auth0 4.15.0 → 5.0.1

data/lib/auth0/api/v2/jobs.rb

@@ -78,14 +78,24 @@ module Auth0
         # @see https://auth0.com/docs/api/management/v2#!/Jobs/post_verification_email
         # @param user_id [string] The user_id of the user to whom the email will be sent.
         # @param client_id [string] Client ID to send an Application-specific email.
+        # @param identity [hash] Used to verify secondary, federated, and passwordless-email identities.
+        #   * :user_id [string] user_id of the identity.
+        #   * :provider [string] provider of the identity.
         #
         # @return [json] Returns the job status and properties.
-        def send_verification_email(user_id, client_id = nil)
+        def send_verification_email(user_id, client_id = nil, identity: nil)
           raise Auth0::InvalidParameter, 'Must specify a user id' if user_id.to_s.empty?
 
           request_params = { user_id: user_id }
           request_params[:client_id] = client_id unless client_id.nil?
 
+          if identity
+            unless identity.is_a? Hash
+              raise Auth0::InvalidParameter, 'Identity must be a hash send an email verification'
+            end
+            request_params[:identity] = identity
+          end
+
           path = "#{jobs_path}/verification-email"
           post(path, request_params)
         end

data/lib/auth0/api/v2/tickets.rb

@@ -12,9 +12,12 @@ module Auth0
         # @param ttl_sec [integer] The ticket's lifetime in seconds starting from the moment of creation.
         # After expiration, the ticket cannot be used to verify the user's email. If not specified or if
         # you send 0, the Auth0 default lifetime of five days will be applied
+        # @param identity [hash] Used to verify secondary, federated, and passwordless-email identities.
+        #   * :user_id [string] user_id of the identity.
+        #   * :provider [string] provider of the identity.
         #
         # @return [json] Returns the created ticket url.
-        def post_email_verification(user_id, result_url: nil, ttl_sec: nil)
+        def post_email_verification(user_id, result_url: nil, ttl_sec: nil, identity: nil)
           if user_id.to_s.empty?
             raise Auth0::InvalidParameter, 'Must supply a valid user id to post an email verification'
           end
@@ -24,6 +27,14 @@ module Auth0
             result_url: result_url,
             ttl_sec: ttl_sec.is_a?(Integer) ? ttl_sec : nil
           }
+
+          if identity
+            unless identity.is_a? Hash
+              raise Auth0::InvalidParameter, 'Identity must be a hash to post an email verification'
+            end
+            request_params[:identity] = identity
+          end
+
           post(path, request_params)
         end
 

data/lib/auth0/api/v2/users.rb

@@ -43,13 +43,15 @@ module Auth0
         # The attribute connection is always mandatory but depending on the type of connection you are using there
         # could be others too. For instance, Auth0 DB Connections require email and password.
         # @see https://auth0.com/docs/api/v2#!/Users/post_users
-        # @param name [string] The user name.
-        # @param options [hash]
-        #   * :connection [string] The connection the user belongs to.
+        # @param connection [string]  The connection the user belongs to.
+        # @param options [hash] See https://auth0.com/docs/api/management/v2#!/Users/post_users for available options
         # @return [json] Returns the created user.
-        def create_user(name, options = {})
+        def create_user(connection, options = {})
+          if !connection.is_a?(String) || connection.empty?
+            raise Auth0::MissingParameter, 'Must supply a valid connection'
+          end
           request_params = Hash[options.map { |(k, v)| [k.to_sym, v] }]
-          request_params[:name] = name
+          request_params[:connection] = connection
           post(users_path, request_params)
         end
 
