features for API version 2 - keep old ones

Now we test both api versions. We want this for backwards compatibility.

5 files changed, 180 insertions, 0 deletions

diff --git a/features/1/anonymous.feature b/features/1/anonymous.feature
new file mode 100644
index 0000000..73a6d3f
--- /dev/null
+++ b/features/1/anonymous.feature
@@ -0,0 +1,34 @@
+@config
+Feature: Anonymous access to EIP
+
+  A provider may choose to allow anonymous access to EIP.
+  In this case some endpoints that would normally require authentication
+  will be available without authentication.
+
+  Background: 
+    Given "allow_anonymous_certs" is enabled in the config
+    And I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+
+  Scenario: Fetch configs when anonymous certs are allowed
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "200"
+
+  Scenario: Fetch EIP config when anonymous certs are allowed
+    Given there is a config for the eip
+    When I send a GET request to "/1/configs/eip-service.json"
+    Then the response status should be "200"
+
+  Scenario: Fetch service description
+    When I send a GET request to "/1/service.json"
+    Then the response status should be "200"
+    And the response should be:
+    """
+      {
+        "name": "anonymous",
+        "description": "anonymous access to the VPN",
+        "eip_rate_limit": false
+      }
+    """
+
diff --git a/features/1/authentication.feature b/features/1/authentication.feature
new file mode 100644
index 0000000..52b562f
--- /dev/null
+++ b/features/1/authentication.feature
@@ -0,0 +1,24 @@
+Feature: Authentication
+
+  Authentication is handled with SRP. Once the SRP handshake has been successful a token will be transmitted. This token is used to authenticate further requests.
+
+  In the scenarios MY_AUTH_TOKEN will serve as a placeholder for the actual token received.
+
+  Background:
+    Given I set headers:
+      | Accept        | application/json |
+      | Content-Type  | application/json |
+
+  Scenario: Submitting a valid token
+    Given I authenticated
+    And I set headers:
+      | Authorization | Token token="MY_AUTH_TOKEN" |
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "200"
+
+  Scenario: Submitting an invalid token
+    Given I authenticated
+    And I set headers:
+      | Authorization | Token token="InvalidToken" |
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "401"
diff --git a/features/1/config.feature b/features/1/config.feature
new file mode 100644
index 0000000..ff04e9d
--- /dev/null
+++ b/features/1/config.feature
@@ -0,0 +1,58 @@
+Feature: Download Provider Configuration
+
+  The LEAP Provider exposes parts of its configuration through the API.
+
+  This can be used to find out about services offered. The big picture can be retrieved from `/provider.json`. Which is available without authentication (see unauthenticated.feature).
+
+  More detailed settings of the services are available after authentication. You can get a list of the available settings from `/1/configs.json`.
+
+  Background:
+    Given I authenticated
+    Given I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+      | Authorization | Token token="MY_AUTH_TOKEN" |
+
+  @tempfile
+  Scenario: Fetch provider config
+    Given there is a config for the provider
+    When I send a GET request to "/provider.json"
+    Then the response status should be "200"
+    And the response should be that config
+
+  Scenario: Missing provider config
+    When I send a GET request to "/provider.json"
+    Then the response status should be "404"
+    And the response should have "error" with "not_found"
+
+  Scenario: Fetch list of available configs
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "200"
+    And the response should be:
+      """
+      {
+        "services": {
+          "soledad": "/1/configs/soledad-service.json",
+          "eip": "/1/configs/eip-service.json",
+          "smtp": "/1/configs/smtp-service.json"
+        }
+      }
+      """
+
+  Scenario: Attempt to fetch an invalid config
+    When I send a GET request to "/1/configs/non-existing.json"
+    Then the response status should be "403"
+
+  # I am not sure what this test is about, that config is not
+  # actually missing.
+  #Scenario: Attempt to fetch a config that is missing on the server
+  #  When I send a GET request to "/1/configs/eip-service.json"
+  #  Then the response status should be "404"
+
+  @tempfile, @config
+  Scenario: Attempt to fetch the EIP config
+    Given there is a config for the eip
+    When I send a GET request to "/1/configs/eip-service.json"
+    Then the response status should be "200"
+    And the response should be that config
+
diff --git a/features/1/service.feature b/features/1/service.feature
new file mode 100644
index 0000000..ea49c74
--- /dev/null
+++ b/features/1/service.feature
@@ -0,0 +1,33 @@
+Feature: Get service description for current user
+
+  The LEAP provider can offer different services and their availability may
+  depend upon a users service level - so wether they are paying or not.
+
+  The /1/service endpoint allows the client to find out about the services
+  available to the authenticated user.
+
+  Background:
+    Given I authenticated
+    Given I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+      | Authorization | Token token="MY_AUTH_TOKEN" |
+
+  Scenario: Get service settings
+    When I send a GET request to "/1/service"
+    Then the response status should be "200"
+    And the response should be:
+    """
+      {
+        "name": "free",
+        "description": "free account, with rate limited VPN",
+        "eip_rate_limit": true,
+        "storage": 100,
+        "services": [
+          "eip"
+        ]
+      }
+   """
+
+
+
diff --git a/features/1/unauthenticated.feature b/features/1/unauthenticated.feature
new file mode 100644
index 0000000..aea7117
--- /dev/null
+++ b/features/1/unauthenticated.feature
@@ -0,0 +1,31 @@
+Feature: Unauthenticated API endpoints
+
+  Most of the LEAP Provider API requires authentication.
+  However there are a few exceptions - mostly prerequisits of authenticating. This feature and the authentication feature document these.
+
+  Background:
+    Given I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+
+  @tempfile
+  Scenario: Fetch provider config
+    Given there is a config for the provider
+    When I send a GET request to "/provider.json"
+    Then the response status should be "200"
+    And the response should be that config
+
+  Scenario: Authentication required response
+    When I send a GET request to "/1/configs"
+    Then the response status should be "401"
+    And the response should have "error" with "not_authorized_login"
+    And the response should have "message"
+
+  Scenario: Authentication required for all other API endpoints (incomplete)
+    Given I am not logged in
+    When I send requests to these endpoints:
+      |  GET   | /1/configs                |
+      |  GET   | /1/configs/config_id.json |
+      |  GET   | /1/service                |
+      | DELETE | /1/logout                 |
+    Then they should require authentication