diff options
Diffstat (limited to 'features')
| -rw-r--r-- | features/authentication.feature | 24 | ||||
| -rw-r--r-- | features/config.feature | 46 | ||||
| -rw-r--r-- | features/step_definitions/.gitkeep | 0 | ||||
| -rw-r--r-- | features/step_definitions/api_steps.rb | 131 | ||||
| -rw-r--r-- | features/step_definitions/auth_steps.rb | 6 | ||||
| -rw-r--r-- | features/step_definitions/config_steps.rb | 6 | ||||
| -rw-r--r-- | features/support/env.rb | 58 | ||||
| -rw-r--r-- | features/support/hooks.rb | 18 | ||||
| -rw-r--r-- | features/unauthenticated.feature | 29 | 
9 files changed, 318 insertions, 0 deletions
| diff --git a/features/authentication.feature b/features/authentication.feature new file mode 100644 index 0000000..52b562f --- /dev/null +++ b/features/authentication.feature @@ -0,0 +1,24 @@ +Feature: Authentication + +  Authentication is handled with SRP. Once the SRP handshake has been successful a token will be transmitted. This token is used to authenticate further requests. + +  In the scenarios MY_AUTH_TOKEN will serve as a placeholder for the actual token received. + +  Background: +    Given I set headers: +      | Accept        | application/json | +      | Content-Type  | application/json | + +  Scenario: Submitting a valid token +    Given I authenticated +    And I set headers: +      | Authorization | Token token="MY_AUTH_TOKEN" | +    When I send a GET request to "/1/configs.json" +    Then the response status should be "200" + +  Scenario: Submitting an invalid token +    Given I authenticated +    And I set headers: +      | Authorization | Token token="InvalidToken" | +    When I send a GET request to "/1/configs.json" +    Then the response status should be "401" diff --git a/features/config.feature b/features/config.feature new file mode 100644 index 0000000..6adaed9 --- /dev/null +++ b/features/config.feature @@ -0,0 +1,46 @@ +Feature: Download Provider Configuration + +  The LEAP Provider exposes parts of its configuration through the API. + +  This can be used to find out about services offered. The big picture can be retrieved from `/provider.json`. Which is available without authentication (see unauthenticated.feature). +   +  More detailed settings of the services are available after authentication. You can get a list of the available settings from `/1/configs.json`. + +  Background: +    Given I authenticated +    Given I set headers: +      | Accept       | application/json | +      | Content-Type | application/json | +      | Authorization | Token token="MY_AUTH_TOKEN" | + +  @tempfile +  Scenario: Fetch provider config +    Given the provider config is: +      """ +      {"config": "me"} +      """ +    When I send a GET request to "/provider.json" +    Then the response status should be "200" +    And the response should be: +      """ +      {"config": "me"} +      """ + +  Scenario: Missing provider config +    When I send a GET request to "/provider.json" +    Then the response status should be "404" +    And the response should have "error" with "not_found" + +  Scenario: Fetch list of available configs +    When I send a GET request to "/1/configs.json" +    Then the response status should be "200" +    And the response should be: +      """ +      { +        "services": { +          "soledad": "/1/configs/soledad-service.json", +          "eip": "/1/configs/eip-service.json", +          "smtp": "/1/configs/smtp-service.json" +        } +      } +      """ diff --git a/features/step_definitions/.gitkeep b/features/step_definitions/.gitkeep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/features/step_definitions/.gitkeep diff --git a/features/step_definitions/api_steps.rb b/features/step_definitions/api_steps.rb new file mode 100644 index 0000000..a4f369c --- /dev/null +++ b/features/step_definitions/api_steps.rb @@ -0,0 +1,131 @@ +if defined?(Rack) + +  # Monkey patch Rack::MockResponse to work properly with response debugging +  class Rack::MockResponse +    def to_str +      body +    end +  end + +  World(Rack::Test::Methods) + +end + +Given /^I set headers:$/ do |headers| +  headers.rows_hash.each do |key,value| +    value.sub!