diff --git a/audit/hashstructure_test.go b/audit/hashstructure_test.go index 26b1d4153a..ab33acca20 100644 --- a/audit/hashstructure_test.go +++ b/audit/hashstructure_test.go @@ -18,7 +18,7 @@ func TestCopy_auth(t *testing.T) { expected := logical.Auth{ LeaseOptions: logical.LeaseOptions{ TTL: 1 * time.Hour, - IssueTime: time.Now().UTC(), + IssueTime: time.Now(), }, ClientToken: "foo", @@ -109,7 +109,7 @@ func TestHashString(t *testing.T) { } func TestHash(t *testing.T) { - now := time.Now().UTC() + now := time.Now() cases := []struct { Input interface{} diff --git a/builtin/credential/aws-ec2/backend.go b/builtin/credential/aws-ec2/backend.go index 16f151156e..5e63eac322 100644 --- a/builtin/credential/aws-ec2/backend.go +++ b/builtin/credential/aws-ec2/backend.go @@ -110,7 +110,7 @@ func Backend(conf *logical.BackendConfig) (*backend, error) { func (b *backend) periodicFunc(req *logical.Request) error { // Run the tidy operations for the first time. Then run it when current // time matches the nextTidyTime. - if b.nextTidyTime.IsZero() || !time.Now().UTC().Before(b.nextTidyTime) { + if b.nextTidyTime.IsZero() || !time.Now().Before(b.nextTidyTime) { // safety_buffer defaults to 180 days for roletag blacklist safety_buffer := 15552000 tidyBlacklistConfigEntry, err := b.lockedConfigTidyRoleTags(req.Storage) @@ -154,7 +154,7 @@ func (b *backend) periodicFunc(req *logical.Request) error { } // Update the time at which to run the tidy functions again. - b.nextTidyTime = time.Now().UTC().Add(b.tidyCooldownPeriod) + b.nextTidyTime = time.Now().Add(b.tidyCooldownPeriod) } return nil } diff --git a/builtin/credential/aws-ec2/path_login.go b/builtin/credential/aws-ec2/path_login.go index bab8495427..633a5bad9c 100644 --- a/builtin/credential/aws-ec2/path_login.go +++ b/builtin/credential/aws-ec2/path_login.go @@ -357,7 +357,7 @@ func (b *backend) pathLoginUpdate( } // Save the login attempt in the identity whitelist. - currentTime := time.Now().UTC() + currentTime := time.Now() if storedIdentity == nil { // Role, ClientNonce and CreationTime of the identity entry, // once set, should never change. @@ -550,7 +550,7 @@ func (b *backend) pathLoginRenew( } // Only LastUpdatedTime and ExpirationTime change and all other fields remain the same. - currentTime := time.Now().UTC() + currentTime := time.Now() storedIdentity.LastUpdatedTime = currentTime storedIdentity.ExpirationTime = currentTime.Add(longestMaxTTL) diff --git a/builtin/credential/aws-ec2/path_roletag_blacklist.go b/builtin/credential/aws-ec2/path_roletag_blacklist.go index 62ef923ead..e008d4494e 100644 --- a/builtin/credential/aws-ec2/path_roletag_blacklist.go +++ b/builtin/credential/aws-ec2/path_roletag_blacklist.go @@ -186,7 +186,7 @@ func (b *backend) pathRoletagBlacklistUpdate( blEntry = &roleTagBlacklistEntry{} } - currentTime := time.Now().UTC() + currentTime := time.Now() // Check if this is a creation of blacklist entry. if blEntry.CreationTime.IsZero() { diff --git a/builtin/credential/aws-ec2/path_tidy_identity_whitelist.go b/builtin/credential/aws-ec2/path_tidy_identity_whitelist.go index f16637dbf6..266d4596f2 100644 --- a/builtin/credential/aws-ec2/path_tidy_identity_whitelist.go +++ b/builtin/credential/aws-ec2/path_tidy_identity_whitelist.go @@ -65,7 +65,7 @@ func (b *backend) tidyWhitelistIdentity(s logical.Storage, safety_buffer int) er return err } - if time.Now().UTC().After(result.ExpirationTime.Add(bufferDuration)) { + if time.Now().After(result.ExpirationTime.Add(bufferDuration)) { if err := s.Delete("whitelist/identity" + instanceID); err != nil { return fmt.Errorf("error deleting identity of instanceID %s from storage: %s", instanceID, err) } diff --git a/builtin/credential/aws-ec2/path_tidy_roletag_blacklist.go