Added checks for token generator endpoint.

Signed-off-by: alexmerlin <[email protected]>
dotkernel · May 17, 2024 · 5e4b3ad · 5e4b3ad
1 parent 4b9acbe
commit 5e4b3ad
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 12 deletions.
diff --git a/test/curl-tester.sh b/test/curl-tester.sh
@@ -1,7 +1,5 @@
 #!/bin/bash
 
-# Bootstrap
-
 OK='✅'
 KO='❌'
 
@@ -15,11 +13,45 @@ fi
 
 body=""
 status_code=0
+access_token=""
+refresh_token=""
+halt_on_error=1
 
 get $endpoint_home
-if echo "$body" | grep -q 'Welcome'; then
-  echo "$OK $endpoint_home: $status_code"
+if [[ $status_code -eq 200 ]] && echo "$body" | grep -q 'Welcome'; then
+  echo "$OK [$status_code] Homepage can be accessed."
+else
+  echo "$KO [$status_code] Homepage can NOT be accessed."
+  exit $halt_on_error
+fi
+
+# should not generate token for invalid credentials
+post $endpoint_security_generate_token '{"grant_type":"password","client_id":"admin","client_secret":"admin","scope":"api","username":"incorrect","password":"incorrect"}'
+if [[ $status_code -eq 400 ]] && echo "$body" | grep -q 'Invalid credentials.'; then
+  echo "$OK [$status_code] Generating access token using invalid credentials returns 'Invalid credentials' and a 400 status code."
+else
+  echo "$KO [$status_code] Generating access token using invalid credentials returns unexpected response:"
+  echo "$body"
+  exit $halt_on_error
+fi
+
+# should generate valid token for valid credentials
+post $endpoint_security_generate_token '{"grant_type":"password","client_id":"admin","client_secret":"admin","scope":"api","username":"admin","password":"dotkernel"}'
+if [[ $status_code -eq 200 ]] && echo "$body" | grep -q '{"token_type":"Bearer","expires_in":86400,"access_token":'; then
+  echo "$OK [$status_code] Generating access token using valid credentials returns tokens and a 200 status code."
+
+  access_token=$(sed -n 's/.*"access_token":"\([^"]*\)".*/\1/p' <<< "$body")
+  if [ -z "$access_token" ]; then
+    echo "$KO Invalid access token detected: $access_token"
+    exit $halt_on_error
+  fi
+  refresh_token=$(sed -n 's/.*"refresh_token":"\([^"]*\)".*/\1/p' <<< "$body")
+  if [ -z "$refresh_token" ]; then
+    echo "$KO Invalid refresh token detected: $refresh_token"
+    exit $halt_on_error
+  fi
 else
-  echo "$KO $endpoint_home: $status_code"
-  exit 1
+  echo "$KO [$status_code] Generating access token using valid credentials returns unexpected response:"
+  echo "$body"
+  exit $halt_on_error
 fi
diff --git a/test/curl/endpoints.sh b/test/curl/endpoints.sh
@@ -1 +1,2 @@
 endpoint_home="https://api.dotkernel.net"
+endpoint_security_generate_token="$endpoint_home/security/generate-token"
diff --git a/test/curl/functions.sh b/test/curl/functions.sh
@@ -1,14 +1,13 @@
-send_request() {
+get() {
   response=$(curl -s -w "\n%{http_code}" $1)
 
   body=$(echo "$response" | sed '$d')
   status_code=$(echo "$response" | tail -n 1)
 }
 
-get() {
-  send_request $1
-}
-
 post() {
-  send_request $1
+  response=$(curl -s -w "\n%{http_code}" -X POST -H "Content-Type: application/json" -d $2 $1)
+
+  body=$(echo "$response" | sed '$d')
+  status_code=$(echo "$response" | tail -n 1)
 }