@toa.io/extensions.exposition 1.0.0-alpha.0 → 1.0.0-alpha.2

package/features/identity.federation.feature

@@ -0,0 +1,125 @@
+Feature: Identity Federation
+
+  Background:
+    Given the `identity.federation` database is empty
+    Given local IDP is running
+
+
+  Scenario: Getting identity for a new user
+    Given the `identity.federation` configuration:
+      """yaml
+      explicit_identity_creation: false
+      trust:
+        - issuer: http://localhost:44444
+      """
+    And the IDP token for User is issued
+    When the following request is received:
+      """
+      GET /identity/ HTTP/1.1
+      authorization: Bearer ${{ User.id_token }}
+      accept: application/yaml
+      content-type: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      authorization: Token ${{ User.token }}
+
+      id: ${{ User.id }}
+      roles: []
+      scheme: bearer
+      """
+    # validate token
+    When the following request is received:
+      """
+      GET /identity/ HTTP/1.1
+      accept: application/yaml
+      authorization: Token ${{ User.token }}
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      id: ${{ User.id }}
+      """
+    # ensuring identity idemptotency
+    When the following request is received:
+      """
+      GET /identity/ HTTP/1.1
+      authorization: Bearer ${{ User.id_token }}
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      id: ${{ User.id }}
+      """
+
+  Scenario: Creating an Identity using inception with existing credentials
+    Given the `identity.federation` configuration:
+      """yaml
+      trust:
+        - issuer: http://localhost:44444
+      """
+    Given the `users` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          anonymous: true
+          POST:
+            incept: id
+            endpoint: transit
+      """
+    And the IDP token for Bill is issued
+    When the following request is received:
+      # identity inception
+      """
+      POST /users/ HTTP/1.1
+      authorization: Bearer ${{ Bill.id_token }}
+      accept: application/yaml
+      content-type: application/yaml
+
+      name: Bill Smith
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      authorization: Token ${{ Bill.token }}
+
+      id: ${{ Bill.id }}
+      """
+    # check that both tokens corresponds to the same id
+    When the following request is received:
+      """
+      GET /identity/ HTTP/1.1
+      authorization: Token ${{ Bill.token }}
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      id: ${{ Bill.id }}
+      """
+    When the following request is received:
+      """
+      GET /identity/ HTTP/1.1
+      authorization: Bearer ${{ Bill.id_token }}
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      id: ${{ Bill.id }}
+      """
+    And the following request is received:
+      # same credentials
+      """
+      POST /users/ HTTP/1.1
+      authorization: Bearer ${{ Bill.id_token }}
+      content-type: text/plain
+
+      name: Mary Louis
+      """
+    Then the following reply is sent:
+      """
+      403 Forbidden
+      """

package/features/octets.entries.feature

@@ -0,0 +1,121 @@
+Feature: Accessing entires
+
+  Scenario: Entries are not accessible by default
+    Given the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store: ~
+        GET:
+          octets:list: ~
+        /*:
+          GET:
+            octets:fetch: ~
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      GET / HTTP/1.1
+      accept: application/vnd.toa.octets.entries+yaml
+      """
+    Then the following reply is sent:
+      """
+      403 Forbidden
+
+      Metadata is not accessible.
+      """
+    When the following request is received:
+      """
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: text/vnd.toa.octets.entry+plain
+      """
+    Then the following reply is sent:
+      """
+      403 Forbidden
+
+      Metadata is not accessible.
+      """
+
+  Scenario: Accessing entries
+    Given the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store: ~
+        GET:
+          octets:list:
+            meta: true
+        /*:
+          GET:
+            octets:fetch:
+              meta: true
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      accept: application/yaml
+      content-type: application/octet-stream
+      """
+    And the stream of `lenna.png` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      accept: application/yaml
+      content-type: application/octet-stream
+      """
+    When the following request is received:
+      """
+      GET / HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: application/yaml
+
+      - 10cf16b458f759e0d617f2f3d83599ff
+      - 814a0034f5549e957ee61360d87457e5
+      """
+    When the following request is received:
+      """
+      GET / HTTP/1.1
+      accept: application/vnd.toa.octets.entries+yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: application/yaml
+
+      - id: 10cf16b458f759e0d617f2f3d83599ff
+        size: 8169
+        type: application/octet-stream
+      - id: 814a0034f5549e957ee61360d87457e5
+        size: 473831
+        type: image/png
+      """
+    When the following request is received:
+      """
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/vnd.toa.octets.entry+yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: application/yaml
+      content-length: 124
+
+      id: 10cf16b458f759e0d617f2f3d83599ff
+      type: application/octet-stream
+      size: 8169
+      """

package/features/octets.feature

@@ -70,17 +70,6 @@ Feature: Octets directive family
       """
       304 Not Modified
       """
-    When the following request is received:
-      """
-      GET /10cf16b458f759e0d617f2f3d83599ff:meta HTTP/1.1
-      accept: text/plain
-      """
-    Then the following reply is sent:
-      """
-      403 Forbidden
-
-      Metadata is not accessible.
-      """
     When the following request is received:
       """
       GET / HTTP/1.1
@@ -245,10 +234,9 @@ Feature: Octets directive family
       Trailing slash is redundant.
       """
 
