auth0 4.0.0 → 4.1.0

data/spec/integration/lib/auth0/api/v2/api_jobs_spec.rb

@@ -17,29 +17,30 @@ describe Auth0::Api::V2::Jobs do
           'user_metadata' => {
             'theme' => 'light'
           }
-        }
-        ]
+        }]
       end
       let(:users_file) do
         File.new('temp.json', 'w+') { |f| f.write(file_content) }
       end
       let(:connection_id) do
         client.connections
-          .find do |connection|
-            connection['name'].include?(Auth0::Api::AuthenticationEndpoints::UP_AUTH)
-          end['id']
+              .find do |connection|
+          connection['name'].include?(Auth0::Api::AuthenticationEndpoints::UP_AUTH)
+        end['id']
       end
       let(:imported_users) { client.import_users(users_file, connection_id) }
       it do
         expect(imported_users).to include(
           'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
           'status' => 'pending',
-          'type' => 'users_import')
+          'type' => 'users_import'
+        )
       end
       let(:import_job_id) { imported_users['id'] }
       it do
         expect(client.get_job(import_job_id)).to include(
-          'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH, 'type' => 'users_import', 'id' => import_job_id)
+          'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH, 'type' => 'users_import', 'id' => import_job_id
+        )
       end
     end
 
@@ -51,12 +52,13 @@ describe Auth0::Api::V2::Jobs do
                                       'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
                                       'app_metadata' => {})
       end
-      let(:email_verification_job) { client.send_verification_email(user_id: user['user_id']) }
+      let(:email_verification_job) { client.send_verification_email(user['user_id']) }
       it { expect(email_verification_job).to include('status' => 'pending', 'type' => 'verification_email') }
       let(:email_job_id) { email_verification_job['id'] }
       it do
         expect(client.get_job(email_job_id)).to include(
-          'status' => 'completed', 'type' => 'verification_email', 'id' => email_job_id)
+          'status' => 'completed', 'type' => 'verification_email', 'id' => email_job_id
+        )
       end
     end
 

data/spec/integration/lib/auth0/api/v2/api_logs_spec.rb

@@ -0,0 +1,69 @@
+require 'spec_helper'
+
+describe Auth0::Api::V2::Logs do
+  attr_reader :client, :user
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    username = Faker::Internet.user_name
+    email = "#{entity_suffix}#{Faker::Internet.safe_email(username)}"
+    password = Faker::Internet.password
+    @user = client.create_user(username,  'email' => email,
+                                          'password' => password,
+                                          'email_verified' => false,
+                                          'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                          'app_metadata' => {})
+  end
+
+  after(:all) do
+    client.delete_user(user['user_id'])
+  end
+
+  describe '.logs' do
+    let(:logs) { client.logs }
+    it 'is expected to get a log about user creation' do
+      wait 30 do
+        expect(find_create_user_log_by_email(user['email'])).to_not be_empty
+      end
+    end
+
+    context '#filters' do
+      it { expect(client.logs(per_page: 1).size).to be 1 }
+      it do
+        expect(
+          client.logs(per_page: 1, fields: [:date, :description, :type].join(','), include_fields: true).first
+        ).to(include('date', 'description', 'type'))
+      end
+      it { expect(client.logs(per_page: 1, fields: [:date].join(',')).first).to_not include('type', 'description') }
+      it do
+        expect(
+          client.logs(per_page: 1, fields: [:date].join(','), include_fields: false).first
+        ).to include('type', 'description')
+      end
+    end
+
+    context '#from' do
+      it { expect(client.logs(from: logs.last['_id'], take: 1).size).to be 1 }
+      it { expect(client.logs(from: logs.first['_id'], take: 1).size).to be 0 }
+    end
+  end
+
+  describe '.log' do
+    let(:first_log) { client.logs.first }
+    let(:log) { client.log(first_log['_id']) }
+    it { expect(log).to_not be_empty }
+    it { expect(log['_id']).to eq(first_log['_id']) }
+    it { expect(log['date']).to eq(first_log['date']) }
+  end
+
+  private
+
+  def find_create_user_log_by_email(email)
+    logs = client.logs
+    logs.find do |log|
+      log['description'] == 'Create a user' &&
+        log['type'] == 'sapi' &&
+        log['details']['request']['body']['email'] == email
+    end
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_resource_servers_spec.rb

