auth0 3.6.1 → 4.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +4 -0
- data/.rubocop.yml +7 -0
- data/.rubocop_todo.yml +7 -0
- data/.travis.yml +12 -7
- data/CHANGELOG.md +10 -0
- data/Gemfile +4 -2
- data/Guardfile +13 -10
- data/LICENSE +2 -2
- data/README.md +9 -11
- data/Rakefile +33 -7
- data/auth0.gemspec +12 -12
- data/deploy_documentation.sh +29 -0
- data/doc_config/templates/default/fulldoc/html/css/full_list.css +79 -0
- data/doc_config/templates/default/fulldoc/html/css/style.css +546 -0
- data/doc_config/templates/default/layout/html/breadcrumb.erb +11 -0
- data/doc_config/templates/default/layout/html/footer.erb +115 -0
- data/doc_config/templates/default/layout/html/headers.erb +17 -0
- data/doc_config/templates/default/layout/html/layout.erb +27 -0
- data/lib/auth0.rb +5 -5
- data/lib/auth0/api/authentication_endpoints.rb +264 -46
- data/lib/auth0/api/v1.rb +5 -5
- data/lib/auth0/api/v1/clients.rb +7 -7
- data/lib/auth0/api/v1/connections.rb +9 -10
- data/lib/auth0/api/v1/logs.rb +9 -16
- data/lib/auth0/api/v1/rules.rb +5 -5
- data/lib/auth0/api/v1/users.rb +28 -27
- data/lib/auth0/api/v2.rb +17 -9
- data/lib/auth0/api/v2/blacklists.rb +30 -9
- data/lib/auth0/api/v2/clients.rb +60 -19
- data/lib/auth0/api/v2/connections.rb +63 -10
- data/lib/auth0/api/v2/emails.rb +58 -0
- data/lib/auth0/api/v2/jobs.rb +44 -7
- data/lib/auth0/api/v2/rules.rb +104 -0
- data/lib/auth0/api/v2/stats.rb +22 -5
- data/lib/auth0/api/v2/tenants.rb +39 -0
- data/lib/auth0/api/v2/tickets.rb +58 -0
- data/lib/auth0/api/v2/users.rb +128 -39
- data/lib/auth0/client.rb +8 -6
- data/lib/auth0/exception.rb +29 -23
- data/lib/auth0/mixins.rb +12 -10
- data/lib/auth0/mixins/httparty_proxy.rb +13 -10
- data/lib/auth0/mixins/initializer.rb +25 -27
- data/lib/auth0/version.rb +2 -2
- data/spec/integration/lib/auth0/api/v1/api_clients_spec.rb +2 -4
- data/spec/integration/lib/auth0/api/v1/api_users_spec.rb +25 -32
- data/spec/integration/lib/auth0/api/v2/api_blacklist_spec.rb +14 -0
- data/spec/integration/lib/auth0/api/v2/api_clients_spec.rb +61 -6
- data/spec/integration/lib/auth0/api/v2/api_connections_spec.rb +68 -42
- data/spec/integration/lib/auth0/api/v2/api_email_spec.rb +71 -0
- data/spec/integration/lib/auth0/api/v2/api_jobs_spec.rb +69 -0
- data/spec/integration/lib/auth0/api/v2/api_rules_spec.rb +83 -0
- data/spec/integration/lib/auth0/api/v2/api_stats_spec.rb +16 -0
- data/spec/integration/lib/auth0/api/v2/api_tenants_spec.rb +37 -0
- data/spec/integration/lib/auth0/api/v2/api_tickets_spec.rb +33 -0
- data/spec/integration/lib/auth0/api/v2/api_users_spec.rb +88 -36
- data/spec/integration/lib/auth0/auth0_client_spec.rb +43 -35
- data/spec/lib/auth0/api/authentication_endpoints_spec.rb +253 -47
- data/spec/lib/auth0/api/v1/clients_spec.rb +37 -38
- data/spec/lib/auth0/api/v1/connections_spec.rb +44 -38
- data/spec/lib/auth0/api/v1/logs_spec.rb +24 -24
- data/spec/lib/auth0/api/v1/rules_spec.rb +23 -22
- data/spec/lib/auth0/api/v1/users_spec.rb +153 -130
- data/spec/lib/auth0/api/v2/blacklists_spec.rb +12 -11
- data/spec/lib/auth0/api/v2/clients_spec.rb +38 -33
- data/spec/lib/auth0/api/v2/connections_spec.rb +59 -34
- data/spec/lib/auth0/api/v2/emails_spec.rb +47 -0
- data/spec/lib/auth0/api/v2/jobs_spec.rb +24 -10
- data/spec/lib/auth0/api/v2/rules_spec.rb +69 -0
