auth0 2.1.1 → 3.0.0

data/lib/auth0/api/v1/connections.rb

@@ -0,0 +1,51 @@
+module Auth0
+  module Api
+    module V1
+      # {https://auth0.com/docs/api#connections}
+      module Connections
+        # {https://auth0.com/docs/api#!#get--api-connections}
+        def connections
+          get("/api/connections")
+        end
+        alias :get_connections :connections
+
+        # {https://auth0.com/docs/api#!#get--api-connections--connection-name-}
+        def connection(connection_name)
+          path = "/api/connections/#{connection_name.to_s}"
+          get(path)
+        end
+        alias :get_connection :connection
+
+        # {https://auth0.com/docs/api#!#delete--api-connections--connection-name-}
+        def delete_connection(connection_name)
+          path = "/api/connections/#{connection_name.to_s}"
+          delete(path)
+        end
+
+        # {https://auth0.com/docs/api#!#post--api-connections}
+        def create_connection(connection_name, strategy, tenant_domain, domain_aliases=nil)
+          path = "/api/connections"
+          request_params = { name: connection_name,
+                           strategy: strategy,
+                           options: {
+                             tenant_domain: tenant_domain,
+                             domain_aliases: domain_aliases
+                           }
+                          }
+          post(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#put--api-connections--connection-name-}
+        def update_connection(connection_name, tenant_domain, status=true)
+          path = "/api/connections/#{connection_name}"
+          request_params = {  status: status,
+                            options: {
+                              tenant_domain: tenant_domain
+                            }
+                          }
+          put(path, request_params)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v1/logs.rb

@@ -0,0 +1,41 @@
+module Auth0
+  module Api
+    module V1
+      # {https://auth0.com/docs/api#logs}
+      module Logs
+        # {https://auth0.com/docs/api#!#get--api-logs-page--number--per_page--items--sort--field----1-1--fields--fields--exclude_fields-true-false-}
+        #
+        # {https://auth0.com/docs/api#!#get--api-logs-search--criteria-}
+        #
+        # {https://auth0.com/docs/api#!#get--api-logs-from--checkpointId--take--count-}
+        def logs(options={})
+          acceptable_params = %i(take from search_criteria page per_page sort fields exclude_fields)
+          options.reject! do |key,value|
+            if key.nil? ||\
+               value.nil? ||\
+               !acceptable_params.include?(key.to_sym)
+              warn "#{key} is not in acceptable params list: #{acceptable_params}"
+              true
+            end
+          end
+          path= "/api/logs?"+URI.encode_www_form(options)
+          get(path)
+        end
+
+        alias :search_logs :logs
+
+        # {https://auth0.com/docs/api#!#get--api-logs--_id-}
+        def log(id)
+          path = "/api/logs/#{id}"
+          get(path)
+        end
+
+        # {https://auth0.com/docs/api#!#get--api-users--user_id--logs-page--number--per_page--items-}
+        def user_logs(user_id, page=0, per_page=50)
+          path = "/api/users/#{user_id}/logs?page=#{page}&per_page=#{per_page}"
+          get(path)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v1/rules.rb

@@ -0,0 +1,44 @@
+module Auth0
+  module Api
+    module V1
+      # https://auth0.com/docs/api#rules
+      module Rules
+        # https://auth0.com/docs/api#!#get--api-rules
+        def rules
+          path = "/api/rules"
+          get(path)
+        end
+
+        alias :get_rules :rules
+
+        # https://auth0.com/docs/api#!#post--api-rules
+        def create_rule(name, script, order=nil,status=true)
+          path = "/api/rules"
+          request_params = { name: name,
+                           status: status,
+                           script: script,
+                           order: order
+                          }
+          post(path, request_params)
+        end
+
+        # https://auth0.com/docs/api#!#put--api-rules--rule-name-
+        def update_rule(name, script, order=nil,status=true)
+          path = "/api/rules/#{name}"
+          request_params = {
+                           status: status,
+                           script: script,
+                           order: order
+                          }
+          put(path, request_params)
+        end
+
+        # https://auth0.com/docs/api#!#delete--api-rules--rule-name-
+        def delete_rule(name)
+          path = "/api/rules/#{name}"
+          delete(path)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v1/users.rb

