From d19d53d47c8d5ef0754e1f5520758daa7be0a40e Mon Sep 17 00:00:00 2001
From: Nick Cabatoff <ncabatoff@hashicorp.com>
Date: Thu, 1 Aug 2019 11:24:02 -0400
Subject: [PATCH 1/3] Handle TokenType serialized as string or as uint8.

---
 sdk/logical/token.go | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/sdk/logical/token.go b/sdk/logical/token.go
index 242885e1ffc2..d483386cecec 100644
--- a/sdk/logical/token.go
+++ b/sdk/logical/token.go
@@ -1,6 +1,7 @@
 package logical
 
 import (
+	"fmt"
 	"time"
 
 	sockaddr "github.com/hashicorp/go-sockaddr"
@@ -28,6 +29,27 @@ const (
 	TokenTypeDefaultBatch
 )
 
+func (t *TokenType) UnmarshalJSON(b []byte) error {
+	if len(b) == 1 {
+		*t = TokenType(b[0])
+		return nil
+	}
+
+	// Handle upgrade from pre-1.2 where we were serialized as string:
+	s := string(b)
+	switch s {
+	case `"default"`:
+		*t = TokenTypeDefault
+	case `"service"`:
+		*t = TokenTypeService
+	case `"batch"`:
+		*t = TokenTypeBatch
+	default:
+		return fmt.Errorf("Unknown token type %q", s)
+	}
+	return nil
+}
+
 func (t TokenType) String() string {
 	switch t {
 	case TokenTypeDefault:

From 694f9b39564aac72662b6d4928082db07b2d37aa Mon Sep 17 00:00:00 2001
From: Nick Cabatoff <ncabatoff@hashicorp.com>
Date: Thu, 1 Aug 2019 11:32:03 -0400
Subject: [PATCH 2/3] Make test validate approle upgrade with token_type.

---
 builtin/credential/approle/path_role_test.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/builtin/credential/approle/path_role_test.go b/builtin/credential/approle/path_role_test.go
index 24ce69211e51..d2c35c21afc6 100644
--- a/builtin/credential/approle/path_role_test.go
+++ b/builtin/credential/approle/path_role_test.go
@@ -1864,7 +1864,7 @@ func TestAppRole_TokenutilUpgrade(t *testing.T) {
 	// Hand craft JSON because there is overlap between fields
 	if err := s.Put(ctx, &logical.StorageEntry{
 		Key:   "role/foo",
-		Value: []byte(`{"policies": ["foo"], "period": 300000000000, "token_bound_cidrs": ["127.0.0.1", "10.10.10.10/24"]}`),
+		Value: []byte(`{"policies": ["foo"], "period": 300000000000, "token_bound_cidrs": ["127.0.0.1", "10.10.10.10/24"], "token_type": "service"}`),
 	}); err != nil {
 		t.Fatal(err)
 	}
@@ -1882,6 +1882,7 @@ func TestAppRole_TokenutilUpgrade(t *testing.T) {
 			TokenPolicies:   []string{"foo"},
 			TokenPeriod:     300 * time.Second,
 			TokenBoundCIDRs: []*sockaddr.SockAddrMarshaler{&sockaddr.SockAddrMarshaler{SockAddr: sockaddr.MustIPAddr("127.0.0.1")}, &sockaddr.SockAddrMarshaler{SockAddr: sockaddr.MustIPAddr("10.10.10.10/24")}},
+			TokenType:       logical.TokenTypeService,
 		},
 	}
 	if diff := deep.Equal(fooEntry, exp); diff != nil {

From 6c4b1ecafa42583001b5c0b8d52b3aaec4de89d8 Mon Sep 17 00:00:00 2001
From: Nick Cabatoff <ncabatoff@hashicorp.com>
Date: Thu, 1 Aug 2019 12:14:26 -0400
Subject: [PATCH 3/3] Handle missing cases.  Fix bug in uint8 unmarshaling. 
 Add test.

---
 sdk/logical/token.go      |  8 ++++++--
 sdk/logical/token_test.go | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 sdk/logical/token_test.go

diff --git a/sdk/logical/token.go b/sdk/logical/token.go
index d483386cecec..3646fee5388a 100644
--- a/sdk/logical/token.go
+++ b/sdk/logical/token.go
@@ -31,7 +31,7 @@ const (
 
 func (t *TokenType) UnmarshalJSON(b []byte) error {
 	if len(b) == 1 {
-		*t = TokenType(b[0])
+		*t = TokenType(b[0] - '0')
 		return nil
 	}
 
@@ -44,8 +44,12 @@ func (t *TokenType) UnmarshalJSON(b []byte) error {
 		*t = TokenTypeService
 	case `"batch"`:
 		*t = TokenTypeBatch
+	case `"default-service"`:
+		*t = TokenTypeDefaultService
+	case `"default-batch"`:
+		*t = TokenTypeDefaultBatch
 	default:
-		return fmt.Errorf("Unknown token type %q", s)
+		return fmt.Errorf("unknown token type %q", s)
 	}
 	return nil
 }
diff --git a/sdk/logical/token_test.go b/sdk/logical/token_test.go
new file mode 100644
index 000000000000..412a7d4abfd4
--- /dev/null
+++ b/sdk/logical/token_test.go
@@ -0,0 +1,33 @@
+package logical
+
+import (
+	"encoding/json"
+	"testing"
+)
+
+func TestJSONSerialization(t *testing.T) {
+	tt := TokenTypeDefaultBatch
+	s, err := json.Marshal(tt)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	var utt TokenType
+	err = json.Unmarshal(s, &utt)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if tt != utt {
+		t.Fatalf("expected %v, got %v", tt, utt)
+	}
+
+	utt = TokenTypeDefault
+	err = json.Unmarshal([]byte(`"default-batch"`), &utt)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if tt != utt {
+		t.Fatalf("expected %v, got %v", tt, utt)
+	}
+}