private static void InitializeVault() { // for all the tests to run smoothly, this is the only method, // you need to setup your initial values. // Ensure you have an instance of Vault Server started up but not initialized. /* * * backend "file" { * path = "e:\raja\work\vault\file_backend" * } * * listener "tcp" { * address = "127.0.0.1:8200" * tls_disable = 1 * } * * rd file_backend /S /Q * vault server -config f.hcl * */ var vaultUriWithPort = "http://127.0.0.1:8200"; _vaultUri = new Uri(vaultUriWithPort); _unauthenticatedVaultClient = VaultClientFactory.CreateVaultClient(_vaultUri, null); if (DevServer) { _masterCredentials = new MasterCredentials { MasterKeys = new[] { MasterKey }, RootToken = RootToken }; IAuthenticationInfo devRootTokenInfo = new TokenAuthenticationInfo(_masterCredentials.RootToken); _authenticatedVaultClient = VaultClientFactory.CreateVaultClient(_vaultUri, devRootTokenInfo); return; } // BEGIN setting values var fileName = "E:\\raja\\work\\vault0.6.1\\StartVault.cmd"; var process = Process.Start(new ProcessStartInfo(fileName)); Assert.NotNull(process); _vaultServerProcessId = process.Id; // END setting values var initialized = _unauthenticatedVaultClient.GetInitializationStatusAsync().Result; Assert.False(initialized); var healthStatus = _unauthenticatedVaultClient.GetHealthStatusAsync().Result; Assert.False(healthStatus.Initialized); // try to initialize with mismatched PGP Key var invalidPgpException = Assert.Throws <AggregateException>( () => _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 5, SecretThreshold = 3, PgpKeys = new[] { Convert.ToBase64String(Encoding.UTF8.GetBytes("pgp_key1")) } }).Result); Assert.NotNull(invalidPgpException.InnerException); Assert.True(invalidPgpException.InnerException.Message.Contains("400 BadRequest")); _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 7, SecretThreshold = 6 }).Result; Assert.NotNull(_masterCredentials); Assert.NotNull(_masterCredentials.RootToken); Assert.NotNull(_masterCredentials.MasterKeys); Assert.True(_masterCredentials.MasterKeys.Length == 7); process.CloseMainWindow(); process.WaitForExit(); process = Process.Start(new ProcessStartInfo(fileName)); Assert.NotNull(process); _vaultServerProcessId = process.Id; // todo find valid PGP keys //var pgpKeys = new[] { Convert.ToBase64String(Encoding.UTF8.GetBytes("pgp_key1")), Convert.ToBase64String(Encoding.UTF8.GetBytes("pgp_key2")) }; //_masterCredentials = _unauthenticatedVaultClient.InitializeAsync(2, 2, pgpKeys).Result; //Assert.NotNull(_masterCredentials); //Assert.NotNull(_masterCredentials.RootToken); //Assert.NotNull(_masterCredentials.MasterKeys); //Assert.True(_masterCredentials.MasterKeys.Length == 5); //process.CloseMainWindow(); //process.WaitForExit(); //process = Process.Start(new ProcessStartInfo(fileName)); //Assert.NotNull(process); //_vaultServerProcessId = process.Id; _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 5, SecretThreshold = 3 }).Result; Assert.NotNull(_masterCredentials); Assert.NotNull(_masterCredentials.RootToken); Assert.NotNull(_masterCredentials.MasterKeys); Assert.True(_masterCredentials.MasterKeys.Length == 5); healthStatus = _unauthenticatedVaultClient.GetHealthStatusAsync().Result; Assert.True(healthStatus.Initialized); Assert.True(healthStatus.Sealed); // try to initialize an already initialized vault. var aggregateException = Assert.Throws <AggregateException>( () => _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 5, SecretThreshold = 3 }).Result); Assert.NotNull(aggregateException.InnerException); Assert.True(aggregateException.InnerException.Message.Contains("Vault is already initialized")); var sealStatus = _unauthenticatedVaultClient.GetSealStatusAsync().Result; if (sealStatus.Sealed) { foreach (var masterKey in _masterCredentials.MasterKeys) { sealStatus = _unauthenticatedVaultClient.UnsealAsync(masterKey).Result; if (!sealStatus.Sealed) { healthStatus = _unauthenticatedVaultClient.GetHealthStatusAsync().Result; Assert.True(healthStatus.Initialized); Assert.False(healthStatus.Sealed); // we are acting as the root user here. IAuthenticationInfo tokenAuthenticationInfo = new TokenAuthenticationInfo(_masterCredentials.RootToken); _authenticatedVaultClient = VaultClientFactory.CreateVaultClient(_vaultUri, tokenAuthenticationInfo); break; } } } }
