summaryrefslogtreecommitdiff
path: root/yarns/200-client-creds.yarn
diff options
context:
space:
mode:
Diffstat (limited to 'yarns/200-client-creds.yarn')
-rw-r--r--yarns/200-client-creds.yarn29
1 files changed, 29 insertions, 0 deletions
diff --git a/yarns/200-client-creds.yarn b/yarns/200-client-creds.yarn
index 9eff22a..418e9b9 100644
--- a/yarns/200-client-creds.yarn
+++ b/yarns/200-client-creds.yarn
@@ -102,3 +102,32 @@ scopes, as described above.
AND token expires in an hour
FINALLY Qvisqve is stopped
+
+API client tied to a subject
+-----------------------------------------------------------------------------
+
+ SCENARIO get token using client credentials tied to a subject
+
+ GIVEN an API client "bigco"
+ AND API client has secret "secrit"
+ AND API client has allowed scopes "read write"
+ AND API client has subject "tomjon"
+
+ AND a Qvisqve configuration for "https://qvisqve.example.com"
+ AND Qvisqve configuration has a token lifetime of 3600
+ AND a running Qvisqve instance
+
+ WHEN client requests POST /token
+ ... with client_id "bigco", client_secret "secrit", and
+ ... scopes "read write delete"
+
+ THEN HTTP status code is 200 OK
+ AND Content-Type is application/json
+ AND body is a correctly signed JWT token
+ AND token has claim iss as "https://qvisqve.example.com"
+ AND token has claim sub as "tomjon"
+ AND token has claim aud as "bigco"
+ AND token has claim scope as "read write"
+ AND token expires in an hour
+
+ FINALLY Qvisqve is stopped
generated by cgit v1.2.1 (git 2.18.0) at 2024-04-29 22:53:55 +0000