VaultConfiguration config = new VaultConfiguration()
+                .withHost("127.0.0.1")
+                .withPort(getFreePort())
+                .withDataLocation(dataResource)
+                .disableMlock();
+
+        /* Write configuration file */
+        BufferedWriter bw = null;
+        File configFIle = null;
+        try {
+            configFIle = tmpDir.newFile("vault.conf");
+            bw = new BufferedWriter(new FileWriter(configFIle));
+            bw.write(config.toString());
+        }
+        catch (IOException e) {
+            e.printStackTrace();
+            throw new IllegalStateException("Unable to generate config file.");
+        }
+        finally {
+            try {
+                if (bw != null)
+                    bw.close();
+            }
+            catch (IOException e) {
+                e.printStackTrace();
+            }
+        }
+
+        /* Start vault process */
+        try {
+            vaultProcess = Runtime.getRuntime().exec("vault server -config " + configFIle.toString());
+        } catch (IOException e) {
+            e.printStackTrace();
+            throw new IllegalStateException("Unable to start vault. Make sure vault binary is in your executable path.");
+        }
+
+        return config;
+    }
+
+    /**
+     * Authenticate with root token.
+     */
+    private void authRoot() {
+        /* Authenticate as valid user */
+        try {
+            connector.authToken(TOKEN_ROOT);
+        }
+        catch(VaultConnectorException ignored) {
+        }
+    }
+
+    /**
+     * Authenticate with user credentials.
+     */
+    private void authUser() {
+        try {
+            connector.authUserPass(USER_VALID, PASS_VALID);
+        }
+        catch(VaultConnectorException ignored) {
+        }
+    }
+
+    /**
+     * Find and return a free TCP port.
+     * @return  port number
+     */
+    private static Integer getFreePort() {
+        ServerSocket socket = null;
+        try {
+            socket = new ServerSocket(0);
+            socket.setReuseAddress(true);
+            int port = socket.getLocalPort();
+            try {
+                socket.close();
+            } catch (IOException e) {
+                // Ignore IOException on close()
+            }
+            return port;
+        } catch (IOException e) {
+            e.printStackTrace();
+        } finally {
+            if (socket != null) {
+                try {
+                    socket.close();
+                } catch (IOException e) {
+                    e.printStackTrace();
+                }
+            }
+        }
+        throw new IllegalStateException("Unable to find a free TCP port.");
+    }
+}

src/test/java/de/stklcode/jvault/connector/test/VaultConfiguration.java

@@ -0,0 +1,76 @@
+package de.stklcode.jvault.connector.test;
+
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+/**
+ * Vault configuration String using builder pattern.
+ *
+ * @author  Stefan Kalscheuer
+ * @since   0.1
+ */
+public class VaultConfiguration {
+    private String host;
+    private Integer port;
+    private boolean disableTLS;
+    private boolean disableMlock;
+    private Path dataLocation;
+
+    public VaultConfiguration() {
+        this.disableTLS = true;
+        this.disableMlock = false;
+    }
+
+    public VaultConfiguration withHost(String host) {
+        this.host = host;
+        return this;
+    }
+
+    public VaultConfiguration withPort(Integer port) {
+        this.port = port;
+        return this;
+    }
+
+    public VaultConfiguration enableTLS() {
+        this.disableTLS = false;
+        return this;
+    }
+
+    public VaultConfiguration disableMlock() {
+        this.disableMlock = true;
+        return this;
+    }
+
+    public VaultConfiguration withDataLocation(String dataLocation) {
+        return withDataLocation(Paths.get(dataLocation));
+    }
+
+    public VaultConfiguration withDataLocation(Path dataLocation) {
+        this.dataLocation = dataLocation;
+        return this;
+    }
+
+    public String getHost() {
+        return host;
+    }
+
+    public Integer getPort() {
+        return port;
+    }
+
+    public boolean isTLS() {
+        return !disableTLS;
+    }
+
+    @Override
+    public String toString() {
+        return  "backend \"file\" {\n" +
+                "  path = \"" + dataLocation + "\"\n" +
+                "}\n" +
+                "listener \"tcp\" {\n" +
+                "  address = \"" + host + ":" + port + "\"\n" +
+                ((disableTLS) ? "  tls_disable = 1\n" : "") +
+                "}\n" +
+                ((disableMlock) ? "disable_mlock = true" : "");
+    }
+}

src/test/resources/data_dir/auth/20e9c2e6-5b1f-b9c9-5a99-21667e0a899d/_salt

@@ -0,0 +1 @@
+{"Key":"auth/20e9c2e6-5b1f-b9c9-5a99-21667e0a899d/salt","Value":"AAAAAQJUsuXXEpmdNY5aIh5HdzZRTFpOUIgyKLGiw65DBwSXW6yGAYe/zhN/Ow+vyRZxG4temgnTjN7RVGjyzXGG5yLY"}

src/test/resources/data_dir/auth/20e9c2e6-5b1f-b9c9-5a99-21667e0a899d/struct/map/app-id/_19d90b9adcec2bf5088304034622a169a148ff43