-  Scenario: Accessing an Entry and the original BLOLB
+  Scenario: Original BLOLB is not accessible
     Given the annotation:
       """yaml
-      debug: true
       /:
         auth:anonymous: true
         octets:context: octets
@@ -268,24 +256,10 @@ Feature: Octets directive family
       """
       201 Created
       """
-    When the following request is received:
-      """
-      GET /10cf16b458f759e0d617f2f3d83599ff:meta HTTP/1.1
-      accept: application/yaml
-      """
-    Then the following reply is sent:
-      """
-      200 OK
-      content-type: application/yaml
-      content-length: 124
-
-      id: 10cf16b458f759e0d617f2f3d83599ff
-      type: application/octet-stream
-      size: 8169
-      """
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: text/plain
       """
     Then the following reply is sent:
       """

package/features/octets.meta.feature

@@ -0,0 +1,65 @@
+Feature: Octets `content-meta` header
+
+  Scenario: Sending `content-meta` header
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        /*:
+          POST:
+            octets:store: ~
+          /*:
+            GET:
+              octets:fetch:
+                meta: true
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST /meta-header/ HTTP/1.1
+      content-type: application/octet-stream
+      content-meta: foo, bar=baz=1
+      content-meta: baz=1
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      GET /meta-header/10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/vnd.toa.octets.entry+yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+
+      id: 10cf16b458f759e0d617f2f3d83599ff
+      type: application/octet-stream
+      size: 8169
+      meta:
+        foo: 'true'
+        bar: baz=1
+        baz: '1'
+      """
+
+  Scenario: CORS allows `content-meta` header
+    Given the annotation:
+      """yaml
+      /:
+        octets:context: octets
+        POST:
+          octets:store: ~
+      """
+    When the following request is received:
+      """
+      OPTIONS / HTTP/1.1
+      origin: http://example.com
+      """
+    Then the following reply is sent:
+      """
+      204 No Content
+      access-control-allow-origin: http://example.com
+      access-control-allow-headers: accept, authorization, content-type, content-meta
+      """

package/features/octets.workflows.feature

@@ -2,7 +2,7 @@ Feature: Octets storage workflows
 
   Scenario: Running a workflow
     Given the `octets.tester` is running
-    Given the annotation:
+    And the annotation:
       """yaml
       /:
         auth:anonymous: true
@@ -47,8 +47,8 @@ Feature: Octets storage workflows
       """
     When the following request is received:
       """
-      GET /10cf16b458f759e0d617f2f3d83599ff:meta HTTP/1.1
-      accept: application/yaml
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/vnd.toa.octets.entry+yaml
       """
     Then the following reply is sent:
       """
@@ -74,7 +74,7 @@ Feature: Octets storage workflows
       content-length: 473831
       """
 
-  Scenario: Getting error when adding metadata to a file
+  Scenario: Getting error when running workflow on `store`
     Given the `octets.tester` is running
     Given the annotation:
       """yaml
@@ -112,3 +112,137 @@ Feature: Octets storage workflows
         message: Something went wrong
       --cut--
       """
+
+  Scenario: Running a workflow on `delete`
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store: ~
+        /*:
+          GET:
+            octets:fetch: ~
+          DELETE:
+            octets:delete:
+              workflow:
+                echo: octets.tester.echo
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      DELETE /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      202 Accepted
+      content-type: multipart/yaml; boundary=cut
+
+      --cut
+      echo: 10cf16b458f759e0d617f2f3d83599ff
+      --cut--
+      """
+    When the following request is received:
+      """
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      """
+    Then the following reply is sent:
+      """
+      404 Not Found
+      """
+
+  Scenario: Error in the workflow on `delete`
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store: ~
+        /*:
+          GET:
+            octets:fetch: ~
+          DELETE:
+            octets:delete:
+              workflow:
+                err: octets.tester.err
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      DELETE /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      202 Accepted
+      content-type: multipart/yaml; boundary=cut
+
+      --cut
+      error:
+        step: err
+        code: ERROR
+        message: Something went wrong
+      --cut--
+      """
+    When the following request is received:
+      """
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      """
+
+  Scenario: Passing parameters to the workflow
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        /:a/:b:
+          auth:anonymous: true
+          octets:context: octets
+          POST:
+            octets:store:
+              workflow:
+                concat: octets.tester.concat
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST /hello/world/ HTTP/1.1
+      accept: application/yaml
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      content-type: multipart/yaml; boundary=cut
+
+      --cut
+      id: 10cf16b458f759e0d617f2f3d83599ff
+      type: application/octet-stream
+      size: 8169
+      --cut
+      concat: hello world
+      --cut--
+      """

