stklcode/jvaultconnector
stklcode/jvaultconnector
1
0
Fork 0
Code Issues Actions Releases 33 Wiki Activity

Fix token creation test for compatibiltiy with Vault 0.8.0 (#10)

Browse Source 
As of Vault 0.8.0 specifying the same token ID twice is prohibited. Adapted the unit test to match this behavior.
This commit is contained in:
Stefan Kalscheuer 2017-07-31 20:38:54 +02:00
parent 3fd74a7fd2
commit e9663ef794
2 changed files with 10 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.travis.yml
View File

@ -8,6 +8,6 @@ dist: trusty
env: env:
- PATH=$PATH:. - PATH=$PATH:.
before_script: before_script:
- wget https://releases.hashicorp.com/vault/0.7.3/vault_0.7.3_linux_amd64.zip - wget https://releases.hashicorp.com/vault/vault_0.8.0-beta1/vault_0.8.0-beta1_linux_amd64.zip
- unzip vault_0.7.3_linux_amd64.zip - unzip vault_0.8.0-beta1_linux_amd64.zip
- rm vault_0.7.3_linux_amd64.zip - rm vault_0.8.0-beta1_linux_amd64.zip

20
src/test/java/de/stklcode/jvault/connector/HTTPVaultConnectorTest.java
View File

@ -696,7 +696,7 @@ public class HTTPVaultConnectorTest {
fail("Secret written to inaccessible path."); fail("Secret written to inaccessible path.");
} }
/* Overwrite token */ /* Overwrite token should fail as of Vault 0.8.0 */
token = new TokenBuilder() token = new TokenBuilder()
.withId("test-id2") .withId("test-id2")
.withDisplayName("test name 3") .withDisplayName("test name 3")
@ -707,19 +707,13 @@ public class HTTPVaultConnectorTest {
.withTtl(1234) .withTtl(1234)
.build(); .build();
try { try {
AuthResponse res = connector.createToken(token); connector.createToken(token);
assertThat("Invalid token ID returned.", res.getAuth().getClientToken(), is("test-id2")); fail("Overwriting token should fail as of Vault 0.8.0");
assertThat("Invalid number of policies returned.", res.getAuth().getPolicies(), hasSize(3));
assertThat("Policies not returned as expected.", res.getAuth().getPolicies(), contains("default", "pol1", "pol2"));
assertThat("Old policy not overwritten.", res.getAuth().getPolicies(), not(contains("testpolicy")));
assertThat("Metadata not given.", res.getAuth().getMetadata(), is(notNullValue()));
assertThat("Metadata not correct.", res.getAuth().getMetadata().get("test"), is("success"));
assertThat("Metadata not correct.", res.getAuth().getMetadata().get("key"), is("value"));
assertThat("Old metadata not overwritten.", res.getAuth().getMetadata().get("foo"), is(nullValue()));
assertThat("TTL not set correctly", res.getAuth().getLeaseDuration(), is(1234));
assertThat("Token should be renewable", res.getAuth().isRenewable(), is(true));
} catch (VaultConnectorException e) { } catch (VaultConnectorException e) {
fail("Secret written to inaccessible path."); assertThat(e, is(instanceOf(InvalidResponseException.class)));
assertThat(((InvalidResponseException)e).getStatusCode(), is(400));
/* Assert that the exception does not reveal token ID */
assertThat(stackTrace(e), not(stringContainsInOrder(token.getId())));
} }
} }