Multi value test seal (#2281)

http/sys_generate_root_test.go

@@ -4,6 +4,7 @@ import (
 	"encoding/base64"
 	"encoding/hex"
 	"encoding/json"
+	"fmt"
 	"net/http"
 	"reflect"
 	"testing"
@@ -29,7 +30,7 @@ func TestSysGenerateRootAttempt_Status(t *testing.T) {
 	expected := map[string]interface{}{
 		"started":            false,
 		"progress":           json.Number("0"),
-		"required":           json.Number("1"),
+		"required":           json.Number("3"),
 		"complete":           false,
 		"encoded_root_token": "",
 		"pgp_fingerprint":    "",
@@ -63,7 +64,7 @@ func TestSysGenerateRootAttempt_Setup_OTP(t *testing.T) {
 	expected := map[string]interface{}{
 		"started":            true,
 		"progress":           json.Number("0"),
-		"required":           json.Number("1"),
+		"required":           json.Number("3"),
 		"complete":           false,
 		"encoded_root_token": "",
 		"pgp_fingerprint":    "",
@@ -84,7 +85,7 @@ func TestSysGenerateRootAttempt_Setup_OTP(t *testing.T) {
 	expected = map[string]interface{}{
 		"started":            true,
 		"progress":           json.Number("0"),
-		"required":           json.Number("1"),
+		"required":           json.Number("3"),
 		"complete":           false,
 		"encoded_root_token": "",
 		"pgp_fingerprint":    "",
@@ -117,7 +118,7 @@ func TestSysGenerateRootAttempt_Setup_PGP(t *testing.T) {
 	expected := map[string]interface{}{
 		"started":            true,
 		"progress":           json.Number("0"),
-		"required":           json.Number("1"),
+		"required":           json.Number("3"),
 		"complete":           false,
 		"encoded_root_token": "",
 		"pgp_fingerprint":    "816938b8a29146fbe245dd29e7cbaf8e011db793",
@@ -153,7 +154,7 @@ func TestSysGenerateRootAttempt_Cancel(t *testing.T) {
 	expected := map[string]interface{}{
 		"started":            true,
 		"progress":           json.Number("0"),
-		"required":           json.Number("1"),
+		"required":           json.Number("3"),
 		"complete":           false,
 		"encoded_root_token": "",
 		"pgp_fingerprint":    "",
@@ -180,7 +181,7 @@ func TestSysGenerateRootAttempt_Cancel(t *testing.T) {
 	expected = map[string]interface{}{
 		"started":            false,
 		"progress":           json.Number("0"),
-		"required":           json.Number("1"),
+		"required":           json.Number("3"),
 		"complete":           false,
 		"encoded_root_token": "",
 		"pgp_fingerprint":    "",
@@ -239,7 +240,7 @@ func TestSysGenerateRoot_ReAttemptUpdate(t *testing.T) {
 }
 
 func TestSysGenerateRoot_Update_OTP(t *testing.T) {
-	core, master, token := vault.TestCoreUnsealed(t)
+	core, keys, token := vault.TestCoreUnsealed(t)
 	ln, addr := TestServer(t, core)
 	defer ln.Close()
 	TestServerAuth(t, addr, token)
@@ -257,22 +258,29 @@ func TestSysGenerateRoot_Update_OTP(t *testing.T) {
 	testResponseStatus(t, resp, 200)
 	testResponseBody(t, resp, &rootGenerationStatus)
 
-	resp = testHttpPut(t, token, addr+"/v1/sys/generate-root/update", map[string]interface{}{
-		"nonce": rootGenerationStatus["nonce"].(string),
-		"key":   hex.EncodeToString(master),
-	})
-
 	var actual map[string]interface{}
-	expected := map[string]interface{}{
-		"complete":        true,
-		"nonce":           rootGenerationStatus["nonce"].(string),
-		"progress":        json.Number("1"),
-		"required":        json.Number("1"),
-		"started":         true,
-		"pgp_fingerprint": "",
+	var expected map[string]interface{}
+	for i, key := range keys {
+		resp = testHttpPut(t, token, addr+"/v1/sys/generate-root/update", map[string]interface{}{
+			"nonce": rootGenerationStatus["nonce"].(string),
+			"key":   hex.EncodeToString(key),
+		})
+
+		actual = map[string]interface{}{}
+		expected = map[string]interface{}{
+			"complete":        false,
+			"nonce":           rootGenerationStatus["nonce"].(string),
+			"progress":        json.Number(fmt.Sprintf("%d", i+1)),
+			"required":        json.Number(fmt.Sprintf("%d", len(keys))),
+			"started":         true,
+			"pgp_fingerprint": "",
+		}
+		if i+1 == len(keys) {
+			expected["complete"] = true
+		}
+		testResponseStatus(t, resp, 200)
+		testResponseBody(t, resp, &actual)
 	}
-	testResponseStatus(t, resp, 200)
-	testResponseBody(t, resp, &actual)
 
 	if actual["encoded_root_token"] == nil {
 		t.Fatalf("no encoded root token found in response")
@@ -319,7 +327,7 @@ func TestSysGenerateRoot_Update_OTP(t *testing.T) {
 }
 
 func TestSysGenerateRoot_Update_PGP(t *testing.T) {
-	core, master, token := vault.TestCoreUnsealed(t)
+	core, keys, token := vault.TestCoreUnsealed(t)
 	ln, addr := TestServer(t, core)
 	defer ln.Close()
 	TestServerAuth(t, addr, token)
@@ -338,22 +346,29 @@ func TestSysGenerateRoot_Update_PGP(t *testing.T) {
 	testResponseStatus(t, resp, 200)
 	testResponseBody(t, resp, &rootGenerationStatus)
 
-	resp = testHttpPut(t, token, addr+"/v1/sys/generate-root/update", map[string]interface{}{
-		"nonce": rootGenerationStatus["nonce"].(string),
-		"key":   hex.EncodeToString(master),
-	})
-
 	var actual map[string]interface{}
-	expected := map[string]interface{}{
-		"complete":        true,
-		"nonce":           rootGenerationStatus["nonce"].(string),
-		"progress":        json.Number("1"),
-		"required":        json.Number("1"),
-		"started":         true,
-		"pgp_fingerprint": "816938b8a29146fbe245dd29e7cbaf8e011db793",
+	var expected map[string]interface{}
+	for i, key := range keys {
+		resp = testHttpPut(t, token, addr+"/v1/sys/generate-root/update", map[string]interface{}{
+			"nonce": rootGenerationStatus["nonce"].(string),
+			"key":   hex.EncodeToString(key),
+		})
+
+		actual = map[string]interface{}{}
+		expected = map[string]interface{}{
+			"complete":        false,
+			"nonce":           rootGenerationStatus["nonce"].(string),
+			"progress":        json.Number(fmt.Sprintf("%d", i+1)),
+			"required":        json.Number(fmt.Sprintf("%d", len(keys))),
+			"started":         true,
+			"pgp_fingerprint": "816938b8a29146fbe245dd29e7cbaf8e011db793",
+		}
+		if i+1 == len(keys) {
+			expected["complete"] = true
+		}
+		testResponseStatus(t, resp, 200)
+		testResponseBody(t, resp, &actual)
 	}
-	testResponseStatus(t, resp, 200)
-	testResponseBody(t, resp, &actual)
 
 	if actual["encoded_root_token"] == nil {
 		t.Fatalf("no encoded root token found in response")