@@ -0,0 +1,163 @@
+module Auth0
+  module Api
+    module V1
+      # {https://auth0.com/docs/api#users}
+      module Users
+        # {https://auth0.com/docs/api#!#get--api-users}
+        #
+        # {https://auth0.com/docs/api#!#get--api-users-search--criteria-}
+        def users(search=nil)
+          path = "/api/users"
+          path += "?search=#{search.to_s}" unless search.to_s.empty?
+          get(path)
+        end
+
+        alias :users_search :users
+        alias :get_users :users
+
+        # {https://auth0.com/docs/api#!#get--api-users--user_id-}
+        def user(user_id)
+          path = "/api/users/#{user_id}"
+          get(path)
+        end
+
+        alias :get_user :user
+
+        # {https://auth0.com/docs/api#!#get--api-users--user_id--devices}
+        def user_devices(user_id)
+          path = "/api/users/#{user_id}/devices"
+          get(path)
+        end
+
+        # {https://auth0.com/docs/api#!#get--api-connections--connection--users}
+        # {https://auth0.com/docs/api#!#get--api-connections--connection--users-search--criteria-}
+        def connection_users(connection_name, search=nil)
+          path = "/api/connections/#{connection_name}/users"
+          path += "?search=#{search.to_s}" unless search.to_s.empty?
+          get(path)
+        end
+
+        alias :search_connection_users :connection_users
+
+        # {https://auth0.com/docs/api#!#get--api-enterpriseconnections-users-search--criteria-}
+        def enterpriseconnections_users(search_criteria=nil, per_page=500)
+          path = "/api/enterpriseconnections/users?search=#{search_criteria.to_s}&per_page=#{per_page.to_i.to_s}"
+          get(path)
+        end
+
+        # {https://auth0.com/docs/api#!#get--api-socialconnections-users-search--criteria-}
+        def socialconnections_users(search_criteria=nil, per_page=500)
+          path =  "/api/socialconnections/users?search=#{search_criteria.to_s}&per_page=#{per_page.to_i.to_s}"
+          get(path)
+        end
+
+        # {https://auth0.com/docs/api#!#get--api-clients--client-id--users}
+        def client_users(client_id=@client_id)
+          path = "/api/clients/#{client_id}/users"
+          get(path)
+        end
+
+        # {https://auth0.com/docs/api#!#post--api-users}
+        def create_user(email, password, connection_name, request_params={})
+          options = { email: email, password: password, connection: connection_name }
+          request_params.merge!(options)
+          path = "/api/users"
+          post(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#post--api-users--user_id--send_verification_email}
+        def send_verification_email(user_id)
+          path = "/api/users/#{user_id}/send_verification_email"
+          post(path)
+        end
+
+        # {https://auth0.com/docs/api#!#post--api-users--user_id--change_password_ticket}
+        def change_password_ticket(user_id, new_password, result_url=nil)
+          request_params = { "newPassword" => new_password, "resultUrl" => result_url }
+          path = "/api/users/#{user_id}/change_password_ticket"
+          post(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#post--api-users--user_id--verification_ticket}
+        def verification_ticket(user_id, result_url=nil)
+          request_params = {"resultUrl" => result_url}
+          path = "/api/users/#{user_id}/verification_ticket"
+          post(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#post--api-users--user_id--publickey}
+        def create_public_key(user_id, device, public_key)
+          path = "/api/users/#{user_id}/public_key"
+          request_params = { device: device, public_key: public_key }
+          post(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#put--api-users--user_id--email}
+        def update_user_email(user_id, email, verify=true)
+          path = "/api/users/#{user_id}/email"
+          request_params = { email: email, verify: verify }
+          put(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#put--api-users--user_id--metadata}
+        # This will overwrite user's metadata, be really carefull, preffer using patch instead
+        def update_user_metadata(user_id, metadata={})
+          path = "/api/users/#{user_id}/metadata"
+          put(path, metadata)
+        end
+
+        # {https://auth0.com/docs/api#!#put--api-users--user_id--password}
+        def update_user_password(user_id, password, verify=true)
+          path = "/api/users/#{user_id}/password"
+          request_params = { password: password, verify: verify }
+          put(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#put--api-users--email--password}
+        def update_user_password_using_email(email, password, connection_name, verify=true)
+          request_params = {
+            email:      email,
+            password:   password,
+            connection: connection_name,
+            verify:     verify
+          }
+          path = "/api/users/#{email}/password"
+          put(path, request_params)
+        end
+
+        # {https://auth0.com/docs/api#!#patch--api-users--user_id--metadata}
+        def patch_user_metadata(user_id, metadata={})
+          path = "/api/users/#{user_id}/metadata"
+          patch(path, metadata)
+        end
+
+        # {https://auth0.com/docs/api#!#delete--api-users}
+        #
+        # This will remove all your users
+        def delete_users
+          path = "/api/users/"
+          delete(path)
+        end
+
+        # {https://auth0.com/docs/api#!#delete--api-users--user_id-}
+        def delete_user(user_id)
+          raise Auth0::UserIdIsBlank, "if you want to remove all users user delete_users method" if user_id.to_s.empty?
+          path = "/api/users/#{user_id}"
+          delete(path)
+        end
+
+        # {https://auth0.com/docs/api#!#delete--api-users--user_id--refresh_tokens--refresh_token-}
+        def revoke_user_refresh_token(user_id, refresh_token)
+          path = "/api/users/#{user_id}/refresh_tokens/#{refresh_token}"
+          delete(path)
+        end
+
+        # {https://auth0.com/docs/api#!#delete--api-users--user_id--publickey-device--device-}
+        def revoke_user_device_public_key(user_id, device)
+          path = "/api/users/#{user_id}/publickey?device=#{device}"
+          delete(path)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v1.rb

