@toa.io/extensions.exposition 1.0.0-alpha.7 → 1.0.0-alpha.73

package/features/methods.feature

@@ -0,0 +1,47 @@
+Feature: Supported methods
+
+  Scenario Outline: <method> is supported
+    Given the annotation:
+      """yaml
+      /:
+        <method>:
+          dev:stub:
+            hello: world
+      """
+    And the `greeter` is running with the following manifest:
+      """yaml
+      exposition:
+        /:
+          <method>:
+            dev:stub:
+              hello: world
+      """
+    Examples:
+      | method |
+      | GET    |
+      | POST   |
+      | PUT    |
+      | DELETE |
+      | PATCH  |
+      | LOCK   |
+      | UNLOCK |
+
+  Scenario: CORS allowed methods
+    Given the annotation:
+      """yaml
+      /:
+        GET:
+          dev:stub:
+            hello: world
+      """
+    When the following request is received:
+      """
+      OPTIONS / HTTP/1.1
+      host: nex.toa.io
+      origin: https://hello.world
+      """
+    Then the following reply is sent:
+      """
+      204 No Content
+      access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, LOCK, UNLOCK
+      """

package/features/octets.download.feature

@@ -0,0 +1,189 @@
+Feature: Download and store
+
+  Scenario Outline: Download from trusted location defined as <type>
+    Given the annotation:
+      """yaml
+      /:
+        io:output: true
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store:
+            trust:
+              - <location> # <type>
+              - https://github.com
+        /*:
+          GET:
+            octets:fetch:
+              meta: true
+      """
+
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      201 Created
+
+      id: ${{ id }}
+      type: image/png
+      """
+
+    When the following request is received:
+      """
+      GET /${{ id }} HTTP/1.1
+      host: nex.toa.io
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: image/png
+      content-length: 1288
+      etag: "${{ id }}"
+      """
+
+    # origin is stored in the entry
+    When the following request is received:
+      """
+      GET /${{ id }} HTTP/1.1
+      host: nex.toa.io
+      accept: application/vnd.toa.octets.entry+yaml
+      """
+    Then the following reply is sent:
+      """
+      200 OK
+      content-type: application/yaml
+
+      id: ${{ id }}
+      type: image/png
+      origin: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      """
+
+    # untrusted location
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://github.githubassets.com/assets/yolo-default-be0bbff04951.png
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      403 Forbidden
+
+      Location is not trusted
+      """
+
+    # content-length must be 0
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      content-length: 1
+      accept: application/yaml
+
+      1
+      """
+    Then the following reply is sent:
+      """
+      400 Bad Request
+
+      Content-Length must be 0 when Content-Location is used
+      """
+
+    # invalid content-location
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: Hello there!
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      403 Forbidden
+
+      Location is not trusted
+      """
+
+    # unavailable location
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://github.com/toa-io/no
+      content-length: 0
+      accept: application/yaml
+      """
+    Then the following reply is sent:
+      """
+      404 Not Found
+
+      Location is not available
+      """
+
+    Examples:
+      | type       | location                                   |
+      | origin     | https://avatars.githubusercontent.com      |
+      | expression | /^https://avatars\.githubusercontent\.com/ |
+
+  Scenario: Download size limit
+    Given the annotation:
+      """yaml
+      /:
+        io:output: true
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store:
+            limit: 1kb
+            trust:
+              - https://avatars.githubusercontent.com
+      """
+    When the following request is received:
+      """
+      POST / HTTP/1.1
+      host: nex.toa.io
+      content-location: https://avatars.githubusercontent.com/u/92763022?s=48&v=4
+      content-length: 0
+      accept: text/plain
+      """
+    Then the following reply is sent:
+      """
+      413 Request Entity Too Large
+
+      Size limit is 1kb
+      """
+
+  Scenario: Allow `content-location` request header
+    Given the annotation:
+      """yaml
+      /:
+        io:output: true
+        auth:anonymous: true
+        octets:context: octets
+        POST:
+          octets:store:
+            limit: 1kb
+            trust:
+              - https://avatars.githubusercontent.com
+      """
+    When the following request is received:
+      """
+      OPTIONS / HTTP/1.1
+      host: nex.toa.io
+      origin: https://hello.world
+      """
+    Then the following reply is sent:
+      """
+      204 No Content
+      access-control-allow-headers: accept, authorization, content-type, etag, if-match, if-none-match, content-meta, content-location
+      """

