Token renewall in the Broker seems not working well. #29
Description
Reproducible on :
- v0.2.0
- v0.2.1
Current behaviour:
The broker that renew the token every 30 minutes after a service binding on cloudfoundry seems not working using the endpoint :
- https://(HOST)/v1/auth/token/renew/(TOKEN)
In fact, we got a 404 not found as bellow :
2019-09-02 12:11:18.412697371 +000 UTC /var/vcap/packages/vault-broker/bin/vault-broker: INFO: [request /v1/auth/token/renew/6d791b66-2ea5-4417-b8b1-4837b883d211] using vault at https://(HOST)
2019-09-02 12:11:18.448201089 +000 UTC /var/vcap/packages/vault-broker/bin/vault-broker: ERROR: [renew 6d791b66-2ea5-4417-b8b1-4837b883d211] error: received 404 Not Found from Vault
However, using a curl request manually, all seems working fine :
curl -H "X-Vault-Token: <root_token>" --data @payload.json https://(HOST)/v1/auth/token/renew | jq .
## Content of payload.json
#{
# "token": "6d791b66-2ea5-4417-b8b1-4837b883d211"
#}
{
"request_id": "77c077e4-7342-72cb-52e9-00be0e68ad7c",
"lease_id": "",
"renewable": false,
"lease_duration": 0,
"data": null,
"wrap_info": null,
"warnings": [
"TTL of \"763h40m14s\" exceeded the effective max_ttl of \"763h40m11s\"; TTL value is capped accordingly"
],
"auth": {
"client_token": "6d791b66-2ea5-4417-b8b1-4837b883d211",
"accessor": "HejkcQ4if2QxuUGcwkc28YRb",
"policies": [
"d1c19a12-2dc5-4de5-a403-2d03821fa27c"
],
"token_policies": [
"d1c19a12-2dc5-4de5-a403-2d03821fa27c"
],
"metadata": null,
"lease_duration": 2749211,
"renewable": true,
"entity_id": "",
"token_type": "service"
}
Expected behaviour:
The broker must be able to renew the token properly.