[aerogear-dev] Testing scenarios for Authorization/Authentication

Good morning all, on the last week I promised to Karel some scenarios to improve our integration tests on Unified Push server. There we go with cUrl: # Login with the default credential on push server and verify if the server will return HTTP 403 curl -v -b cookies.txt -c cookies.txt \ -H "Accept: application/json" -H "Content-type: application/json" \ -X POST -d '{"loginName": "admin", "password":"123"}' \ http://localhost:8080/ag-push/rest/auth/login # Try to change the password providing a wrong old password and the server MUST return HTTP 401 (This is the fix provided on PicketLink beta7 and a good reason to update all projects on AeroGear). curl -v -b cookies.txt -c cookies.txt \ -H "Accept: application/json" -H "Content-type: application/json" \ -X PUT -d '{"loginName": "admin", "password":"meh", "newPassword":"ahoy"}' \ http://localhost:8080/ag-push/rest/auth/update # Try to change the password providing a correct old password and the server will return HTTP 200 curl -v -b cookies.txt -c cookies.txt \ -H "Accept: application/json" -H "Content-type: application/json" \ -X PUT -d '{"loginName": "admin", "password":"123", "newPassword":"ahoy"}' \ http://localhost:8080/ag-push/rest/auth/update # Try to login with incorrect credentials and the server must return HTTP 401 curl -v -b cookies.txt -c cookies.txt \ -H "Accept: application/json" -H "Content-type: application/json" \ -X POST -d '{"loginName": "admin", "password":"123"}' \ http://localhost:8080/ag-push/rest/auth/login # Try to login with correct credentials and the server must return HTTP 200 curl -v -b cookies.txt -c cookies.txt \ -H "Accept: application/json" -H "Content-type: application/json" \ -X POST -d '{"loginName": "admin", "password":"ahoy"}' http://localhost:8080/ag-push/rest/auth/login Let me know if I missed something. -- abstractj