auth0 3.6.1 → 4.0.0

data/spec/integration/lib/auth0/api/v2/api_rules_spec.rb

@@ -0,0 +1,83 @@
+require 'spec_helper'
+describe Auth0::Api::V2::Rules do
+  attr_reader :client, :enabled_rule, :disabled_rule
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    suffix = Faker::Lorem.word
+    script = 'function (user, context, callback) { callback(null, user, context);}'
+    stage = 'login_success'
+    @enabled_rule = client.create_rule("Enabled Rule #{suffix}", script, rand(1..10), true, stage)
+    @disabled_rule = client.create_rule("Disabled Rule #{suffix}", script, rand(11..20), false, stage)
+  end
+
+  after(:all) do
+    rules = client.rules
+    rules.each do |rule|
+      client.delete_rule(rule['id'])
+    end
+  end
+
+  describe '.rules' do
+    let(:rules) { client.rules }
+
+    it { expect(rules.size).to be > 0 }
+
+    context '#filters' do
+      it do
+        expect(client.rules(enabled: true).size).to be 1
+      end
+
+      it do
+        expect(client.rules(enabled: false).size).to be 1
+      end
+
+      it do
+        expect(client.rules(enabled: true, fields: [:script, :order].join(',')).first).to(include('script', 'order'))
+      end
+      it do
+        expect(client.rules(enabled: true, fields: [:script].join(',')).first).to_not(include('order', 'name'))
+      end
+    end
+  end
+
+  describe '.rule' do
+    it do
+      expect(client.rule(enabled_rule['id'])).to(
+        include('stage' => enabled_rule['stage'], 'order' => enabled_rule['order'], 'script' => enabled_rule['script']))
+    end
+
+    context '#filters' do
+      let(:rule_include) { client.rule(enabled_rule['id'], fields: [:stage, :order, :script].join(',')) }
+      let(:rule_not_include) { client.rule(enabled_rule['id'], fields: :stage, include_fields: false) }
+
+      it do
+        expect(rule_include).to(include('stage', 'order', 'script'))
+      end
+
+      it do
+        expect(rule_not_include).to(include('order', 'script'))
+        expect(rule_not_include).to_not(include('stage'))
+      end
+    end
+  end
+
+  describe '.create_rule' do
+    let(:name) { Faker::Lorem.word }
+    let(:order) { rand(21..30) }
+    let(:stage) { 'login_success' }
+    let(:script) { 'function(test)' }
+    let(:enabled) { false }
+    let!(:rule) { client.create_rule(name, script, order, enabled, stage) }
+    it { expect(rule).to include('name' => name, 'stage' => stage, 'order' => order, 'script' => script) }
+  end
+
+  describe '.delete_rule' do
+    it { expect { client.delete_rule(enabled_rule['id']) }.to_not raise_error }
+    it { expect { client.delete_rule '' }.to raise_error(Auth0::InvalidParameter) }
+  end
+
+  describe '.update_rule' do
+    it { expect(client.update_rule(disabled_rule['id'], enabled: true)).to(include('enabled' => true)) }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_stats_spec.rb

@@ -0,0 +1,16 @@
+require 'spec_helper'
+describe Auth0::Api::V2::Stats do
+  let(:client) { Auth0Client.new(v2_creds) }
+
+  describe '.active_users' do
+    it { expect(Integer(client.active_users)).to be >= 0 }
+  end
+
+  # rubocop:disable Date
+  describe '.daily_stats' do
+    let(:from) { Date.today.prev_day.strftime('%Y%m%d') }
+    let(:to) { Date.today.strftime('%Y%m%d') }
+    let(:daily_stats) { client.daily_stats(from, to) }
+    it { expect(daily_stats.size).to be > 0 }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_tenants_spec.rb