@@ -0,0 +1 @@
+{"Key":"auth/20e9c2e6-5b1f-b9c9-5a99-21667e0a899d/struct/map/app-id/19d90b9adcec2bf5088304034622a169a148ff43","Value":"AAAAAQJuuRcCRinyawQ05brruZQY7ypgs1mOsFHI16XLwYB4dzwJob71wW+74RjvK4FVL4qPfgyMPKEtV2uO9+4hr2mC6BrcN///Ksxv+ns8FMVlBOMJpQ=="}

src/test/resources/data_dir/auth/20e9c2e6-5b1f-b9c9-5a99-21667e0a899d/struct/map/user-id/_55a852babe045b5980fc8ac4a13af27021dbbfd4

@@ -0,0 +1 @@
+{"Key":"auth/20e9c2e6-5b1f-b9c9-5a99-21667e0a899d/struct/map/user-id/55a852babe045b5980fc8ac4a13af27021dbbfd4","Value":"AAAAAQICaFIxG2xAq0AuJryVn1XghDulkVdQicXvhEL45K2S48aZcvMEsrDUXm9o427Bp6eMiq0Hw070nosnB9SWSQJEFUfPmM6I7Jhsou6CKmocs/AmocxY3Du4Lg=="}

src/test/resources/data_dir/auth/6802ec63-11b0-0ccc-280a-982ad0a90621/user/_validuser

@@ -0,0 +1 @@
+{"Key":"auth/6802ec63-11b0-0ccc-280a-982ad0a90621/user/validuser","Value":"AAAAAQJwFKMpgopAFjJaftTVY/iiawMw4Yj0S3pPDkzMPAfLxxaM3sCjOJt0q/07ozjTharT52wBv+s2ZEurPpr7VKDDzgy4xTMxFJbJs+0VkG3cjxRYEfW3bOIVAHhjLjmxZwYEATh0UUG7bQRNt56+/622bwR99ifWZ6e9zyRDGEwIn74JFN/3dY44qLQZmqfvDUrRQP5RfqDxqVdzbwse61s692Vy/QvlPsRFVRTkZHlNPqxT+OXd"}

src/test/resources/data_dir/core/_audit

@@ -0,0 +1 @@
+{"Key":"core/audit","Value":"AAAAAQJ+0lfxYOKIXzquksd3Il4zfW4ja6BdScu7mCAijGDph63S5yWH92olwI2SQA=="}

src/test/resources/data_dir/core/_auth

@@ -0,0 +1 @@
+{"Key":"core/auth","Value":"AAAAAQJeg+aK83bfYUPm5KV/+Y1Cf8fVX8Oq7cFiYE3PN4Tcl2j9YD7c+fijkopFzPLxh/EBRVzGTjBBkWBDTLC4EKn2lU8A+NJK6frGOu5Vjc4+WipBUcsGGcfosvxrZk8ZrTt09PRo7CnAFzmH4CgIVuEFv3NZyjXX08EMakxmH6R4S8Ti3cmit5Kr1TKSGnHeMfO6lBnAobAfNlfgNDM90yAxaQUT9gR27TabSKsVvkIY/0oxIcVFQ1RuF7xcdAOJ82wlWkcfT+rMhSS6roGt9Njx9t0PQNjv2eomh/leuhTUzfu4oAbtJJO3IPuC/KkJZpKinjJaGlA5Kx5m7W09DHieyI0GXmjJXH9oCj0z9w6eKDNZmjC1xeFylBvkvnkAKA6QmUmZjoq+m81/UC/C/ShJYxDFxaHwCPgF92qSrT1VTrz5lYAyyjJmrnbyuUXfgG6d4dbDxT/DVddHtIzHbBBT0xxjNM/+WxOSdRYZXKsfm8ovGaFWJr9AyFfEnyS0E9FJvkEXp68eNdacgdM3Ow5Zchm2/I9F4wN577ZwK9oGO2kjkDv4pwKQJ6uDYXeJDZxeMO2rXk/9sY8rAV20loOnqryfO3IE876H97KyE1LEzrky7mVw3YL/CDlZCO5Sf2IHTmwKylTRlsnUO1I5bviFD3a3EdeIGeDuNbWIqiju2fpMQX4l2gUuY4pysBM28AwbTe3zp348PePFpTcGE0/YwsW/aJit3VOc6xNX9WU="}

