public async void PartialUnsealAfterInit()
        {
            var unsealKeys = TestUnsealKeys.ToArray();

            using (var client = new VaultClient(TestVaultAddress))
            {
                var sealStatus = await client.GetSealStatusAsync();

                //Assert.Equal(0, sealStatus.Progress);
                Assert.Equal(true, sealStatus.Sealed);
                Assert.Equal(unsealKeys.Length, sealStatus.SecretShares);
                Assert.True(sealStatus.SecretShares > sealStatus.SecretThreshold);

                var partialKeys = unsealKeys.Take(sealStatus.SecretThreshold - 1);
                foreach (var key in partialKeys)
                {
                    sealStatus = await client.DoUnsealAsync(new UnsealRequest { Key = key });

                    Assert.Equal(1, sealStatus.Progress);
                    Assert.Equal(true, sealStatus.Sealed);
                    Assert.Equal(unsealKeys.Length, sealStatus.SecretShares);
                    Assert.Equal(partialKeys.Count(), sealStatus.SecretThreshold - 1);
                }

                sealStatus = await client.DoUnsealAsync(new UnsealRequest { Reset = true });

                Assert.Equal(0, sealStatus.Progress);
                Assert.Equal(true, sealStatus.Sealed);
                Assert.Equal(unsealKeys.Length, sealStatus.SecretShares);
                Assert.Equal(partialKeys.Count(), sealStatus.SecretThreshold - 1);
            }
        }
 public async void GetLeaderStatusBeforeInit()
 {
     using (var client = new VaultClient(TestVaultAddress))
     {
         var leaderStatus = await client.GetLeaderAsync();
     }
 }
 public async void ResetUnsealAfterInit()
 {
     using (var client = new VaultClient(TestVaultAddress))
     {
         await client.DoUnsealAsync(new UnsealRequest { Reset = true });
     }
 }
        public async void MountRemountUnmountBackend()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var list = await client.ListMountedBackendsAsync();

                Assert.DoesNotContain("test-generic/", list.Data.Keys);

                await client.MountBackendAsync("test-generic", "generic", "TEST GENERIC MOUNT");

                list = await client.ListMountedBackendsAsync();

                Assert.Contains("test-generic/", list.Data.Keys);
                Assert.Equal("generic", list.Data["test-generic/"].Type);

                await client.RemountBackendAsync("test-generic", "new-test-generic");

                list = await client.ListMountedBackendsAsync();

                Assert.DoesNotContain("test-generic/", list.Data.Keys);
                Assert.Contains("new-test-generic/", list.Data.Keys);
                Assert.Equal("generic", list.Data["new-test-generic/"].Type);

                await client.UnmountBackendAsync("new-test-generic");

                list = await client.ListMountedBackendsAsync();

                Assert.DoesNotContain("test-generic/", list.Data.Keys);
                Assert.DoesNotContain("new-test-generic/", list.Data.Keys);
            }
        }
        public async void GetInitStatusBeforeInit()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                var initStatus = await client.GetInitializationStatusAsync();

                Assert.Equal(false, initStatus.Initialized);
            }
        }
        public async void WriteSecretUsingDictionary()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                await client.WriteGenericSecretAsync("foo1", SampleSecrets1);
            }
        }
        public async void WriteSecretUsingObject()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                await client.WriteGenericSecretAsync("foo2", SampleSecrets2);
            }
        }
예제 #8
0
 public async void GetHelpForReadSecret()
 {
     using (var client = new VaultClient(TestVaultAddress)
     {
         VaultToken = TestRootToken,
     })
     {
         var help = await client.GetHelpAsync("secret/foo-bar");
     }
 }
        public async void GetHealthBeforeInit()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                var health = await client.GetHealthAsync();

                Assert.Equal(false, health.Initialized);
                Assert.Equal(true, health.Sealed);
                Assert.Equal(true, health.Standby);
            }
        }
        public async void GetSealStatusBeforeInit()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                var ex = await Assert.ThrowsAsync <VaultClientException>(
                    async() => await client.GetSealStatusAsync());

                Assert.Equal(HttpStatusCode.BadRequest, ex.StatusCode);
                Assert.Equal("server is not yet initialized", ex.Errors?.Errors?.FirstOrDefault());
            }
        }
        public async void GetKeyStatusBeforeInit()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                var ex = await Assert.ThrowsAsync <VaultClientException>(
                    async() => await client.GetKeyStatusAsync());

