features/2/keys.feature


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176

Feature: Handle current users collection of keys

  LEAP currently uses OpenPGP and is working on implementing katzenpost.
  Both systems require public keys of a user to be available for retrival.

  The /2/keys endpoint allows the client to manage the public keys
  registered for their users email address.

  You need to specify the type of the key when publishing it. Some
  keytypes such as 'openpgp' and 'katzenpost_id' will only allow a
  single key to be published. Others such as 'katzenpost_link' allow
  multiple keys to be registered at the same time. We deal with this
  by allowing arbitrary json data to be specified as the value of the
  key. So katzenpost_link keys can be combined in a json data structure.

  POST request will register a new key. In order to replace an existing
  key you need to send a PATCH request to /keys/:type including the last
  revision (rev) of the key. This way we can detect conflicts between
  concurrend updates.

  Background:
    Given I authenticated
    Given I set headers:
      | Accept       | application/json |
      | Content-Type | application/json |
      | Authorization | Token token="MY_AUTH_TOKEN" |

  Scenario: Get initial empty set of keys
    When I send a GET request to "2/keys"
    Then the response status should be "200"
    And the response should be:
    """
      {}
    """

  Scenario: Get all the keys
    Given I have published a "openpgp" key
    And I have published "katzenpost_link" keys
    When I send a GET request to "2/keys"
    Then the response status should be "200"
    And the response should be:
    """
    {
    "openpgp": {
      "type": "openpgp",
      "value": "DUMMY_KEY",
      "rev": "DUMMY_REV"
      },
    "katzenpost_link": {
      "type": "katzenpost_link",
      "value": {
        "one": "DUMMY_KEY",
        "two": "DUMMY_KEY"
      },
      "rev": "DUMMY_REV"
      }
    }
    """

  Scenario: Get a single key
    Given I have published a "openpgp" key
    When I send a GET request to "2/keys/openpgp"
    Then the response status should be "200"
    And the response should be:
    """
    {
      "type": "openpgp",
      "value": "DUMMY_KEY",
      "rev": "DUMMY_REV"
    }
    """

  Scenario: Get a set of keys for one type
    Given I have published "katzenpost_link" keys
    When I send a GET request to "2/keys/katzenpost_link"
    Then the response status should be "200"
    And the response should be:
    """
      {
        "type": "katzenpost_link",
        "value": {
          "one": "DUMMY_KEY",
          "two": "DUMMY_KEY"
          },
        "rev": "DUMMY_REV"
      }
    """

  Scenario: Publish an initial OpenPGP key
    When I send a POST request to "2/keys" with the following:
    """
      {
      "type": "openpgp",
      "value": "ASDF"
      }
    """
    Then the response status should be "204"
    And I should have published a "openpgp" key

  Scenario: Do not overwrite an existing key
    Given I have published a "openpgp" key
    When I send a POST request to "2/keys" with the following:
    """
      {
      "type": "openpgp",
      "value": "QWER"
      }
    """
    Then the response status should be "422"
    And the response should be:
    """
      {
      "error": "key already exists"
      }
    """

  Scenario: Updating an existing key
    Given I have published a "openpgp" key
    When I send a PATCH request to "2/keys/openpgp" with the following:
    """
      {
      "type": "openpgp",
      "value": "QWER",
      "rev": "DUMMY_REV"
      }
    """
    Then the response status should be "204"
    And I should have published a "openpgp" key with value "QWER"

  Scenario: Updating an existing key require revision
    Given I have published a "openpgp" key
    When I send a PATCH request to "2/keys/openpgp" with the following:
    """
      {
      "type": "openpgp",
      "value": "QWER"
      }
    """
    Then the response status should be "422"
    And the response should be:
    """
      {
      "error": "param is missing or the value is empty: rev"
      }
    """

  Scenario: Updating an existing key require right revision
    Given I have published a "openpgp" key
    When I send a PATCH request to "2/keys/openpgp" with the following:
    """
      {
      "type": "openpgp",
      "value": "QWER",
      "rev": "WRONG_REV"
      }
    """
    Then the response status should be "422"
    And the response should be:
    """
      {
      "error": "wrong revision: WRONG_REV"
      }
    """

  Scenario: Publishing an empty key fails
    When I send a POST request to "2/keys" with the following:
    """
      {}
    """
    Then the response status should be "422"
    And the response should be:
    """
      {
      "error": "param is missing or the value is empty: type"
      }
    """