diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-08-01 13:48:44 +0300 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-08-01 15:18:54 +0300 |
commit | 036a863b00fe079e13bb1640267078ec47e6f9e5 (patch) | |
tree | 8363e515b4716375aa723f6db37f05611e806399 /yarns | |
parent | bfd3be221e51f9d140c68a40f72ce38ac3aad7ca (diff) | |
download | qvisqve-036a863b00fe079e13bb1640267078ec47e6f9e5.tar.gz |
Add: management API
Diffstat (limited to 'yarns')
-rw-r--r-- | yarns/400-manage.yarn | 162 | ||||
-rw-r--r-- | yarns/900-implements.yarn | 5 | ||||
-rw-r--r-- | yarns/900-local.yarn | 12 |
3 files changed, 172 insertions, 7 deletions
diff --git a/yarns/400-manage.yarn b/yarns/400-manage.yarn new file mode 100644 index 0000000..6d60909 --- /dev/null +++ b/yarns/400-manage.yarn @@ -0,0 +1,162 @@ +Manage clients, users, applications via API +============================================================================= + + SCENARIO manage clients, users, applications + GIVEN an RSA key pair for token signing + AND a Qvisqve configuration for "https://qvisqve.example.com" + AND Qvisqve configuration has a token lifetime of 3600 + AND a running Qvisqve instance + AND an access token for admin with scopes + ... uapi_clients_post + ... uapi_clients_get + ... uapi_clients_id_get + ... uapi_clients_id_put + ... uapi_clients_id_secret_put + ... uapi_clients_id_delete + ... uapi_users_post + ... uapi_users_get + ... uapi_users_id_get + ... uapi_users_id_put + ... uapi_users_id_secret_put + ... uapi_users_id_delete + ... uapi_applications_post + ... uapi_applications_get + ... uapi_applications_id_get + ... uapi_applications_id_put + ... uapi_applications_id_delete + +First, manage clients. + + WHEN client requests GET /clients using token + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND JSON body matches + ... { + ... "resources": [] + ... } + + WHEN client requests POST /clients with token and body + ... { + ... "id": "james" + ... } + THEN HTTP status code is 201 Created + AND Location is https://qvisqve.example.com/clients/james + + WHEN client requests PUT /clients/james/secret with token and body + ... { "secret": "hunter2" } + THEN HTTP status code is 200 OK + + WHEN client requests GET /clients using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": ["james"] + ... } + + WHEN client requests GET /clients/james using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "id": "james" + ... } + + WHEN client requests DELETE /clients/james with token + THEN HTTP status code is 200 OK + WHEN client requests GET /clients/james using token + THEN HTTP status code is 404 Not Found + WHEN client requests GET /clients using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": [] + ... } + +Then, manage users. + + WHEN client requests GET /users using token + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND JSON body matches + ... { + ... "resources": [] + ... } + + WHEN client requests POST /users with token and body + ... { + ... "id": "sherlock" + ... } + THEN HTTP status code is 201 Created + AND Location is https://qvisqve.example.com/users/sherlock + + WHEN client requests PUT /users/sherlock/secret with token and body + ... { "secret": "hunter2" } + THEN HTTP status code is 200 OK + + WHEN client requests GET /users using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": ["sherlock"] + ... } + + WHEN client requests GET /users/sherlock using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "id": "sherlock" + ... } + + WHEN client requests DELETE /users/sherlock with token + THEN HTTP status code is 200 OK + WHEN client requests GET /users/sherlock using token + THEN HTTP status code is 404 Not Found + WHEN client requests GET /users using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": [] + ... } + +Then, manage applications. + + WHEN client requests GET /applications using token + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND JSON body matches + ... { + ... "resources": [] + ... } + + WHEN client requests POST /applications with token and body + ... { + ... "id": "MI6", + ... "callbacks": ["https://mi6.example.com/callback"] + ... } + THEN HTTP status code is 201 Created + AND Location is https://qvisqve.example.com/applications/MI6 + + WHEN client requests GET /applications using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": ["MI6"] + ... } + + WHEN client requests GET /applications/MI6 using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "id": "MI6", + ... "callbacks": ["https://mi6.example.com/callback"] + ... } + + WHEN client requests DELETE /applications/MI6 with token + THEN HTTP status code is 200 OK + WHEN client requests GET /applications/MI6 using token + THEN HTTP status code is 404 Not Found + WHEN client requests GET /applications using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": [] + ... } diff --git a/yarns/900-implements.yarn b/yarns/900-implements.yarn index 7eea6d8..25a7e11 100644 --- a/yarns/900-implements.yarn +++ b/yarns/900-implements.yarn @@ -183,6 +183,11 @@ This chapter shows the scenario step implementations. headers = V['headers'] assertEqual(headers['Content-Type'][:len(wanted)], wanted) + IMPLEMENTS THEN Location is (\S+) + wanted = get_next_match() + headers = V['headers'] + assertEqual(headers['Location'], wanted) + IMPLEMENTS THEN body is a correctly signed JWT token resp = json.loads(V['body']) assertIn('access_token', resp) diff --git a/yarns/900-local.yarn b/yarns/900-local.yarn index ddce8f8..8c9fd1d 100644 --- a/yarns/900-local.yarn +++ b/yarns/900-local.yarn @@ -60,13 +60,11 @@ along with this program. If not, see <http://www.gnu.org/licenses/>. IMPLEMENTS GIVEN an access token for (\S+) with scopes (.+) user = get_next_match() scopes = get_next_match() - key = open('token.key').read() - argv = [ - os.path.join(srcdir, 'create-token'), - scopes, - ] - token = cliapp.runcmd(argv, feed_stdin=key) - store_token(user, token) + key = V['privkey'] + issuer = V['iss'] + audience = V['aud'] + token = create_token(key, issuer, audience, scopes) + V['token'] = token ## Start Qvisqve |