yarns/400-manage.yarn


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

Manage clients, users, applications via API
=============================================================================

    SCENARIO manage clients, users, applications
    GIVEN an RSA key pair for token signing
    AND a Qvisqve configuration for "https://qvisqve.example.com"
    AND Qvisqve configuration has a token lifetime of 3600
    AND a running Qvisqve instance
    AND an access token for admin with scopes
    ... uapi_clients_post
    ... uapi_clients_get
    ... uapi_clients_id_get
    ... uapi_clients_id_put
    ... uapi_clients_id_secret_put
    ... uapi_clients_id_delete
    ... uapi_users_post
    ... uapi_users_get
    ... uapi_users_id_get
    ... uapi_users_id_put
    ... uapi_users_id_secret_put
    ... uapi_users_id_delete
    ... uapi_applications_post
    ... uapi_applications_get
    ... uapi_applications_id_get
    ... uapi_applications_id_put
    ... uapi_applications_id_delete

First, manage clients.
    
    WHEN client requests GET /clients using token
    THEN HTTP status code is 200 OK
    AND Content-Type is application/json
    AND JSON body matches
    ... {
    ...     "resources": []
    ... }

    WHEN client requests POST /clients with token and body
    ... {
    ...     "id": "james"
    ... }
    THEN HTTP status code is 201 Created
    AND Location is https://qvisqve.example.com/clients/james

    WHEN client requests PUT /clients/james/secret with token and body
    ... { "secret": "hunter2" }
    THEN HTTP status code is 200 OK

    WHEN client requests GET /clients using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "resources": ["james"]
    ... }

    WHEN client requests GET /clients/james using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "id": "james"
    ... }

    WHEN client requests DELETE /clients/james with token
    THEN HTTP status code is 200 OK
    WHEN client requests GET /clients/james using token
    THEN HTTP status code is 404 Not Found
    WHEN client requests GET /clients using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "resources": []
    ... }

Then, manage users.

    WHEN client requests GET /users using token
    THEN HTTP status code is 200 OK
    AND Content-Type is application/json
    AND JSON body matches
    ... {
    ...     "resources": []
    ... }

    WHEN client requests POST /users with token and body
    ... {
    ...     "id": "sherlock"
    ... }
    THEN HTTP status code is 201 Created
    AND Location is https://qvisqve.example.com/users/sherlock

    WHEN client requests PUT /users/sherlock/secret with token and body
    ... { "secret": "hunter2" }
    THEN HTTP status code is 200 OK

    WHEN client requests GET /users using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "resources": ["sherlock"]
    ... }

    WHEN client requests GET /users/sherlock using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "id": "sherlock"
    ... }

    WHEN client requests DELETE /users/sherlock with token
    THEN HTTP status code is 200 OK
    WHEN client requests GET /users/sherlock using token
    THEN HTTP status code is 404 Not Found
    WHEN client requests GET /users using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "resources": []
    ... }

Then, manage applications.

    WHEN client requests GET /applications using token
    THEN HTTP status code is 200 OK
    AND Content-Type is application/json
    AND JSON body matches
    ... {
    ...     "resources": []
    ... }

    WHEN client requests POST /applications with token and body
    ... {
    ...     "id": "MI6",
    ...     "callbacks": ["https://mi6.example.com/callback"]
    ... }
    THEN HTTP status code is 201 Created
    AND Location is https://qvisqve.example.com/applications/MI6

    WHEN client requests GET /applications using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "resources": ["MI6"]
    ... }

    WHEN client requests GET /applications/MI6 using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "id": "MI6",
    ...     "callbacks": ["https://mi6.example.com/callback"]
    ... }

    WHEN client requests DELETE /applications/MI6 with token
    THEN HTTP status code is 200 OK
    WHEN client requests GET /applications/MI6 using token
    THEN HTTP status code is 404 Not Found
    WHEN client requests GET /applications using token
    THEN HTTP status code is 200 OK
    AND JSON body matches
    ... {
    ...     "resources": []
    ... }