('MY_AUTH_TOKEN', @my_auth_token.to_s) if @my_auth_token +    header key, value +  end +end + +Given /^I send and accept (XML|JSON)$/ do |type| +  header 'Accept', "application/#{type.downcase}" +  header 'Content-Type', "application/#{type.downcase}" +end + +Given /^I send and accept HTML$/ do +  header 'Accept', "text/html" +  header 'Content-Type', "application/x-www-form-urlencoded" +end + +When /^I authenticate as the user "([^"]*)" with the password "([^"]*)"$/ do |user, pass| +  authorize user, pass +end + +When /^I digest\-authenticate as the user "(.*?)" with the password "(.*?)"$/ do |user, pass| +  digest_authorize user, pass +end + +When /^I send a (GET|POST|PUT|DELETE) request (?:for|to) "([^"]*)"(?: with the following:)?$/ do |*args| +  request_type = args.shift +  path = args.shift +  input = args.shift + +  request_opts = {method: request_type.downcase.to_sym} + +  unless input.nil? +    if input.class == Cucumber::Ast::Table +      request_opts[:params] = input.rows_hash +    else +      request_opts[:input] = input +    end +  end + +  request path, request_opts +end + +Then /^show me the (unparsed)?\s?response$/ do |unparsed| +  if unparsed == 'unparsed' +    puts last_response.body +  elsif last_response.headers['Content-Type'] =~ /json/ +    json_response = JSON.parse(last_response.body) +    puts JSON.pretty_generate(json_response) +  else +    puts last_response.headers +    puts last_response.body +  end +end + +Then /^the response status should be "([^"]*)"$/ do |status| +  if self.respond_to? :should +    last_response.status.should == status.to_i +  else +    assert_equal status.to_i, last_response.status +  end +end + +Then /^the response should (not)?\s?have "([^"]*)"$/ do |negative, key| +  json    = JSON.parse(last_response.body) +  if self.respond_to?(:should) +    if negative.present? +      json[key].should be_blank +    else +      json[key].should be_present +    end +  else +    if negative.present? +      assert json[key].blank? +    else +      assert json[key].present? +    end +  end +end + + +Then /^the response should (not)?\s?have "([^"]*)" with(?: the text)? "([^"]*)"$/ do |negative, key, text| +  json    = JSON.parse(last_response.body) +  if self.respond_to?(:should) +    if negative.present? +      json[key].should_not == text +    else +      results.should == text +    end +  else +    if negative.present? +      assert ! json[key] == text +    else +      assert_equal text, json[key] +    end +  end +end + +Then /^the response should be:$/ do |json| +  expected = JSON.parse(json) +  actual = JSON.parse(last_response.body) + +  if self.respond_to?(:should) +    actual.should == expected +  else +    assert_equal expected, actual +  end +end + +Then /^the response should have "([^"]*)" with a length of (\d+)$/ do |json_path, length| +  json = JSON.parse(last_response.body) +  results = JsonPath.new(json_path).on(json) +  if self.respond_to?(:should) +    results.length.should == length.to_i +  else +    assert_equal length.to_i, results.length +  end +end diff --git a/features/step_definitions/auth_steps.rb b/features/step_definitions/auth_steps.rb new file mode 100644 index 0000000..00d9004 --- /dev/null +++ b/features/step_definitions/auth_steps.rb @@ -0,0 +1,6 @@ + +Given /^I authenticated$/ do +  @user = FactoryGirl.create(:user) +  @my_auth_token = Token.create user_id: @user.id +end + diff --git a/features/step_definitions/config_steps.rb b/features/step_definitions/config_steps.rb new file mode 100644 index 0000000..50ae829 --- /dev/null +++ b/features/step_definitions/config_steps.rb @@ -0,0 +1,6 @@ +Given /the provider config is:$/ do |config| +  @tempfile = Tempfile.new('provider.json') +  @tempfile.write config +  @tempfile.close +  StaticConfigController::PROVIDER_JSON = @tempfile.path +end diff --git a/features/support/env.rb b/features/support/env.rb new file mode 100644 index 0000000..d3067db --- /dev/null +++ b/features/support/env.rb @@ -0,0 +1,58 @@ +# IMPORTANT: This file is generated by cucumber-rails - edit at your own peril. +# It is recommended to regenerate this file in the future when you upgrade to a +# newer version of cucumber-rails. Consider adding your own code to a new file +# instead