upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-06-08 16:24:51 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Merge pull request #1607 from hashicorp/standardize-time

Browse source 
Remove redundant invocations of UTC() call on `time.Time` objects
This commit is contained in:
Vishal Nayak 2016-07-13 10:19:23 -06:00 committed by GitHub
commit 64bdeec926
20 changed files with 97 additions and 78 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
audit/hashstructure_test.go
View file

@ -18,7 +18,7 @@ func TestCopy_auth(t *testing.T) {
expected := logical.Auth{
LeaseOptions: logical.LeaseOptions{
TTL: 1 * time.Hour,
IssueTime: time.Now().UTC(),
IssueTime: time.Now(),
},
ClientToken: "foo",
@ -109,7 +109,7 @@ func TestHashString(t *testing.T) {
}
func TestHash(t *testing.T) {
now := time.Now().UTC()
now := time.Now()
cases := []struct {
Input interface{}

4
builtin/credential/aws-ec2/backend.go
View file

@ -110,7 +110,7 @@ func Backend(conf *logical.BackendConfig) (*backend, error) {
func (b *backend) periodicFunc(req *logical.Request) error {
// Run the tidy operations for the first time. Then run it when current
// time matches the nextTidyTime.
if b.nextTidyTime.IsZero() || !time.Now().UTC().Before(b.nextTidyTime) {
if b.nextTidyTime.IsZero() || !time.Now().Before(b.nextTidyTime) {
// safety_buffer defaults to 180 days for roletag blacklist
safety_buffer := 15552000
tidyBlacklistConfigEntry, err := b.lockedConfigTidyRoleTags(req.Storage)
@ -154,7 +154,7 @@ func (b *backend) periodicFunc(req *logical.Request) error {
}
// Update the time at which to run the tidy functions again.
b.nextTidyTime = time.Now().UTC().Add(b.tidyCooldownPeriod)
b.nextTidyTime = time.Now().Add(b.tidyCooldownPeriod)
}
return nil
}

4
builtin/credential/aws-ec2/path_login.go
View file

@ -357,7 +357,7 @@ func (b *backend) pathLoginUpdate(
}
// Save the login attempt in the identity whitelist.
currentTime := time.Now().UTC()
currentTime := time.Now()
if storedIdentity == nil {
// Role, ClientNonce and CreationTime of the identity entry,
// once set, should never change.
@ -550,7 +550,7 @@ func (b *backend) pathLoginRenew(
}
// Only LastUpdatedTime and ExpirationTime change and all other fields remain the same.
currentTime := time.Now().UTC()
currentTime := time.Now()
storedIdentity.LastUpdatedTime = currentTime
storedIdentity.ExpirationTime = currentTime.Add(longestMaxTTL)

2
builtin/credential/aws-ec2/path_roletag_blacklist.go
View file

@ -186,7 +186,7 @@ func (b *backend) pathRoletagBlacklistUpdate(
blEntry = &roleTagBlacklistEntry{}
}
currentTime := time.Now().UTC()
currentTime := time.Now()
// Check if this is a creation of blacklist entry.
if blEntry.CreationTime.IsZero() {

2
builtin/credential/aws-ec2/path_tidy_identity_whitelist.go
View file

@ -65,7 +65,7 @@ func (b *backend) tidyWhitelistIdentity(s logical.Storage, safety_buffer int) er
return err
}
if time.Now().UTC().After(result.ExpirationTime.Add(bufferDuration)) {
if time.Now().After(result.ExpirationTime.Add(bufferDuration)) {
if err := s.Delete("whitelist/identity" + instanceID); err != nil {
return fmt.Errorf("error deleting identity of instanceID %s from storage: %s", instanceID, err)
}

2
builtin/credential/aws-ec2/path_tidy_roletag_blacklist.go
View file

@ -64,7 +64,7 @@ func (b *backend) tidyBlacklistRoleTag(s logical.Storage, safety_buffer int) err
return err
}
if time.Now().UTC().After(result.ExpirationTime.Add(bufferDuration)) {
if time.Now().After(result.ExpirationTime.Add(bufferDuration)) {
if err := s.Delete("blacklist/roletag" + tag); err != nil {
return fmt.Errorf("error deleting tag %s from storage: %s", tag, err)
}

7
builtin/logical/aws/secret_access_keys.go
View file

@ -60,12 +60,7 @@ func genUsername(displayName, policyName, userType string) (ret string, warning
// with, so don't insert display name or policy name at all
}
ret = fmt.Sprintf(
"vault-%s%d-%d",
midString,
time.Now().Unix(),
rand.Int31n(10000))
ret = fmt.Sprintf("vault-%s%d-%d", midString, time.Now().Unix(), rand.Int31n(10000))
return
}

