UNPKG

vault-auth-aws

Version:

js module that get token from vault HashiCorp server by using AWS STS

github.com/abdullahshahin/vault-auth-aws

abdullahshahin/vault-auth-aws

157 lines (142 loc) 6.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
const expect = require('chai').expect, lab = exports.lab = require('@hapi/lab').script(), describe = lab.describe, it = lab.it; const configsObject = require('./../libs/configs'); describe('Testing Configuration files', () => { it('1) configs should be json format', () => { let myConfigs = new configsObject(validTestConfigs()); let configs = myConfigs.getConfigs(); let objectConstructor = {}.constructor; expect(configs.constructor).to.eq(objectConstructor); }); it('2) configs must include ssl, host, port, apiVersion, vaultLoginUrl, vaultAppName, uri, followAllRedirects', () => { let myConfigs = new configsObject(validTestConfigs()); let configs = myConfigs.getConfigs(); expect(typeof configs.ssl).to.eq('boolean'); expect(typeof configs.host).to.eq('string'); expect(typeof configs.port).to.eq('number'); expect(typeof configs.apiVersion).to.eq('string'); expect(typeof configs.vaultLoginUrl).to.eq('string'); expect(typeof configs.vaultAppName).to.eq('string'); expect(typeof configs.uri).to.eq('string'); expect(typeof configs.followAllRedirects).to.eq('boolean'); }); it('3) sslCertificate must be included in configs if certFilePath was included', () => { let myConfigs = new configsObject(validTestConfigsWithCert()); let configs = myConfigs.getConfigs(); expect(typeof configs.ssl).to.eq('boolean'); expect(typeof configs.host).to.eq('string'); expect(typeof configs.port).to.eq('number'); expect(typeof configs.apiVersion).to.eq('string'); expect(typeof configs.vaultLoginUrl).to.eq('string'); expect(typeof configs.vaultAppName).to.eq('string'); expect(typeof configs.uri).to.eq('string'); expect(typeof configs.followAllRedirects).to.eq('boolean'); expect(typeof configs.sslCertificate).to.eq('string'); }); it('4.1) configs validate must check the type of values of configs entered by the user, ssl part', () => { let myConfigs = new configsObject(inValidTestConfigs(0)); let validated = myConfigs.validateConfigs(); expect(validated.valid).to.be.false; expect(validated.details).to.eq('ssl must be boolean true or false'); }); it('4.2) configs validate must check the type of values of configs entered by the user, host part', () => { let myConfigs = new configsObject(inValidTestConfigs(1)); let validated = myConfigs.validateConfigs(); expect(validated.valid).to.be.false; expect(validated.details).to.eq('host must be an IP address or fully qualified domain name'); }); it('4.3) configs validate must check the type of values of configs entered by the user, port part', () => { let myConfigs = new configsObject(inValidTestConfigs(2)); let validated = myConfigs.validateConfigs(); expect(validated.valid).to.be.false; expect(validated.details).to.eq('port is a number and must be within 1 to 65536'); }); it('4.4) configs validate must check the type of values of configs entered by the user, apiVersion part', () => { let myConfigs = new configsObject(inValidTestConfigs(3)); let validated = myConfigs.validateConfigs(); expect(validated.valid).to.be.false; expect(validated.details).to.eq('API version is either v1 or v2'); }); it('4.5) configs validate must check the type of values of configs entered by the user, vaultAppName part', () => { let myConfigs = new configsObject(inValidTestConfigs(4)); let validated = myConfigs.validateConfigs(); expect(validated.valid).to.be.false; expect(validated.details).to.eq('vaultAppName must be string'); }); it('4.6) configs validate must check the type of values of configs entered by the user, followAllRedirects part', () => { let myConfigs = new configsObject(inValidTestConfigs(5)); let validated = myConfigs.validateConfigs(); expect(validated.valid).to.be.false; expect(validated.details).to.eq('followAllRedirects must be boolean'); }); it('4.7) configs validate must check the type of values of configs entered by the user, vaultLoginUrl part', () => { let myConfigs = new configsObject(inValidTestConfigs(6)); let validated = myConfigs.validateConfigs(); expect(validated.valid).to.be.false; expect(validated.details).to.eq('vaultLoginUrl must be string'); }); }); function validTestConfigs() { return { ssl: true, host: 'example.vault.com', vaultAppName: 'mySuperSecrets' }; } function validTestConfigsWithCert() { return { ssl: true, host: 'vault.example.com', vaultAppName: 'mySuperSecrets', certFilePath: './test/mocks/cert.pem' }; } function inValidTestConfigs (index) { let invalidConfigs = [ { ssl: "yes", host: 'vault.example.com', vaultAppName: 'mySuperSecrets', certFilePath: './test/mocks/cert.pem' }, { ssl: true, host: 'http://vault.example.com', vaultAppName: 'mySuperSecrets', certFilePath: './test/mocks/cert.pem' }, { ssl: true, host: 'vault.example.com', vaultAppName: 'mySuperSecrets', port: 123124412321 } , { ssl: true, host: 'vault.example.com', vaultAppName: 'mySuperSecrets', apiVersion: 1 }, { ssl: true, host: 'vault.example.com', vaultAppName: true }, { ssl: true, host: 'vault.example.com', vaultAppName: 'mySuperSecrets', followAllRedirects: 'true' }, { ssl: true, host: 'vault.example.com', vaultAppName: 'mySuperSecrets', vaultLoginUrl: true } ]; return invalidConfigs[index]; }