                Assert.Equal(HttpStatusCode.ServiceUnavailable, ex.StatusCode);
                Assert.Equal("Vault is sealed", ex.Errors?.Errors?.FirstOrDefault());
            }
        }
예제 #12
0
        public async void ListUsersBeforeAdd()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var users = await client.ListUserpassUsersAsync();

                Assert.Equal(0, (users?.Data?.Keys?.Count()).GetValueOrDefault());
            }
        }
        public async void ListNoSecrets()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var list = await client.ListGenericSecretsAsync();

                Assert.Equal(0, (list?.Data?.Keys?.Where(x =>
                                                         new[] { "foo1", "foo2" }.Contains(x))?.Count()).GetValueOrDefault());
            }
        }
        public async void ReadPlugin()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                // Query for a plugin we expect to be there in a default setup
                var info = await client.ReadPluginAsync("mssql-database-plugin");

                Assert.Equal("mssql-database-plugin", info.Data.Name);
            }
        }
예제 #15
0
        public async void ConfirmUserpassAuthIsEnabled()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var auths = await client.ListAuthBackendsAsync();

                var expectedMount = $"{UserpassAuthExtensions.DefaultMountName}/";
                Assert.Contains(expectedMount, auths.Data.Keys);
            }
        }
예제 #16
0
        public async void CreateUser()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                await client.CreateUserpassUserAsync("foo", "bar");

                var users = await client.ListUserpassUsersAsync();

                Assert.Contains("foo", users.Data.Keys);
            }
        }
        public async void WriteAribtraryBytes()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var bytes = new byte[] { 0, 1, 2, 3, 4, 5 };
                var ex    = await Assert.ThrowsAsync <VaultClientException>(
                    async() => await client.WriteAsync("secret/secret-o-bytes", bytes));

                Assert.Equal(HttpStatusCode.BadRequest, ex.StatusCode);
            }
        }
        public async void ReadNoSuchPlugin()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                // Query for a plugin we expect to be there in a default setup
                var ex = await Assert.ThrowsAsync <VaultClientException>(async() =>
                                                                         await client.ReadPluginAsync("no-such-plugin"));

                Assert.Equal(HttpStatusCode.NotFound, ex.StatusCode);
            }
        }
        public async void GetSealStatusAfterUnseal()
        {
            var unsealKeys = TestUnsealKeys.ToArray();

            using (var client = new VaultClient(TestVaultAddress))
            {
                var sealStatus = await client.GetSealStatusAsync();

                Assert.Equal(0, sealStatus.Progress);
                Assert.Equal(false, sealStatus.Sealed);
                Assert.Equal(unsealKeys.Length, sealStatus.SecretShares);
                Assert.True(sealStatus.SecretShares > sealStatus.SecretThreshold);
            }
        }
예제 #20
0
        public async void DeleteUser()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                await client.DeleteUserpassUserAsync("foo");

                var users = await client.ListUserpassUsersAsync();

                Assert.False((users?.Data?.Keys?.Contains("foo")).GetValueOrDefault(),
                             "Deleted user does not exist");
            }
        }
        public async void RegisterNoSuchPlugin()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                // Query for a plugin we expect to be there in a default setup
                var ex = await Assert.ThrowsAsync <VaultClientException>(async() =>
                                                                         await client.RegisterPluginAsync("no-such-plugin",
                                                                                                          MockPluginSha256, "no-such-plugin.exe"));

                Assert.Equal(HttpStatusCode.InternalServerError, ex.StatusCode);
            }
        }
예제 #22
0
        public async void DeleteNonExistingUser()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var nonUser = "******";
                var users   = await client.ListUserpassUsersAsync();

                Assert.False((users?.Data?.Keys?.Contains(nonUser)).GetValueOrDefault(),
                             "Deleted user does not exist");
                await client.DeleteUserpassUserAsync(nonUser);
            }
        }
        public async void SealAfterUnseal()
        {
            var rootToken = TestConfig.RootTokens[TestConfig.TestVaultAddress];

            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = rootToken;
                await client.DoSealAsync();

                var sealStatus = await client.GetSealStatusAsync();

                Assert.Equal(0, sealStatus.Progress);
                Assert.Equal(true, sealStatus.Sealed);
            }
        }
예제 #24
0
        public async void WriteSecretWithoutAuth()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                var ex = await Assert.ThrowsAsync <VaultClientException>(async() =>
                                                                         await client.WriteAsync("secret/any-place-we-choose", new
                {
                    a = 1,
                    B = 2,
                }));