- data/spec/lib/auth0/api/v2/stats_spec.rb +11 -11
- data/spec/lib/auth0/api/v2/tenants_spec.rb +25 -0
- data/spec/lib/auth0/api/v2/tickets_spec.rb +31 -0
- data/spec/lib/auth0/api/v2/users_spec.rb +101 -39
- data/spec/lib/auth0/client_spec.rb +46 -58
- data/spec/lib/auth0/mixins/httparty_proxy_spec.rb +98 -69
- data/spec/lib/auth0/mixins/initializer_spec.rb +2 -2
- data/spec/spec_helper.rb +2 -2
- data/spec/spec_helper_full.rb +16 -15
- data/spec/spec_helper_unit.rb +5 -5
- data/spec/support/credentials.rb +9 -3
- data/spec/support/dummy_class.rb +7 -1
- data/spec/support/dummy_class_for_proxy.rb +2 -2
- data/spec/support/import_users.json +13 -0
- data/spec/support/stub_response.rb +1 -2
- metadata +78 -41
@@ -0,0 +1,11 @@
|
|
1
|
+
<div id="menu">
|
2
|
+
<% if @contents || @file %>
|
3
|
+
<% if object != '_index.html' %><a href="<%= url_for_index.gsub! '_index.html', 'index.html' %>">Index</a> » <% end %>
|
4
|
+
<span class="title"><%= @breadcrumb_title %></span>
|
5
|
+
<% elsif object.is_a?(CodeObjects::Base) %>
|
6
|
+
<a href="<%= url_for_index.gsub! '_index.html', 'index.html' %>"><% if object.root? || object.type == :method %>Index<% else %>Index (<%= object.name.to_s[0,1] %>)<% end %></a> »
|
7
|
+
<%= @breadcrumb.map {|obj| "<span class='title'>" + linkify(obj, obj.name) + "</span>" }.join(" » ") %>
|
8
|
+
<%= @breadcrumb.size > 0 ? " » " : "" %>
|
9
|
+
<span class="title"><%= object.root? ? "Top Level Namespace" : object.name(true) %></span>
|
10
|
+
<% end %>
|
11
|
+
</div>
|
@@ -0,0 +1,115 @@
|
|
1
|
+
<footer class="site-footer">
|
2
|
+
<div class="container">
|
3
|
+
<div class="logo">
|
4
|
+
<img src="https://cdn.auth0.com/styleguide/1.0.0/img/badge.png" width="30">
|
5
|
+
</div>
|
6
|
+
<div class="footer-grid">
|
7
|
+
<div class="column">
|
8
|
+
<div class="item">
|
9
|
+
<h6>Product</h6>
|
10
|
+
</div>
|
11
|
+
<div class="item">
|
12
|
+
<a href="https://auth0.com/pricing">Pricing</a>
|
13
|
+
</div>
|
14
|
+
<div class="item">
|
15
|
+
<a href="https://auth0.com/why-auth0">Why Auth0</a>
|
16
|
+
</div>
|
17
|
+
<div class="item">
|
18
|
+
<a href="https://auth0.com/how-it-works">How It Works</a>
|
19
|
+
</div>
|
20
|
+
</div>
|
21
|
+
<div class="column">
|
22
|
+
<div class="item">
|
23
|
+
<h6>Company</h6>
|
24
|
+
</div>
|
25
|
+
<div class="item">
|
26
|
+
<a href="https://auth0.com/about">About Us</a>
|
27
|
+
</div>
|
28
|
+
<div class="item">
|
29
|
+
<a href="https://auth0.com/blog">Blog</a>
|
30
|
+
</div>
|
31
|
+
<div class="item">
|
32
|
+
<a href="https://auth0.com/jobs">Jobs</a>
|
33
|
+
</div>
|
34
|
+
</div>
|
35
|
+
<div class="column">
|
36
|
+
<div class="item"><h6>Security</h6></div>
|
37
|
+
<div class="item">
|
38
|
+
<a href="https://auth0.com/availability-trust">Availability & Trust</a>
|
39
|
+
</div>
|
40
|
+
<div class="item">
|
41
|
+
<a href="https://auth0.com/security">Security</a>
|
42
|
+
</div>
|
43
|
+
<div class="item">
|
44
|
+
<a href="https://auth0.com/whitehat">White Hat</a>
|
45
|
+
</div>
|
46
|
+
</div>
|
47
|
+
<div class="column">
|
48
|
+
<div class="item">
|
49
|
+
<h6>Learn</h6>
|
50
|
+
</div>
|
51
|
+
<div class="item">
|
52
|
+
<a href="https://auth0.com/support">Help & Support</a>
|
53
|
+
</div>
|
54
|
+
<div class="item">
|
55
|
+
<a href="https://auth0.com/docs">Documentation</a>
|
56
|
+
</div>
|
57
|
+
