auth0 4.0.0 → 4.1.0

data/lib/auth0/mixins/initializer.rb

@@ -9,8 +9,9 @@ module Auth0
       # By Default API v2
       def initialize(config)
         options = Hash[config.map { |(k, v)| [k.to_sym, v] }]
-        self.class.base_uri base_url(options)
-        self.class.headers client_headers(config)
+        @base_uri = base_url(options)
+        @headers = client_headers(config)
+        @timeout = options[:timeout] || 10
         extend Auth0::Api::AuthenticationEndpoints
         @client_id = options[:client_id]
         initialize_api(options)
@@ -21,17 +22,32 @@ module Auth0
         klass.send :prepend, Initializer
       end
 
+      def authorization_header(token)
+        add_headers('Authorization' => "Bearer #{token}")
+      end
+
+      def authorization_header_basic(options)
+        connection_id = options.fetch(:connection_id, Auth0::Api::AuthenticationEndpoints::UP_AUTH)
+        user = options.fetch(:user, nil)
+        password = options.fetch(:password, nil)
+        add_headers('Authorization' => "Basic #{Base64.strict_encode64("#{connection_id}\\#{user}:#{password}")}")
+      end
+
       private
 
       def initialize_api(options)
-        api_v1?(options) ? initialize_v1(options) : initialize_v2(options)
-        fail InvalidCredentials, 'Must supply a valid API token' if @token.nil?
-        self.class.headers 'Authorization' => "Bearer #{@token}"
+        api_v2?(options) ? initialize_v2(options) : initialize_v1(options)
+        raise InvalidCredentials, 'Must supply a valid API token' if @token.nil?
+        if options.fetch(:authorization, nil) == 'Basic'
+          authorization_header_basic(options)
+        else
+          authorization_header(@token)
+        end
       end
 
       def base_url(options)
         @domain = options[:domain] || options[:namespace]
-        fail InvalidApiNamespace, 'Api namespace must supply an API domain' if @domain.to_s.empty?
+        raise InvalidApiNamespace, 'Api namespace must supply an API domain' if @domain.to_s.empty?
         "https://#{@domain}"
       end
 
@@ -52,20 +68,21 @@ module Auth0
 
       def initialize_v2(options)
         extend Auth0::Api::V2
+        @client_secret = options[:client_secret]
         @token = options[:access_token] || options[:token]
       end
 
       def initialize_v1(options)
         extend Auth0::Api::V1
         @client_secret = options[:client_secret]
-        fail InvalidCredentials, 'Invalid API v1 client_id and client_secret' if @client_id.nil? || @client_secret.nil?
+        raise InvalidCredentials, 'Invalid API v1 client_id and client_secret' if @client_id.nil? || @client_secret.nil?
         @token = obtain_access_token
       end
 
-      def api_v1?(options)
-        version = options[:api_version] || 1
+      def api_v2?(options)
+        version = options[:api_version] || 2
         protocol = options[:protocols].to_s
-        !protocol.include?('v2') && (protocol.include?('v1') || version == 1)
+        !protocol.include?('v1') && (protocol.include?('v2') || version == 2)
       end
     end
   end

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '4.0.0'
+  VERSION = '4.1.0'.freeze
 end

