GET {{ base_url }}/api HTTP 200 [Asserts] jsonpath "$.software" == "Minauthator" POST {{ base_url }}/login [FormParams] login: root password: root HTTP 303 [Captures] user_jwt: cookie "minauthator_jwt" [Asserts] cookie "minauthator_jwt" exists cookie "minauthator_jwt[Value]" contains "eyJ0" cookie "minauthator_jwt[SameSite]" == "Lax" GET {{ base_url }}/me HTTP 200 Content-Type: text/html; charset=utf-8 [Asserts] xpath "string(///h1)" == "Welcome root!" POST {{ base_url }}/me/details-form [MultipartFormData] handle: root email: root@johndoe.net full_name: John Doe website: https://johndoe.net picture: file,john_doe_profile_pic.jpg; image/jpeg HTTP 200 GET {{ base_url }}/me/authorizations HTTP 200 [Asserts] xpath "string(///h1)" == "Your authorizations" xpath "string(///i)" == "You didn't authorized or accessed any applications for now." # OAuth2 implicit flow (pre-granted app) GET {{ base_url }}/authorize [QueryStringParams] client_id: 00000001-0000-0000-0000-000000000001 response_type: code redirect_uri: http://localhost:9090/callback state: Afk4kf6pbZkms78jM scope: user_read_basic HTTP 302 [Asserts] header "Location" contains "http://localhost:9090/callback?code=" [Captures] authorization_code: header "Location" regex "\\?code=(.*)&" # OAuth2 get access token POST {{ base_url }}/api/token [BasicAuth] 00000001-0000-0000-0000-000000000001: dummy_client_secret [FormParams] code: {{ authorization_code }} scope: user_read_basic redirect_uri: http://localhost:9090/callback grant_type: authorization_code HTTP 200 Content-Type: application/json [Asserts] jsonpath "$.access_token" exists jsonpath "$.access_token" matches "eyJ[[:alpha:]0-9].[[:alpha:]0-9].[[:alpha:]0-9]" [Captures] access_token: jsonpath "$.access_token" # Get basic user info GET {{ base_url }}/api/user Authorization: JWT {{ access_token }} HTTP 200 Content-Type: application/json [Asserts] jsonpath "$.handle" == "root" jsonpath "$.email" == "root@johndoe.net" GET {{ base_url }}/me/authorizations HTTP 200 [Asserts] xpath "string(///h1)" == "Your authorizations" xpath "string(///main/ul/li)" contains "UserReadBasic" GET {{ base_url }}/logout HTTP 303 [Asserts] cookie "minauthator_jwt" == ""