<div class="item">
|
58
|
+
<a href="https://auth0.com/opensource">Open Source</a>
|
59
|
+
</div>
|
60
|
+
</div>
|
61
|
+
<div class="column">
|
62
|
+
<div class="item">
|
63
|
+
<h6>Extend</h6>
|
64
|
+
</div>
|
65
|
+
<div class="item">
|
66
|
+
<a href="https://auth0.com/lock">Lock</a>
|
67
|
+
</div>
|
68
|
+
<div class="item">
|
69
|
+
<a href="https://auth0.com/wordpress">WordPress</a>
|
70
|
+
</div>
|
71
|
+
<div class="item">
|
72
|
+
<a href="https://auth0.com/docs/apiv2">API Explorer</a>
|
73
|
+
</div>
|
74
|
+
</div>
|
75
|
+
<div class="contact">
|
76
|
+
<div class="column">
|
77
|
+
<div class="item">
|
78
|
+
<h6>Contact</h6>
|
79
|
+
</div>
|
80
|
+
<div class="item">
|
81
|
+
<a href="mailto:support@auth0.com">Email Us</a>
|
82
|
+
</div>
|
83
|
+
<div class="item item-text">10777 Main Street<br>Suite 204<br>Bellevue, WA 98004</div>
|
84
|
+
</div>
|
85
|
+
<div class="column no-heading">
|
86
|
+
<div class="item item-phone-label">Sales</div>
|
87
|
+
<div class="item"><a href="tel:+18882352699">+1 (888) 235-2699</a>
|
88
|
+
<a href="tel:+14253126521">+1 (425) 312-6521</a>
|
89
|
+
</div>
|
90
|
+
<div class="item item-phone-label">Support</div>
|
91
|
+
<div class="item"><a href="tel:+14255599554">+1 (425) 559-9554</a></div>
|
92
|
+
</div>
|
93
|
+
</div>
|
94
|
+
</div>
|
95
|
+
<div class="colophon">
|
96
|
+
<div class="column">
|
97
|
+
<div class="social">
|
98
|
+
<div class="twitter">
|
99
|
+
<iframe allowtransparency="true" frameborder="0" scrolling="no" src="https://platform.twitter.com/widgets/follow_button.html?screen_name=auth0" class="twitter"></iframe>
|
100
|
+
</div>
|
101
|
+
<div class="facebook">
|
102
|
+
<iframe src="http://www.facebook.com/plugins/like.php?href=https%3A%2F%2Ffacebook.com%2Fgetauth0&width&layout=button_count&action=like&show_faces=false&show_count=false&share=false&height=21&appId=507756515938786" scrolling="no" frameborder="0" allowtransparency="true" class="facebook"></iframe>
|
103
|
+
</div>
|
104
|
+
</div>
|
105
|
+
</div>
|
106
|
+
<div class="column">
|
107
|
+
<ul class="list-inline text-right">
|
108
|
+
<li><a href="https://auth0.com/privacy">Privacy Policy</a></li>
|
109
|
+
<li><a href="https://auth0.com/terms">Terms of Service</a></li>
|
110
|
+
<li><span>© 2013-2016 Auth0 Inc. All Rights Reserved.</span></li>
|
111
|
+
</ul>
|
112
|
+
</div>
|
113
|
+
</div>
|
114
|
+
</div>
|
115
|
+
</footer>
|
@@ -0,0 +1,17 @@
|
|
1
|
+
<meta http-equiv="Content-Type" content="text/html; charset=<%= charset %>" />
|
2
|
+
<title>
|
3
|
+
<%= h @page_title %>
|
4
|
+
<% if options.title && @page_title != options.title %>
|
5
|
+
— <%= h options.title %>
|
6
|
+
<% end %>
|
7
|
+
</title>
|
8
|
+
<link href="https://cdn.auth0.com/styleguide/latest/index.css" rel="stylesheet" />
|
9
|
+
<link href="https://cdn.auth0.com/web-header/latest/standalone.css" rel="stylesheet"/>
|
10
|
+
<script type="text/javascript" src="https://cdn.auth0.com/web-header/latest/standalone.min.js"></script>
|
11
|
+
<% stylesheets.each do |stylesheet| %>
|
12
|
+
<link rel="stylesheet" href="<%= url_for(stylesheet) %>" type="text/css" charset="utf-8" />
|
13
|
+
<% end %>
|
14
|
+
<%= erb :script_setup %>
|
15
|
+
<% javascripts.each do |javascript| %>
|
16
|
+
<script type="text/javascript" charset="utf-8" src="<%= url_for(javascript) %>"></script>