src/test/resources/data_dir/core/_keyring

@@ -0,0 +1 @@
+{"Key":"core/keyring","Value":"AAAAAQKCYFhCtIpVCVfA/MaX9/fCtNJB5z1z+tsi6VQzlDxo9dUxSsZC3ppnZZ9TYwRj6TUeP8QqyNDDhwiXp/i/WhAeoMV9UDKHQq7Ay4BO+AOz3VpHTX1ZYFrF0ZrYELqyFrOkhETpSpNzD6rxcwoJD9NuC+oQhR4TsMEXNzX3AqMKJE+b8iTbEl3tRZRQ5qgjIIy835JDTI3JoSXUxJAxYAbZLxunx2TF6fXs1urpY6GfCrvb/bidzBsfOT37y9Fok8TnOo8a1laqJpsdL6yOQnHj+ZmJVG+Pj5QLETg2L8hBikIMKA=="}

src/test/resources/data_dir/core/_master

@@ -0,0 +1 @@
+{"Key":"core/master","Value":"AAAAAQK8dxOynwwVLtj8fqeAPBSmo/cbdJBQgQt84CDEuYd3JMLLz3bRiP8G2rQ8mdaP7VVQjJyaWgG5AIFiyjswnYiOWWFIpFn7xPUr5Og1Pd0jTB5mCGEBSdoVLggt21JC4Rp7ceFlO8fNoc1q6h+IZI8ZMn8MPbqpMALNSqKhpOc5xfh6YkgL3XphWnbM5Gzc"}

src/test/resources/data_dir/core/_mounts

@@ -0,0 +1 @@
+{"Key":"core/mounts","Value":"AAAAAQLyZ1sJsIcAqhtCBFotH08os+J6UEjDnte1gzUp8md8RNH2LFTBe+8iwqSjgpJCyQPYXxDb7l5S4YG8ypUAk5yZA/CaC5y2idWXBrvzihCdDgOv+xLB17mGRuIJdPSdG2TlPY/HJBkadAPOzzD+qFHJKOeH+YOVwBQQP8GA9uLm3DZNHOSej59Y8wN7R9hJX1aXBnkqFhpLdARXqrlSI8SiWz3TNA2vmm4cCzxGcmKEUF3m6peBr47TTnZtcciGI0vd7yIbMeblF93HcrNMcQnKB4ItR8a+yO4WZHg/Y1iWn0JQB0y0FSYg+OFFolsMQpQDDd+YTUpj8zJ2pmlRZ9n19WBHD2VbkzkCyR214+NzCpOfCUsguYdGR34trwU6/4W5ApxtY/+T35vQ+esztU2HgQqJES6s8708Nn589Kvzg/+etbvhfq/DmWOcwZOtb2X/EQHaDmHWzsWqQ26Ux32WiAjedVwoba6vT23MIgUBjdHIKuTlrV6JqNVeuevfmfpBW8y/EhcAm6e2s8jTkdoaSPvq2NaBT9HF6FWJNXhVxAXQlOp7ibx5nk7l312umi2hbZ0+2Ad2wTGCVsECa26ZqXzBbU3uNni4sNdqbTq0i7unpqEQnyfTGcHkxe1uIbT2sK/AydtaOV8IDN4Z0HUBX9tj2UpQr8LX+JW9wX3MIXxQVfogyi/AmQRiDYuPeJyvvTTininGOHLSQyl/jRO/A3SdrTmppcwyNmTS1tzpwDawCP9yLWcw0/QVYgd8wMgmVjKsGuxJqWtEibnEnP9oU8Epi1Zy0OPXLUAT/06R9xtIMRReS2+VhBrFGmkD6eVL6EX0OOZ3yA6CxIft7cHQNishwIGL"}

src/test/resources/data_dir/core/_seal-config

@@ -0,0 +1 @@
+{"Key":"core/seal-config","Value":"eyJzZWNyZXRfc2hhcmVzIjoxLCJwZ3Bfa2V5cyI6bnVsbCwic2VjcmV0X3RocmVzaG9sZCI6MSwibm9uY2UiOiIiLCJiYWNrdXAiOmZhbHNlfQ=="}

src/test/resources/data_dir/logical/b85d867d-74d1-7d84-7a97-4597d813a5fb/userstore/_foo

@@ -0,0 +1 @@
+{"Key":"logical/b85d867d-74d1-7d84-7a97-4597d813a5fb/userstore/foo","Value":"AAAAAQKEvkR4E7cn/rKtmyhFT75qQ/hMRUwoKNmlfFar6/sxK3icAAYGWMVq8brp"}

src/test/resources/data_dir/sys/expire/id/auth/userpass/login/validUser/_299de173bcf8d6ff55f53e9e947006d8c2c88878

