@toa.io/extensions.exposition 1.0.0-alpha.0 → 1.0.0-alpha.3

package/features/octets.workflows.feature

@@ -2,7 +2,7 @@ Feature: Octets storage workflows
 
   Scenario: Running a workflow
     Given the `octets.tester` is running
-    Given the annotation:
+    And the annotation:
       """yaml
       /:
         auth:anonymous: true
@@ -47,8 +47,8 @@ Feature: Octets storage workflows
       """
     When the following request is received:
       """
-      GET /10cf16b458f759e0d617f2f3d83599ff:meta HTTP/1.1
-      accept: application/yaml
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/vnd.toa.octets.entry+yaml
       """
     Then the following reply is sent:
       """
@@ -74,7 +74,7 @@ Feature: Octets storage workflows
       content-length: 473831
       """
 
-  Scenario: Getting error when adding metadata to a file
+  Scenario: Getting error when running workflow on `store`
     Given the `octets.tester` is running
     Given the annotation:
       """yaml
@@ -112,3 +112,175 @@ Feature: Octets storage workflows
         message: Something went wrong
       --cut--
       """
+
+  Scenario: Running a workflow on `delete`
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store: ~
+        /*:
+          GET:
+            octets:fetch: ~
+          DELETE:
+            octets:delete:
+              workflow:
+                echo: octets.tester.echo
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      DELETE /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      202 Accepted
+      content-type: multipart/yaml; boundary=cut
+
+      --cut
+      echo: 10cf16b458f759e0d617f2f3d83599ff
+      --cut--
+      """
+    When the following request is received:
+      """
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      """
+    Then the following reply is sent:
+      """
+      404 Not Found
+      """
+
+  Scenario: Error in the workflow on `delete`
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store: ~
+        /*:
+          GET:
+            octets:fetch: ~
+          DELETE:
+            octets:delete:
+              workflow:
+                err: octets.tester.err
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      DELETE /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      202 Accepted
+      content-type: multipart/yaml; boundary=cut
+
+      --cut
+      error:
+        step: err
+        code: ERROR
+        message: Something went wrong
+      --cut--
+      """
+    When the following request is received:
+      """
+      GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      """
+
+  Scenario: Passing parameters to the workflow
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        /:a/:b:
+          auth:anonymous: true
+          octets:context: octets
+          POST:
+            octets:store:
+              workflow:
+                concat: octets.tester.concat
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST /hello/world/ HTTP/1.1
+      accept: application/yaml
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      content-type: multipart/yaml; boundary=cut
+
+      --cut
+      id: 10cf16b458f759e0d617f2f3d83599ff
+      type: application/octet-stream
+      size: 8169
+      --cut
+      concat: hello world
+      --cut--
+      """
+
+  Scenario: Executing a workflow with `octets:workflow`
+    Given the `octets.tester` is running
+    And the annotation:
+      """yaml
+      /:
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store: ~
+        /*:
+          DELETE:
+            octets:workflow:
+              echo: octets.tester.echo
+      """
+    When the stream of `lenna.ascii` is received with the following headers:
+      """
+      POST / HTTP/1.1
+      content-type: application/octet-stream
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """
+    When the following request is received:
+      """
+      DELETE /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      202 Accepted
+      content-type: multipart/yaml; boundary=cut
+
+      --cut
+      echo: 10cf16b458f759e0d617f2f3d83599ff
+      --cut--
+      """

package/features/response.feature

@@ -0,0 +1,65 @@
+Feature: Response
+
+  Scenario: Content negotiation
+    Given the annotation:
+      """yaml
+      /:
+        GET:
+          anonymous: true
+          dev:stub: hello
+      """
+    When the following request is received:
+      """
+      GET / HTTP/1.1
+      accept: application/json
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: application/json
+      vary: accept
+      """
+
+  Scenario: Error as YAML
+    Given the `echo` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          GET: error
+      """
+    When the following request is received:
+      """
+      GET /echo/ HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      409 Conflict
+      content-type: application/yaml
+
+      code: CODE
+      message: message
+      """
+
+  Scenario: Error as MessagePack
+    Given the `echo` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          GET: error
+      """
+    When the following request is received:
+      """
+      GET /echo/ HTTP/1.1
+      accept: application/msgpack
+      """
+    Then the following reply is sent:
+      """
+      409 Conflict
+      content-type: application/msgpack
+      """
+    And response body contains MessagePack-encoded value:
+      """yaml
+      code: CODE
+      message: message
+      """