|
17
|
+
<% end %>
|
@@ -0,0 +1,27 @@
|
|
1
|
+
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
2
|
+
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
3
|
+
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
|
4
|
+
<head>
|
5
|
+
<%= erb(:headers) %>
|
6
|
+
</head>
|
7
|
+
<body>
|
8
|
+
<header class="site-header clearfix"></header>
|
9
|
+
<script type="text/javascript">(function() {
|
10
|
+
var header = new WebHeader({ base_url: 'https://auth0.com' });
|
11
|
+
header.render('header.site-header');
|
12
|
+
})();
|
13
|
+
</script>
|
14
|
+
|
15
|
+
<div id="header">
|
16
|
+
<%= erb(:breadcrumb) %>
|
17
|
+
<%= erb(:search) %>
|
18
|
+
<div class="clear"></div>
|
19
|
+
</div>
|
20
|
+
|
21
|
+
<iframe id="search_frame"></iframe>
|
22
|
+
|
23
|
+
<div id="content"><%= yieldall %></div>
|
24
|
+
|
25
|
+
<%= erb(:footer) %>
|
26
|
+
</body>
|
27
|
+
</html>
|
data/lib/auth0.rb
CHANGED
@@ -1,8 +1,8 @@
|
|
1
|
-
require
|
2
|
-
require
|
3
|
-
require
|
4
|
-
require
|
5
|
-
require
|
1
|
+
require 'auth0/version'
|
2
|
+
require 'auth0/mixins'
|
3
|
+
require 'auth0/exception'
|
4
|
+
require 'auth0/client'
|
5
|
+
require 'auth0_client'
|
6
6
|
# Namespace for ruby-auth0 logic
|
7
7
|
module Auth0
|
8
8
|
end
|
@@ -1,88 +1,306 @@
|
|
1
|
+
# rubocop:disable Metrics/ModuleLength
|
1
2
|
module Auth0
|
2
3
|
module Api
|
3
4
|
# {https://auth0.com/docs/auth-api}
|
4
|
-
#
|
5
|
+
# Methods to use the authentication endpoints
|
5
6
|
module AuthenticationEndpoints
|
6
|
-
|
7
|
-
|
7
|
+
UP_AUTH = 'Username-Password-Authentication'
|
8
|
+
JWT_BEARER = 'urn:ietf:params:oauth:grant-type:jwt-bearer'
|
9
|
+
|
10
|
+
# Retrives an access token
|
11
|
+
# @see https://auth0.com/docs/auth-api#!#post--oauth-access_token
|
12
|
+
# @param access_token [string] Social provider's access_token
|
13
|
+
# @param connection [string] Currently, this endpoint only works for Facebook, Google, Twitter and Weibo
|
14
|
+
# @return [json] Returns the access token
|
15
|
+
def obtain_access_token(access_token = nil, connection = 'facebook', scope = 'openid')
|
16
|
+
if access_token
|
17
|
+
request_params = { client_id: @client_id, access_token: access_token, connection: connection, scope: scope }
|
18
|
+
post('/oauth/access_token', request_params)['access_token']
|
19
|
+
else
|
20
|
+
request_params = { client_id: @client_id, client_secret: @client_secret, grant_type: 'client_credentials' }
|
21
|
+
post('/oauth/token', request_params)['access_token']
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
# Logins using username/password
|
26
|
+
# @see https://auth0.com/docs/auth-api#!#post--oauth-ro
|
27
|
+
# @param username [string] Username
|
28
|
+
# @param password [string] User's password
|
29
|
+
# @param scope [string] Defaults to openid. Can be 'openid name email', 'openid offline_access'
|
30
|
+
# @param id_token [string] Token's id
|
31
|
+
# @param connection_name [string] Connection name. Works for database connections, passwordless connections,
|
32
|
+
# Active Directory/LDAP, Windows Azure AD and ADF
|
33
|
+
# @return [json] Returns the access token and id token
|
34
|
+
def login(username, password, id_token = nil, connection_name = UP_AUTH, options = {})
|
35
|
+
fail Auth0::InvalidParameter, 'Must supply a valid username' if username.to_s.empty?