@@ -0,0 +1,47 @@
+require 'spec_helper'
+describe Auth0::Api::V2::ResourceServers do
+  attr_reader :client, :resource_server
+
+  before(:all) do
+    @client = Auth0Client.new(v2_creds)
+    identifier = SecureRandom.uuid
+    @resource_server = client.create_resource_server(identifier)
+  end
+
+  after(:all) do
+    client.delete_resource_server(resource_server['id'])
+  end
+
+  describe '.resource_server' do
+    it do
+      expect(client.resource_server(resource_server['id'])).to(
+        include('identifier' => resource_server['identifier'], 'id' => resource_server['id'],
+                'signing_alg' => resource_server['signing_alg'],
+                'token_lifetime' => resource_server['token_lifetime'])
+      )
+    end
+  end
+
+  describe '.create_resource_server' do
+    let(:name) { Faker::Lorem.word }
+    let(:identifier) { SecureRandom.uuid }
+    let(:signing_alg) { 'HS256' }
+    let(:signing_secret) { Faker::Lorem.characters(16) }
+    let(:token_lifetime) { rand(1000..3000) }
+    let!(:resource_server) do
+      client.create_resource_server(identifier, 'name' => name, 'signing_alg' => signing_alg,
+                                                'signing_secret' => signing_secret,
+                                                'token_lifetime' => token_lifetime)
+    end
+    it do
+      expect(resource_server).to include('name' => name, 'identifier' => identifier, 'signing_alg' => signing_alg,
+                                         'signing_secret' => signing_secret,
+                                         'token_lifetime' => token_lifetime)
+    end
+    it { expect { client.delete_resource_server(resource_server['id']) }.to_not raise_error }
+  end
+
+  describe '.delete_resource_server' do
+    it { expect { client.delete_resource_server(resource_server['id']) }.to_not raise_error }
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_rules_spec.rb

@@ -44,7 +44,8 @@ describe Auth0::Api::V2::Rules do
   describe '.rule' do
     it do
       expect(client.rule(enabled_rule['id'])).to(
-        include('stage' => enabled_rule['stage'], 'order' => enabled_rule['order'], 'script' => enabled_rule['script']))
+        include('stage' => enabled_rule['stage'], 'order' => enabled_rule['order'], 'script' => enabled_rule['script'])
+      )
     end
 
     context '#filters' do

data/spec/integration/lib/auth0/api/v2/api_tickets_spec.rb

@@ -25,8 +25,8 @@ describe Auth0::Api::V2::Tickets do
 
   describe '.post_password_change' do
     let(:password_change) do
-      client.post_password_change('secret', user_id: user['user_id'],
-                                            result_url: 'http://myapp.com/callback')
+      client.post_password_change(new_password: 'secret', user_id: user['user_id'],
+                                  result_url: 'http://myapp.com/callback')
     end
     it { expect(password_change).to include('ticket') }
   end

