From 5fae35c2024a10667ad8dce9cabc89870c05a46d Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Tue, 20 May 2025 09:26:47 +0200 Subject: [PATCH 01/31] tests: improve test-definitions for geofencing-subscriptions.feature, location-retrieval.feature & location-verification.feature --- .../geofencing-subscriptions.feature | 647 ++++++++++-------- .../location-retrieval.feature | 258 +++---- .../location-verification.feature | 41 +- 3 files changed, 514 insertions(+), 432 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 9bb03655..8f0bb048 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -1,4 +1,3 @@ -@Geofencing Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # Input to be provided by the implementation to the tester @@ -13,370 +12,450 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # References to OAS spec schemas refer to schemas specifies in geofencing-subscriptions.yaml Background: Common Geofencing Subscriptions setup - Given the resource "{apiroot}/geofencing-subscriptions/vwip/" as geofencing base-url + Given the resource "/geofencing-subscriptions/vwip/subscriptions" as geofencing base-url + And the header "Content-Type" is set to "application/json" And the header "Authorization" is set to a valid access token And the header "x-correlator" is set to a UUID value + And the request body is set by default to a request body compliant with the schema -############################ Happy Path Scenarios ######################## - @geofencing_subscriptions_01_Create_geofencing_subscription_for_a_device_sync - Scenario: Create geofencing subscription (sync creation) - Given that subscriptions are created synchronously - And a valid subscription request body - When the request "createSubscription" is sent +########################## +# Happy path scenarios +########################## + + @geofencing_subscriptions_01.1_sync_creation_2legs + Scenario Outline: Synchronous subscription creation with 2-legged-token + Given the header "Authorization" is set to a valid access token which does not identify any device + And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" + When the request "createGeofencingSubscription" is sent + And request property "$.types" is one of the allowed values "" + And request property "$.protocol" is equal to "HTTP" + And a valid phone number identified by "$.config.subscriptionDetail.device.phoneNumber" + And request property "$.sink" is set to a valid callbackUrl Then the response code is 201 + And the response body complies with the OAS schema at "#/components/schemas/Subscription" + And the response properties "$.types", "$.protocol", "$.sink" and "$.config.subscriptionDetail.device.phoneNumber" are present with the values provided in the request + And the response property "$.id" is present + And the response property "$.startsAt" and "$.expiresAt", if present, has a valid value with date-time format + And the response property "$.status", if present, has the value "ACTIVATION_REQUESTED", "ACTIVE" or "INACTIVE" + + Examples: + | subscription-creation-types | + | org.camaraproject.geofencing-subscriptions.v0.area-entered | + | org.camaraproject.geofencing-subscriptions.v0.area-left | + + @geofencing_subscriptions_01.1_sync_creation_3legs + Scenario Outline: Synchronous subscription creation with 3-legged-token + # Some implementations may only support asynchronous subscription creation + Given the header "Authorization" is set to a valid access token which identifies a valid device + And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" + When the request "createGeofencingSubscription" is sent + And request property "$.types" is one of the allowed values "" + And request property "$.protocol" is equal to "HTTP" + And request property "$.sink" is set to a valid callbackUrl + And request property "$.config.subscriptionDetail.device.phoneNumber" is not present + Then the response status code is 201 + And the response body complies with the OAS schema at "#/components/schemas/Subscription" + And the response properties "$.types", "$.protocol" and "$.sink" are present with the values provided in the request + And the response property "$.id" is present + And the response property "$.startsAt" and "$.expiresAt", if present, has a valid value with date-time format + And the response property "$.status", if present, has the value "ACTIVATION_REQUESTED", "ACTIVE" or "INACTIVE" + And the response property "$.config.subscriptionDetail.device" is not present + + Examples: + | subscription-creation-types | + | org.camaraproject.geofencing-subscriptions.v0.area-entered | + | org.camaraproject.geofencing-subscriptions.v0.area-left | + + @geofencing_subscriptions_02_async_creation + Scenario Outline: Asynchronous subscription creation with 2- or 3-legged access token + Given a valid target device, identified by either the access token or in the request body + And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" + When the request "createGeofencingSubscription" is sent + And request property "$.types" is one of the allowed values "" + And request property "$.protocol" is equal to "HTTP" + And request property "$.sink" is set to a valid callbackUrl + Then the response status code is 202 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "/components/schemas/Subscription" - - @geofencing_subscriptions_02_Create_geofencing_subscription_for_a_device_async - Scenario: Create geofencing subscription (async creation) - Given that subscriptions are created asynchronously - And a valid subscription request body - When the request "createSubscription" is sent - Then the response code is 202 + And the response body complies with the OAS schema at "#/components/schemas/SubscriptionAsync" + And the response property "$.id" is present + + Examples: + | subscription-creation-types | + | org.camaraproject.geofencing-subscriptions.v0.area-entered | + | org.camaraproject.geofencing-subscriptions.v0.area-left | + + @geofencing_subscriptions_03.1_retrieve_by_id_2legs + Scenario: Check existing subscription is retrieved by id with a 2-legged access token + Given a subscription exists and has a subscriptionId equal to "id" + And the header "Authorization" is set to a valid access token which does not identify any device + When the request "retrieveGeofencingSubscription" is sent + And the path parameter "subscriptionId" is set to "id" + Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "#/components/schemas/SubscriptionAsync" + And the response body complies with the OAS schema at "#/components/schemas/Subscription" + And the response property "$.id" is equal to "id" + And the response property "$.config.subscriptionDetail.device" is present - @geofencing_subscriptions_03_Operation_to_retrieve_list_of_subscriptions_when_no_records - Scenario: Get a list of subscriptions when no subscriptions available - Given a client without subscriptions created - When the request "retrieveGeofencingSubscriptionList" is sent - Then the response code is 200 + @geofencing_subscriptions_03.2_retrieve_by_id_3legs + Scenario: Check existing subscription is retrieved by id with a 3-legged access token + Given a subscription exists and has a subscriptionId equal to "id" + And the header "Authorization" is set to a valid access token which identifies the device associated with the subscription + When the request "retrieveGeofencingSubscription" is sent + And the path parameter "subscriptionId" is set to "id" + Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body is an empty array + And the response body complies with the OAS schema at "#/components/schemas/Subscription" + And the response property "$.id" is equal to "id" + And the response property "$.config.subscriptionDetail.device" is not present - @geofencing_subscriptions_04_Operation_to_retrieve_list_of_subscriptions - Scenario: Get a list of subscriptions - Given a client with subscriptions created - When the request "retrieveGeofencingSubscriptionList" is sent - Then the response code is 200 + @geofencing_subscriptions_04_retrieve_list_2legs + Scenario: Check existing subscription(s) is/are retrieved in list with 2-legged-token + Given at least one subscription is existing for the API consumer making this request + And the header "Authorization" is set to a valid access token which does not identify any device + When the request "retrieveGeofencingSubscriptionList" is sent + Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body has an array of items and each item complies with the OAS schema at "/components/schemas/Subscription" + And the response body complies with an array of OAS schema defined at "#/components/schemas/Subscription" + And the response body lists all subscriptions belonging to the API consumer - @geofencing_subscriptions_05_Operation_to_retrieve_subscription_based_on_an_existing_subscription-id - Scenario: Get a subscription based on existing subscription-id. - Given the path parameter "subscriptionId" is set to the identifier of an existing subscription - When the request "retrieveGeofencingSubscription" is sent - Then the response code is 200 + @geofencing_subscriptions_05_retrieve_list_3legs + Scenario: Check existing subscription(s) is/are retrieved in list with 3-legged-token + Given the API consumer has at least one active subscription for the device + And the header "Authorization" is set to a valid access token which identifies a valid device associated with one or more subscriptions + When the request "retrieveGeofencingSubscriptionList" is sent + Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "/components/schemas/Subscription" + And the response body complies with an array of OAS schema defined at "#/components/schemas/Subscription" + And the response body lists all subscriptions belonging to the API consumer for the identified device + And the response property "$.config.subscriptionDetail.device" is not present in any of the subscription records + + @geofencing_subscriptions_06_retrieve_empty_list_3legs + Scenario: Check no existing subscription is retrieved in list + Given the API consumer has no active subscriptions for the device + And the header "Authorization" is set to a valid access token which identifies a valid device + When the request "retrieveGeofencingSubscriptionList" is sent + Then the response status code is 200 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response body is an empty array - @geofencing_subscriptions_06_Operation_to_delete_subscription_based_on_an_existing_subscription-id - Scenario: Delete a subscription based on existing subscription-id. - Given the path parameter "subscriptionId" is set to the identifier of an existing subscription + @geofencing_subscriptions_07_delete_subscription_based_on_an_existing_subscription-id + Scenario: Delete the subscription with subscriptionId equal to "id" + Given the API consumer has an active subscription with "subscriptionId" equal to "id" When the request "deleteGeofencingSubscription" is sent - Then the response code is 202 or 204 + And the path parameter "subscriptionId" is set to "id" + Then the response status code is 202 or 204 And the response header "x-correlator" has same value as the request header "x-correlator" - And if the response property $.status is 204 then response body is not available - And if the response property $.status is 202 then response body complies with the OAS schema at "/components/schemas/SubscriptionAsync" + And if the response property "$.status" is 204 then response body is not present + And if the response property "$.status" is 202 then response body complies with the OAS schema at "#/components/schemas/SubscriptionAsync" and the response property "$.id" is equal to "id" - @geofencing_subscriptions_07_Receive_notification_when_device_enters_geofence + @geofencing_subscriptions_08_receive_notification_when_device_enters_geofence Scenario: Receive notification for area-entered event - Given a valid subscription request body - And the request body property "$.area" is set to circle which covers location "Place1" - And the request body property "$.type" is "area-entered" - When the request "createSubscription" is sent - Then the response code is 201 - Then the device entered location "Place1" - Then event notification "area-entered" is received on callback-url - And sink credentials are received as expected - And notification body complies with the OAS schema at "##/components/schemas/EventAreaEntered" - And type="org.camaraproject.geofencing-subscriptions.v0.area-entered" - - @geofencing_subscriptions_08_receive_notification_when_device_leaves_geofence + Given a valid subscription for that device exists with "subscriptionId" equal to "id" + And the request body property "$.area" is set to circle which covers location "Place1" + And the subscription property "$.types" contains the element "org.camaraproject.geofencing-subscriptions.v0.area-entered" + When the device entered location "Place1" + And event notification "area-entered" is sent to the specified callback URL + And the sink credentials specified when the subscription was created are included + And notification body complies with the OAS schema at "#/components/schemas/EventAreaEntered" + And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-entered" + And the notification property "$.data.subscriptionId" is equal to "id" + + @geofencing_subscriptions_09_receive_notification_when_device_leaves_geofence Scenario: Receive notification for area-left event - Given a valid subscription request body - And the request body property "$.area" is set to circle which covers location "Place1" - And the request body property "$.type" is "area-left" - When the request "createSubscription" is sent - Then the response code is 201 - Then the device left from location "Place1" - Then event notification "area-left" is received on callback-url - And sink credentials are received as expected - And notification body complies with the OAS schema at "##/components/schemas/EventAreaLeft" - And type="org.camaraproject.geofencing-subscriptions.v0.area-left" - - @geofencing_subscriptions_09_subscription_ends_on_expiry + Given a valid subscription for that device exists with "subscriptionId" equal to "id" + And the request body property "$.area" is set to circle which covers location "Place1" + And the subscription property "$.types" contains the element "org.camaraproject.geofencing-subscriptions.v0.area-left" + When the device leaves location "Place1" + And event notification "area-left" is sent to the specified callback URL + And the sink credentials specified when the subscription was created are included + And notification body complies with the OAS schema at "#/components/schemas/EventAreaLeft" + And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-left" + And the notification property "$.data.subscriptionId" is equal to "id" + + @geofencing_subscriptions_10_subscription_expiry Scenario: Receive notification for subscription-ends event on expiry - Given a valid subscription request body - And the request body property "$.area" is set to circle which covers location "Place1" - And the request body property "$.type" is "area-left" - And the request body property "$.subscriptionExpireTime" is set to a value in the near future - When the request "createSubscription" is sent - Then the response code is 201 - Then the subscription is expired - Then event notification "subscription-ends" is received on callback-url - And notification body complies with the OAS schema at "##/components/schemas/EventSubscriptionEnds" - And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ends" - And the response property "$.terminationReason" is "SUBSCRIPTION_EXPIRED" - - @geofencing_subscriptions_10_subscription_ends_on_max_events + Given a valid subscription for a device exists with "subscriptionId" equal to "id" + And the subscription property "$.subscriptionExpireTime" is set to a value in the near future + And the subscription property "$.sink" is a valid callback URL + When the subscriptionExpireTime is reached + Then a subscription termination event notification is sent to the callback URL + And the notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnds" + And the notification property "$.type" is "org.camaraproject.geofencing-subscriptions.v0.subscription-ends" + And the notification property "$.data.subscriptionId" is equal to "id" + And the notification property "$.data.terminationReason" is equal to "SUBSCRIPTION_EXPIRED" + + @geofencing_subscriptions_10_subscription_end_when_max_events Scenario: Receive notification for subscription-ends event on max events reached - Given a valid subscription request body - And the request body property "$.area" is set to circle which covers location "Place1" - And the request body property "$.type" is "area-left" - And the request body property "$.subscriptionMaxEvents" is set to 1 - When the request "createSubscription" is sent - Then the response code is 201 - Then the device left from location "Place1" - Then event notification "area-left" is received on callback-url - Then event notification "subscription-ends" is received on callback-url - And notification body complies with the OAS schema at "##/components/schemas/EventSubscriptionEnds" - And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ends"And the response property "$.terminationReason" is "MAX_EVENTS_REACHED" - + Given a valid subscription for a device exists with "subscriptionId" equal to "id" + And the subscription property "$.subscriptionMaxEvents" is set to 1 + And the subscription property "$.sink" is a valid callback URL + When a single notification corresponding to subscription property "$.type" has been sent to the callback URL + Then a subscription termination event notification is sent to the callback URL + And the notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnds" + And the notification property "$.type" is "org.camaraproject.geofencing-subscriptions.v0.subscription-ends" + And the notification property "$.data.subscriptionId" is equal to "id" + And the notification request property "$.data.terminationReason" is equal to "MAX_EVENTS_REACHED" + @geofencing_subscriptions_11_subscription_delete_event_validation Scenario: Receive notification for subscription-ends event on deletion - Given a valid subscription request body - When the request "createSubscription" is sent - Then the response code is 201 - And path parameter "subscriptionId" is set to the identifier of an existing subscription created + Given a valid subscription for a device exists with "subscriptionId" equal to "id" + And the subscription property "$.sink" is a valid callback URL When the request "deleteGeofencingSubscription" is sent - Then the response code is 202 or 204 - Then event notification "subscription-ends" is received on callback-url - And notification body complies with the OAS schema at "##/components/schemas/EventSubscriptionEnds" - And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ends" - And the response property "$.terminationReason" is "SUBSCRIPTION_DELETED" - -########################### Error response scenarios ############################################ - @geofencing_subscriptions_12_create_geofencing_subscription_for_a_device_with_invalid_parameter - Scenario: Create geofencing subscription with invalid parameter - Given the request body is not compliant with the schema "/components/schemas/SubscriptionRequest" - When the request "createSubscription" is sent - Then the response code is 400 + And the path parameter "subscriptionId" is set to "id" + And the response status code is 202 or 204 + Then a subscription termination event notification is sent to the callback URL + And the notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnds" + And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.subscription-ends" + And the notification property "$.data.subscriptionId" is equal to "id" + And the notification request property "$.data.terminationReason" is equal to "SUBSCRIPTION_DELETED" + +################ +# Error scenarios for management of input parameter device +################## + + @geofencing_subscription_C01.01_device_empty + Scenario: The device value is an empty object + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is set to: {} + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_13_creation_of_subscription_with_expiry_time_in_past - Scenario: Expiry time in past - Given a valid subscription request body - And request body property "$.subscriptionexpiretime" in past - When the request "createSubscription" is sent - Then the response code is 400 + @geofencing_subscription_C01.02_device_identifiers_not_schema_compliant + Scenario Outline: Some device identifier value does not comply with the schema + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "" does not comply with the OAS schema at "" + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - - @geofencing_subscription_14_creation_with_invalid_eventType - Scenario: Subscription creation with invalid event type - Given a valid subscription request body - And the request body property "$.types" is set to invalid value - When the request "createSubscription" is sent - Then the response property "$.status" is 400 - And the response property "$.code" is "INVALID_ARGUMENT" - And the response property "$.message" contains a user friendly text - - @geofencing_subscription_15_invalid_protocol - Scenario: Subscription creation with invalid protocol - Given a valid subscription request body - When the request "createSubscription" is sent - And the request property "$.types" is set to "org.camaraproject.geofencing-subscriptions.v0.area-entered" - And the request property "$.protocol" is not set to "HTTP" - And the request property "$.config.subscriptionDetail.phoneNumber" is set with provided phoneNumber - And the request property "$.sink" is set to provided callbackUrl - Then the response property "$.status" is 400 - And the response property "$.code" is "INVALID_PROTOCOL" + + Examples: + | device_identifier | oas_spec_schema | + | $.device.phoneNumber | /components/schemas/PhoneNumber | + | $.device.ipv4Address | /components/schemas/DeviceIpv4Addr | + | $.device.ipv6Address | /components/schemas/DeviceIpv6Address | + | $.