b/builtin/credential/aws-ec2/path_tidy_roletag_blacklist.go index 307cfdc7fe..d163968ddb 100644 --- a/builtin/credential/aws-ec2/path_tidy_roletag_blacklist.go +++ b/builtin/credential/aws-ec2/path_tidy_roletag_blacklist.go @@ -64,7 +64,7 @@ func (b *backend) tidyBlacklistRoleTag(s logical.Storage, safety_buffer int) err return err } - if time.Now().UTC().After(result.ExpirationTime.Add(bufferDuration)) { + if time.Now().After(result.ExpirationTime.Add(bufferDuration)) { if err := s.Delete("blacklist/roletag" + tag); err != nil { return fmt.Errorf("error deleting tag %s from storage: %s", tag, err) } diff --git a/builtin/logical/aws/secret_access_keys.go b/builtin/logical/aws/secret_access_keys.go index 0c8c3da8ab..ef2e52e5d9 100644 --- a/builtin/logical/aws/secret_access_keys.go +++ b/builtin/logical/aws/secret_access_keys.go @@ -60,12 +60,7 @@ func genUsername(displayName, policyName, userType string) (ret string, warning // with, so don't insert display name or policy name at all } - ret = fmt.Sprintf( - "vault-%s%d-%d", - midString, - time.Now().Unix(), - rand.Int31n(10000)) - + ret = fmt.Sprintf("vault-%s%d-%d", midString, time.Now().Unix(), rand.Int31n(10000)) return } diff --git a/builtin/logical/postgresql/path_role_create.go b/builtin/logical/postgresql/path_role_create.go index 60ef442a5a..c5538c732b 100644 --- a/builtin/logical/postgresql/path_role_create.go +++ b/builtin/logical/postgresql/path_role_create.go @@ -77,7 +77,7 @@ func (b *backend) pathRoleCreateRead( if err != nil { return nil, err } - expiration := time.Now().UTC(). + expiration := time.Now(). Add(lease.Lease). Format("2006-01-02 15:04:05-0700") diff --git a/http/sys_health_test.go b/http/sys_health_test.go index 452bd0cf1e..4447eb0c41 100644 --- a/http/sys_health_test.go +++ b/http/sys_health_test.go @@ -31,7 +31,7 @@ func TestSysHealth_get(t *testing.T) { testResponseBody(t, resp, &actual) expected["server_time_utc"] = actual["server_time_utc"] if !reflect.DeepEqual(actual, expected) { - t.Fatalf("bad: %#v", actual) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual) } core.Seal(root) @@ -51,7 +51,7 @@ func TestSysHealth_get(t *testing.T) { testResponseBody(t, resp, &actual) expected["server_time_utc"] = actual["server_time_utc"] if !reflect.DeepEqual(actual, expected) { - t.Fatalf("bad: %#v", actual) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual) } } @@ -80,7 +80,7 @@ func TestSysHealth_customcodes(t *testing.T) { expected["server_time_utc"] = actual["server_time_utc"] if !reflect.DeepEqual(actual, expected) { - t.Fatalf("bad: %#v", actual) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual) } core.Seal(root) @@ -104,7 +104,7 @@ func TestSysHealth_customcodes(t *testing.T) { testResponseBody(t, resp, &actual) expected["server_time_utc"] = actual["server_time_utc"] if !reflect.DeepEqual(actual, expected) { - t.Fatalf("bad: %#v", actual) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, actual) } } @@ -113,7 +113,7 @@ func TestSysHealth_head(t *testing.T) { ln, addr := TestServer(t, core) defer ln.Close() - testData := []struct{ + testData := []struct { uri string code int }{ diff --git a/logical/framework/backend.go b/logical/framework/backend.go index 9f274fd22d..a4f6dba2ee 100644 --- a/logical/framework/backend.go +++ b/logical/framework/backend.go @@ -450,9 +450,9 @@ func (b *Backend) handleWALRollback( if age == 0 { age = 10 * time.Minute } - minAge := time.Now().UTC().Add(-1 * age) + minAge := time.Now().Add(-1 * age) if _, ok := req.Data["immediate"]; ok { - minAge = time.Now().UTC().Add(1000 * time.Hour) + minAge = time.Now().Add(1000 * time.Hour) } for _, k := range keys { diff --git a/logical/framework/backend_test.go