@@ -0,0 +1,37 @@
+require 'spec_helper'
+describe Auth0::Api::V2::Tenants do
+  attr_reader :client, :body
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    @body = {
+      'error_page' => {
+        'html' => '',
+        'show_log_link' => false,
+        'url' => 'https://mycompany.org/error'
+      },
+      'friendly_name' => 'My Company',
+      'picture_url' => 'https://mycompany.org/logo.png',
+      'support_email' => 'support@mycompany.org',
+      'support_url' => 'https://mycompany.org/support'
+    }
+
+    client.update_tenant_settings(body)
+  end
+
+  describe '.get_tenant_settings' do
+    it { expect(client.get_tenant_settings).to include(body) }
+
+    let(:tenant_setting_fields) { client.get_tenant_settings(fields: 'picture_url') }
+    it { expect(tenant_setting_fields).to_not include('friendly_name' => 'My Company') }
+    it { expect(tenant_setting_fields).to include('picture_url' => 'https://mycompany.org/logo.png') }
+  end
+
+  describe '.update_tenant_settings' do
+    let(:tenant_name) { Faker::Company.name }
+    let(:body_tenant) do
+      { 'friendly_name' => tenant_name }
+    end
+    it { expect(client.update_tenant_settings(body_tenant)['friendly_name']).to include(tenant_name) }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_tickets_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+describe Auth0::Api::V2::Tickets do
+  attr_reader :client, :user
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    username = Faker::Internet.user_name
+    email = "#{entity_suffix}#{Faker::Internet.safe_email(username)}"
+    password = Faker::Internet.password
+    @user = client.create_user(username,  'email' => email,
+                                          'password' => password,
+                                          'email_verified' => false,
+                                          'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                          'app_metadata' => {})
+  end
+
+  after(:all) do
+    client.delete_user(user['user_id'])
+  end
+
+  describe '.post_email_verification' do
+    let(:email_verification) { client.post_email_verification(user['user_id'], result_url: 'http://myapp.com/callback') }
+    it { expect(email_verification).to include('ticket') }
+  end
+
+  describe '.post_password_change' do
+    let(:password_change) do
+      client.post_password_change('secret', user_id: user['user_id'],
+                                            result_url: 'http://myapp.com/callback')
+    end
+    it { expect(password_change).to include('ticket') }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_users_spec.rb

@@ -1,68 +1,120 @@
-require "spec_helper"
+require 'spec_helper'
 describe Auth0::Api::V2::Users do
-
   let(:client) { Auth0Client.new(v2_creds) }
   let(:username) { Faker::Internet.user_name }
   let(:email) { "#{entity_suffix}#{Faker::Internet.safe_email(username)}" }
   let(:password) { Faker::Internet.password }
-  let(:connection) { "Username-Password-Authentication" }
-  let!(:user) { client.create_user(username, {
-                                     "email" => email,
-                                     "password" => password,
-                                     "email_verified" => false,
-                                     "connection" => connection,
-                                     "app_metadata" => {}
-  })}
+  let!(:user) do
+    client.create_user(username,  'email' => email,
+                                  'password' => password,
+                                  'email_verified' => false,
+                                  'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                  'app_metadata' => {})
+  end
 
   describe '.users' do
-
-    let(:users) { client.users() }
+    let(:users) { client.users }
 
     it { expect(users.size).to be > 0 }
 
-    context "#filters" do
+    context '#filters' do
       it { expect(client.users(per_page: 1).size).to be 1 }
-      it { expect(client.users(per_page: 1, fields: [:picture, :email, :user_id].join(',')).first).to include("email", "user_id", "picture") }
-      it { expect(client.users(per_page: 1, fields: [:email].join(',')).first).to_not include("user_id", "picture") }
+      it do
+        expect(
+          client.users(per_page: 1, fields: [:picture, :email, :user_id].join(','), include_fields: true).first
+        ).to(include('email', 'user_id', 'picture'))
+      end
+      it { expect(client.users(per_page: 1, fields: [:email].join(',')).first).to_not include('user_id', 'picture') }
+      it do
+        expect(
+          client.users(per_page: 1, fields: [:email].join(','), include_fields: false).first
+        ).to include('user_id', 'picture')
+      end
     end
-
   end
 
   describe '.user' do
+    let(:subject) { client.user(user['user_id']) }
 
-    let(:subject) { client.user(user["user_id"]) }
-
-    it { should include("email" => email, "name" => username) }
-
-    context "#filters" do
-      it { expect(client.user(user["user_id"], fields: [:picture, :email, :user_id].join(','))).to include("email", "user_id", "picture") }
-      it { expect(client.user(user["user_id"], fields: [:email].join(','))).to_not include("user_id", "picture") }
+    it { should include('email' => email, 'name' => username) }
+    it do
+      expect(
+        client.user(user['user_id'], fields: [:picture, :email, :user_id].join(','), include_fields: true)
+      ).to(include('email', 'user_id', 'picture'))
+    end
+    it do
+      expect(
+        client.user(user['user_id'], fields: [:picture, :email, :user_id].join(','), include_fields: false)
+      ).not_to(include('email', 'user_id', 'picture'))
     end
 