data/spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb

@@ -0,0 +1,73 @@
+require 'spec_helper'
+describe Auth0::Api::V2::UserBlocks do
+  attr_reader :client, :user, :email
+
+  skip 'User blocks examples are skipped since is #logins exceeds free tenant limits' do
+    before(:all) do
+      @client = Auth0Client.new(v2_creds)
+      username = Faker::Internet.user_name
+      @email = "#{entity_suffix}#{Faker::Internet.safe_email(username)}"
+      password = Faker::Internet.password
+      @user = client.create_user(username,  'email' => email,
+                                            'password' => password,
+                                            'email_verified' => true,
+                                            'connection' => Auth0::Api::AuthenticationEndpoints::UP_AUTH,
+                                            'app_metadata' => {})
+    end
+
+    after(:all) do
+      client.delete_user(user['user_id'])
+    end
+
+    describe '.user_blocks' do
+      let(:user_blocks) do
+        block_user(email)
+        client.user_blocks(email)
+      end
+      it { expect(user_blocks['blocked_for'].size).to be > 0 }
+      it { expect(user_blocks['blocked_for'].first['identifier']).to eq email }
+    end
+
+    describe '.user_blocks_by_id' do
+      let(:user_blocks) do
+        block_user(email)
+        client.user_blocks_by_id(user['user_id'])
+      end
+      it { expect(user_blocks['blocked_for'].size).to be > 0 }
+      it { expect(user_blocks['blocked_for'].first['identifier']).to eq email }
+    end
+
+    describe '.delete_user_blocks' do
+      let(:user_blocks) do
+        block_user(email)
+        client.delete_user_blocks(email)
+        client.user_blocks(email)
+      end
+      it { expect(user_blocks['blocked_for']).to eq [] }
+    end
+
+    describe '.delete_user_blocks_by_id' do
+      let(:user_blocks) do
+        block_user(email)
+        client.delete_user_blocks_by_id(user['user_id'])
+        client.user_blocks(email)
+      end
+      it { expect(user_blocks['blocked_for']).to eq [] }
+    end
+  end
+
+  private
+
+  def block_user(email)
+    100.times do
+      begin
+        client.login(email, 'invalid password')
+      rescue Auth0::Unauthorized
+        next
+      rescue Auth0::Unsupported => e
+        puts e.message
+        break
+      end
+    end
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_users_spec.rb

@@ -51,7 +51,8 @@ describe Auth0::Api::V2::Users do
     context '#filters' do
       it do
         expect(client.user(user['user_id'], fields: [:picture, :email, :user_id].join(','))).to(
-          include('email', 'user_id', 'picture'))
+          include('email', 'user_id', 'picture')
+        )
       end
       it { expect(client.user(user['user_id'], fields: [:email].join(','))).to_not include('user_id', 'picture') }
     end
@@ -110,11 +111,37 @@ describe Auth0::Api::V2::Users do
           client.link_user_account(primary_user['user_id'], body_link).first
         ).to include('provider' => 'auth0', 'user_id' => primary_user['identities'].first['user_id'])
       end
+
+      it do
+        expect(
+          client.unlink_users_account(primary_user['user_id'], 'auth0', link_user['user_id']).first
+        ).to include('provider' => 'auth0', 'user_id' => primary_user['identities'].first['user_id'])
+      end
     end
-    it do
-      expect(
-        client.unlink_users_account(primary_user['user_id'], 'auth0', link_user['user_id']).first
-      ).to include('provider' => 'auth0', 'user_id' => primary_user['identities'].first['user_id'])
+  end
+
+  describe '.user_logs' do
+    it 'is expected that the user logs contain a success signup log entry' do
+      wait 30 do
+        user_logs = client.user_logs(user['user_id'])
+        expect(user_logs.size).to be > 0
+        expect(find_success_signup_log_by_email(user['email'], user_logs)).to_not be_empty
+      end
+    end
+
+    context '#filters' do
+      it do
+        wait 30 do
+          expect(client.user_logs(user['user_id'], per_page: 1).size).to be 1
+        end
+      end
+    end
+  end
+
+  def find_success_signup_log_by_email(email, logs)
+    logs.find do |log|
+      log['type'] == 'ss' &&
+        log['details']['body']['email'] == email
     end
   end
 end

