示例#1
0
        public async Task AppRoleLoginConnector_Test()
        {
            // PRE-Test

            VaultSystemBackend vaultSystemBackend = new VaultSystemBackend(_vault.TokenID, _vault);
            string             approleMountName   = _UK.GetKey("AppAuth");

            // Create an AppRole authentication connection.
            AppRoleAuthEngine appRoleAuthEngine = (AppRoleAuthEngine)_vault.ConnectAuthenticationBackend(EnumBackendTypes.A_AppRole, "AppRole", approleMountName);


            // Create an Authentication method of App Role.	- This only needs to be done when the Auth method is created.
            AuthMethod am = new AuthMethod(approleMountName, EnumAuthMethods.AppRole);
            bool       rc = await vaultSystemBackend.AuthEnable(am);

            string  rName = _UK.GetKey("Role");
            AppRole roleA = new AppRole(rName);

            Assert.True(await appRoleAuthEngine.SaveRole(roleA));

            string roleID = await appRoleAuthEngine.ReadRoleID(roleA.Name);

            // Now create the a secret
            AppRoleSecret secret_A = await appRoleAuthEngine.GenerateSecretID(roleA.Name);


            // ACTUAL TEST
            // Create Login Connector
            AppRoleLoginConnector loginConnector = new AppRoleLoginConnector(_vault, approleMountName, "Test AppRole", roleID, secret_A.ID);
            bool result = await loginConnector.Connect(true);

            Assert.IsTrue(result, "A10:  Login Failed");
        }
示例#2
0
        /// <summary>
        /// This particular test was running consistently 15x slower than any other test.  ~250ms
        /// </summary>
        /// <returns></returns>
        public async Task AppRoleBE_UpdateRoleID()
        {
            string  rName = _uniqueKeys.GetKey("Role");
            AppRole ar    = new AppRole(rName);
            bool    rc    = await _appRoleAuthEngine.SaveRole(ar);

            // Now read a Role ID for it.
            string roleID = await _appRoleAuthEngine.ReadRoleID(ar.Name);

            // Update the role ID
            rc = await _appRoleAuthEngine.UpdateAppRoleID(ar.Name, "newDomain");

            string roleIDNew = await _appRoleAuthEngine.ReadRoleID(ar.Name);

            Assert.AreEqual("newDomain", roleIDNew);
            Console.WriteLine("AppRoleBE_UpdateRoleID Finished OK!");
        }
示例#3
0
        // Sets up a fixed number of Application Roles, that should be consistent between runs.
        private async Task SetupRoles()
        {
            roles     = new string[10];
            roles [0] = "abcxyz123";
            roles [1] = "zyxabc986";
            roles [2] = "master";
            roles [3] = "secondary";
            roles [4] = "tertiary";
            roles [5] = "usa";
            roles [6] = "wildcats";
            roles [7] = "somerandomrolename";
            roles [8] = "borg";
            roles [9] = "terminator";

            // Now create / update these roles.
            foreach (string role in roles)
            {
                AppRole a = new AppRole(role);
                await _appRoleAuthEngine.SaveRole(a);
            }
        }
示例#4
0
        public async Task MountDefaultAppRoleMount_Success()
        {
            AppRoleAuthEngine defaultBE = (AppRoleAuthEngine)_vault.ConnectAuthenticationBackend(EnumBackendTypes.A_AppRole);
            AuthMethod        defaultAM = new AuthMethod(defaultBE.MountPoint, EnumAuthMethods.AppRole);

            try {
                Assert.True(await _vaultSystemBackend.AuthEnable(defaultAM));
            }
            catch (VaultException e) {
                if (e.SpecificErrorCode == EnumVaultExceptionCodes.BackendMountAlreadyExists)
                {
                    // Disable and re-enable to confirm we can do this.
                    Assert.True(await _vaultSystemBackend.AuthDisable(defaultAM));
                    Assert.True(await _vaultSystemBackend.AuthEnable(defaultAM));
                }
                else
                {
                    Assert.Fail("Unexpected Vault Error - " + e.Message);
                }
            }
            catch (Exception e) {
                Assert.Fail("Unexpected error from Vault: " + e.Message);
            }


            string  name = _uniqueKeys.GetKey("RoleDef");
            AppRole ar   = new AppRole(name);

            Assert.True(await _appRoleAuthEngine.SaveRole(ar));
        }