@@ -0,0 +1,19 @@
+require "auth0/api/v1/users"
+require "auth0/api/v1/clients"
+require "auth0/api/v1/connections"
+require "auth0/api/v1/rules"
+require "auth0/api/v1/logs"
+module Auth0
+  # Space for all API calls
+  module Api
+    # {https://auth0.com/docs/api}
+    # Describing current functionality of Auth0 API V1
+    module V1
+      include Auth0::Api::V1::Users
+      include Auth0::Api::V1::Connections
+      include Auth0::Api::V1::Clients
+      include Auth0::Api::V1::Rules
+      include Auth0::Api::V1::Logs
+    end
+  end
+end

data/lib/auth0/api/v2/blacklists.rb

@@ -0,0 +1,24 @@
+module Auth0
+  module Api
+    module V2
+      # https://auth0.com/docs/apiv2#!/blacklists
+      module Blacklists
+        # https://auth0.com/docs/apiv2#!/blacklists/get_tokens
+        def blacklisted_tokens
+          path = "/api/v2/blacklists/tokens"
+          get(path)
+        end
+
+        # https://auth0.com/docs/apiv2#!/blacklists/post_tokens
+        def add_token_to_blacklist(jti, aud=nil)
+          request_params = {
+            jti: jti,
+            aud: aud
+          }
+          path = "/api/v2/blacklists/tokens"
+          post(path, request_params)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/clients.rb

@@ -0,0 +1,41 @@
+module Auth0
+  module Api
+    module V2
+      #https://auth0.com/docs/apiv2#!/clients
+      module Clients
+        #https://auth0.com/docs/apiv2#!/clients/get_clients
+        def clients(options={})
+          path = "/api/v2/clients"
+          get(path, options)
+        end
+        alias :get_clients :clients
+
+        #https://auth0.com/docs/apiv2#!/clients/post_clients
+        def create_client(name, options={})
+          request_params = Hash[options.map{|(k,v)| [k.to_sym,v]}]
+          request_params[:name] = name
+          path = "/api/v2/clients"
+          post(path, request_params)
+        end
+
+        #https://auth0.com/docs/apiv2#!/clients/get_clients_by_id
+        def client(client_id, options={})
+          path = "/api/v2/clients/" + client_id.to_s
+          get(path, options)
+        end
+
+        #https://auth0.com/docs/apiv2#!/clients/delete_clients_by_id
+        def delete_client(client_id)
+          path = "/api/v2/clients/" + client_id.to_s
+          delete(path)
+        end
+
+        #https://auth0.com/docs/apiv2#!/clients/patch_clients_by_id
+        def patch_client(client_id, options)
+          path = "/api/v2/clients/" + client_id.to_s
+          patch(path, options)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/jobs.rb

@@ -0,0 +1,20 @@
+module Auth0
+  module Api
+    module V2
+      # https://auth0.com/docs/apiv2#!/jobs
+      module Jobs
+        #https://auth0.com/docs/apiv2#!/jobs/get_jobs_by_job_id
+        def get_job(job_id)
+          path = "/api/v2/jobs/#{job_id}"
+          get(path)
+        end
+
+        # HTTParty doesn't support multipart upload, will move this functionality to a separate PR
+        # https://auth0.com/docs/apiv2#!/jobs/post_users_imports
+        def create_job(users_file, connection_name)
+          raise NotImplementedError
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/stats.rb

