NOISSUE - Add property based testing to auth API (#2094)

Signed-off-by: Rodney Osodo <[email protected]>
absmach · Apr 11, 2024 · 76788d3 · 76788d3
1 parent 6580030
commit 76788d3
Show file tree

Hide file tree

Showing 18 changed files with 179 additions and 278 deletions.
diff --git a/.github/workflows/api-tests.yml b/.github/workflows/api-tests.yml
@@ -31,6 +31,7 @@ env:
   USERS_URL: http://localhost:9002
   THINGS_URL: http://localhost:9000
   INVITATIONS_URL: http://localhost:9020
+  AUTH_URL: http://localhost:8189
 
 jobs:
   api-test:
@@ -148,6 +149,16 @@ jobs:
           report: false
           args: '--header "Authorization: Bearer ${{ env.USER_TOKEN }}" --contrib-openapi-formats-uuid --hypothesis-suppress-health-check=filter_too_much --stateful=links'
 
+      - name: Run Auth API tests
+        if: steps.changes.outputs.auth == 'true'
+        uses: schemathesis/action@v1
+        with:
+          schema: api/openapi/auth.yml
+          base-url: ${{ env.AUTH_URL }}
+          checks: all
+          report: false
+          args: '--header "Authorization: Bearer ${{ env.USER_TOKEN }}" --contrib-openapi-formats-uuid --hypothesis-suppress-health-check=filter_too_much --stateful=links'
+
       - name: Stop containers
         if: always()
         run: make run down args="-v"
diff --git a/Makefile b/Makefile
@@ -153,6 +153,7 @@ endef
 test_api_users: TEST_API_URL := http://localhost:9002
 test_api_things: TEST_API_URL := http://localhost:9000
 test_api_invitations: TEST_API_URL := http://localhost:9020
+test_api_auth: TEST_API_URL := http://localhost:8189
 
 $(TEST_API):
 	$(call test_api_service,$(@),$(TEST_API_URL))

diff --git a/api/openapi/auth.yml b/api/openapi/auth.yml
@@ -74,6 +74,8 @@ paths:
       responses:
         "200":
           $ref: "#/components/responses/DomainsPageRes"
+        "400":
+          description: Failed due to malformed query parameters.
         "401":
           description: Missing or invalid access token provided.
         "404":
@@ -99,6 +101,8 @@ paths:
           $ref: "#/components/responses/DomainRes"
         "401":
           description: Missing or invalid access token provided.
+        "403":
+          description: Failed to perform authorization over the entity.
         "404":
           description: A non-existent entity request.
         "422":
@@ -133,26 +137,7 @@ paths:
           description: Missing or invalid content type.
         "500":
           $ref: "#/components/responses/ServiceError"
-    delete:
-      summary: Delete domain for a domain with the given id.
-      description: |
-        Delete domain removes a domain with the given id from repo
-        and removes all the things, channels, assigned users, policies related to this domain.
-      tags:
-        - Domains
-      parameters:
-        - $ref: "#/components/parameters/DomainID"
-      security:
-        - bearerAuth: []
-      responses:
-        "204":
-          description: Domain deleted.
-        "401":
-          description: Missing or invalid access token provided.
-        "403":
-          description: Unauthorized access to domain id.
-        "500":
-          $ref: "#/components/responses/ServiceError"
+
   /domains/{domainID}/permissions:
     get:
       summary: Retrieves user permissions on domain.
@@ -319,6 +304,7 @@ paths:
           $ref: "#/components/responses/ServiceError"
   /keys:
     post:
+      operationId: issueKey
       tags:
         - Keys
       summary: Issue API key
@@ -341,6 +327,7 @@ paths:
 
   /keys/{keyID}:
     get:
+      operationId: getKey
       summary: Gets API key details.
       description: |
         Gets API key details for the given key.
@@ -355,10 +342,13 @@ paths:
           description: Failed due to malformed query parameters.
         "401":
           description: Missing or invalid access token provided.
+        "404":
+          description: A non-existent entity request.
         "500":
           $ref: "#/components/responses/ServiceError"
 
     delete:
+      operationId: revokeKey
       summary: Revoke API key
       description: |
         Revoke API key identified by the given ID.
@@ -371,11 +361,14 @@ paths:
           description: Key revoked.
         "401":
           description: Missing or invalid access token provided.
+        "404":
+          description: A non-existent entity request.
         "500":
           $ref: "#/components/responses/ServiceError"
 