@@ -248,11 +250,22 @@ module Auth0
         # @see https://auth0.com/docs/api/management/v2#!/Users/get_permissions
         #
         # @param user_id [string] The user_id of the permissions to get.
+        # @param options [hash] A hash of options for getting permissions
+        #   * :per_page [integer] The amount of permissions per page. (optional)
+        #   * :page [integer]  The page number. Zero based. (optional)
+        #   * :include_totals [boolean] True if a query summary must be included in the result. (optional)
         #
         # @return [json] Returns permissions for the given user_id.
-        def get_user_permissions(user_id)
+        def get_user_permissions(user_id, options = {})
           raise Auth0::MissingUserId, 'Must supply a valid user_id' if user_id.to_s.empty?
-          get "#{users_path}/#{user_id}/permissions"
+
+          request_params = {
+            per_page: options.fetch(:per_page, nil),
+            page: options.fetch(:page, nil),
+            include_totals: options.fetch(:include_totals, nil)
+          }
+
+          get "#{users_path}/#{user_id}/permissions", request_params
         end
 
         # Remove one or more permissions from a specific user.
@@ -283,7 +296,7 @@ module Auth0
         # @param user_id [string] The user_id of the recovery codes to regenerate.
         def generate_recovery_code(user_id)
           raise Auth0::MissingUserId, 'Must supply a valid user_id' if user_id.to_s.empty?
-          post "#{users_path}/#{user_id}/recovery-code-generation"
+          post "#{users_path}/#{user_id}/recovery-code-regeneration"
         end
 
         # Invalidate all remembered browsers for all authentication factors for a specific user.

data/lib/auth0/exception.rb

@@ -44,17 +44,12 @@ module Auth0
   class AccessDenied < Auth0::HTTPError; end
   # Invalid parameter passed, e.g. empty where ID is required
   class InvalidParameter < Auth0::Exception; end
-  # Invalid Auth0 credentials either client_id/secret for API v1
-  # or JWT for API v2/
+  # Invalid JWT
   class InvalidCredentials < Auth0::Exception; end
   # Invalid Auth0 API namespace
   class InvalidApiNamespace < Auth0::Exception; end
   # Auth0 API rate-limiting encountered
-  # TODO: When making API-breaking changes, make this a subclass
-  # of Auth0::HTTPError directly rather than Auth0::Unsupported.
-  # It's currently under Unsupported to avoid breaking compatibility
-  # with prior gem versions that treated 429 errors as unknown errors.
-  class RateLimitEncountered < Auth0::Unsupported
+  class RateLimitEncountered < Auth0::HTTPError
     def reset
       Time.at(headers['X-RateLimit-Reset']).utc
     end

data/lib/auth0/mixins.rb

@@ -11,7 +11,6 @@ require 'auth0/mixins/permission_struct'
 require 'auth0/mixins/validation'
 
 require 'auth0/api/authentication_endpoints'
-require 'auth0/api/v1'
 require 'auth0/api/v2'
 
 module Auth0

data/lib/auth0/mixins/access_token_struct.rb

@@ -1,4 +1,4 @@
-AccessToken = Struct.new(
+Auth0::AccessToken = Struct.new(
   :access_token,
   :expires_in,
   :refresh_token,
@@ -17,4 +17,4 @@ AccessToken = Struct.new(
   def token
     access_token
   end
-end
+end

data/lib/auth0/mixins/api_token_struct.rb

@@ -1,4 +1,4 @@
-ApiToken = Struct.new :access_token, :scope, :expires_in do
+Auth0::ApiToken = Struct.new :access_token, :scope, :expires_in do
 
   def token
     access_token
@@ -7,4 +7,4 @@ ApiToken = Struct.new :access_token, :scope, :expires_in do
   def scopes
     scope.split
   end
-end
+end

data/lib/auth0/mixins/httpproxy.rb

@@ -1,3 +1,5 @@
+require "addressable/uri"
+
 module Auth0
   module Mixins
     # here's the proxy for Rest calls based on rest-client, we're building all request on that gem
@@ -8,7 +10,7 @@ module Auth0
       # proxying requests from instance methods to HTTP class methods
       %i(get post post_file put patch delete delete_with_body).each do |method|
         define_method(method) do |path, body = {}, extra_headers = {}|
-          safe_path = URI.escape(path)
+          safe_path = Addressable::URI.escape(path)
           body = body.delete_if { |_, v| v.nil? }
           result = if method == :get
                      # Mutate the headers property to add parameters.