data/spec/integration/lib/auth0/api/api_authentication_spec.rb

@@ -0,0 +1,118 @@
+require 'spec_helper'
+describe Auth0::Api::AuthenticationEndpoints do
+  attr_reader :client, :impersonate_user, :impersonator_user, :global_client, :password
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    impersonate_username = Faker::Internet.user_name
+    impersonate_email = "#{entity_suffix}#{Faker::Internet.safe_email(impersonate_username)}"
+    @password = Faker::Internet.password
+    @impersonate_user = client.create_user(impersonate_username, 'email' => impersonate_email,
+                                                                 'password' => password,
+                                                                 'email_verified' => true,
+                                                                 'connection' =>
+                                                                  Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                                                 'app_metadata' => {})
+
+    impersonator_username = Faker::Internet.user_name
+    impersonator_email = "#{entity_suffix}#{Faker::Internet.safe_email(impersonator_username)}"
+    @impersonator_user = client.create_user(impersonator_username, 'email' => impersonator_email,
+                                                                   'password' => password,
+                                                                   'email_verified' => true,
+                                                                   'connection' =>
+                                                                    Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                                                   'app_metadata' => {})
+
+    @global_client = Auth0Client.new(v1_global_creds)
+  end
+
+  after(:all) do
+    client.delete_user(impersonate_user['user_id'])
+    client.delete_user(impersonator_user['user_id'])
+  end
+
+  describe '.obtain_access_token' do
+    let(:acces_token) { global_client.obtain_access_token }
+    it { expect(acces_token).to_not be_nil }
+  end
+
+  describe '.login' do
+    let(:login) { global_client.login(impersonate_user['email'], password) }
+    it { expect(login).to(include('id_token', 'access_token', 'token_type')) }
+  end
+
+  describe '.signup' do
+    let(:signup_username) { Faker::Internet.user_name }
+    let(:signup_email) { "#{entity_suffix}#{Faker::Internet.safe_email(signup_username)}" }
+    let(:signup) { global_client.signup(signup_email, password) }
+    it { expect(signup).to(include('_id', 'email')) }
+    it { expect(signup['email']).to eq signup_email }
+  end
+
+  describe '.change_password' do
+    let(:change_password) do
+      global_client.change_password(impersonate_user['user_id'], password)
+    end
+    it { expect(change_password).to eq '"We\'ve just sent you an email to reset your password."' }
+  end
+
+  skip '.start_passwordless_email_flow' do
+    let(:start_passwordless_email_flow) do
+      global_client.start_passwordless_email_flow(impersonate_user['email'])
+    end
+    it { expect(start_passwordless_email_flow['email']).to eq impersonate_user['email'] }
+    it { expect(start_passwordless_email_flow).to(include('_id', 'email')) }
+  end
+
+  skip '.start_passwordless_sms_flow' do
+    let(:phone_number) { '+19143686854' }
+    let(:start_passwordless_sms_flow) { global_client.start_passwordless_sms_flow(phone_number) }
+    it { expect(start_passwordless_sms_flow['phone_number']).to eq phone_number }
+    it { expect(start_passwordless_sms_flow).to(include('_id', 'phone_number', 'request_language')) }
+  end
+
+  describe '.saml_metadata' do
+    let(:saml_metadata) { global_client.saml_metadata }
+    it { expect(saml_metadata).to(include('<EntityDescriptor')) }
+  end
+
+  describe '.wsfed_metadata' do
+    let(:wsfed_metadata) { global_client.wsfed_metadata }
+    it { expect(wsfed_metadata).to(include('<EntityDescriptor')) }
+  end
+
+  describe '.token_info' do
+    let(:id_token) { global_client.login(impersonate_user['email'], password)['id_token'] }
+    let(:token_info) { global_client.token_info(id_token) }
+    it { expect(token_info).to(include('email', 'clientID', 'global_client_id')) }
+  end
+
+  describe '.delegation' do
+    let(:id_token) { global_client.login(impersonate_user['email'], password)['id_token'] }
+    let(:target) { global_client.clients[0]['clientID'] }
+    let(:delegation) { global_client.delegation(id_token, target) }
+    it { expect(delegation).to(include('token_type', 'expires_in', 'id_token')) }
+  end
+
+  describe '.impersonation' do
+    let(:impersonate_url) do
+      global_client.impersonate(impersonate_user['user_id'], ENV['CLIENT_ID'], impersonator_user['user_id'], {})
+    end
+    it { expect(impersonate_url).to_not be_nil }
+  end
+
+  describe '.unlink_user' do
+    let(:access_token) { global_client.login(impersonate_user['email'], password)['access_token'] }
+    let(:unlink_user) { global_client.unlink_user(access_token, impersonator_user['user_id']) }
+    it { expect(unlink_user).to eq 'OK' }
+  end
+
+  describe '.user_info' do
+    let(:access_token) { global_client.login(impersonate_user['email'], password)['access_token'] }
+    let(:credentials) { { client_id: ENV['CLIENT_ID'], token: access_token, domain: ENV['DOMAIN'] } }
+    let(:client) { Auth0Client.new(credentials) }
+    let(:user_info) { client.user_info }
+    it { expect(user_info['email']).to eq impersonate_user['email'] }
+    it { expect(user_info).to(include('clientID', 'identities', 'nickname', 'picture')) }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_blacklist_spec.rb