|
36
|
+
fail Auth0::InvalidParameter, 'Must supply a valid password' if password.to_s.empty?
|
8
37
|
request_params = {
|
9
|
-
client_id:
|
10
|
-
|
11
|
-
|
38
|
+
client_id: @client_id,
|
39
|
+
username: username,
|
40
|
+
password: password,
|
41
|
+
scope: options.fetch(:scope, 'openid'),
|
42
|
+
connection: connection_name,
|
43
|
+
grant_type: options.fetch(:grant_type, password),
|
44
|
+
id_token: id_token,
|
45
|
+
device: options.fetch(:device, nil)
|
46
|
+
}
|
47
|
+
post('/oauth/ro', request_params)
|
48
|
+
end
|
49
|
+
|
50
|
+
# Signup using username/password
|
51
|
+
# @see https://auth0.com/docs/auth-api#!#post--dbconnections-signup
|
52
|
+
# @param email [string] User email
|
53
|
+
# @param password [string] User's password
|
54
|
+
# @param connection_name [string] Connection name. Works for database connections.
|
55
|
+
# @return [json] Returns the created user
|
56
|
+
def signup(email, password, connection_name = UP_AUTH)
|
57
|
+
fail Auth0::InvalidParameter, 'Must supply a valid email' if email.to_s.empty?
|
58
|
+
fail Auth0::InvalidParameter, 'Must supply a valid password' if password.to_s.empty?
|
59
|
+
request_params = {
|
60
|
+
client_id: @client_id,
|
61
|
+
email: email,
|
62
|
+
connection: connection_name,
|
63
|
+
password: password
|
12
64
|
}
|
13
|
-
post(
|
65
|
+
post('/dbconnections/signup', request_params)
|
14
66
|
end
|
15
67
|
|
16
|
-
#
|
17
|
-
|
68
|
+
# Asks to change a password for a given user.
|
69
|
+
# Send an email to the user.
|
70
|
+
# @see https://auth0.com/docs/auth-api#!#post--dbconnections-change_password
|
71
|
+
# @param email [string] User email
|
72
|
+
# @param password [string] User's new password
|
73
|
+
# @param connection_name [string] Connection name. Works for database connections.
|
74
|
+
def change_password(email, password, connection_name = UP_AUTH)
|
75
|
+
fail Auth0::InvalidParameter, 'Must supply a valid email' if email.to_s.empty?
|
18
76
|
request_params = {
|
19
77
|
client_id: @client_id,
|
20
|
-
|
78
|
+
email: email,
|
79
|
+
connection: connection_name,
|
80
|
+
password: password
|
81
|
+
}
|
82
|
+
post('/dbconnections/change_password', request_params)
|
83
|
+
end
|
84
|
+
|
85
|
+
# Start passwordless workflow sending an email
|
86
|
+
# @see https://auth0.com/docs/auth-api#!#post--with_email
|
87
|
+
# @param email [string] User email
|
88
|
+
# @param send [string] Defaults to 'link'. Can be 'code'. You can then authenticate with this user opening the link
|
89
|
+
# @param auth_params [hash] Append/override parameters to the link (like scope, redirect_uri, protocol, etc.)
|
90
|
+
def start_passwordless_email_flow(email, send = 'link', auth_params = {})
|
91
|
+
fail Auth0::InvalidParameter, 'Must supply a valid email' if email.to_s.empty?