+    context '#filters' do
+      it do
+        expect(client.user(user['user_id'], fields: [:picture, :email, :user_id].join(','))).to(
+          include('email', 'user_id', 'picture'))
+      end
+      it { expect(client.user(user['user_id'], fields: [:email].join(','))).to_not include('user_id', 'picture') }
+    end
   end
 
   describe '.create_user' do
-
     let(:subject) { user }
 
-    it { should include("user_id", "identities") }
-    it { should include(
-           "email" => email,
-           "email_verified" => false,
-    )}
-
+    it { should include('user_id', 'identities') }
+    it { expect(client.patch_user(user['user_id'], 'email_verified' => true)).to include('email_verified' => true) }
   end
 
   describe '.delete_user' do
-
-    it { expect { client.delete_user user["user_id"] }.to_not raise_error }
-
-    it { expect { client.delete_user "" }.to raise_error(Auth0::MissingUserId) }
-
+    it { expect { client.delete_user user['user_id'] }.to_not raise_error }
+    it { expect { client.delete_user '' }.to raise_error(Auth0::MissingUserId) }
   end
 
   describe '.patch_user' do
-    it { expect(client.patch_user(user["user_id"], {"email_verified" => true})).to include("email_verified" => true) }
+    it { expect(client.patch_user(user['user_id'], 'email_verified' => true)).to(include('email_verified' => true)) }
+    let(:body_path) do
+      {
+        'user_metadata' => {
+          'addresses' => { 'home_address' => '742 Evergreen Terrace' }
+        }
+      }
+    end
+    it do
+      expect(
+        client.patch_user(user['user_id'], body_path)
+      ).to(include('user_metadata' => { 'addresses' => { 'home_address' => '742 Evergreen Terrace' } }))
+    end
   end
 
+  describe '.link_user_account and .unlink_users_account' do
+    let(:email_link) { "#{entity_suffix}#{Faker::Internet.safe_email(Faker::Internet.user_name)}" }
+    let!(:link_user) do
+      client.create_user(username,  'email' => email_link,
+                                    'password' => Faker::Internet.password,
+                                    'email_verified' => false,
+                                    'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                    'app_metadata' => {})
+    end
+    let(:email_primary) { "#{entity_suffix}#{Faker::Internet.safe_email(Faker::Internet.user_name)}" }
+    let!(:primary_user) do
+      client.create_user(username,  'email' => email_primary,
+                                    'password' => Faker::Internet.password,
+                                    'email_verified' => false,
+                                    'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                    'app_metadata' => {})
+    end
+
+    let(:body_link) { { 'provider' => 'auth0', 'user_id' => link_user['user_id'] } }
+    skip 'Link user account examples are skipped to avoid errors on users deletion' do
+      it do
+        expect(
+          client.link_user_account(primary_user['user_id'], body_link).first
+        ).to include('provider' => 'auth0', 'user_id' => primary_user['identities'].first['user_id'])
+      end
+    end
+    it do
+      expect(
+        client.unlink_users_account(primary_user['user_id'], 'auth0', link_user['user_id']).first
+      ).to include('provider' => 'auth0', 'user_id' => primary_user['identities'].first['user_id'])
+    end
+  end
 end

data/spec/integration/lib/auth0/auth0_client_spec.rb

@@ -1,7 +1,6 @@
-require "spec_helper"
+require 'spec_helper'
 describe Auth0::Client do
-
-  shared_examples "invalid credentials" do |credentials, error|
+  shared_examples 'invalid credentials' do |credentials, error|
     it "raise an error with credentials #{credentials}" do
       if error.nil?
         expect { Auth0Client.new(credentials) }.to raise_error
@@ -11,62 +10,71 @@ describe Auth0::Client do
     end
   end
 