@@ -4,7 +4,7 @@ describe Auth0::Api::V2::Blacklists do
   let(:token) { 'faketoken' }
 
   describe '.add_token_to_blacklist' do
-    it { expect(client.add_token_to_blacklist(token)).to be_nil }
+    it { expect(client.add_token_to_blacklist(token)).to be_empty }
   end
 
   describe '.blacklisted_tokens' do

data/spec/integration/lib/auth0/api/v2/api_client_grants_spec.rb

@@ -0,0 +1,53 @@
+require 'spec_helper'
+describe Auth0::Api::V2::ClientGrants do
+  attr_reader :client, :client_id, :audience, :existing_grant, :scope
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    @client_id = Faker::Lorem.word
+    @audience = Faker::Internet.url
+    @scope = [Faker::Lorem.word]
+    @existing_grant = client.create_client_grant('client_id' => client_id, 'audience' => audience, 'scope' => scope)
+  end
+
+  after(:all) do
+    grants = client.client_grants
+    grants.each do |grant|
+      client.delete_client_grant(grant['id'])
+    end
+  end
+
+  describe '.client_grants' do
+    let(:client_grants) { client.client_grants }
+
+    it { expect(client_grants.size).to be > 0 }
+    it { expect(client_grants).to include(existing_grant) }
+  end
+
+  describe '.create_client_grant' do
+    let(:new_client) { Faker::Lorem.word }
+
+    it do
+      expect(
+        client.create_client_grant('client_id' => new_client, 'audience' => audience,
+                                   'scope' => scope)
+      ).to(include('client_id' => new_client, 'audience' => audience, 'scope' => scope))
+    end
+  end
+
+  describe '.patch_client_grant' do
+    let(:new_scope) { [Faker::Lorem.word] }
+    it do
+      expect(
+        client.patch_client_grant(
+          existing_grant['id'],
+          'scope' => new_scope
+        )
+      ).to(include('scope' => new_scope))
+    end
+  end
+
+  describe '.delete_client_grant' do
+    it { expect { client.delete_client_grant(existing_grant['id']) }.to_not raise_error }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_clients_spec.rb

@@ -50,7 +50,8 @@ describe Auth0::Api::V2::Clients do
   describe '.create_client' do
     it do
       expect(client.create_client(client_name, custom_login_page_on: false)).to(
-        include('name' => client_name, 'custom_login_page_on' => false))
+        include('name' => client_name, 'custom_login_page_on' => false)
+      )
     end
     it { expect { client.create_client('', custom_login_page_on: false) }.to raise_error(Auth0::MissingParameter) }
   end
@@ -61,7 +62,9 @@ describe Auth0::Api::V2::Clients do
         client.patch_client(
           existing_client['client_id'],
           custom_login_page_on: false,
-          sso: true)).to(include('custom_login_page_on' => false, 'sso' => true))
+          sso: true
+        )
+      ).to(include('custom_login_page_on' => false, 'sso' => true))
     end
     it { expect { client.patch_client('', custom_login_page_on: false) }.to raise_error(Auth0::MissingClientId) }
   end

data/spec/integration/lib/auth0/api/v2/api_connections_spec.rb

@@ -18,14 +18,15 @@ describe Auth0::Api::V2::Connections do
     let(:connections) { client.connections }
 
     it { expect(connections.size).to be > 0 }
-    it { expect(connections.find { |con| con['name'] == name }).to_not be_nil }
+    it { expect(connections.find { |con| con['name'] == name }).to_not be_empty }
 
     context '#filters' do
       it { expect(client.connections(strategy: strategy).size).to be > 0 }
       it { expect(client.connections(strategy: strategy, fields: [:name].join(',')).first).to include('name') }
       it do
         expect(client.connections(strategy: strategy, fields: [:name].join(','), include_fields: false).first).to_not(
-          include('name'))
+          include('name')
+        )
       end
     end
   end
@@ -39,7 +40,8 @@ describe Auth0::Api::V2::Connections do
       it { expect(client.connection(connection['id'], fields: [:name, :id].join(','))).to include('id', 'name') }
       it do
         expect(client.connection(connection['id'], fields: [:name, :id].join(','), include_fields: false)).to_not(
-          include('id', 'name'))
+          include('id', 'name')
+        )
       end
     end
   end
@@ -66,7 +68,8 @@ describe Auth0::Api::V2::Connections do
     let(:options) { { username: new_name } }
     it do
       expect(client.update_connection(connection_to_update['id'], 'options' => options)['options']).to include(
-        'username' => new_name)
+        'username' => new_name
+      )
     end
   end
 
@@ -85,7 +88,7 @@ describe Auth0::Api::V2::Connections do
       client.connections.find { |connection| connection['name'] == Auth0::Api::AuthenticationEndpoints::UP_AUTH }
     end
 