private static void InitializeVault() { // for all the tests to run smoothly, this is the only method, // you need to setup your initial values. // Ensure you have an instance of Vault Server started up but not initialized. /* backend "file" { path = "e:\raja\work\vault\file_backend" } listener "tcp" { address = "127.0.0.1:8200" tls_disable = 1 } rd file_backend /S /Q vault server -config f.hcl */ var vaultUriWithPort = "http://127.0.0.1:8200"; _vaultUri = new Uri(vaultUriWithPort); _unauthenticatedVaultClient = VaultClientFactory.CreateVaultClient(_vaultUri, null); if (DevServer) { _masterCredentials = new MasterCredentials { MasterKeys = new[] { MasterKey }, RootToken = RootToken }; IAuthenticationInfo devRootTokenInfo = new TokenAuthenticationInfo(_masterCredentials.RootToken); _authenticatedVaultClient = VaultClientFactory.CreateVaultClient(_vaultUri, devRootTokenInfo); return; } // BEGIN setting values var fileName = "E:\\raja\\work\\vault0.6.1\\StartVault.cmd"; var process = Process.Start(new ProcessStartInfo(fileName)); Assert.NotNull(process); _vaultServerProcessId = process.Id; // END setting values var initialized = _unauthenticatedVaultClient.GetInitializationStatusAsync().Result; Assert.False(initialized); var healthStatus = _unauthenticatedVaultClient.GetHealthStatusAsync().Result; Assert.False(healthStatus.Initialized); // try to initialize with mismatched PGP Key var invalidPgpException = Assert.Throws<AggregateException>( () => _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 5, SecretThreshold = 3, PgpKeys = new[] { Convert.ToBase64String(Encoding.UTF8.GetBytes("pgp_key1")) } }).Result); Assert.NotNull(invalidPgpException.InnerException); Assert.True(invalidPgpException.InnerException.Message.Contains("400 BadRequest")); _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 7, SecretThreshold = 6 }).Result; Assert.NotNull(_masterCredentials); Assert.NotNull(_masterCredentials.RootToken); Assert.NotNull(_masterCredentials.MasterKeys); Assert.True(_masterCredentials.MasterKeys.Length == 7); process.CloseMainWindow(); process.WaitForExit(); process = Process.Start(new ProcessStartInfo(fileName)); Assert.NotNull(process); _vaultServerProcessId = process.Id; // todo find valid PGP keys //var pgpKeys = new[] { Convert.ToBase64String(Encoding.UTF8.GetBytes("pgp_key1")), Convert.ToBase64String(Encoding.UTF8.GetBytes("pgp_key2")) }; //_masterCredentials = _unauthenticatedVaultClient.InitializeAsync(2, 2, pgpKeys).Result; //Assert.NotNull(_masterCredentials); //Assert.NotNull(_masterCredentials.RootToken); //Assert.NotNull(_masterCredentials.MasterKeys); //Assert.True(_masterCredentials.MasterKeys.Length == 5); //process.CloseMainWindow(); //process.WaitForExit(); //process = Process.Start(new ProcessStartInfo(fileName)); //Assert.NotNull(process); //_vaultServerProcessId = process.Id; _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 5, SecretThreshold = 3 }).Result; Assert.NotNull(_masterCredentials); Assert.NotNull(_masterCredentials.RootToken); Assert.NotNull(_masterCredentials.MasterKeys); Assert.True(_masterCredentials.MasterKeys.Length == 5); healthStatus = _unauthenticatedVaultClient.GetHealthStatusAsync().Result; Assert.True(healthStatus.Initialized); Assert.True(healthStatus.Sealed); // try to initialize an already initialized vault. var aggregateException = Assert.Throws<AggregateException>( () => _masterCredentials = _unauthenticatedVaultClient.InitializeAsync(new InitializeOptions { SecretShares = 5, SecretThreshold = 3 }).Result); Assert.NotNull(aggregateException.InnerException); Assert.True(aggregateException.InnerException.Message.Contains("Vault is already initialized")); var sealStatus = _unauthenticatedVaultClient.GetSealStatusAsync().Result; if (sealStatus.Sealed) { foreach (var masterKey in _masterCredentials.MasterKeys) { sealStatus = _unauthenticatedVaultClient.UnsealAsync(masterKey).Result; if (!sealStatus.Sealed) { healthStatus = _unauthenticatedVaultClient.GetHealthStatusAsync().Result; Assert.True(healthStatus.Initialized); Assert.False(healthStatus.Sealed); // we are acting as the root user here. IAuthenticationInfo tokenAuthenticationInfo = new TokenAuthenticationInfo(_masterCredentials.RootToken); _authenticatedVaultClient = VaultClientFactory.CreateVaultClient(_vaultUri, tokenAuthenticationInfo); break; } } } }