-  it_should_behave_like "invalid credentials", {namespace: "samples.auth0.com"}, Auth0::InvalidCredentials
-  it_should_behave_like "invalid credentials", {namespace: "samples.auth0.com", client_id: "client_id"}, Auth0::InvalidCredentials
-  it_should_behave_like "invalid credentials", {namespace: "samples.auth0.com", client_secret: "secret"}, Auth0::InvalidCredentials
-  it_should_behave_like "invalid credentials", {namespace: "samples.auth0.com", api_version: 2}, Auth0::InvalidCredentials
-  it_should_behave_like "invalid credentials", {}
-  it_should_behave_like "invalid credentials", {api_version: 2}
-  it_should_behave_like "invalid credentials", {api_version: 1}
-  it_should_behave_like "invalid credentials", {client_id: "client_id", client_secret: "secret"}, Auth0::InvalidApiNamespace
-  it_should_behave_like "invalid credentials", {api_version: 2, token: "token"}, Auth0::InvalidApiNamespace
+  it_should_behave_like 'invalid credentials', { namespace: 'samples.auth0.com' }, Auth0::InvalidCredentials
+  it_should_behave_like 'invalid credentials', {
+    namespace: 'samples.auth0.com', client_id: 'client_id' }, Auth0::InvalidCredentials
+  it_should_behave_like 'invalid credentials', {
+    namespace: 'samples.auth0.com', client_secret: 'secret' }, Auth0::InvalidCredentials
+  it_should_behave_like 'invalid credentials', {
+    namespace: 'samples.auth0.com', api_version: 2 }, Auth0::InvalidCredentials
+  it_should_behave_like 'invalid credentials', {}
+  it_should_behave_like 'invalid credentials', api_version: 2
+  it_should_behave_like 'invalid credentials', api_version: 1
+  it_should_behave_like 'invalid credentials', {
+    client_id: 'client_id', client_secret: 'secret' }, Auth0::InvalidApiNamespace
+  it_should_behave_like 'invalid credentials', {
+    api_version: 2, token: 'token' }, Auth0::InvalidApiNamespace
 
-  let(:valid_v1_credentials) { {client_id: ENV["CLIENT_ID"], client_secret: ENV["CLIENT_SECRET"], domain: ENV["DOMAIN"]} }
-  let(:token) { ENV["MASTER_JWT"] }
-  let(:v2_credentials) { {domain: ENV["DOMAIN"], api_version: 2} }
+  let(:valid_v1_credentials) do
+    { client_id: ENV['CLIENT_ID'],
+      client_secret: ENV['CLIENT_SECRET'],
+      domain: ENV['DOMAIN'] }
+  end
+  let(:token) { ENV['MASTER_JWT'] }
+  let(:v2_credentials) { { domain: ENV['DOMAIN'], api_version: 2 } }
 
-  shared_examples "valid credentials" do
+  shared_examples 'valid credentials' do
     it { expect { Auth0Client.new(credentials) }.to_not raise_error }
   end
 
-  it_should_behave_like "valid credentials" do
+  it_should_behave_like 'valid credentials' do
     let(:credentials) { valid_v1_credentials }
   end
-  it_should_behave_like "valid credentials" do
-    let(:credentials) { valid_v1_credentials.merge({api_version: 1}) }
+  it_should_behave_like 'valid credentials' do
+    let(:credentials) { valid_v1_credentials.merge(api_version: 1) }
   end
-  it_should_behave_like "valid credentials" do
-    let(:credentials) { v2_credentials.merge({token: token})}
+  it_should_behave_like 'valid credentials' do
+    let(:credentials) { v2_credentials.merge(token: token) }
   end
-  it_should_behave_like "valid credentials" do
-    let(:credentials) { v2_credentials.merge({access_token: ENV["MASTER_JWT"]}) }
+  it_should_behave_like 'valid credentials' do
+    let(:credentials) { v2_credentials.merge(access_token: ENV['MASTER_JWT']) }
   end
 
-  context "client headers" do
-    let(:client) { Auth0::Client.new(v2_credentials.merge({access_token: 'abc123', domain: 'myhost.auth0.com'})) }
+  context 'client headers' do
+    let(:client) { Auth0::Client.new(v2_credentials.merge(access_token: 'abc123', domain: 'myhost.auth0.com')) }
     let(:headers) { client.class.headers }
 
-    let(:base64_token) {
-      Base64.urlsafe_encode64('{"name":"ruby-auth0","version":"'+Auth0::VERSION+'"}')
-    }
+    let(:base64_token) do
+      Base64.urlsafe_encode64('{"name":"ruby-auth0","version":"' + Auth0::VERSION + '"}')
+    end
 
-    it "has the correct headers present" do
-      expect(headers.keys.sort).to eql ['Auth0-Client', 'Authorization', 'Content-Type', 'User-Agent']
+    it 'has the correct headers present' do
+      expect(headers.keys.sort).to eql(['Auth0-Client', 'Authorization', 'Content-Type', 'User-Agent'])
     end
 
