diff --git a/test/integration/sanity/vaultSecrets.test.js b/test/integration/sanity/vaultSecrets.test.js index 8725f19e6..c68d8297d 100644 --- a/test/integration/sanity/vaultSecrets.test.js +++ b/test/integration/sanity/vaultSecrets.test.js @@ -76,8 +76,7 @@ describe('vaultSecrets', function () { expect(response).to.have.property('code', 200); }); }); - - describe('should not resolve secrets with invalid domain', function () { + describe('should resolve secrets containing domains with protocol', function () { var testrun; before(function (done) { @@ -96,7 +95,7 @@ describe('vaultSecrets', function () { type: 'vault', value: 'postman', enabled: true, - _domains: ['https://postman.com'] + _domains: ['postman-echo.com'] }, { key: 'vault:var3', type: 'vault', value: 'password', enabled: true } ] @@ -105,7 +104,7 @@ describe('vaultSecrets', function () { item: { name: 'Vault Secrets Test Request', request: { - url: '{{vault:var1}}/basic-auth', + url: 'https://postman-echo.com/basic-auth', method: 'GET', auth: { type: 'basic', @@ -137,7 +136,7 @@ describe('vaultSecrets', function () { response = testrun.response.getCall(0).args[2]; expect(url).to.equal('https://postman-echo.com/basic-auth'); - expect(response).to.have.property('code', 401); + expect(response).to.have.property('code', 200); }); it('should be resolved in request auth', function () { @@ -146,10 +145,67 @@ describe('vaultSecrets', function () { auth = request.auth.parameters().toObject(); expect(auth).to.deep.include({ - username: '{{vault:var2}}', + username: 'postman', password: 'password' }); - expect(response).to.have.property('code', 401); + expect(response).to.have.property('code', 200); + }); + }); + + describe('should not resolve secrets with invalid domain', function () { + var testrun; + + before(function (done) { + this.run({ + vaultSecrets: { + values: [ + { + key: 'vault:var1', + type: 'vault', + value: 'https://postman-echo.com', + enabled: true, + _domains: [] + }, + { + key: 'vault:var2', + type: 'vault', + value: 'postman', + enabled: true, + _domains: ['https://postman.com'] + }, + { key: 'vault:var3', type: 'vault', value: 'password', enabled: true } + ] + }, + collection: { + item: { + name: 'Vault Secrets Test Request', + request: { + url: '{{vault:var1}}/get?var2={{vault:var2}}&var3={{vault:var3}}', + method: 'GET' + } + } + } + }, function (err, results) { + testrun = results; + done(err); + }); + }); + + it('should have completed the run', function () { + expect(testrun).to.be.ok; + expect(testrun.done.getCall(0).args[0]).to.be.null; + expect(testrun).to.nested.include({ + 'done.calledOnce': true, + 'start.calledOnce': true + }); + }); + + it('should only resolve secrets with matching domain in request URL', function () { + var url = testrun.request.getCall(0).args[3].url.toString(), + response = testrun.response.getCall(0).args[2]; + + expect(url).to.equal('https://postman-echo.com/get?var2=%7B%7Bvault:var2%7D%7D&var3=password'); + expect(response).to.have.property('code', 200); }); }); @@ -266,7 +322,7 @@ describe('vaultSecrets', function () { item: { name: 'Vault Secrets Test Request', request: { - url: 'https://my.postman-echo.com/basic-auth', + url: 'https://www.postman-echo.com/basic-auth', method: 'GET', auth: { type: 'basic', @@ -294,23 +350,27 @@ describe('vaultSecrets', function () { }); it('should be resolved in request URL', function () { - var url = testrun.request.getCall(0).args[3].url.toString(); + var url = testrun.request.getCall(0).args[3].url.toString(), + response = testrun.response.getCall(0).args[2]; - expect(url).to.equal('https://my.postman-echo.com/basic-auth'); + expect(url).to.equal('https://www.postman-echo.com/basic-auth'); + expect(response).to.have.property('code', 200); }); it('should be resolved in request auth', function () { var request = testrun.response.getCall(0).args[3], + response = testrun.response.getCall(0).args[2], auth = request.auth.parameters().toObject(); expect(auth).to.deep.include({ username: 'postman', password: 'password' }); + expect(response).to.have.property('code', 200); }); }); - describe('should correctly resolve secrets with environment in non domain matching part of url', function () { + describe('should correctly resolve secrets with variable in non domain matching part of url', function () { var testrun; before(function (done) { @@ -345,7 +405,82 @@ describe('vaultSecrets', function () { item: { name: 'Vault Secrets Test Request', request: { - url: 'https://my.postman-echo.com/{{vault:pathVar}}', + url: 'https://www.postman-echo.com/{{vault:pathVar}}', + method: 'GET', + auth: { + type: 'basic', + basic: [ + { key: 'username', value: '{{vault:var2}}' }, + { key: 'password', value: '{{vault:var3}}' } + ] + } + } + } + } + }, function (err, results) { + testrun = results; + done(err); + }); + }); + + it('should have completed the run', function () { + expect(testrun).to.be.ok; + expect(testrun.done.getCall(0).args[0]).to.be.null; + expect(testrun).to.nested.include({ + 'done.calledOnce': true, + 'start.calledOnce': true + }); + }); + + it('should be resolved in request URL', function () { + var url = testrun.request.getCall(0).args[3].url.toString(), + response = testrun.response.getCall(0).args[2]; + + expect(url).to.equal('https://www.postman-echo.com/basic-auth'); + expect(response).to.have.property('code', 200); + }); + + it('should be resolved in request auth', function () { + var request = testrun.response.getCall(0).args[3], + response = testrun.response.getCall(0).args[2], + auth = request.auth.parameters().toObject(); + + expect(auth).to.deep.include({ + username: 'postman', + password: 'password' + }); + expect(response).to.have.property('code', 200); + }); + }); + describe('should resolve when domains contains multiple elements', function () { + var testrun; + + before(function (done) { + this.run({ + vaultSecrets: { + values: [ + { + key: 'vault:var1', + type: 'vault', + value: 'https://postman-echo.com', + enabled: true, + _domains: [] + }, + { + key: 'vault:var2', + type: 'vault', + value: 'postman', + enabled: true, + _domains: ['https://postman.com', 'https://getpostman.com', 'https://*.postman-echo.com'] + }, + { key: 'vault:var3', type: 'vault', value: 'password', enabled: true } + ] + }, + collection: { + item: { + name: 'Vault Secrets Test Request', + request: { + url: 'https://postman-echo.com/basic-auth', method: 'GET', auth: { type: 'basic', @@ -373,19 +508,114 @@ describe('vaultSecrets', function () { }); it('should be resolved in request URL', function () { - var url = testrun.request.getCall(0).args[3].url.toString(); + var url = testrun.request.getCall(0).args[3].url.toString(), + response = testrun.response.getCall(0).args[2]; - expect(url).to.equal('https://my.postman-echo.com/basic-auth'); + expect(url).to.equal('https://postman-echo.com/basic-auth'); + expect(response).to.have.property('code', 200); }); it('should be resolved in request auth', function () { var request = testrun.response.getCall(0).args[3], + response = testrun.response.getCall(0).args[2], + auth = request.auth.parameters().toObject(); + + expect(auth).to.deep.include({ + username: 'postman', + password: 'password' + }); + expect(response).to.have.property('code', 200); + }); + }); + describe('should resolve for multiple requests in a collection', function () { + var testrun; + + before(function (done) { + this.run({ + vaultSecrets: { + values: [ + { + key: 'vault:var1', + type: 'vault', + value: 'https://postman-echo.com', + enabled: true, + _domains: [] + }, + { + key: 'vault:var2', + type: 'vault', + value: 'postman', + enabled: true, + _domains: ['https://postman.com', 'https://getpostman.com', 'https://*.postman-echo.com'] + }, + { key: 'vault:var3', type: 'vault', value: 'password', enabled: true } + ] + }, + collection: { + item: [ + { + name: 'Vault Secrets Test Request', + request: { + url: 'https://postman-echo.com/basic-auth', + method: 'GET', + auth: { + type: 'basic', + basic: [ + { key: 'username', value: '{{vault:var2}}' }, + { key: 'password', value: '{{vault:var3}}' } + ] + } + } + }, { + name: 'Vault Secrets Test Request II', + request: { + url: 'https://postman-echo.com/get?var3={{vault:var3}}', + method: 'GET' + } + } + ] + } + }, function (err, results) { + testrun = results; + done(err); + }); + }); + + it('should have completed the run', function () { + expect(testrun).to.be.ok; + expect(testrun.done.getCall(0).args[0]).to.be.null; + expect(testrun).to.nested.include({ + 'done.calledOnce': true, + 'start.calledOnce': true + }); + }); + + it('should be resolved in request URL for first request', function () { + var url = testrun.request.getCall(0).args[3].url.toString(), + response = testrun.response.getCall(0).args[2]; + + expect(url).to.equal('https://postman-echo.com/basic-auth'); + expect(response).to.have.property('code', 200); + }); + + it('should be resolved in request auth for first request', function () { + var request = testrun.response.getCall(0).args[3], + response = testrun.response.getCall(0).args[2], auth = request.auth.parameters().toObject(); expect(auth).to.deep.include({ username: 'postman', password: 'password' }); + expect(response).to.have.property('code', 200); + }); + + it('should be resolved in request URL for second request', function () { + var url = testrun.request.getCall(1).args[3].url.toString(), + response = testrun.response.getCall(1).args[2]; + + expect(url).to.equal('https://postman-echo.com/get?var3=password'); + expect(response).to.have.property('code', 200); }); }); });