b/logical/framework/backend_test.go index a3b34d7ca3..d777ecda8a 100644 --- a/logical/framework/backend_test.go +++ b/logical/framework/backend_test.go @@ -263,7 +263,7 @@ func TestBackendHandleRequest_renewExtend(t *testing.T) { } req := logical.RenewRequest("/foo", secret.Response(nil, nil).Secret, nil) - req.Secret.IssueTime = time.Now().UTC() + req.Secret.IssueTime = time.Now() req.Secret.Increment = 1 * time.Hour resp, err := b.HandleRequest(req) if err != nil { diff --git a/logical/framework/lease.go b/logical/framework/lease.go index 3e5ebe154d..4fd2ac902c 100644 --- a/logical/framework/lease.go +++ b/logical/framework/lease.go @@ -45,10 +45,10 @@ func LeaseExtend(backendIncrement, backendMax time.Duration, systemView logical. } // We cannot go past this time - maxValidTime := leaseOpts.IssueTime.UTC().Add(max) + maxValidTime := leaseOpts.IssueTime.Add(max) // Get the current time - now := time.Now().UTC() + now := time.Now() // If we are past the max TTL, we shouldn't be in this function...but // fast path out if we are diff --git a/logical/framework/lease_test.go b/logical/framework/lease_test.go index 0ab036a61a..b45b9c7164 100644 --- a/logical/framework/lease_test.go +++ b/logical/framework/lease_test.go @@ -14,7 +14,7 @@ func TestLeaseExtend(t *testing.T) { MaxLeaseTTLVal: 30 * time.Hour, } - now := time.Now().UTC().Round(time.Hour) + now := time.Now().Round(time.Hour) cases := map[string]struct { BackendDefault time.Duration diff --git a/logical/lease.go b/logical/lease.go index 871954457d..ed0b26b51c 100644 --- a/logical/lease.go +++ b/logical/lease.go @@ -20,7 +20,7 @@ type LeaseOptions struct { // IssueTime is the time of issue for the original lease. This is // only available on a Renew operation and has no effect when returning // a response. It can be used to enforce maximum lease periods by - // a logical backend. This time will always be in UTC. + // a logical backend. IssueTime time.Time `json:"-"` } @@ -42,7 +42,7 @@ func (l *LeaseOptions) LeaseTotal() time.Duration { func (l *LeaseOptions) ExpirationTime() time.Time { var expireTime time.Time if l.LeaseEnabled() { - expireTime = time.Now().UTC().Add(l.LeaseTotal()) + expireTime = time.Now().Add(l.LeaseTotal()) } return expireTime } diff --git a/logical/lease_test.go b/logical/lease_test.go index 9b9ec6a56b..050b7db8e9 100644 --- a/logical/lease_test.go +++ b/logical/lease_test.go @@ -41,7 +41,7 @@ func TestLeaseOptionsExpirationTime(t *testing.T) { var l LeaseOptions l.TTL = 1 * time.Hour - limit := time.Now().UTC().Add(time.Hour) + limit := time.Now().Add(time.Hour) exp := l.ExpirationTime() if exp.Before(limit) { t.Fatalf("bad: %s", exp) diff --git a/vault/expiration.go b/vault/expiration.go index 883fca4fef..0632e67117 100644 --- a/vault/expiration.go +++ b/vault/expiration.go @@ -141,7 +141,7 @@ func (m *ExpirationManager) Restore() error { } // Determine the remaining time to expiration - expires := le.ExpireTime.Sub(time.Now().UTC()) + expires := le.ExpireTime.Sub(time.Now()) if expires <= 0 { expires = minRevokeDelay } @@ -334,7 +334,7 @@ func (m *ExpirationManager) Renew(leaseID string, increment time.Duration) (*log le.Data = resp.Data le.Secret = resp.Secret le.ExpireTime = resp.Secret.ExpirationTime() - le.LastRenewalTime = time.Now().UTC() + le.LastRenewalTime = time.Now() if err := m.persistEntry(le); err != nil { return nil, err } @@ -395,7 +395,7 @@ func (m *ExpirationManager) RenewToken(req *logical.Request, source string, toke // Update the lease entry le.Auth = resp.Auth le.ExpireTime = resp.Auth.ExpirationTime() - le.LastRenewalTime = time.Now().UTC() + le.LastRenewalTime = time.Now() if err := m.persistEntry(le); err != nil { return nil, err } @@ -433,7 +433,7 @@ func (m *ExpirationManager) Register(req *logical.Request, resp *logical.Respons Path: req.Path, Data: resp.Data, Secret: resp.Secret, - IssueTime: time.Now().UTC(), + IssueTime: time.Now(), ExpireTime: resp.Secret.ExpirationTime(), } @@ -466,7 +466,7 @@ func (m *ExpirationManager) RegisterAuth(source string, auth *logical.Auth) erro ClientToken: auth.ClientToken, Auth: auth, Path: source, - IssueTime: time.Now().UTC(), + IssueTime: time.Now(), ExpireTime: auth.ExpirationTime(), } @@ -762,7 +762,7 @@ func (le *leaseEntry) renewable() error { } // Determine if the lease is expired - if le.ExpireTime.Before(time.Now().UTC()) { + if le.ExpireTime.Before(time.Now()) { return fmt.Errorf("lease expired") } diff --git a/vault/expiration_test.go b/vault/expiration_test.go index 1384da0195..32be9bb104 100644 --- a/vault/expiration_test.go +++ b/vault/expiration_test.go @@ -906,9 +906,9 @@ func TestExpiration_PersistLoadDelete(t *testing.T) { TTL: time.Minute, }, }, - IssueTime: time.Now().UTC(), - ExpireTime: time.Now().UTC(), - LastRenewalTime: time.Time{}.UTC(), + IssueTime: time.Now(), + ExpireTime: time.Now(), + LastRenewalTime: time.Time{}, } if err := exp.persistEntry(le); err != nil { t.Fatalf("err: %v", err) @@ -918,8 +918,9 @@ func TestExpiration_PersistLoadDelete(t *testing.T) { if err != nil { t.Fatalf("err: %v", err) } + le.LastRenewalTime = out.LastRenewalTime if !reflect.DeepEqual(out, le) { - t.Fatalf("\nout: %#v\nexpect: %#v\n", out, le) + t.Fatalf("bad: expected:%#v\nactual:%#v", le, out) } err = exp.deleteEntry("foo/bar/1234") @@ -948,8 +949,8 @@ func TestLeaseEntry(t *testing.T) { TTL: time.Minute, }, }, - IssueTime: time.Now().UTC(), - ExpireTime: time.Now().UTC(), + IssueTime: time.Now(), + ExpireTime: time.Now(), } enc, err := le.encode() diff --git a/vault/keyring_test.go b/vault/keyring_test.go index e7b369e4ab..5fc482797f 100644 --- a/vault/keyring_test.go +++ b/vault/keyring_test.go @@ -140,8 +140,8 @@ func TestKeyring_Serialize(t *testing.T) { testKey := []byte("testing") testSecond := []byte("second") - k, _ = k.AddKey(&Key{Term: 1, Version: 1, Value: testKey, InstallTime: time.Now().UTC()}) - k, _ = k.AddKey(&Key{Term: 2, Version: 1, Value: testSecond, InstallTime: time.Now().UTC()}) + k, _ = k.AddKey(&Key{Term: 1, Version: 1, Value: testKey, InstallTime: time.Now()}) + k, _ = k.AddKey(&Key{Term: 2, Version: 1, Value: testSecond, InstallTime: time.Now()}) buf, err := k.Serialize() if err != nil { @@ -177,7 +177,7 @@ func TestKey_Serialize(t *testing.T) { Term: 10, Version: 1, Value: []byte("foobarbaz"), - InstallTime: time.Now().UTC(), + InstallTime: time.Now(), } buf, err := k.Serialize() diff --git a/vault/token_store.go b/vault/token_store.go index 685285a92d..cc3da59ece 100644 --- a/vault/token_store.go +++ b/vault/token_store.go @@ -414,18 +414,41 @@ func NewTokenStore(c *Core, config *logical.BackendConfig) (*TokenStore, error) // TokenEntry is used to represent a given token type TokenEntry struct { - ID string // ID of this entry, generally a random UUID - Accessor string // Accessor for this token, a random UUID - Parent string // Parent token, used for revocation trees - Policies []string // Which named policies should be used - Path string // Used for audit trails, this is something like "auth/user/login" - Meta map[string]string // Used for auditing. This could include things like "source", "user", "ip" - DisplayName string // Used for operators to be able to associate with the source - NumUses int // Used to restrict the number of uses (zero is unlimited). This is to support one-time-tokens (generalized). - CreationTime int64 // Time of token creation - TTL time.Duration // Duration set when token was created - ExplicitMaxTTL time.Duration // Explicit