data/spec/integration/lib/auth0/auth0_client_spec.rb

@@ -12,26 +12,32 @@ describe Auth0::Client do
 
   it_should_behave_like 'invalid credentials', { namespace: 'samples.auth0.com' }, Auth0::InvalidCredentials
   it_should_behave_like 'invalid credentials', {
-    namespace: 'samples.auth0.com', client_id: 'client_id' }, Auth0::InvalidCredentials
+    namespace: 'samples.auth0.com', client_id: 'client_id'
+  }, Auth0::InvalidCredentials
   it_should_behave_like 'invalid credentials', {
-    namespace: 'samples.auth0.com', client_secret: 'secret' }, Auth0::InvalidCredentials
+    namespace: 'samples.auth0.com', client_secret: 'secret'
+  }, Auth0::InvalidCredentials
   it_should_behave_like 'invalid credentials', {
-    namespace: 'samples.auth0.com', api_version: 2 }, Auth0::InvalidCredentials
+    namespace: 'samples.auth0.com', api_version: 2
+  }, Auth0::InvalidCredentials
   it_should_behave_like 'invalid credentials', {}
   it_should_behave_like 'invalid credentials', api_version: 2
   it_should_behave_like 'invalid credentials', api_version: 1
   it_should_behave_like 'invalid credentials', {
-    client_id: 'client_id', client_secret: 'secret' }, Auth0::InvalidApiNamespace
+    client_id: 'client_id', client_secret: 'secret'
+  }, Auth0::InvalidApiNamespace
   it_should_behave_like 'invalid credentials', {
-    api_version: 2, token: 'token' }, Auth0::InvalidApiNamespace
+    api_version: 2, token: 'token'
+  }, Auth0::InvalidApiNamespace
 
   let(:valid_v1_credentials) do
     { client_id: ENV['CLIENT_ID'],
       client_secret: ENV['CLIENT_SECRET'],
-      domain: ENV['DOMAIN'] }
+      domain: ENV['DOMAIN'],
+      api_version: 1 }
   end
   let(:token) { ENV['MASTER_JWT'] }
-  let(:v2_credentials) { { domain: ENV['DOMAIN'], api_version: 2 } }
+  let(:v2_credentials) { { domain: ENV['DOMAIN'] } }
 
   shared_examples 'valid credentials' do
     it { expect { Auth0Client.new(credentials) }.to_not raise_error }
@@ -40,9 +46,6 @@ describe Auth0::Client do
   it_should_behave_like 'valid credentials' do
     let(:credentials) { valid_v1_credentials }
   end
-  it_should_behave_like 'valid credentials' do
-    let(:credentials) { valid_v1_credentials.merge(api_version: 1) }
-  end
   it_should_behave_like 'valid credentials' do
     let(:credentials) { v2_credentials.merge(token: token) }
   end
@@ -52,7 +55,7 @@ describe Auth0::Client do
 
   context 'client headers' do
     let(:client) { Auth0::Client.new(v2_credentials.merge(access_token: 'abc123', domain: 'myhost.auth0.com')) }
-    let(:headers) { client.class.headers }
+    let(:headers) { client.headers }
 
     let(:base64_token) do
       Base64.urlsafe_encode64('{"name":"ruby-auth0","version":"' + Auth0::VERSION + '"}')