2
builtin/logical/postgresql/path_role_create.go
View file

@ -77,7 +77,7 @@ func (b *backend) pathRoleCreateRead(
if err != nil {
return nil, err
}
expiration := time.Now().UTC().
expiration := time.Now().
Add(lease.Lease).
Format("2006-01-02 15:04:05-0700")

10
http/sys_health_test.go
View file

@ -31,7 +31,7 @@ func TestSysHealth_get(t *testing.T) {
testResponseBody(t, resp, &actual)
expected["server_time_utc"] = actual["server_time_utc"]
if !reflect.DeepEqual(actual, expected) {
t.Fatalf("bad: %#v", actual)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)
}
core.Seal(root)
@ -51,7 +51,7 @@ func TestSysHealth_get(t *testing.T) {
testResponseBody(t, resp, &actual)
expected["server_time_utc"] = actual["server_time_utc"]
if !reflect.DeepEqual(actual, expected) {
t.Fatalf("bad: %#v", actual)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)
}
}
@ -80,7 +80,7 @@ func TestSysHealth_customcodes(t *testing.T) {
expected["server_time_utc"] = actual["server_time_utc"]
if !reflect.DeepEqual(actual, expected) {
t.Fatalf("bad: %#v", actual)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)
}
core.Seal(root)
@ -104,7 +104,7 @@ func TestSysHealth_customcodes(t *testing.T) {
testResponseBody(t, resp, &actual)
expected["server_time_utc"] = actual["server_time_utc"]
if !reflect.DeepEqual(actual, expected) {
t.Fatalf("bad: %#v", actual)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual)
}
}
@ -113,7 +113,7 @@ func TestSysHealth_head(t *testing.T) {
ln, addr := TestServer(t, core)
defer ln.Close()
testData := []struct{
testData := []struct {
uri string
code int
}{

4
logical/framework/backend.go
View file

@ -450,9 +450,9 @@ func (b *Backend) handleWALRollback(
if age == 0 {
age = 10 * time.Minute
}
minAge := time.Now().UTC().Add(-1 * age)
minAge := time.Now().Add(-1 * age)
if _, ok := req.Data["immediate"]; ok {
minAge = time.Now().UTC().Add(1000 * time.Hour)
minAge = time.Now().Add(1000 * time.Hour)
}
for _, k := range keys {

2
logical/framework/backend_test.go
View file

@ -263,7 +263,7 @@ func TestBackendHandleRequest_renewExtend(t *testing.T) {
}
req := logical.RenewRequest("/foo", secret.Response(nil, nil).Secret, nil)
req.Secret.IssueTime = time.Now().UTC()
req.Secret.IssueTime = time.Now()
req.Secret.Increment = 1 * time.Hour
resp, err := b.HandleRequest(req)
if err != nil {

4
logical/framework/lease.go
View file

@ -45,10 +45,10 @@ func LeaseExtend(backendIncrement, backendMax time.Duration, systemView logical.
}
// We cannot go past this time
maxValidTime := leaseOpts.IssueTime.UTC().Add(max)
maxValidTime := leaseOpts.IssueTime.Add(max)
// Get the current time
now := time.Now().UTC()
now := time.Now()
// If we are past the max TTL, we shouldn't be in this function...but
// fast path out if we are

2
logical/framework/lease_test.go
View file

@ -14,7 +14,7 @@ func TestLeaseExtend(t *testing.T) {
MaxLeaseTTLVal: 30 * time.Hour,
}
now := time.Now().UTC().Round(time.Hour)
now := time.Now().Round(time.Hour)
cases := map[string]struct {
BackendDefault time.Duration

4
logical/lease.go
View file

@ -20,7 +20,7 @@ type LeaseOptions struct {
// IssueTime is the time of issue for the original lease. This is
// only available on a Renew operation and has no effect when returning
// a response. It can be used to enforce maximum lease periods by
// a logical backend. This time will always be in UTC.
// a logical backend.
IssueTime time.Time `json:"-"`
}
@ -42,7 +42,7 @@ func (l *LeaseOptions) LeaseTotal() time.Duration {
func (l *LeaseOptions) ExpirationTime() time.Time {
var expireTime time.Time
if l.LeaseEnabled() {
expireTime = time.Now().UTC().Add(l.LeaseTotal())
expireTime = time.Now().Add(l.LeaseTotal())
}
return expireTime
}