   /policies:
     post:
+      operationId: addPolicies
       summary: Creates new policies.
       description: |
         Creates new policies. Only admin can use this endpoint. Therefore, you need an authentication token for the admin.
@@ -393,6 +386,8 @@ paths:
           description: Missing or invalid access token provided.
         "403":
           description: Unauthorized access token provided.
+        "404":
+          description: A non-existent entity request.
         "409":
           description: Failed due to using an existing email address.
         "415":
@@ -402,6 +397,7 @@ paths:
 
   /policies/delete:
     post:
+      operationId: deletePolicies
       summary: Deletes policies.
       description: |
         Deletes policies. Only admin can use this endpoint. Therefore, you need an authentication token for the admin.
@@ -415,6 +411,8 @@ paths:
           description: Policies deleted.
         "400":
           description: Failed due to malformed JSON.
+        "404":
+          description: A non-existent entity request.
         "409":
           description: Failed due to using an existing email address.
         "415":
@@ -441,7 +439,7 @@ paths:
         - bearerAuth: []
       responses:
         "200":
-          $ref: "users.yml#/components/responses/UserPageRes"
+          $ref: "#/components/responses/DomainsPageRes"
         "400":
           description: Failed due to malformed query parameters.
         "401":
@@ -569,7 +567,7 @@ components:
           example: 10
           description: Maximum number of items to return in one page.
       required:
-        - domain
+        - domains
         - total
         - offset
     DomainUpdate:
@@ -620,7 +618,7 @@ components:
             ]
         relation:
           type: string
-          enum: ["administrator", "editor","viewer","member"]
+          enum: ["administrator", "editor", "viewer", "member"]
           example: "administrator"
           description: Policy relations.
       required:
@@ -867,11 +865,16 @@ components:
         application/json:
           schema:
             $ref: "#/components/schemas/Key"
+      links:
+        revoke:
+          operationId: revokeKey
+          parameters:
+            keyID: $response.body#/id
 
     HealthRes:
       description: Service Health Check.
       content:
-        application/json:
+        application/health+json:
           schema:
             $ref: "./schemas/HealthInfo.yml"
 

diff --git a/auth/api/http/domains/endpoint.go b/auth/api/http/domains/endpoint.go
@@ -29,7 +29,7 @@ func createDomainEndpoint(svc auth.Service) endpoint.Endpoint {
 			return nil, err
 		}
 
-		return createDomainRes{Data: domain}, nil
+		return createDomainRes{domain}, nil
 	}
 }
 
@@ -44,7 +44,7 @@ func retrieveDomainEndpoint(svc auth.Service) endpoint.Endpoint {
 		if err != nil {
 			return nil, err
 		}
-		return retrieveDomainRes{Data: domain}, nil
+		return retrieveDomainRes{domain}, nil
 	}
 }
 
@@ -85,7 +85,7 @@ func updateDomainEndpoint(svc auth.Service) endpoint.Endpoint {
 			return nil, err
 		}
 
-		return updateDomainRes{Data: domain}, nil
+		return updateDomainRes{domain}, nil
 	}
 }
 
@@ -111,7 +111,7 @@ func listDomainsEndpoint(svc auth.Service) endpoint.Endpoint {
 		if err != nil {
 			return nil, err
 		}
-		return listDomainsRes{Data: dp}, nil
+		return listDomainsRes{dp}, nil
 	}
 }
 
@@ -219,6 +219,6 @@ func listUserDomainsEndpoint(svc auth.Service) endpoint.Endpoint {
 		if err != nil {
 			return nil, err
 		}
-		return listUserDomainsRes{Data: dp}, nil
+		return listUserDomainsRes{dp}, nil
 	}
 }