package/features/routes.feature

@@ -87,3 +87,40 @@ Feature: Routes
 
       Hello
       """
+
+  Scenario: Routes with naming conflicts
+    Given the Gateway is running
+    And the `users` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          POST: create
+      """
+    And the `users.properties` is running with the following manifest:
+      """yaml
+      exposition:
+        /:id:
+          GET: observe
+      """
+    When the following request is received:
+      """
+      GET /users/properties/b5534021e30042259badffbd1831e472/ HTTP/1.1
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+
+      newbie: false
+      """
+    When the following request is received:
+      """
+      POST /users/ HTTP/1.1
+      content-type: application/yaml
+
+      name: Alice
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+      """

package/features/steps/Captures.ts

@@ -0,0 +1,6 @@
+import * as http from '@toa.io/agent'
+import { binding } from 'cucumber-tsflow'
+
+@binding()
+export class Captures extends http.Captures {
+}

package/features/steps/Components.ts

@@ -1,3 +1,4 @@
+import * as assert from 'node:assert'
 import { after, binding, given } from 'cucumber-tsflow'
 import * as boot from '@toa.io/boot'
 import { timeout } from '@toa.io/generic'
@@ -8,7 +9,7 @@ import { Workspace } from './Workspace'
 @binding([Workspace])
 export class Components {
   private readonly workspace: Workspace
-  private composition: Connector | null = null
+  private compositions: Record<string, Connector> = {}
 
   public constructor (workspace: Workspace) {
     this.workspace = workspace
@@ -26,18 +27,29 @@ export class Components {
     await this.runComponent(name, manifest)
   }
 
-  @after()
   @given('the `{word}` is stopped')
-  public async stop (_?: string): Promise<void> {
-    await this.composition?.disconnect()
+  public async stop (name: string): Promise<void> {
+    assert.ok(name in this.compositions, `Composition '${name}' is not running`)
+
+    await this.compositions[name].disconnect()
+    delete this.compositions[name]
+  }
+
+  @after()
+  public async shutdown (): Promise<void> {
+    const promises = Object.values(this.compositions).map((composition) => composition.disconnect())
+
+    await Promise.all(promises)
   }
 
   private async runComponent (name: string, manifest?: object): Promise<void> {
+    assert.ok(!(name in this.compositions), `Composition '${name}' is already running`)
+
     const path = await this.workspace.addComponent(name, manifest)
 
-    this.composition = await boot.composition([path])
+    this.compositions[name] = await boot.composition([path])
 
-    await this.composition.connect()
+    await this.compositions[name].connect()
     await timeout(50) // discovery
   }
 }

package/features/steps/Gateway.ts

@@ -18,8 +18,7 @@ export class Gateway {
     const annotation = parse(yaml)
 
     if ('/' in annotation) {
-      const node = { '/': annotation['/'] }
-      const tree = syntax.parse(node, shortcuts)
+      const tree = syntax.parse(annotation['/'], shortcuts)
 
       process.env.TOA_EXPOSITION = encode(tree)
     }

package/features/steps/HTTP.ts

@@ -1,121 +1,74 @@
-import { AssertionError } from 'node:assert'
+import * as assert from 'node:assert'
+import * as fs from 'node:fs'
+import * as path from 'node:path'
 import { binding, then, when } from 'cucumber-tsflow'
-import * as http from '@toa.io/http'
-import { trim } from '@toa.io/generic'
-import { buffer } from '@toa.io/streams'
-import { open } from '../../../storages/source/test/util'
+import * as http from '@toa.io/agent'
+import * as msgpack from 'msgpackr'
+import * as YAML from 'js-yaml'
+import { Captures } from './Captures'
 import { Parameters } from './Parameters'
 import { Gateway } from './Gateway'
+import type { Readable } from 'node:stream'
 
-@binding([Gateway, Parameters])
-export class HTTP {
+@binding([Gateway, Parameters, Captures])
+export class HTTP extends http.Agent {
   private readonly gateway: Gateway
-  private readonly origin: string
-  private response: string = ''
-  private readonly variables: Record<string, string> = {}
+  private fetched: Response | null = null
 
-  public constructor (gateway: Gateway, parameters: Parameters) {
+  public constructor (gateway: Gateway, parameters: Parameters, captures: Captures) {
+    super(parameters.origin, captures)
     this.gateway = gateway
-    this.origin = parameters.origin
   }
 
