Change yarns to test authentication for requests

3 files changed, 58 insertions, 8 deletions

diff --git a/yarns/100-hello.yarn b/yarns/100-hello.yarn
index 9d06262..ca26822 100644
--- a/yarns/100-hello.yarn
+++ b/yarns/100-hello.yarn
@@ -4,13 +4,17 @@ This scenario is just for making sure we can, in our tests, start and
 stop the backend, and make requests to it.
 
     SCENARIO backend smoke test
-    GIVEN a running backend instance
+    GIVEN a users.yaml with user admin, password foo, scopes get, put
+    AND a running backend instance
 
-    WHEN client makes request GET /version
+    WHEN user admin makes unauthenticated request GET /version
+    THEN HTTP status code is 401
+
+    WHEN user admin makes request GET /version
     THEN HTTP status code is 200
     AND result matches { "version": "1.0" }
 
-    WHEN client makes request GET /blatherskite
+    WHEN user admin makes request GET /blatherskite
     THEN HTTP status code is 404
 
     FINALLY stop backend instance
diff --git a/yarns/900.yarn b/yarns/900.yarn
index c7e81a0..5d11865 100644
--- a/yarns/900.yarn
+++ b/yarns/900.yarn
@@ -1,8 +1,24 @@
 # Scenario step implementations
 
+    IMPLEMENTS GIVEN a users.yaml with user (\S+), password (\S+), scopes (.+)
+    username = get_next_match()
+    password = get_next_match()
+    scopes_string = get_next_match()
+    scopes = [s.strip() for s in scopes_string.split(',')]
+    user = {
+        'salt': 'nacl',
+        'password': distixapi.encrypt_password('nacl', password),
+        'cleartext': password,
+        'scopes': scopes,
+    }
+    users = load_users()
+    users['users'][username] = user
+    save_users(users)
+
     IMPLEMENTS GIVEN a running backend instance
     backend = os.path.join(srcdir, 'distix-backend')
-    cliapp.runcmd(['/usr/sbin/daemonize', '-c.', backend, 'pid', 'port'])
+    cliapp.runcmd(
+        ['/usr/sbin/daemonize', '-c.', backend, 'pid', 'port', 'users.yaml'])
     vars['pid'] = cat('pid').strip()
     vars['port'] = cat('port').strip()
 
@@ -11,8 +27,22 @@
     print 'killing process', repr(vars['pid'])
     os.kill(int(vars['pid']), signal.SIGTERM)
 
-    IMPLEMENTS WHEN client makes request GET (\S+)
-    path = os.environ['MATCH_1']
+    IMPLEMENTS WHEN user (\S+) makes request GET (\S+)
+    user = get_next_match()
+    path = get_next_match()
+    url = 'http://localhost:{}{}'.format(vars['port'], path)
+    print 'url:', repr(url)
+    users = load_users()
+    print repr(users)
+    password = users['users'][user]['cleartext']
+    import requests
+    r = requests.get(url, auth=(user, password))
+    vars['http-status'] = r.status_code
+    vars['http-body'] = r.text
+
+    IMPLEMENTS WHEN user (\S+) makes unauthenticated request GET (\S+)
+    user = get_next_match()
+    path = get_next_match()
     url = 'http://localhost:{}{}'.format(vars['port'], path)
     print 'url:', repr(url)
     import requests
diff --git a/yarns/lib.py b/yarns/lib.py
index b7df3a7..502674e 100644
--- a/yarns/lib.py
+++ b/yarns/lib.py
@@ -1,15 +1,18 @@
 import errno
 import os
 import time
+import yaml
 
 import cliapp
+from yarnutils import *
 
-import yarnutils
+import distixapi
 
 datadir = os.environ['DATADIR']
 srcdir = os.environ['SRCDIR']
 
-vars = yarnutils.Variables(datadir)
+
+vars = Variables(datadir)
 
 
 MAX_CAT_TIME = 5 # seconds
@@ -27,3 +30,16 @@ def cat(filename):
                 continue
             raise
     raise Exception("cat took more then %s seconds" % MAX_CAT_TIME)
+
+
+def load_users():
+    if os.path.exists('users.yaml'):
+        with open('users.yaml') as f:
+            return yaml.safe_load(f)
+    return {'users': {}}
+
+
+def save_users(users):
+    print 'saving', repr(users)
+    with open('users.yaml', 'w') as f:
+        yaml.safe_dump(users, stream=f)