owncloud
[QA]tests for auth-app token generation via API and cli
related: https://github.com/owncloud/ocis/pull/9755 docs task: #10605
[!Note]
Creatiing app token:
POST https://localhost:9200/auth-app/tokens?expiry=24h
- this returns the actual token (save to use it later - cannot be accessed later on)
List app tokens:
GET https://localhost:9200/auth-app/tokens
- this returns list of tokens with id (NOT actual token value)
we need to have api tests for that and cli test
Bugs
- https://github.com/owncloud/ocis/issues/10815
- https://github.com/owncloud/ocis/issues/10921
- https://github.com/owncloud/ocis/issues/11063
- https://github.com/owncloud/ocis/issues/10675
Test Cases
API
- [x] create with expiry https://github.com/owncloud/ocis/pull/10662
- [x] create with user-id https://github.com/owncloud/ocis/pull/10987
- [ ] try to create with user-id no expiration @prashant-gurung899
- [ ] by admin user, non-admin user and non-existent user: https://github.com/owncloud/ocis/pull/11169
- [x] by normal user: https://github.com/owncloud/ocis/pull/11159
- [ ] try to create with user-id by non-existing user @prashant-gurung899 https://github.com/owncloud/ocis/pull/11174
- [x] try to create without expiry https://github.com/owncloud/ocis/pull/10981
- [x] list https://github.com/owncloud/ocis/pull/10662
- [x] delete https://github.com/owncloud/ocis/pull/10814
- https://github.com/owncloud/ocis/issues/10675
Impersonation
- [x] create with expiry and username https://github.com/owncloud/ocis/pull/10733
- [x] create with expiry and user-id https://github.com/owncloud/ocis/pull/10987
- [x] create with expiry and user-id by normal user https://github.com/owncloud/ocis/pull/10987
- [x] create without expiry (user-id) https://github.com/owncloud/ocis/pull/11159
- [x] try to create without expiry https://github.com/owncloud/ocis/pull/10981
- [x] list https://github.com/owncloud/ocis/pull/10733
- [x] check impersonation works only with
AUTH_APP_ENABLE_IMPERSONATION=truehttps://github.com/owncloud/ocis/pull/10983 - [x] create token by user https://github.com/owncloud/ocis/pull/10985
- [x] try to create token for non-existing user https://github.com/owncloud/ocis/pull/10993
- [x] try to delete token by a different user (admin and brian) https://github.com/owncloud/ocis/pull/10993
CLI
- [x] create https://github.com/owncloud/ocis/pull/10660
- [x] try to create without expiry https://github.com/owncloud/ocis/pull/10988
- [ ] create with expiry and user-id
- [x] check impersonation works only with
AUTH_APP_ENABLE_IMPERSONATION=true AUTH_APP_ENABLE_IMPERSONATIONis for API only
Use of Token
Enable with PROXY_ENABLE_APP_AUTH=true (https://owncloud.dev/services/auth-app/#service-startup)
- [ ] resource access using own app token https://github.com/owncloud/ocis/pull/11166
- [ ] resource access using own app token (impersonation token)
- [ ] access resource of another user using impersonation token @prashant-gurung899 https://github.com/owncloud/ocis/pull/11185
- [ ] try to access resource of another user using own token @prashant-gurung899
- [ ] check if token expires https://github.com/owncloud/ocis/pull/11168
Refactor
- [x] split scenarios: https://github.com/owncloud/ocis/pull/11179
cc @saw-jan
need to confirm how to delete the tokens. https://github.com/owncloud/ocis/issues/10675
need to confirm how to delete the tokens. #10675
skipping delete test.
@nirajacharya2 I have update the description. Please, have a look
TL;DR: token return by creation request is the actual token, and the token returned by list request is the token id. So, use actula token for resource access and token-id for token deletion.
