Obnam 3 server acceptance criteria

By: Lars Wirzenius

2026-02-22 09:59

Table of Contents

1 Introduction

See "Obnam 3 acceptance criteri" for an overview. This document is for the server only.

2 Shared test files for verification scenarios

2.1 Server configuration file

key_pair_file: keypair.json
listen: localhost:8000

3 Acceptance criteria for the Obnam server

3.1 Generates and validates API tokens

Want: The server admin can generate an API token and validate it.

Why: Users of the server need to the API token to make backups. The server admin needs to be able to validate tokens for troubleshooting.

1 given an installed obnam
2 given file server-config.yaml
3 when I run obnam-server --config server-config.yaml init
4 then file keypair.json exists
5 when I try to run obnam-server --config server-config.yaml init
6 then command fails
7 then stderr contains "keypair.json"
8 when I run obnam-server --config server-config.yaml token --output token.txt --allow append
9 then file token.txt contains "v4.public."
10 when I run obnam-server --config server-config.yaml validate --file token.txt
11 then stdout contains "read_chunks_allowed: true"
12 then stdout contains "find_chunks_allowed: true"
13 then stdout contains "create_chunk_allowed: true"
14 then stdout contains "delete_chunk_allowed: false"
15 when I run obnam-server --config server-config.yaml token --output token.txt --allow delete
16 then file token.txt contains "v4.public."
17 when I run obnam-server --config server-config.yaml validate --file token.txt
18 then stdout contains "read_chunks_allowed: true"
19 then stdout contains "find_chunks_allowed: true"
20 then stdout contains "create_chunk_allowed: true"
21 then stdout contains "delete_chunk_allowed: true"

3.2 Refuses API token made for another server instance

Want: An Obnam server should only accept API tokens for that server, not tokens for another Obnam server instance.

Why: Servers are distinct.

We simulate having different instances by re-initializing.

1 given an installed obnam
2 given file server-config.yaml
3 when I run obnam-server --config server-config.yaml init
4 when I run obnam-server --config server-config.yaml token --output token.txt --allow append
5 when I remove file keypair.json
6 when I run obnam-server --config server-config.yaml init
7 when I try to run obnam-server --config server-config.yaml validate --file token.txt
8 then command fails

3.3 Validates token via HTTP API

Want: Obnam user can validate their API token with the /validate endpoint.

Why: This helps them troubleshoot by making sure they have a valid token.

1 given an installed obnam
2 given file server-config.yaml
3 when I run obnam-server --config server-config.yaml init
4 when I run obnam-server --config server-config.yaml token --output token.txt --allow append