@@ -0,0 +1,24 @@
+module Auth0
+  module Api
+    module V2
+      # https://auth0.com/docs/apiv2#!/stats
+      module Stats
+        #https://auth0.com/docs/apiv2#!/stats/get_active_users
+        def active_users
+          path = "/api/v2/stats/active-users"
+          get(path)
+        end
+
+        #https://auth0.com/docs/apiv2#!/stats/get_daily
+        def daily_stats(from, to)
+          path = "/api/v2/stats/daily"
+          request_params = {
+            from: from,
+            to: to
+          }
+          get(path, request_params)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/users.rb

@@ -0,0 +1,67 @@
+module Auth0
+  module Api
+    module V2
+      #https://auth0.com/docs/apiv2#!/users
+      module Users
+        #https://auth0.com/docs/apiv2#!/users/get_users
+        def users( per_page: nil, page: nil, include_totals: nil, sort: nil, connection: nil, fields: nil, exclude_fields: nil, q: nil )
+          request_params = {  per_page:       per_page,
+                              page:           page,
+                              include_totals: include_totals,
+                              sort:           sort,
+                              connection:     connection,
+                              fields:         fields,
+                              exclude_fields: exclude_fields,
+                              q:              q
+                            }
+          path = "/api/v2/users"
+          get(path, request_params)
+        end
+        alias :get_users :users
+
+        #https://auth0.com/docs/apiv2#!/users/post_users
+        def create_user(name, options={})
+          path = "/api/v2/users"
+          request_params = Hash[options.map{|(k,v)| [k.to_sym,v]}]
+          request_params[:name] = name
+          post(path, request_params)
+        end
+
+        #https://auth0.com/docs/apiv2#!/users/delete_users
+        def delete_users
+          path = "/api/v2/users"
+          delete(path)
+        end
+
+        #https://auth0.com/docs/apiv2#!/users/get_users_by_id
+        def user(user_id, fields: nil, exclude_fields: nil)
+          path = "/api/v2/users/" + user_id.to_s
+          request_params = {  fields:         fields,
+                              exclude_fields: exclude_fields
+                            }
+          get(path, request_params)
+        end
+
+        #https://auth0.com/docs/apiv2#!/users/delete_users_by_id
+        def delete_user(user_id)
+          raise Auth0::UserIdIsBlank, "if you want to remove all users user delete_users method" if user_id.to_s.empty?
+          path = "/api/v2/users/" + user_id.to_s
+          delete(path)
+        end
+
+
+        #https://auth0.com/docs/apiv2#!/users/patch_users_by_id
+        def patch_user(user_id, options)
+          path = "/api/v2/users/" + user_id
+          patch(path, options)
+        end
+
+        #https://auth0.com/docs/apiv2#!/users/delete_multifactor_by_provider
+        def delete_user_provider(user_id, provider_name)
+          path = "/api/v2/users/#{user_id}/multifactor/#{provider_name}"
+          delete(path)
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2.rb

@@ -0,0 +1,17 @@
+require "auth0/api/v2/clients"
+require "auth0/api/v2/users"
+require "auth0/api/v2/blacklists"
+require "auth0/api/v2/jobs"
+require "auth0/api/v2/stats"
+module Auth0
+  module Api
+    # https://auth0.com/docs/apiv2
+    module V2
+      include Auth0::Api::V2::Clients
+      include Auth0::Api::V2::Users
+      include Auth0::Api::V2::Blacklists
+      include Auth0::Api::V2::Jobs
+      include Auth0::Api::V2::Stats
+    end
+  end
+end

data/lib/auth0/client.rb

@@ -1,50 +1,7 @@
-require 'httparty'
-
-class Auth0Client
+# Main class
+# All Api calls are suposed to return hashes, but delete actions return strings.
+class Auth0::Client
+  include Auth0::Mixins
   include HTTParty
-  base_uri 'login.auth0.com'
-
-  def initialize(options)
-    self.class.base_uri "https://#{options[:namespace]}"
-
-    token_reponse = self.class.post("/oauth/token", {
-      body: {
-        'client_id'     => options[:client_id],
-        'client_secret' => options[:client_secret],
-        'grant_type'    => 'client_credentials'
-      }
-    })
-
-    unless token_reponse.code == 200
-      raise "Error geting the token: #{token_reponse.body}"
-    end
-
-    @token = token_reponse["access_token"]
-    @headers = {
-      "Authorization" => "Bearer #{@token}"
-    }
-  end
-
-  def get_connections
-    response = self.class.get("/api/connections", { headers: @headers })
-    response.body
-  end
-
-  def delete_user(id)
-    response = self.class.delete("/api/users/#{id}", { headers: @headers })
-    response.body
-  end
-
-  def delegation(options)
-    response = self.class.post("/delegation", {
-                body: {
-                  client_id: options[:client_id],
-                  grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
-                  id_token: options[:id_token],
-                  target: options[:target],
-                  scope: "open_id"
-                }
-              })
-    response.body
-  end
+  base_uri "http://auth0.com"
 end