-    it "uses the correct access token" do
-      expect(headers['Authorization']).to eql "Bearer abc123"
+    it 'uses the correct access token' do
+      expect(headers['Authorization']).to eql 'Bearer abc123'
     end
 
-    it "is always json" do
+    it 'is always json' do
       expect(headers['Content-Type']).to eql 'application/json'
     end
 
-    it "sets the ruby version" do
+    it 'sets the ruby version' do
       expect(headers['User-Agent']).to eql "Ruby/#{RUBY_VERSION}"
     end
 
-    it "sets the client version" do
+    it 'sets the client version' do
       expect(headers['Auth0-Client']).to eql base64_token
     end
   end

data/spec/lib/auth0/api/authentication_endpoints_spec.rb

@@ -1,80 +1,286 @@
-require "spec_helper"
+require 'spec_helper'
 describe Auth0::Api::AuthenticationEndpoints do
   before :all do
     dummy_instance = DummyClass.new
     dummy_instance.extend(Auth0::Api::AuthenticationEndpoints)
+
     @instance = dummy_instance
   end
 
-  context ".obtain_access_token" do
-    it {expect(@instance).to respond_to(:obtain_access_token)}
+  context '.obtain_access_token' do
+    it { expect(@instance).to respond_to(:obtain_access_token) }
     it "is expected to make post request to '/oauth/token'" do
-      allow(@instance).to receive(:post).with("/oauth/token", {client_id: nil, client_secret: nil, grant_type: 'client_credentials'}).
-        and_return({"access_token" => "AccessToken"})
-      expect(@instance).to receive(:post).with("/oauth/token", {client_id: nil, client_secret: nil, grant_type: 'client_credentials'})
-      expect(@instance.obtain_access_token).to eql "AccessToken"
+      allow(@instance).to receive(:post).with(
+        '/oauth/token', client_id: nil, client_secret: nil, grant_type: 'client_credentials')
+        .and_return('access_token' => 'AccessToken')
+      expect(@instance).to receive(:post).with(
+        '/oauth/token', client_id: nil, client_secret: nil, grant_type: 'client_credentials')
+      expect(@instance.obtain_access_token).to eql 'AccessToken'
+    end
+  end
+
+  context '.obtain_access_token social' do
+    it { expect(@instance).to respond_to(:obtain_access_token) }
+    it "is expected to make post request to '/oauth/access_token'" do
+      allow(@instance).to receive(:post).with(
+        '/oauth/access_token', client_id: nil, access_token: 'access_token', connection: 'facebook', scope: 'openid')
+        .and_return('access_token' => 'AccessToken')
+      expect(@instance).to receive(:post).with(
+        '/oauth/access_token', client_id: nil, access_token: 'access_token', connection: 'facebook', scope: 'openid')
+      expect(@instance.obtain_access_token('access_token', 'facebook', 'openid')).to eql 'AccessToken'
+    end
+  end
+
+  context '.login' do
+    it { expect(@instance).to respond_to(:login) }
+    it 'is expected to make post to /oauth/ro' do
+      expect(@instance).to receive(:post).with(
+        '/oauth/ro',
+        client_id: nil, username: 'test@test.com',
+        password: 'password', scope: 'openid', connection: 'Username-Password-Authentication',
+        grant_type: 'password', id_token: nil, device: nil)
+      @instance.login('test@test.com', 'password')
+    end
+    it { expect { @instance.login('', '') }.to raise_error 'Must supply a valid username' }
+    it { expect { @instance.login('username', '') }.to raise_error 'Must supply a valid password' }
+  end
+
+  context '.signup' do
+    it { expect(@instance).to respond_to(:signup) }
+    it 'is expected to make post to /dbconnections/signup' do
+      expect(@instance).to receive(:post).with(
+        '/dbconnections/signup',
+        client_id: nil, email: 'test@test.com',
+        password: 'password', connection: 'User')
+      @instance.signup('test@test.com', 'password', 'User')
+    end
+    it { expect { @instance.signup('', '') }.to raise_error 'Must supply a valid email' }
+    it { expect { @instance.signup('email', '') }.to raise_error 'Must supply a valid password' }
+  end
+
+  context '.change_password' do
+    it { expect(@instance).to respond_to(:change_password) }
+    it 'is expected to make post to /dbconnections/change_password' do
+      expect(@instance).to receive(:post).with(
+        '/dbconnections/change_password',
+        client_id: nil, email: 'test@test.com',
+        password: 'password', connection: 'User')
+      @instance.change_password('test@test.com', 'password', 'User')
+    end