|
92
|
+
request_params = {
|
93
|
+
client_id: @client_id,
|
94
|
+
email: email,
|
95
|
+
send: send,
|
96
|
+
auth_params: auth_params
|
97
|
+
}
|
98
|
+
post('/passwordless/start', request_params)
|
99
|
+
end
|
100
|
+
|
101
|
+
# Start passwordless workflow sending a SMS message
|
102
|
+
# @see https://auth0.com/docs/auth-api#!#post--with_sms
|
103
|
+
# @param phone_number [string] User's phone number.
|
104
|
+
def start_passwordless_sms_flow(phone_number)
|
105
|
+
fail Auth0::InvalidParameter, 'Must supply a valid phone number' if phone_number.to_s.empty?
|
106
|
+
request_params = {
|
107
|
+
client_id: @client_id,
|
108
|
+
connection: 'sms',
|
109
|
+
phone_number: phone_number
|
110
|
+
}
|
111
|
+
post('/passwordless/start', request_params)
|
112
|
+
end
|
113
|
+
|
114
|
+
# Logins using phone number/verification code.
|
115
|
+
# @see https://auth0.com/docs/auth-api#!#post--ro_with_sms
|
116
|
+
# @param phone_number [string] User's phone number.
|
117
|
+
# @param code [string] Verification code.
|
118
|
+
# @return [json] Returns the access token and id token
|
119
|
+
def phone_login(phone_number, code, scope = 'openid')
|
120
|
+
fail Auth0::InvalidParameter, 'Must supply a valid phone number' if phone_number.to_s.empty?
|
121
|
+
fail Auth0::InvalidParameter, 'Must supply a valid code' if code.to_s.empty?
|
122
|
+
request_params = {
|
123
|
+
client_id: @client_id,
|
124
|
+
username: phone_number,
|
125
|
+
password: code,
|
126
|
+
scope: scope,
|
127
|
+
connection: 'sms',
|
128
|
+
grant_type: 'password'
|
129
|
+
}
|
130
|
+
post('/oauth/ro', request_params)
|
131
|
+
end
|
132
|
+
|
133
|
+
# Retrives the SAML 2.0 metadata
|
134
|
+
# @see https://auth0.com/docs/auth-api#!#get--samlp--client_id-
|
135
|
+
# @param client_id [string] Client id
|
136
|
+
# @return [xml] SAML 2.0 metadata
|
137
|
+
def saml_metadata(client_id)
|
138
|
+
fail Auth0::InvalidParameter, 'Must supply a valid client_id' if client_id.to_s.empty?
|
139
|
+
get("/samlp/metadata/#{client_id}")
|
140
|
+
end
|
141
|
+
|
142
|
+
# Retrives the WS-Federation metadata
|
143
|
+
# @see https://auth0.com/docs/auth-api#!#get--wsfed--client_id-
|
144
|
+
# @return [xml] Federation Metadata
|
145
|
+
def wsfed_metadata
|
146
|
+
get('/wsfed/FederationMetadata/2007-06/FederationMetadata.xml')
|
147
|
+
end
|
148
|
+
|
149
|
+
# Validates a JSON Web Token (signature and expiration)
|
150
|
+
# @see https://auth0.com/docs/auth-api#!#post--tokeninfo
|
151
|
+
# @param id_token [string] Token's id.
|
152
|
+
# @return User information associated with the user id (sub property) of the token.
|
153
|
+
def token_info(id_token)
|
154
|
+
fail Auth0::InvalidParameter, 'Must supply a valid id_token' if id_token.to_s.empty?
|
155
|
+
request_params = { id_token: id_token }
|
156
|
+
post('/tokeninfo', request_params)
|
157
|
+
end
|
158
|
+
|
159
|
+
# Refreshes a delegation token
|
160
|
+
# @see https://auth0.com/docs/auth-api#!#post--delegation
|
161
|
+
# @param refresh_token [string] Token to refresh
|
162
|
+
# @param target [string] Target to sign the new token.
|
163
|
+
# @param scope [string] Defaults to openid. Can be 'openid name email'.
|
164
|
+
# @param api_type [string] Defaults to app. Can be aws, azure_sb, azure_blob, firebase, layer, salesforce_api,
|
165
|
+
# salesforce_sandbox_api, sap_api or wams
|
166
|
+
# @param extra_parameters [hash] Extra parameters.
|
167
|
+
# @return [json] Returns the refreshed delegation token
|
168
|
+
def refresh_delegation(refresh_token, target, scope = 'openid', api_type = 'app', extra_parameters = {})
|
169
|
+
fail Auth0::InvalidParameter, 'Must supply a valid token to refresh' if refresh_token.to_s.empty?