                Assert.Equal(HttpStatusCode.BadRequest, ex.StatusCode);
                Assert.Equal("missing client token", ex.Errors?.Errors?.FirstOrDefault());
            }
        }
예제 #25
0
 public async void WriteSecret()
 {
     using (var client = new VaultClient(TestVaultAddress)
     {
         VaultToken = TestRootToken,
     })
     {
         await client.WriteAsync("secret/foo2", new
         {
             a   = 1,
             B   = "Two",
             c   = DateTime.Now,
             DDD = Encoding.UTF8.GetBytes("Hello World!!!"),
         });
     }
 }
        public async void MountOverlapPrevented()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var mounts = await client.ListMountedBackendsAsync();

                Assert.DoesNotContain("a/", mounts.Data.Keys);
                Assert.DoesNotContain("a/b/", mounts.Data.Keys);
                Assert.DoesNotContain("a/b/c/", mounts.Data.Keys);
                Assert.DoesNotContain("a/b/c/d/", mounts.Data.Keys);
                Assert.DoesNotContain("a/b/c/d/e/", mounts.Data.Keys);
                Assert.DoesNotContain("a/b/c/d/e/f/", mounts.Data.Keys);

                try
                {
                    await client.MountBackendAsync("a/b/c", "generic");

                    mounts = await client.ListMountedBackendsAsync();

                    Assert.Contains("a/b/c/", mounts.Data.Keys);


                    var ex = await Assert.ThrowsAsync <VaultClientException>(
                        async() => await client.MountBackendAsync("a/b/c/d", "generic"));

                    Assert.Equal(HttpStatusCode.BadRequest, ex.StatusCode);
                    Assert.Equal("existing mount at a/b/c/", ex.Errors.Errors.First());

                    mounts = await client.ListMountedBackendsAsync();

                    Assert.DoesNotContain("a/b/c/d/", mounts.Data.Keys);
                }
                finally
                {
                    await client.UnmountBackendAsync("a/b/c/d");

                    await client.UnmountBackendAsync("a/b/c");
                }

                mounts = await client.ListMountedBackendsAsync();

                Assert.DoesNotContain("a/b/c/d/", mounts.Data.Keys);
                Assert.DoesNotContain("a/b/c/", mounts.Data.Keys);
            }
        }
예제 #27
0
        public async void LoginUserWithBadPassword()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var users = await client.ListUserpassUsersAsync();

                Assert.Contains("foo", users.Data.Keys);

                var ex = await Assert.ThrowsAsync <VaultClientException>(async() =>
                                                                         await client.LoginUserpassAsync("foo", "with-bad-password"));

                Assert.Equal(HttpStatusCode.BadRequest, ex.StatusCode);
                Assert.Equal("invalid username or password", ex.Errors.Errors.First());
            }
        }
        public async void ReadSecretUsingObject()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var secrets = await client.ReadGenericSecretAsync("foo2");

                var expected = SampleSecrets2.GetType().GetProperties().Select(x => x.Name).ToHashSet();
                var actual   = secrets.Data.Keys.ToHashSet();

                Assert.Subset(expected, actual);
                Assert.Superset(expected, actual);

                //Assert.StrictEqual(SampleSecrets2, secrets.Data);
            }
        }
        public async void ReadSecretUsingDictionary()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;

                var secrets = await client.ReadGenericSecretAsync("foo1");

                var expected = SampleSecrets1.Keys.ToHashSet();
                var actual   = secrets.Data.Keys.ToHashSet();

                Assert.Subset(expected, actual);
                Assert.Superset(expected, actual);

                //Assert.StrictEqual(SampleSecrets1, secrets.Data);
            }
        }
        public async void ConfirmBaseAuthAreEnabled()
        {
            using (var client = new VaultClient(TestVaultAddress))
            {
                client.VaultToken = TestRootToken;
                var auths = await client.ListAuthBackendsAsync();

                var tokenMount    = $"{TokenAuthExtensions.DefaultMountName}/";
                var userpassMount = $"{UserpassAuthExtensions.DefaultMountName}/";

                Assert.Contains(tokenMount, auths.Data.Keys);
                Assert.Contains(userpassMount, auths.Data.Keys);

                Assert.Equal(TokenAuthExtensions.AuthTypeName, auths.Data[tokenMount].Type);
                Assert.Equal(UserpassAuthExtensions.AuthTypeName, auths.Data[userpassMount].Type);
            }
        }