data/spec/lib/auth0/api/authentication_endpoints_spec.rb

@@ -11,10 +11,12 @@ describe Auth0::Api::AuthenticationEndpoints do
     it { expect(@instance).to respond_to(:obtain_access_token) }
     it "is expected to make post request to '/oauth/token'" do
       allow(@instance).to receive(:post).with(
-        '/oauth/token', client_id: nil, client_secret: nil, grant_type: 'client_credentials')
+        '/oauth/token', client_id: @instance.client_id, client_secret: nil, grant_type: 'client_credentials'
+      )
         .and_return('access_token' => 'AccessToken')
       expect(@instance).to receive(:post).with(
-        '/oauth/token', client_id: nil, client_secret: nil, grant_type: 'client_credentials')
+        '/oauth/token', client_id: @instance.client_id, client_secret: nil, grant_type: 'client_credentials'
+      )
       expect(@instance.obtain_access_token).to eql 'AccessToken'
     end
   end
@@ -23,22 +25,45 @@ describe Auth0::Api::AuthenticationEndpoints do
     it { expect(@instance).to respond_to(:obtain_access_token) }
     it "is expected to make post request to '/oauth/access_token'" do
       allow(@instance).to receive(:post).with(
-        '/oauth/access_token', client_id: nil, access_token: 'access_token', connection: 'facebook', scope: 'openid')
+        '/oauth/access_token', client_id: @instance.client_id, access_token: 'access_token', connection: 'facebook',
+                               scope: 'openid'
+      )
         .and_return('access_token' => 'AccessToken')
       expect(@instance).to receive(:post).with(
-        '/oauth/access_token', client_id: nil, access_token: 'access_token', connection: 'facebook', scope: 'openid')
+        '/oauth/access_token', client_id: @instance.client_id, access_token: 'access_token', connection: 'facebook',
+                               scope: 'openid'
+      )
       expect(@instance.obtain_access_token('access_token', 'facebook', 'openid')).to eql 'AccessToken'
     end
   end
 
+  context '.obtain_user_tokens' do
+    it { expect(@instance).to respond_to(:obtain_user_tokens) }
+    it "is expected to make post request to '/oauth/token'" do
+      allow(@instance).to receive(:post).with(
+        '/oauth/token', client_id: @instance.client_id, client_secret: nil, grant_type: 'authorization_code',
+                        connection: 'facebook', code: 'code', scope: 'openid', redirect_uri: 'uri'
+      )
+        .and_return('user_tokens' => 'UserToken')
+      expect(@instance).to receive(:post).with(
+        '/oauth/token', client_id: @instance.client_id, client_secret: nil, grant_type: 'authorization_code',
+                        connection: 'facebook', code: 'code', scope: 'openid', redirect_uri: 'uri'
+      )
+      expect(@instance.obtain_user_tokens('code', 'uri')['user_tokens']).to eq 'UserToken'
+    end
+    it { expect { @instance.obtain_user_tokens('', '') }.to raise_error 'Must supply a valid code' }
+    it { expect { @instance.obtain_user_tokens('code', '') }.to raise_error 'Must supply a valid redirect_uri' }
+  end
+
   context '.login' do
     it { expect(@instance).to respond_to(:login) }
     it 'is expected to make post to /oauth/ro' do
       expect(@instance).to receive(:post).with(
         '/oauth/ro',
-        client_id: nil, username: 'test@test.com',
+        client_id: @instance.client_id, username: 'test@test.com',
         password: 'password', scope: 'openid', connection: 'Username-Password-Authentication',
