Allow token-renew to not be given a token; it will then use the

renew-self endpoint. Otherwise it will use the renew endpoint, even if
the token matches the client token.

Adds an -increment flag to allow increments even with no token passed
in.

Fixes #1150

command/token_renew_test.go

@@ -41,9 +41,136 @@ func TestTokenRenew(t *testing.T) {
 		t.Fatalf("err: %s", err)
 	}
 
-	// Verify it worked
+	// Renew, passing in the token
 	args = append(args, resp.Auth.ClientToken)
 	if code := c.Run(args); code != 0 {
 		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
 	}
 }
+
+func TestTokenRenewWithIncrement(t *testing.T) {
+	core, _, token := vault.TestCoreUnsealed(t)
+	ln, addr := http.TestServer(t, core)
+	defer ln.Close()
+
+	ui := new(cli.MockUi)
+	c := &TokenRenewCommand{
+		Meta: Meta{
+			ClientToken: token,
+			Ui:          ui,
+		},
+	}
+
+	args := []string{
+		"-address", addr,
+	}
+
+	// Run it once for client
+	c.Run(args)
+
+	// Create a token
+	client, err := c.Client()
+	if err != nil {
+		t.Fatalf("err: %s", err)
+	}
+	resp, err := client.Auth().Token().Create(&api.TokenCreateRequest{
+		Lease: "1h",
+	})
+	if err != nil {
+		t.Fatalf("err: %s", err)
+	}
+
+	// Renew, passing in the token
+	args = append(args, resp.Auth.ClientToken)
+	args = append(args, "72h")
+	if code := c.Run(args); code != 0 {
+		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
+	}
+}
+
+func TestTokenRenewSelf(t *testing.T) {
+	core, _, token := vault.TestCoreUnsealed(t)
+	ln, addr := http.TestServer(t, core)
+	defer ln.Close()
+
+	ui := new(cli.MockUi)
+	c := &TokenRenewCommand{
+		Meta: Meta{
+			ClientToken: token,
+			Ui:          ui,
+		},
+	}
+
+	args := []string{
+		"-address", addr,
+	}
+
+	// Run it once for client
+	c.Run(args)
+
+	// Create a token
+	client, err := c.Client()
+	if err != nil {
+		t.Fatalf("err: %s", err)
+	}
+	resp, err := client.Auth().Token().Create(&api.TokenCreateRequest{
+		Lease: "1h",
+	})
+	if err != nil {
+		t.Fatalf("err: %s", err)
+	}
+	if resp.Auth.ClientToken == "" {
+		t.Fatal("returned client token is empty")
+	}
+
+	c.Meta.ClientToken = resp.Auth.ClientToken
+
+	// Renew using the self endpoint
+	if code := c.Run(args); code != 0 {
+		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
+	}
+}
+
+func TestTokenRenewSelfWithIncrement(t *testing.T) {
+	core, _, token := vault.TestCoreUnsealed(t)
+	ln, addr := http.TestServer(t, core)
+	defer ln.Close()
+
+	ui := new(cli.MockUi)
+	c := &TokenRenewCommand{
+		Meta: Meta{
+			ClientToken: token,
+			Ui:          ui,
+		},
+	}
+
+	args := []string{
+		"-address", addr,
+	}
+
+	// Run it once for client
+	c.Run(args)
+
+	// Create a token
+	client, err := c.Client()
+	if err != nil {
+		t.Fatalf("err: %s", err)
+	}
+	resp, err := client.Auth().Token().Create(&api.TokenCreateRequest{
+		Lease: "1h",
+	})
+	if err != nil {
+		t.Fatalf("err: %s", err)
+	}
+	if resp.Auth.ClientToken == "" {
+		t.Fatal("returned client token is empty")
+	}
+
+	c.Meta.ClientToken = resp.Auth.ClientToken
+
+	args = append(args, "-increment=72h")
+	// Renew using the self endpoint
+	if code := c.Run(args); code != 0 {
+		t.Fatalf("bad: %d\n\n%s", code, ui.ErrorWriter.String())
+	}
+}