@@ -0,0 +1 @@
+{"Key":"sys/expire/id/auth/userpass/login/validUser/299de173bcf8d6ff55f53e9e947006d8c2c88878","Value":"AAAAAQLaQfkPOOnH3B/DFOXThAGuJNNK5uLCkHM0DOI59wkVISOOKtZJ3tK88S9H2Ce1mQbTr4jJaouYB2L5CWhqju1DZxwk7ji0rTnHZHEIGgCr3fbJFD3rjgcearrJGkvnfpKnyLaV+QZLN59fPga/8KJktvZ+frAG0IOmquVN9G1gGnUcEzbWu7vr49hZWeVAK1lVYVtUDpd44OCBa1A5qHf0in+hvP2egFXqyb0nWBElKUS0CEMjiZrrmKxr0nOU/quMAROPyNEArioJGTE0OYIEcJ+J3oMqSfWokCKuRBQ1vMC8oSMfTva0nnxNVQTAKq997SjCH/XooKxehdQjisndlRH/YaRsWpk+iRfFNmiSpYarQNb7vlDOlm9YLqqE/paQAFe7NQHY1RbOMzT6WJZy2lZ2L2PiR67udhJDHQMMmulqaYuquaT6CDDJzdf9XdJcPPjyceCFCbRnJ7PgvpliKd7saai/EDGSEqK9Cb5YNoPh6ISMsRnZcYGGtpbmHCODVfhYqpT5Fh3X6h1gIs/1dgFD6+n0+eq9V8fjLXMIUEEJ+7Q3+igR78bNaJ6hxJnLoxJL+du2cVVTB76o6iwoiuG6XqipSI/bm8QbxYxhLSmynLBWJopPlgI+hXrLIgOLn66CGurCyIulYbn8hFF1k+XDbZ0siFXHl9iibLRjXHb02d+Fe1mRbODilJKYMBfTkpIdC35kfZiBkMSZNzAoxaemrbYGNV74JFniJ6ElGyUAbXN7ODxZ0zU5Vv9zOwp/LDLDva2vhoxNm7YGlVhSIOcKOgUhm1cfUw+bMCfbtYWxVSNt2R2cfbFGjsKTvba/TCrecTywgo9MC/Pwd2ZnrzDz"}

src/test/resources/data_dir/sys/expire/id/auth/userpass/login/validUser/_2e9403fa105622cab037830348fb1dc2c309ac58

@@ -0,0 +1 @@
+{"Key":"sys/expire/id/auth/userpass/login/validUser/2e9403fa105622cab037830348fb1dc2c309ac58","Value":"AAAAAQKShT84HucEAfQKWdl99gAflfpJ6L4OUDIpHL8eTaY8aVBBc9Uyp6Ee9kU5Ej9yJ1TEeJh3fhDQrrAs16tXsgM6R9VbEduvuDqSOleNt4254Zo5WVycQw4qRtbE/JStN0nuGP2zmjPMHwfrOrweEfIHiXwP2fLejGFLq9+AbTqgb/InhRBMSqd9rzSzHpl3RAqqTiwjkArh7Hw57PCCSgOZSOYAeBTqxKiTbwcX7sYjs0AsDR3FnYfb55Ok+aryU2i3j27yX+DGqz7ClAyiX53Q2DHoYdaypcQ08rskCE7Z3tS3X27fMNdYTUzWGyJRCKp5qfYf6RsfOUvtBRj28B4bBIYj1gnRPkThuZq5E5TYESSFQ0j/YauXZFzO/MZifnaHfP7VerBKOZQ2Db6Srz8Vz7LfefWCj9L2sDCbtmMSaH/+FNIxQthbK++/rzrX5K2BlkMn7jwYIe6251Ke8eFdOyPwbXhfui2xiiH8mcZvHs8lHAufgUZKk9okT4QqLkEusz7LmfergjIURIwqz8uBfEi/3SSA783hCnuHeRu7WTylbMUoyS5zge8bhwZ5YpP2Byp5Szbf24uvve3CCt7n4/7stW3PHNXuJk6+x1GU4jnz2RIeBatlsDoJtxUkIZGcDOzocgCc5PtEPFl0a4sh+pfG0WfkcWr9/39+A+rqeTj6KpXDtE3T9B48IvPH0UzhcNXFeQE4RBSIZcPrIex+bxuL3zBnkJiURlDsgXqb9wWRHhd5BtEVTF8qzcWLZYZ0TNs8VR8vux0Onegt1s0BcMkyxtjWHV+KJXgmuk6UDyrBehzXoJX4tsTKBPeU/KdZn87KGkLn5hR66Oojk5LRLvbM"}

src/test/resources/data_dir/sys/expire/id/auth/userpass/login/validUser/_87656f27093d2d77837196faca0e4698c52bbd72

