#!/usr/bin/env bash set -e # Detect OS and handle accordingly if [[ "$OSTYPE" == "darwin"* ]]; then # macOS export VAULT_ADDR="http://127.0.0.1:8200" VAULT_PID_FILE="/tmp/vault.pid" elif [[ "$OSTYPE" == "linux-gnu"* ]]; then # Linux export VAULT_ADDR="http://127.0.0.1:8200" VAULT_PID_FILE="/tmp/vault.pid" else # Windows or other export VAULT_ADDR="http://127.0.0.1:8200" VAULT_PID_FILE="./vault.pid" fi # Use a fixed port for the API to make debugging easier API_PORT=3456 API_URL="http://localhost:$API_PORT" # Error handling function handle_error() { echo "Error encountered, showing logs:" if [ -f "./api_server.log" ]; then echo "=== API Server Log ===" cat ./api_server.log echo "======================" fi if [ -f "./vault_server.log" ]; then echo "=== Vault Server Log ===" tail -n 100 ./vault_server.log echo "=======================" fi # Call cleanup cleanup exit 1 } # Function to cleanup on exit cleanup() { echo "Cleaning up resources..." if [ -n "$SERVER_PID" ]; then echo "Stopping server process ($SERVER_PID)..." kill -9 $SERVER_PID 2>/dev/null || true fi if [ -f "$VAULT_PID_FILE" ]; then VAULT_PID=$(cat "$VAULT_PID_FILE") echo "Stopping vault process ($VAULT_PID)..." kill -9 $VAULT_PID 2>/dev/null || true rm -f "$VAULT_PID_FILE" fi killall vault-hier rm -f test_document.txt rm -rf /tmp/vault-test # We'll keep the logs for inspection # rm -f ./vault_server.log # rm -f ./api_server.log echo "Cleanup complete." } # Set trap for errors and interrupts trap handle_error ERR trap cleanup EXIT # Check if Vault is installed if ! command -v vault &> /dev/null; then echo "Vault is not installed. Please install it first." exit 1 fi # Check if there's already a Vault process running if [ -f "$VAULT_PID_FILE" ]; then VAULT_PID=$(cat "$VAULT_PID_FILE") if ps -p $VAULT_PID > /dev/null; then echo "Vault is already running with PID $VAULT_PID" echo "Stopping the existing Vault server..." kill -9 $VAULT_PID rm "$VAULT_PID_FILE" # Wait for the port to be released sleep 2 else echo "Vault PID file exists but the process is not running. Removing stale PID file." rm "$VAULT_PID_FILE" fi fi echo "Starting Vault server in non-dev mode..." # Create temporary config file rm -fr /tmp/vault-test/data /tmp/vault-test/config mkdir -p /tmp/vault-test/data /tmp/vault-test/config cat > /tmp/vault-test/config/vault.hcl << EOF storage "file" { path = "/tmp/vault-test/data" } listener "tcp" { address = "127.0.0.1:8200" tls_disable = "true" } disable_mlock = true ui = false EOF vault server -config=/tmp/vault-test/config/vault.hcl > ./vault_server.log 2>&1 & VAULT_PID=$! echo $VAULT_PID > "$VAULT_PID_FILE" echo "Vault server started with PID $VAULT_PID" echo "Vault server is running at $VAULT_ADDR" # Wait for Vault to start echo "Waiting for Vault to start..." sleep 5 # Check if Vault is up and running for i in {1..10}; do if wget -q -O- --no-check-certificate http://127.0.0.1:8200/v1/sys/health?standbyok=true\\&sealedok=true\\&uninitok=true > /dev/null 2>&1; then echo "Vault is up and running!" break fi if [ $i -eq 10 ]; then echo "Timed out waiting for Vault to become available" exit 1 fi echo "Vault is unavailable - sleeping (attempt $i/10)" sleep 2 done # Build and run the Rust application with the server command echo "Building and running the vault-hier server..." echo "Using API port: $API_PORT" cargo build && cargo run server --vault-addr "$VAULT_ADDR" --api-port $API_PORT > ./api_server.log 2>&1 & SERVER_PID=$! echo "Server started with PID $SERVER_PID" # Wait for the server to start echo "Waiting for the server to start..." sleep 10 # Increased