features for API version 2 - keep old ones

Now we test both api versions. We want this for backwards compatibility.

11 files changed, 203 insertions, 23 deletions

diff --git a/features/1/anonymous.feature b/features/1/anonymous.feature
new file mode 100644
index 0000000..73a6d3f
--- /dev/null
+++ b/features/1/anonymous.feature
@@ -0,0 +1,34 @@
+@config
+Feature: Anonymous access to EIP
+
+  A provider may choose to allow anonymous access to EIP.
+  In this case some endpoints that would normally require authentication
+  will be available without authentication.
+
+  Background: 
+    Given "allow_anonymous_certs" is enabled in the config
+    And I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+
+  Scenario: Fetch configs when anonymous certs are allowed
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "200"
+
+  Scenario: Fetch EIP config when anonymous certs are allowed
+    Given there is a config for the eip
+    When I send a GET request to "/1/configs/eip-service.json"
+    Then the response status should be "200"
+
+  Scenario: Fetch service description
+    When I send a GET request to "/1/service.json"
+    Then the response status should be "200"
+    And the response should be:
+    """
+      {
+        "name": "anonymous",
+        "description": "anonymous access to the VPN",
+        "eip_rate_limit": false
+      }
+    """
+
diff --git a/features/1/authentication.feature b/features/1/authentication.feature
new file mode 100644
index 0000000..52b562f
--- /dev/null
+++ b/features/1/authentication.feature
@@ -0,0 +1,24 @@
+Feature: Authentication
+
+  Authentication is handled with SRP. Once the SRP handshake has been successful a token will be transmitted. This token is used to authenticate further requests.
+
+  In the scenarios MY_AUTH_TOKEN will serve as a placeholder for the actual token received.
+
+  Background:
+    Given I set headers:
+      | Accept        | application/json |
+      | Content-Type  | application/json |
+
+  Scenario: Submitting a valid token
+    Given I authenticated
+    And I set headers:
+      | Authorization | Token token="MY_AUTH_TOKEN" |
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "200"
+
+  Scenario: Submitting an invalid token
+    Given I authenticated
+    And I set headers:
+      | Authorization | Token token="InvalidToken" |
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "401"
diff --git a/features/1/config.feature b/features/1/config.feature
new file mode 100644
index 0000000..ff04e9d
--- /dev/null
+++ b/features/1/config.feature
@@ -0,0 +1,58 @@
+Feature: Download Provider Configuration
+
+  The LEAP Provider exposes parts of its configuration through the API.
+
+  This can be used to find out about services offered. The big picture can be retrieved from `/provider.json`. Which is available without authentication (see unauthenticated.feature).
+
+  More detailed settings of the services are available after authentication. You can get a list of the available settings from `/1/configs.json`.
+
+  Background:
+    Given I authenticated
+    Given I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+      | Authorization | Token token="MY_AUTH_TOKEN" |
+
+  @tempfile
+  Scenario: Fetch provider config
+    Given there is a config for the provider
+    When I send a GET request to "/provider.json"
+    Then the response status should be "200"
+    And the response should be that config
+
+  Scenario: Missing provider config
+    When I send a GET request to "/provider.json"
+    Then the response status should be "404"
+    And the response should have "error" with "not_found"
+
+  Scenario: Fetch list of available configs
+    When I send a GET request to "/1/configs.json"
+    Then the response status should be "200"
+    And the response should be:
+      """
+      {
+        "services": {
+          "soledad": "/1/configs/soledad-service.json",
+          "eip": "/1/configs/eip-service.json",
+          "smtp": "/1/configs/smtp-service.json"
+        }
+      }
+      """
+
+  Scenario: Attempt to fetch an invalid config
+    When I send a GET request to "/1/configs/non-existing.json"
+    Then the response status should be "403"
+
+  # I am not sure what this test is about, that config is not
+  # actually missing.
+  #Scenario: Attempt to fetch a config that is missing on the server
+  #  When I send a GET request to "/1/configs/eip-service.json"
+  #  Then the response status should be "404"
+
+  @tempfile, @config
+  Scenario: Attempt to fetch the EIP config
+    Given there is a config for the eip
+    When I send a GET request to "/1/configs/eip-service.json"
+    Then the response status should be "200"
+    And the response should be that config
+
diff --git a/features/1/service.feature b/features/1/service.feature
new file mode 100644
index 0000000..ea49c74
--- /dev/null
+++ b/features/1/service.feature
@@ -0,0 +1,33 @@
+Feature: Get service description for current user
+
+  The LEAP provider can offer different services and their availability may
+  depend upon a users service level - so wether they are paying or not.
+
+  The /1/service endpoint allows the client to find out about the services
+  available to the authenticated user.
+
+  Background:
+    Given I authenticated
+    Given I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+      | Authorization | Token token="MY_AUTH_TOKEN" |
+
+  Scenario: Get service settings
+    When I send a GET request to "/1/service"
+    Then the response status should be "200"
+    And the response should be:
+    """
+      {
+        "name": "free",
+        "description": "free account, with rate limited VPN",
+        "eip_rate_limit": true,
+        "storage": 100,
+        "services": [
+          "eip"
+        ]
+      }
+   """
+
+
+
diff --git a/features/1/unauthenticated.feature b/features/1/unauthenticated.feature
new file mode 100644
index 0000000..aea7117
--- /dev/null
+++ b/features/1/unauthenticated.feature
@@ -0,0 +1,31 @@
+Feature: Unauthenticated API endpoints
+
+  Most of the LEAP Provider API requires authentication.
+  However there are a few exceptions - mostly prerequisits of authenticating. This feature and the authentication feature document these.
+
+  Background:
+    Given I set headers:
+      | Accept       | application/json |
+      | Content-Type | application/json |
+
+  @tempfile
+  Scenario: Fetch provider config
+    Given there is a config for the provider
+    When I send a GET request to "/provider.json"
+    Then the response status should be "200"
+    And the response should be that config
+
+  Scenario: Authentication required response
+    When I send a GET request to "/1/configs"
+    Then the response status should be "401"
+    And the response should have "error" with "not_authorized_login"
+    And the response should have "message"
+
+  Scenario: Authentication required for all other API endpoints (incomplete)
+    Given I am not logged in
+    When I send requests to these endpoints:
+      |  GET   | /1/configs                |
+      |  GET   | /1/configs/config_id.json |
+      |  GET   | /1/service                |
+      | DELETE | /1/logout                 |
+    Then they should require authentication
diff --git a/features/anonymous.feature b/features/anonymous.feature
index 73a6d3f..d6b3ce2 100644
--- a/features/anonymous.feature
+++ b/features/anonymous.feature
@@ -5,23 +5,23 @@ Feature: Anonymous access to EIP
   In this case some endpoints that would normally require authentication
   will be available without authentication.
 