-        grant_type: 'password', id_token: nil, device: nil)
+        grant_type: 'password', id_token: nil, device: nil
+      )
       @instance.login('test@test.com', 'password')
     end
     it { expect { @instance.login('', '') }.to raise_error 'Must supply a valid username' }
@@ -50,8 +75,9 @@ describe Auth0::Api::AuthenticationEndpoints do
     it 'is expected to make post to /dbconnections/signup' do
       expect(@instance).to receive(:post).with(
         '/dbconnections/signup',
-        client_id: nil, email: 'test@test.com',
-        password: 'password', connection: 'User')
+        client_id: @instance.client_id, email: 'test@test.com',
+        password: 'password', connection: 'User'
+      )
       @instance.signup('test@test.com', 'password', 'User')
     end
     it { expect { @instance.signup('', '') }.to raise_error 'Must supply a valid email' }
@@ -63,8 +89,9 @@ describe Auth0::Api::AuthenticationEndpoints do
     it 'is expected to make post to /dbconnections/change_password' do
       expect(@instance).to receive(:post).with(
         '/dbconnections/change_password',
-        client_id: nil, email: 'test@test.com',
-        password: 'password', connection: 'User')
+        client_id: @instance.client_id, email: 'test@test.com',
+        password: 'password', connection: 'User'
+      )
       @instance.change_password('test@test.com', 'password', 'User')
     end
     it { expect { @instance.change_password('', '', '') }.to raise_error 'Must supply a valid email' }
@@ -75,13 +102,15 @@ describe Auth0::Api::AuthenticationEndpoints do
     it 'is expected to make post to /passwordless/start' do
       expect(@instance).to receive(:post).with(
         '/passwordless/start',
-        client_id: nil,
+        client_id: @instance.client_id,
+        connection:  'email',
         email: 'test@test.com',
         send: 'link',
-        auth_params: {
+        authParams: {
           scope: 'scope',
           protocol: 'protocol'
-        })
+        }
+      )
       @instance.start_passwordless_email_flow('test@test.com', 'link', scope: 'scope', protocol: 'protocol')
     end
     it { expect { @instance.start_passwordless_email_flow('', '', '') }.to raise_error 'Must supply a valid email' }
@@ -93,9 +122,10 @@ describe Auth0::Api::AuthenticationEndpoints do
     it 'is expected to make post to /passwordless/start' do
       expect(@instance).to receive(:post).with(
         '/passwordless/start',
-        client_id: nil,
+        client_id: @instance.client_id,
         connection: 'sms',
-        phone_number: phone_number)
+        phone_number: phone_number
+      )
       @instance.start_passwordless_sms_flow(phone_number)
     end
     it { expect { @instance.start_passwordless_sms_flow('') }.to raise_error 'Must supply a valid phone number' }
@@ -108,9 +138,10 @@ describe Auth0::Api::AuthenticationEndpoints do
     it 'is expected to make post to /oauth/ro' do
       expect(@instance).to receive(:post).with(
         '/oauth/ro',
-        client_id: nil, username: phone_number,
+        client_id: @instance.client_id, username: phone_number,
         password: code, connection: 'sms',
-        scope: 'openid', grant_type: 'password')
+        scope: 'openid', grant_type: 'password'
+      )
       @instance.phone_login(phone_number, code)
     end
     it { expect { @instance.phone_login('', '') }.to raise_error 'Must supply a valid phone number' }
@@ -118,13 +149,11 @@ describe Auth0::Api::AuthenticationEndpoints do
   end
 
