From b8ba4f27a82868e0b3338b4af761f7c44226e729 Mon Sep 17 00:00:00 2001 From: Azul Date: Mon, 15 Jan 2018 18:21:44 +0100 Subject: (WIP) first steps towards implementing keys API --- features/2/keys.feature | 176 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 176 insertions(+) create mode 100644 features/2/keys.feature (limited to 'features/2/keys.feature') diff --git a/features/2/keys.feature b/features/2/keys.feature new file mode 100644 index 0000000..cc87da0 --- /dev/null +++ b/features/2/keys.feature @@ -0,0 +1,176 @@ +Feature: Handle current users collection of keys + + LEAP currently uses OpenPGP and is working on implementing katzenpost. + Both systems require public keys of a user to be available for retrival. + + The /2/keys endpoint allows the client to manage the public keys + registered for their users email address. + + You need to specify the type of the key when publishing it. Some + keytypes such as 'openpgp' and 'katzenpost_id' will only allow a + single key to be published. Others such as 'katzenpost_link' allow + multiple keys to be registered at the same time. We deal with this + by allowing arbitrary json data to be specified as the value of the + key. So katzenpost_link keys can be combined in a json data structure. + + POST request will register a new key. In order to replace an existing + key you need to send a PATCH request to /keys/:type including the last + revision (rev) of the key. This way we can detect conflicts between + concurrend updates. + + Background: + Given I authenticated + Given I set headers: + | Accept | application/json | + | Content-Type | application/json | + | Authorization | Token token="MY_AUTH_TOKEN" | + + Scenario: Get initial empty set of keys + When I send a GET request to "2/keys" + Then the response status should be "200" + And the response should be: + """ + {} + """ + + Scenario: Get all the keys + Given I have published a "openpgp" key + And I have published "katzenpost_link" keys + When I send a GET request to "2/keys" + Then the response status should be "200" + And the response should be: + """ + { + "openpgp": { + "type": "openpgp", + "value": "DUMMY_KEY", + "rev": "DUMMY_REV" + }, + "katzenpost_link": { + "type": "katzenpost_link", + "value": { + "one": "DUMMY_KEY", + "two": "DUMMY_KEY" + }, + "rev": "DUMMY_REV" + } + } + """ + + Scenario: Get a single key + Given I have published a "openpgp" key + When I send a GET request to "2/keys/openpgp" + Then the response status should be "200" + And the response should be: + """ + { + "type": "openpgp", + "value": "DUMMY_KEY", + "rev": "DUMMY_REV" + } + """ + + Scenario: Get a set of keys for one type + Given I have published "katzenpost_link" keys + When I send a GET request to "2/keys/katzenpost_link" + Then the response status should be "200" + And the response should be: + """ + { + "type": "katzenpost_link", + "value": { + "one": "DUMMY_KEY", + "two": "DUMMY_KEY" + }, + "rev": "DUMMY_REV" + } + """ + + Scenario: Publish an initial OpenPGP key + When I send a POST request to "2/keys" with the following: + """ + { + "type": "openpgp", + "value": "ASDF" + } + """ + Then the response status should be "204" + And I should have published a "openpgp" key + + Scenario: Do not overwrite an existing key + Given I have published a "openpgp" key + When I send a POST request to "2/keys" with the following: + """ + { + "type": "openpgp", + "value": "QWER" + } + """ + Then the response status should be "422" + And the response should be: + """ + { + "error": "key already exists" + } + """ + + Scenario: Updating an existing key + Given I have published a "openpgp" key + When I send a PATCH request to "2/keys/openpgp" with the following: + """ + { + "type": "openpgp", + "value": "QWER", + "rev": "DUMMY_REV" + } + """ + Then the response status should be "204" + And I should have published a "openpgp" key with value "QWER" + + Scenario: Updating an existing key require revision + Given I have published a "openpgp" key + When I send a PATCH request to "2/keys/openpgp" with the following: + """ + { + "type": "openpgp", + "value": "QWER" + } + """ + Then the response status