maximum TTL on the token - Role string // If set, the role that was used for parameters at creation time + // ID of this entry, generally a random UUID + ID string `json:"id" mapstructure:"id" structs:"id"` + + // Accessor for this token, a random UUID + Accessor string `json:"accessor" mapstructure:"accessor" structs:"accessor"` + + // Parent token, used for revocation trees + Parent string `json:"parent" mapstructure:"parent" structs:"parent"` + + // Which named policies should be used + Policies []string `json:"policies" mapstructure:"policies" structs:"policies"` + + // Used for audit trails, this is something like "auth/user/login" + Path string `json:"path" mapstructure:"path" structs:"path"` + + // Used for auditing. This could include things like "source", "user", "ip" + Meta map[string]string `json:"meta" mapstructure:"meta" structs:"meta"` + + // Used for operators to be able to associate with the source + DisplayName string `json:"display_name" mapstructure:"display_name" structs:"display_name"` + + // Used to restrict the number of uses (zero is unlimited). This is to support one-time-tokens (generalized). + NumUses int `json:"num_uses" mapstructure:"num_uses" structs:"num_uses"` + + // Time of token creation + CreationTime int64 `json:"creation_time" mapstructure:"creation_time" structs:"creation_time"` + + // Duration set when token was created + TTL time.Duration `json:"ttl" mapstructure:"ttl" structs:"ttl"` + + // Explicit maximum TTL on the token + ExplicitMaxTTL time.Duration `json:"" mapstructure:"" structs:""` + + // If set, the role that was used for parameters at creation time + Role string `json:"role" mapstructure:"role" structs:"role"` } // tsRoleEntry contains token store role information diff --git a/vault/token_store_test.go b/vault/token_store_test.go index 0c093fdf62..dfab0b0d1a 100644 --- a/vault/token_store_test.go +++ b/vault/token_store_test.go @@ -156,7 +156,7 @@ func TestTokenStore_RootToken(t *testing.T) { t.Fatalf("err: %v", err) } if !reflect.DeepEqual(out, te) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", te, out) } } @@ -176,7 +176,7 @@ func TestTokenStore_CreateLookup(t *testing.T) { t.Fatalf("err: %v", err) } if !reflect.DeepEqual(out, ent) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out) } // New store should share the salt @@ -191,7 +191,7 @@ func TestTokenStore_CreateLookup(t *testing.T) { t.Fatalf("err: %v", err) } if !reflect.DeepEqual(out, ent) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out) } } @@ -207,7 +207,7 @@ func TestTokenStore_CreateLookup_ProvidedID(t *testing.T) { t.Fatalf("err: %v", err) } if ent.ID != "foobarbaz" { - t.Fatalf("bad: %#v", ent) + t.Fatalf("bad: ent.ID: expected:\"foobarbaz\"\n actual:%s", ent.ID) } out, err := ts.Lookup(ent.ID) @@ -215,7 +215,7 @@ func TestTokenStore_CreateLookup_ProvidedID(t *testing.T) { t.Fatalf("err: %v", err) } if !reflect.DeepEqual(out, ent) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out) } // New store should share the salt @@ -230,7 +230,7 @@ func TestTokenStore_CreateLookup_ProvidedID(t *testing.T) { t.Fatalf("err: %v", err) } if !reflect.DeepEqual(out, ent) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", ent, out) } } @@ -259,7 +259,7 @@ func TestTokenStore_UseToken(t *testing.T) { } if !reflect.DeepEqual(ent, ent2) { - t.Fatalf("bad: %#v %#v", ent, ent2) + t.Fatalf("bad: ent:%#v ent2:%#v", ent, ent2) } // Create a retstricted token @@ -412,7 +412,7 @@ func TestTokenStore_Revoke_Orphan(t *testing.T) { t.Fatalf("err: %v", err) } if !reflect.DeepEqual(out, ent2) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", ent2, out) } } @@ -530,7 +530,7 @@ func TestTokenStore_HandleRequest_CreateToken_DisplayName(t *testing.T) { } expected.CreationTime = out.CreationTime if !reflect.DeepEqual(out, expected) { - t.Fatalf("bad:\ngot:\n%#v\nexpected:\n%#v\n", out, expected) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, out) } } @@ -562,7 +562,7 @@ func TestTokenStore_HandleRequest_CreateToken_NumUses(t *testing.T) { } expected.CreationTime = out.CreationTime if !reflect.DeepEqual(out, expected) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, out) } } @@ -625,7 +625,7 @@ func TestTokenStore_HandleRequest_CreateToken_NoPolicy(t *testing.T) { } expected.CreationTime = out.CreationTime if !reflect.DeepEqual(out, expected) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, out) } } @@ -812,7 +812,7 @@ func TestTokenStore_HandleRequest_CreateToken_Metadata(t *testing.T) { out, _ := ts.Lookup(resp.Auth.ClientToken) if !reflect.DeepEqual(out.Meta, meta) { - t.Fatalf("bad: %#v", out) + t.Fatalf("bad: expected:%#v\nactual:%#v", meta, out.Meta) } } @@ -988,7 +988,7 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) { delete(resp.Data, "creation_time") if !reflect.DeepEqual(resp.Data, exp) { - t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp) + t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data) } testCoreMakeToken(t, c, root, "client", "3600s", []string{"foo"}) @@ -1030,7 +1030,7 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) { } if !reflect.DeepEqual(resp.Data, exp) { - t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp) + t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data) } // Test via POST @@ -1073,7 +1073,7 @@ func TestTokenStore_HandleRequest_Lookup(t *testing.T) { } if !reflect.DeepEqual(resp.Data, exp) { - t.Fatalf("bad:\n%#v\nexp:\n%#v\n", resp.Data, exp) + t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data) } // Test last_renewal_time functionality @@ -1133,7 +1133,7 @@ func TestTokenStore_HandleRequest_LookupSelf(t *testing.T) { delete(resp.Data, "creation_time") if !reflect.DeepEqual(resp.Data, exp) { - t.Fatalf("bad:\ngot %#v\nexpected: %#v\n", resp.Data, exp) + t.Fatalf("bad: expected:%#v\nactual:%#v", exp, resp.Data) } } @@ -1163,7 +1163,7 @@ func TestTokenStore_HandleRequest_Renew(t *testing.T) { // Get the original expire time to compare originalExpire := auth.ExpirationTime() - beforeRenew := time.Now().UTC() + beforeRenew := time.Now() req := logical.TestRequest(t, logical.UpdateOperation, "renew/"+root.ID) req.Data["increment"] = "3600s" resp, err := ts.HandleRequest(req) @@ -1207,7 +1207,7 @@ func TestTokenStore_HandleRequest_RenewSelf(t *testing.T) { // Get the original expire time to compare originalExpire := auth.ExpirationTime() - beforeRenew := time.Now().UTC() + beforeRenew := time.Now() req := logical.TestRequest(t, logical.UpdateOperation, "renew-self") req.ClientToken = auth.ClientToken req.Data["increment"] = "3600s" @@ -1279,7 +1279,7 @@ func TestTokenStore_RoleCRUD(t *testing.T) { } if !reflect.DeepEqual(expected, resp.Data) { - t.Fatalf("expected:\n%v\nactual:\n%v\n", expected, resp.Data) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, resp.Data) } // Now test updating; this should be set to an UpdateOperation @@ -1322,7 +1322,7 @@ func TestTokenStore_RoleCRUD(t *testing.T) { } if !reflect.DeepEqual(expected, resp.Data) { - t.Fatalf("expected:\n%v\nactual:\n%v\n", expected, resp.Data) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, resp.Data) } // Now test setting explicit max ttl at the same time as period, which @@ -1370,7 +1370,7 @@ func TestTokenStore_RoleCRUD(t *testing.T) { } if !reflect.DeepEqual(expected, resp.Data) { - t.Fatalf("expected:\n%v\nactual:\n%v\n", expected, resp.Data) + t.Fatalf("bad: expected:%#v\nactual:%#v", expected, resp.Data) } req.Operation = logical.ListOperation