Backport of Add tests for PKI endpoint authentication via OpenAPI int…

…o release/1.13.x (hashicorp#19713) * Split (un,)authenticated issuer fetch endpoints Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Allow unauthed per-issuer unified-crl access Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> * Add tests to validate endpoint authentication status Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> --------- Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com> Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
fopina · Mar 23, 2023 · cf51afa · cf51afa
1 parent 487fd7e
commit cf51afa
Show file tree

Hide file tree

Showing 3 changed files with 461 additions and 2 deletions.
diff --git a/builtin/logical/pki/backend.go b/builtin/logical/pki/backend.go
@@ -92,6 +92,12 @@ func Backend(conf *logical.BackendConfig) *backend {
 				"issuer/+/crl/delta/der",
 				"issuer/+/crl/delta/pem",
 				"issuer/+/crl/delta",
+				"issuer/+/unified-crl/der",
+				"issuer/+/unified-crl/pem",
+				"issuer/+/unified-crl",
+				"issuer/+/unified-crl/delta/der",
+				"issuer/+/unified-crl/delta/pem",
+				"issuer/+/unified-crl/delta",
 				"issuer/+/pem",
 				"issuer/+/der",
 				"issuer/+/json",
@@ -162,6 +168,7 @@ func Backend(conf *logical.BackendConfig) *backend {
 			// Issuer APIs
 			pathListIssuers(&b),
 			pathGetIssuer(&b),
+			pathGetUnauthedIssuer(&b),
 			pathGetIssuerCRL(&b),
 			pathImportIssuer(&b),
 			pathIssuerIssue(&b),