1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
|
Feature: Handle current users collection of keys
LEAP currently uses OpenPGP and is working on implementing katzenpost.
Both systems require public keys of a user to be available for retrival.
The /1/keys endpoint allows the client to manage the public keys
registered for their users email address.
You need to specify the type of the key when publishing it. Some
keytypes such as 'openpgp' and 'katzenpost_id' will only allow a
single key to be published. Others such as 'katzenpost_link' allow
multiple keys to be registered at the same time. We deal with this
by allowing arbitrary json data to be specified as the value of the
key. So katzenpost_link keys can be combined in a json data structure.
POST request will register a new key. In order to replace an existing
key you need to send a PATCH request to /keys/:type including the last
revision (rev) of the key. This way we can detect conflicts between
concurrend updates.
Background:
Given I authenticated
Given I set headers:
| Accept | application/json |
| Content-Type | application/json |
| Authorization | Token token="MY_AUTH_TOKEN" |
Scenario: Get initial empty set of keys
When I send a GET request to "1/keys"
Then the response status should be "200"
And the response should be:
"""
{}
"""
Scenario: Get all the keys
Given I have published a "openpgp" key
And I have published "katzenpost_kink" keys
When I send a GET request to "1/keys"
Then the response status should be "200"
And the response should be:
"""
{
"openpgp": {
"type": "openpgp",
"value": "ASDF",
"rev": "1234567890"
},
"katzenpost_link": {
"type": "katzenpost_link",
"value": {
"one": "ASDF",
"two": "QWER"
},
"rev": "1234567890"
}
}
"""
Scenario: Get a single key
Given I have published a "openpgp" key
When I send a GET request to "1/keys/openpgp"
Then the response status should be "200"
And the response should be:
"""
"ASDF"
"""
Scenario: Get a set of keys for one type
Given I have published "katzenpost_link" keys
When I send a GET request to "1/keys/katzenpost_link"
Then the response status should be "200"
And the response should be:
"""
{
"one": "ASDF",
"two": "QWER"
}
"""
Scenario: Publish an initial OpenPGP key
When I send a POST request to "1/keys" with the following:
"""
{
"type": "openpgp",
"value": "ASDF"
}
"""
Then the response status should be "204"
Scenario: Do not overwrite an existing key
Given I have published a "openpgp" key
When I send a POST request to "1/keys" with the following:
"""
{
"type": "openpgp",
"value": "QWER"
}
"""
Then the response status should be "422"
And the response should be:
"""
{
"error": "key already exists"
}
"""
Scenario: Updating an existing key require revision
Given I have published a "openpgp" key
When I send a PATCH request to "1/keys/openpgp" with the following:
"""
{
"type": "openpgp",
"value": "QWER"
}
"""
Then the response status should be "422"
And the response should be:
"""
{
"error": "no revision specified"
}
"""
Scenario: Updating an existing key
Given I have published a "openpgp" key with revision "1234567890"
When I send a PATCH request to "1/keys/openpgp" with the following:
"""
{
"type": "openpgp",
"value": "QWER",
"rev": "1234567890"
}
"""
Then the response status should be "204"
Scenario: Publishing an empty key fails
When I send a POST request to "1/keys" with the following:
"""
{}
"""
Then the response status should be "422"
And the response should be:
"""
{
"error": "key type missing"
}
"""
|