should be "422" + And the response should be: + """ + { + "error": "param is missing or the value is empty: rev" + } + """ + + Scenario: Updating an existing key require right revision + Given I have published a "openpgp" key + When I send a PATCH request to "2/keys/openpgp" with the following: + """ + { + "type": "openpgp", + "value": "QWER", + "rev": "WRONG_REV" + } + """ + Then the response status should be "422" + And the response should be: + """ + { + "error": "wrong revision: WRONG_REV" + } + """ + + Scenario: Publishing an empty key fails + When I send a POST request to "2/keys" with the following: + """ + {} + """ + Then the response status should be "422" + And the response should be: + """ + { + "error": "param is missing or the value is empty: type" + } + """ -- cgit v1.2.3 From 54653f75cf44890310a06c3a8a6be59625629d2a Mon Sep 17 00:00:00 2001 From: Azul Date: Fri, 19 Jan 2018 14:11:24 +0100 Subject: API: implement deleting keys through new keys api --- features/2/keys.feature | 89 ++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 85 insertions(+), 4 deletions(-) (limited to 'features/2/keys.feature') diff --git a/features/2/keys.feature b/features/2/keys.feature index cc87da0..83e70e7 100644 --- a/features/2/keys.feature +++ b/features/2/keys.feature @@ -114,6 +114,19 @@ Feature: Handle current users collection of keys } """ + Scenario: Publishing an empty key fails + When I send a POST request to "2/keys" with the following: + """ + {} + """ + Then the response status should be "422" + And the response should be: + """ + { + "error": "param is missing or the value is empty: type" + } + """ + Scenario: Updating an existing key Given I have published a "openpgp" key When I send a PATCH request to "2/keys/openpgp" with the following: @@ -127,6 +140,24 @@ Feature: Handle current users collection of keys Then the response status should be "204" And I should have published a "openpgp" key with value "QWER" + Scenario: Updating a missing key raises + When I send a PATCH request to "2/keys/openpgp" with the following: + """ + { + "type": "openpgp", + "value": "QWER", + "rev": "DUMMY_REV" + } + """ + Then the response status should be "404" + And the response should be: + """ + { + "error": "no such key: openpgp" + } + """ + And I should not have published a "openpgp" key + Scenario: Updating an existing key require revision Given I have published a "openpgp" key When I send a PATCH request to "2/keys/openpgp" with the following: @@ -162,15 +193,65 @@ Feature: Handle current users collection of keys } """ - Scenario: Publishing an empty key fails - When I send a POST request to "2/keys" with the following: + Scenario: Deleting an existing key + Given I have published a "openpgp" key + When I send a DELETE request to "2/keys/openpgp" with the following: """ - {} + { + "type": "openpgp", + "rev": "DUMMY_REV" + } + """ + Then the response status should be "204" + And I should not have published a "openpgp" key + + Scenario: Deleting a missing key raises + When I send a DELETE request to "2/keys/openpgp" with the following: + """ + { + "type": "openpgp", + "rev": "DUMMY_REV" + } + """ + Then the response status should be "404" + And the response should be: + """ + { + "error": "no such key: openpgp" + } + """ + + Scenario: Deleting an existing key require revision + Given I have published a "openpgp" key + When I send a DELETE request to "2/keys/openpgp" with the following: + """ + { + "type": "openpgp" + } """ Then the response status should be "422" And the response should be: """ { - "error": "param is missing or the value is empty: type" + "error": "param is missing or the value is empty: rev" + } + """ + And I should have published a "openpgp" key + + Scenario: Deleting an existing key require right revision + Given I have published a "openpgp" key + When I send a DELETE request to "2/keys/openpgp" with the following: + """ + { + "type": "openpgp", + "rev": "WRONG_REV" } """ + Then the response status should be "422" + And the response should be: + """ + { + "error": "wrong revision: WRONG_REV" + } + """ + And I should have published a "openpgp" key -- cgit v1.2.3