2
logical/lease_test.go
View file

@ -41,7 +41,7 @@ func TestLeaseOptionsExpirationTime(t *testing.T) {
var l LeaseOptions
l.TTL = 1 * time.Hour
limit := time.Now().UTC().Add(time.Hour)
limit := time.Now().Add(time.Hour)
exp := l.ExpirationTime()
if exp.Before(limit) {
t.Fatalf("bad: %s", exp)

12
vault/expiration.go
View file

@ -141,7 +141,7 @@ func (m *ExpirationManager) Restore() error {
}
// Determine the remaining time to expiration
expires := le.ExpireTime.Sub(time.Now().UTC())
expires := le.ExpireTime.Sub(time.Now())
if expires <= 0 {
expires = minRevokeDelay
}
@ -334,7 +334,7 @@ func (m *ExpirationManager) Renew(leaseID string, increment time.Duration) (*log
le.Data = resp.Data
le.Secret = resp.Secret
le.ExpireTime = resp.Secret.ExpirationTime()
le.LastRenewalTime = time.Now().UTC()
le.LastRenewalTime = time.Now()
if err := m.persistEntry(le); err != nil {
return nil, err
}
@ -395,7 +395,7 @@ func (m *ExpirationManager) RenewToken(req *logical.Request, source string, toke
// Update the lease entry
le.Auth = resp.Auth
le.ExpireTime = resp.Auth.ExpirationTime()
le.LastRenewalTime = time.Now().UTC()
le.LastRenewalTime = time.Now()
if err := m.persistEntry(le); err != nil {
return nil, err
}
@ -433,7 +433,7 @@ func (m *ExpirationManager) Register(req *logical.Request, resp *logical.Respons
Path: req.Path,
Data: resp.Data,
Secret: resp.Secret,
IssueTime: time.Now().UTC(),
IssueTime: time.Now(),
ExpireTime: resp.Secret.ExpirationTime(),
}
@ -466,7 +466,7 @@ func (m *ExpirationManager) RegisterAuth(source string, auth *logical.Auth) erro
ClientToken: auth.ClientToken,
Auth: auth,
Path: source,
IssueTime: time.Now().UTC(),
IssueTime: time.Now(),
ExpireTime: auth.ExpirationTime(),
}
@ -762,7 +762,7 @@ func (le *leaseEntry) renewable() error {
}
// Determine if the lease is expired
if le.ExpireTime.Before(time.Now().UTC()) {
if le.ExpireTime.Before(time.Now()) {
return fmt.Errorf("lease expired")
}

13
vault/expiration_test.go
View file

@ -906,9 +906,9 @@ func TestExpiration_PersistLoadDelete(t *testing.T) {
TTL: time.Minute,
},
},
IssueTime: time.Now().UTC(),
ExpireTime: time.Now().UTC(),
LastRenewalTime: time.Time{}.UTC(),
IssueTime: time.Now(),
ExpireTime: time.Now(),
LastRenewalTime: time.Time{},
}
if err := exp.persistEntry(le); err != nil {
t.Fatalf("err: %v", err)
@ -918,8 +918,9 @@ func TestExpiration_PersistLoadDelete(t *testing.T) {
if err != nil {
t.Fatalf("err: %v", err)
}
le.LastRenewalTime = out.LastRenewalTime
if !reflect.DeepEqual(out, le) {
t.Fatalf("\nout: %#v\nexpect: %#v\n", out, le)
t.Fatalf("bad: expected:%#v\nactual:%#v", le, out)
}
err = exp.deleteEntry("foo/bar/1234")
@ -948,8 +949,8 @@ func TestLeaseEntry(t *testing.T) {
TTL: time.Minute,
},
},
IssueTime: time.Now().UTC(),
ExpireTime: time.Now().UTC(),
IssueTime: time.Now(),
ExpireTime: time.Now(),
}
enc, err := le.encode()

6
vault/keyring_test.go
View file

@ -140,8 +140,8 @@ func TestKeyring_Serialize(t *testing.T) {
testKey := []byte("testing")
testSecond := []byte("second")
k, _ = k.AddKey(&Key{Term: 1, Version: 1, Value: testKey, InstallTime: time.Now().UTC()})
k, _ = k.AddKey(&Key{Term: 2, Version: 1, Value: testSecond, InstallTime: time.Now().UTC()})
k, _ = k.AddKey(&Key{Term: 1, Version: 1, Value: testKey, InstallTime: time.Now()})
k, _ = k.AddKey(&Key{Term: 2, Version: 1, Value: testSecond, InstallTime: time.Now()})
buf, err := k.Serialize()
if err != nil {
@ -177,7 +177,7 @@ func TestKey_Serialize(t *testing.T) {
Term: 10,
Version: 1,
Value: []byte("foobarbaz"),
InstallTime: time.Now().UTC(),
InstallTime: time.Now(),
}
buf, err := k.Serialize()