of editing this one. Cucumber will automatically load all features/**/*.rb +# files. + +require 'cucumber/rails' + +# Capybara defaults to CSS3 selectors rather than XPath. +# If you'd prefer to use XPath, just uncomment this line and adjust any +# selectors in your step definitions to use the XPath syntax. +# Capybara.default_selector = :xpath + +# By default, any exception happening in your Rails application will bubble up +# to Cucumber so that your scenario will fail. This is a different from how +# your application behaves in the production environment, where an error page will +# be rendered instead. +# +# Sometimes we want to override this default behaviour and allow Rails to rescue +# exceptions and display an error page (just like when the app is running in production). +# Typical scenarios where you want to do this is when you test your error pages. +# There are two ways to allow Rails to rescue exceptions: +# +# 1) Tag your scenario (or feature) with @allow-rescue +# +# 2) Set the value below to true. Beware that doing this globally is not +# recommended as it will mask a lot of errors for you! +# +ActionController::Base.allow_rescue = false + +# Remove/comment out the lines below if your app doesn't have a database. +# For some databases (like MongoDB and CouchDB) you may need to use :truncation instead. +begin +  #DatabaseCleaner.strategy = :truncation +rescue NameError +  raise "You need to add database_cleaner to your Gemfile (in the :test group) if you wish to use it." +end + +# You may also want to configure DatabaseCleaner to use different strategies for certain features and scenarios. +# See the DatabaseCleaner documentation for details. Example: +# +#   Before('@no-txn,@selenium,@culerity,@celerity,@javascript') do +#     # { :except => [:widgets] } may not do what you expect here +#     # as Cucumber::Rails::Database.javascript_strategy overrides +#     # this setting. +#     DatabaseCleaner.strategy = :truncation +#   end +# +#   Before('~@no-txn', '~@selenium', '~@culerity', '~@celerity', '~@javascript') do +#     DatabaseCleaner.strategy = :transaction +#   end +# + +# Possible values are :truncation and :transaction +# The :transaction strategy is faster, but might give you threading problems. +# See https://github.com/cucumber/cucumber-rails/blob/master/features/choose_javascript_database_strategy.feature +Cucumber::Rails::Database.javascript_strategy = :truncation + diff --git a/features/support/hooks.rb b/features/support/hooks.rb new file mode 100644 index 0000000..19928d8 --- /dev/null +++ b/features/support/hooks.rb @@ -0,0 +1,18 @@ +After '@tempfile' do +  if @tempfile +    @tempfile.close +    @tempfile.unlink +  end +end + +After do |scenario| +  if scenario.failed? +    logfile_path = Rails.root + 'tmp' +    logfile_path += "#{scenario.title.gsub(/\s/, '_')}.log" +    File.open(logfile_path, 'w') do |test_log| +      test_log.puts scenario.title +      test_log.puts "=========================" +      test_log.puts `tail log/test.log -n 200` +    end +  end +end diff --git a/features/unauthenticated.feature b/features/unauthenticated.feature new file mode 100644 index 0000000..120274b --- /dev/null +++ b/features/unauthenticated.feature @@ -0,0 +1,29 @@ +Feature: Unauthenticated API endpoints + +  Most of the LEAP Provider API requires authentication. +  However there are a few exceptions - mostly prerequisits of authenticating. This feature and the authentication feature document these. + +  Background: +    Given I set headers: +      | Accept       | application/json | +      | Content-Type | application/json | + +  @tempfile +  Scenario: Fetch provider config +    Given the provider config is: +      """ +      {"config": "me"} +      """ +    When I send a GET request to "/provider.json" +    Then the response status should be "200" +    And the response should be: +      """ +      {"config": "me"} +      """ + +  Scenario: Authentication required for all other API endpoints +    When I send a GET request to "/1/configs" +    Then the response status should be "401" +    And the response should have "error" with "not_authorized_login" +    And the response should have "message" + | 
