diff --git a/api/ssh.go b/api/ssh.go index 0bb1fb96e4..cde7750009 100644 --- a/api/ssh.go +++ b/api/ssh.go @@ -22,7 +22,7 @@ func (c *SSH) KeyRevoke(id string) error { return err } -// Invokes the SSH backend API to create a dynamic key +// Invokes the SSH backend API to create a dynamic key or an OTP func (c *SSH) KeyCreate(role string, data map[string]interface{}) (*Secret, error) { r := c.c.NewRequest("PUT", fmt.Sprintf("/v1/ssh/creds/%s", role)) if err := r.SetJSONBody(data); err != nil { diff --git a/builtin/logical/ssh/backend.go b/builtin/logical/ssh/backend.go index fd606c2356..fb64b0c5d4 100644 --- a/builtin/logical/ssh/backend.go +++ b/builtin/logical/ssh/backend.go @@ -41,7 +41,7 @@ func Backend(conf *logical.BackendConfig) (*framework.Backend, error) { pathConfigLease(&b), pathKeys(&b), pathRoles(&b), - pathRoleCreate(&b), + pathCredsCreate(&b), pathLookup(&b), pathVerify(&b), }, diff --git a/builtin/logical/ssh/backend_test.go b/builtin/logical/ssh/backend_test.go index 885939029c..6c2f6d0be6 100644 --- a/builtin/logical/ssh/backend_test.go +++ b/builtin/logical/ssh/backend_test.go @@ -74,13 +74,13 @@ func init() { testAdminUser = u.Username } -func TestSSHBackend(t *testing.T) { +func TestSSHDynamicKeyBackend(t *testing.T) { logicaltest.Test(t, logicaltest.TestCase{ - Backend: Backend(), + Factory: Factory, Steps: []logicaltest.TestStep{ testNamedKeys(t), - testNewRole(t), - testRoleCreate(t), + testNewDynamicKeyRole(t), + testDynamicKeyCredsCreate(t), }, }) } @@ -95,11 +95,12 @@ func testNamedKeys(t *testing.T) logicaltest.TestStep { } } -func testNewRole(t *testing.T) logicaltest.TestStep { +func testNewDynamicKeyRole(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ Operation: logical.WriteOperation, Path: fmt.Sprintf("roles/%s", testRoleName), Data: map[string]interface{}{ + "key_type": "dynamic", "key": testKey, "admin_user": testAdminUser, "cidr": testCidr, @@ -108,7 +109,7 @@ func testNewRole(t *testing.T) logicaltest.TestStep { } } -func testRoleCreate(t *testing.T) logicaltest.TestStep { +func testDynamicKeyCredsCreate(t *testing.T) logicaltest.TestStep { return logicaltest.TestStep{ Operation: logical.WriteOperation, Path: fmt.Sprintf("creds/%s", testRoleName), diff --git a/builtin/logical/ssh/path_creds_create.go b/builtin/logical/ssh/path_creds_create.go index ece1fc0a19..3d64be7e3c 100644 --- a/builtin/logical/ssh/path_creds_create.go +++ b/builtin/logical/ssh/path_creds_create.go @@ -10,7 +10,7 @@ import ( "github.com/hashicorp/vault/logical/framework" ) -func pathRoleCreate(b *backend) *framework.Path { +func pathCredsCreate(b *backend) *framework.Path { return &framework.Path{ Pattern: "creds/(?P[-\\w]+)", Fields: map[string]*framework.FieldSchema{ diff --git a/command/ssh_test.go b/command/ssh_test.go index f813e6b9f5..bb5a615c83 100644 --- a/command/ssh_test.go +++ b/command/ssh_test.go @@ -74,7 +74,7 @@ func init() { testAdminUser = u.Username } -func TestSSH(t *testing.T) { +func testSSH(t *testing.T) { // Add the SSH backend to the unsealed test core. // This should be done before the unsealed core is created. err := vault.AddTestLogicalBackend("ssh", logicalssh.Factory)