+    it { expect { @instance.change_password('', '', '') }.to raise_error 'Must supply a valid email' }
+  end
+
+  context '.start_passwordless_email_flow' do
+    it { expect(@instance).to respond_to(:start_passwordless_email_flow) }
+    it 'is expected to make post to /passwordless/start' do
+      expect(@instance).to receive(:post).with(
+        '/passwordless/start',
+        client_id: nil,
+        email: 'test@test.com',
+        send: 'link',
+        auth_params: {
+          scope: 'scope',
+          protocol: 'protocol'
+        })
+      @instance.start_passwordless_email_flow('test@test.com', 'link', scope: 'scope', protocol: 'protocol')
+    end
+    it { expect { @instance.start_passwordless_email_flow('', '', '') }.to raise_error 'Must supply a valid email' }
+  end
+
+  context '.start_passwordless_sms_flow' do
+    let(:phone_number) { Faker::PhoneNumber.cell_phone }
+    it { expect(@instance).to respond_to(:start_passwordless_sms_flow) }
+    it 'is expected to make post to /passwordless/start' do
+      expect(@instance).to receive(:post).with(
+        '/passwordless/start',
+        client_id: nil,
+        connection: 'sms',
+        phone_number: phone_number)
+      @instance.start_passwordless_sms_flow(phone_number)
+    end
+    it { expect { @instance.start_passwordless_sms_flow('') }.to raise_error 'Must supply a valid phone number' }
+  end
+
+  context '.phone_login' do
+    let(:phone_number) { Faker::PhoneNumber.cell_phone }
+    let(:code) { Faker::Number.number(10) }
+    it { expect(@instance).to respond_to(:phone_login) }
+    it 'is expected to make post to /oauth/ro' do
+      expect(@instance).to receive(:post).with(
+        '/oauth/ro',
+        client_id: nil, username: phone_number,
+        password: code, connection: 'sms',
+        scope: 'openid', grant_type: 'password')
+      @instance.phone_login(phone_number, code)
+    end
+    it { expect { @instance.phone_login('', '') }.to raise_error 'Must supply a valid phone number' }
+    it { expect { @instance.phone_login('phone', '') }.to raise_error 'Must supply a valid code' }
+  end
+
+  context '.saml_metadata' do
+    let(:client_id) { 'client-id' }
+    it { expect(@instance).to respond_to(:saml_metadata) }
+    it 'is expected to make post to /samlp/metadata/client-id' do
+      expect(@instance).to receive(:get).with("/samlp/metadata/#{client_id}")
+      @instance.saml_metadata(client_id)
+    end
+    it { expect { @instance.saml_metadata('') }.to raise_error 'Must supply a valid client_id' }
+  end
+
+  context '.wsfed_metadata' do
+    it { expect(@instance).to respond_to(:wsfed_metadata) }
+    it 'is expected to make post to /wsfed/FederationMetadata/2007-06/FederationMetadata.xml' do
+      expect(@instance).to receive(:get).with('/wsfed/FederationMetadata/2007-06/FederationMetadata.xml')
+      @instance.wsfed_metadata
+    end
+  end
+
+  context '.authorization_url' do
+    let(:redirect_url) { 'http://redirect.com' }
+    it { expect(@instance).to respond_to(:authorization_url) }
+    it 'is expected to return an authorization url' do
+      expect(@instance.authorization_url(redirect_url).to_s).to eq(
+        "https://#{@instance.domain}/authorize?response_type=code&redirect_url=#{redirect_url}")
+    end
+    let(:additional_parameters) { { additional_parameters: { aparam1: 'test1' } } }
+    it 'is expected to return an authorization url with additionalParameters' do
+      expect(@instance.authorization_url(redirect_url, additional_parameters).to_s).to eq(
+        "https://#{@instance.domain}/authorize?response_type=code&redirect_url=#{redirect_url}&aparam1=test1")
+    end
+    let(:state) { { state: 'state1' } }
+    it 'is expected to return an authorization url with additionalParameters' do
+      expect(@instance.authorization_url(redirect_url, state).to_s).to eq(
+        "https://#{@instance.domain}/authorize?response_type=code&redirect_url=#{redirect_url}&state=state1")
+    end
+    it { expect { @instance.authorization_url('', '') }.to raise_error 'Must supply a valid redirect_uri' }
+  end
+  context '.token_info' do
+    it { expect(@instance).to respond_to(:token_info) }
+    it 'is expected to make post to /tokeinfo' do
+      expect(@instance).to receive(:post).with('/tokeninfo', id_token: 'SomerandomToken')
+      @instance.token_info('SomerandomToken')
     end
+    it { expect { @instance.token_info('') }.to raise_error 'Must supply a valid id_token' }
   end
 
