diff --git a/config/astral.yml b/config/astral.yml index 8700280..733b9b9 100644 --- a/config/astral.yml +++ b/config/astral.yml @@ -55,7 +55,7 @@ shared: initial_user_name: test initial_user_password: test - initial_user_email: john.doe@example.com + initial_user_email: test2024@example.com test: cert_ttl: <%= 24.hours.in_seconds %> diff --git a/test/lib/clients/vault_test.rb b/test/lib/clients/vault_test.rb index 95860b2..309ee69 100644 --- a/test/lib/clients/vault_test.rb +++ b/test/lib/clients/vault_test.rb @@ -129,30 +129,45 @@ class VaultTest < ActiveSupport::TestCase test "entity_alias methods" do # confirm no entity yet + auth_path = "token" err = assert_raises RuntimeError do - @client.read_entity_alias(@entity_name, @alias_name) + @client.read_entity_alias(@entity_name, @alias_name, auth_path) end assert_match /no such entity/, err.message # confirm no alias yet @client.put_entity(@entity_name, @policies) err = assert_raises RuntimeError do - @client.read_entity_alias(@entity_name, @alias_name) + @client.read_entity_alias(@entity_name, @alias_name, auth_path) end assert_match /no such alias/, err.message - # create alias - auth_method = "token" - @client.put_entity_alias(@entity_name, @alias_name, auth_method) - entity_alias = @client.read_entity_alias(@entity_name, @alias_name) - assert_equal auth_method, entity_alias.data[:mount_type] + # create token alias + @client.put_entity_alias(@entity_name, @alias_name, auth_path) + entity_alias = @client.read_entity_alias(@entity_name, @alias_name, auth_path) + assert_equal auth_path, entity_alias.data[:mount_type] + + # create different alias type with same name + oidc_path = "oidc" + @client.put_entity_alias(@entity_name, @alias_name, oidc_path) + entity_alias = @client.read_entity_alias(@entity_name, @alias_name, oidc_path) + assert_equal oidc_path, entity_alias.data[:mount_type] + + + # confirm two aliases + entity = @client.read_entity(@entity_name) + assert_equal 2, entity.data[:aliases].size # confirm deleted alias - assert_equal true, @client.delete_entity_alias(@entity_name, @alias_name) + assert_equal true, @client.delete_entity_alias(@entity_name, @alias_name, auth_path) err = assert_raises RuntimeError do - @client.delete_entity_alias(@entity_name, @alias_name) + @client.delete_entity_alias(@entity_name, @alias_name, auth_path) end assert_match /no such alias/, err.message + + # confirm 1 aliases + entity = @client.read_entity(@entity_name) + assert_equal 1, entity.data[:aliases].size end test ".assign_entity_policy creates valid entity" do diff --git a/test/test_helper.rb b/test/test_helper.rb index 124da9e..8157058 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -15,11 +15,16 @@ class TestCase # Helper methods def jwt_authorized - "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJqb2huLmRvZUBleGFtcGxlLmNvbSIsIm5hbWUiOiJKb2huIERvZSIsImlhdCI6MTUxNjIzOTAyMiwiZ3JvdXBzIjpbImdyb3VwMSIsImdyb3VwMiJdLCJhdWQiOiJhc3RyYWwifQ.tfRLXmE_eq-piP88_clwPWrYfMAQbCJAeZQI6OFxZSI" + @@authorized_token ||= JWT.encode(@@authorized_data, Config[:jwt_signing_key]) end def jwt_unauthorized - "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJhcHBsaWNhdGlvbl9uYW1lIiwiY29tbW9uX25hbWUiOiJleGFtcGxlLmNvbSIsImlwX3NhbnMiOiIxMC4wLjEuMTAwIn0.gEUyaZcARiBQNq2RUwZU0MdFXqthyo_oSQ8DAgKvxCs" + @@unauthorized_token ||= JWT.encode(@@unauthorized_data, "bad_secret") end + + private + @@authorized_data = { "sub"=>"john.doe@example.com", "name"=>"John Doe", "iat"=>1516239022, + "groups"=>[ "group1", "group2" ], "aud"=>"astral" } + @@unauthorized_data = { "sub"=>"application_name", "common_name"=>"example.com", "ip_sans"=>"10.0.1.100" } end end