Merge pull request #2066 from cyberark/whoami-int-test

Add whoami audit integration test
cyberark · Mar 17, 2021 · ec5f88a · ec5f88a
2 parents 3aa9134 + d50dde4
commit ec5f88a
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 1 deletion.
diff --git a/cucumber/api/features/support/rest_helpers.rb b/cucumber/api/features/support/rest_helpers.rb
@@ -282,7 +282,10 @@ def current_user_api_key
 
   def current_user_credentials
     username = @current_user.login
-    token = Slosilo["authn:#{@current_user.account}"].signed_token(username)
+    # Configure Slosilo to produce valid access tokens
+    slosilo = Slosilo["authn:#{@current_user.account}"] ||= Slosilo::Key.new
+    # NOTE: 'iat' (issueat) is expected to be autogenerated
+    token = slosilo.issue_jwt(sub: username)
     user_credentials(username, token)
   end
 

diff --git a/cucumber/api/features/whoami.feature b/cucumber/api/features/whoami.feature
@@ -0,0 +1,16 @@
+Feature: Who Am I
+
+  Scenario: Audit entry
+
+    Given I am a user named "alice"
+    When I successfully GET "/whoami"
+    Then there is an audit record matching:
+    """
+      <38>1 * * conjur * identity-check
+      [subject@43868 role="cucumber:user:alice"]
+      [auth@43868 user="cucumber:user:alice"]
+      [client@43868 ip="*"]
+      [action@43868 result="success" operation="check"]
+      * *
+      cucumber:user:alice checked its identity using whoami
+    """