   @when('the following request is received:')
-  public async request (input: string): Promise<any> {
-    let [headers, body] = trim(input).split('\n\n')
-
-    if (body !== undefined)
-      headers += '\ncontent-length: ' + body?.length
-
-    const text = headers + '\n\n' + (body ?? '')
-    const request = text.replaceAll(SUBSTITUTE, (_, name) => this.variables[name])
-
+  public override async request (input: string): Promise<any> {
     await this.gateway.start()
-
-    this.response = await http.request(request, this.origin)
+    this.fetched = await super.request(input)
   }
 
   @then('the following reply is sent:')
-  public responseIncludes (expected: string): void {
-    const lines = trim(expected).split('\n')
-
-    for (const line of lines) {
-      const escaped = line.replace(/[.*+?^${}()|[\]\\]/g, '\\$&')
-
-      const expression = escaped.replace(CAPTURE,
-        (_, name) => `(?<${name}>\\S{1,2048})`)
+  public override responseIncludes (expected: string): void {
+    super.responseIncludes(expected)
+  }
 
-      const rx = new RegExp(expression, 'i')
-      const match = this.response.match(rx)
+  @then('response body contains {word}-encoded value:')
+  public async bodyIs (format: string, yaml: string): Promise<void> {
+    assert.ok(this.fetched !== null, 'Response is null')
 
-      if (match === null)
-        throw new AssertionError({
-          message: `Response is missing '${line}'`,
-          expected: line,
-          actual: this.response
-        })
+    const buf = await this.fetched.arrayBuffer()
+    const value = encoders[format]?.(buf as Buffer)
+    const expected = YAML.load(yaml)
 
-      Object.assign(this.variables, match.groups)
-    }
+    assert.deepEqual(value, expected, 'Values are not equal')
   }
 
   @then('the reply does not contain:')
-  public responseExcludes (expected: string): void {
-    const lines = trim(expected).split('\n')
-
-    for (const line of lines) {
-      line.replace(SUBSTITUTE, (_, name) => this.variables[name])
-
-      const includes = this.response.includes(line)
-
-      if (includes)
-        throw new AssertionError({
-          message: `Response contains '${line}'`,
-          expected: line,
-          actual: this.response
-        })
-    }
+  public override responseExcludes (expected: string): void {
+    super.responseExcludes(expected)
   }
 
   @when('the stream of `{word}` is received with the following headers:')
   public async streamRequest (filename: string, head: string): Promise<any> {
-    head = trim(head) + '\n\n'
+    const stream = open(filename)
 
     await this.gateway.start()
-
-    const { url, method, headers } = http.parse.request(head)
-    const href = new URL(url, this.origin).href
-    const body = open(filename)
-
-    headers.connection = 'close' // required for interrupted streams
-
-    const request = {
-      method,
-      headers,
-      body: body as unknown as ReadableStream,
-      duplex: 'half'
-    }
-
-    try {
-      const response = await fetch(href, request)
-
-      this.response = await http.parse.response(response)
-    } catch (e: any) {
-      console.error(e)
-      console.error(e.cause)
-
-      throw e
-    }
+    await super.stream(head, stream)
   }
 
   @then('the stream equals to `{word}` is sent with the following headers:')
   public async responseStreamMatch (filename: string, head: string): Promise<any> {
-    const buf = await buffer(open(filename))
-    const text = buf.toString('utf8')
-    const expected = head + '\n\n' + text
+    const stream = open(filename)
 
-    this.responseIncludes(expected)
+    await super.streamMatch(head, stream)
   }
 }
 
-const CAPTURE = /\\\$\\{\\{ (?<name>[A-Za-z_]{0,32}) \\}\\}/g
-const SUBSTITUTE = /\${{ (?<name>[A-Za-z_]{0,32}) }}/g
+const FILEDIR = path.resolve(__dirname, '../../../storages/source/test')
+
+function open (filename: string): Readable {
+  return fs.createReadStream(path.join(FILEDIR, filename))
+}
+
+const encoders: Record<string, (buf: Buffer | Uint8Array) => any> = {
+  MessagePack: msgpack.decode
+}

package/features/steps/IdP.ts

@@ -0,0 +1,149 @@
+import { once } from 'node:events'
+import * as crypto from 'node:crypto'
+import * as http from 'node:http'
+import * as assert from 'node:assert'
+import * as util from 'node:util'
+import { binding, given, afterAll } from 'cucumber-tsflow'
+import { Captures } from './Captures'
+
+import type { AddressInfo } from 'node:net'
+
+@binding([Captures])
+export class IdP {
+  private static server?: http.Server
+  private static privateKey?: crypto.KeyObject
+  private static issuer?: string
+
+  public constructor (private readonly captures: Captures) {}
+
+  @afterAll()
+  public static async stop (): Promise<void> {
+    if (this.server instanceof http.Server) {
+      this.server.close()
+      await once(this.server, 'close')
+    }
+  }
+
+  @given(/local IDP is running/i)
+  public async start (): Promise<void> {
+    if (IdP.server instanceof http.Server) return
+
+    // creating the key
+    const { publicKey, privateKey } = await util.promisify(crypto.generateKeyPair)('rsa', {
+      modulusLength: 2048
+    })
+
+    IdP.privateKey = privateKey
+
+    const jwk = JSON.stringify({
+      keys: [{ use: 'sig', alg: 'RS256', ...publicKey.export({ format: 'jwk' }) }]
+    })
+
+    const JWK_URL = '/.well-known/jwks'
+
+    const server = http.createServer((request, response) => {
+      switch (request.url) {
+        case JWK_URL:
+          response.writeHead(200, {
+            'Content-Type': 'application/json',
+            'Content-Length': jwk.length,
+            'Cache-Control': 'no-cache, no-store, must-revalidate',
+            Pragma: 'no-cache',
+            Expires: '0'
+          })
+          response.end(jwk)
+          break
+
+        case '/.well-known/openid-configuration':
+          {
+            const openIdConfiguration = JSON.stringify({
+              issuer: IdP.issuer,
+              jwks_uri: IdP.issuer + JWK_URL,
+              response_types_supported: ['id_token'],
+              subject_types_supported: ['public'],
+              id_token_signing_alg_values_supported: ['RS256'],
+              scopes_supported: ['openid']
+            })
+
+            response.writeHead(200, {
+              'Content-Type': 'application/json',
+              'Cache-Control': 'public, max-age=3600',
+              'Content-Length': openIdConfiguration.length
+            })
+            response.end(openIdConfiguration)
+          }
+
+          break
+
+        default:
+          response.writeHead(404, 'Not found')
+          response.end()
+      }
+    })
+
+    server.listen(44444, 'localhost')
+    await once(server, 'listening')
+
+    const address = server.address() as AddressInfo
+
+    console.log('IdP is listening on %s:%s', address.address, address.port)
+    IdP.server = server
+    IdP.issuer = `http://localhost:${address.port}`
+  }
+
+  @given('the IDP token for {word} is issued')
+  public async issueToken (user: string): Promise<void> {
+    assert.ok(IdP.privateKey, 'IdP private key is not available')
+
+    const jwt = [
+      {
+        typ: 'JWT',
+        alg: 'RS256'
+      },
+      {
+        iss: IdP.issuer,
+        sub: `${user}-mock-id`,
+        aud: 'test',
+        iat: Math.floor(Date.now() / 1000),
+        exp: Math.floor((Date.now() + 1000 * 60 * 5) / 1000)
+      }
+    ]
+      .map((v) => Buffer.from(JSON.stringify(v)).toString('base64url'))
+      .join('.')
+
+    const signature = crypto.createSign('RSA-SHA256').end(jwt).sign(IdP.privateKey, 'base64url')
+
+    const idToken = `${jwt}.${signature}`
+
+    this.captures.set(`${user}.id_token`, idToken)
+  }
+
+  @given('the IDP {word} token for {word} is issued with following secret:')
+  public async issueSymmetricToken (alg: string, user: string, secret: string): Promise<void> {
+    console.log('Sym token for %s with secret "%s"', user, secret)
+
+    const jwt = [
+      {
+        typ: 'JWT',
+        alg
+      },
+      {
+        iss: IdP.issuer,
+        sub: `${user}-mock-id`,
+        aud: 'test',
+        iat: Math.floor(Date.now() / 1000),
+        exp: Math.floor((Date.now() + 1000 * 60 * 5) / 1000)
+      }
+    ]
+      .map((v) => Buffer.from(JSON.stringify(v)).toString('base64url'))
+      .join('.')
+
+    const signature = crypto.createHmac(alg.replace(/^HS(\d{3})$/, 'sha$1'), secret)
+      .update(jwt)
+      .digest('base64url')
+
+    const idToken = `${jwt}.${signature}`
+
+    this.captures.set(`${user}.id_token`, idToken)
+  }
+}