@@ -0,0 +1 @@
+{"Key":"sys/expire/id/auth/userpass/login/validUser/87656f27093d2d77837196faca0e4698c52bbd72","Value":"AAAAAQKiDmFCGjfaOmh1VNoL99Rqf2L5ZG2zI9CweA6G3Ytd/hHDGB9m5wYOIeBvh2oaZmqdGT3/LSpvAcqJ20NQGhF0rQBa+hxI95lQZ0HFI9b0pJgVZtiJfZAcci5PCb/V4mDytXfwH9/+y4rtmFRTqKww1OatW4cKNIEqQDQTiWzRlstDS+wRaiZyDU0yQmhVNzjjqagGeV+02JwIgnHm1bS6YgNrmLKvjEMYwYAFIf0dFEgf1CD0xr8V/lHaD6/EmxijncqqccQC97CU3RlQAho974zwUNITfRrM9ko1lsm4yUpI6d9/SrZGbpBkK76fW1IwqhU4elMYq07jXPseuE5LXH9hoZu5taaWhUGkwIJgpkBa+aZI3fHdBt7NQBC7YAOShixctpnzEdkXV510q+y41g//LupQkY98bDz5e8seIu59mwuH4TFl6UmcVUNtOiAxIE3/ACd60ycY2diksY0k7FZMO/e0LasO6uNi8ZsrmlYPOhoyVljW5ppsJVPemFW0IXcVrHRht81c2xHhmaTydQFVeuJL9snp1DM7sbDMcTHov7uYQP/ocdXDSTo5+DT7KeHmHH5jjDttX5iAGL8afh2vxmnipNR2uvFF6Rfl/q3Lam0MYRIBe8YdKfTuY4q3lJ4xzljYJlDySWat/mcAKLb+hbGnHXUFStYW4Cucz5BBGYn8dUY7kVV+z75RoJH/Oxv+GoOrXBimIA8nfR0hA9N5iGAubKJxw81RZRRbBKrnkuQ6dLWy+CLeoEEj7JmiJI+rdzET21bQpS+NVsIFJsXsqcEq6Lpqd0PL7auYf1OdvYNPXv4KTq8/yTiqzKhSVE/0YodNGiBmmtD6ChKKZmKv"}

src/test/resources/data_dir/sys/expire/id/auth/userpass/login/validUser/_907c609e9d43718c2d983e1b6fbead2d73f9b77b

@@ -0,0 +1 @@
+{"Key":"sys/expire/id/auth/userpass/login/validUser/907c609e9d43718c2d983e1b6fbead2d73f9b77b","Value":"AAAAAQIVNhCvqI99YcDltmevVyBRkRw/W5EtkaJNll99ejxuGdyjhMLxytd+QoyTbEFwo09FTmdxfAI8z9qS1FJO7uuDxVyxDMlZYhQ1BVJh/HUP0jNdbvo3ko6NQ/DjYAJ+Z4JAJr/ap3YQg0p/wq1hhJy7m3Ea8slnOAf+RscQtgjW4ucLV20wCMcSEnASvVzbi1OjMMQvS9lyduIuI6R1HnMSBQDLizZVSG0karp7jhWAbLiHmAiE7FWofIKUR3NbTUOMODQsHS4xsN+wDlKsfiY4vM5eKFby1UFymWganzL1W6SUrEMPBc3O5ZI2BE1Z4zYJJl4Sr8deZYMQorb7qCzCI9M6U0B0PsqBGn0eU49hr+1GUCi4gBHZOF6QNxkwWMPMxOML9MX3jWTiD7r97bGQjQQJ1mEZ0UcwlkVJZ3piYaiUnsVkBaKwYCDylolX9k1EgMVeOi8YQvMunW+oNxcdxbNCRx5bXZmRfHWA+/1w0Klk+R/eWODtI86Azv6CscHWw7mjR7kobH8+hNq2X379DgmyFVWLSt+Gyc4G6sKinps19cOEvZP+XmXXPdnysfI/DYg4g98aMKVMlt9HUhoCAnWs+WT2LdG8fQK8G1mE3w2PD665ZQVikpNJCK9nfOOMjwVZGFe9/jWtjfxqJfimK9WjeAJJ5IBcreSrEdGXo+lKgGjcGiTZ6OD11+dvPShntufxCRt5t1XrZN8swAN5695hYa19NPesJRfKf7FFstOxMi1VNdZvdVmZiw8pOpHJWhp68JRXlloDySQ1echJVh3SFMAf7v4zy+Sw2EoHuEV982w6xA5hyNECa2NRT+HvNfaOWSU/HNaaC3rkr86mFQUa"}

src/test/resources/data_dir/sys/expire/id/auth/userpass/login/validUser/_a5ecc2e5630b7e232b9c8744a0be6441ffb43229