data/lib/auth0/mixins/initializer.rb

@@ -40,7 +40,7 @@ module Auth0
       private
 
       def initialize_api(options)
-        api_v2?(options) ? initialize_v2(options) : initialize_v1
+        initialize_v2(options)
         raise InvalidCredentials, 'Must supply a valid API token' if @token.nil?
         if options.fetch(:authorization, nil) == 'Basic'
           authorization_header_basic(options)
@@ -61,12 +61,6 @@ module Auth0
         @token = api_token.token if @token.nil? && @client_id && @client_secret
       end
 
-      def initialize_v1
-        extend Auth0::Api::V1
-        raise InvalidCredentials, 'Invalid API v1 client_id and client_secret' if @client_id.nil? || @client_secret.nil?
-        @token = obtain_access_token
-      end
-
       def api_v2?(options)
         version = options[:api_version] || 2
         protocol = options[:protocols].to_s

data/lib/auth0/mixins/permission_struct.rb

@@ -1,3 +1,3 @@
-Permission = Struct.new :permission_name, :resource_server_identifier do
+Auth0::Permission = Struct.new :permission_name, :resource_server_identifier do
 
-end
+end

data/lib/auth0/mixins/validation.rb

@@ -23,7 +23,7 @@ module Auth0
         raise Auth0::InvalidParameter, 'Must supply an array of Permissions' unless permissions.kind_of?(Array)
         raise Auth0::MissingParameter, 'Must supply an array of Permissions' if permissions.empty?
         raise Auth0::InvalidParameter, 'All array elements must be Permissions' unless permissions.all? do |permission|
-          permission.kind_of? Permission
+          permission.kind_of? ::Auth0::Permission
         end
         permissions.map { |permission| permission.to_h }
       end

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '4.15.0'.freeze
+  VERSION = '5.0.1'.freeze
 end

data/spec/integration/lib/auth0/api/api_authentication_spec.rb

@@ -60,7 +60,7 @@ describe Auth0::Api::AuthenticationEndpoints do
     end
 
     it 'should return the userinfo' do
-      tokens = @client.login(test_user_email, test_user_pwd, nil, nil)
+      tokens = @client.login_with_resource_owner(test_user_email, test_user_pwd)
       expect(@client.userinfo(tokens['access_token'])).to(
         include( 'email' => test_user_email )
       )

data/spec/integration/lib/auth0/api/v2/api_jobs_spec.rb

@@ -4,7 +4,7 @@ describe Auth0::Api::V2::Jobs do
 
   let(:client) { Auth0Client.new(v2_creds) }
   let(:username) { Faker::Internet.user_name }
-  let(:email) { "#{entity_suffix}#{Faker::Internet.safe_email(username)}" }
+  let(:email) { "#{entity_suffix}#{Faker::Internet.safe_email(name: username)}" }
   let(:connection_id) do
     VCR.use_cassette('Auth0_Api_V2_Jobs/search_for_connection_id') do
       client.connections.find do |connection|
@@ -100,6 +100,18 @@ describe Auth0::Api::V2::Jobs do
         client.send_verification_email(user['user_id'], Random.new(32).to_s)
       end.to raise_error Auth0::BadRequest
     end
+
+    it 'should raise an error if the user id is empty' do
+      expect do
+        client.send_verification_email( '' )
+      end.to raise_error Auth0::InvalidParameter, 'Must specify a user id'
+    end
+
+    it 'should raise an error if the identity supplied is not a Hash' do
+      expect do
+        client.send_verification_email( 'user_id', identity: 'not a hash')
+      end.to raise_error Auth0::InvalidParameter, 'Identity must be a hash send an email verification'
+    end
   end
 
   after(:all) do

data/spec/integration/lib/auth0/api/v2/api_roles_spec.rb

@@ -14,7 +14,7 @@ describe Auth0::Api::V2::Roles do
     @test_role_name = "#{entity_suffix}-test-role"
 
     @test_permission_name = "#{entity_suffix}-test-permission"
-    @test_permission = Permission.new(@test_permission_name, @test_api_name)
+    @test_permission = ::Auth0::Permission.new(@test_permission_name , @test_api_name)
 
