-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathsecurity.http
More file actions
52 lines (45 loc) · 1.34 KB
/
security.http
File metadata and controls
52 lines (45 loc) · 1.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
### ============================
### Security — JWT Testing
### ============================
### Generate tokens: ./generate-jwt.sh ORGANIZER
### ./generate-jwt.sh SPEAKER
### ./generate-jwt.sh ATTENDEE
### Attempt to create without a token → expect 401
POST http://localhost:8080/api/v1/sessions
Content-Type: application/json
{
"title": "Unauthorized Session",
"abstract": "This should fail.",
"level": "BEGINNER",
"track": "Test",
"speakerId": "spk-duke",
"startTime": "2026-10-16T11:00:00",
"durationMinutes": 50
}
### Attempt to create with ATTENDEE token → expect 403
POST http://localhost:8080/api/v1/sessions
Content-Type: application/json
Authorization: Bearer {{jwt_attendee}}
{
"title": "Forbidden Session",
"abstract": "ATTENDEEs cannot create sessions.",
"level": "BEGINNER",
"track": "Test",
"speakerId": "spk-duke",
"startTime": "2026-10-16T11:00:00",
"durationMinutes": 50
}
### Create with ORGANIZER token → expect 201
POST http://localhost:8080/api/v1/sessions
Content-Type: application/json
Authorization: Bearer {{jwt_organizer}}
{
"title": "Authorized Session",
"abstract": "ORGANIZERs can create sessions.",
"level": "ADVANCED",
"track": "Security",
"speakerId": "spk-duke",
"roomId": "room-hall-a",
"startTime": "2026-10-16T14:00:00",
"durationMinutes": 50
}