@@ -0,0 +1 @@
+{"Key":"sys/expire/id/auth/userpass/login/validUser/a5ecc2e5630b7e232b9c8744a0be6441ffb43229","Value":"AAAAAQIENn0L1HL6To2REZnua3OsYnV9HdBkhN478rYY/FRhVGcfmyrRA+iy2FwQXbHoEMgaza6cwr4QPM6EiMNZdDubPMO+NHhBi8NgWTR+bwk7nIs5rNab4fdth9ROsjz9W1asbGORJD4l9rcbZ7B0lqh8A8X01YildprPnuDCtOu8wsrSCfE7eJwNaB+qYWNkEYgzEVWuwMqBZ3vfjUXOK9vyQTd933e3OlrIFBZukJ9QXlTyuma5fq+RcCcvQ359IgFB1wMNSMO2yeEK2yInd1ZZyM/+d4px0PlEh+B95D/gH4akJQ1BvGErvKf87F8J2ROdWxA76zHUXkr6BuZdW6p8Y67UuhHUOVM7DZks2VRB3xHzZjszuHeOCvfhM6mXSU01SP95wUE7cSonYM6wGXAFA+CWhpMRs4py4404JHMUo2tUaLiZLrspW6ZuGHBv/szJ94gdQQF998BsnhtqBzWBRrISrdErcUVtKeTj01PxOKbZgzeuvNMfRwzlbwN9APmI+ub8gSWTjs78w7eMnB78Xpabu6+2WMBELWTg+TmoEqayvpoPbl/AYNB9pJc0sGqm9fnNxVp2mLXQYKomaxOpG9lIv5lb7QzcZgqSpzaZ4Wcg568BXrd30pHUtEujA/za9f0/ywEdtw9eON8tj92IGgcrvkcSQ4+3zbHu3hWDUid2kiuSPxA36hrf7F6xuLQQWtO9e5knQ9sfPwAh8blMBdihjqLw3Mi/jwRLtxD6fySMn+qOFUwUvTfFTdJLgYfqgGej2CS8+x3zrs3fewaL06CqA89QsNfPsAH24ZcSZ0GAOOlgpp1P538cu50OAgdJlw++C0k8i4B4HlgVigtz5xGC"}

src/test/resources/data_dir/sys/policy/_default

@@ -0,0 +1 @@
+{"Key":"sys/policy/default","Value":"AAAAAQLsSCMLrL6OyG1Sqtmatk8G6JI634tmLqR+kai/22iklR6iAGI0xel8Sgo6MuOZPYFqM36J7dlcTduFb1KvNDlYVh77jv1zeqHm1Bv5Jq8S4Ndj1dWm+xTL/Eet9Ay9jccnP2h71V7pP9Fdnjsz9+Dm7mR+9+FRq5YPI/IeFUq8xy8fKsaMprUEBJaTOj0h9PFOxtxUnzAwrdSHixETrRJ5gFvndw0FLoh3kzK7/6RJIzcTQBu5msDKFOhOcp7X5s38JzwICzpnHBDaWFFsAgV6wVysV/GjsTx+E6MtTQsrLMTwd9wKc3kAuP9UwmVaLuhr3D/KEL/ZMTtGR57+tevdpOTxRxvS4ZavR9CJjNingqZKGlkkB3EMtb+3GAbD2ivDKDCmkqpLoekZpYbIkvJ6dW2fugAhWaxzIDrcr2EmGHTXnAJNDr4Kz/G+ghq97U2LBa15JjeyV5mc2li280PeUUZp8g/Qyv/c1CT/0OVn/F3nvlWNVc37kKkrefMX507BCMSYAVULl+NmIWaj+pcOSGpT1CV4O4l4IchzKez5lzJ7fTba74pysGxg19oB4A=="}

src/test/resources/data_dir/sys/policy/_user

@@ -0,0 +1 @@
+{"Key":"sys/policy/user","Value":"AAAAAQL2/4QvXwqcImWZ0+3rMWv9w6B4ql33rXMnfzi2v/qA7mQbfdow/lB6j0fy79JPNLOPd9K3n7MOlsdDJTL6RJ1hUFFM7CeMYT3EviwKgFl4enaB/K40a/f8jYiLBkvHqdrhLrit7kjs2NytNw=="}

src/test/resources/data_dir/sys/token/_salt

@@ -0,0 +1 @@
+{"Key":"sys/token/salt","Value":"AAAAAQIHNULiDBunAxcG4lQlnKj21ShIgxm7GNc7Zf8an238P2F4XryORfdzXqPyehkJ/npBnI5rCMmt8xLymOXLFRnB"}

src/test/resources/data_dir/sys/token/accessor/_1d9485c11b88512ab6e00f6e038105ddeacc8b61

@@ -0,0 +1 @@
+{"Key":"sys/token/accessor/1d9485c11b88512ab6e00f6e038105ddeacc8b61","Value":"AAAAAQLgGEtaqyYVvAdd75Ai904aegVg+D/K6PSw2j1ZF1b9Dqq8iqGm57BlpY7WdFI1pXwX9xWNSr4wa8/LofDfuQdW"}

src/test/resources/data_dir/sys/token/accessor/_575eee1a6b5cea9bfe29e29fecffffcbf8ad4006

@@ -0,0 +1 @@
+{"Key":"sys/token/accessor/575eee1a6b5cea9bfe29e29fecffffcbf8ad4006","Value":"AAAAAQKdywIFtMoadN+LSrck4PggbvSJO3WLExzNGdJMrazlhY20PRUfLI3Wzwlet78eJdzhrJ6yymDYEoPAmBdl2unc"}

src/test/resources/data_dir/sys/token/accessor/_7ab2fb12cd4d090ef2eca9be98f8e3375d42a8f6