-  context ".delegation" do
-    it {expect(@instance).to respond_to(:delegation)}
+  context '.refresh_delegation' do
+    it { expect(@instance).to respond_to(:refresh_delegation) }
     it "is expected to make post request to '/delegation'" do
-      expect(@instance).to receive(:post).with("/delegation",{:client_id=>nil, :grant_type=>"urn:ietf:params:oauth:grant-type:jwt-bearer", :id_token=>"token", :target=>"target", :scope=>"", api_type: "app"})
-      @instance.delegation("token", "target", "")
+      expect(@instance).to receive(:post).with(
+        '/delegation',
+        client_id: nil,
+        grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+        refresh_token: 'id_token', target: '', api_type: '', scope: '',
+        additional_parameter: 'parameter')
+      @instance.refresh_delegation('id_token', '', '', '', additional_parameter: 'parameter')
     end
-    it "is expected to make post request to '/delegation' with specified api_type" do
-      expect(@instance).to receive(:post).with("/delegation",{:client_id=>nil, :grant_type=>"urn:ietf:params:oauth:grant-type:jwt-bearer", 
-                                                              :id_token=>"", :target=>"", :scope=>"", 
-                                                              api_type: "salesforce_api"})
-      @instance.delegation("", "", "", "salesforce_api")
+    it { expect { @instance.refresh_delegation('', '', '', '') }.to raise_error 'Must supply a valid token to refresh' }
+  end
+
+  context '.delegation' do
+    it { expect(@instance).to respond_to(:delegation) }
+    it "is expected to make post request to '/delegation'" do
+      expect(@instance).to receive(:post).with(
+        '/delegation',
+        client_id: nil,
+        grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+        id_token: 'token',
+        target: 'target',
+        scope: '',
+        api_type: 'app')
+      @instance.delegation('token', 'target', '')
     end
-    it "allows to pass extra parameters" do
-      expect(@instance).to receive(:post).with("/delegation",{:client_id=>nil, :grant_type=>"urn:ietf:params:oauth:grant-type:jwt-bearer", 
-                                                              :id_token=>"", :target=>"", :scope=>"", :api_type => "",
-                                                               :community_name => 'test-community', community_url: 'test-url'})
-      @instance.delegation("", "", "", "", community_name: 'test-community', community_url: 'test-url')
+    it "is expected to make post request to '/delegation'
+      with specified api_type" do
+      expect(@instance).to receive(:post).with(
+        '/delegation',
+        client_id: nil,
+        grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+        id_token: 'id_token', target: '', scope: '',
+        api_type: 'salesforce_api')
+      @instance.delegation('id_token', '', '', 'salesforce_api')
     end
+    it 'allows to pass extra parameters' do
+      expect(@instance).to receive(:post).with(
+        '/delegation',
+        client_id: nil,
+        grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
+        id_token: 'id_token', target: '', scope: '', api_type: '',
+        community_name: 'test-community', community_url: 'test-url')
+      @instance.delegation(
+        'id_token', '', '', '',
+        community_name: 'test-community', community_url: 'test-url')
+    end
+    it { expect { @instance.delegation('', nil, nil, nil) }.to raise_error 'Must supply a valid id_token' }
   end
 
-  context ".impersonate" do
-    let(:user_id)         {"some_user_id"}
-    let(:app_client_id)   {"some_app_client_id"}
-    let(:impersonator_id) {"some_impersonator_id"}
+  context '.impersonate' do
+    let(:user_id)         { 'some_user_id' }
+    let(:app_client_id)   { 'some_app_client_id' }
+    let(:impersonator_id) { 'some_impersonator_id' }
 