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | + + # This scenario may happen e.g. with 2-legged access tokens, which do not identify a single device. + @geofencing_subscription_C01.03_device_not_found + Scenario: Some identifier cannot be matched to a device + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is compliant with the schema but does not identify a device whose connectivity is managed by the API provider + When the request "createGeofencingSubscription" is sent + Then the response status code is 404 + And the response property "$.status" is 404 + And the response property "$.code" is "IDENTIFIER_NOT_FOUND" And the response property "$.message" contains a user friendly text - @geofencing_subscription_16_invalid_credential - Scenario: Subscription creation with invalid credential - Given a valid subscription request body - When the request "createSubscription" is sent - And the request property "$.types" is set to "org.camaraproject.geofencing-subscriptions.v0.area-entered" - And the request property "$.protocol" is set to "HTTP" - And the request property "$.config.subscriptionDetail.phoneNumber" is set with with provided phoneNumber - And the request property "$.sink" is set to provided callbackUrl - And the request property "$.sinkCredential.credentialType" is not set to "ACCESSTOKEN" - And the request property "$.sinkCredential.accessTokenType" is set to "bearer" - And the request property "$.sinkCredential.accessToken" is valued with a valid value - And the request property "$.sinkCredential.accessTokenExpiresUtc" is valued with a valid value - Then the response property "$.status" is 400 - And the response property "$.code" is "INVALID_CREDENTIAL" + @geofencing_subscription_C01.04_unnecessary_device + Scenario: Device not to be included when it can be deduced from the access token + Given the header "Authorization" is set to a valid access token identifying a device + And the request body property "$.device" is also set to a valid device, which may or may not be the same device + When the request "createGeofencingSubscription" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "UNNECESSARY_IDENTIFIER" + And the response property "$.message" contains a user-friendly text + + @geofencing_subscription_C01.05_missing_device + Scenario: Device not included and cannot be deduced from the access token + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is not included + When the request "createGeofencingSubscription" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "MISSING_IDENTIFIER" + And the response property "$.message" contains a user-friendly text + + @geofencing_subscription_C01.06_unsupported_device + Scenario: None of the provided device identifiers is supported by the implementation + Given that some types of device identifiers are not supported by the implementation + And the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" only includes device identifiers not supported by the implementation + When the request "createGeofencingSubscription" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" + And the response property "$.message" contains a user-friendly text + + # When the service is only offered to certain types of devices or subscriptions, e.g. IoT, B2C, etc. + @geofencing_subscription_C01.07_device_not_supported + Scenario: Service not available for the device + Given that the service is not available for all devices commercialized by the operator + And a valid device, identified by the token or provided in the request body, for which the service is not applicable + When the request "createGeofencingSubscription" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "SERVICE_NOT_APPLICABLE" + And the response property "$.message" contains a user-friendly text + + # Several identifiers provided but they do not identify the same device + # This scenario may happen with 2-legged access tokens, which do not identify a device + @geofencing_subscription_C01.08_device_identifiers_mismatch + Scenario: Device identifiers mismatch + Given the header "Authorization" is set to a valid access token which does not identify a single device + And at least 2 types of device identifiers are supported by the implementation + And the request body property "$.device" includes several identifiers, each of them identifying a valid but different device + When the request "createGeofencingSubscription" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text - @geofencing_subscription_17_invalid_token - Scenario: Subscription creation with invalid token - Given a valid subscription request body - When the request "createSubscription" is sent - And the request property "$.types"="org.camaraproject.geofencing-subscriptions.v0.area-entered" - And the request property "$.protocol" is set to "HTTP" - And the request property "$.sink" is set to provided callbackUrl - And the request property "$.sinkCredential.credentialType" is set to "ACCESSTOKEN" - And the request property "$.sinkCredential.accessTokenType" is not set to "bearer" - And the request property "$.sinkCredential.accessToken" is valued with a valid value - And the request property "$.sinkCredential.accessTokenExpiresUtc" is valued with a valid value - Then the response property "$.status" is 400 - And the response property "$.code" is "INVALID_TOKEN" or "INVALID_ARGUMENT" +################## +# Error code 400 +################## + + @geofencing_subscription_400.1_create_subscription_with_invalid_parameter + Scenario: Create subscription with invalid parameter + Given the request body is not compliant with the schema "#/components/schemas/SubscriptionRequest" + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_18_no_authorization_header_for_create_subscription - Scenario: No Authorization header for create subscription - Given a valid subscription request body and header "Authorization" is not set to - When the request "createSubscription" is sent - Then the response status code is 401 - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + @geofencing_subscription_400.2_create_subscription_with_invalid_subscription_expire_time + Scenario: Expiry time in past + Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + And the request property "$.config.subscriptionExpireTime" is set to a time in the past + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_19_expired_access_token_for_create_subscription - Scenario: Expired access token for create subscription - Given a valid subscription request body and header "Authorization" is expired - When the request "createSubscription" is sent - Then the response status code is 401 - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + @geofencing_subscription_400.3_invalid_eventType + Scenario: Subscription creation with invalid event type + Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + And the request body property "$.types" is set to an invalid value + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_20_invalid_access_token_for_create_subscription - Scenario: Invalid access token for create subscription - Given a valid subscription request body - And header "Authorization" set to an invalid access token - When the request "createSubscription" is sent - Then the response status code is 401 - And the response header "Content-Type" is "application/json" - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + @geofencing_subscription_400.4_invalid_protocol + Scenario: subscription creation with invalid protocol + Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + And the request property "$.protocol" is not equal to "HTTP" + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_PROTOCOL" And the response property "$.message" contains a user friendly text - - @geofencing_subscriptions_21_no_authorization_header_for_get_subscription - Scenario: No Authorization header for get subscription - Given header "Authorization" is not set to valid token - And path parameter "subscriptionId" is set to the identifier of an existing subscription - When the request "retrieveGeofencingSubscription" is sent - Then the response status code is 401 - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + + @geofencing_subscription_400.5_create_subscription_with_invalid_credential_type + Scenario: subscription creation with invalid credential type + Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + And the request property "$.sinkCredential.accessTokenType" is equal to "bearer" + And the request property "$.sinkCredential.credentialType" is not equal to "ACCESSTOKEN" + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_CREDENTIAL" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_22_expired_access_token_for_get_subscription - Scenario: Expired access token for get subscription - Given the header "Authorization" is set to expired token - When the request "retrieveGeofencingSubscription" is sent - Then the response status code is 401 - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + @geofencing_subscription_400.6_create_subscription_with_invalid_access_token_type + Scenario: subscription creation with invalid token + Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + And the request property "$.sinkCredential.credentialType" is equal to "ACCESSTOKEN" + And the request property "$.sinkCredential.accessTokenType" is not equal to "bearer" + When the request "createGeofencingSubscription" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_TOKEN" And the response property "$.message" contains a user friendly text - - @geofencing_subscriptions_23_invalid_access_token_for_get_subscription - Scenario: Invalid access token for get subscription - Given the header "Authorization" set to an invalid access token - When the request "retrieveGeofencingSubscription" is sent + +################## +# Error code 401 +################## + + @geofencing_subscription_creation_401.1_no_authorization_header + Scenario: No Authorization header + Given the header "Authorization" is removed + And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + When the request "createGeofencingSubscription" is sent Then the response status code is 401 And the response header "Content-Type" is "application/json" And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" - And the response property "$.message" contains a user friendly text - - @geofencing_subscriptions_23_no_authorization_header_for_delete_subscription - Scenario: No Authorization header for delete subscription - Given header "Authorization" is set without a token - When the request "deleteGeofencingSubscription" is sent - Then the response status code is 401 - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_24_expired_access_token_for_delete_subscription - Scenario: Expired access token for delete subscription - Given header "Authorization" is set with an expired token - When the request "deleteGeofencingSubscription" is sent + @geofencing_subscription_creation_401.2_expired_access_token + Scenario: Expired access token + Given the header "Authorization" is set to a previously valid but now expired access token + And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + When the request "createGeofencingSubscription" is sent Then the response status code is 401 + And the response header "Content-Type" is "application/json" And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_25_invalid_access_token_for_delete_subscription - Scenario: Invalid access token for delete subscription - Given header "Authorization" set to an invalid access token - When the request "deleteGeofencingSubscription" is sent + @geofencing_subscription_creation_401.3_malformed_access_token + Scenario: Malformed access token + Given the header "Authorization" is set to a malformed token + And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + When the request "createGeofencingSubscription" is sent Then the response status code is 401 And the response header "Content-Type" is "application/json" And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_26_get_unknown_geofencing_subscription_for_a_device - Scenario: Get method for geofencing subscription with subscription-id unknown to the system - Given the path parameter "subscriptionId" is set to the value unknown to system +################## +# Error code 401 +################## + + @geofencing_subscription_404.1_retrieve_unknown_subscription_id + Scenario: Get subscription when subscriptionId is unknown to the system + Given that there is no valid subscription with "subscriptionId" equal to "id" When the request "retrieveGeofencingSubscription" is sent - Then the response code is 404 + And the path parameter "subscriptionId" is equal to "id" + Then the response status code is 404 And the response property "$.status" is 404 And the response property "$.code" is "NOT_FOUND" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_27_delete_invalid_geofencing_subscription_for_a_device - Scenario: Delete geofencing subscription with subscription-id unknown to the system - Given the path parameter "subscriptionId" is set to the value unknown to system + @geofencing_subscription_404.2_delete_unknown_subscription_id + Scenario: Delete subscription with subscriptionId unknown to the system + Given that there is no valid subscription with "subscriptionId" equal to "id" When the request "deleteGeofencingSubscription" is sent + And the path parameter "subscriptionId" is equal to "id" Then the response code is 404 And the response property "$.status" is 404 And the response property "$.code" is "NOT_FOUND" And the response property "$.message" contains a user friendly text - @geofencing_subscriptions_28_create_with_an_unsupported_area - Scenario: Create subscription with an invalid area - Given the request body property "$.area" is set to an unsupported or invalid area - When the HTTP "POST" request is sent +################## +# Error code 422 +################## + + @geofencing_subscriptions_422.1_create_with_an_unsupported_area + Scenario: Create subscription with an unsupported area + Given the request body property "$.area" is set to an unsupported / uncovered area + When the request "createGeofencingSubscription" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "GEOFENCING_SUBSCRIPTIONS.AREA_NOT_COVERED" And the response property "$.message" contains "Unable to cover the requested area" - @geofencing_subscriptions_29_create_with_identifier_mismatch - Scenario: Create subscription with identifier mismatch - Given the request body includes inconsistent identifiers - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "IDENTIFIER_MISMATCH" - And the response property "$.message" contains "Identifiers are not consistent." - - @geofencing_subscriptions_30_create_with_service_not_applicable - Scenario: Create subscription for a device not supported by the service - Given the request body includes a device identifier not applicable for this service - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "SERVICE_NOT_APPLICABLE" - And the response property "$.message" contains "Service is not available for the provided device identifier." - - @geofencing_subscriptions_31_create_with_unnecessary_identifier - Scenario: Create subscription with an unnecessary identifier - Given the request body explicitly includes a device identifier when it is not required - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "UNNECESSARY_IDENTIFIER" - And the response property "$.message" contains "Device is already identified by the access token." - - @geofencing_subscriptions_32_create_with_unsupported_identifier - Scenario: Create subscription with an unsupported identifier - Given the request body includes an identifier type not supported by the implementation - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" - And the response property "$.message" contains "The identifier provided is not supported." - - @geofencing_subscriptions_33_create_with_an_invalid_area + @geofencing_subscriptions_422.2_create_with_an_invalid_area Scenario: Create subscription with an invalid area Given the request body property "$.area" is set with an too small area-size - When the HTTP "POST" request is sent + When the request "createGeofencingSubscription" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "GEOFENCING_SUBSCRIPTIONS.INVALID_AREA" - And the response property "$.message" contains "The requested area is too small" - - @geofencing_subscriptions_33_missing_device - Scenario: Device not included and cannot be deduced from the access token - Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is not included - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "MISSING_IDENTIFIER" - And the response property "$.message" contains a user-friendly text + And the response property "$.message" contains "The requested area is too small" \ No newline at end of file diff --git a/code/Test_definitions/location-retrieval.feature b/code/Test_definitions/location-retrieval.feature index 98c7ad59..81468ef7 100644 --- a/code/Test_definitions/location-retrieval.feature +++ b/code/Test_definitions/location-retrieval.feature @@ -18,90 +18,70 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the header "x-correlator" is set to a UUID value And the request body is set by default to a request body compliant with the schema - # Happy path scenarios +########################## +# Happy path scenarios +########################## # This first scenario serves as a minimum - @location_retrieval_01_generic_success_scenario + @location_retrieval_200_generic_success_scenario Scenario: Common validations for any success scenario # Valid testing device and default request body compliant with the schema - # Not that in case the device is identifed by the token the body could be {} + # Not that in case the device is identified by the token the body could be {} Given a valid testing device supported by the service, identified by the token or provided in the request body And the request body is set to a valid request body - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" # The response has to comply with the generic response schema which is part of the spec - And the response body complies with the OAS schema at "/components/schemas/Location" + And the response body complies with the OAS schema at "#/components/schemas/Location" - # Scenarios testing specific situations for the device location +################# +# Scenarios testing specific situations for the device location +################### - @location_retrieval_02_location_retrieval_for_device_no_maxAge + @location_retrieval_200.1_location_retrieval_for_device_no_maxAge Scenario: Retrieve location of a device without specifying maxAge Given a valid testing device supported by the service, identified by the token or provided in the request body And the request body property "$.maxAge" is not included - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "/components/schemas/Location" + And the response body complies with the OAS schema at "#/components/schemas/Location" - @location_retrieval_03_location_retrieval_for_device_with_maxAge + @location_retrieval_200.2_location_retrieval_for_device_with_maxAge Scenario: Retrieve location of a device specifying maxAge # maxAge could be tested with several values with scenario variable Given a valid testing device supported by the service, identified by the token or provided in the request body And the request body property "$.device" is set to a valid testing device supported by the service And the request body property "$.maxAge" is included - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "/components/schemas/Location" + And the response body complies with the OAS schema at "#/components/schemas/Location" And the response property "$.lastLocationTime" value is not older than the value of "$.maxAge" the request time - @location_retrieval_04_location_retrieval_unable_to_locate_device - # Input set to a device that could not be located - Scenario: Unable to provide device location - Given a valid testing device which cannot be located by the network, identified by the token or provided in the request body - And the request body property "$.maxAge" is not included - When the HTTP "POST" request is sent - Then the response status code is 404 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response property "$.status" is 404 - And the response property "$.code" is "LOCATION_RETRIEVAL.DEVICE_NOT_FOUND" - And the response property "$.message" contains a user friendly text - - @location_retrieval_05_location_retrieval_unable_to_locate_device_with_required_freshness - Scenario: Unable to provide device location with required maxAge - Given the testing device, identified by the token or provided in the request, is not connected to the network for some time - And request body property "$.device" is set to a valid testing device which is not connected to the network for some time - And the request body property "$.maxAge" is set to a value shorter than that time - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response property "$.status" is 422 - And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_AGE" - And the response property "$.message" contains a user friendly text +################# +# Error scenarios for management of input parameter device +################### - # Error scenarios for object device - - @location_retrieval_10_device_empty + @location_retrieval_C01.01_device_empty Scenario: The device value is an empty object Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is set to: {} - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @location_retrieval_11_device_identifiers_not_schema_compliant + @location_retrieval_C01.02_device_identifiers_not_schema_compliant Scenario Outline: Some device identifier value does not comply with the schema Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "" does not comply with the OAS schema at "" - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" @@ -114,134 +94,104 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation | $.device.ipv6Address | /components/schemas/DeviceIpv6Address | | $.