Add property based testing to auth API using schemathesis

Signed-off-by: Rodney Osodo <[email protected]>

.github/workflows/api-tests.yml

@@ -49,6 +49,7 @@ env:
   USERS_URL: http://localhost:9002
   THINGS_URL: http://localhost:9000
   INVITATIONS_URL: http://localhost:9020
+  AUTH_URL: http://localhost:8189
 
 jobs:
   api-test:
@@ -166,6 +167,16 @@ jobs:
           report: false
           args: '--header "Authorization: Bearer ${{ env.USER_TOKEN }}" --contrib-unique-data --contrib-openapi-formats-uuid --hypothesis-suppress-health-check=filter_too_much --stateful=links'
 
+      - name: Run Auth API tests
+        if: steps.changes.outputs.auth == 'true'
+        uses: schemathesis/action@v1
+        with:
+          schema: api/openapi/auth.yml
+          base-url: ${{ env.AUTH_URL }}
+          checks: all
+          report: false
+          args: '--header "Authorization: Bearer ${{ env.USER_TOKEN }}" --contrib-unique-data --contrib-openapi-formats-uuid --hypothesis-suppress-health-check=filter_too_much --stateful=links'
+
       - name: Stop containers
         if: always()
         run: make run down args="-v"

Makefile

@@ -160,6 +160,7 @@ endef
 test_api_users: TEST_API_URL := http://localhost:9002
 test_api_things: TEST_API_URL := http://localhost:9000
 test_api_invitations: TEST_API_URL := http://localhost:9020
+test_api_auth: TEST_API_URL := http://localhost:8189
 
 $(TEST_API):
 	$(call test_api_service,$(@),$(TEST_API_URL))

api/openapi/auth.yml

@@ -319,6 +319,7 @@ paths:
           $ref: "#/components/responses/ServiceError"
   /keys:
     post:
+      operationId: issueKey
       tags:
         - Keys
       summary: Issue API key
@@ -341,6 +342,7 @@ paths:
 
   /keys/{keyID}:
     get:
+      operationId: getKey
       summary: Gets API key details.
       description: |
         Gets API key details for the given key.
@@ -355,10 +357,13 @@ paths:
           description: Failed due to malformed query parameters.
         "401":
           description: Missing or invalid access token provided.
+        "404":
+          description: A non-existent entity request.
         "500":
           $ref: "#/components/responses/ServiceError"
 
     delete:
+      operationId: revokeKey
       summary: Revoke API key
       description: |
         Revoke API key identified by the given ID.
@@ -371,11 +376,14 @@ paths:
           description: Key revoked.
         "401":
           description: Missing or invalid access token provided.
+        "404":
+          description: A non-existent entity request.
         "500":
           $ref: "#/components/responses/ServiceError"
 
   /policies:
     post:
+      operationId: addPolicies
       summary: Creates new policies.
       description: |
         Creates new policies. Only admin can use this endpoint. Therefore, you need an authentication token for the admin.
@@ -393,6 +401,8 @@ paths:
           description: Missing or invalid access token provided.
         "403":
           description: Unauthorized access token provided.
+        "404":
+          description: A non-existent entity request.
         "409":
           description: Failed due to using an existing email address.
         "415":
@@ -402,6 +412,7 @@ paths:
 
   /policies/delete:
     post:
+      operationId: deletePolicies
       summary: Deletes policies.
       description: |
         Deletes policies. Only admin can use this endpoint. Therefore, you need an authentication token for the admin.
@@ -415,6 +426,8 @@ paths:
           description: Policies deleted.
         "400":
           description: Failed due to malformed JSON.
+        "404":
+          description: A non-existent entity request.
         "409":
           description: Failed due to using an existing email address.
         "415":
@@ -867,11 +880,16 @@ components:
         application/json:
           schema:
             $ref: "#/components/schemas/Key"
+      links:
+        revoke:
+          operationId: revokeKey
+          parameters:
+            keyID: $response.body#/id
 
     HealthRes:
       description: Service Health Check.
       content:
-        application/json:
+        application/health+json:
           schema:
             $ref: "./schemas/HealthInfo.yml"