v1.14.6/http/sys_config_cors_test.go - hashicorp/vault - Git at Google

 // Copyright (c) HashiCorp, Inc.
 // SPDX-License-Identifier: MPL-2.0

 package http

 import (
 	"encoding/json"
 	"net/http"
 	"reflect"
 	"testing"

 	"github.com/hashicorp/vault/vault"
 )

 func TestSysConfigCors(t *testing.T) {
 	var resp *http.Response

 	core, _, token := vault.TestCoreUnsealed(t)
 	ln, addr := TestServer(t, core)
 	defer ln.Close()
 	TestServerAuth(t, addr, token)

 	corsConf := core.CORSConfig()

 	// Try to enable CORS without providing a value for allowed_origins
 	resp = testHttpPut(t, token, addr+"/v1/sys/config/cors", map[string]interface{}{
 		"allowed_headers": "X-Custom-Header",
 	})

 	testResponseStatus(t, resp, 500)

 	// Enable CORS, but provide an origin this time.
 	resp = testHttpPut(t, token, addr+"/v1/sys/config/cors", map[string]interface{}{
 		"allowed_origins": addr,
 		"allowed_headers": "X-Custom-Header",
 	})

 	testResponseStatus(t, resp, 204)

 	// Read the CORS configuration
 	resp = testHttpGet(t, token, addr+"/v1/sys/config/cors")
 	testResponseStatus(t, resp, 200)

 	var actual map[string]interface{}
 	var expected map[string]interface{}

 	lenStdHeaders := len(corsConf.AllowedHeaders)

 	expectedHeaders := make([]interface{}, lenStdHeaders)

 	for i := range corsConf.AllowedHeaders {
 		expectedHeaders[i] = corsConf.AllowedHeaders[i]
 	}

 	expected = map[string]interface{}{
 		"lease_id":       "",
 		"renewable":      false,
 		"lease_duration": json.Number("0"),
 		"wrap_info":      nil,
 		"warnings":       nil,
 		"auth":           nil,
 		"data": map[string]interface{}{
 			"enabled":         true,
 			"allowed_origins": []interface{}{addr},
 			"allowed_headers": expectedHeaders,
 		},
 		"enabled":         true,
 		"allowed_origins": []interface{}{addr},
 		"allowed_headers": expectedHeaders,
 	}

 	testResponseStatus(t, resp, 200)

 	testResponseBody(t, resp, &actual)
 	expected["request_id"] = actual["request_id"]

 	if !reflect.DeepEqual(actual, expected) {
 		t.Fatalf("bad: expected: %#v\nactual: %#v", expected, actual)
 	}
 }
	// Copyright (c) HashiCorp, Inc.
	// SPDX-License-Identifier: MPL-2.0

	package http

	import (
	"encoding/json"
	"net/http"
	"reflect"
	"testing"

	"github.com/hashicorp/vault/vault"
	)

	func TestSysConfigCors(t *testing.T) {
	var resp *http.Response

	core, _, token := vault.TestCoreUnsealed(t)
	ln, addr := TestServer(t, core)
	defer ln.Close()
	TestServerAuth(t, addr, token)

	corsConf := core.CORSConfig()

	// Try to enable CORS without providing a value for allowed_origins
	resp = testHttpPut(t, token, addr+"/v1/sys/config/cors", map[string]interface{}{
	"allowed_headers": "X-Custom-Header",
	})

	testResponseStatus(t, resp, 500)

	// Enable CORS, but provide an origin this time.
	resp = testHttpPut(t, token, addr+"/v1/sys/config/cors", map[string]interface{}{
	"allowed_origins": addr,
	"allowed_headers": "X-Custom-Header",
	})

	testResponseStatus(t, resp, 204)

	// Read the CORS configuration
	resp = testHttpGet(t, token, addr+"/v1/sys/config/cors")
	testResponseStatus(t, resp, 200)

	var actual map[string]interface{}
	var expected map[string]interface{}

	lenStdHeaders := len(corsConf.AllowedHeaders)

	expectedHeaders := make([]interface{}, lenStdHeaders)

	for i := range corsConf.AllowedHeaders {
	expectedHeaders[i] = corsConf.AllowedHeaders[i]
	}

	expected = map[string]interface{}{
	"lease_id": "",
	"renewable": false,
	"lease_duration": json.Number("0"),
	"wrap_info": nil,
	"warnings": nil,
	"auth": nil,
	"data": map[string]interface{}{
	"enabled": true,
	"allowed_origins": []interface{}{addr},
	"allowed_headers": expectedHeaders,
	},
	"enabled": true,
	"allowed_origins": []interface{}{addr},
	"allowed_headers": expectedHeaders,
	}

	testResponseStatus(t, resp, 200)

	testResponseBody(t, resp, &actual)
	expected["request_id"] = actual["request_id"]

	if !reflect.DeepEqual(actual, expected) {
	t.Fatalf("bad: expected: %#v\nactual: %#v", expected, actual)
	}
	}