-  Background: 
+  Background:
     Given "allow_anonymous_certs" is enabled in the config
     And I set headers:
       | Accept       | application/json |
       | Content-Type | application/json |
 
   Scenario: Fetch configs when anonymous certs are allowed
-    When I send a GET request to "/1/configs.json"
+    When I send a GET request to "/2/configs.json"
     Then the response status should be "200"
 
   Scenario: Fetch EIP config when anonymous certs are allowed
     Given there is a config for the eip
-    When I send a GET request to "/1/configs/eip-service.json"
+    When I send a GET request to "/2/configs/eip-service.json"
     Then the response status should be "200"
 
   Scenario: Fetch service description
-    When I send a GET request to "/1/service.json"
+    When I send a GET request to "/2/service.json"
     Then the response status should be "200"
     And the response should be:
     """
diff --git a/features/authentication.feature b/features/authentication.feature
index 52b562f..806e2b7 100644
--- a/features/authentication.feature
+++ b/features/authentication.feature
@@ -13,12 +13,12 @@ Feature: Authentication
     Given I authenticated
     And I set headers:
       | Authorization | Token token="MY_AUTH_TOKEN" |
-    When I send a GET request to "/1/configs.json"
+    When I send a GET request to "/2/configs.json"
     Then the response status should be "200"
 
   Scenario: Submitting an invalid token
     Given I authenticated
     And I set headers:
       | Authorization | Token token="InvalidToken" |
-    When I send a GET request to "/1/configs.json"
+    When I send a GET request to "/2/configs.json"
     Then the response status should be "401"
diff --git a/features/config.feature b/features/config.feature
index ff04e9d..bd627de 100644
--- a/features/config.feature
+++ b/features/config.feature
@@ -4,7 +4,7 @@ Feature: Download Provider Configuration
 
   This can be used to find out about services offered. The big picture can be retrieved from `/provider.json`. Which is available without authentication (see unauthenticated.feature).
 
