summaryrefslogtreecommitdiff
path: root/features
diff options
context:
space:
mode:
Diffstat (limited to 'features')
-rw-r--r--features/1/anonymous.feature34
-rw-r--r--features/1/authentication.feature24
-rw-r--r--features/1/config.feature58
-rw-r--r--features/1/service.feature33
-rw-r--r--features/1/unauthenticated.feature31
-rw-r--r--features/anonymous.feature8
-rw-r--r--features/authentication.feature4
-rw-r--r--features/config.feature16
-rw-r--r--features/service.feature4
-rw-r--r--features/step_definitions/config_steps.rb9
-rw-r--r--features/support/hooks.rb4
-rw-r--r--features/unauthenticated.feature10
12 files changed, 206 insertions, 29 deletions
diff --git a/features/1/anonymous.feature b/features/1/anonymous.feature
new file mode 100644
index 0000000..73a6d3f
--- /dev/null
+++ b/features/1/anonymous.feature
@@ -0,0 +1,34 @@
+@config
+Feature: Anonymous access to EIP
+
+ A provider may choose to allow anonymous access to EIP.
+ In this case some endpoints that would normally require authentication
+ will be available without authentication.
+
+ Background:
+ Given "allow_anonymous_certs" is enabled in the config
+ And I set headers:
+ | Accept | application/json |
+ | Content-Type | application/json |
+
+ Scenario: Fetch configs when anonymous certs are allowed
+ When I send a GET request to "/1/configs.json"
+ Then the response status should be "200"
+
+ Scenario: Fetch EIP config when anonymous certs are allowed
+ Given there is a config for the eip
+ When I send a GET request to "/1/configs/eip-service.json"
+ Then the response status should be "200"
+
+ Scenario: Fetch service description
+ When I send a GET request to "/1/service.json"
+ Then the response status should be "200"
+ And the response should be:
+ """
+ {
+ "name": "anonymous",
+ "description": "anonymous access to the VPN",
+ "eip_rate_limit": false
+ }
+ """
+
diff --git a/features/1/authentication.feature b/features/1/authentication.feature
new file mode 100644
index 0000000..52b562f
--- /dev/null
+++ b/features/1/authentication.feature
@@ -0,0 +1,24 @@
+Feature: Authentication
+
+ Authentication is handled with SRP. Once the SRP handshake has been successful a token will be transmitted. This token is used to authenticate further requests.
+
+ In the scenarios MY_AUTH_TOKEN will serve as a placeholder for the actual token received.
+
+ Background:
+ Given I set headers:
+ | Accept | application/json |
+ | Content-Type | application/json |
+
+ Scenario: Submitting a valid token
+ Given I authenticated
+ And I set headers:
+ | Authorization | Token token="MY_AUTH_TOKEN" |
+ When I send a GET request to "/1/configs.json"
+ Then the response status should be "200"
+
+ Scenario: Submitting an invalid token
+ Given I authenticated
+ And I set headers:
+ | Authorization | Token token="InvalidToken" |
+ When I send a GET request to "/1/configs.json"
+ Then the response status should be "401"
diff --git a/features/1/config.feature b/features/1/config.feature
new file mode 100644
index 0000000..ff04e9d
--- /dev/null
+++ b/features/1/config.feature
@@ -0,0 +1,58 @@
+Feature: Download Provider Configuration
+
+ The LEAP Provider exposes parts of its configuration through the API.
+
+ This can be used to find out about services offered. The big picture can be retrieved from `/provider.json`. Which is available without authentication (see unauthenticated.feature).
+
+ More detailed settings of the services are available after authentication. You can get a list of the available settings from `/1/configs.json`.
+
+ Background:
+ Given I authenticated
+ Given I set headers:
+ | Accept | application/json |
+ | Content-Type | application/json |
+ | Authorization | Token token="MY_AUTH_TOKEN" |
+
+ @tempfile
+ Scenario: Fetch provider config
+ Given there is a config for the provider
+ When I send a GET request to "/provider.json"
+ Then the response status should be "200"
+ And the response should be that config
+
+ Scenario: Missing provider config
+ When I send a GET request to "/provider.json"
+ Then the response status should be "404"
+ And the response should have "error" with "not_found"
+
+ Scenario: Fetch list of available configs
+ When I send a GET request to "/1/configs.json"
+ Then the response status should be "200"
+ And the response should be:
+ """
+ {
+ "services": {
+ "soledad": "/1/configs/soledad-service.json",
+ "eip": "/1/configs/eip-service.json",
+ "smtp": "/1/configs/smtp-service.json"
+ }
+ }
+ """
+
+ Scenario: Attempt to fetch an invalid config
+ When I send a GET request to "/1/configs/non-existing.json"
+ Then the response status should be "403"
+
+ # I am not sure what this test is about, that config is not
+ # actually missing.