-    it {expect(@instance).to respond_to(:impersonate)}
+    it { expect(@instance).to respond_to(:impersonate) }
     it "is expected to make post request to '/users/{user_id}/impersonate'" do
-      expect(@instance).to receive(:post).with("/users/#{user_id}/impersonate",{:protocol=>"oauth2", :impersonator_id=>impersonator_id, :client_id=>app_client_id, :ttl=>120, :additionalParameters=>{:response_type=>"code", :state=>"", :scope=>"openid", :callback_url=>""}})
+      expect(@instance).to receive(:post).with(
+        "/users/#{user_id}/impersonate",
+        protocol: 'oauth2',
+        impersonator_id: impersonator_id, client_id: app_client_id,
+        additionalParameters: {
+          response_type: 'code', state: '',
+          scope: 'openid', callback_url: '' })
       @instance.impersonate(user_id, app_client_id, impersonator_id, {})
     end
+    it { expect { @instance.impersonate('', '', '', '') }.to raise_error 'Must supply a valid user_id' }
   end
 
-  context ".login" do
-    it {expect(@instance).to respond_to(:signup)}
-    it "is expected to make post to /oauth/ro" do
-      expect(@instance).to receive(:post).with("/oauth/ro", {client_id: nil, username:"test@test.com", password: "password", connection: "Username-Password-Authentication", scope: "openid", grant_type: "password", id_token: nil})
-      @instance.login("test@test.com", "password")
+  context '.unlink_user' do
+    it { expect(@instance).to respond_to(:unlink_user) }
+    it 'is expected to make post to /unlink' do
+      expect(@instance).to receive(:post).with('/unlink', access_token: 'access-token', user_id: 'user-id')
+      @instance.unlink_user('access-token', 'user-id')
     end
+    it { expect { @instance.unlink_user('', '') }.to raise_error 'Must supply a valid access_token' }
+    it { expect { @instance.unlink_user('token', '') }.to raise_error 'Must supply a valid user_id' }
   end
-  context ".signup" do
-    it {expect(@instance).to respond_to(:signup)}
-    it "is expected to make post to /dbconnections/signup" do
-      expect(@instance).to receive(:post).with("/dbconnections/signup", {client_id: nil, email: "test@test.com", password: "password", connection: "User"})
-      @instance.signup("test@test.com", "password", "User")
+
+  context '.user_info' do
+    it { expect(@instance).to respond_to(:user_info) }
+    it 'is expected to make post to /userinfo' do
+      expect(@instance).to receive(:get).with('/userinfo')
+      @instance.user_info
     end
   end
-  context ".change_password" do
-    it {expect(@instance).to respond_to(:change_password)}
-    it "is expected to make post to /dbconnections/change_password" do
-      expect(@instance).to receive(:post).with("/dbconnections/change_password", {client_id: nil, email: "test@test.com", password: "password", connection: "User"})
-      @instance.change_password("test@test.com", "password", "User")
+
+  context '.logout_url' do
+    let(:return_to) { 'http://returnto.com' }
+    it { expect(@instance).to respond_to(:logout_url) }
+    it 'is expected to return a logout url' do
+      expect(@instance.logout_url(return_to).to_s).to eq(
+        "https://#{@instance.domain}/logout?returnTo=#{return_to}")
     end
   end
 
-  context ".token_info" do
-    it {expect(@instance).to respond_to(:token_info)}
-    it "is expected to make post to /tokeinfo" do
-      expect(@instance).to receive(:post).with("/tokeninfo", {id_token: "SomerandomToken"})
-      @instance.token_info("SomerandomToken")
+  context '.samlp_url' do
+    it { expect(@instance).to respond_to(:samlp_url) }
+    it 'is expected to get the samlp url' do
+      expect(@instance.samlp_url.to_s).to eq(
+        "https://#{@instance.domain}/samlp/?connection=Username-Password-Authentication")
+    end
+    it 'is expected to get the samlp url with fb connection' do
+      expect(@instance.samlp_url('facebook').to_s).to eq(
+        "https://#{@instance.domain}/samlp/?connection=facebook")
+    end
+  end
+
+  context '.wsfed_url' do
+    it { expect(@instance).to respond_to(:wsfed_url) }
+    it 'is expected to get the wsfed url' do
+      expect(@instance.wsfed_url.to_s).to eq(
+        "https://#{@instance.domain}/wsfed/?whr=Username-Password-Authentication")
+    end
+    it 'is expected to get the wsfed url with fb connection' do
+      expect(@instance.wsfed_url('facebook').to_s).to eq(
+        "https://#{@instance.domain}/wsfed/?whr=facebook")
     end
   end
 end