-  More detailed settings of the services are available after authentication. You can get a list of the available settings from `/1/configs.json`.
+  More detailed settings of the services are available after authentication. You can get a list of the available settings from `/2/configs.json`.
 
   Background:
     Given I authenticated
@@ -26,33 +26,33 @@ Feature: Download Provider Configuration
     And the response should have "error" with "not_found"
 
   Scenario: Fetch list of available configs
-    When I send a GET request to "/1/configs.json"
+    When I send a GET request to "/2/configs.json"
     Then the response status should be "200"
     And the response should be:
       """
       {
         "services": {
-          "soledad": "/1/configs/soledad-service.json",
-          "eip": "/1/configs/eip-service.json",
-          "smtp": "/1/configs/smtp-service.json"
+          "soledad": "/2/configs/soledad-service.json",
+          "eip": "/2/configs/eip-service.json",
+          "smtp": "/2/configs/smtp-service.json"
         }
       }
       """
 
   Scenario: Attempt to fetch an invalid config
-    When I send a GET request to "/1/configs/non-existing.json"
+    When I send a GET request to "/2/configs/non-existing.json"
     Then the response status should be "403"
 
   # I am not sure what this test is about, that config is not
   # actually missing.
   #Scenario: Attempt to fetch a config that is missing on the server
-  #  When I send a GET request to "/1/configs/eip-service.json"
+  #  When I send a GET request to "/2/configs/eip-service.json"
   #  Then the response status should be "404"
 
   @tempfile, @config
   Scenario: Attempt to fetch the EIP config
     Given there is a config for the eip
-    When I send a GET request to "/1/configs/eip-service.json"
+    When I send a GET request to "/2/configs/eip-service.json"
     Then the response status should be "200"
     And the response should be that config
 
diff --git a/features/service.feature b/features/service.feature
index ea49c74..6244f6c 100644
--- a/features/service.feature
+++ b/features/service.feature
@@ -3,7 +3,7 @@ Feature: Get service description for current user
   The LEAP provider can offer different services and their availability may
   depend upon a users service level - so wether they are paying or not.
 
-  The /1/service endpoint allows the client to find out about the services
+  The /2/service endpoint allows the client to find out about the services
   available to the authenticated user.
 
   Background:
@@ -14,7 +14,7 @@ Feature: Get service description for current user
       | Authorization | Token token="MY_AUTH_TOKEN" |
 
   Scenario: Get service settings
-    When I send a GET request to "/1/service"
+    When I send a GET request to "/2/service"
     Then the response status should be "200"
     And the response should be:
     """
diff --git a/features/support/hooks.rb b/features/support/hooks.rb
index 256e5d8..4ddc77e 100644
--- a/features/support/hooks.rb
+++ b/features/support/hooks.rb
@@ -13,9 +13,9 @@ end
 After do |scenario|
   if scenario.failed?
     logfile_path = Rails.root + 'tmp'
-    logfile_path += "#{scenario.title.gsub(/\s/, '_')}.log"
+    logfile_path += "#{scenario.name.gsub(/\s/, '_')}.log"
     File.open(logfile_path, 'w') do |test_log|
-      test_log.puts scenario.title
+      test_log.puts scenario.name
       test_log.puts "========================="
       test_log.puts `tail log/test.log -n 200`
     end
diff --git a/features/unauthenticated.feature b/features/unauthenticated.feature
index aea7117..b4b0f55 100644
--- a/features/unauthenticated.feature
+++ b/features/unauthenticated.feature
@@ -16,7 +16,7 @@ Feature: Unauthenticated API endpoints
     And the response should be that config
 
   Scenario: Authentication required response
-    When I send a GET request to "/1/configs"
+    When I send a GET request to "/2/configs"
     Then the response status should be "401"
     And the response should have "error" with "not_authorized_login"
     And the response should have "message"
@@ -24,8 +24,8 @@ Feature: Unauthenticated API endpoints
   Scenario: Authentication required for all other API endpoints (incomplete)
     Given I am not logged in
     When I send requests to these endpoints:
-      |  GET   | /1/configs                |
-      |  GET   | /1/configs/config_id.json |
-      |  GET   | /1/service                |
-      | DELETE | /1/logout                 |
+      |  GET   | /2/configs                |
+      |  GET   | /2/configs/config_id.json |
+      |  GET   | /2/service                |
+      | DELETE | /2/logout                 |
     Then they should require authentication