+ #Scenario: Attempt to fetch a config that is missing on the server
+ # When I send a GET request to "/1/configs/eip-service.json"
+ # Then the response status should be "404"
+
+ @tempfile, @config
+ Scenario: Attempt to fetch the EIP config
+ Given there is a config for the eip
+ When I send a GET request to "/1/configs/eip-service.json"
+ Then the response status should be "200"
+ And the response should be that config
+
diff --git a/features/1/service.feature b/features/1/service.feature
new file mode 100644
index 0000000..ea49c74
--- /dev/null
+++ b/features/1/service.feature
@@ -0,0 +1,33 @@
+Feature: Get service description for current user
+
+ The LEAP provider can offer different services and their availability may
+ depend upon a users service level - so wether they are paying or not.
+
+ The /1/service endpoint allows the client to find out about the services
+ available to the authenticated user.
+
+ Background:
+ Given I authenticated
+ Given I set headers:
+ | Accept | application/json |
+ | Content-Type | application/json |
+ | Authorization | Token token="MY_AUTH_TOKEN" |
+
+ Scenario: Get service settings
+ When I send a GET request to "/1/service"
+ Then the response status should be "200"
+ And the response should be:
+ """
+ {
+ "name": "free",
+ "description": "free account, with rate limited VPN",
+ "eip_rate_limit": true,
+ "storage": 100,
+ "services": [
+ "eip"
+ ]
+ }
+ """
+
+
+
diff --git a/features/1/unauthenticated.feature b/features/1/unauthenticated.feature
new file mode 100644
index 0000000..aea7117
--- /dev/null
+++ b/features/1/unauthenticated.feature
@@ -0,0 +1,31 @@
+Feature: Unauthenticated API endpoints
+
+ Most of the LEAP Provider API requires authentication.
+ However there are a few exceptions - mostly prerequisits of authenticating. This feature and the authentication feature document these.
+
+ Background:
+ Given I set headers:
+ | Accept | application/json |
+ | Content-Type | application/json |
+
+ @tempfile
+ Scenario: Fetch provider config
+ Given there is a config for the provider
+ When I send a GET request to "/provider.json"
+ Then the response status should be "200"
+ And the response should be that config
+
+ Scenario: Authentication required response
+ When I send a GET request to "/1/configs"
+ Then the response status should be "401"
+ And the response should have "error" with "not_authorized_login"
+ And the response should have "message"
+
+ Scenario: Authentication required for all other API endpoints (incomplete)
+ Given I am not logged in
+ When I send requests to these endpoints:
+ | GET | /1/configs |
+ | GET | /1/configs/config_id.json |
+ | GET | /1/service |
+ | DELETE | /1/logout |
+ Then they should require authentication
diff --git a/features/anonymous.feature b/features/anonymous.feature
index 73a6d3f..d6b3ce2 100644
--- a/features/anonymous.feature
+++ b/features/anonymous.feature
@@ -5,23 +5,23 @@ Feature: Anonymous access to EIP
In this case some endpoints that would normally require authentication
will be available without authentication.
- Background:
+ Background:
Given "allow_anonymous_certs" is enabled in the config
And I set headers:
| Accept | application/json |
| Content-Type | application/json |
Scenario: Fetch configs when anonymous certs are allowed
- When I send a GET request to "/1/configs.json"
+ When I send a GET request to "/2/configs.json"
Then the response status should be "200"
Scenario: Fetch EIP config when anonymous certs are allowed
Given there is a config for the eip
- When I send a GET request to "/1/configs/eip-service.json"
+ When I send a GET request to "/2/configs/eip-service.json"
Then the response status should be "200"
Scenario: Fetch service description
- When I send a GET request to "/1/service.json"
+ When I send a GET request to "/2/service.json"
Then the response status should be "200"
And the response should be:
"""
diff --git a/features/authentication.feature b/features/authentication.feature
index 52b562f..806e2b7 100644
--- a/features/authentication.feature
+++ b/features/authentication.feature
@@ -13,12 +13,12 @@ Feature: Authentication
Given I authenticated
And I set headers:
| Authorization | Token token="MY_AUTH_TOKEN" |
- When I send a GET request to "/1/configs.json"
+ When I send a GET request to "/2/configs.json"
Then the response status should be "200"
Scenario: Submitting an invalid token
Given I authenticated
And I set headers:
| Authorization | Token token="InvalidToken" |
- When I send a GET request to "/1/configs.json"
+ When I send a GET request to "/2/configs.json"
Then the response status should be "401"
diff --git a/features/config.feature b/features/config.feature
index ff04e9d..bd627de 100644
--- a/features/config.feature
+++ b/features/config.feature
@@ -4,7 +4,7 @@ Feature: Download Provider Configuration
This can be used to find out about services offered. The big picture can be retrieved from `/provider.json`. Which is available without authentication (see unauthenticated.feature).
- More detailed settings of the services are available after authentication. You can get a list of the available settings from `/1/configs.json`.