   context '.saml_metadata' do
-    let(:client_id) { 'client-id' }
     it { expect(@instance).to respond_to(:saml_metadata) }
     it 'is expected to make post to /samlp/metadata/client-id' do
-      expect(@instance).to receive(:get).with("/samlp/metadata/#{client_id}")
-      @instance.saml_metadata(client_id)
+      expect(@instance).to receive(:get).with("/samlp/metadata/#{@instance.client_id}")
+      @instance.saml_metadata
     end
-    it { expect { @instance.saml_metadata('') }.to raise_error 'Must supply a valid client_id' }
   end
 
   context '.wsfed_metadata' do
@@ -136,21 +165,34 @@ describe Auth0::Api::AuthenticationEndpoints do
   end
 
   context '.authorization_url' do
-    let(:redirect_url) { 'http://redirect.com' }
+    let(:redirect_uri) { 'http://redirect.com' }
     it { expect(@instance).to respond_to(:authorization_url) }
     it 'is expected to return an authorization url' do
-      expect(@instance.authorization_url(redirect_url).to_s).to eq(
-        "https://#{@instance.domain}/authorize?response_type=code&redirect_url=#{redirect_url}")
+      expect(@instance.authorization_url(redirect_uri).to_s).to eq(
+        "https://#{@instance.domain}/authorize?client_id=#{@instance.client_id}&response_type=code&"\
+        "redirect_uri=#{redirect_uri}"
+      )
     end
     let(:additional_parameters) { { additional_parameters: { aparam1: 'test1' } } }
     it 'is expected to return an authorization url with additionalParameters' do
-      expect(@instance.authorization_url(redirect_url, additional_parameters).to_s).to eq(
-        "https://#{@instance.domain}/authorize?response_type=code&redirect_url=#{redirect_url}&aparam1=test1")
+      expect(@instance.authorization_url(redirect_uri, additional_parameters).to_s).to eq(
+        "https://#{@instance.domain}/authorize?client_id=#{@instance.client_id}&response_type=code&"\
+        "redirect_uri=#{redirect_uri}&aparam1=test1"
+      )
     end
     let(:state) { { state: 'state1' } }
     it 'is expected to return an authorization url with additionalParameters' do
-      expect(@instance.authorization_url(redirect_url, state).to_s).to eq(
-        "https://#{@instance.domain}/authorize?response_type=code&redirect_url=#{redirect_url}&state=state1")
+      expect(@instance.authorization_url(redirect_uri, state).to_s).to eq(
+        "https://#{@instance.domain}/authorize?client_id=#{@instance.client_id}&response_type=code&"\
+        "redirect_uri=#{redirect_uri}&state=state1"
+      )
+    end
+    let(:connection) { { connection: 'connection-1' } }
+    it 'is expected to return an authorization url with additionalParameters' do
+      expect(@instance.authorization_url(redirect_uri, connection).to_s).to eq(
+        "https://#{@instance.domain}/authorize?client_id=#{@instance.client_id}&response_type=code&"\
+        "connection=connection-1&redirect_uri=#{redirect_uri}"
+      )
     end
     it { expect { @instance.authorization_url('', '') }.to raise_error 'Must supply a valid redirect_uri' }
   end
@@ -168,10 +210,11 @@ describe Auth0::Api::AuthenticationEndpoints do
     it "is expected to make post request to '/delegation'" do
       expect(@instance).to receive(:post).with(
         '/delegation',
-        client_id: nil,
+        client_id: @instance.client_id,
         grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
         refresh_token: 'id_token', target: '', api_type: '', scope: '',
-        additional_parameter: 'parameter')
+        additional_parameter: 'parameter'
+      )
       @instance.refresh_delegation('id_token', '', '', '', additional_parameter: 'parameter')
     end
     it { expect { @instance.refresh_delegation('', '', '', '') }.to raise_error 'Must supply a valid token to refresh' }
@@ -182,55 +225,67 @@ describe Auth0::Api::AuthenticationEndpoints do
     it "is expected to make post request to '/delegation'" do
       expect(@instance).to receive(:post).with(
         '/delegation',
-        client_id: nil,
+        client_id: @instance.client_id,
         grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
         id_token: 'token',
         target: 'target',
         scope: '',
-        api_type: 'app')
+        api_type: 'app'
+      )
       @instance.delegation('token', 'target', '')
     end
     it "is expected to make post request to '/delegation'
       with specified api_type" do
       expect(@instance).to receive(:post).with(
         '/delegation',
-        client_id: nil,
+        client_id: @instance.client_id,
         grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
         id_token: 'id_token', target: '', scope: '',
-        api_type: 'salesforce_api')
+        api_type: 'salesforce_api'
+      )
       @instance.delegation('id_token', '', '', 'salesforce_api')
     end
     it 'allows to pass extra parameters' do
       expect(@instance).to receive(:post).with(
         '/delegation',
-        client_id: nil,
+        client_id: @instance.client_id,
         grant_type: 'urn:ietf:params:oauth:grant-type:jwt-bearer',
         id_token: 'id_token', target: '', scope: '', api_type: '',
-        community_name: 'test-community', community_url: 'test-url')
+        community_name: 'test-community', community_url: 'test-url'
+      )
       @instance.delegation(
         'id_token', '', '', '',
-        community_name: 'test-community', community_url: 'test-url')
+        community_name: 'test-community', community_url: 'test-url'
+      )
     end
     it { expect { @instance.delegation('', nil, nil, nil) }.to raise_error 'Must supply a valid id_token' }
   end
 