     VCR.use_cassette('Auth0_Api_V2_Roles/create_test_user') do
       @test_user ||= client.create_user(

data/spec/integration/lib/auth0/api/v2/api_tickets_spec.rb

@@ -35,7 +35,13 @@ describe Auth0::Api::V2::Tickets do
     it 'should raise an error if the user id is empty' do
       expect do
         client.post_email_verification( '' )
-      end.to raise_error Auth0::InvalidParameter
+      end.to raise_error Auth0::InvalidParameter, 'Must supply a valid user id to post an email verification'
+    end
+
+    it 'should raise an error if the identity supplied is not a Hash' do
+      expect do
+        client.post_email_verification( '', identity: 'not a hash')
+      end.to raise_error Auth0::InvalidParameter, 'Must supply a valid user id to post an email verification'
     end
   end
 

data/spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb

@@ -6,7 +6,7 @@ describe Auth0::Api::V2::UserBlocks do
     before(:all) do
       @client = Auth0Client.new(v2_creds)
       username = Faker::Internet.user_name
-      @email = "#{entity_suffix}#{Faker::Internet.safe_email(username)}"
+      @email = "#{entity_suffix}#{Faker::Internet.safe_email(name: username)}"
       password = Faker::Internet.password
       @user = client.create_user(username,  'email' => email,
                                             'password' => password,

data/spec/integration/lib/auth0/api/v2/api_users_spec.rb

@@ -14,7 +14,7 @@ describe Auth0::Api::V2::Users do
     @test_api_scope = 'test:scope'
 
     @test_permission_name = "#{entity_suffix}-test-permission-for-users"
-    @test_permission = Permission.new("#{entity_suffix}-test-permission-for-users", @test_api_name)
+    @test_permission = ::Auth0::Permission.new("#{entity_suffix}-test-permission-for-users", @test_api_name)
 
     VCR.use_cassette('Auth0_Api_V2_Users/create_test_user') do
       @test_user ||= client.create_user(

data/spec/lib/auth0/api/v2/jobs_spec.rb

@@ -102,6 +102,23 @@ describe Auth0::Api::V2::Jobs do
       end.not_to raise_error
     end
 
+    it 'expect client to accept hash identity' do
+      expect(@instance).to receive(:post).with('/api/v2/jobs/verification-email', user_id: 'user_id',
+                                                                                  identity: {
+                                                                                    provider: "auth0",
+                                                                                    user_id: "user_id"
+                                                                                  })
+      expect {
+        @instance.send_verification_email('user_id', identity: { provider: "auth0", user_id: "user_id"}) 
+      }.not_to raise_error
+    end
+
+    it 'expect client to return nil when calling with a non-hash identity' do
+      expect { @instance.send_verification_email('user_id', identity: "nonhash") }.to raise_error(
+        'Identity must be a hash send an email verification'
+      )
+    end
+
     it 'should raise an error if the user_id is empty' do
       expect do
         @instance.send_verification_email('')

data/spec/lib/auth0/api/v2/roles_spec.rb

@@ -293,8 +293,8 @@ describe Auth0::Api::V2::Roles do
         @instance.add_role_permissions(
           'ROLE_ID',
           [
-            Permission.new('permission-name-1', 'server-id-1'),
-            Permission.new('permission-name-2', 'server-id-2')
+            Auth0::Permission.new('permission-name-1', 'server-id-1'),
+            Auth0::Permission.new('permission-name-2', 'server-id-2')
           ]
         )
       end.not_to raise_error
@@ -352,8 +352,8 @@ describe Auth0::Api::V2::Roles do
         @instance.remove_role_permissions(
           'ROLE_ID',
           [
-            Permission.new('permission-name-3', 'server-id-3'),
-            Permission.new('permission-name-4', 'server-id-4')
+            Auth0::Permission.new('permission-name-3', 'server-id-3'),
+            Auth0::Permission.new('permission-name-4', 'server-id-4')
           ]
         )
       end.not_to raise_error