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | - @location_retrieval_11.1_device_phoneNumber_schema_compliant - # Example of the scenario above with a higher level of specification - # TBD if test plan has to provide specific testing values to provoke an error - Scenario Outline: Device identifier phoneNumber value does not comply with the schema - Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device.phoneNumber" is set to: - When the HTTP "POST" request is sent - Then the response status code is 400 - And the response property "$.status" is 400 - And the response property "$.code" is "INVALID_ARGUMENT" - And the response property "$.message" contains a user friendly text - - Examples: - | phone_number_value | - | string_value | - | 1234567890 | - | +12334foo22222 | - | +00012230304913849 | - | 123 | - | ++49565456787 | - - @location_retrieval_12_device_identifiers_unsupported - Scenario: None of the provided device identifiers is supported by the implementation - Given that some type of device identifiers are not supported by the implementation - And the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" only includes device identifiers not supported by the implementation - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "UNSUPPORTED_IDENTIFIERS" - And the response property "$.message" contains a user friendly text - - @location_retrieval_13_device_not_found + @location_retrieval_C01.03_device_not_found Scenario: Some identifier cannot be matched to a device - Given the request body property "$.device" is set to a value compliant to the OAS schema at "/components/schemas/Device" but does not identify a valid device - And the header "Authorization" is set to a valid access token which does not identify a single device - When the HTTP "POST" request is sent + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is compliant with the schema, but does not identify a device whose connectivity is managed by the API provider + When the request "retrieveLocation" is sent Then the response status code is 404 And the response property "$.status" is 404 And the response property "$.code" is "IDENTIFIER_NOT_FOUND" And the response property "$.message" contains a user friendly text - @location_retrieval_14_device_identifiers_mismatch - Scenario: Device identifiers mismatch - # To test this, at least 2 types of identifiers have to be provided, e.g. a phoneNumber and the IP address of a device associated to a different phoneNumber - Given that config_var "identifier_types_unsupported" contains at least 2 items - And the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" includes several identifiers, each of them identifying a valid but different device - When the HTTP "POST" request is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "IDENTIFIER_MISMATCH" - And the response property "$.message" contains a user friendly text - - @location_retrieval_15_unnecessary_device + @location_retrieval_C01.04_unnecessary_device Scenario: Device not to be included when it can be deduced from the access token Given the header "Authorization" is set to a valid access token identifying a device - And the request body property "$.device" is set to a valid device - When the HTTP "POST" request is sent + And the request body property "$.device" is set to a valid device, which may or may not be the same device that is identified by the access token + When the request "retrieveLocation" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "UNNECESSARY_IDENTIFIER" - And the response property "$.message" contains a user friendly text + And the response property "$.message" contains a user-friendly text - @location_retrieval_16_device_not_supported - Scenario: Service not available for the device - Given that the service is not available for all devices commercialized by the operator - And a valid device, identified by the token or provided in the request body, for which the service is not applicable - When the HTTP "POST" request is sent + @location_retrieval_C01.05_missing_device + Scenario: Device not included and cannot be deduced from the access token + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is not included + When the request "retrieveLocation" is sent Then the response status code is 422 And the response property "$.status" is 422 - And the response property "$.code" is "SERVICE_NOT_APPLICABLE" - And the response property "$.message" contains a user friendly text + And the response property "$.code" is "MISSING_IDENTIFIER" + And the response property "$.message" contains a user-friendly text - @location_retrieval_17_device_identifier_missing - Scenario: Required device identifier is missing - Given the request body property "$.device" is not included + @location_retrieval_C01.06_unsupported_device + Scenario: None of the provided device identifiers is supported by the implementation + Given that some types of device identifiers are not supported by the implementation And the header "Authorization" is set to a valid access token which does not identify a single device - When the HTTP "POST" request is sent + And the request body property "$.device" only includes device identifiers not supported by the implementation + When the request "retrieveLocation" is sent Then the response status code is 422 And the response property "$.status" is 422 - And the response property "$.code" is "MISSING_IDENTIFIER" - And the response property "$.message" contains a user friendly text + And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" + And the response property "$.message" contains a user-friendly text - # Scenario specific to maxSurface + # When the service is only offered to certain types of devices or subscriptions, e.g. IoT, B2C, etc. + @location_retrieval_C01.07_device_not_supported + Scenario: Service not available for the device + Given that the service is not available for all devices commercialized by the API provider + And a valid device, identified by the token or provided in the request body, for which the service is not applicable + And a valid device, provided in the request body, for which the service is not applicable + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "SERVICE_NOT_APPLICABLE" + And the response property "$.message" contains a user-friendly text - @location_retireval_18_unable_to_fulfill_max_surface - Scenario: Unable to provide device location with required maxSurface - Given the testing device, identified by the token or provided in the request, is located within a surface of certain area - And the request body property "$.maxSurface" is set to a value smaller than that area - When the HTTP "POST" request is sent + # Several identifiers provided but they do not identify the same device + # This scenario may happen with 2-legged access tokens, which do not identify a device + @location_retrieval_C01.08_device_identifiers_mismatch + Scenario: Device identifiers mismatch + Given the header "Authorization" is set to a valid access token which does not identify a single device + And at least 2 types of device identifiers are supported by the implementation + And the request body property "$.device" includes several identifiers, each of them identifying a valid but different device + When the request "retrieveLocation" is sent Then the response status code is 422 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" And the response property "$.status" is 422 - And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_SURFACE" + And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text - - # Generic 400 errors + +################# +# Error code 400 +################# @location_retrieval_400.1_no_request_body Scenario: Missing request body Given the request body is not included - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - # Other specific 400 errors - - @location_retrieval_400.3_max_age_schema_compliant + @location_retrieval_400.2_max_age_schema_compliant Scenario: Input property values doe not comply with the schema Given a valid testing device supported by the service, identified by the token or provided in the request body And the "maxAge" is set to 6a0 - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - # Generic 401 errors +################# +# Error code 401 +################# @location_retrieval_401.1_no_authorization_header Scenario: No Authorization header Given the header "Authorization" is removed And the request body is set to a valid request body - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 401 And the response property "$.status" is 401 And the response property "$.code" is "UNAUTHENTICATED" @@ -251,7 +201,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation Scenario: Expired access token Given the header "Authorization" is set to an expired access token And the request body is set to a valid request body - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 401 And the response property "$.status" is 401 And the response property "$.code" is "UNAUTHENTICATED" @@ -261,19 +211,69 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation Scenario: Invalid access token Given the header "Authorization" is set to an invalid access token And the request body is set to a valid request body - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 401 And the response header "Content-Type" is "application/json" And the response property "$.status" is 401 And the response property "$.code" is "UNAUTHENTICATED" And the response property "$.message" contains a user friendly text +################# +# Error code 403 +################# + @location_retrieval_403_missing_scope Scenario: Missing scope in the access token Given the header "Authorization" is set to an access token without the required scope And the request body is set to a valid request body - When the HTTP "POST" request is sent + When the request "retrieveLocation" is sent Then the response status code is 403 And the response property "$.status" is 403 And the response property "$.code" is "PERMISSION_DENIED" And the response property "$.message" contains a user friendly text + +################# +# Error code 404 +################# + + @location_retrieval_404_unable_to_locate_device + # Input set to a device that could not be located + Scenario: Unable to provide device location + Given a valid testing device which cannot be located by the network, identified by the token or provided in the request body + And the request body property "$.maxAge" is not included + When the request "retrieveLocation" is sent + Then the response status code is 404 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response property "$.status" is 404 + And the response property "$.code" is "LOCATION_RETRIEVAL.DEVICE_NOT_FOUND" + And the response property "$.message" contains a user friendly text + +################# +# HTTP - 422 +################# + + @location_retrieval_422.1_unable_to_fulfill_max_surface + Scenario: Unable to provide device location with required maxSurface + Given the testing device, identified by the token or provided in the request, is located within a surface of certain area + And the request body property "$.maxSurface" is set to a value smaller than that area + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response property "$.status" is 422 + And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_SURFACE" + And the response property "$.message" contains a user friendly text + + @location_retrieval_422.2_unable_to_locate_device_with_required_freshness + Scenario: Unable to provide device location with required maxAge + Given the testing device, identified by the token or provided in the request, is not connected to the network for some time + And request body property "$.device" is set to a valid testing device which is not connected to the network for some time + And the request body property "$.maxAge" is set to a value shorter than that time + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response property "$.status" is 422 + And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_AGE" + And the response property "$.message" contains a user friendly text \ No newline at end of file diff --git a/code/Test_definitions/location-verification.feature b/code/Test_definitions/location-verification.feature index 415f3283..f43ec7fa 100644 --- a/code/Test_definitions/location-verification.feature +++ b/code/Test_definitions/location-verification.feature @@ -18,6 +18,10 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the header "x-correlator" is set to a UUID value And the request body is set by default to a request body compliant with the schema +########################## +# Happy path scenarios +########################## + # This first scenario serves as a minimum, not testing any specific verificationResult @location_verification_01_generic_success_scenario Scenario: Common validations for any success scenario @@ -91,7 +95,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.lastLocationTime" does not exist And the response property "$.matchRate" does not exist - # Error scenarios for management of input parameter device +################# +# Error scenarios for management of input parameter device +################### @location_verification_C01.01_device_empty Scenario: The device value is an empty object @@ -103,7 +109,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @location_verification_C01.02_device_identifiers_not_schema_compliant Scenario Outline: Some device identifier value does not comply with the schema Given the header "Authorization" is set to a valid access token which does not identify a single device @@ -121,7 +126,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio | $.device.ipv6Address | /components/schemas/DeviceIpv6Address | | $.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | - # This scenario may happen e.g. with 2-legged access tokens, which do not identify a single device. @location_verification_C01.03_device_not_found Scenario: Some identifier cannot be matched to a device @@ -133,7 +137,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "IDENTIFIER_NOT_FOUND" And the response property "$.message" contains a user friendly text - @location_verification_C02.04_unnecessary_device Scenario: Device not to be included when it can be deduced from the access token Given the header "Authorization" is set to a valid access token identifying a device @@ -144,7 +147,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "UNNECESSARY_IDENTIFIER" And the response property "$.message" contains a user-friendly text - @location_verification_C01.05_missing_device Scenario: Device not included and cannot be deduced from the access token Given the header "Authorization" is set to a valid access token which does not identify a single device @@ -155,7 +157,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "MISSING_IDENTIFIER" And the response property "$.message" contains a user-friendly text - @location_verification_C01.06_unsupported_device Scenario: None of the provided device identifiers is supported by the implementation Given that some types of device identifiers are not supported by the implementation @@ -167,7 +168,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" And the response property "$.message" contains a user-friendly text - # When the service is only offered to certain types of devices or subscriptions, e.g. IoT, B2C, etc. @location_verification_C01.07_device_not_supported Scenario: Service not available for the device @@ -179,7 +179,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "SERVICE_NOT_APPLICABLE" And the response property "$.message" contains a user-friendly text - # Several identifiers provided but they do not identify the same device # This scenario may happen with 2-legged access tokens, which do not identify a device @location_verification_C01.08_device_identifiers_mismatch @@ -193,7 +192,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text - # Generic 400 errors +################# +# Error code 400 +################# @location_verification_400.1_no_request_body Scenario: Missing request body @@ -213,8 +214,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - # Other specific 400 errors - @location_verification_400.3_other_input_properties_schema_not_compliant # Test other input properties in addition to device Scenario Outline: Input property values doe not comply with the schema @@ -251,7 +250,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio | $.area.center.longitude | | $.area.radius | - # Generic 401 errors +################# +# Error code 401 +################# @location_verification_401.1_no_authorization_header Scenario: No Authorization header @@ -284,7 +285,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "UNAUTHENTICATED" And the response property "$.message" contains a user friendly text - # Generic 403 error +################# +# Error code 403 +################# @location_verification_403_missing_scope Scenario: Missing scope in the access token @@ -296,7 +299,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "PERMISSION_DENIED" And the response property "$.message" contains a user friendly text - # 422 error codes +################# +# Error code 422 +################# @location_verification_422.1_area_not_covered Scenario: Area not covered @@ -309,12 +314,11 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "LOCATION_VERIFICATION.AREA_NOT_COVERED" And the response property "$.message" contains a user-friendly text - @location_verification_422.2_area_too_small Scenario: Area too small - Given that there is a minimum radius allowed by the implementation + Given that there is a minimum radius allowed by the implementation And a valid testing device supported by the service identified, by the token or provided in the request body - And the request body property "$.area.areaType" is set to "CIRCLE" + And the request body property "$.area.areaType" is set to "CIRCLE" And the request body property "$.area.center" is set to a location covered by the implementation And the request body property "$.area.radius" is set to a value smaller than the minimum allowed And the request body property "$.maxAge" is not included @@ -324,7 +328,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "LOCATION_VERIFICATION.INVALID_AREA" And the response property "$.message" contains a user-friendly text - @location_verification_422.3_unable_to_fulfill_max_age Scenario: Unable to fulfill max age Given a valid testing device supported by the service, identified by the token or provided in the request body, with no historical location information for some time @@ -334,4 +337,4 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "LOCATION_VERIFICATION.UNABLE_TO_FULFILL_MAX_AGE" - And the response property "$.message" contains a user-friendly text + And the response property "$.message" contains a user-friendly text \ No newline at end of file From cf7ab3409ba2771b9641cd3175be36e0cf9c4d61 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Tue, 20 May 2025 09:32:11 +0200 Subject: [PATCH 02/31] fix: rename operation to createGeofencingSubscriptions --- .../geofencing-subscriptions.feature | 44 +++++++++---------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 8f0bb048..83b792a7 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -26,7 +26,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario Outline: Synchronous subscription creation with 2-legged-token Given the header "Authorization" is set to a valid access token which does not identify any device And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent And request property "$.types" is one of the allowed values "" And request property "$.protocol" is equal to "HTTP" And a valid phone number identified by "$.config.subscriptionDetail.device.phoneNumber" @@ -48,7 +48,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # Some implementations may only support asynchronous subscription creation Given the header "Authorization" is set to a valid access token which identifies a valid device And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent And request property "$.types" is one of the allowed values "" And request property "$.protocol" is equal to "HTTP" And request property "$.sink" is set to a valid callbackUrl @@ -70,7 +70,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario Outline: Asynchronous subscription creation with 2- or 3-legged access token Given a valid target device, identified by either the access token or in the request body And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent And request property "$.types" is one of the allowed values "" And request property "$.protocol" is equal to "HTTP" And request property "$.sink" is set to a valid callbackUrl @@ -223,7 +223,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: The device value is an empty object Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is set to: {} - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" @@ -233,7 +233,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario Outline: Some device identifier value does not comply with the schema Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "" does not comply with the OAS schema at "" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" @@ -251,7 +251,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Some identifier cannot be matched to a device Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is compliant with the schema but does not identify a device whose connectivity is managed by the API provider - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 404 And the response property "$.status" is 404 And the response property "$.code" is "IDENTIFIER_NOT_FOUND" @@ -261,7 +261,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Device not to be included when it can be deduced from the access token Given the header "Authorization" is set to a valid access token identifying a device And the request body property "$.device" is also set to a valid device, which may or may not be the same device - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "UNNECESSARY_IDENTIFIER" @@ -271,7 +271,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Device not included and cannot be deduced from the access token Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is not included - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "MISSING_IDENTIFIER" @@ -282,7 +282,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given that some types of device identifiers are not supported by the implementation And the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" only includes device identifiers not supported by the implementation - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" @@ -293,7 +293,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Service not available for the device Given that the service is not available for all devices commercialized by the operator And a valid device, identified by the token or provided in the request body, for which the service is not applicable - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "SERVICE_NOT_APPLICABLE" @@ -306,7 +306,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given the header "Authorization" is set to a valid access token which does not identify a single device And at least 2 types of device identifiers are supported by the implementation And the request body property "$.device" includes several identifiers, each of them identifying a valid but different device - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "IDENTIFIER_MISMATCH" @@ -319,7 +319,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscription_400.1_create_subscription_with_invalid_parameter Scenario: Create subscription with invalid parameter Given the request body is not compliant with the schema "#/components/schemas/SubscriptionRequest" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" @@ -329,7 +329,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Expiry time in past Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" And the request property "$.config.subscriptionExpireTime" is set to a time in the past - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" @@ -339,7 +339,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Subscription creation with invalid event type Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" And the request body property "$.types" is set to an invalid value - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" @@ -349,7 +349,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: subscription creation with invalid protocol Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" And the request property "$.protocol" is not equal to "HTTP" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_PROTOCOL" @@ -360,7 +360,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" And the request property "$.sinkCredential.accessTokenType" is equal to "bearer" And the request property "$.sinkCredential.credentialType" is not equal to "ACCESSTOKEN" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_CREDENTIAL" @@ -371,7 +371,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" And the request property "$.sinkCredential.credentialType" is equal to "ACCESSTOKEN" And the request property "$.sinkCredential.accessTokenType" is not equal to "bearer" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_TOKEN" @@ -385,7 +385,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: No Authorization header Given the header "Authorization" is removed And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 401 And the response header "Content-Type" is "application/json" And the response property "$.status" is 401 @@ -396,7 +396,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Expired access token Given the header "Authorization" is set to a previously valid but now expired access token And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 401 And the response header "Content-Type" is "application/json" And the response property "$.status" is 401 @@ -407,7 +407,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Malformed access token Given the header "Authorization" is set to a malformed token And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 401 And the response header "Content-Type" is "application/json" And the response property "$.status" is 401 @@ -445,7 +445,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_422.1_create_with_an_unsupported_area Scenario: Create subscription with an unsupported area Given the request body property "$.area" is set to an unsupported / uncovered area - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "GEOFENCING_SUBSCRIPTIONS.AREA_NOT_COVERED" @@ -454,7 +454,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_422.2_create_with_an_invalid_area Scenario: Create subscription with an invalid area Given the request body property "$.area" is set with an too small area-size - When the request "createGeofencingSubscription" is sent + When the request "createGeofencingSubscriptions" is sent Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "GEOFENCING_SUBSCRIPTIONS.INVALID_AREA" From b42424e9cafc6ecd99ba5edb23c8c51d54827087 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Wed, 11 Jun 2025 23:26:49 +0200 Subject: [PATCH 03/31] Update code/Test_definitions/location-retrieval.