package/features/response.feature

@@ -0,0 +1,65 @@
+Feature: Response
+
+  Scenario: Content negotiation
+    Given the annotation:
+      """yaml
+      /:
+        GET:
+          anonymous: true
+          dev:stub: hello
+      """
+    When the following request is received:
+      """
+      GET / HTTP/1.1
+      accept: application/json
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: application/json
+      vary: accept
+      """
+
+  Scenario: Error as YAML
+    Given the `echo` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          GET: error
+      """
+    When the following request is received:
+      """
+      GET /echo/ HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      409 Conflict
+      content-type: application/yaml
+
+      code: CODE
+      message: message
+      """
+
+  Scenario: Error as MessagePack
+    Given the `echo` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          GET: error
+      """
+    When the following request is received:
+      """
+      GET /echo/ HTTP/1.1
+      accept: application/msgpack
+      """
+    Then the following reply is sent:
+      """
+      409 Conflict
+      content-type: application/msgpack
+      """
+    And response body contains MessagePack-encoded value:
+      """yaml
+      code: CODE
+      message: message
+      """

package/features/routes.feature

@@ -87,3 +87,40 @@ Feature: Routes
 
       Hello
       """
+
+  Scenario: Routes with naming conflicts
+    Given the Gateway is running
+    And the `users` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          POST: create
+      """
+    And the `users.properties` is running with the following manifest:
+      """yaml
+      exposition:
+        /:id:
+          GET: observe
+      """
+    When the following request is received:
+      """
+      GET /users/properties/b5534021e30042259badffbd1831e472/ HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+
+      newbie: false
+      """
+    When the following request is received:
+      """
+      POST /users/ HTTP/1.1
+      content-type: application/yaml
+
+      name: Alice
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """

package/features/steps/Captures.ts

@@ -0,0 +1,6 @@
+import * as http from '@toa.io/agent'
+import { binding } from 'cucumber-tsflow'
+
+@binding()
+export class Captures extends http.Captures {
+}

package/features/steps/Components.ts

@@ -1,3 +1,4 @@
+import * as assert from 'node:assert'
 import { after, binding, given } from 'cucumber-tsflow'
 import * as boot from '@toa.io/boot'
 import { timeout } from '@toa.io/generic'
@@ -8,7 +9,7 @@ import { Workspace } from './Workspace'
 @binding([Workspace])
 export class Components {
   private readonly workspace: Workspace
-  private composition: Connector | null = null
+  private compositions: Record<string, Connector> = {}
 
   public constructor (workspace: Workspace) {
     this.workspace = workspace
@@ -26,18 +27,29 @@ export class Components {
     await this.runComponent(name, manifest)
   }
 
-  @after()
   @given('the `{word}` is stopped')
-  public async stop (_?: string): Promise<void> {
-    await this.composition?.disconnect()
+  public async stop (name: string): Promise<void> {
+    assert.ok(name in this.compositions, `Composition '${name}' is not running`)
+
+    await this.compositions[name].disconnect()
+    delete this.compositions[name]
+  }
+
+  @after()
+  public async shutdown (): Promise<void> {
+    const promises = Object.values(this.compositions).map((composition) => composition.disconnect())
+
+    await Promise.all(promises)
   }
 
   private async runComponent (name: string, manifest?: object): Promise<void> {
+    assert.ok(!(name in this.compositions), `Composition '${name}' is already running`)
+
     const path = await this.workspace.addComponent(name, manifest)
 
-    this.composition = await boot.composition([path])
+    this.compositions[name] = await boot.composition([path])
 
-    await this.composition.connect()
+    await this.compositions[name].connect()
     await timeout(50) // discovery
   }
 }

package/features/steps/Gateway.ts

@@ -18,8 +18,7 @@ export class Gateway {
     const annotation = parse(yaml)
 
     if ('/' in annotation) {
-      const node = { '/': annotation['/'] }
-      const tree = syntax.parse(node, shortcuts)
+      const tree = syntax.parse(annotation['/'], shortcuts)
 
       process.env.TOA_EXPOSITION = encode(tree)
     }