Merge branch '8800-hand-out-configs-json-without-authentication' into 'master'

feat: allow unauthenticated access to list of configs

Closes #8800

See merge request leap/webapp!45

1 files changed, 15 insertions, 2 deletions

diff --git a/features/unauthenticated.feature b/features/unauthenticated.feature
index b4b0f55..a55faa7 100644
--- a/features/unauthenticated.feature
+++ b/features/unauthenticated.feature
@@ -15,8 +15,22 @@ Feature: Unauthenticated API endpoints
     Then the response status should be "200"
     And the response should be that config
 
+  Scenario: Fetch list of available configs
+    When I send a GET request to "/2/configs.json"
+    Then the response status should be "200"
+    And the response should be:
+      """
+      {
+        "services": {
+          "soledad": "/2/configs/soledad-service.json",
+          "eip": "/2/configs/eip-service.json",
+          "smtp": "/2/configs/smtp-service.json"
+        }
+      }
+      """
+
   Scenario: Authentication required response
-    When I send a GET request to "/2/configs"
+    When I send a GET request to "/2/configs/config_id.json"
     Then the response status should be "401"
     And the response should have "error" with "not_authorized_login"
     And the response should have "message"
@@ -24,7 +38,6 @@ Feature: Unauthenticated API endpoints
   Scenario: Authentication required for all other API endpoints (incomplete)
     Given I am not logged in
     When I send requests to these endpoints:
-      |  GET   | /2/configs                |
       |  GET   | /2/configs/config_id.json |
       |  GET   | /2/service                |
       | DELETE | /2/logout                 |