@@ -0,0 +1 @@
+{"Key":"sys/token/accessor/7ab2fb12cd4d090ef2eca9be98f8e3375d42a8f6","Value":"AAAAAQKi28/4Q2x9KVoknHGdIUtoQu8aqb7iecYaVHjPE/DriZ3zG3kexhzspjH8nUp7LjaY7FHwZrSjsOu5CYIBnOOz"}

src/test/resources/data_dir/sys/token/accessor/_92437f5eab1616023d9d221099c46657e7075387

@@ -0,0 +1 @@
+{"Key":"sys/token/accessor/92437f5eab1616023d9d221099c46657e7075387","Value":"AAAAAQKOxe300u7ZzybBdAYi5KtrxicnO/0hK9cWDaoCd6lGD71/g/AIWlWKz+DP4aRI+lJ0YFO9WEv6TmNf9gj3dN9m"}

src/test/resources/data_dir/sys/token/accessor/_d2e5585c0050261f9182adcaa8693b5fc31ff553

@@ -0,0 +1 @@
+{"Key":"sys/token/accessor/d2e5585c0050261f9182adcaa8693b5fc31ff553","Value":"AAAAAQJBaj8iLfbGRFRH90AiJ179KHanpct9ko4VMzsYjbd5vLcQs74x/JtkUoJuxdgS4iQp5+qLKAehDOZDqb5d4sE7"}

src/test/resources/data_dir/sys/token/accessor/_f53e73156e57c97f8734c0d2a9892f3e2796e9d7

@@ -0,0 +1 @@
+{"Key":"sys/token/accessor/f53e73156e57c97f8734c0d2a9892f3e2796e9d7","Value":"AAAAAQKKkJTy0/HniNoMKHMb4hvwg+LutHutGH5F3mKApfpl0M6j8+euKc6+bVvOfTC22NSe4GtzmJ7r7dTh83MpJhjA"}

src/test/resources/data_dir/sys/token/id/_05b3023411dd89a9a27282d57d027f5312be4adc

@@ -0,0 +1 @@
+{"Key":"sys/token/id/05b3023411dd89a9a27282d57d027f5312be4adc","Value":"AAAAAQIUAO6ILG2gwWjc+J2kp4n03Rp6ycNYAWBYEM0ygocB7DmIT531H5cLbqFVJF5Zw+OQie0HOVLX/zcAPWtxkTOIRXH9FIUT14T9k1IzoxEOYSrbI6ig8bFffe4cd9b0qj9UKgwakQ1GG8vfeSXZnJjVBCSsvWL46s/IGh+SEmirNTiGSE3iy8p3+zunl2s/mUP08i/We03LcLTsCBfSsHVa/CongLNKgSq4oF23LFxv3De+9j8+IQ9HKA0pAatTaCjHdU1TsAiBGsKUhujGW5oQuygkUYVIBFqFqwDOytpdcxiP/A2LAut6qvQjvfT7s7C/Cvke9ypOQAr7iSmUlAhKcXPPEN21NdBmFq4K4w=="}

src/test/resources/data_dir/sys/token/id/_299de173bcf8d6ff55f53e9e947006d8c2c88878

@@ -0,0 +1 @@
+{"Key":"sys/token/id/299de173bcf8d6ff55f53e9e947006d8c2c88878","Value":"AAAAAQJQt7nHCnFDD58j1l2vcKmg38jweu3B16dIAw1QJ7NhMkLZZxSZilmlLrVX7jD2mI5wQ33/VevIhBioBeTMeZ6CctRywdYhhN3PENTn4YFmy2owswF5iABdl6p8Q+8qYTzTKRV//d2RmzyNXUpuFMoeLKDUpeRcImlECqB5fwquIHKSohx2mw4LXwsixydW/Zz0o45R0t+44rMmX81PtAr8EHh1ibZyhSpgIXy6PPvhvkdIwK2/R7PxtG/gC1ETXLW9pFRMVCk3kED74BYg6d3YnS3HSvls0fBf8k9nfvVd/qVRfW2vipzy9X2Pdc/orb6eGb4zp5+umMwzlere9WLScqWvMXh6Z+u/t4b0ugx79QFDuBfRNNtV9Q9xkU7EzEQYJ9SlVS2GY1t0mvA6q6A3Y+FKr+MXbHo73Ep9yQCwsMfBYwSTw5bb+zk9KocWlVSlywx2oRI="}

src/test/resources/data_dir/sys/token/id/_2e9403fa105622cab037830348fb1dc2c309ac58

