diff --git a/api/logical.go b/api/logical.go index 346a711931..89fd6f170b 100644 --- a/api/logical.go +++ b/api/logical.go @@ -129,11 +129,7 @@ func (c *Logical) Write(path string, data map[string]interface{}) (*Secret, erro return nil, err } - if resp.StatusCode == 200 { - return ParseSecret(resp.Body) - } - - return nil, nil + return ParseSecret(resp.Body) } func (c *Logical) Delete(path string) (*Secret, error) { @@ -159,11 +155,7 @@ func (c *Logical) Delete(path string) (*Secret, error) { return nil, err } - if resp.StatusCode == 200 { - return ParseSecret(resp.Body) - } - - return nil, nil + return ParseSecret(resp.Body) } func (c *Logical) Unwrap(wrappingToken string) (*Secret, error) { diff --git a/api/secret.go b/api/secret.go index b6517c44a9..e25962604b 100644 --- a/api/secret.go +++ b/api/secret.go @@ -1,6 +1,7 @@ package api import ( + "bytes" "fmt" "io" "time" @@ -298,9 +299,20 @@ type SecretAuth struct { // ParseSecret is used to parse a secret value from JSON from an io.Reader. func ParseSecret(r io.Reader) (*Secret, error) { + // First read the data into a buffer. Not super efficient but we want to + // know if we actually have a body or not. + var buf bytes.Buffer + _, err := buf.ReadFrom(r) + if err != nil { + return nil, err + } + if buf.Len() == 0 { + return nil, nil + } + // First decode the JSON into a map[string]interface{} var secret Secret - if err := jsonutil.DecodeJSONFromReader(r, &secret); err != nil { + if err := jsonutil.DecodeJSONFromReader(&buf, &secret); err != nil { return nil, err } diff --git a/command/lease_revoke_test.go b/command/lease_revoke_test.go index 97904a4d7f..1aa58c38ac 100644 --- a/command/lease_revoke_test.go +++ b/command/lease_revoke_test.go @@ -37,6 +37,12 @@ func TestLeaseRevokeCommand_Run(t *testing.T) { { "single", nil, + "All revocation operations queued successfully", + 0, + }, + { + "single_sync", + []string{"-sync"}, "Success", 0, }, @@ -49,6 +55,12 @@ func TestLeaseRevokeCommand_Run(t *testing.T) { { "prefix", []string{"-prefix"}, + "All revocation operations queued successfully", + 0, + }, + { + "prefix_sync", + []string{"-prefix", "-sync"}, "Success", 0, }, diff --git a/http/handler_test.go b/http/handler_test.go index 34ef71f3aa..ca9a945788 100644 --- a/http/handler_test.go +++ b/http/handler_test.go @@ -147,12 +147,7 @@ func TestHandler_Accepted(t *testing.T) { t.Fatalf("err: %s", err) } - t.Logf("%#v", resp) - testResponseStatus(t, resp, 202) - if resp.Body != http.NoBody { - t.Fatal("got non-empty body") - } } // We use this test to verify header auth diff --git a/logical/response.go b/logical/response.go index 8a6402df12..96d4cce5e2 100644 --- a/logical/response.go +++ b/logical/response.go @@ -150,7 +150,10 @@ func RespondWithStatusCode(resp *Response, req *Request, code int) (*Response, e if resp != nil { httpResp := LogicalResponseToHTTPResponse(resp) - httpResp.RequestID = req.ID + + if req != nil { + httpResp.RequestID = req.ID + } body, err := json.Marshal(httpResp) if err != nil { diff --git a/vault/expiration_test.go b/vault/expiration_test.go index f9f360a077..fe0f56e1c0 100644 --- a/vault/expiration_test.go +++ b/vault/expiration_test.go @@ -684,7 +684,7 @@ func TestExpiration_RevokePrefix(t *testing.T) { } // Should nuke all the keys - if err := exp.RevokePrefix("prod/aws/"); err != nil { + if err := exp.RevokePrefix("prod/aws/", true); err != nil { t.Fatalf("err: %v", err) } @@ -1489,7 +1489,7 @@ func TestExpiration_revokeEntry_rejected(t *testing.T) { t.Fatal(err) } - err = exp.Revoke(le.LeaseID) + err = exp.LazyRevoke(le.LeaseID) if err != nil { t.Fatal(err) } @@ -1527,7 +1527,7 @@ func TestExpiration_revokeEntry_rejected(t *testing.T) { t.Fatal(err) } if le != nil { - t.Fatal("ugh") + t.Fatal("lease entry not nil") } } diff --git a/vault/logical_system_integ_test.go b/vault/logical_system_integ_test.go index 735abd07b0..3a3c2ae4e3 100644 --- a/vault/logical_system_integ_test.go +++ b/vault/logical_system_integ_test.go @@ -666,6 +666,11 @@ func TestSystemBackend_InternalUIResultantACL(t *testing.T) { "update", }, }, + "sys/control-group/request": map[string]interface{}{ + "capabilities": []interface{}{ + "update", + }, + }, "sys/internal/ui/resultant-acl": map[string]interface{}{ "capabilities": []interface{}{ "read", diff --git a/vault/token_store_test.go b/vault/token_store_test.go index 9acff94c20..80dc81dce1 100644 --- a/vault/token_store_test.go +++ b/vault/token_store_test.go @@ -4066,7 +4066,7 @@ func TestTokenStore_TidyLeaseRevocation(t *testing.T) { } // Call tidy - ts.handleTidy(context.Background(), nil, nil) + ts.handleTidy(context.Background(), &logical.Request{}, nil) time.Sleep(200 * time.Millisecond)