+ More detailed settings of the services are available after authentication. You can get a list of the available settings from `/2/configs.json`.
Background:
Given I authenticated
@@ -26,33 +26,33 @@ Feature: Download Provider Configuration
And the response should have "error" with "not_found"
Scenario: Fetch list of available configs
- When I send a GET request to "/1/configs.json"
+ When I send a GET request to "/2/configs.json"
Then the response status should be "200"
And the response should be:
"""
{
"services": {
- "soledad": "/1/configs/soledad-service.json",
- "eip": "/1/configs/eip-service.json",
- "smtp": "/1/configs/smtp-service.json"
+ "soledad": "/2/configs/soledad-service.json",
+ "eip": "/2/configs/eip-service.json",
+ "smtp": "/2/configs/smtp-service.json"
}
}
"""
Scenario: Attempt to fetch an invalid config
- When I send a GET request to "/1/configs/non-existing.json"
+ When I send a GET request to "/2/configs/non-existing.json"
Then the response status should be "403"
# I am not sure what this test is about, that config is not
# actually missing.
#Scenario: Attempt to fetch a config that is missing on the server
- # When I send a GET request to "/1/configs/eip-service.json"
+ # When I send a GET request to "/2/configs/eip-service.json"
# Then the response status should be "404"
@tempfile, @config
Scenario: Attempt to fetch the EIP config
Given there is a config for the eip
- When I send a GET request to "/1/configs/eip-service.json"
+ When I send a GET request to "/2/configs/eip-service.json"
Then the response status should be "200"
And the response should be that config
diff --git a/features/service.feature b/features/service.feature
index ea49c74..6244f6c 100644
--- a/features/service.feature
+++ b/features/service.feature
@@ -3,7 +3,7 @@ Feature: Get service description for current user
The LEAP provider can offer different services and their availability may
depend upon a users service level - so wether they are paying or not.
- The /1/service endpoint allows the client to find out about the services
+ The /2/service endpoint allows the client to find out about the services
available to the authenticated user.
Background:
@@ -14,7 +14,7 @@ Feature: Get service description for current user
| Authorization | Token token="MY_AUTH_TOKEN" |
Scenario: Get service settings
- When I send a GET request to "/1/service"
+ When I send a GET request to "/2/service"
Then the response status should be "200"
And the response should be:
"""
diff --git a/features/step_definitions/config_steps.rb b/features/step_definitions/config_steps.rb
index 1fc67f5..a635d06 100644
--- a/features/step_definitions/config_steps.rb
+++ b/features/step_definitions/config_steps.rb
@@ -4,12 +4,9 @@ Given /there is a config for the (.*)$/ do |config|
@tempfile = Tempfile.new("#{config}.json")
@tempfile.write @dummy_config
@tempfile.close
- if config == 'provider'
- StaticConfigController::PROVIDER_JSON = @tempfile.path
- else
- @orig_config ||= APP_CONFIG.dup
- APP_CONFIG[:config_file_paths].merge! "#{config}-service" => @tempfile.path
- end
+ @orig_config ||= APP_CONFIG.dup
+ config = "#{config}-service" unless config == 'provider'
+ APP_CONFIG[:config_file_paths].merge! config => @tempfile.path
end
# use with @config
diff --git a/features/support/hooks.rb b/features/support/hooks.rb
index 256e5d8..4ddc77e 100644
--- a/features/support/hooks.rb
+++ b/features/support/hooks.rb
@@ -13,9 +13,9 @@ end
After do |scenario|
if scenario.failed?
logfile_path = Rails.root + 'tmp'
- logfile_path += "#{scenario.title.gsub(/\s/, '_')}.log"
+ logfile_path += "#{scenario.name.gsub(/\s/, '_')}.log"
File.open(logfile_path, 'w') do |test_log|
- test_log.puts scenario.title
+ test_log.puts scenario.name
test_log.puts "========================="
test_log.puts `tail log/test.log -n 200`
end
diff --git a/features/unauthenticated.feature b/features/unauthenticated.feature
index aea7117..b4b0f55 100644
--- a/features/unauthenticated.feature
+++ b/features/unauthenticated.feature
@@ -16,7 +16,7 @@ Feature: Unauthenticated API endpoints
And the response should be that config
Scenario: Authentication required response
- When I send a GET request to "/1/configs"
+ When I send a GET request to "/2/configs"
Then the response status should be "401"
And the response should have "error" with "not_authorized_login"
And the response should have "message"
@@ -24,8 +24,8 @@ Feature: Unauthenticated API endpoints
Scenario: Authentication required for all other API endpoints (incomplete)
Given I am not logged in
When I send requests to these endpoints:
- | GET | /1/configs |
- | GET | /1/configs/config_id.json |
- | GET | /1/service |
- | DELETE | /1/logout |
+ | GET | /2/configs |
+ | GET | /2/configs/config_id.json |
+ | GET | /2/service |
+ | DELETE | /2/logout |
Then they should require authentication