package/features/octets.entries.feature

@@ -18,6 +18,7 @@ Feature: Accessing entries
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       content-type: application/octet-stream
       """
     Then the following reply is sent:
@@ -27,6 +28,7 @@ Feature: Accessing entries
     When the following request is received:
       """
       GET / HTTP/1.1
+      host: nex.toa.io
       accept: application/vnd.toa.octets.entries+yaml
       """
     Then the following reply is sent:
@@ -38,6 +40,7 @@ Feature: Accessing entries
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       accept: text/vnd.toa.octets.entry+plain
       """
     Then the following reply is sent:
@@ -67,18 +70,21 @@ Feature: Accessing entries
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       content-type: application/octet-stream
       """
     And the stream of `lenna.png` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       content-type: application/octet-stream
       """
     When the following request is received:
       """
       GET / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       """
     Then the following reply is sent:
@@ -92,6 +98,7 @@ Feature: Accessing entries
     When the following request is received:
       """
       GET / HTTP/1.1
+      host: nex.toa.io
       accept: application/vnd.toa.octets.entries+yaml
       """
     Then the following reply is sent:
@@ -109,13 +116,13 @@ Feature: Accessing entries
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       accept: application/vnd.toa.octets.entry+yaml
       """
     Then the following reply is sent:
       """
       200 OK
       content-type: application/yaml
-      content-length: 124
 
       id: 10cf16b458f759e0d617f2f3d83599ff
       type: application/octet-stream

package/features/octets.feature

@@ -11,8 +11,6 @@ Feature: Octets directive family
           octets:store: ~
         GET:
           octets:list: ~
-        PUT:
-          octets:permute: ~
         /*:
           GET:
             octets:fetch: ~
@@ -33,12 +31,24 @@ Feature: Octets directive family
             POST:
               octets:store:
                 accept: image/*
+            /*:
+              GET:
+                octets:fetch: ~
+        /limit-1kb:
+          POST:
+            octets:store:
+              limit: 1kb
+        /limit-100kb:
+          POST:
+            octets:store:
+              limit: 100kb
       """
 
   Scenario: Basic storage operations
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       content-type: application/octet-stream
       """
@@ -54,6 +64,7 @@ Feature: Octets directive family
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       """
     Then the stream equals to `lenna.ascii` is sent with the following headers:
       """
@@ -65,6 +76,7 @@ Feature: Octets directive family
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       if-none-match: ${{ ETAG }}
       """
     Then the following reply is sent:
@@ -74,6 +86,7 @@ Feature: Octets directive family
     When the following request is received:
       """
       GET / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       """
     Then the following reply is sent:
@@ -86,6 +99,7 @@ Feature: Octets directive family
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff?foo=bar HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
@@ -94,6 +108,7 @@ Feature: Octets directive family
     When the following request is received:
       """
       DELETE /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
@@ -102,113 +117,122 @@ Feature: Octets directive family
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
       404 Not Found
       """
 
-  Scenario: Entries permutation
-    When the stream of `lenna.ascii` is received with the following headers:
+  Scenario: Media type control
+    When the stream of `lenna.png` is received with the following headers:
       """
-      POST / HTTP/1.1
-      accept: application/yaml
-      content-type: application/octet-stream
+      POST /media/jpeg-or-png/ HTTP/1.1
+      host: nex.toa.io
+      content-type: image/jpeg
       """
-    And the stream of `lenna.png` is received with the following headers:
+    Then the following reply is sent:
       """
-      POST / HTTP/1.1
-      accept: application/yaml
-      content-type: application/octet-stream
+      400 Bad Request
       """
-    When the following request is received:
+    When the stream of `lenna.png` is received with the following headers:
       """
-      GET / HTTP/1.1
-      accept: application/yaml
+      POST /media/jpeg/ HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
-      200 OK
-      content-type: application/yaml
-
-      - 10cf16b458f759e0d617f2f3d83599ff
-      - 814a0034f5549e957ee61360d87457e5
+      415 Unsupported Media Type
       """
-    When the following request is received:
+    When the stream of `lenna.png` is received with the following headers:
       """
-      PUT / HTTP/1.1
-      content-type: application/yaml
-
-      - 814a0034f5549e957ee61360d87457e5
-      - 10cf16b458f759e0d617f2f3d83599ff
+      POST /media/jpeg-or-png/ HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
-      204 No Content
+      201 Created
       """
-    When the following request is received:
+
+  Scenario: Size limit
+    When the stream of `albert.jpg` is received with the following headers:
       """
-      GET / HTTP/1.1
-      accept: application/yaml
+      POST /limit-1kb/ HTTP/1.1
+      host: nex.toa.io
+      content-type: image/jpeg
+      accept: text/plain
       """
     Then the following reply is sent:
       """
-      200 OK
-      content-type: application/yaml
+      413 Request Entity Too Large
 