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/location-retrieval.feature | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/code/Test_definitions/location-retrieval.feature b/code/Test_definitions/location-retrieval.feature index 81468ef7..926296dc 100644 --- a/code/Test_definitions/location-retrieval.feature +++ b/code/Test_definitions/location-retrieval.feature @@ -255,7 +255,8 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation @location_retrieval_422.1_unable_to_fulfill_max_surface Scenario: Unable to provide device location with required maxSurface - Given the testing device, identified by the token or provided in the request, is located within a surface of certain area + Given the testing device, identified by the token or provided in the request, is located by the network operator within a surface of certain area + And the request body property "$.maxSurface" is set to a value smaller than that area When the request "retrieveLocation" is sent Then the response status code is 422 From 5bffa73ca04552df83ca20b0d29918070c36cf92 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Wed, 11 Jun 2025 23:26:55 +0200 Subject: [PATCH 04/31] Update code/Test_definitions/location-retrieval.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/location-retrieval.feature | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/code/Test_definitions/location-retrieval.feature b/code/Test_definitions/location-retrieval.feature index 926296dc..a965184d 100644 --- a/code/Test_definitions/location-retrieval.feature +++ b/code/Test_definitions/location-retrieval.feature @@ -239,7 +239,8 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation @location_retrieval_404_unable_to_locate_device # Input set to a device that could not be located Scenario: Unable to provide device location - Given a valid testing device which cannot be located by the network, identified by the token or provided in the request body + Given a valid testing device which cannot be located by the network operator, identified by the token or provided in the request body + And the request body property "$.maxAge" is not included When the request "retrieveLocation" is sent Then the response status code is 404 From c68fc3d1fdcd7a562f08f75c05030baf489e77d5 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Wed, 11 Jun 2025 23:30:07 +0200 Subject: [PATCH 05/31] style: update scenarios comment line --- code/Test_definitions/geofencing-subscriptions.feature | 4 +--- code/Test_definitions/location-retrieval.feature | 4 +--- code/Test_definitions/location-verification.feature | 4 +--- 3 files changed, 3 insertions(+), 9 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 83b792a7..21d89783 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -18,9 +18,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the header "x-correlator" is set to a UUID value And the request body is set by default to a request body compliant with the schema -########################## -# Happy path scenarios -########################## + # Success scenarios @geofencing_subscriptions_01.1_sync_creation_2legs Scenario Outline: Synchronous subscription creation with 2-legged-token diff --git a/code/Test_definitions/location-retrieval.feature b/code/Test_definitions/location-retrieval.feature index a965184d..d9d8fe0c 100644 --- a/code/Test_definitions/location-retrieval.feature +++ b/code/Test_definitions/location-retrieval.feature @@ -18,9 +18,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the header "x-correlator" is set to a UUID value And the request body is set by default to a request body compliant with the schema -########################## -# Happy path scenarios -########################## + # Success scenarios # This first scenario serves as a minimum @location_retrieval_200_generic_success_scenario diff --git a/code/Test_definitions/location-verification.feature b/code/Test_definitions/location-verification.feature index f43ec7fa..969ba8a5 100644 --- a/code/Test_definitions/location-verification.feature +++ b/code/Test_definitions/location-verification.feature @@ -18,9 +18,7 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the header "x-correlator" is set to a UUID value And the request body is set by default to a request body compliant with the schema -########################## -# Happy path scenarios -########################## + # Success scenarios # This first scenario serves as a minimum, not testing any specific verificationResult @location_verification_01_generic_success_scenario From 81e27bd02c54e03b0d6f0d50fc3649dbf9cb30d6 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Wed, 11 Jun 2025 23:34:12 +0200 Subject: [PATCH 06/31] fix: remove duplicated line --- .../location-retrieval.feature | 555 +++++++++--------- 1 file changed, 277 insertions(+), 278 deletions(-) diff --git a/code/Test_definitions/location-retrieval.feature b/code/Test_definitions/location-retrieval.feature index d9d8fe0c..c59945b4 100644 --- a/code/Test_definitions/location-retrieval.feature +++ b/code/Test_definitions/location-retrieval.feature @@ -1,279 +1,278 @@ -Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation - # Input to be provided by the implementation to the tester - # - # Implementation indications: - # * List of device identifier types which are not supported, among: phoneNumber, networkAccessIdentifier, ipv4Address, ipv6Address - # - # Testing assets: - # * A device object which location is known by the network when connected. 2 distinct device are required for some scenario. - # * A device object identifying a device commercialized by the implementation for which the service is not applicable - # * A device object which location cannot be provided during test by the network. - # - # References to OAS spec schemas refer to schemas specifies in location-retrieval.yaml - - Background: Common retrieveLocation setup - Given the resource "/location-retrieval/vwip/retrieve" | - And the header "Content-Type" is set to "application/json" - And the header "Authorization" is set to a valid access token - And the header "x-correlator" is set to a UUID value - And the request body is set by default to a request body compliant with the schema - - # Success scenarios - - # This first scenario serves as a minimum - @location_retrieval_200_generic_success_scenario - Scenario: Common validations for any success scenario - # Valid testing device and default request body compliant with the schema - # Not that in case the device is identified by the token the body could be {} - Given a valid testing device supported by the service, identified by the token or provided in the request body - And the request body is set to a valid request body - When the request "retrieveLocation" is sent - Then the response status code is 200 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - # The response has to comply with the generic response schema which is part of the spec - And the response body complies with the OAS schema at "#/components/schemas/Location" - -################# -# Scenarios testing specific situations for the device location -################### - - @location_retrieval_200.1_location_retrieval_for_device_no_maxAge - Scenario: Retrieve location of a device without specifying maxAge - Given a valid testing device supported by the service, identified by the token or provided in the request body - And the request body property "$.maxAge" is not included - When the request "retrieveLocation" is sent - Then the response status code is 200 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "#/components/schemas/Location" - - @location_retrieval_200.2_location_retrieval_for_device_with_maxAge - Scenario: Retrieve location of a device specifying maxAge - # maxAge could be tested with several values with scenario variable - Given a valid testing device supported by the service, identified by the token or provided in the request body - And the request body property "$.device" is set to a valid testing device supported by the service - And the request body property "$.maxAge" is included - When the request "retrieveLocation" is sent - Then the response status code is 200 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "#/components/schemas/Location" - And the response property "$.lastLocationTime" value is not older than the value of "$.maxAge" the request time - -################# -# Error scenarios for management of input parameter device -################### - - @location_retrieval_C01.01_device_empty - Scenario: The device value is an empty object - Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is set to: {} - When the request "retrieveLocation" is sent - Then the response status code is 400 - And the response property "$.status" is 400 - And the response property "$.code" is "INVALID_ARGUMENT" - And the response property "$.message" contains a user friendly text - - @location_retrieval_C01.02_device_identifiers_not_schema_compliant - Scenario Outline: Some device identifier value does not comply with the schema - Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "" does not comply with the OAS schema at "" - When the request "retrieveLocation" is sent - Then the response status code is 400 - And the response property "$.status" is 400 - And the response property "$.code" is "INVALID_ARGUMENT" - And the response property "$.message" contains a user friendly text - - Examples: - | device_identifier | oas_spec_schema | - | $.device.phoneNumber | /components/schemas/PhoneNumber | - | $.device.ipv4Address | /components/schemas/DeviceIpv4Addr | - | $.device.ipv6Address | /components/schemas/DeviceIpv6Address | - | $.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | - - @location_retrieval_C01.03_device_not_found - Scenario: Some identifier cannot be matched to a device - Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is compliant with the schema, but does not identify a device whose connectivity is managed by the API provider - When the request "retrieveLocation" is sent - Then the response status code is 404 - And the response property "$.status" is 404 - And the response property "$.code" is "IDENTIFIER_NOT_FOUND" - And the response property "$.message" contains a user friendly text - - @location_retrieval_C01.04_unnecessary_device - Scenario: Device not to be included when it can be deduced from the access token - Given the header "Authorization" is set to a valid access token identifying a device - And the request body property "$.device" is set to a valid device, which may or may not be the same device that is identified by the access token - When the request "retrieveLocation" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "UNNECESSARY_IDENTIFIER" - And the response property "$.message" contains a user-friendly text - - @location_retrieval_C01.05_missing_device - Scenario: Device not included and cannot be deduced from the access token - Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is not included - When the request "retrieveLocation" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "MISSING_IDENTIFIER" - And the response property "$.message" contains a user-friendly text - - @location_retrieval_C01.06_unsupported_device - Scenario: None of the provided device identifiers is supported by the implementation - Given that some types of device identifiers are not supported by the implementation - And the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" only includes device identifiers not supported by the implementation - When the request "retrieveLocation" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" - And the response property "$.message" contains a user-friendly text - - # When the service is only offered to certain types of devices or subscriptions, e.g. IoT, B2C, etc. - @location_retrieval_C01.07_device_not_supported - Scenario: Service not available for the device - Given that the service is not available for all devices commercialized by the API provider - And a valid device, identified by the token or provided in the request body, for which the service is not applicable - And a valid device, provided in the request body, for which the service is not applicable - When the request "retrieveLocation" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "SERVICE_NOT_APPLICABLE" - And the response property "$.message" contains a user-friendly text - - # Several identifiers provided but they do not identify the same device - # This scenario may happen with 2-legged access tokens, which do not identify a device - @location_retrieval_C01.08_device_identifiers_mismatch - Scenario: Device identifiers mismatch - Given the header "Authorization" is set to a valid access token which does not identify a single device - And at least 2 types of device identifiers are supported by the implementation - And the request body property "$.device" includes several identifiers, each of them identifying a valid but different device - When the request "retrieveLocation" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "IDENTIFIER_MISMATCH" - And the response property "$.message" contains a user friendly text - -################# -# Error code 400 -################# - - @location_retrieval_400.1_no_request_body - Scenario: Missing request body - Given the request body is not included - When the request "retrieveLocation" is sent - Then the response status code is 400 - And the response property "$.status" is 400 - And the response property "$.code" is "INVALID_ARGUMENT" - And the response property "$.message" contains a user friendly text - - @location_retrieval_400.2_max_age_schema_compliant - Scenario: Input property values doe not comply with the schema - Given a valid testing device supported by the service, identified by the token or provided in the request body - And the "maxAge" is set to 6a0 - When the request "retrieveLocation" is sent - Then the response status code is 400 - And the response property "$.status" is 400 - And the response property "$.code" is "INVALID_ARGUMENT" - And the response property "$.message" contains a user friendly text - -################# -# Error code 401 -################# - - @location_retrieval_401.1_no_authorization_header - Scenario: No Authorization header - Given the header "Authorization" is removed - And the request body is set to a valid request body - When the request "retrieveLocation" is sent - Then the response status code is 401 - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" - And the response property "$.message" contains a user friendly text - - @location_retrieval_401.2_expired_access_token - Scenario: Expired access token - Given the header "Authorization" is set to an expired access token - And the request body is set to a valid request body - When the request "retrieveLocation" is sent - Then the response status code is 401 - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" - And the response property "$.message" contains a user friendly text - - @location_retrieval_401.3_invalid_access_token - Scenario: Invalid access token - Given the header "Authorization" is set to an invalid access token - And the request body is set to a valid request body - When the request "retrieveLocation" is sent - Then the response status code is 401 - And the response header "Content-Type" is "application/json" - And the response property "$.status" is 401 - And the response property "$.code" is "UNAUTHENTICATED" - And the response property "$.message" contains a user friendly text - -################# -# Error code 403 -################# - - @location_retrieval_403_missing_scope - Scenario: Missing scope in the access token - Given the header "Authorization" is set to an access token without the required scope - And the request body is set to a valid request body - When the request "retrieveLocation" is sent - Then the response status code is 403 - And the response property "$.status" is 403 - And the response property "$.code" is "PERMISSION_DENIED" - And the response property "$.message" contains a user friendly text - -################# -# Error code 404 -################# - - @location_retrieval_404_unable_to_locate_device - # Input set to a device that could not be located - Scenario: Unable to provide device location - Given a valid testing device which cannot be located by the network operator, identified by the token or provided in the request body - - And the request body property "$.maxAge" is not included - When the request "retrieveLocation" is sent - Then the response status code is 404 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response property "$.status" is 404 - And the response property "$.code" is "LOCATION_RETRIEVAL.DEVICE_NOT_FOUND" - And the response property "$.message" contains a user friendly text - -################# -# HTTP - 422 -################# - - @location_retrieval_422.1_unable_to_fulfill_max_surface - Scenario: Unable to provide device location with required maxSurface - Given the testing device, identified by the token or provided in the request, is located by the network operator within a surface of certain area - - And the request body property "$.maxSurface" is set to a value smaller than that area - When the request "retrieveLocation" is sent - Then the response status code is 422 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response property "$.status" is 422 - And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_SURFACE" - And the response property "$.message" contains a user friendly text - - @location_retrieval_422.2_unable_to_locate_device_with_required_freshness - Scenario: Unable to provide device location with required maxAge - Given the testing device, identified by the token or provided in the request, is not connected to the network for some time - And request body property "$.device" is set to a valid testing device which is not connected to the network for some time - And the request body property "$.maxAge" is set to a value shorter than that time - When the request "retrieveLocation" is sent - Then the response status code is 422 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response property "$.status" is 422 - And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_AGE" +Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation + # Input to be provided by the implementation to the tester + # + # Implementation indications: + # * List of device identifier types which are not supported, among: phoneNumber, networkAccessIdentifier, ipv4Address, ipv6Address + # + # Testing assets: + # * A device object which location is known by the network when connected. 