blob: 6d60909539e59924f301b30ab2974c5fe166b33c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
|
Manage clients, users, applications via API
=============================================================================
SCENARIO manage clients, users, applications
GIVEN an RSA key pair for token signing
AND a Qvisqve configuration for "https://qvisqve.example.com"
AND Qvisqve configuration has a token lifetime of 3600
AND a running Qvisqve instance
AND an access token for admin with scopes
... uapi_clients_post
... uapi_clients_get
... uapi_clients_id_get
... uapi_clients_id_put
... uapi_clients_id_secret_put
... uapi_clients_id_delete
... uapi_users_post
... uapi_users_get
... uapi_users_id_get
... uapi_users_id_put
... uapi_users_id_secret_put
... uapi_users_id_delete
... uapi_applications_post
... uapi_applications_get
... uapi_applications_id_get
... uapi_applications_id_put
... uapi_applications_id_delete
First, manage clients.
WHEN client requests GET /clients using token
THEN HTTP status code is 200 OK
AND Content-Type is application/json
AND JSON body matches
... {
... "resources": []
... }
WHEN client requests POST /clients with token and body
... {
... "id": "james"
... }
THEN HTTP status code is 201 Created
AND Location is https://qvisqve.example.com/clients/james
WHEN client requests PUT /clients/james/secret with token and body
... { "secret": "hunter2" }
THEN HTTP status code is 200 OK
WHEN client requests GET /clients using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "resources": ["james"]
... }
WHEN client requests GET /clients/james using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "id": "james"
... }
WHEN client requests DELETE /clients/james with token
THEN HTTP status code is 200 OK
WHEN client requests GET /clients/james using token
THEN HTTP status code is 404 Not Found
WHEN client requests GET /clients using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "resources": []
... }
Then, manage users.
WHEN client requests GET /users using token
THEN HTTP status code is 200 OK
AND Content-Type is application/json
AND JSON body matches
... {
... "resources": []
... }
WHEN client requests POST /users with token and body
... {
... "id": "sherlock"
... }
THEN HTTP status code is 201 Created
AND Location is https://qvisqve.example.com/users/sherlock
WHEN client requests PUT /users/sherlock/secret with token and body
... { "secret": "hunter2" }
THEN HTTP status code is 200 OK
WHEN client requests GET /users using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "resources": ["sherlock"]
... }
WHEN client requests GET /users/sherlock using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "id": "sherlock"
... }
WHEN client requests DELETE /users/sherlock with token
THEN HTTP status code is 200 OK
WHEN client requests GET /users/sherlock using token
THEN HTTP status code is 404 Not Found
WHEN client requests GET /users using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "resources": []
... }
Then, manage applications.
WHEN client requests GET /applications using token
THEN HTTP status code is 200 OK
AND Content-Type is application/json
AND JSON body matches
... {
... "resources": []
... }
WHEN client requests POST /applications with token and body
... {
... "id": "MI6",
... "callbacks": ["https://mi6.example.com/callback"]
... }
THEN HTTP status code is 201 Created
AND Location is https://qvisqve.example.com/applications/MI6
WHEN client requests GET /applications using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "resources": ["MI6"]
... }
WHEN client requests GET /applications/MI6 using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "id": "MI6",
... "callbacks": ["https://mi6.example.com/callback"]
... }
WHEN client requests DELETE /applications/MI6 with token
THEN HTTP status code is 200 OK
WHEN client requests GET /applications/MI6 using token
THEN HTTP status code is 404 Not Found
WHEN client requests GET /applications using token
THEN HTTP status code is 200 OK
AND JSON body matches
... {
... "resources": []
... }
|