-    it { expect(client.delete_connection_user(connection['id'], email)).to be_nil }
+    it { expect(client.delete_connection_user(connection['id'], email)).to be_empty }
   end
 
   after(:all) do

data/spec/integration/lib/auth0/api/v2/api_device_credentials_spec.rb

@@ -0,0 +1,67 @@
+require 'spec_helper'
+require 'base64'
+describe Auth0::Api::V2::DeviceCredentials do
+  attr_reader :user, :client, :basic_client, :existing_device_credentials
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    username = Faker::Internet.user_name
+    email = "#{entity_suffix}#{Faker::Internet.safe_email(username)}"
+    password = Faker::Internet.password
+    @user = client.create_user(username,  'email' => email,
+                                          'password' => password,
+                                          'email_verified' => true,
+                                          'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                          'app_metadata' => {})
+
+    basic_creds = { connection_id: Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                    user: email,
+                    password: password,
+                    authorization: 'Basic' }
+
+    @basic_client = Auth0Client.new(v2_creds.merge(basic_creds))
+    @existing_device_credentials = basic_client.create_device_credential(
+      "#{user['name']}_phone_1",
+      'dmFsdWU=',
+      '68753A44-4D6F-1226-9C60-0050E4C00067',
+      ENV['CLIENT_ID']
+    )
+  end
+
+  after(:all) do
+    client.delete_user(user['user_id'])
+  end
+
+  describe '.device_credentials' do
+    let(:device_credentials) { basic_client.device_credentials(ENV['CLIENT_ID']) }
+    it { expect(device_credentials.size).to be > 0 }
+    it { expect(device_credentials.find { |cred| cred['id'] == existing_device_credentials['id'] }).to_not be_empty }
+    context '#filter_by_type' do
+      let(:filtered_device_credentials) { basic_client.device_credentials(ENV['CLIENT_ID'], type: 'refresh_token') }
+      it do
+        expect(filtered_device_credentials.find do |cred|
+                 cred['id'] == existing_device_credentials['id']
+               end).to eq nil
+      end
+    end
+  end
+
+  describe '.create_device_credential' do
+    let!(:new_credentials) do
+      basic_client.create_device_credential(
+        "#{user['name']}_phone_2",
+        'dmFsdWU=',
+        '68753A44-4D6F-1226-9C60-0050E4C00067',
+        ENV['CLIENT_ID']
+      )
+    end
+    it do
+      expect(basic_client.device_credentials(ENV['CLIENT_ID'])
+        .find { |cred| cred['id'] == new_credentials['id'] }).to_not be_empty
+    end
+  end
+
+  describe '.delete_device_credential' do
+    it { expect { basic_client.delete_device_credential(existing_device_credentials['id']) }.to_not raise_error }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_email_spec.rb

@@ -13,7 +13,7 @@ describe Auth0::Api::V2::Emails do
   let(:name) { 'mandrill' }
   let(:enabled) { true }
   let(:credentials) { { 'api_key' => 'api_key' } }
-  let(:settings) { { 'first_setting' =>  'first_setting_set', 'second_setting' => 'second_setting_set' } }
+  let(:settings) { { 'first_setting' => 'first_setting_set', 'second_setting' => 'second_setting_set' } }
   let(:body) do
     { 'name' => name,
       'enabled' => enabled,
@@ -25,7 +25,8 @@ describe Auth0::Api::V2::Emails do
     let!(:email_provider) { client.configure_provider(body) }
     it do
       expect(email_provider).to include(
-        'name' => name, 'enabled' => enabled, 'credentials' => credentials, 'settings' => settings)
+        'name' => name, 'enabled' => enabled, 'credentials' => credentials, 'settings' => settings
+      )
     end
   end
 
@@ -37,12 +38,15 @@ describe Auth0::Api::V2::Emails do
     context '#filters' do
       it do
         expect(
-          client.get_provider(fields: [:name, :enabled, :credentials].join(','), include_fields: true)).to(
-            include('name', 'enabled', 'credentials'))
+          client.get_provider(fields: [:name, :enabled, :credentials].join(','), include_fields: true)
+        ).to(
+          include('name', 'enabled', 'credentials')
+        )
       end
       it do
         expect(
-          client.get_provider(fields: [:enabled].join(','), include_fields: false).first).to_not(include('enabled'))
+          client.get_provider(fields: [:enabled].join(','), include_fields: false).first
+        ).to_not(include('enabled'))
       end
     end
   end
@@ -58,9 +62,12 @@ describe Auth0::Api::V2::Emails do
     end
     it do
       expect(
-        client.update_provider(update_body)).to(
-          include(
-            'name' => update_name, 'enabled' => enabled, 'credentials' => credentials, 'settings' => update_settings))
+        client.update_provider(update_body)
+      ).to(
+        include(
+          'name' => update_name, 'enabled' => enabled, 'credentials' => credentials, 'settings' => update_settings
+        )
+      )
     end
   end