Add tests for PKI endpoint authentication (hashicorp#19704)

* Split (un,)authenticated issuer fetch endpoints Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Allow unauthed per-issuer unified-crl access Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add tests to validate endpoint authentication status Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Disable schema validation in TestBackend_IfModifiedSinceHeaders Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> --------- Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
fopina · Mar 23, 2023 · bebdc65 · bebdc65
1 parent 9142308
commit bebdc65
Show file tree

Hide file tree

Showing 3 changed files with 499 additions and 4 deletions.
diff --git a/builtin/logical/pki/backend.go b/builtin/logical/pki/backend.go
@@ -95,6 +95,12 @@ func Backend(conf *logical.BackendConfig) *backend {
 				"issuer/+/crl/delta/der",
 				"issuer/+/crl/delta/pem",
 				"issuer/+/crl/delta",
+				"issuer/+/unified-crl/der",
+				"issuer/+/unified-crl/pem",
+				"issuer/+/unified-crl",
+				"issuer/+/unified-crl/delta/der",
+				"issuer/+/unified-crl/delta/pem",
+				"issuer/+/unified-crl/delta",
 				"issuer/+/pem",
 				"issuer/+/der",
 				"issuer/+/json",
@@ -165,6 +171,7 @@ func Backend(conf *logical.BackendConfig) *backend {
 			// Issuer APIs
 			pathListIssuers(&b),
 			pathGetIssuer(&b),
+			pathGetUnauthedIssuer(&b),
 			pathGetIssuerCRL(&b),
 			pathImportIssuer(&b),
 			pathIssuerIssue(&b),