chore(test): add revoke test (#10)

* chore(test): add revoke test
thevilledev · Jul 5, 2023 · 48d886b · 48d886b
1 parent 59a37c3
commit 48d886b
Show file tree

Hide file tree

Showing 6 changed files with 123 additions and 7 deletions.
diff --git a/pkg/client/client.go b/pkg/client/client.go
@@ -9,8 +9,8 @@ import (
 )
 
 const (
-	BaseURL     = "https://api.vercel.com/v3"
-	httpTimeout = 60 * time.Second
+	DefaultBaseURL = "https://api.vercel.com/v3"
+	httpTimeout    = 60 * time.Second
 )
 
 type Client struct {
@@ -21,7 +21,7 @@ type Client struct {
 
 func New(apiKey string) *Client {
 	return &Client{
-		baseURL: BaseURL,
+		baseURL: DefaultBaseURL,
 		httpClient: &http.Client{
 			Timeout: httpTimeout,
 		},

diff --git a/pkg/client/token.go b/pkg/client/token.go
@@ -85,8 +85,16 @@ func (c *Client) DeleteAuthToken(ctx context.Context, req *DeleteAuthTokenReques
 		return nil, err
 	}
 
+	validStatusAbove := 200
+	invalidStatusBelow := 300
+
+	ok := res.StatusCode >= validStatusAbove && res.StatusCode < invalidStatusBelow
+	if !ok {
+		return nil, fmt.Errorf("http error %d with response body '%+v'", res.StatusCode, string(body))
+	}
+
 	if err = json.Unmarshal(body, &resp); err != nil {
-		return resp, err
+		return nil, err
 	}
 
 	return resp, nil

diff --git a/pkg/plugin/path_config.go b/pkg/plugin/path_config.go
@@ -98,7 +98,7 @@ func (b *backend) pathConfigWrite(ctx context.Context, req *logical.Request,
 	}
 
 	if config.BaseURL == "" {
-		config.BaseURL = client.BaseURL
+		config.BaseURL = client.DefaultBaseURL
 	}
 
 	e, err := logical.StorageEntryJSON(pathPatternConfig, config)

diff --git a/pkg/plugin/revoke.go b/pkg/plugin/revoke.go
@@ -19,7 +19,7 @@ func (b *backend) Revoke(ctx context.Context, req *logical.Request, _ *framework
 		return nil, fmt.Errorf("backend is missing the API key")
 	}
 
-	svc := service.New(cfg.APIKey)
+	svc := service.NewWithBaseURL(cfg.APIKey, cfg.BaseURL)
 
 	k, ok := req.Secret.InternalData[pathTokenID]
 	if !ok {
@@ -35,7 +35,7 @@ func (b *backend) Revoke(ctx context.Context, req *logical.Request, _ *framework
 	_, err = svc.DeleteAuthToken(ctx, ks)
 	if err != nil {
 		b.Logger().Error("token delete failed: %s", err)
-		return nil, fmt.Errorf("failed to delete token")
+		return nil, fmt.Errorf("failed to delete token: %s", err)
 	}
 
 	return &logical.Response{}, nil

diff --git a/pkg/plugin/revoke_test.go b/pkg/plugin/revoke_test.go
@@ -0,0 +1,104 @@
+package plugin
+
+import (
+	"context"
+	"encoding/json"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/hashicorp/vault/sdk/logical"
+	"github.com/stretchr/testify/require"
+	"github.com/thevilledev/vault-plugin-secrets-vercel/pkg/client"
+)
+
+func TestRevokeToken(t *testing.T) {
+	t.Parallel()
+
+	t.Run("RevokeToken", func(t *testing.T) {
+		t.Parallel()
+
+		ctx := context.Background()
+		b, storage := newTestBackend(t)
+
+		ts := httptest.NewServer(http.HandlerFunc(
+			func(w http.ResponseWriter, _ *http.Request) {
+				t.Helper()
+
+				body, _ := json.Marshal(&client.DeleteAuthTokenResponse{
+					ID: "zyzz",
+				})
+				w.WriteHeader(http.StatusOK)
+				_, _ = w.Write(body)
+			}),
+		)
+		defer ts.Close()
+
+		_, err := b.HandleRequest(ctx, &logical.Request{
+			Storage:   storage,
+			Operation: logical.CreateOperation,
+			Path:      pathPatternConfig,
+			Data: map[string]any{
+				"api_key":  "foo",
+				"base_url": ts.URL,
+			},
+		})
+		require.NoError(t, err)
+
+		r, err := b.HandleRequest(context.Background(), &logical.Request{
+			Storage:   storage,
+			Operation: logical.RevokeOperation,
+			Path:      pathPatternToken,
+			Data:      map[string]any{},
+			Secret: &logical.Secret{
+				InternalData: map[string]any{
+					"secret_type": backendSecretType,
+					"token_id":    "zyzz",
+				},
+			},
+		})
+		require.NoError(t, err)
+		require.Equal(t, r, &logical.Response{})
+	})
+
+	t.Run("RevokeTokenFail", func(t *testing.T) {
+		t.Parallel()
+
+		ctx := context.Background()
+		b, storage := newTestBackend(t)
+
+		ts := httptest.NewServer(http.HandlerFunc(
+			func(w http.ResponseWriter, _ *http.Request) {
+				t.Helper()
+
+				w.WriteHeader(http.StatusForbidden)
+			}),
+		)
+		defer ts.Close()
+
+		_, err := b.HandleRequest(ctx, &logical.Request{
+			Storage:   storage,
+			Operation: logical.CreateOperation,
+			Path:      pathPatternConfig,
+			Data: map[string]any{
+				"api_key":  "foo",
+				"base_url": ts.URL,
+			},
+		})
+		require.NoError(t, err)
+
+		_, err = b.HandleRequest(context.Background(), &logical.Request{
+			Storage:   storage,
+			Operation: logical.RevokeOperation,
+			Path:      pathPatternToken,
+			Data:      map[string]any{},
+			Secret: &logical.Secret{
+				InternalData: map[string]any{
+					"secret_type": backendSecretType,
+					"token_id":    "zyzz",
+				},
+			},
+		})
+		require.Error(t, err)
+	})
+}
diff --git a/pkg/service/service.go b/pkg/service/service.go
@@ -43,5 +43,9 @@ func (s *Service) DeleteAuthToken(ctx context.Context, id string) (string, error
 		ID: id,
 	})
 
+	if err != nil {
+		return "", err
+	}
+
 	return r.ID, err
 }