MB-68154: Fix auditing of JWT settings

JWT settings are stored in Erlang maps.
They are JSON-encoded using jiffy (which can handle maps).
However, they were passed as Erlang maps to ns_audit.
ns_audit uses ejson for encoding and can't handle Erlang maps.
Pass the jiffy-encoded JSON settings directly to ns_audit.

Enable auditing in jwt_tests to exercise this path.

Change-Id: I43af8f03f5c0850046810b5d3ce26cc21941b02a
Reviewed-on: https://review.couchbase.org/c/ns_server/+/232478
Tested-by: Neelima Premsankar <[email protected]>
Well-Formed: Build Bot <[email protected]>
Reviewed-by: Peter Searby <[email protected]>

Author: neelima32

apps/ns_server/src/menelaus_web_jwt.erl

@@ -464,7 +464,8 @@ validate_and_store_settings(Props, Req) ->
         {ok, _} ->
             RestFormat = storage_to_rest_format(Settings),
             EncodedSettings = encode_response(RestFormat),
-            ns_audit:settings(Req, modify_jwt, [{jwt_settings, RestFormat}]),
+            ns_audit:settings(Req, modify_jwt, [{jwt_settings,
+                                                 {json, EncodedSettings}}]),
             _ = sync_with_node(),
             menelaus_util:reply(Req, EncodedSettings, 200,
                                 [{"Content-Type", "application/json"}]);

cluster_tests/testsets/jwt_tests.py

@@ -117,6 +117,10 @@ def setup(self):
         testlib.set_config_key(self.cluster,
                                 "{jwt_cache, jwks_cooldown_interval_ms}",
                                 1000)
+
+        audit_payload = {"auditdEnabled": "true"}
+        testlib.post_succ(self.cluster, "/settings/audit", data=audit_payload)
+
         # Disabled by default
         testlib.get_fail(self.cluster, self.endpoint, expected_code=404)
 
@@ -129,6 +133,9 @@ def teardown(self):
         testlib.delete_succ(self.cluster, self.endpoint)
         testlib.get_fail(self.cluster, self.endpoint, expected_code=404)
 
+        audit_payload = {"auditdEnabled": "false"}
+        testlib.post_succ(self.cluster, "/settings/audit", data=audit_payload)
+
         # Clean up all test users
         for username in self.external_users:
             testlib.delete_succ(