diff options
author | Lars Wirzenius <liw@liw.fi> | 2017-07-31 14:38:01 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2017-07-31 14:38:01 +0300 |
commit | 88ab1558b35792349f64116a99e1796d40d2c9aa (patch) | |
tree | bde41bf2efc544728ecdc625e28e7de121afeca1 /apifw.yarn | |
download | apifw-88ab1558b35792349f64116a99e1796d40d2c9aa.tar.gz |
Add: initial commit
This version has already been seen working so it might work for you.
Diffstat (limited to 'apifw.yarn')
-rw-r--r-- | apifw.yarn | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/apifw.yarn b/apifw.yarn new file mode 100644 index 0000000..322430d --- /dev/null +++ b/apifw.yarn @@ -0,0 +1,113 @@ +--- +title: apifw integration tests +... + + +# Introduction + +This is an integration test suite for the Python `apifw` module, using +`yarn`. It starts a little test application, `apitest.py` using +`gunicorn3` and verifies that it can do HTTP requests to it. It then +kills the test application. Very simple, but it makes sure the +interaction between `gunicorn3`, `bottle.py`, and the `apifw` module +works correctly. + +`apifw` is short for "application programming interface framework". +It's a silly name. Please suggest something better. + + +# Basic scenario + + + SCENARIO runs apitest OK + + GIVEN a running apitest using gunicorn3 + + WHEN client requests GET /version without token + THEN HTTP status code is 401 Unauthorized + AND response has header WWW-Authenticate containing "Bearer" + + WHEN client gets an authorization token with scope "no_version_scope" + AND client requests GET /version using token + THEN HTTP status code is 401 Unauthorized + AND response has header WWW-Authenticate containing "Bearer" + + WHEN client gets an authorization token with scope "uapi_version_get" + AND client requests GET /version using token + THEN HTTP status code is 200 OK + AND HTTP body is "version: 4.2" + + WHEN client gets an authorization token with scope "uapi_upload_put" + AND client uploads a fake jpg + THEN HTTP status code is 200 OK + AND HTTP body is "thank you for fake jpg" + + FINALLY stop apitest + + +# Step implementations + + IMPLEMENTS GIVEN a running apitest using gunicorn3 + # Set the "aud" field for access tokens. + export APITEST_AUD=test-audience + echo "$APITEST_AUD" > "$DATADIR/aud" + + # Set the "iss" field for access tokens. + export APITEST_ISS=test-issuer + echo "$APITEST_ISS" > "$DATADIR/iss" + + # Generate an RSA key for signing access tokens for the API. Key + # generation is disabled, to make test suite faster. Using + # pre-generated key instead. + #./generate-rsa-key "$DATADIR/signing-key" + export APITEST_PUBKEY="$(cat "$SRCDIR/apitest.key.pub")" + + # FIXME: It would be good for the test suite to pick a random free + # port. But that's not simple. + export APITEST_LOG="$DATADIR/apitest.log" + gunicorn --daemon --bind 127.0.0.1:12765 -p "$DATADIR/pid" \ + --log-file "$DATADIR/log" --log-level=debug \ + apitest:app + while ! curl -s http://127.0.0.1:12765/version > /dev/null + do + # Sleep in Debian can take a fractional second arg. + sleep 0.1 + done + + IMPLEMENTS FINALLY stop apitest + kill "$(cat "$DATADIR/pid")" + + IMPLEMENTS WHEN client requests GET /version without token + curl -sv "http://127.0.0.1:12765/version" > "$DATADIR/out" 2> "$DATADIR/err" + + IMPLEMENTS WHEN client requests GET /version using token + token="$(cat "$DATADIR/token")" + curl -sv -H "Authorization: Bearer $token" \ + "http://127.0.0.1:12765/version" > "$DATADIR/out" 2> "$DATADIR/err" + + IMPLEMENTS WHEN client uploads a fake jpg + token="$(cat "$DATADIR/token")" + curl -sv -H "Authorization: Bearer $token" \ + -H "Content-type: application/jpeg" \ + -d "fake jpg" \ + -X PUT \ + "http://127.0.0.1:12765/upload" > "$DATADIR/out" 2> "$DATADIR/err" + + IMPLEMENTS WHEN client gets an authorization token with scope "(.+)" + iss="$(cat "$DATADIR/iss")" + aud="$(cat "$DATADIR/aud")" + ./create-token "$SRCDIR/apitest.key" "$iss" "$aud" "$MATCH_1" > "$DATADIR/token" + + IMPLEMENTS THEN HTTP status code is (.+) + cat "$DATADIR/err" + tr -d '\r' < "$DATADIR/err" | + grep -Fx "< HTTP/1.1 $MATCH_1" + + IMPLEMENTS THEN HTTP body is "(.+)" + grep -Fx "$MATCH_1" "$DATADIR/out" + + IMPLEMENTS THEN response has header WWW-Authenticate containing "(.+)" + cat "$DATADIR/err" + tr -d '\r' < "$DATADIR/err" | + grep -Fix "< WWW-Authenticate: $MATCH_1" + |