   context '.impersonate' do
-    let(:user_id)         { 'some_user_id' }
-    let(:app_client_id)   { 'some_app_client_id' }
-    let(:impersonator_id) { 'some_impersonator_id' }
-
+    let(:user_id) { 'some_user_id' }
+    let(:impersonator_id) { 'some_other_user_id' }
+    let(:app_client_id) { 'app_client_id' }
     it { expect(@instance).to respond_to(:impersonate) }
-    it "is expected to make post request to '/users/{user_id}/impersonate'" do
-      expect(@instance).to receive(:post).with(
-        "/users/#{user_id}/impersonate",
-        protocol: 'oauth2',
-        impersonator_id: impersonator_id, client_id: app_client_id,
-        additionalParameters: {
-          response_type: 'code', state: '',
-          scope: 'openid', callback_url: '' })
-      @instance.impersonate(user_id, app_client_id, impersonator_id, {})
+    it do
+      expect { @instance.impersonate(user_id, app_client_id, impersonator_id, {}) }.to raise_error(
+        'Must supply client_secret'
+      )
+    end
+    it do
+      expect { @instance.impersonate('', app_client_id, impersonator_id, {}) }.to raise_error(
+        'Must supply a valid user_id'
+      )
+    end
+    it do
+      expect { @instance.impersonate(user_id, app_client_id, '', {}) }.to raise_error(
+        'Must supply a valid impersonator_id'
+      )
+    end
+    it do
+      expect { @instance.impersonate(user_id, '', impersonator_id, {}) }.to raise_error(
+        'Must supply a valid app_client_id'
+      )
     end
-    it { expect { @instance.impersonate('', '', '', '') }.to raise_error 'Must supply a valid user_id' }
   end
 
   context '.unlink_user' do
@@ -256,7 +311,8 @@ describe Auth0::Api::AuthenticationEndpoints do
     it { expect(@instance).to respond_to(:logout_url) }
     it 'is expected to return a logout url' do
       expect(@instance.logout_url(return_to).to_s).to eq(
-        "https://#{@instance.domain}/logout?returnTo=#{return_to}")
+        "https://#{@instance.domain}/logout?returnTo=#{return_to}"
+      )
     end
   end
 
@@ -264,11 +320,13 @@ describe Auth0::Api::AuthenticationEndpoints do
     it { expect(@instance).to respond_to(:samlp_url) }
     it 'is expected to get the samlp url' do
       expect(@instance.samlp_url.to_s).to eq(
-        "https://#{@instance.domain}/samlp/?connection=Username-Password-Authentication")
+        "https://#{@instance.domain}/samlp/#{@instance.client_id}?connection=Username-Password-Authentication"
+      )
     end
     it 'is expected to get the samlp url with fb connection' do
       expect(@instance.samlp_url('facebook').to_s).to eq(
-        "https://#{@instance.domain}/samlp/?connection=facebook")
+        "https://#{@instance.domain}/samlp/#{@instance.client_id}?connection=facebook"
+      )
     end
   end
 
@@ -276,11 +334,13 @@ describe Auth0::Api::AuthenticationEndpoints do
     it { expect(@instance).to respond_to(:wsfed_url) }
     it 'is expected to get the wsfed url' do
       expect(@instance.wsfed_url.to_s).to eq(
-        "https://#{@instance.domain}/wsfed/?whr=Username-Password-Authentication")
+        "https://#{@instance.domain}/wsfed/#{@instance.client_id}?whr=Username-Password-Authentication"
+      )
     end
     it 'is expected to get the wsfed url with fb connection' do
       expect(@instance.wsfed_url('facebook').to_s).to eq(
-        "https://#{@instance.domain}/wsfed/?whr=facebook")
+        "https://#{@instance.domain}/wsfed/#{@instance.client_id}?whr=facebook"
+      )
     end
   end
 end