@@ -0,0 +1 @@
+{"Key":"sys/token/id/2e9403fa105622cab037830348fb1dc2c309ac58","Value":"AAAAAQKefcFaLPpMwphWhftjzK1inJ6+o4BS67QSBSjARw5SDqDPKIrrDhHSJWHT+lfYxNG3NGSSroOcF2NRLGKX0lN5uoBry/dJCUAESYeoQr2m4eWIdGnnRI/q0h8xtpt9snlE06GMBRMOiPFiPwzeRfRreMSWOPYXV+WcV5jXbp/oRwAYbimAta4XlPxWz/+Ie2KPKqlyFHOPC36RZkupR4NNn+IiWT/MOU6B83Z6S/v46mpRi3BP6H9d09LXKJUDUiq3Bw4SlWvnvZ4x6vz/tUIOggnj+5LydDJUe6XqMhSOMa79IEVDvlRQOl6/gQ/KeM0VmQ5EC0+gADcjsclq3gw8z0UG0ee9J4NwUzaOJU6TclWCd8InJUk0kb+rtoWlVxDRH6LFLFoloTXjFaAp99qD8dXlsFbh6zFrjp013ZECmre/XMrRlTHqzCFfW6lYl7sGdYzyWXY="}

src/test/resources/data_dir/sys/token/id/_87656f27093d2d77837196faca0e4698c52bbd72

@@ -0,0 +1 @@
+{"Key":"sys/token/id/87656f27093d2d77837196faca0e4698c52bbd72","Value":"AAAAAQL+pJwgJ+xwD+Ut6lCskksaA9cLFNTrEp2lo8PGXmJ32pvgxSZ2Wo0WiFHQS7Y8mbQdnZCDlwsRTQJvFTFGHkltQ9SBlUwmasKKQKnAczRlRiwkadjDOaTbUX4Tu0Adr9o92M0CBltQUWIC5+3PsSxsbgaOVHsx72dhh2xUXVlJxUgYrAsqyLCH+nbsphELoRNSveTd6nWsZfIZAYY/dYmvMfYTinKCcpjd95Lb/Q81zJfO5ueg43YDDkR6E3avgK4tSUYktWf6DC6/dv2ORCHR+5opKfn5S+4TXscv0gmMiuBBIFq8SaiXb7EH1enWdkIPl50BIfoaJLCPhtuFagYAIbcRPQ7/XgrPsg6sIGOEiebVCpGTOyePHOH/4vKKoSDZPq9j4Hqj59cP/SAftJu6JfKC4D4Jizx2iT6VgP8LbY5aVK4PP4XibgnOoQ6oZ8KF5Yl2+HY="}

src/test/resources/data_dir/sys/token/id/_907c609e9d43718c2d983e1b6fbead2d73f9b77b

@@ -0,0 +1 @@
+{"Key":"sys/token/id/907c609e9d43718c2d983e1b6fbead2d73f9b77b","Value":"AAAAAQJe42Qg1BhYScbMjIMlgB7pmzO4DAudGAqRV42py/7154fOu8IEKq60HolmwyqdA8kBvaaNetxC6LJDCXE/TX962L2TeMNd0PsvFcwjblNevRh/Vr4frVmMK0BjkXLLAb9KZhLFbX/58c2NbTu5efZosWn6hkxeggsnf9f/H7OS495kX01zaqV96X0Xp7MKH+HwDsG6BE3OrSSQ7piz89a+17AjQVH54LeMBZshkbwQ1rXFSG8vXs7oUV8IWhq+fGbU9VIwnJfudKcdaNsmk4CRm3hrrRjqHETq6OefPMGWsL8W0NoYq1iG3Ro9aB+VkdHDb9WuSeP8QkiUAcA0Zpnxhote3LXTQTBlYJqI32UuNIoIfdRezRFXSNR3sLzt6PxclfqUcfb2U97RZlYCKpYJqwTVu+T7AXxzgDaPSoMTpuq7F7Fu3fqpNrYAJoAgj3Dyh/7rjtk="}

src/test/resources/data_dir/sys/token/id/_a5ecc2e5630b7e232b9c8744a0be6441ffb43229

@@ -0,0 +1 @@
+{"Key":"sys/token/id/a5ecc2e5630b7e232b9c8744a0be6441ffb43229","Value":"AAAAAQLfKeWYOoWmIQesxjo8x4C+mJm49dCQ9otVnMKfB5ZFRPbQ60soeickhPYTC14yByV/ZJAGiiAoWa4xSHUbZXnYBmkffCMKCN3N5SVt3nICX1pmXHk6kSaqGKUbgLuhQkTu32Ahf27ghFll9czas6S0WWWvHblmb5iy43jiQczWo5YQjXBkXE36CUfMpjM6wrZn27ecKoHoRSTL17sOKK6R2FtZWS7juBlCDmUY3SffxIsIu2ZESFgX5E+hTUR/HnqnAq8/JeDvbHXJqBVZM647DI9Pg9M4M14Em5tEkY3dPaRYfWU7OV7/9vIebyR4kcBWycdlgejoBv7pKjUDxfavLM3/e8R2dVeubYWoLm+O+P2nVhY8S3Fq3K/9QgDQLZXq6QcWMdwMO6A+YelLW2TNaabRzDS8gGoonh21/I5Xi2Y8GwycCotY0WKBPNVi8lOT3jH16oc="}