data/spec/lib/auth0/api/v2/tickets_spec.rb

@@ -21,6 +21,23 @@ describe Auth0::Api::V2::Tickets do
                                                                                      result_url: nil, ttl_sec: nil)
       expect { @instance.post_email_verification('user_id', ttl_sec: "noninteger") }.not_to raise_error
     end
+    it 'expect client to accept hash identity' do
+      expect(@instance).to receive(:post).with('/api/v2/tickets/email-verification', user_id: 'user_id',
+                                                                                     result_url: nil, 
+                                                                                     ttl_sec: nil,
+                                                                                     identity: {
+                                                                                      provider: "auth0",
+                                                                                      user_id: "user_id"
+                                                                                     })
+      expect {
+        @instance.post_email_verification('user_id', identity: { provider: "auth0", user_id: "user_id"}) 
+      }.not_to raise_error
+    end
+    it 'expect client to return nil when calling with a non-hash identity' do
+      expect { @instance.post_email_verification('user_id', identity: "nonhash") }.to raise_error(
+        'Identity must be a hash to post an email verification'
+      )
+    end
     it 'expect client to rasie error when calling with empty body' do
       expect { @instance.post_email_verification(nil) }.to raise_error(
         'Must supply a valid user id to post an email verification'

data/spec/lib/auth0/api/v2/users_spec.rb

@@ -86,18 +86,28 @@ describe Auth0::Api::V2::Users do
         '/api/v2/users',
         email: 'test@test.com',
         password: 'password',
-        connection: 'conn',
-        name: 'name'
+        connection: 'conn'
       )
       expect do
         @instance.create_user(
-          'name',
+          'conn',
           email: 'test@test.com',
-          password: 'password',
-          connection: 'conn'
+          password: 'password'
         )
       end.not_to raise_error
     end
+
+    it 'is expected to raise error if connection is not specified' do
+      expect(@instance).not_to receive(:delete)
+      expect { 
+        @instance.create_user(
+          email: 'test@test.com',
+          password: 'password'
+        )
+       }.to raise_exception(
+        Auth0::MissingParameter
+      )
+    end
   end
 
   context '.delete_users' do
@@ -390,11 +400,28 @@ describe Auth0::Api::V2::Users do
     end
 
     it 'is expected to get permissions' do
-      expect(@instance).to receive(:get).with('/api/v2/users/USER_ID/permissions')
+      expect(@instance).to receive(:get).with(
+        '/api/v2/users/USER_ID/permissions',
+        per_page: nil,
+        page: nil,
+        include_totals: nil,
+      )
       expect do
         @instance.get_user_permissions('USER_ID')
       end.not_to raise_error
     end
+
+    it 'is expected to get permissions with custom parameters' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/users/USER_ID/permissions',
+        per_page: 10,
+        page: 3,
+        include_totals: true
+      )
+      expect do
+        @instance.get_user_permissions('USER_ID', per_page: 10, page: 3, include_totals: true)
+      end.not_to raise_error
+    end
   end
 
   context '.remove_permissions' do
@@ -434,8 +461,8 @@ describe Auth0::Api::V2::Users do
         @instance.remove_user_permissions(
           'USER_ID',
           [
-            Permission.new('permission-name-1', 'server-id-1'),
-            Permission.new('permission-name-2', 'server-id-2')
+            Auth0::Permission.new('permission-name-1', 'server-id-1'),
+            Auth0::Permission.new('permission-name-2', 'server-id-2')
           ]
         )
       end.not_to raise_error
@@ -479,8 +506,8 @@ describe Auth0::Api::V2::Users do
         @instance.add_user_permissions(
           'USER_ID',
           [
-            Permission.new('permission-name-1', 'server-id-1'),
-            Permission.new('permission-name-2', 'server-id-2')
+            Auth0::Permission.new('permission-name-1', 'server-id-1'),
+            Auth0::Permission.new('permission-name-2', 'server-id-2')
           ]
         )
       end.not_to raise_error
@@ -497,7 +524,7 @@ describe Auth0::Api::V2::Users do
     end
 
     it 'is expected to get generate a recovery code' do
-      expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/recovery-code-generation')
+      expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/recovery-code-regeneration')
       expect do
         @instance.generate_recovery_code('USER_ID')
       end.not_to raise_error