|
170
|
+
request_params = {
|
171
|
+
client_id: @client_id,
|
172
|
+
grant_type: JWT_BEARER,
|
173
|
+
refresh_token: refresh_token,
|
174
|
+
target: target,
|
175
|
+
api_type: api_type,
|
176
|
+
scope: scope
|
177
|
+
}.merge(extra_parameters)
|
178
|
+
post('/delegation', request_params)
|
179
|
+
end
|
180
|
+
|
181
|
+
# Retrives a delegation token
|
182
|
+
# @see https://auth0.com/docs/auth-api#!#post--delegation
|
183
|
+
# @param id_token [string] Token's id.
|
184
|
+
# @param target [string] Target to sign the new token.
|
185
|
+
# @param scope [string] Defaults to openid. Can be 'openid name email'.
|
186
|
+
# @param api_type [string] Defaults to app. Can be aws, azure_sb, azure_blob, firebase, layer, salesforce_api,
|
187
|
+
# salesforce_sandbox_api, sap_api or wams
|
188
|
+
# @param extra_parameters [hash] Extra parameters.
|
189
|
+
# @return [json] Returns the refreshed delegation token
|
190
|
+
def delegation(id_token, target, scope = 'openid', api_type = 'app', extra_parameters = {})
|
191
|
+
fail Auth0::InvalidParameter, 'Must supply a valid id_token' if id_token.to_s.empty?
|
192
|
+
request_params = {
|
193
|
+
client_id: @client_id,
|
194
|
+
grant_type: JWT_BEARER,
|
21
195
|
id_token: id_token,
|
22
196
|
target: target,
|
23
197
|
api_type: api_type,
|
24
198
|
scope: scope
|
25
199
|
}.merge(extra_parameters)
|
26
|
-
post(
|
200
|
+
post('/delegation', request_params)
|
27
201
|
end
|
28
202
|
|
29
|
-
#
|
203
|
+
# Retrives an impersonation URL to login as another user
|
204
|
+
# @see https://auth0.com/docs/auth-api#!#post--users--user_id--impersonate
|
205
|
+
# @param user_id [string] Impersonate user id
|
206
|
+
# @param app_client_id [string] Application client id
|
207
|
+
# @param impersonator_id [string] Impersonator user id id.
|
208
|
+
# @param options [string] Additional Parameters
|
209
|
+
# @return [string] Impersonation URL
|
30
210
|
def impersonate(user_id, app_client_id, impersonator_id, options)
|
211
|
+
fail Auth0::InvalidParameter, 'Must supply a valid user_id' if user_id.to_s.empty?
|
31
212
|
request_params = {
|
32
|
-
protocol: options.fetch(:protocol,
|
213
|
+
protocol: options.fetch(:protocol, 'oauth2'),
|
33
214
|
impersonator_id: impersonator_id,
|
34
215
|
client_id: app_client_id,
|
35
|
-
ttl: options.fetch(:ttl, 120),
|
36
216
|
additionalParameters: {
|
37
|
-
response_type: options.fetch(:response_type,
|
38
|
-
state: options.fetch(:state,
|
39
|
-
scope: options.fetch(:scope,
|
40
|
-
callback_url: options.fetch(:callback_url,
|
217
|
+
response_type: options.fetch(:response_type, 'code'),
|
218
|
+
state: options.fetch(:state, ''),
|
219
|
+
scope: options.fetch(:scope, 'openid'),
|
220
|
+
callback_url: options.fetch(:callback_url, '')
|
41
221
|
}
|
42
222
|
}
|
43
223
|
post("/users/#{user_id}/impersonate", request_params)
|
44
224
|
end
|
45
225
|
|
46
|
-
#
|
47
|
-
|
226
|
+
# Unlinks a User
|
227
|
+
# @see https://auth0.com/docs/auth-api#!#post--unlink
|
228
|
+
# @param access_token [string] Logged-in user access token
|
229
|
+
# @param user_id [string] User Id
|
230
|
+
def unlink_user(access_token, user_id)
|
231
|
+
fail Auth0::InvalidParameter, 'Must supply a valid access_token' if access_token.to_s.empty?
|
232
|
+
fail Auth0::InvalidParameter, 'Must supply a valid user_id' if user_id.to_s.empty?