wait time to ensure server is ready # Test the server with some client operations echo "Testing the client operations..." # Create a sample file for testing echo "Creating a sample file for testing..." echo "This is a test document" > test_document.txt # Test login with legal1 user echo "Testing login with legal1 user..." LOGIN_OUTPUT=$(cargo run login --username legal1 --password legal1pass --api-url "$API_URL") echo "$LOGIN_OUTPUT" LEGAL_TOKEN=$(echo "$LOGIN_OUTPUT" | grep "Token:" | awk '{print $2}' | tr -d '"') if [ -z "$LEGAL_TOKEN" ]; then echo "Login failed for legal1. Could not get token." handle_error fi echo "Login successful for legal1, got token: ${LEGAL_TOKEN:0:8}..." # Test upload document echo "Testing document upload..." UPLOAD_OUTPUT=$(cargo run upload --name "Test Document" --file test_document.txt --api-url "$API_URL") echo "$UPLOAD_OUTPUT" DOC_ID=$(echo "$UPLOAD_OUTPUT" | grep "Document ID:" | awk '{print $3}' | tr -d '"') if [ -z "$DOC_ID" ]; then echo "Upload failed. Could not get document ID." handle_error fi echo "Upload successful, got document ID: $DOC_ID" # Test using direct curl with the legal token echo "Testing document signing with legal token via curl..." echo "Using token: $LEGAL_TOKEN" SIGN_OUTPUT=$(curl -s -X POST "$API_URL/api/documents/$DOC_ID/sign" \ -H "Content-Type: application/json" \ -d "{\"username\":\"legal1\",\"token\":\"$LEGAL_TOKEN\"}") echo "$SIGN_OUTPUT" if echo "$SIGN_OUTPUT" | grep -q "signatures"; then echo "Document signed successfully" else echo "Signing failed with curl. Trying with finance user..." # Try with finance user echo "Testing login with finance1 user..." LOGIN_OUTPUT=$(cargo run login --username finance1 --password finance1pass --api-url "$API_URL") echo "$LOGIN_OUTPUT" FINANCE_TOKEN=$(echo "$LOGIN_OUTPUT" | grep "Token:" | awk '{print $2}' | tr -d '"') if [ -z "$FINANCE_TOKEN" ]; then echo "Login failed for finance1. Could not get token." handle_error fi echo "Login successful for finance1, got token: ${FINANCE_TOKEN:0:8}..." echo "Testing document signing with finance token via curl..." SIGN_OUTPUT=$(curl -s -X POST "$API_URL/api/documents/$DOC_ID/sign" \ -H "Content-Type: application/json" \ -d "{\"username\":\"finance1\",\"token\":\"$FINANCE_TOKEN\"}") echo "$SIGN_OUTPUT" if ! echo "$SIGN_OUTPUT" | grep -q "signatures"; then echo "Signing failed with both legal and finance users. Skipping rest of test." handle_error fi fi # Test verification echo "Testing document verification..." VERIFY_OUTPUT=$(cargo run verify --document-id "$DOC_ID" --api-url "$API_URL") echo "$VERIFY_OUTPUT" if echo "$VERIFY_OUTPUT" | grep -q "Verification result"; then echo "Verification successful" else echo "Verification failed" handle_error fi # Test getting document details echo "Testing get document details..." GET_OUTPUT=$(cargo run get --document-id "$DOC_ID" --api-url "$API_URL") echo "$GET_OUTPUT" if echo "$GET_OUTPUT" | grep -q "Document details"; then echo "Get document successful" else echo "Get document failed" handle_error fi # Check if the credentials file was created if [ -f "vault-credentials.txt" ] || [ -f "vault-credentials.json" ]; then echo "Test successful! Credentials were saved" if [ -f "vault-credentials.txt" ]; then # Extract the unseal keys for demonstration UNSEAL_KEYS=$(grep "Key" vault-credentials.txt | head -n 3 | awk '{print $3}') ROOT_TOKEN=$(grep "Root Token" vault-credentials.txt | awk '{print $3}') echo "Root Token: $ROOT_TOKEN" echo "First 3 Unseal Keys (needed for threshold):" echo "$UNSEAL_KEYS" fi fi echo -e "\nTest complete! All tests passed."