diff --git a/tests/acceptance/TestHelpers/AuthAppHelper.php b/tests/acceptance/TestHelpers/AuthAppHelper.php index c42f5f4d8..515edc258 100644 --- a/tests/acceptance/TestHelpers/AuthAppHelper.php +++ b/tests/acceptance/TestHelpers/AuthAppHelper.php @@ -61,7 +61,7 @@ class AuthAppHelper { * @param string $baseUrl * @param string $user * @param string $password - * @param string $expiration + * @param array $params * * @return ResponseInterface */ @@ -69,9 +69,10 @@ class AuthAppHelper { string $baseUrl, string $user, string $password, - string $expiration + array $params, ): ResponseInterface { - $url = $baseUrl . self::getAuthAppEndpoint() . "?expiry=$expiration"; + $url = $baseUrl . self::getAuthAppEndpoint() . "?" + . http_build_query($params); return HttpRequestHelper::sendRequest( $url, null, diff --git a/tests/acceptance/bootstrap/AuthAppContext.php b/tests/acceptance/bootstrap/AuthAppContext.php index ce562b6c2..cf9ea26b1 100644 --- a/tests/acceptance/bootstrap/AuthAppContext.php +++ b/tests/acceptance/bootstrap/AuthAppContext.php @@ -23,7 +23,6 @@ use Behat\Behat\Context\Context; use Behat\Behat\Hook\Scope\BeforeScenarioScope; use TestHelpers\BehatHelper; -use GuzzleHttp\Exception\GuzzleException; use TestHelpers\AuthAppHelper; require_once 'bootstrap.php'; @@ -62,7 +61,7 @@ class AuthAppContext implements Context { $this->featureContext->getBaseUrl(), $this->featureContext->getActualUsername($user), $this->featureContext->getPasswordForUser($user), - $expiration, + ["expiry" => $expiration], ) ); } @@ -80,7 +79,7 @@ class AuthAppContext implements Context { $this->featureContext->getBaseUrl(), $this->featureContext->getActualUsername($user), $this->featureContext->getPasswordForUser($user), - $expiration, + ["expiry" => $expiration] ); $this->featureContext->theHTTPStatusCodeShouldBe(200, "", $response); } @@ -101,4 +100,58 @@ class AuthAppContext implements Context { ) ); } + + /** + * @Given the administrator has created app token for user :impersonatedUser with expiration time :expiration using the auth-app API + * + * @param string $impersonatedUser + * @param string $expiration + * + * @return void + */ + public function theAdministratorHasCreatedAppTokenWithExpirationTimeImpersonatingUserUsingTheAuthAppApi( + string $impersonatedUser, + string $expiration, + ): void { + $response = AuthAppHelper::createAppAuthToken( + $this->featureContext->getBaseUrl(), + $this->featureContext->getAdminUsername(), + $this->featureContext->getAdminPassword(), + [ + "expiry" => $expiration, + "userName" => $this->featureContext->getActualUsername($impersonatedUser) + ], + ); + $this->featureContext->theHTTPStatusCodeShouldBe( + 200, + "Failed creating auth-app token\n" + . "HTTP status code 200 is not the expected value " . $response->getStatusCode(), + $response + ); + } + + /** + * @When the administrator creates app token for user :impersonatedUser with expiration time :expiration using the auth-app API + * + * @param string $impersonatedUser + * @param string $expiration + * + * @return void + */ + public function theAdministratorCreatesAppTokenForUserWithExpirationTimeViaAuthAppApi( + string $impersonatedUser, + string $expiration, + ): void { + $this->featureContext->setResponse( + AuthAppHelper::createAppAuthToken( + $this->featureContext->getBaseUrl(), + $this->featureContext->getAdminUsername(), + $this->featureContext->getAdminPassword(), + [ + "expiry" => $expiration, + "userName" => $this->featureContext->getActualUsername($impersonatedUser) + ], + ) + ); + } } diff --git a/tests/acceptance/config/behat.yml b/tests/acceptance/config/behat.yml index 57948c74c..291131b92 100644 --- a/tests/acceptance/config/behat.yml +++ b/tests/acceptance/config/behat.yml @@ -432,6 +432,7 @@ default: - FeatureContext: *common_feature_context_params - AuthAppContext: - CliContext: + - OcisConfigContext: cliCommands: paths: diff --git a/tests/acceptance/features/apiAuthApp/token.feature b/tests/acceptance/features/apiAuthApp/token.feature index a4b3d92b6..f3626ef4a 100644 --- a/tests/acceptance/features/apiAuthApp/token.feature +++ b/tests/acceptance/features/apiAuthApp/token.feature @@ -31,9 +31,11 @@ Feature: create auth-app token } """ - - Scenario: user lists app tokens - Given user "Alice" has created app token with expiration time "72h" using the auth-app API + @env-config + Scenario: user lists auth-app tokens generated by different auth-app api + Given the config "AUTH_APP_ENABLE_IMPERSONATION" has been set to "true" + And user "Alice" has created app token with expiration time "72h" using the auth-app API + And the administrator has created app token for user "Alice" with expiration time "72h" using the auth-app API And user "Alice" has created app token with expiration time "72h" using the auth-app CLI When user "Alice" lists all created tokens using the auth-app API Then the HTTP status code should be "200" @@ -41,8 +43,8 @@ Feature: create auth-app token """ { "type": "array", - "minItems": 2, - "maxItems": 2, + "minItems": 3, + "maxItems": 3, "uniqueItems": true, "items": { "oneOf": [ @@ -79,8 +81,51 @@ Feature: create auth-app token "const": "Generated via CLI" } } + }, + { + "type": "object", + "required": [ + "token", + "expiration_date", + "created_date", + "label" + ], + "properties": { + "token": { + "pattern": "^\\$2a\\$11\\$[A-Za-z0-9./]{53}$" + }, + "label": { + "const": "Generated via Impersonation API" + } + } } ] } } """ + + @env-config + Scenario: admin creates auth-app token for other user + Given the config "AUTH_APP_ENABLE_IMPERSONATION" has been set to "true" + When the administrator creates app token for user "Alice" with expiration time "72h" using the auth-app API + Then the HTTP status code should be "200" + And the JSON data of the response should match + """ + { + "type": "object", + "required": [ + "token", + "expiration_date", + "created_date", + "label" + ], + "properties": { + "token": { + "pattern": "^[a-zA-Z0-9]{16}$" + }, + "label": { + "const": "Generated via Impersonation API" + } + } + } + """