data/lib/auth0/exception.rb

@@ -0,0 +1,22 @@
+module Auth0
+  # Default exception in namespace of Auth0
+  # if you want to catch all exceptions, then you should use this one.
+  # Network exceptions are not included
+  class Exception     < StandardError;    end
+end
+# exception for unauthorized requests, if you see it, probably Bearer Token is not set correctly
+class Auth0::Unauthorized  < Auth0::Exception; end
+# exception for not found resource, you query for an unexistent resource, or wrong path
+class Auth0::NotFound      < Auth0::Exception; end
+# exception for unknown error
+class Auth0::Unsupported   < Auth0::Exception; end
+# exception for server error
+class Auth0::ServerError   < Auth0::Exception; end
+# exception for incorrect request, you've sent wrong params
+class Auth0::BadRequest    < Auth0::Exception; end
+# exception for unset user_id, this might cause removal of all users, or other unexpected bahaviour
+class Auth0::UserIdIsBlank < Auth0::Exception; end
+# Api v2 access denied
+class Auth0::AccessDenied  < Auth0::Exception; end
+# Invalid parameter passed, e.g. empty where ID is required
+class Auth0::InvalidParameter < Auth0::Exception; end

data/lib/auth0/mixins/httparty_proxy.rb

@@ -0,0 +1,35 @@
+module Auth0
+  module Mixins
+    # here's the proxy for HTTParty, we're building all request on that gem for now, if you want to feel free to use your own http client
+    module HTTPartyProxy
+      # proxying requests from instance methods to HTTParty class methods
+      %i(get post put patch delete).each do |method|
+        define_method(method) do |path, body={}|
+          safe_path = URI.escape(path)
+          body = body.delete_if {|k,v| v.nil? }
+          if method == :get
+            result = self.class.send(method, safe_path, query: body)
+          else
+            result = self.class.send(method, safe_path, body: body.to_json)
+          end
+          response_body =
+            begin
+              JSON.parse(result.body.to_s)
+            rescue JSON::ParserError
+              result.body
+            end
+          case result.code
+          when 200...226 then response_body
+          when 400 then raise Auth0::BadRequest, response_body
+          when 401 then raise Auth0::Unauthorized, response_body
+          when 403 then raise Auth0::AccessDenied, response_body
+          when 404 then raise Auth0::NotFound, response_body
+          when 500 then raise Auth0::ServerError, response_body
+          else
+            raise Auth0::Unsupported, response_body
+          end
+        end
+      end
+    end
+  end
+end

data/lib/auth0/mixins/initializer.rb

@@ -0,0 +1,34 @@
+module Auth0
+  module Mixins
+    # Help class where Auth0::Client initialization described
+    module Initializer
+      # Default initialization mechanism, moved here to keep Auth0::Client clear
+      # accepts hash as parameter
+      # you can get all required fields from here: https://auth0.com/docs/auth-api
+      #
+      # To run using api v2, pass protocols: "v2" when creating a client
+      def initialize(config)
+        options = Hash[config.map{|(k,v)| [k.to_sym,v]}]
+        self.class.base_uri "https://#{options[:namespace]}"
+        self.class.headers "Content-Type"  => 'application/json'
+        if options[:protocols].to_s.include?("v2")
+          self.extend Auth0::Api::V2
+          @token = options[:access_token]
+        else
+          self.extend Auth0::Api::V1
+          self.extend Auth0::Api::AuthenticationEndpoints
+          @client_id      = options[:client_id]
+          @client_secret  = options[:client_secret]
+          @token          = obtain_access_token
+        end
+        self.class.headers "Authorization" => "Bearer #{options[:access_token]}"
+      end
+
+      # including initializer in top of klass
+      def self.included(klass)
+        klass.send :prepend, Initializer
+      end
+
+    end
+  end
+end