diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-11-05 09:56:36 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-11-05 09:56:36 +0200 |
commit | df351c2661cd838e1b7de521f1fcd4f84acdf4a0 (patch) | |
tree | 5ebbab360420bcd299d53ddd330b654fc67837e4 /yarns/200-client-creds.yarn | |
parent | 5a74ba9553fd21465e04dd4ace7007e2f865d7f1 (diff) | |
download | qvisqve-df351c2661cd838e1b7de521f1fcd4f84acdf4a0.tar.gz |
Add: sub fields to clients, tokens created by client-cred grant
Diffstat (limited to 'yarns/200-client-creds.yarn')
-rw-r--r-- | yarns/200-client-creds.yarn | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/yarns/200-client-creds.yarn b/yarns/200-client-creds.yarn index 9eff22a..418e9b9 100644 --- a/yarns/200-client-creds.yarn +++ b/yarns/200-client-creds.yarn @@ -102,3 +102,32 @@ scopes, as described above. AND token expires in an hour FINALLY Qvisqve is stopped + +API client tied to a subject +----------------------------------------------------------------------------- + + SCENARIO get token using client credentials tied to a subject + + GIVEN an API client "bigco" + AND API client has secret "secrit" + AND API client has allowed scopes "read write" + AND API client has subject "tomjon" + + AND a Qvisqve configuration for "https://qvisqve.example.com" + AND Qvisqve configuration has a token lifetime of 3600 + AND a running Qvisqve instance + + WHEN client requests POST /token + ... with client_id "bigco", client_secret "secrit", and + ... scopes "read write delete" + + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND body is a correctly signed JWT token + AND token has claim iss as "https://qvisqve.example.com" + AND token has claim sub as "tomjon" + AND token has claim aud as "bigco" + AND token has claim scope as "read write" + AND token expires in an hour + + FINALLY Qvisqve is stopped |