fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Tests para el feature Oauth

Browse Source
This commit is contained in:
Wendy Nestor
2014-10-31 16:41:48 -04:00
parent 72dd59f6f0
commit bd3e03979a
6 changed files with 915 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

160
features/backend/oauth/main_tests_authorization_code.feature Normal file
View File

@@ -0,0 +1,160 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Authorization Code
Requirements:
a workspace with open session and installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given OAUTH register an application
"""
{
"name":"<application_name>",
"description":"<application_description>",
"webSite":"<application_website>",
"redirectUri":"<application_redirectUri>",
"applicationNumber":"<application_number>"
}
"""
Examples:
| Description | application_number | application_name | application_description | application_website | application_redirectUri |
| Create token normal | 1 | Demo3 | Demo3 desc | http://www.demowendy3.com | www.demowendy3.com/auth |
| Create token normal | 2 | Demo4 | Demo4 desc | http://www.demowendy4.com | http://www.processmaker.com |
#Endpoint para verificar el correcto funcionamiento del token generado en este script
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "array"
And the response has <records> records
And the "out_doc_title" property in row 0 equals "<out_doc_title>"
Examples:
| test_description | project | records | out_doc_title | application_number |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 |
Scenario Outline: Get the Output Documents List both process (without valid token)
Given I request "project/<project>/output-documents"
Then the response status code should be 401
Examples:
| test_description | project | records | out_doc_title | application_number |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Grant type Refresh Token
Scenario Outline: Refresh token
Given POST this data:
"""
{
}
"""
And I request a refresh token for "refresh_token_<grant_number>"
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "object"
And store "access_token" in session array as variable "access_token_<refresh_token_number>"
And store "expires_in" in session array as variable "expires_in_<refresh_token_number>"
And store "token_type" in session array as variable "token_type_<refresh_token_number>"
And store "scope" in session array as variable "scope_<refresh_token_number>"
Examples:
| Description | grant_number | refresh_token_number |
| Create token normal | 1 | 3 |
| Create token normal | 2 | 4 |
#Endpoint para verificar el correcto funcionamiento del Refresh Token generado en este script
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "array"
And the response has <records> records
And the "out_doc_title" property in row 0 equals "<out_doc_title>"
Examples:
| test_description | project | records | out_doc_title | application_number |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 3 |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 4 |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
| 3 |
| 4 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 3 | Unauthorized |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 4 | Unauthorized |

131
features/backend/oauth/main_tests_client_credentials.feature Normal file
View File

@@ -0,0 +1,131 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Client Credentials Grant
Requirements:
a workspace with installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given POST this data:
"""
{
"grant_type":"<grant_type>"
}
"""
And I request a client credential grant
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "object"
And store "access_token" in session array as variable "access_token_<grant_number>"
And store "expires_in" in session array as variable "expires_in_<grant_number>"
And store "token_type" in session array as variable "token_type_<grant_number>"
Examples:
| Description | grant_number | grant_type |
| Create token normal | 1 | client_credentials |
| Create token normal | 2 | client_credentials |
#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases
Scenario Outline: Returns a list of the cases for the logged in user (Inbox)
Given that I assign an access token from session variable "access_token_<grant_number>"
And I request "cases"
Then the response status code should be 400
And the response charset is "UTF-8"
Examples:
| Description | grant_number |
| Create token normal | 1 |
| Create token normal | 2 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |

126
features/backend/oauth/main_tests_implicit_grant.feature Normal file
View File

@@ -0,0 +1,126 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Implicit Grant
Requirements:
a workspace with installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given OAUTH request implicit grant
"""
{
"response_type":"<response_type>",
"client_id":"<client_id>",
"scope":"<scope>",
"implicit_grant_number":"<implicit_grant_number>"
}
"""
Examples:
| Description | implicit_grant_number | response_type | client_id | scope |
| Create token normal | 1 | token | x-pm-local-client | * |
| Create token normal | 2 | token | x-pm-local-client | * |
#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases
Scenario Outline: Returns a list of the cases for the logged in user (Inbox)
Given that I assign an access token from session variable "access_token_<implicit_grant_number>"
And I request "cases"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "array"
And the response has 14 records
Examples:
| Description | implicit_grant_number |
| Create token normal | 1 |
| Create token normal | 2 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |

139
features/backend/oauth/main_tests_resources_owner_password_credentials.feature Normal file
View File

@@ -0,0 +1,139 @@
@ProcessMakerMichelangelo @RestAPI
Feature: Generate token Grant type - Resources Owner Password Credential Grant
Requirements:
a workspace with installed application
Scenario Outline: Create new CLIENT_ID and CLIENT_SECRET
Given POST this data:
"""
{
"grant_type":"<grant_type>",
"username":"<username>",
"password":"<password>",
"scope":"<scope>"
}
"""
And I request a owner password credential grant
Then the response status code should be 200
And the response charset is "UTF-8"
And the content type is "application/json"
And the type is "object"
And store "access_token" in session array as variable "access_token_<grant_number>"
And store "expires_in" in session array as variable "expires_in_<grant_number>"
And store "token_type" in session array as variable "token_type_<grant_number>"
And store "scope" in session array as variable "scope_<grant_number>"
And store "refresh_token" in session array as variable "refresh_token_<grant_number>"
Examples:
| Description | grant_number | grant_type | username | password | scope |
| Create token normal | 1 | password | amy | sample | * |
| Create token normal | 2 | password | admin | sample123* | * |
#Endpoint para verificar el correcto funcionamiento del token generado en este script especificamente en la opción Running Cases
Scenario Outline: Returns a list of the cases for the logged in user (Inbox)
Given that I assign an access token from session variable "access_token_<grant_number>"
And I request "cases"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "array"
And the response has <records> records
Examples:
| Description | grant_number | records |
| Create token normal | 1 | 4 |
| Create token normal | 2 | 14 |
#Endpoint para hacer que expire los token creados en este script
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 1 | 1 |
Scenario Outline: Expire token created in this script
Given POST this data:
"""
{
}
"""
And I request "oauth2/access_token/expire" with the key "access_token" stored in session array as variable "access_token_<application_number>"
Then the response status code should be 200
Examples:
| Description | application_number |
| Expire token 2 | 2 |
#Endpoint para verificar que el token haya expirado
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |
#Endpoint para borrar el token creado en este script
Scenario Outline: Delete all tokens created previously in this script
Given that I want to delete a resource with the key "access_token_<application_number>" stored in session array
And I request "oauth2"
And the content type is "application/json"
Then the response status code should be 200
And the response charset is "UTF-8"
And the type is "object"
Examples:
| application_number |
| 1 |
| 2 |
#Endpoint para verificar que el token ya no existe
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Test Users-Step-Properties End Point" | 4224292655297723eb98691001100052 | 2 | Endpoint Old Version (base) | 1 | Unauthorized |
Scenario Outline: Get the Output Documents List both process
Given that I assign an access token from session variable "access_token_<application_number>"
And I request "project/<project>/output-documents"
Then the response status code should be 401
And the response status message should have the following text "<error_message>"
Examples:
| test_description | project | records | out_doc_title | application_number | error_message |
| List Outputs in process "Process Complete BPMN" | 1455892245368ebeb11c1a5001393784 | 1 | Output Document | 2 | Unauthorized |