diff options
Diffstat (limited to 'yarns/400-manage.yarn')
-rw-r--r-- | yarns/400-manage.yarn | 162 |
1 files changed, 162 insertions, 0 deletions
diff --git a/yarns/400-manage.yarn b/yarns/400-manage.yarn new file mode 100644 index 0000000..6d60909 --- /dev/null +++ b/yarns/400-manage.yarn @@ -0,0 +1,162 @@ +Manage clients, users, applications via API +============================================================================= + + SCENARIO manage clients, users, applications + GIVEN an RSA key pair for token signing + AND a Qvisqve configuration for "https://qvisqve.example.com" + AND Qvisqve configuration has a token lifetime of 3600 + AND a running Qvisqve instance + AND an access token for admin with scopes + ... uapi_clients_post + ... uapi_clients_get + ... uapi_clients_id_get + ... uapi_clients_id_put + ... uapi_clients_id_secret_put + ... uapi_clients_id_delete + ... uapi_users_post + ... uapi_users_get + ... uapi_users_id_get + ... uapi_users_id_put + ... uapi_users_id_secret_put + ... uapi_users_id_delete + ... uapi_applications_post + ... uapi_applications_get + ... uapi_applications_id_get + ... uapi_applications_id_put + ... uapi_applications_id_delete + +First, manage clients. + + WHEN client requests GET /clients using token + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND JSON body matches + ... { + ... "resources": [] + ... } + + WHEN client requests POST /clients with token and body + ... { + ... "id": "james" + ... } + THEN HTTP status code is 201 Created + AND Location is https://qvisqve.example.com/clients/james + + WHEN client requests PUT /clients/james/secret with token and body + ... { "secret": "hunter2" } + THEN HTTP status code is 200 OK + + WHEN client requests GET /clients using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": ["james"] + ... } + + WHEN client requests GET /clients/james using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "id": "james" + ... } + + WHEN client requests DELETE /clients/james with token + THEN HTTP status code is 200 OK + WHEN client requests GET /clients/james using token + THEN HTTP status code is 404 Not Found + WHEN client requests GET /clients using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": [] + ... } + +Then, manage users. + + WHEN client requests GET /users using token + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND JSON body matches + ... { + ... "resources": [] + ... } + + WHEN client requests POST /users with token and body + ... { + ... "id": "sherlock" + ... } + THEN HTTP status code is 201 Created + AND Location is https://qvisqve.example.com/users/sherlock + + WHEN client requests PUT /users/sherlock/secret with token and body + ... { "secret": "hunter2" } + THEN HTTP status code is 200 OK + + WHEN client requests GET /users using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": ["sherlock"] + ... } + + WHEN client requests GET /users/sherlock using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "id": "sherlock" + ... } + + WHEN client requests DELETE /users/sherlock with token + THEN HTTP status code is 200 OK + WHEN client requests GET /users/sherlock using token + THEN HTTP status code is 404 Not Found + WHEN client requests GET /users using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": [] + ... } + +Then, manage applications. + + WHEN client requests GET /applications using token + THEN HTTP status code is 200 OK + AND Content-Type is application/json + AND JSON body matches + ... { + ... "resources": [] + ... } + + WHEN client requests POST /applications with token and body + ... { + ... "id": "MI6", + ... "callbacks": ["https://mi6.example.com/callback"] + ... } + THEN HTTP status code is 201 Created + AND Location is https://qvisqve.example.com/applications/MI6 + + WHEN client requests GET /applications using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": ["MI6"] + ... } + + WHEN client requests GET /applications/MI6 using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "id": "MI6", + ... "callbacks": ["https://mi6.example.com/callback"] + ... } + + WHEN client requests DELETE /applications/MI6 with token + THEN HTTP status code is 200 OK + WHEN client requests GET /applications/MI6 using token + THEN HTTP status code is 404 Not Found + WHEN client requests GET /applications using token + THEN HTTP status code is 200 OK + AND JSON body matches + ... { + ... "resources": [] + ... } |