|
48
233
|
request_params = {
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
234
|
+
access_token: access_token,
|
235
|
+
user_id: user_id
|
236
|
+
}
|
237
|
+
post('/unlink', request_params)
|
238
|
+
end
|
239
|
+
|
240
|
+
# Returns the user information based on the Auth0 access token.
|
241
|
+
# @see https://auth0.com/docs/auth-api#!#get--userinfo
|
242
|
+
# @return [json] User information based on the Auth0 access token
|
243
|
+
def user_info
|
244
|
+
get('/userinfo')
|
245
|
+
end
|
246
|
+
|
247
|
+
# Returns an authorization URL, triggers a redirect.
|
248
|
+
# @see https://auth0.com/docs/auth-api#!#get--authorize_social
|
249
|
+
# @param redirect_uri [string] Url to redirect after authorization
|
250
|
+
# @param options [hash] Can contain response_type, connection, state and additional_parameters.
|
251
|
+
# @return [url] Authorization URL.
|
252
|
+
def authorization_url(redirect_uri, options = {})
|
253
|
+
fail Auth0::InvalidParameter, 'Must supply a valid redirect_uri' if redirect_uri.to_s.empty?
|
254
|
+
request_params = {
|
255
|
+
client_id: @client_id,
|
256
|
+
response_type: options.fetch(:connection, 'code'),
|
257
|
+
connection: options.fetch(:connection, nil),
|
258
|
+
redirect_url: redirect_uri,
|
259
|
+
state: options.fetch(:state, nil)
|
260
|
+
}.merge(options.fetch(:additional_parameters, {}))
|
261
|
+
|
262
|
+
URI::HTTPS.build(host: @domain, path: '/authorize', query: to_query(request_params))
|
263
|
+
end
|
264
|
+
|
265
|
+
# Returns an logout URL, triggers the logout flow.
|
266
|
+
# @see https://auth0.com/docs/auth-api#!#get--logout
|
267
|
+
# @param return_to [string] Url to redirect after authorization
|
268
|
+
# @return [url] Logout URL.
|
269
|
+
def logout_url(return_to)
|
270
|
+
request_params = {
|
271
|
+
returnTo: return_to
|
56
272
|
}
|
57
|
-
|
273
|
+
|
274
|
+
URI::HTTPS.build(host: @domain, path: '/logout', query: to_query(request_params))
|
58
275
|
end
|
59
276
|
|
60
|
-
#
|
61
|
-
|
277
|
+
# Returns a samlp URL. The SAML Request AssertionConsumerServiceURL will be used to POST back the assertion
|
278
|
+
# and it has to match with the application callback URL.
|
279
|
+
# @see https://auth0.com/docs/auth-api#get--samlp--client_id-
|
280
|
+
# @param connection [string] to login with a specific provider.
|
281
|
+
# @return [url] samlp URL.
|
282
|
+
def samlp_url(connection = UP_AUTH)
|
62
283
|
request_params = {
|
63
|
-
|
64
|
-
email: email,
|
65
|
-
connection: connection_name,
|
66
|
-
password: password
|
284
|
+
connection: connection
|
67
285
|
}
|
68
|
-
|
286
|
+
URI::HTTPS.build(host: @domain, path: "/samlp/#{@client_id}", query: to_query(request_params))
|
69
287
|
end
|
70
288
|
|
71
|
-
#
|
72
|
-
|
289
|
+
# Returns a wsfed URL.
|
290
|
+
# @see https://auth0.com/docs/auth-api#get--wsfed--client_id-
|
291
|
+
# @param connection [string] to login with a specific provider.
|
292
|
+
# @return [url] wsfed URL.
|
293
|
+
def wsfed_url(connection = UP_AUTH)
|
73
294
|
request_params = {
|
74
|
-
|
75
|
-
email: email,
|
76
|
-
connection: connection_name,
|
77
|
-
password: password
|
295
|
+
whr: connection
|
78
296
|
}
|
79
|
-
|
297
|
+
URI::HTTPS.build(host: @domain, path: "/wsfed/#{@client_id}", query: to_query(request_params))
|
80
298
|
end
|
81
299
|
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
300
|
+
private
|
301
|
+
|
302
|
+
def to_query(hash)
|
303
|
+
hash.map { |k, v| "#{k}=#{URI.escape(v)}" unless v.nil? }.reject(&:nil?).join('&')
|
86
304
|
end
|
87
305
|
end
|
88
306
|
end
|