47
vault/token_store.go
View file

@ -414,18 +414,41 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error)
// TokenEntry is used to represent a given token
type TokenEntry struct {
ID string // ID of this entry, generally a random UUID
Accessor string // Accessor for this token, a random UUID
Parent string // Parent token, used for revocation trees
Policies []string // Which named policies should be used
Path string // Used for audit trails, this is something like "auth/user/login"
Meta map[string]string // Used for auditing. This could include things like "source", "user", "ip"
DisplayName string // Used for operators to be able to associate with the source
NumUses int // Used to restrict the number of uses (zero is unlimited). This is to support one-time-tokens (generalized).
CreationTime int64 // Time of token creation
TTL time.Duration // Duration set when token was created
ExplicitMaxTTL time.Duration // Explicit maximum TTL on the token
Role string // If set, the role that was used for parameters at creation time
// ID of this entry, generally a random UUID
ID string `json:"id" mapstructure:"id" structs:"id"`
// Accessor for this token, a random UUID
Accessor string `json:"accessor" mapstructure:"accessor" structs:"accessor"`
// Parent token, used for revocation trees
Parent string `json:"parent" mapstructure:"parent" structs:"parent"`
// Which named policies should be used
Policies []string `json:"policies" mapstructure:"policies" structs:"policies"`
// Used for audit trails, this is something like "auth/user/login"
Path string `json:"path" mapstructure:"path" structs:"path"`
// Used for auditing. This could include things like "source", "user", "ip"
Meta map[string]string `json:"meta" mapstructure:"meta" structs:"meta"`
// Used for operators to be able to associate with the source
DisplayName string `json:"display_name" mapstructure:"display_name" structs:"display_name"`
// Used to restrict the number of uses (zero is unlimited). This is to support one-time-tokens (generalized).
NumUses int `json:"num_uses" mapstructure:"num_uses" structs:"num_uses"`
// Time of token creation
CreationTime int64 `json:"creation_time" mapstructure:"creation_time" structs:"creation_time"`
// Duration set when token was created
TTL time.Duration `json:"ttl" mapstructure:"ttl" structs:"ttl"`
// Explicit maximum TTL on the token
ExplicitMaxTTL time.Duration `json:"" mapstructure:"" structs:""`
// If set, the role that was used for parameters at creation time
Role string `json:"role" mapstructure:"role" structs:"role"`
}
// tsRoleEntry contains token store role information

