test: replace CLI certificate setup with HTTP API calls

vitormattos · vitormattos · commit 4a4c6139a3c5 · 2025-12-17T12:21:17.000-03:00
Replace 'libresign:configure:openssl --cn test' CLI commands with
HTTP POST requests to '/apps/libresign/api/v1/admin/certificate/openssl'
in integration tests to prevent race conditions between CLI and HTTP
processes during test execution.

This ensures all certificate setup happens via HTTP requests, avoiding
IAppConfig cache synchronization issues that can occur when mixing CLI
commands with HTTP requests in the same test scenario.

Signed-off-by: Vitor Mattos &lt;1079143+vitormattos@users.noreply.github.com&gt;
diff --git a/tests/integration/features/sign/request.feature b/tests/integration/features/sign/request.feature
@@ -1,8 +1,10 @@
 Feature: request-signature
   Scenario: Get error when try to request to sign isn't manager
     Given user "signer1" exists
+    And as user "admin"
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And as user "signer1"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"base64":""} |
       | users | [{"identify":{"account":"signer1"}}] |
@@ -15,7 +17,9 @@ Feature: request-signature
 
   Scenario: Get error when try to request to sign without file name
     Given as user "admin"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And as user "admin"
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"invalid":""} |
       | users | [{"identify":{"account":"signer1"}}] |
@@ -34,7 +38,8 @@ Feature: request-signature
     And my inbox is empty
     And reset notifications of user "signer1"
     And reset notifications of user "signer2"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"url":"<BASE_URL>/apps/libresign/develop/pdf"} |
       | users | [{"identify":{"account":"signer1"}}] |
@@ -67,7 +72,8 @@ Feature: request-signature
     And my inbox is empty
     And reset notifications of user "signer1"
     And reset notifications of user "signer2"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"url":"<BASE_URL>/apps/libresign/develop/pdf"} |
       | users | [{"identify":{"account":"signer1"}}] |
@@ -94,7 +100,8 @@ Feature: request-signature
   Scenario: Request to sign with error when the user is not authenticated
     Given as user "admin"
     And user "signer1" exists
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And reset notifications of user "signer1"
     And my inbox is empty
     And sending "post" to ocs "/apps/libresign/api/v1/request-signature"
@@ -115,7 +122,8 @@ Feature: request-signature
   Scenario: Request to sign with error when the authenticated user have an email different of signer
     Given as user "admin"
     And user "signer1" exists
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And reset notifications of user "signer1"
     And set the email of user "signer1" to "signer1@domain.test"
     And my inbox is empty
@@ -140,7 +148,8 @@ Feature: request-signature
   Scenario: Request to sign with error when the link was expired
     Given as user "admin"
     And my inbox is empty
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And run the command "config:app:set libresign maximum_validity --value=1 --type=integer" with result code 0
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"url":"<BASE_URL>/apps/libresign/develop/pdf"} |
@@ -162,7 +171,8 @@ Feature: request-signature
   Scenario: Request to sign with success when is necessary to renew the link
     Given as user "admin"
     And my inbox is empty
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And sending "post" to ocs "/apps/provisioning_api/api/v1/config/apps/libresign/identify_methods"
       | value | (string)[{"name":"email","enabled":true,"mandatory":true,"can_create_account":false}] |
     And sending "post" to ocs "/apps/libresign/api/v1/request-signature"
@@ -228,7 +238,8 @@ Feature: request-signature
   Scenario: Request to sign with success using account as identifier
     Given as user "admin"
     And user "signer1" exists
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And set the email of user "signer1" to "signer1@domain.test"
     And reset notifications of user "signer1"
     And my inbox is empty
@@ -266,7 +277,8 @@ Feature: request-signature
 
   Scenario: Request to sign with error using account as identifier with invalid email
     Given as user "admin"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"url":"<BASE_URL>/apps/libresign/develop/pdf"}  |
       | users | [{"identify":{"account":"invaliddomain.test"}}] |
@@ -278,7 +290,8 @@ Feature: request-signature
 
   Scenario: Request to sign with error using email as account identifier
     Given as user "admin"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"url":"<BASE_URL>/apps/libresign/develop/pdf"} |
       | users | [{"identify":{"account":"signer3@domain.test"}}] |
@@ -290,7 +303,9 @@ Feature: request-signature
 
   Scenario: Request to sign with success using email as identifier and URL as file
     Given as user "admin"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And as user "admin"
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And my inbox is empty
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
       | file | {"url":"<BASE_URL>/apps/libresign/develop/pdf"} |
@@ -303,7 +318,8 @@ Feature: request-signature
   Scenario: Request to sign with success using account as identifier and URL as file
     Given as user "admin"
     And user "signer1" exists
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And set the email of user "signer1" to ""
     And reset notifications of user "signer1"
     And my inbox is empty
@@ -321,7 +337,8 @@ Feature: request-signature
 
   Scenario: Request to sign with success using email as identifier
     Given as user "admin"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And set the email of user "signer1" to "signer1@domain.test"
     And my inbox is empty
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
@@ -334,7 +351,8 @@ Feature: request-signature
 
   Scenario: Request to sign using email as identifier and when is necessary to use visible elements
     Given as user "admin"
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And sending "post" to ocs "/apps/provisioning_api/api/v1/config/apps/libresign/identify_methods"
       | value | (string)[{"name":"email","enabled":true,"mandatory":true,"can_create_account":false}] |
     And I send a file to be signed
@@ -363,7 +381,8 @@ Feature: request-signature
   Scenario: Request to sign with success using multiple users
     Given as user "admin"
     And user "signer1" exists
-    And run the command "libresign:configure:openssl --cn test" with result code 0
+    And sending "post" to ocs "/apps/libresign/api/v1/admin/certificate/openssl"
+      | rootCert | {"commonName":"test"} |
     And set the email of user "signer1" to ""
     And my inbox is empty
     When sending "post" to ocs "/apps/libresign/api/v1/request-signature"
