diff options
Diffstat (limited to 'yarns/200-client-creds.yarn')
-rw-r--r-- | yarns/200-client-creds.yarn | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/yarns/200-client-creds.yarn b/yarns/200-client-creds.yarn index 9eff22a..418e9b9 100644 --- a/yarns/200-client-creds.yarn +++ b/yarns/200-client-creds.yarn @@ -102,3 +102,32 @@ scopes, as described above. AND token expires in an hour FINALLY Qvisqve is stopped + +API client tied to a subject +----------------------------------------------------------------------------- + + SCENARIO get token using client credentials tied to a subject + + GIVEN an API client "bigco" + AND API client has secret "secrit" + AND API client has allowed scopes "read write" + AND API client has subject "tomjon" + + AND a Qvisqve configuration for "https://qvisqve.example.com" + AND Qvisqve configuration has a token lifetime of 3600 + AND a running Qvisqve instance + + WHEN client requests POST /token + ... with client_id "bigco", client_secret "secrit", and + ... scopes "read write delete" + + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND body is a correctly signed JWT token + AND token has claim iss as "https://qvisqve.example.com" + AND token has claim sub as "tomjon" + AND token has claim aud as "bigco" + AND token has claim scope as "read write" + AND token expires in an hour + + FINALLY Qvisqve is stopped |