42
vault/token_store_test.go
View file

@ -156,7 +156,7 @@ func TestTokenStore_RootToken(t *testing.T) {
t.Fatalf("err: %v", err)
}
if !reflect.DeepEqual(out, te) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", te, out)
}
}
@ -176,7 +176,7 @@ func TestTokenStore_CreateLookup(t *testing.T) {
t.Fatalf("err: %v", err)
}
if !reflect.DeepEqual(out, ent) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out)
}
// New store should share the salt
@ -191,7 +191,7 @@ func TestTokenStore_CreateLookup(t *testing.T) {
t.Fatalf("err: %v", err)
}
if !reflect.DeepEqual(out, ent) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out)
}
}
@ -207,7 +207,7 @@ func TestTokenStore_CreateLookup_ProvidedID(t *testing.T) {
t.Fatalf("err: %v", err)
}
if ent.ID != "foobarbaz" {
t.Fatalf("bad: %#v", ent)
t.Fatalf("bad: ent.ID: expected:\"foobarbaz\"\n actual:%s", ent.ID)
}
out, err := ts.Lookup(ent.ID)
@ -215,7 +215,7 @@ func TestTokenStore_CreateLookup_ProvidedID(t *testing.T) {
t.Fatalf("err: %v", err)
}
if !reflect.DeepEqual(out, ent) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out)
}
// New store should share the salt
@ -230,7 +230,7 @@ func TestTokenStore_CreateLookup_ProvidedID(t *testing.T) {
t.Fatalf("err: %v", err)
}
if !reflect.DeepEqual(out, ent) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out)
}
}
@ -259,7 +259,7 @@ func TestTokenStore_UseToken(t *testing.T) {
}
if !reflect.DeepEqual(ent, ent2) {
t.Fatalf("bad: %#v %#v", ent, ent2)
t.Fatalf("bad: ent:%#v ent2:%#v", ent, ent2)
}
// Create a retstricted token
@ -412,7 +412,7 @@ func TestTokenStore_Revoke_Orphan(t *testing.T) {
t.Fatalf("err: %v", err)
}
if !reflect.DeepEqual(out, ent2) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", ent2, out)
}
}
@ -530,7 +530,7 @@ func TestTokenStore_HandleRequest_CreateToken_DisplayName(t *testing.T) {
}
expected.CreationTime = out.CreationTime
if !reflect.DeepEqual(out, expected) {
t.Fatalf("bad:\ngot:\n%#v\nexpected:\n%#v\n", out, expected)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, out)
}
}
@ -562,7 +562,7 @@ func TestTokenStore_HandleRequest_CreateToken_NumUses(t *testing.T) {
}
expected.CreationTime = out.CreationTime
if !reflect.DeepEqual(out, expected) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, out)
}
}
@ -625,7 +625,7 @@ func TestTokenStore_HandleRequest_CreateToken_NoPolicy(t *testing.T) {
}
expected.CreationTime = out.CreationTime
if !reflect.DeepEqual(out, expected) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, out)
}
}
@ -812,7 +812,7 @@ func TestTokenStore_HandleRequest_CreateToken_Metadata(t *testing.T) {
out, _ := ts.Lookup(resp.Auth.ClientToken)
if !reflect.DeepEqual(out.Meta, meta) {
t.Fatalf("bad: %#v", out)
t.Fatalf("bad: expected:%#v\nactual:%#v", meta, out.Meta)
}
}
@ -988,7 +988,7 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) {
delete(resp.Data, "creation_time")
if !reflect.DeepEqual(resp.Data, exp) {
t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp)
t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data)
}
testCoreMakeToken(t, c, root, "client", "3600s", []string{"foo"})
@ -1030,7 +1030,7 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) {
}
if !reflect.DeepEqual(resp.Data, exp) {
t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp)
t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data)
}
// Test via POST
@ -1073,7 +1073,7 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) {
}
if !reflect.DeepEqual(resp.Data, exp) {
t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp)
t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data)
}
// Test last_renewal_time functionality
@ -1133,7 +1133,7 @@ func TestTokenStore_HandleRequest_LookupSelf(t *testing.T) {
delete(resp.Data, "creation_time")
if !reflect.DeepEqual(resp.Data, exp) {
t.Fatalf("bad:\ngot %#v\nexpected: %#v\n", resp.Data, exp)
t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data)
}
}
@ -1163,7 +1163,7 @@ func TestTokenStore_HandleRequest_Renew(t *testing.T) {
// Get the original expire time to compare
originalExpire := auth.ExpirationTime()
beforeRenew := time.Now().UTC()
beforeRenew := time.Now()
req := logical.TestRequest(t, logical.UpdateOperation, "renew/"+root.ID)
req.Data["increment"] = "3600s"
resp, err := ts.HandleRequest(req)
@ -1207,7 +1207,7 @@ func TestTokenStore_HandleRequest_RenewSelf(t *testing.T) {
// Get the original expire time to compare
originalExpire := auth.ExpirationTime()
beforeRenew := time.Now().UTC()
beforeRenew := time.Now()
req := logical.TestRequest(t, logical.UpdateOperation, "renew-self")
req.ClientToken = auth.ClientToken
req.Data["increment"] = "3600s"
@ -1279,7 +1279,7 @@ func TestTokenStore_RoleCRUD(t *testing.T) {
}
if !reflect.DeepEqual(expected, resp.Data) {
t.Fatalf("expected:\n%v\nactual:\n%v\n", expected, resp.Data)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, resp.Data)
}
// Now test updating; this should be set to an UpdateOperation
@ -1322,7 +1322,7 @@ func TestTokenStore_RoleCRUD(t *testing.T) {
}
if !reflect.DeepEqual(expected, resp.Data) {
t.Fatalf("expected:\n%v\nactual:\n%v\n", expected, resp.Data)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, resp.Data)
}
// Now test setting explicit max ttl at the same time as period, which
@ -1370,7 +1370,7 @@ func TestTokenStore_RoleCRUD(t *testing.T) {
}
if !reflect.DeepEqual(expected, resp.Data) {
t.Fatalf("expected:\n%v\nactual:\n%v\n", expected, resp.Data)
t.Fatalf("bad: expected:%#v\nactual:%#v", expected, resp.Data)
}
req.Operation = logical.ListOperation