2024-11-28 11:47:00 +00:00
|
|
|
GET {{ base_url }}/api
|
|
|
|
HTTP 200
|
|
|
|
[Asserts]
|
|
|
|
jsonpath "$.software" == "Minauthator"
|
|
|
|
|
|
|
|
POST {{ base_url }}/login
|
|
|
|
[FormParams]
|
|
|
|
login: root
|
|
|
|
password: root
|
|
|
|
HTTP 303
|
|
|
|
[Captures]
|
|
|
|
user_jwt: cookie "minauthator_jwt"
|
|
|
|
[Asserts]
|
|
|
|
cookie "minauthator_jwt" exists
|
|
|
|
cookie "minauthator_jwt[Value]" contains "eyJ0"
|
|
|
|
cookie "minauthator_jwt[SameSite]" == "Lax"
|
|
|
|
|
|
|
|
GET {{ base_url }}/me
|
|
|
|
HTTP 200
|
|
|
|
Content-Type: text/html; charset=utf-8
|
|
|
|
[Asserts]
|
|
|
|
xpath "string(///h1)" == "Welcome root!"
|
|
|
|
|
|
|
|
POST {{ base_url }}/me/details-form
|
|
|
|
[MultipartFormData]
|
|
|
|
handle: root
|
|
|
|
email: root@johndoe.net
|
|
|
|
full_name: John Doe
|
|
|
|
website: https://johndoe.net
|
2024-12-09 08:38:39 +00:00
|
|
|
avatar: file,john_doe_profile_pic.jpg; image/jpeg
|
2024-11-28 11:47:00 +00:00
|
|
|
HTTP 200
|
|
|
|
|
|
|
|
GET {{ base_url }}/me/authorizations
|
|
|
|
HTTP 200
|
|
|
|
[Asserts]
|
|
|
|
xpath "string(///h1)" == "Your authorizations"
|
|
|
|
xpath "string(///i)" == "You didn't authorized or accessed any applications for now."
|
|
|
|
|
|
|
|
# OAuth2 implicit flow (pre-granted app)
|
|
|
|
GET {{ base_url }}/authorize
|
|
|
|
[QueryStringParams]
|
|
|
|
client_id: 00000001-0000-0000-0000-000000000001
|
|
|
|
response_type: code
|
|
|
|
redirect_uri: http://localhost:9090/callback
|
|
|
|
state: Afk4kf6pbZkms78jM
|
|
|
|
scope: user_read_basic
|
|
|
|
HTTP 302
|
|
|
|
[Asserts]
|
|
|
|
header "Location" contains "http://localhost:9090/callback?code="
|
|
|
|
[Captures]
|
|
|
|
authorization_code: header "Location" regex "\\?code=(.*)&"
|
|
|
|
|
|
|
|
# OAuth2 get access token
|
|
|
|
POST {{ base_url }}/api/token
|
|
|
|
[BasicAuth]
|
|
|
|
00000001-0000-0000-0000-000000000001: dummy_client_secret
|
|
|
|
[FormParams]
|
|
|
|
code: {{ authorization_code }}
|
|
|
|
scope: user_read_basic
|
|
|
|
redirect_uri: http://localhost:9090/callback
|
|
|
|
grant_type: authorization_code
|
|
|
|
HTTP 200
|
|
|
|
Content-Type: application/json
|
|
|
|
[Asserts]
|
|
|
|
jsonpath "$.access_token" exists
|
|
|
|
jsonpath "$.access_token" matches "eyJ[[:alpha:]0-9].[[:alpha:]0-9].[[:alpha:]0-9]"
|
|
|
|
[Captures]
|
|
|
|
access_token: jsonpath "$.access_token"
|
|
|
|
|
|
|
|
# Get basic user info
|
|
|
|
GET {{ base_url }}/api/user
|
|
|
|
Authorization: JWT {{ access_token }}
|
|
|
|
HTTP 200
|
|
|
|
Content-Type: application/json
|
|
|
|
[Asserts]
|
|
|
|
jsonpath "$.handle" == "root"
|
|
|
|
jsonpath "$.email" == "root@johndoe.net"
|
|
|
|
|
|
|
|
GET {{ base_url }}/me/authorizations
|
|
|
|
HTTP 200
|
|
|
|
[Asserts]
|
|
|
|
xpath "string(///h1)" == "Your authorizations"
|
|
|
|
xpath "string(///main/ul/li)" contains "UserReadBasic"
|
|
|
|
|
|
|
|
GET {{ base_url }}/logout
|
|
|
|
HTTP 303
|
|
|
|
[Asserts]
|
|
|
|
cookie "minauthator_jwt" == ""
|