1 files changed, 78 insertions, 7 deletions
diff --git a/yarns/900-implements.yarn b/yarns/900-implements.yarn
index 25a7e11..d63472c 100644
--- a/yarns/900-implements.yarn
+++ b/yarns/900-implements.yarn
@@ -86,21 +86,40 @@ This chapter shows the scenario step implementations.
     path = get_next_match()
     V['status_code'], V['headers'], V['body'] = get(V['API_URL'] + path, {})
 
-    IMPLEMENTS WHEN (browser|facade) requests POST (\S+), with form values (\S+)=(\S+) and (\S+)=(\S+)
-    who = get_next_match()
+    IMPLEMENTS WHEN browser requests POST (\S+), with form values (\S+)=(\S+) and (\S+)=(\S+) and (\S+)=(\S+)
     path = get_next_match()
     field1 = get_next_match()
-    value1 = get_next_match()
+    value1 = expand_vars(get_next_match(), V)
     field2 = get_next_match()
-    value2 = get_next_match()
+    value2 = expand_vars(get_next_match(), V)
+    field3 = get_next_match()
+    value3 = expand_vars(get_next_match(), V)
     headers = {}
     body = {
         field1: value1,
         field2: value2,
+        field3: value3,
     }
     V['status_code'], V['headers'], V['body'] = post(
         V['API_URL'] + path, headers=headers, body=body)
 
+    IMPLEMENTS WHEN facade requests POST (\S+), with form values (\S+)=(\S+) and (\S+)=(\S+) using Basic Auth with username (\S+), password (\S+)
+    path = get_next_match()
+    field1 = get_next_match()
+    value1 = expand_vars(get_next_match(), V)
+    field2 = get_next_match()
+    value2 = expand_vars(get_next_match(), V)
+    username = get_next_match()
+    password = get_next_match()
+    headers = {}
+    body = {
+        field1: value1,
+        field2: value2,
+    }
+    V['status_code'], V['headers'], V['body'] = post(
+        V['API_URL'] + path, headers=headers, body=body,
+        auth=(username, password))
+
 ## API access token creation
 
     IMPLEMENTS WHEN client gets an authorization token with scope "(.+)"
@@ -122,10 +141,24 @@ This chapter shows the scenario step implementations.
     expected = int(get_next_match())
     assertEqual(V['status_code'], expected)
 
-    IMPLEMENTS THEN HTTP (\S+) header is (.+)
+    IMPLEMENTS THEN HTTP (\S+) header starts with (.+)
+    header = get_next_match()
+    wanted = expand_vars(get_next_match(), V)
+    actual = V['headers'].get(header)
+    assertTrue(actual.startswith(wanted))
+
+    IMPLEMENTS THEN HTTP (\S+) header is saved as (.+)
     header = get_next_match()
-    value = expand_vars(get_next_match(), V)
-    assertEqual(V['headers'].get(header), value)
+    name = get_next_match()
+    V[name] = V['headers'].get(header)
+
+    IMPLEMENTS THEN authorization code from (\S+) is saved as (\S+)
+    import urlparse
+    var1 = get_next_match()
+    var2 = get_next_match()
+    parts = urlparse.urlparse(V[var1])
+    params = urlparse.parse_qs(parts.query)
+    V[var2] = params['code'][0]
 
     IMPLEMENTS THEN remember HTTP (\S+) header as (.+)
     header = get_next_match()
@@ -178,6 +211,19 @@ This chapter shows the scenario step implementations.
     pattern = '<input name="{}"'.format(field)
     assertTrue(pattern in body)
 
+    IMPLEMENTS THEN HTML form field (.+) is saved as (\S+)
+    import re
+    field = get_next_match()
+    name = get_next_match()
+    body = V['body']
+    pattern = '<input name="{}" value="([^"]+)"'.format(field)
+    m = re.search(pattern, body, re.M)
+    print('body', repr(body))
+    print('pattern:', pattern)
+    print('m:', m)
+    print('m.groups():', m.groups())
+    V[name] = m.groups(0)[0]
+
     IMPLEMENTS THEN Content-Type is (\S+)
     wanted = get_next_match()
     headers = V['headers']
@@ -222,3 +268,28 @@ This chapter shows the scenario step implementations.
     body = V['body']
     body = json.loads(body)
     assertEqual(body.get(field), value)
+
+    IMPLEMENTS THEN access token has a (\S+) field set to (\S+)
+    field = get_next_match()
+    value = get_next_match()
+    body = V['body']
+    body = json.loads(body)
+    token = body['access_token']
+    claims = token_decode(token, V['pubkey'])
+    print('claims', claims)
+    print('value', value)
+    assertEqual(claims.get(field), value)
+
+    IMPLEMENTS THEN access token has an (\S+) field that is not empty
+    field = get_next_match()
+    value = get_next_match()
+    body = V['body']
+    body = json.loads(body)
+    token = body['access_token']
+    claims = token_decode(token)
+    tf = token.get(field)
+    assertTrue(tf is not None)
+    assertTrue(isinstance(tf, str))
+    assertTrue(tf != "")
+
+