test-suite
test-suite copied to clipboard
solid-contrib
write a simple test that uses an ACL doc an a bearer token
- start with a publicly writable pod
- do HEAD to pod root to determine ACL doc location
- do PUT to create ACL doc, giving only Alice access
- do PUT with a bearer token for Alice, it should succeed
- do PUT with a bearer token for Bob, it should fail
<#write-acl-then-check-access> a test:AutomatedTest ;
test:purpose "Write an ACL document, then check access"@en ;
test:test_script <http://example.org/httplist#http_req_res_list_unauthenticated> ;
test:params [
test:requests ( <#discover-acl-doc-location-req> <#write-acl-doc-req> <#put-alice-req> <#put-bob-req> ) ;
test:responses ( <#discover-acl-doc-location-res> <#write-acl-doc-res> <#put-alice-res> <#put-bob-res> )
]
<#discover-acl-doc-location-req>
<method> <HEAD>
<path> </>
<#discover-acl-doc-location-res>
<store-acl-doc-location> "true"
<#write-acl-doc-req>
<method> <PUT>
<use-acl-doc-location> true
<body> "#alice [ a acl:Authorization; acl:default </>; acl:agent http://tester:3000/alice#me ]"
<#write-acl-doc-res>
<status> "201"
<#put-alice-req>
<method> <PUT>
<use-pop-token> <http://tester:3000/alice#me>
<body> "doc from alice"
<#put-alice-res>
<status> "201"
<#put-bob-req>
<method> <PUT>
<use-pop-token> <http://tester:3000/bob#me>
<body> "doc from bob"
<#put-bob-res>
<status> "401"
I will add a host into the Docker testnet with:
- http:/idp/alice
- http://idp/bob
- http://idp/.well-known/openid-configuration
- http://idp/jwks
And then I'll provide to you two strings:
- bearer token with identity http://tester:3000/alice#me inside it
- bearer token with identity http://tester:3000/bob#me inside it
Maybe I'll even just add that http://idp as a third host into the Docker testnet, so you have idp + server + tester talking to each other over Docker local networking
Then only the two bearer tokens need to be read from a file into perl
another idea:
<#bearer-token-alice> <is> "ergvswrgv23qog;lbdktjyrhgvwelrtisugkfjhwertbpvo;lw3ksertjmghfvwseklrt"
in RDF, and the tests can refer to that
and then you could just do:
<#put-alice-req>
<method> <PUT>
<use-bearer-token> <#bearer-token-alice>
<body> "doc from alice"
Or like in https://github.com/kjetilk/p5-test-fitesque-rdf/blob/1f8d01ec9830056e8fbf062384eb905e50723880/t/data/http-mix.ttl#L17, add bearer-token-alice as an extra param? or bearer-tokens?
@kjetilk as discussed on gitter, i think if you ask @jaxoncreed he can probably give you a CLI script that takes a hostname and generates fixtures for:
- /.well-known/openid-configuration,
- /jwks,
- /profile/alice,
- /profile/bob, and
- valid bearer tokens for http://hostname/profile/alice#me
- and http://hostname/profile/bob#me
idea of bearer token generator script superseded by @kjetilk's new plan as detailed there ^
leaving this issue open because even once #36 is completed, we will still want to write that simple test :)