Feature: create auth-app token
  As a user
  I want to create auth-app Tokens
  So that I can use 3rd party apps

  Background:
    Given user "Alice" has been created with default attributes


  Scenario: user creates auth-app token
    When user "Alice" creates app token with expiration time "72h" using the auth-app API
    Then the HTTP status code should be "200"
    And the JSON data of the response should match
      """
      {
        "type": "object",
        "required": [
          "token",
          "expiration_date",
          "created_date",
          "label"
        ],
        "properties": {
          "token": {
            "pattern": "^([a-zA-Z]+ ){5}[a-zA-Z]+$"
          },
          "label": {
            "const": "Generated via API"
          }
        }
      }
      """

  @env-config
  Scenario: user lists auth-app tokens generated by different auth-app api
    Given the config "AUTH_APP_ENABLE_IMPERSONATION" has been set to "true"
    And user "Alice" has created app token with expiration time "72h" using the auth-app API
    And the administrator has created app token for user "Alice" with expiration time "72h" using the auth-app API
    And user "Alice" has created app token with expiration time "72h" using the auth-app CLI
    When user "Alice" lists all created tokens using the auth-app API
    Then the HTTP status code should be "200"
    And the JSON data of the response should match
      """
      {
        "type": "array",
        "minItems": 3,
        "maxItems": 3,
        "uniqueItems": true,
        "items": {
          "oneOf": [
            {
              "type": "object",
              "required": [
                "token",
                "expiration_date",
                "created_date",
                "label"
              ],
              "properties": {
                "token": {
                  "pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"
                },
                "label": {
                  "const": "Generated via API"
                }
              }
            },
            {
              "type": "object",
              "required": [
                "token",
                "expiration_date",
                "created_date",
                "label"
              ],
              "properties": {
                "token": {
                  "pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"
                },
                "label": {
                  "const": "Generated via CLI"
                }
              }
            },
            {
              "type": "object",
              "required": [
                "token",
                "expiration_date",
                "created_date",
                "label"
              ],
              "properties": {
                "token": {
                  "pattern": "^[0-9A-Fa-f]{8}-[0-9A-Fa-f]{4}-4[0-9A-Fa-f]{3}-[89ABab][0-9A-Fa-f]{3}-[0-9A-Fa-f]{12}$"
                },
                "label": {
                  "const": "Generated via API (Impersonation)"
                }
              }
            }
          ]
        }
      }
      """

  @env-config
  Scenario: admin creates auth-app token for other user
    Given the config "AUTH_APP_ENABLE_IMPERSONATION" has been set to "true"
    When the administrator creates app token for user "Alice" with expiration time "72h" using the auth-app API
    Then the HTTP status code should be "200"
    And the JSON data of the response should match
      """
      {
        "type": "object",
        "required": [
          "token",
          "expiration_date",
          "created_date",
          "label"
        ],
        "properties": {
          "token": {
            "pattern": "^([a-zA-Z]+ ){5}[a-zA-Z]+$"
          },
          "label": {
            "const": "Generated via API (Impersonation)"
          }
        }
      }
      """