2 distinct device are required for some scenario. + # * A device object identifying a device commercialized by the implementation for which the service is not applicable + # * A device object which location cannot be provided during test by the network. + # + # References to OAS spec schemas refer to schemas specifies in location-retrieval.yaml + + Background: Common retrieveLocation setup + Given the resource "/location-retrieval/vwip/retrieve" | + And the header "Content-Type" is set to "application/json" + And the header "Authorization" is set to a valid access token + And the header "x-correlator" is set to a UUID value + And the request body is set by default to a request body compliant with the schema + + # Success scenarios + + # This first scenario serves as a minimum + @location_retrieval_200_generic_success_scenario + Scenario: Common validations for any success scenario + # Valid testing device and default request body compliant with the schema + # Not that in case the device is identified by the token the body could be {} + Given a valid testing device supported by the service, identified by the token or provided in the request body + And the request body is set to a valid request body + When the request "retrieveLocation" is sent + Then the response status code is 200 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + # The response has to comply with the generic response schema which is part of the spec + And the response body complies with the OAS schema at "#/components/schemas/Location" + +################# +# Scenarios testing specific situations for the device location +################### + + @location_retrieval_200.1_location_retrieval_for_device_no_maxAge + Scenario: Retrieve location of a device without specifying maxAge + Given a valid testing device supported by the service, identified by the token or provided in the request body + And the request body property "$.maxAge" is not included + When the request "retrieveLocation" is sent + Then the response status code is 200 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response body complies with the OAS schema at "#/components/schemas/Location" + + @location_retrieval_200.2_location_retrieval_for_device_with_maxAge + Scenario: Retrieve location of a device specifying maxAge + # maxAge could be tested with several values with scenario variable + Given a valid testing device supported by the service, identified by the token or provided in the request body + And the request body property "$.device" is set to a valid testing device supported by the service + And the request body property "$.maxAge" is included + When the request "retrieveLocation" is sent + Then the response status code is 200 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response body complies with the OAS schema at "#/components/schemas/Location" + And the response property "$.lastLocationTime" value is not older than the value of "$.maxAge" the request time + +################# +# Error scenarios for management of input parameter device +################### + + @location_retrieval_C01.01_device_empty + Scenario: The device value is an empty object + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is set to: {} + When the request "retrieveLocation" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_ARGUMENT" + And the response property "$.message" contains a user friendly text + + @location_retrieval_C01.02_device_identifiers_not_schema_compliant + Scenario Outline: Some device identifier value does not comply with the schema + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "" does not comply with the OAS schema at "" + When the request "retrieveLocation" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_ARGUMENT" + And the response property "$.message" contains a user friendly text + + Examples: + | device_identifier | oas_spec_schema | + | $.device.phoneNumber | /components/schemas/PhoneNumber | + | $.device.ipv4Address | /components/schemas/DeviceIpv4Addr | + | $.device.ipv6Address | /components/schemas/DeviceIpv6Address | + | $.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | + + @location_retrieval_C01.03_device_not_found + Scenario: Some identifier cannot be matched to a device + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is compliant with the schema, but does not identify a device whose connectivity is managed by the API provider + When the request "retrieveLocation" is sent + Then the response status code is 404 + And the response property "$.status" is 404 + And the response property "$.code" is "IDENTIFIER_NOT_FOUND" + And the response property "$.message" contains a user friendly text + + @location_retrieval_C01.04_unnecessary_device + Scenario: Device not to be included when it can be deduced from the access token + Given the header "Authorization" is set to a valid access token identifying a device + And the request body property "$.device" is set to a valid device, which may or may not be the same device that is identified by the access token + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "UNNECESSARY_IDENTIFIER" + And the response property "$.message" contains a user-friendly text + + @location_retrieval_C01.05_missing_device + Scenario: Device not included and cannot be deduced from the access token + Given the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" is not included + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "MISSING_IDENTIFIER" + And the response property "$.message" contains a user-friendly text + + @location_retrieval_C01.06_unsupported_device + Scenario: None of the provided device identifiers is supported by the implementation + Given that some types of device identifiers are not supported by the implementation + And the header "Authorization" is set to a valid access token which does not identify a single device + And the request body property "$.device" only includes device identifiers not supported by the implementation + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" + And the response property "$.message" contains a user-friendly text + + # When the service is only offered to certain types of devices or subscriptions, e.g. IoT, B2C, etc. + @location_retrieval_C01.07_device_not_supported + Scenario: Service not available for the device + Given that the service is not available for all devices commercialized by the API provider + And a valid device, identified by the token or provided in the request body, for which the service is not applicable + And a valid device, provided in the request body, for which the service is not applicable + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "SERVICE_NOT_APPLICABLE" + And the response property "$.message" contains a user-friendly text + + # Several identifiers provided but they do not identify the same device + # This scenario may happen with 2-legged access tokens, which do not identify a device + @location_retrieval_C01.08_device_identifiers_mismatch + Scenario: Device identifiers mismatch + Given the header "Authorization" is set to a valid access token which does not identify a single device + And at least 2 types of device identifiers are supported by the implementation + And the request body property "$.device" includes several identifiers, each of them identifying a valid but different device + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "IDENTIFIER_MISMATCH" + And the response property "$.message" contains a user friendly text + +################# +# Error code 400 +################# + + @location_retrieval_400.1_no_request_body + Scenario: Missing request body + Given the request body is not included + When the request "retrieveLocation" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_ARGUMENT" + And the response property "$.message" contains a user friendly text + + @location_retrieval_400.2_max_age_schema_compliant + Scenario: Input property values doe not comply with the schema + Given a valid testing device supported by the service, identified by the token or provided in the request body + And the "maxAge" is set to 6a0 + When the request "retrieveLocation" is sent + Then the response status code is 400 + And the response property "$.status" is 400 + And the response property "$.code" is "INVALID_ARGUMENT" + And the response property "$.message" contains a user friendly text + +################# +# Error code 401 +################# + + @location_retrieval_401.1_no_authorization_header + Scenario: No Authorization header + Given the header "Authorization" is removed + And the request body is set to a valid request body + When the request "retrieveLocation" is sent + Then the response status code is 401 + And the response property "$.status" is 401 + And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.message" contains a user friendly text + + @location_retrieval_401.2_expired_access_token + Scenario: Expired access token + Given the header "Authorization" is set to an expired access token + And the request body is set to a valid request body + When the request "retrieveLocation" is sent + Then the response status code is 401 + And the response property "$.status" is 401 + And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.message" contains a user friendly text + + @location_retrieval_401.3_invalid_access_token + Scenario: Invalid access token + Given the header "Authorization" is set to an invalid access token + And the request body is set to a valid request body + When the request "retrieveLocation" is sent + Then the response status code is 401 + And the response header "Content-Type" is "application/json" + And the response property "$.status" is 401 + And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.message" contains a user friendly text + +################# +# Error code 403 +################# + + @location_retrieval_403_missing_scope + Scenario: Missing scope in the access token + Given the header "Authorization" is set to an access token without the required scope + And the request body is set to a valid request body + When the request "retrieveLocation" is sent + Then the response status code is 403 + And the response property "$.status" is 403 + And the response property "$.code" is "PERMISSION_DENIED" + And the response property "$.message" contains a user friendly text + +################# +# Error code 404 +################# + + @location_retrieval_404_unable_to_locate_device + # Input set to a device that could not be located + Scenario: Unable to provide device location + Given a valid testing device which cannot be located by the network operator, identified by the token or provided in the request body + + And the request body property "$.maxAge" is not included + When the request "retrieveLocation" is sent + Then the response status code is 404 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response property "$.status" is 404 + And the response property "$.code" is "LOCATION_RETRIEVAL.DEVICE_NOT_FOUND" + And the response property "$.message" contains a user friendly text + +################# +# HTTP - 422 +################# + + @location_retrieval_422.1_unable_to_fulfill_max_surface + Scenario: Unable to provide device location with required maxSurface + Given the testing device, identified by the token or provided in the request, is located by the network operator within a surface of certain area + + And the request body property "$.maxSurface" is set to a value smaller than that area + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response property "$.status" is 422 + And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_SURFACE" + And the response property "$.message" contains a user friendly text + + @location_retrieval_422.2_unable_to_locate_device_with_required_freshness + Scenario: Unable to provide device location with required maxAge + Given the testing device, identified by the token or provided in the request, is not connected to the network for some time + And the request body property "$.maxAge" is set to a value shorter than that time + When the request "retrieveLocation" is sent + Then the response status code is 422 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has same value as the request header "x-correlator" + And the response property "$.status" is 422 + And the response property "$.code" is "LOCATION_RETRIEVAL.UNABLE_TO_FULFILL_MAX_AGE" And the response property "$.message" contains a user friendly text \ No newline at end of file From 5456490cfb47a0bf46a523165d84ac919ad3f4f3 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Wed, 11 Jun 2025 23:34:25 +0200 Subject: [PATCH 07/31] style: indentations --- .../geofencing-subscriptions.feature | 28 +++++++------- .../location-retrieval.feature | 38 +++++++++---------- .../location-verification.feature | 28 +++++++------- 3 files changed, 43 insertions(+), 51 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 21d89783..16f5221d 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -213,9 +213,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the notification property "$.data.subscriptionId" is equal to "id" And the notification request property "$.data.terminationReason" is equal to "SUBSCRIPTION_DELETED" -################ -# Error scenarios for management of input parameter device -################## + # Error scenarios for management of input parameter device @geofencing_subscription_C01.01_device_empty Scenario: The device value is an empty object @@ -310,9 +308,9 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text -################## -# Error code 400 -################## + ################## + # Error code 400 + ################## @geofencing_subscription_400.1_create_subscription_with_invalid_parameter Scenario: Create subscription with invalid parameter @@ -375,9 +373,9 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "INVALID_TOKEN" And the response property "$.message" contains a user friendly text -################## -# Error code 401 -################## + ################## + # Error code 401 + ################## @geofencing_subscription_creation_401.1_no_authorization_header Scenario: No Authorization header @@ -412,9 +410,9 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text -################## -# Error code 401 -################## + ################## + # Error code 401 + ################## @geofencing_subscription_404.1_retrieve_unknown_subscription_id Scenario: Get subscription when subscriptionId is unknown to the system @@ -436,9 +434,9 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "NOT_FOUND" And the response property "$.message" contains a user friendly text -################## -# Error code 422 -################## + ################## + # Error code 422 + ################## @geofencing_subscriptions_422.1_create_with_an_unsupported_area Scenario: Create subscription with an unsupported area diff --git a/code/Test_definitions/location-retrieval.feature b/code/Test_definitions/location-retrieval.feature index c59945b4..3c0f0adc 100644 --- a/code/Test_definitions/location-retrieval.feature +++ b/code/Test_definitions/location-retrieval.feature @@ -34,9 +34,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation # The response has to comply with the generic response schema which is part of the spec And the response body complies with the OAS schema at "#/components/schemas/Location" -################# -# Scenarios testing specific situations for the device location -################### + # Scenarios testing specific situations for the device location @location_retrieval_200.1_location_retrieval_for_device_no_maxAge Scenario: Retrieve location of a device without specifying maxAge @@ -61,9 +59,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response body complies with the OAS schema at "#/components/schemas/Location" And the response property "$.lastLocationTime" value is not older than the value of "$.maxAge" the request time -################# -# Error scenarios for management of input parameter device -################### + # Error scenarios for management of input parameter device @location_retrieval_C01.01_device_empty Scenario: The device value is an empty object @@ -158,9 +154,9 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text -################# -# Error code 400 -################# + ################# + # Error code 400 + ################# @location_retrieval_400.1_no_request_body Scenario: Missing request body @@ -181,9 +177,9 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text -################# -# Error code 401 -################# + ################# + # Error code 401 + ################# @location_retrieval_401.1_no_authorization_header Scenario: No Authorization header @@ -216,9 +212,9 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "UNAUTHENTICATED" And the response property "$.message" contains a user friendly text -################# -# Error code 403 -################# + ################# + # Error code 403 + ################# @location_retrieval_403_missing_scope Scenario: Missing scope in the access token @@ -230,9 +226,9 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "PERMISSION_DENIED" And the response property "$.message" contains a user friendly text -################# -# Error code 404 -################# + ################# + # Error code 404 + ################# @location_retrieval_404_unable_to_locate_device # Input set to a device that could not be located @@ -248,9 +244,9 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "LOCATION_RETRIEVAL.DEVICE_NOT_FOUND" And the response property "$.message" contains a user friendly text -################# -# HTTP - 422 -################# + ################# + # HTTP - 422 + ################# @location_retrieval_422.1_unable_to_fulfill_max_surface Scenario: Unable to provide device location with required maxSurface diff --git a/code/Test_definitions/location-verification.feature b/code/Test_definitions/location-verification.feature index 969ba8a5..fc8bc09f 100644 --- a/code/Test_definitions/location-verification.feature +++ b/code/Test_definitions/location-verification.feature @@ -93,9 +93,7 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.lastLocationTime" does not exist And the response property "$.matchRate" does not exist -################# -# Error scenarios for management of input parameter device -################### + # Error scenarios for management of input parameter device @location_verification_C01.01_device_empty Scenario: The device value is an empty object @@ -190,9 +188,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text -################# -# Error code 400 -################# + ################# + # Error code 400 + ################# @location_verification_400.1_no_request_body Scenario: Missing request body @@ -248,9 +246,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio | $.area.center.longitude | | $.area.radius | -################# -# Error code 401 -################# + ################# + # Error code 401 + ################# @location_verification_401.1_no_authorization_header Scenario: No Authorization header @@ -283,9 +281,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "UNAUTHENTICATED" And the response property "$.message" contains a user friendly text -################# -# Error code 403 -################# + ################# + # Error code 403 + ################# @location_verification_403_missing_scope Scenario: Missing scope in the access token @@ -297,9 +295,9 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "PERMISSION_DENIED" And the response property "$.message" contains a user friendly text -################# -# Error code 422 -################# + ################# + # Error code 422 + ################# @location_verification_422.1_area_not_covered Scenario: Area not covered From 87e1444da8eb0d13fa9b3c5961a12ab34341750e Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Wed, 18 Jun 2025 22:32:30 +0200 Subject: [PATCH 08/31] feat: adjust geofencing-subscriptions.feature --- .../geofencing-subscriptions.feature | 168 ++++++++++++------ 1 file changed, 111 insertions(+), 57 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index b5aacd0f..e3525106 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -12,16 +12,14 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # References to OAS spec schemas refer to schemas specifies in geofencing-subscriptions.yaml Background: Common Geofencing Subscriptions setup - Given the resource "/geofencing-subscriptions/vwip/subscriptions" as geofencing base-url - And the header "Content-Type" is set to "application/json" + Given the resource "{apiroot}/geofencing-subscriptions/vwip/subscriptions" as geofencing base-url And the header "Authorization" is set to a valid access token And the header "x-correlator" complies with the schema at "#/components/schemas/XCorrelator" - And the request body is set by default to a request body compliant with the schema # Success scenarios @geofencing_subscriptions_01.1_sync_creation_2legs - Scenario Outline: Synchronous subscription creation with 2-legged-token + Scenario Outline: Create geofencing subscription (async creation) with 2-legged-token Given the header "Authorization" is set to a valid access token which does not identify any device And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" When the request "createGeofencingSubscription" is sent @@ -42,10 +40,10 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions | org.camaraproject.geofencing-subscriptions.v0.area-left | @geofencing_subscriptions_01.1_sync_creation_3legs - Scenario Outline: Synchronous subscription creation with 3-legged-token + Scenario Outline: Create geofencing subscription (async creation) with 3-legged-token # Some implementations may only support asynchronous subscription creation - Given the header "Authorization" is set to a valid access token which identifies a valid device - And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" + Given that subscriptions are created synchronously + And a valid subscription request body When the request "createGeofencingSubscription" is sent And request property "$.types" is one of the allowed values "" And request property "$.protocol" is equal to "HTTP" @@ -65,7 +63,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions | org.camaraproject.geofencing-subscriptions.v0.area-left | @geofencing_subscriptions_02_async_creation - Scenario Outline: Asynchronous subscription creation with 2- or 3-legged access token + Scenario Outline: Create geofencing subscription (async creation) Given a valid target device, identified by either the access token or in the request body And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" When the request "createGeofencingSubscription" is sent @@ -142,7 +140,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response header "x-correlator" has same value as the request header "x-correlator" And the response body is an empty array - @geofencing_subscriptions_07_delete_subscription_based_on_an_existing_subscription-id + @geofencing_subscriptions_07_Operation_to_delete_subscription_based_on_an_existing_subscription-id Scenario: Delete the subscription with subscriptionId equal to "id" Given the API consumer has an active subscription with "subscriptionId" equal to "id" When the request "deleteGeofencingSubscription" is sent @@ -176,7 +174,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-left" And the notification property "$.data.subscriptionId" is equal to "id" - @geofencing_subscriptions_10_subscription_expiry + @geofencing_subscriptions_10_subscription_ends_on_expiry Scenario: Receive notification for subscription-ends event on expiry Given a valid subscription for a device exists with "subscriptionId" equal to "id" And the subscription property "$.subscriptionExpireTime" is set to a value in the near future @@ -188,34 +186,40 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the notification property "$.data.subscriptionId" is equal to "id" And the notification property "$.data.terminationReason" is equal to "SUBSCRIPTION_EXPIRED" - @geofencing_subscriptions_10_subscription_end_when_max_events + @geofencing_subscriptions_10_subscription_ends_on_max_events Scenario: Receive notification for subscription-ends event on max events reached - Given a valid subscription for a device exists with "subscriptionId" equal to "id" - And the subscription property "$.subscriptionMaxEvents" is set to 1 - And the subscription property "$.sink" is a valid callback URL - When a single notification corresponding to subscription property "$.type" has been sent to the callback URL - Then a subscription termination event notification is sent to the callback URL - And the notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnds" - And the notification property "$.type" is "org.camaraproject.geofencing-subscriptions.v0.subscription-ends" - And the notification property "$.data.subscriptionId" is equal to "id" - And the notification request property "$.data.terminationReason" is equal to "MAX_EVENTS_REACHED" - - @geofencing_subscriptions_11_subscription_delete_event_validation + Given an existing geofencing subscription with the property "config.subscriptionMaxEvents" set to 1 + When the event subscribed occurs + Then event notification "" is received on callback-url + And event notification "subscription-ended" is received on callback-url + And notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnded" + And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ends" + And the response property "$.terminationReason" is "MAX_EVENTS_REACHED" + + @geofencing_subscriptions_11_subscriptions_delete_event_validation Scenario: Receive notification for subscription-ends event on deletion - Given a valid subscription for a device exists with "subscriptionId" equal to "id" - And the subscription property "$.sink" is a valid callback URL + Given the path parameter "subscriptionId" is set to the identifier of an existing geofencing subscription When the request "deleteGeofencingSubscription" is sent - And the path parameter "subscriptionId" is set to "id" - And the response status code is 202 or 204 - Then a subscription termination event notification is sent to the callback URL + Then the response status code is 202 or 204 + And event notification "subscription-ended" is received on callback-url And the notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnds" - And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.subscription-ends" - And the notification property "$.data.subscriptionId" is equal to "id" - And the notification request property "$.data.terminationReason" is equal to "SUBSCRIPTION_DELETED" + And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ends" + And the response property "$.terminationReason" is "SUBSCRIPTION_DELETED" + + #Scenario in case initialEvent is managed + + @geofencing_subscriptions_12_subscription_creation_initial_event + Scenario: Receive initial event notification on creation + Given the API supports initial events to be sent + And a valid subscription request body with property "$.config.initialEvent" set to true + When the request "createGeofencingSubscription" is sent + Then the response code is 201 or 202 + And an event notification of the subscribed type is received on callback-url + And notification body complies with the OAS schema at "#/components/schemas/CloudEvent" # Error scenarios for management of input parameter device - @geofencing_subscription_C01.01_device_empty + @geofencing_subscriptions_C01.01_device_empty Scenario: The device value is an empty object Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is set to: {} @@ -225,7 +229,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscription_C01.02_device_identifiers_not_schema_compliant + @geofencing_subscriptions_C01.02_device_identifiers_not_schema_compliant Scenario Outline: Some device identifier value does not comply with the schema Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "" does not comply with the OAS schema at "" @@ -243,7 +247,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions | $.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | # This scenario may happen e.g. with 2-legged access tokens, which do not identify a single device. - @geofencing_subscription_C01.03_device_not_found + @geofencing_subscriptions_C01.03_device_not_found Scenario: Some identifier cannot be matched to a device Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is compliant with the schema but does not identify a device whose connectivity is managed by the API provider @@ -253,7 +257,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "IDENTIFIER_NOT_FOUND" And the response property "$.message" contains a user friendly text - @geofencing_subscription_C01.04_unnecessary_device + @geofencing_subscriptions_C01.04_unnecessary_device Scenario: Device not to be included when it can be deduced from the access token Given the header "Authorization" is set to a valid access token identifying a device And the request body property "$.device" is also set to a valid device, which may or may not be the same device @@ -263,7 +267,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "UNNECESSARY_IDENTIFIER" And the response property "$.message" contains a user-friendly text - @geofencing_subscription_C01.05_missing_device + @geofencing_subscriptions_C01.05_missing_device Scenario: Device not included and cannot be deduced from the access token Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is not included @@ -273,7 +277,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "MISSING_IDENTIFIER" And the response property "$.message" contains a user-friendly text - @geofencing_subscription_C01.06_unsupported_device + @geofencing_subscriptions_C01.06_unsupported_device Scenario: None of the provided device identifiers is supported by the implementation Given that some types of device identifiers are not supported by the implementation And the header "Authorization" is set to a valid access token which does not identify a single device @@ -285,7 +289,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.message" contains a user-friendly text # When the service is only offered to certain types of devices or subscriptions, e.g. IoT, B2C, etc. - @geofencing_subscription_C01.07_device_not_supported + @geofencing_subscriptions_C01.07_device_not_supported Scenario: Service not available for the device Given that the service is not available for all devices commercialized by the operator And a valid device, identified by the token or provided in the request body, for which the service is not applicable @@ -297,7 +301,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # Several identifiers provided but they do not identify the same device # This scenario may happen with 2-legged access tokens, which do not identify a device - @geofencing_subscription_C01.08_device_identifiers_mismatch + @geofencing_subscriptions_C01.08_device_identifiers_mismatch Scenario: Device identifiers mismatch Given the header "Authorization" is set to a valid access token which does not identify a single device And at least 2 types of device identifiers are supported by the implementation @@ -312,7 +316,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # Error code 400 ################## - @geofencing_subscription_400.1_create_subscription_with_invalid_parameter + @geofencing_subscriptions_400.1_create_subscriptions_with_invalid_parameter Scenario: Create subscription with invalid parameter Given the request body is not compliant with the schema "#/components/schemas/SubscriptionRequest" When the request "createGeofencingSubscription" is sent @@ -321,19 +325,19 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscription_400.2_create_subscription_with_invalid_subscription_expire_time + @geofencing_subscriptions_400.2_creation_of_subscription_with_expiry_time_in_past Scenario: Expiry time in past - Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" - And the request property "$.config.subscriptionExpireTime" is set to a time in the past + Given a valid geofencing subscription request body + And the request property "$.config.subscriptionExpireTime" in the past When the request "createGeofencingSubscription" is sent Then the response status code is 400 And the response property "$.status" is 400 And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscription_400.3_invalid_eventType + @geofencing_subscriptions_400.3_invalid_eventType Scenario: Subscription creation with invalid event type - Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + Given a valid geofencing subscription request body And the request body property "$.types" is set to an invalid value When the request "createGeofencingSubscription" is sent Then the response status code is 400 @@ -341,9 +345,9 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - @geofencing_subscription_400.4_invalid_protocol + @geofencing_subscriptions_400.4_invalid_protocol Scenario: subscription creation with invalid protocol - Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + Given a valid geofencing subscription request body And the request property "$.protocol" is not equal to "HTTP" When the request "createGeofencingSubscription" is sent Then the response status code is 400 @@ -351,9 +355,9 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "INVALID_PROTOCOL" And the response property "$.message" contains a user friendly text - @geofencing_subscription_400.5_create_subscription_with_invalid_credential_type + @geofencing_subscriptions_400.5_invalid_credential Scenario: subscription creation with invalid credential type - Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + Given a valid geofencing subscription request body And the request property "$.sinkCredential.accessTokenType" is equal to "bearer" And the request property "$.sinkCredential.credentialType" is not equal to "ACCESSTOKEN" When the request "createGeofencingSubscription" is sent @@ -362,9 +366,9 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "INVALID_CREDENTIAL" And the response property "$.message" contains a user friendly text - @geofencing_subscription_400.6_create_subscription_with_invalid_access_token_type + @geofencing_subscriptions_400.6_create_subscriptions_with_invalid_access_token_type Scenario: subscription creation with invalid token - Given the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" + Given a valid geofencing subscription request body And the request property "$.sinkCredential.credentialType" is equal to "ACCESSTOKEN" And the request property "$.sinkCredential.accessTokenType" is not equal to "bearer" When the request "createGeofencingSubscription" is sent @@ -373,11 +377,50 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "INVALID_TOKEN" And the response property "$.message" contains a user friendly text + @geofencing_subscriptions_400.7_invalid_url + Scenario: Subscription creation with invalid url + Given a valid geofencing subscription request body + And the request property "$.protocol" is set to "HTTP" + And the request property "$.sink" is set to "azerty" + When the request "createGeofencingSubscription" is sent + Then the response property "$.status" is 400 + And the response property "$.code" is "INVALID_SINK" + And the response property "$.message" contains a user friendly text + + @geofencing_subscriptions_400.8_no_authorization_header_for_create_subscription + Scenario: No Authorization header for create subscription + Given a valid geofencing subscription request body + And the request does not include the "Authorization" header + When the request "createGeofencingSubscription" is sent + Then the response status code is 401 + And the response property "$.status" is 401 + And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.message" contains a user friendly text + + @geofencing_subscriptions_400.9_expired_access_token_for_create_subscription + Scenario: Expired access token for create subscription + Given a valid geofencing subscription request body and header "Authorization" is expired + When the request "createGeofencingSubscription" is sent + Then the response status code is 401 + And the response property "$.status" is 401 + And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.message" contains a user friendly text + + @geofencing_subscriptions_400.10_invalid_access_token_for_create_subscription + Scenario: Invalid access token for create subscription + Given a valid geofencing subscription request body + And header "Authorization" set to an invalid access token + When the request "createGeofencingSubscription" is sent + Then the response status code is 401 + And the response property "$.status" is 401 + And the response property "$.code" is "UNAUTHENTICATED" + And the response property "$.message" contains a user friendly text + ################## # Error code 401 ################## - @geofencing_subscription_creation_401.1_no_authorization_header + @geofencing_subscriptions_creation_401.1_no_authorization_header Scenario: No Authorization header Given the header "Authorization" is removed And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" @@ -388,7 +431,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text - @geofencing_subscription_creation_401.2_expired_access_token + @geofencing_subscriptions_creation_401.2_expired_access_token Scenario: Expired access token Given the header "Authorization" is set to a previously valid but now expired access token And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" @@ -399,7 +442,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text - @geofencing_subscription_creation_401.3_malformed_access_token + @geofencing_subscriptions_creation_401.3_malformed_access_token Scenario: Malformed access token Given the header "Authorization" is set to a malformed token And the request body is compliant with the schema "#/components/schemas/SubscriptionRequest" @@ -411,10 +454,10 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.message" contains a user friendly text ################## - # Error code 401 + # Error code 404 ################## - @geofencing_subscription_404.1_retrieve_unknown_subscription_id + @geofencing_subscriptions_404.1_retrieve_unknown_subscriptions_id Scenario: Get subscription when subscriptionId is unknown to the system Given that there is no valid subscription with "subscriptionId" equal to "id" When the request "retrieveGeofencingSubscription" is sent @@ -424,7 +467,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "NOT_FOUND" And the response property "$.message" contains a user friendly text - @geofencing_subscription_404.2_delete_unknown_subscription_id + @geofencing_subscriptions_404.2_delete_unknown_subscriptions_id Scenario: Delete subscription with subscriptionId unknown to the system Given that there is no valid subscription with "subscriptionId" equal to "id" When the request "deleteGeofencingSubscription" is sent @@ -454,4 +497,15 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Then the response status code is 422 And the response property "$.status" is 422 And the response property "$.code" is "GEOFENCING_SUBSCRIPTIONS.INVALID_AREA" - And the response property "$.message" contains "The requested area is too small" \ No newline at end of file + And the response property "$.message" contains "The requested area is too small" + + @geofencing_subscriptions_422.3_create_with_unsupported_multiple_event_type + Scenario: Multi event subscription not supported + Given the API provider only allows one event to be subscribed per subscription request + And a valid subscription request body + And the request body property "$.types" is set to an array with 2 valid items + When the request "createGeofencingSubscription" is sent + Then the response code is 422 + And the response property "$.status" is 422 + And the response property "$.code" is "MULTIEVENT_SUBSCRIPTION_NOT_SUPPORTED" + And the response property "$.message" contains a user friendly text \ No newline at end of file From e6e65d94fe4f355758decf309e525d7325b2feb6 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Tue, 26 Aug 2025 15:20:41 +0200 Subject: [PATCH 09/31] fix: some gherkin errors --- .../geofencing-subscriptions.feature | 26 +++---------------- .../location-verification.feature | 2 -- 2 files changed, 4 insertions(+), 24 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index ecb8d42b..e585a9df 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -214,17 +214,8 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And notification body complies with the OAS schema at "##/components/schemas/EventSubscriptionEnded" And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ended" And the response property "$.terminationReason" is "SUBSCRIPTION_DELETED" -######################### Scenario in case initialEvent is managed ############################## - @geofencing_subscriptions_12_subscription_creation_initial_event - Scenario: Receive initial event notification on creation - Given the API supports initial events to be sent - And a valid subscription request body with property "$.config.initialEvent" set to true - When the request "createGeofencingSubscription" is sent - Then the response code is 201 or 202 - And an event notification of the subscribed type is received on callback-url - And notification body complies with the OAS schema at "#/components/schemas/CloudEvent" - #Scenario in case initialEvent is managed +######################### Scenario in case initialEvent is managed ############################## @geofencing_subscriptions_12_subscription_creation_initial_event Scenario: Receive initial event notification on creation @@ -459,11 +450,11 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.status" is 401 And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text - + @geofencing_subscriptions_401.3_no_authorization_header_for_delete_subscription Scenario: No Authorization header for delete subscription Given header "Authorization" is set without a token - When the request "deleteGeofencingSubscription" is sent + When the request "deleteGeofencingSubscription" is sent Then the response status code is 401 And the response property "$.status" is 401 And the response property "$.code" is "UNAUTHENTICATED" @@ -574,16 +565,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" And the response property "$.message" contains "The identifier provided is not supported." - @geofencing_subscriptions_422.7_create_with_an_invalid_area - Scenario: Create subscription with an invalid area - Given the request body property "$.area" is set with an too small area-size - When the request "createGeofencingSubscription" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "GEOFENCING_SUBSCRIPTIONS.INVALID_AREA" - And the response property "$.message" contains "The requested area is too small" - - @geofencing_subscriptions_422.8_missing_device + @geofencing_subscriptions_422.7_missing_device Scenario: Device not included and cannot be deduced from the access token Given the header "Authorization" is set to a valid access token which does not identify a single device And the request body property "$.device" is not included diff --git a/code/Test_definitions/location-verification.feature b/code/Test_definitions/location-verification.feature index 668d2692..30a49d87 100644 --- a/code/Test_definitions/location-verification.feature +++ b/code/Test_definitions/location-verification.feature @@ -160,8 +160,6 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "SERVICE_NOT_APPLICABLE" And the response property "$.message" contains a user-friendly text - - ################# # Error code 400 ################# From 791a44d02bebd62205e4886c7d91f11148e111fc Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Tue, 26 Aug 2025 15:24:18 +0200 Subject: [PATCH 10/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index e585a9df..f4d2f330 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -12,7 +12,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # References to OAS spec schemas refer to schemas specifies in geofencing-subscriptions.yaml Background: Common Geofencing Subscriptions setup - Given the resource "{apiroot}/geofencing-subscriptions/vwip/subscriptions" as geofencing base-url + Given the resource "{apiroot}/geofencing-subscriptions/vwip/" as geofencing base-url And the header "Authorization" is set to a valid access token And the header "x-correlator" complies with the schema at "#/components/schemas/XCorrelator" From f11a9d48332205461b5a47407a276cf74252d91d Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Tue, 26 Aug 2025 15:24:23 +0200 Subject: [PATCH 11/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index f4d2f330..c8fe7a4a 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -19,7 +19,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # Success scenarios @geofencing_subscriptions_01.1_sync_creation_2legs - Scenario Outline: Create geofencing subscription (async creation) with 2-legged-token + Scenario Outline: Create geofencing subscription (sync creation) with 2-legged-token Given the header "Authorization" is set to a valid access token which does not identify any device And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" When the request "createGeofencingSubscription" is sent From afa2926bcad925ce2e8ed8ad59c0206129c7db66 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Tue, 26 Aug 2025 15:24:29 +0200 Subject: [PATCH 12/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index c8fe7a4a..1ae0452f 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -40,7 +40,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions | org.camaraproject.geofencing-subscriptions.v0.area-left | @geofencing_subscriptions_01.1_sync_creation_3legs - Scenario Outline: Create geofencing subscription (async creation) with 3-legged-token + Scenario Outline: Create geofencing subscription (sync creation) with 3-legged-token # Some implementations may only support asynchronous subscription creation Given that subscriptions are created synchronously And a valid subscription request body From 2a23b8a91596881a54a05dce62ce1eecba5aa1f3 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Tue, 26 Aug 2025 22:34:57 +0200 Subject: [PATCH 13/31] fix: some gherkin errors --- .../geofencing-subscriptions.feature | 84 ++----------------- .../location-retrieval.feature | 10 --- .../location-verification.feature | 8 -- 3 files changed, 8 insertions(+), 94 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index e585a9df..edf03494 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -18,9 +18,11 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # Success scenarios - @geofencing_subscriptions_01.1_sync_creation_2legs - Scenario Outline: Create geofencing subscription (async creation) with 2-legged-token - Given the header "Authorization" is set to a valid access token which does not identify any device + # Note: Depending on the API managed personal data specific scenario update may be require to specify use of 2-legs or 3-legs access token. + + @geofencing_subscriptions_01.1_create_subscription_sync + Scenario Outline: Create geofencing subscription (sync creation) + Given that subscriptions are created synchronously And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" When the request "createGeofencingSubscription" is sent And request property "$.types" is one of the allowed values "" @@ -28,41 +30,16 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And a valid phone number identified by "$.config.subscriptionDetail.device.phoneNumber" And request property "$.sink" is set to a valid callbackUrl Then the response code is 201 + And the response header "Content-Type" is "application/json" + And the response header "x-correlator" has the same value as the request header "x-correlator" And the response body complies with the OAS schema at "#/components/schemas/Subscription" - And the response properties "$.types", "$.protocol", "$.sink" and "$.config.subscriptionDetail.device.phoneNumber" are present with the values provided in the request - And the response property "$.id" is present - And the response property "$.startsAt" and "$.expiresAt", if present, has a valid value with date-time format - And the response property "$.status", if present, has the value "ACTIVATION_REQUESTED", "ACTIVE" or "INACTIVE" - - Examples: - | subscription-creation-types | - | org.camaraproject.geofencing-subscriptions.v0.area-entered | - | org.camaraproject.geofencing-subscriptions.v0.area-left | - - @geofencing_subscriptions_01.1_sync_creation_3legs - Scenario Outline: Create geofencing subscription (async creation) with 3-legged-token - # Some implementations may only support asynchronous subscription creation - Given that subscriptions are created synchronously - And a valid subscription request body - When the request "createGeofencingSubscription" is sent - And request property "$.types" is one of the allowed values "" - And request property "$.protocol" is equal to "HTTP" - And request property "$.sink" is set to a valid callbackUrl - And request property "$.config.subscriptionDetail.device.phoneNumber" is not present - Then the response status code is 201 - And the response body complies with the OAS schema at "#/components/schemas/Subscription" - And the response properties "$.types", "$.protocol" and "$.sink" are present with the values provided in the request - And the response property "$.id" is present - And the response property "$.startsAt" and "$.expiresAt", if present, has a valid value with date-time format - And the response property "$.status", if present, has the value "ACTIVATION_REQUESTED", "ACTIVE" or "INACTIVE" - And the response property "$.config.subscriptionDetail.device" is not present Examples: | subscription-creation-types | | org.camaraproject.geofencing-subscriptions.v0.area-entered | | org.camaraproject.geofencing-subscriptions.v0.area-left | - @geofencing_subscriptions_02_async_creation + @geofencing_subscriptions_02_create_subscription_async Scenario Outline: Create geofencing subscription (async creation) Given a valid target device, identified by either the access token or in the request body And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" @@ -321,9 +298,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text - ################## # Error code 400 - ################## @geofencing_subscriptions_400.1_create_subscriptions_with_invalid_parameter Scenario: Create subscription with invalid parameter @@ -425,9 +400,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "UNAUTHENTICATED" And the response property "$.message" contains a user friendly text - ################## # Error code 401 - ################## @geofencing_subscriptions_creation_401.1_no_authorization_header Scenario: No Authorization header @@ -481,9 +454,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "UNAUTHENTICATED" or "AUTHENTICATION_REQUIRED" And the response property "$.message" contains a user friendly text - ################## # Error code 404 - ################## @geofencing_subscriptions_404.1_retrieve_unknown_subscriptions_id Scenario: Get subscription when subscriptionId is unknown to the system @@ -505,9 +476,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.code" is "NOT_FOUND" And the response property "$.message" contains a user friendly text - ################## # Error code 422 - ################## @geofencing_subscriptions_422.1_create_with_an_unsupported_area Scenario: Create subscription with an unsupported area @@ -537,40 +506,3 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response property "$.status" is 422 And the response property "$.code" is "MULTIEVENT_SUBSCRIPTION_NOT_SUPPORTED" And the response property "$.message" contains a user friendly text - - @geofencing_subscriptions_422.4_create_with_service_not_applicable - Scenario: Create subscription for a device not supported by the service - Given the request body includes a device identifier not applicable for this service - When the request "createGeofencingSubscription" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "SERVICE_NOT_APPLICABLE" - And the response property "$.message" contains "Service is not available for the provided device identifier." - - @geofencing_subscriptions_422.5_create_with_unnecessary_identifier - Scenario: Create subscription with an unnecessary identifier - Given the request body explicitly includes a device identifier when it is not required - When the request "createGeofencingSubscription" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "UNNECESSARY_IDENTIFIER" - And the response property "$.message" contains "Device is already identified by the access token." - - @geofencing_subscriptions_422.6_create_with_unsupported_identifier - Scenario: Create subscription with an unsupported identifier - Given the request body includes an identifier type not supported by the implementation - When the request "createGeofencingSubscription" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "UNSUPPORTED_IDENTIFIER" - And the response property "$.message" contains "The identifier provided is not supported." - - @geofencing_subscriptions_422.7_missing_device - Scenario: Device not included and cannot be deduced from the access token - Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is not included - When the request "createGeofencingSubscription" is sent - Then the response status code is 422 - And the response property "$.status" is 422 - And the response property "$.code" is "MISSING_IDENTIFIER" - And the response property "$.message" contains a user-friendly text \ No newline at end of file diff --git a/code/Test_definitions/location-retrieval.feature b/code/Test_definitions/location-retrieval.feature index 7abce4b4..1a1878ae 100644 --- a/code/Test_definitions/location-retrieval.feature +++ b/code/Test_definitions/location-retrieval.feature @@ -154,9 +154,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "IDENTIFIER_MISMATCH" And the response property "$.message" contains a user friendly text - ################# # Error code 400 - ################# @location_retrieval_400.1_no_request_body Scenario: Missing request body @@ -177,9 +175,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "INVALID_ARGUMENT" And the response property "$.message" contains a user friendly text - ################# # Error code 401 - ################# @location_retrieval_401.1_no_authorization_header Scenario: No Authorization header @@ -212,9 +208,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "UNAUTHENTICATED" And the response property "$.message" contains a user friendly text - ################# # Error code 403 - ################# @location_retrieval_403_missing_scope Scenario: Missing scope in the access token @@ -226,9 +220,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "PERMISSION_DENIED" And the response property "$.message" contains a user friendly text - ################# # Error code 404 - ################# @location_retrieval_404_unable_to_locate_device # Input set to a device that could not be located @@ -244,9 +236,7 @@ Feature: CAMARA Device location retrieval API, vwip - Operation retrieveLocation And the response property "$.code" is "LOCATION_RETRIEVAL.DEVICE_NOT_FOUND" And the response property "$.message" contains a user friendly text - ################# # HTTP - 422 - ################# @location_retrieval_422.1_unable_to_fulfill_max_surface Scenario: Unable to provide device location with required maxSurface diff --git a/code/Test_definitions/location-verification.feature b/code/Test_definitions/location-verification.feature index 30a49d87..1ca6b3dd 100644 --- a/code/Test_definitions/location-verification.feature +++ b/code/Test_definitions/location-verification.feature @@ -160,9 +160,7 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "SERVICE_NOT_APPLICABLE" And the response property "$.message" contains a user-friendly text - ################# # Error code 400 - ################# @location_verification_400.1_no_request_body Scenario: Missing request body @@ -218,9 +216,7 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio | $.area.center.longitude | | $.area.radius | - ################# # Error code 401 - ################# @location_verification_401.1_no_authorization_header Scenario: No Authorization header @@ -253,9 +249,7 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "UNAUTHENTICATED" And the response property "$.message" contains a user friendly text - ################# # Error code 403 - ################# @location_verification_403_missing_scope Scenario: Missing scope in the access token @@ -267,9 +261,7 @@ Feature: CAMARA Device location verification API, vwip - Operation verifyLocatio And the response property "$.code" is "PERMISSION_DENIED" And the response property "$.message" contains a user friendly text - ################# # Error code 422 - ################# @location_verification_422.1_area_not_covered Scenario: Area not covered From 54826a44949cc919b37a0ecec359b83b842c7a7e Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:57:40 +0200 Subject: [PATCH 14/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 12ef35a8..756d993f 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -63,7 +63,6 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given a subscription exists and has a subscriptionId equal to "id" And the header "Authorization" is set to a valid access token which does not identify any device When the request "retrieveGeofencingSubscription" is sent - And the path parameter "subscriptionId" is set to "id" Then the response status code is 200 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" From b1dd1e1aa044326f41b202f67e90cb8bfc222d07 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:57:47 +0200 Subject: [PATCH 15/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 756d993f..cd4a8568 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -60,7 +60,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_03.1_retrieve_by_id_2legs Scenario: Check existing subscription is retrieved by id with a 2-legged access token - Given a subscription exists and has a subscriptionId equal to "id" + Given the path parameter "subscriptionId" is set to the identifier of an existing Geofencing subscription And the header "Authorization" is set to a valid access token which does not identify any device When the request "retrieveGeofencingSubscription" is sent Then the response status code is 200 From 5e292996e824325742728d3b373aa0c1df5a56e7 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:57:57 +0200 Subject: [PATCH 16/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index cd4a8568..75b5f63d 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -67,7 +67,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" And the response body complies with the OAS schema at "#/components/schemas/Subscription" - And the response property "$.id" is equal to "id" + And the response property "$.id" is equal to path parameter "subscriptionId" And the response property "$.config.subscriptionDetail.device" is present @geofencing_subscriptions_03.2_retrieve_by_id_3legs From 3df9651c3ba9e05141a5d247677309d9410ce68e Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:58:03 +0200 Subject: [PATCH 17/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 75b5f63d..867b5029 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -131,7 +131,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given a valid subscription for that device exists with "subscriptionId" equal to "id" And the request body property "$.area" is set to circle which covers location "Place1" And the subscription property "$.types" contains the element "org.camaraproject.geofencing-subscriptions.v0.area-entered" - When the device entered location "Place1" + When the device enters the area in the subscription And event notification "area-entered" is sent to the specified callback URL And the sink credentials specified when the subscription was created are included And notification body complies with the OAS schema at "#/components/schemas/EventAreaEntered" From c5ebb0040ce430f95a1701a78df00ba7092ef95b Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:58:09 +0200 Subject: [PATCH 18/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 867b5029..25b310ec 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -130,7 +130,6 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Receive notification for area-entered event Given a valid subscription for that device exists with "subscriptionId" equal to "id" And the request body property "$.area" is set to circle which covers location "Place1" - And the subscription property "$.types" contains the element "org.camaraproject.geofencing-subscriptions.v0.area-entered" When the device enters the area in the subscription And event notification "area-entered" is sent to the specified callback URL And the sink credentials specified when the subscription was created are included From ee2a030789688a9378c9918eca1a43d8124ca19b Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:58:16 +0200 Subject: [PATCH 19/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 25b310ec..761eb558 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -131,7 +131,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given a valid subscription for that device exists with "subscriptionId" equal to "id" And the request body property "$.area" is set to circle which covers location "Place1" When the device enters the area in the subscription - And event notification "area-entered" is sent to the specified callback URL + Then an event notification "area-entered" is sent to the specified callback URL And the sink credentials specified when the subscription was created are included And notification body complies with the OAS schema at "#/components/schemas/EventAreaEntered" And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-entered" From affd7c7cf639aed2acf03662cad793dbf35f4bc6 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:58:21 +0200 Subject: [PATCH 20/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 761eb558..ca1750ad 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -135,7 +135,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions And the sink credentials specified when the subscription was created are included And notification body complies with the OAS schema at "#/components/schemas/EventAreaEntered" And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-entered" - And the notification property "$.data.subscriptionId" is equal to "id" + And the notification property "$.data.subscriptionId" is equal to the existing subscriptionId @geofencing_subscriptions_09_receive_notification_when_device_leaves_geofence Scenario: Receive notification for area-left event From d5d9f78ca23141a5fe7899566d2a40274ff542f0 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:58:45 +0200 Subject: [PATCH 21/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index ca1750ad..5c2b7e78 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -118,7 +118,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_07_Operation_to_delete_subscription_based_on_an_existing_subscription-id Scenario: Delete the subscription with subscriptionId equal to "id" - Given the API consumer has an active subscription with "subscriptionId" equal to "id" + Given the path parameter "subscriptionId" is set to the identifier of an existing Geofencing subscription When the request "deleteGeofencingSubscription" is sent And the path parameter "subscriptionId" is set to "id" Then the response status code is 202 or 204 From 500e7137cc6e198472edb4efb64c3ac073db2254 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:58:54 +0200 Subject: [PATCH 22/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 5c2b7e78..04fe2061 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -120,7 +120,6 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Delete the subscription with subscriptionId equal to "id" Given the path parameter "subscriptionId" is set to the identifier of an existing Geofencing subscription When the request "deleteGeofencingSubscription" is sent - And the path parameter "subscriptionId" is set to "id" Then the response status code is 202 or 204 And the response header "x-correlator" has same value as the request header "x-correlator" And if the response property "$.status" is 204 then response body is not present From 7ee7e32ac085b51a828e35323c0b73096990440c Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:59:11 +0200 Subject: [PATCH 23/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 04fe2061..80c6750f 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -128,7 +128,6 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_08_receive_notification_when_device_enters_geofence Scenario: Receive notification for area-entered event Given a valid subscription for that device exists with "subscriptionId" equal to "id" - And the request body property "$.area" is set to circle which covers location "Place1" When the device enters the area in the subscription Then an event notification "area-entered" is sent to the specified callback URL And the sink credentials specified when the subscription was created are included From 23518edac0033fdc5906589b4da98334b8ee6aa4 Mon Sep 17 00:00:00 2001 From: Maximilian Laue <112983658+maxl2287@users.noreply.github.com> Date: Mon, 1 Sep 2025 09:59:24 +0200 Subject: [PATCH 24/31] Update code/Test_definitions/geofencing-subscriptions.feature Co-authored-by: Jose Luis Urien --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 80c6750f..e56891f7 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -127,7 +127,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_08_receive_notification_when_device_enters_geofence Scenario: Receive notification for area-entered event - Given a valid subscription for that device exists with "subscriptionId" equal to "id" + Given a valid subscription of type "org.camaraproject.geofencing-subscriptions.v0.area-entered" for certain device and area When the device enters the area in the subscription Then an event notification "area-entered" is sent to the specified callback URL And the sink credentials specified when the subscription was created are included From 81e4d99fde7c4d17b4dfbd209d625f8dd37a86c8 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Mon, 1 Sep 2025 13:33:45 +0200 Subject: [PATCH 25/31] fix: update tests based on artifact --- .../geofencing-subscriptions.feature | 227 +++++++----------- 1 file changed, 87 insertions(+), 140 deletions(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index e56891f7..b8f4dce0 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -20,177 +20,124 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions # Note: Depending on the API managed personal data specific scenario update may be require to specify use of 2-legs or 3-legs access token. - @geofencing_subscriptions_01.1_create_subscription_sync - Scenario Outline: Create geofencing subscription (sync creation) + @geofencing_subscriptions_01_create_subscription_sync + Scenario: Create geofencing subscription (sync creation) Given that subscriptions are created synchronously - And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" + And a valid subscription request body When the request "createGeofencingSubscription" is sent - And request property "$.types" is one of the allowed values "" - And request property "$.protocol" is equal to "HTTP" - And a valid phone number identified by "$.config.subscriptionDetail.device.phoneNumber" And request property "$.sink" is set to a valid callbackUrl Then the response code is 201 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has the same value as the request header "x-correlator" And the response body complies with the OAS schema at "#/components/schemas/Subscription" - Examples: - | subscription-creation-types | - | org.camaraproject.geofencing-subscriptions.v0.area-entered | - | org.camaraproject.geofencing-subscriptions.v0.area-left | - @geofencing_subscriptions_02_create_subscription_async - Scenario Outline: Create geofencing subscription (async creation) - Given a valid target device, identified by either the access token or in the request body - And the request body is compliant with the OAS schema at "#/component/schemas/SubscriptionRequest" + Scenario: Create geofencing subscription (async creation) + Given that subscriptions are created asynchronously + And a valid subscription request body When the request "createGeofencingSubscription" is sent - And request property "$.types" is one of the allowed values "" - And request property "$.protocol" is equal to "HTTP" - And request property "$.sink" is set to a valid callbackUrl Then the response status code is 202 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has same value as the request header "x-correlator" And the response body complies with the OAS schema at "#/components/schemas/SubscriptionAsync" - And the response property "$.id" is present - - Examples: - | subscription-creation-types | - | org.camaraproject.geofencing-subscriptions.v0.area-entered | - | org.camaraproject.geofencing-subscriptions.v0.area-left | - - @geofencing_subscriptions_03.1_retrieve_by_id_2legs - Scenario: Check existing subscription is retrieved by id with a 2-legged access token - Given the path parameter "subscriptionId" is set to the identifier of an existing Geofencing subscription - And the header "Authorization" is set to a valid access token which does not identify any device - When the request "retrieveGeofencingSubscription" is sent - Then the response status code is 200 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "#/components/schemas/Subscription" - And the response property "$.id" is equal to path parameter "subscriptionId" - And the response property "$.config.subscriptionDetail.device" is present - - @geofencing_subscriptions_03.2_retrieve_by_id_3legs - Scenario: Check existing subscription is retrieved by id with a 3-legged access token - Given a subscription exists and has a subscriptionId equal to "id" - And the header "Authorization" is set to a valid access token which identifies the device associated with the subscription - When the request "retrieveGeofencingSubscription" is sent - And the path parameter "subscriptionId" is set to "id" - Then the response status code is 200 - And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with the OAS schema at "#/components/schemas/Subscription" - And the response property "$.id" is equal to "id" - And the response property "$.config.subscriptionDetail.device" is not present - @geofencing_subscriptions_04_retrieve_list_2legs - Scenario: Check existing subscription(s) is/are retrieved in list with 2-legged-token - Given at least one subscription is existing for the API consumer making this request - And the header "Authorization" is set to a valid access token which does not identify any device + @geofencing_subscriptions_03_subscription_creation_event_validation + Scenario: Receive notification for subscription-started event on creation + Given a valid subscription request body + When the request "createGeofencingSubscription" is sent + Then the response code is 201 or 202 + And event notification "subscription-started" is received on callback-url + And notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionStarted" + And type="org.camaraproject.geofencing-subscriptions.v0.subscription-started" + And the response property "$.initiationReason" is "SUBSCRIPTION_CREATED" + + @geofencing_subscriptions_04_Operation_to_retrieve_list_of_subscriptions_when_no_records + Scenario: Get a list of Geofencing subscriptions when no subscriptions available + Given a client without Geofencing subscriptions created When the request "retrieveGeofencingSubscriptionList" is sent - Then the response status code is 200 + Then the response code is 200 And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with an array of OAS schema defined at "#/components/schemas/Subscription" - And the response body lists all subscriptions belonging to the API consumer + And the response header "x-correlator" has the same value as the request header "x-correlator" + And the response body is an empty array - @geofencing_subscriptions_05_retrieve_list_3legs - Scenario: Check existing subscription(s) is/are retrieved in list with 3-legged-token - Given the API consumer has at least one active subscription for the device - And the header "Authorization" is set to a valid access token which identifies a valid device associated with one or more subscriptions + @geofencing_subscriptions_05_Operation_to_retrieve_list_of_subscriptions + Scenario: Get a list of subscriptions + Given a client with Geofencing subscriptions created When the request "retrieveGeofencingSubscriptionList" is sent - Then the response status code is 200 + Then the response code is 200 And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body complies with an array of OAS schema defined at "#/components/schemas/Subscription" - And the response body lists all subscriptions belonging to the API consumer for the identified device - And the response property "$.config.subscriptionDetail.device" is not present in any of the subscription records - - @geofencing_subscriptions_06_retrieve_empty_list_3legs - Scenario: Check no existing subscription is retrieved in list - Given the API consumer has no active subscriptions for the device - And the header "Authorization" is set to a valid access token which identifies a valid device - When the request "retrieveGeofencingSubscriptionList" is sent - Then the response status code is 200 + And the response header "x-correlator" has the same value as the request header "x-correlator" + And the response body has an array of items and each item complies with the OAS schema at "#/components/schemas/Subscription" + + @geofencing_subscriptions_06_Operation_to_retrieve_subscription_based_on_an_existing_subscription-id + Scenario: Get a subscription based on existing subscription-id. + Given the path parameter "subscriptionId" is set to the identifier of an existing Geofencing subscription + When the request "retrieveGeofencingSubscription" is sent + Then the response code is 200 And the response header "Content-Type" is "application/json" - And the response header "x-correlator" has same value as the request header "x-correlator" - And the response body is an empty array + And the response header "x-correlator" has the same value as the request header "x-correlator" + And the response body complies with the OAS schema at "#/components/schemas/Subscription" @geofencing_subscriptions_07_Operation_to_delete_subscription_based_on_an_existing_subscription-id - Scenario: Delete the subscription with subscriptionId equal to "id" + Scenario: Delete a subscription based on existing subscription-id. Given the path parameter "subscriptionId" is set to the identifier of an existing Geofencing subscription When the request "deleteGeofencingSubscription" is sent - Then the response status code is 202 or 204 - And the response header "x-correlator" has same value as the request header "x-correlator" - And if the response property "$.status" is 204 then response body is not present - And if the response property "$.status" is 202 then response body complies with the OAS schema at "#/components/schemas/SubscriptionAsync" and the response property "$.id" is equal to "id" - - @geofencing_subscriptions_08_receive_notification_when_device_enters_geofence - Scenario: Receive notification for area-entered event - Given a valid subscription of type "org.camaraproject.geofencing-subscriptions.v0.area-entered" for certain device and area - When the device enters the area in the subscription - Then an event notification "area-entered" is sent to the specified callback URL - And the sink credentials specified when the subscription was created are included - And notification body complies with the OAS schema at "#/components/schemas/EventAreaEntered" - And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-entered" - And the notification property "$.data.subscriptionId" is equal to the existing subscriptionId - - @geofencing_subscriptions_09_receive_notification_when_device_leaves_geofence - Scenario: Receive notification for area-left event - Given a valid subscription request body - And the request body property "$.area" is set to circle which covers location "Place1" - And the request body property "$.type" is "area-left" - When the request "createGeofencingSubscription" is sent - Then the response code is 201 - And the device left from location "Place1" - And event notification "area-left" is received on callback-url - And sink credentials are received as expected - And notification body complies with the OAS schema at "##/components/schemas/EventAreaLeft" - And type="org.camaraproject.geofencing-subscriptions.v0.area-left" + Then the response code is 202 or 204 + And the response header "x-correlator" has the same value as the request header "x-correlator" + And if the response property "$.status" is 204 then the response body is not available + And if the response property "$.status" is 202 then the response body complies with the OAS schema at "#/components/schemas/SubscriptionAsync" - @geofencing_subscriptions_09_subscription_ends_on_expiry + @geofencing_subscriptions_08_subscription_ends_on_expiry Scenario: Receive notification for subscription-ended event on expiry - Given a valid subscription request body - And the request body property "$.area" is set to circle which covers location "Place1" - And the request body property "$.type" is "area-left" - And the request body property "$.subscriptionExpireTime" is set to a value in the near future - When the request "createGeofencingSubscription" is sent - Then the response code is 201 - And the subscription is expired - And event notification "subscription-ended" is received on callback-url - And notification body complies with the OAS schema at "##/components/schemas/EventSubscriptionEnded" + Given an existing Geofencing subscription with some value for the property "expiresAt" in the near future + When the subscription is expired + Then the event notification "subscription-ended" is received on callback-url + And notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnded" And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ended" And the response property "$.terminationReason" is "SUBSCRIPTION_EXPIRED" - @geofencing_subscriptions_10_subscription_ends_on_max_events + @geofencing_subscriptions_09_subscription_ends_on_max_events Scenario: Receive notification for subscription-ended event on max events reached - Given a valid subscription request body - And the request body property "$.area" is set to circle which covers location "Place1" - And the request body property "$.type" is "area-left" - And the request body property "$.subscriptionMaxEvents" is set to 1 - When the request "createGeofencingSubscription" is sent - Then the response code is 201 - And the device left from location "Place1" - And event notification "area-left" is received on callback-url + Given an existing Geofencing subscription with the property "config.subscriptionMaxEvents" set to 1 + When the event subscribed occurs + Then event notification "" is received on callback-url And event notification "subscription-ended" is received on callback-url - And notification body complies with the OAS schema at "##/components/schemas/EventSubscriptionEnded" - And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ended"And the response property "$.terminationReason" is "MAX_EVENTS_REACHED" + And notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnded" + And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ended" + And the response property "$.terminationReason" is "MAX_EVENTS_REACHED" - @geofencing_subscriptions_11_subscription_delete_event_validation + @geofencing_subscriptions_10_subscription_delete_event_validation Scenario: Receive notification for subscription-ended event on deletion - Given a valid subscription is existing + Given the path parameter "subscriptionId" is set to the identifier of an existing Geofencing subscription When the request "deleteGeofencingSubscription" is sent - And path parameter "subscriptionId" is set to the identifier of an existing subscription created - And the request "deleteGeofencingSubscription" is sent Then the response code is 202 or 204 And event notification "subscription-ended" is received on callback-url - And notification body complies with the OAS schema at "##/components/schemas/EventSubscriptionEnded" + And notification body complies with the OAS schema at "#/components/schemas/EventSubscriptionEnded" And type="org.camaraproject.geofencing-subscriptions.v0.subscription-ended" And the response property "$.terminationReason" is "SUBSCRIPTION_DELETED" + @geofencing_subscriptions_11_receive_notification_when_device_enters_geofence + Scenario: Receive notification for area-entered event + Given a valid subscription of type "org.camaraproject.geofencing-subscriptions.v0.area-entered" for certain device and area + When the device enters the area in the subscription + Then an event notification "area-entered" is sent to the specified callback URL + And the sink credentials specified when the subscription was created are included + And notification body complies with the OAS schema at "#/components/schemas/EventAreaEntered" + And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-entered" + And the notification property "$.data.subscriptionId" is equal to the existing subscriptionId + + @geofencing_subscriptions_12_receive_notification_when_device_leaves_geofence + Scenario: Receive notification for area-left event + Given a valid subscription of type "org.camaraproject.geofencing-subscriptions.v0.area-left" for certain device and area + When the device leaves the area in the subscription + Then an event notification "area-left" is sent to the specified callback URL + And notification body complies with the OAS schema at "#/components/schemas/EventAreaLeft" + And the notification property "$.type" is equal to "org.camaraproject.geofencing-subscriptions.v0.area-left" + And the notification property "$.data.subscriptionId" is equal to the existing subscriptionId + ######################### Scenario in case initialEvent is managed ############################## - @geofencing_subscriptions_12_subscription_creation_initial_event + @geofencing_subscriptions_13_subscription_creation_initial_event Scenario: Receive initial event notification on creation Given the API supports initial events to be sent And a valid subscription request body with property "$.config.initialEvent" set to true @@ -198,13 +145,13 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Then the response code is 201 or 202 And an event notification of the subscribed type is received on callback-url And notification body complies with the OAS schema at "#/components/schemas/CloudEvent" - + # Error scenarios for management of input parameter device @geofencing_subscriptions_C01.01_device_empty Scenario: The device value is an empty object Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is set to: {} + And the request body property "$.config.subscriptionDetail.device" is set to: {} When the request "createGeofencingSubscription" is sent Then the response status code is 400 And the response property "$.status" is 400 @@ -223,16 +170,16 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Examples: | device_identifier | oas_spec_schema | - | $.device.phoneNumber | /components/schemas/PhoneNumber | - | $.device.ipv4Address | /components/schemas/DeviceIpv4Addr | - | $.device.ipv6Address | /components/schemas/DeviceIpv6Address | - | $.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | + | $.config.subscriptionDetail.device.phoneNumber | /components/schemas/PhoneNumber | + | $.config.subscriptionDetail.device.ipv4Address | /components/schemas/DeviceIpv4Addr | + | $.config.subscriptionDetail.device.ipv6Address | /components/schemas/DeviceIpv6Address | + | $.config.subscriptionDetail.device.networkIdentifier | /components/schemas/NetworkAccessIdentifier | # This scenario may happen e.g. with 2-legged access tokens, which do not identify a single device. @geofencing_subscriptions_C01.03_device_not_found Scenario: Some identifier cannot be matched to a device Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is compliant with the schema but does not identify a device whose connectivity is managed by the API provider + And the request body property "$.config.subscriptionDetail.device" is compliant with the schema but does not identify a device whose connectivity is managed by the API provider When the request "createGeofencingSubscription" is sent Then the response status code is 404 And the response property "$.status" is 404 @@ -242,7 +189,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_C01.04_unnecessary_device Scenario: Device not to be included when it can be deduced from the access token Given the header "Authorization" is set to a valid access token identifying a device - And the request body property "$.device" is also set to a valid device, which may or may not be the same device + And the request body property "$.config.subscriptionDetail.device" is also set to a valid device, which may or may not be the same device When the request "createGeofencingSubscription" is sent Then the response status code is 422 And the response property "$.status" is 422 @@ -252,7 +199,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_C01.05_missing_device Scenario: Device not included and cannot be deduced from the access token Given the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" is not included + And the request body property "$.config.subscriptionDetail.device" is not included When the request "createGeofencingSubscription" is sent Then the response status code is 422 And the response property "$.status" is 422 @@ -263,7 +210,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: None of the provided device identifiers is supported by the implementation Given that some types of device identifiers are not supported by the implementation And the header "Authorization" is set to a valid access token which does not identify a single device - And the request body property "$.device" only includes device identifiers not supported by the implementation + And the request body property "$.config.subscriptionDetail.device" only includes device identifiers not supported by the implementation When the request "createGeofencingSubscription" is sent Then the response status code is 422 And the response property "$.status" is 422 @@ -287,7 +234,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Device identifiers mismatch Given the header "Authorization" is set to a valid access token which does not identify a single device And at least 2 types of device identifiers are supported by the implementation - And the request body property "$.device" includes several identifiers, each of them identifying a valid but different device + And the request body property "$.config.subscriptionDetail.device" includes several identifiers, each of them identifying a valid but different device When the request "createGeofencingSubscription" is sent Then the response status code is 422 And the response property "$.status" is 422 From ea5a7052c2afbdd601d5304829e72c17ce9029e5 Mon Sep 17 00:00:00 2001 From: Maximilian Laue Date: Mon, 1 Sep 2025 13:36:31 +0200 Subject: [PATCH 26/31] fix: gherkin error --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index b8f4dce0..c676be1d 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -145,7 +145,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Then the response code is 201 or 202 And an event notification of the subscribed type is received on callback-url And notification body complies with the OAS schema at "#/components/schemas/CloudEvent" - + # Error scenarios for management of input parameter device @geofencing_subscriptions_C01.01_device_empty From 276e39f3b56a8541509321d09f238de6f1677127 Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Tue, 2 Sep 2025 16:46:08 +0200 Subject: [PATCH 27/31] Update code/Test_definitions/geofencing-subscriptions.feature --- code/Test_definitions/geofencing-subscriptions.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index c676be1d..3ceecda0 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -25,7 +25,6 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Given that subscriptions are created synchronously And a valid subscription request body When the request "createGeofencingSubscription" is sent - And request property "$.sink" is set to a valid callbackUrl Then the response code is 201 And the response header "Content-Type" is "application/json" And the response header "x-correlator" has the same value as the request header "x-correlator" From 51b0b9bfa58efc768ab0caf3b373572a0b4da207 Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Tue, 2 Sep 2025 16:46:19 +0200 Subject: [PATCH 28/31] Update code/Test_definitions/geofencing-subscriptions.feature --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 3ceecda0..40f9a9c6 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -410,7 +410,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_404.2_delete_unknown_subscriptions_id Scenario: Delete subscription with subscriptionId unknown to the system - Given that there is no valid subscription with "subscriptionId" equal to "id" + Given the path parameter "subscriptionId" is set to a value not corresponding to any existing subscription When the request "deleteGeofencingSubscription" is sent And the path parameter "subscriptionId" is equal to "id" Then the response code is 404 From 1317f47ae6c7c2df8de86cf64d90b870bbeb06ac Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Tue, 2 Sep 2025 16:46:27 +0200 Subject: [PATCH 29/31] Update code/Test_definitions/geofencing-subscriptions.feature --- code/Test_definitions/geofencing-subscriptions.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index 40f9a9c6..e547e0fe 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -412,7 +412,6 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Delete subscription with subscriptionId unknown to the system Given the path parameter "subscriptionId" is set to a value not corresponding to any existing subscription When the request "deleteGeofencingSubscription" is sent - And the path parameter "subscriptionId" is equal to "id" Then the response code is 404 And the response property "$.status" is 404 And the response property "$.code" is "NOT_FOUND" From 2c1e9a3f97fff4e701511eafe79a513c4af5ffb1 Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Tue, 2 Sep 2025 16:46:37 +0200 Subject: [PATCH 30/31] Update code/Test_definitions/geofencing-subscriptions.feature --- code/Test_definitions/geofencing-subscriptions.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index e547e0fe..a922990d 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -400,7 +400,7 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions @geofencing_subscriptions_404.1_retrieve_unknown_subscriptions_id Scenario: Get subscription when subscriptionId is unknown to the system - Given that there is no valid subscription with "subscriptionId" equal to "id" + Given the path parameter "subscriptionId" is set to a value not corresponding to any existing subscription When the request "retrieveGeofencingSubscription" is sent And the path parameter "subscriptionId" is equal to "id" Then the response status code is 404 From 2615727ba6fb54aa16ea901fa0004ba8ed9b0692 Mon Sep 17 00:00:00 2001 From: Jose Luis Urien Date: Tue, 2 Sep 2025 16:46:44 +0200 Subject: [PATCH 31/31] Update code/Test_definitions/geofencing-subscriptions.feature --- code/Test_definitions/geofencing-subscriptions.feature | 1 - 1 file changed, 1 deletion(-) diff --git a/code/Test_definitions/geofencing-subscriptions.feature b/code/Test_definitions/geofencing-subscriptions.feature index a922990d..c5f45892 100644 --- a/code/Test_definitions/geofencing-subscriptions.feature +++ b/code/Test_definitions/geofencing-subscriptions.feature @@ -402,7 +402,6 @@ Feature: Camara Geofencing Subscriptions API, vwip - Operations on subscriptions Scenario: Get subscription when subscriptionId is unknown to the system Given the path parameter "subscriptionId" is set to a value not corresponding to any existing subscription When the request "retrieveGeofencingSubscription" is sent - And the path parameter "subscriptionId" is equal to "id" Then the response status code is 404 And the response property "$.status" is 404 And the response property "$.code" is "NOT_FOUND"