-      - 814a0034f5549e957ee61360d87457e5
-      - 10cf16b458f759e0d617f2f3d83599ff
+      Size limit is 1kb
       """
 
-  Scenario: Media type control
-    When the stream of `lenna.png` is received with the following headers:
+    When the stream of `albert.jpg` is received with the following headers:
       """
-      POST /media/jpeg-or-png/ HTTP/1.1
+      POST /limit-100kb/ HTTP/1.1
+      host: nex.toa.io
       content-type: image/jpeg
       """
     Then the following reply is sent:
       """
-      400 Bad Request
+      201 Created
       """
-    When the stream of `lenna.png` is received with the following headers:
+
+  Scenario Outline: Detecting `<type>`
+    When the stream of `sample.<ext>` is received with the following headers:
       """
-      POST /media/jpeg/ HTTP/1.1
+      POST /media/images/ HTTP/1.1
+      host: nex.toa.io
+      accept: application/yaml
       """
     Then the following reply is sent:
       """
-      415 Unsupported Media Type
+      201 Created
+
+      type: <type>
       """
-    When the stream of `lenna.png` is received with the following headers:
+    Examples:
+      | ext  | type       |
+      | jpeg | image/jpeg |
+      | jxl  | image/jxl  |
+      | gif  | image/gif  |
+      | heic | image/heic |
+      | avif | image/avif |
+      | webp | image/webp |
+
+  Scenario: Accepting `image/svg+xml`
+    When the stream of `sample.svg` is received with the following headers:
       """
-      POST /media/jpeg-or-png/ HTTP/1.1
+      POST /media/images/ HTTP/1.1
+      host: nex.toa.io
+      content-type: image/svg+xml
+      accept: application/yaml
       """
     Then the following reply is sent:
       """
       201 Created
+
+      type: image/svg+xml
       """
 
-  Scenario Outline: Receiving <format> images
-    When the stream of `sample.<format>` is received with the following headers:
+  Scenario: Rejection video/avi
+    When the stream of `sample.avi` is received with the following headers:
       """
       POST /media/images/ HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
-      201 Created
+      415 Unsupported Media Type
       """
-    Examples:
-      | format |
-      | jpeg   |
-      | jxl    |
-      | gif    |
-      | heic   |
-      | avif   |
-      | webp   |
 
   Scenario: Fetching non-existent BLOB
     When the following request is received:
       """
       GET /whatever HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
@@ -219,12 +243,14 @@ Feature: Octets directive family
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       accept: application/yaml
       content-type: application/octet-stream
       """
     And the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff/ HTTP/1.1
+      host: nex.toa.io
       accept: text/plain
       """
     Then the following reply is sent:
@@ -235,7 +261,7 @@ Feature: Octets directive family
       Trailing slash is redundant.
       """
 
-  Scenario: Original BLOLB is not accessible
+  Scenario: Original BLOB is not accessible
     Given the annotation:
       """yaml
       /:
@@ -253,6 +279,7 @@ Feature: Octets directive family
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST / HTTP/1.1
+      host: nex.toa.io
       """
     Then the following reply is sent:
       """
@@ -261,6 +288,7 @@ Feature: Octets directive family
     When the following request is received:
       """
       GET /10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       accept: text/plain
       """
     Then the following reply is sent:

package/features/octets.meta.feature

@@ -19,6 +19,7 @@ Feature: Octets `content-meta` header
     When the stream of `lenna.ascii` is received with the following headers:
       """
       POST /meta-header/ HTTP/1.1
+      host: nex.toa.io
       content-type: application/octet-stream
       content-meta: foo, bar=baz=1
       content-meta: baz=1
@@ -30,6 +31,7 @@ Feature: Octets `content-meta` header
     When the following request is received:
       """
       GET /meta-header/10cf16b458f759e0d617f2f3d83599ff HTTP/1.1
+      host: nex.toa.io
       accept: application/vnd.toa.octets.entry+yaml
       """
     Then the following reply is sent:
@@ -56,6 +58,7 @@ Feature: Octets `content-meta` header
     When the following request is received:
       """
       OPTIONS / HTTP/1.1
+      host: nex.toa.io
       origin: https://example.com
       """
     Then the following reply is sent: