auth0 4.16.0 → 5.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (69) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +29 -8
  3. data/.github/CODEOWNERS +1 -1
  4. data/.github/ISSUE_TEMPLATE/config.yml +8 -0
  5. data/.github/ISSUE_TEMPLATE/feature_request.md +39 -0
  6. data/.github/ISSUE_TEMPLATE/report_a_bug.md +55 -0
  7. data/.gitignore +1 -1
  8. data/.yardoc/checksums +22 -0
  9. data/.yardoc/complete +0 -0
  10. data/.yardoc/object_types +0 -0
  11. data/.yardoc/objects/root.dat +0 -0
  12. data/.yardoc/proxy_types +0 -0
  13. data/CHANGELOG.md +84 -0
  14. data/Gemfile +0 -1
  15. data/README.md +81 -8
  16. data/Rakefile +0 -22
  17. data/auth0.gemspec +4 -3
  18. data/examples/ruby-api/.gitignore +0 -6
  19. data/lib/auth0/api/authentication_endpoints.rb +22 -226
  20. data/lib/auth0/api/v2.rb +8 -4
  21. data/lib/auth0/api/v2/branding.rb +66 -0
  22. data/lib/auth0/api/v2/connections.rb +3 -0
  23. data/lib/auth0/api/v2/jobs.rb +3 -1
  24. data/lib/auth0/api/v2/organizations.rb +332 -0
  25. data/lib/auth0/api/v2/tickets.rb +14 -2
  26. data/lib/auth0/api/v2/users.rb +33 -8
  27. data/lib/auth0/exception.rb +4 -7
  28. data/lib/auth0/mixins.rb +0 -1
  29. data/lib/auth0/mixins/access_token_struct.rb +2 -2
  30. data/lib/auth0/mixins/api_token_struct.rb +2 -2
  31. data/lib/auth0/mixins/httpproxy.rb +3 -1
  32. data/lib/auth0/mixins/initializer.rb +4 -8
  33. data/lib/auth0/mixins/permission_struct.rb +2 -2
  34. data/lib/auth0/mixins/validation.rb +15 -1
  35. data/lib/auth0/version.rb +1 -1
  36. data/spec/integration/lib/auth0/api/api_authentication_spec.rb +1 -1
  37. data/spec/integration/lib/auth0/api/v2/api_jobs_spec.rb +1 -1
  38. data/spec/integration/lib/auth0/api/v2/api_roles_spec.rb +1 -1
  39. data/spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb +1 -1
  40. data/spec/integration/lib/auth0/api/v2/api_users_spec.rb +1 -1
  41. data/spec/lib/auth0/api/v2/branding_spec.rb +70 -0
  42. data/spec/lib/auth0/api/v2/connections_spec.rb +4 -0
  43. data/spec/lib/auth0/api/v2/jobs_spec.rb +11 -0
  44. data/spec/lib/auth0/api/v2/organizations_spec.rb +588 -0
  45. data/spec/lib/auth0/api/v2/roles_spec.rb +4 -4
  46. data/spec/lib/auth0/api/v2/tickets_spec.rb +55 -0
  47. data/spec/lib/auth0/api/v2/users_spec.rb +57 -11
  48. data/spec/lib/auth0/client_spec.rb +79 -9
  49. data/spec/lib/auth0/mixins/httpproxy_spec.rb +2 -2
  50. data/spec/lib/auth0/mixins/validation_spec.rb +32 -0
  51. data/spec/spec_helper.rb +6 -1
  52. data/spec/support/credentials.rb +0 -19
  53. metadata +49 -44
  54. data/.github/ISSUE_TEMPLATE.md +0 -39
  55. data/Gemfile.lock +0 -227
  56. data/deploy_documentation.sh +0 -29
  57. data/doc_config/templates/default/fulldoc/html/css/full_list.css +0 -79
  58. data/doc_config/templates/default/fulldoc/html/css/style.css +0 -546
  59. data/doc_config/templates/default/layout/html/breadcrumb.erb +0 -11
  60. data/doc_config/templates/default/layout/html/footer.erb +0 -115
  61. data/doc_config/templates/default/layout/html/headers.erb +0 -17
  62. data/doc_config/templates/default/layout/html/layout.erb +0 -27
  63. data/lib/auth0/api/v1.rb +0 -19
  64. data/lib/auth0/api/v1/clients.rb +0 -58
  65. data/lib/auth0/api/v1/connections.rb +0 -68
  66. data/lib/auth0/api/v1/logs.rb +0 -43
  67. data/lib/auth0/api/v1/rules.rb +0 -57
  68. data/lib/auth0/api/v1/users.rb +0 -227
  69. data/spec/lib/auth0/api/authentication_endpoints_spec.rb +0 -703
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c773de4346d595a93a87c037c195c59eaee818777201c8ee3bc291a3e49845bc
4
- data.tar.gz: 647034c402dcbe84488ca6f472b7bfe451e3567b4b6d70ff7b79ec81cbb8a16b
3
+ metadata.gz: 268e36ef0f352a266607bdad5435b4ebddfacc3b29dd4aa4d922966950ca0e46
4
+ data.tar.gz: 2190414d235036db1218c7560d67a1cb9a300f02495d2fdaa1c267398480d130
5
5
  SHA512:
6
- metadata.gz: d7a196b81295ac4657f4789239e328f68522a510608d2282614c975900f50b46355ad0277b51b50f5a75b02fe04601e8dc511cc016d6f40607520b24af4b0bd0
7
- data.tar.gz: 303ac2f09a489a6727e73ce384fc3257bae9c872a2039fe732fea8bc853f8aa625d397d3da0e885f78eb96ee3f8bfca9d8bcc6adaddaf82335eaa7680ddd94ea
6
+ metadata.gz: 52706c2e0c0ed270a987ec83568e94cf37d9b4a951ef00f813fed275c6a0ddb15b87324111a399b34d09b3ee448446140d197670a003be6f2bcd930295f73867
7
+ data.tar.gz: 9f316b486484eb9af039b3f39670a259fc9d1e41b249e7faa4916d1b6345a54ba6233f2d2dc4daf4c55dc41756269062a5a7fb539b9c6285224a9b45140911eb
data/.circleci/config.yml CHANGED
@@ -1,17 +1,37 @@
1
1
  version: 2.1
2
+
3
+ matrix_ruby_versions: &matrix_ruby_versions
4
+ matrix:
5
+ parameters:
6
+ ruby_version: ["2.5", "2.6", "2.7", "3.0"]
7
+ # Default version of ruby to use for lint and publishing
8
+ default_ruby_version: &default_ruby_version "2.7"
9
+
10
+ executors:
11
+ ruby-image:
12
+ parameters:
13
+ ruby_version:
14
+ type: string
15
+ default: *default_ruby_version
16
+ docker:
17
+ - image: circleci/ruby:<< parameters.ruby_version >>
18
+
2
19
  jobs:
3
20
  run-tests:
4
- docker:
5
- - image: circleci/ruby:2.5.7-buster
21
+ parameters:
22
+ ruby_version:
23
+ type: string
24
+ default: *default_ruby_version
25
+ executor:
26
+ name: ruby-image
27
+ ruby_version: << parameters.ruby_version >>
6
28
  steps:
7
29
  - checkout
8
30
  - restore_cache:
9
- keys:
10
- - gems-v2-{{ checksum "Gemfile.lock" }}
11
- - gems-v2-
12
- - run: bundle check || bundle install
31
+ key: gems-v2-{{ checksum "Gemfile.lock" }}
32
+ - run: bundle check --path=vendor/bundle || bundle install --path=vendor/bundle
13
33
  - save_cache:
14
- key: gems-v2--{{ checksum "Gemfile.lock" }}
34
+ key: gems-v2-{{ checksum "Gemfile.lock" }}
15
35
  paths:
16
36
  - vendor/bundle
17
37
  # Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
@@ -20,4 +40,5 @@ jobs:
20
40
  workflows:
21
41
  tests:
22
42
  jobs:
23
- - run-tests
43
+ - run-tests:
44
+ <<: *matrix_ruby_versions
data/.github/CODEOWNERS CHANGED
@@ -1 +1 @@
1
- * @auth0/dx-sdks-approver
1
+ * @auth0/dx-sdks-engineer
@@ -0,0 +1,8 @@
1
+ blank_issues_enabled: false
2
+ contact_links:
3
+ - name: Auth0 Community
4
+ url: https://community.auth0.com/c/sdks/5
5
+ about: Discuss this SDK in the Auth0 Community forums
6
+ - name: SDK API Documentation
7
+ url: https://www.rubydoc.info/gems/auth0
8
+ about: Read the API documentation for this SDK
@@ -0,0 +1,39 @@
1
+ ---
2
+ name: Feature request
3
+ about: Suggest an idea or a feature for this project
4
+ title: ''
5
+ labels: feature request
6
+ assignees: ''
7
+ ---
8
+
9
+ <!--
10
+ **Please do not report security vulnerabilities here**. The Responsible Disclosure Program (https://auth0.com/whitehat) details the procedure for disclosing security issues.
11
+
12
+ Thank you in advance for helping us to improve this library! Your attention to detail here is greatly appreciated and will help us respond as quickly as possible. For general support or usage questions, use the Auth0 Community (https://community.auth0.com/) or Auth0 Support (https://support.auth0.com/). Finally, to avoid duplicates, please search existing Issues before submitting one here.
13
+
14
+ By submitting an Issue to this repository, you agree to the terms within the Auth0 Code of Conduct (https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
15
+ -->
16
+
17
+ ### Describe the problem you'd like to have solved
18
+
19
+ <!--
20
+ > A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
21
+ -->
22
+
23
+ ### Describe the ideal solution
24
+
25
+ <!--
26
+ > A clear and concise description of what you want to happen.
27
+ -->
28
+
29
+ ## Alternatives and current work-arounds
30
+
31
+ <!--
32
+ > A clear and concise description of any alternatives you've considered or any work-arounds that are currently in place.
33
+ -->
34
+
35
+ ### Additional information, if any
36
+
37
+ <!--
38
+ > Add any other context or screenshots about the feature request here.
39
+ -->
@@ -0,0 +1,55 @@
1
+ ---
2
+ name: Report a bug
3
+ about: Have you found a bug or issue? Create a bug report for this SDK
4
+ title: ''
5
+ labels: bug report
6
+ assignees: ''
7
+ ---
8
+
9
+ <!--
10
+ **Please do not report security vulnerabilities here**. The Responsible Disclosure Program (https://auth0.com/whitehat) details the procedure for disclosing security issues.
11
+
12
+ Thank you in advance for helping us to improve this library! Please read through the template below and answer all relevant questions. Your additional work here is greatly appreciated and will help us respond as quickly as possible. For general support or usage questions, use the Auth0 Community (https://community.auth0.com/) or Auth0 Support (https://support.auth0.com/). Finally, to avoid duplicates, please search existing Issues before submitting one here.
13
+
14
+ By submitting an Issue to this repository, you agree to the terms within the Auth0 Code of Conduct (https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
15
+ -->
16
+
17
+ ### Describe the problem
18
+
19
+ <!--
20
+ > Provide a clear and concise description of the issue
21
+ -->
22
+
23
+ ### What was the expected behavior?
24
+
25
+ <!--
26
+ > Tell us about the behavior you expected to see
27
+ -->
28
+
29
+ ### Reproduction
30
+ <!--
31
+ > Detail the steps taken to reproduce this error, and whether this issue can be reproduced consistently or if it is intermittent.
32
+ > **Note**: If clear, reproducable steps or the smallest sample app demonstrating misbehavior cannot be provided, we may not be able to follow up on this bug report.
33
+
34
+ > Where possible, please include:
35
+ >
36
+ > - The smallest possible sample app that reproduces the undesirable behavior
37
+ > - Log files (redact/remove sensitive information)
38
+ > - Application settings (redact/remove sensitive information)
39
+ > - Screenshots
40
+ -->
41
+
42
+ - Step 1..
43
+ - Step 2..
44
+ - ...
45
+
46
+ ### Environment
47
+
48
+ <!--
49
+ > Please provide the following:
50
+ -->
51
+
52
+ - **Version of this library used:**
53
+ - **Which framework are you using, if applicable:**
54
+ - **Other modules/plugins/libraries that might be involved:**
55
+ - **Any other relevant information you think would be useful:**
data/.gitignore CHANGED
@@ -10,5 +10,5 @@ coverage
10
10
  *.swp
11
11
  *.swo
12
12
  spec/auth0.yml
13
- .yardoc
14
13
  .env
14
+ /Gemfile.lock
data/.yardoc/checksums ADDED
@@ -0,0 +1,22 @@
1
+ lib/auth0/api/v2/jobs.rb 53fe5a814c9da1bb89d7cb885fe7f1151d6ca44a
2
+ lib/auth0/api/v2/logs.rb f4b9b93248d85d29d58ac12b6b5ebabd72f98adb
3
+ lib/auth0/api/v2/roles.rb 99e9d0222f0d59f21cb061d13b434bf1a903660a
4
+ lib/auth0/api/v2/rules.rb 2fbbf4258ba7e6fe67d1ab197ca3503d4e5daf84
5
+ lib/auth0/api/v2/stats.rb 035b172ad69efb2b040ffcd29319f23017352b4c
6
+ lib/auth0/api/v2/users.rb 6a648030a6851db60ab13dc3a8a7d46bd51ce977
7
+ lib/auth0/api/v2/emails.rb 83aaf5ed8082cb2787a0f9c47c463d218a3aee77
8
+ lib/auth0/api/v2/anomaly.rb c0e38b3cbb4cca65fbe51e6ed69d56cfa5ea8d0e
9
+ lib/auth0/api/v2/clients.rb 23c2b6f307f6a20537720ad24de30b62de51b9f2
10
+ lib/auth0/api/v2/prompts.rb 688c71d37885b64ed8c174d54c9403fe21dc0735
11
+ lib/auth0/api/v2/tenants.rb d20a9c46b6754d504667b6d5187b525274d5ffe8
12
+ lib/auth0/api/v2/tickets.rb fd192d8b281ca54d318cac0a6b5cff3cad555076
13
+ lib/auth0/api/v2/guardian.rb 367ea7046c90fdb2065bc66eddb64e47b2d3370d
14
+ lib/auth0/api/v2/blacklists.rb c3405a13b9c6481a43136b3f4c755602e24a9511
15
+ lib/auth0/api/v2/connections.rb 3a2ac77a7f9ba97df3fd2e7b958192e06db2e0a7
16
+ lib/auth0/api/v2/log_streams.rb 1624abe964bd0e9bcfa1107a970f8fa823ec5955
17
+ lib/auth0/api/v2/user_blocks.rb ce0f80dc00eb32dc1b825c0bbafb89e94d30a28c
18
+ lib/auth0/api/v2/client_grants.rb ac7489b697d58e7514014e5ae125ffa88015306d
19
+ lib/auth0/api/v2/users_by_email.rb 95bb92421fb03ec8feee8ef0b5f2ab64c8e51403
20
+ lib/auth0/api/v2/resource_servers.rb f9c6e7c8fc0bd497e34b0a9e3ac1a81d7fbbe88b
21
+ lib/auth0/api/v2/device_credentials.rb 94b92db7091ebc7af97fe0fb10a3ad64fa36cdc8
22
+ lib/auth0/api/authentication_endpoints.rb d6e5c2fabbd79b4f17864b6ec026488d65c5090d
data/.yardoc/complete ADDED
File without changes
Binary file
Binary file
Binary file
data/CHANGELOG.md CHANGED
@@ -1,5 +1,89 @@
1
1
  # Change Log
2
2
 
3
+ ## [v5.1.0](https://github.com/auth0/ruby-auth0/tree/v5.1.0) (2021-04-09)
4
+
5
+ [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.0.1..v5.1.0)
6
+
7
+ **Added**
8
+
9
+ - Org idtoken validation guidance [\#267](https://github.com/auth0/ruby-auth0/pull/267) ([davidpatrick](https://github.com/davidpatrick))
10
+ - Adds Branding endpoints [\#266](https://github.com/auth0/ruby-auth0/pull/266) ([davidpatrick](https://github.com/davidpatrick))
11
+ - Organizations feature [\#264](https://github.com/auth0/ruby-auth0/pull/264) ([davidpatrick](https://github.com/davidpatrick))
12
+ - Add Organizations support to Authentication API Client [\#263](https://github.com/auth0/ruby-auth0/pull/263) ([davidpatrick](https://github.com/davidpatrick))
13
+ - Add api_identifier as an accepted configurable [\#261](https://github.com/auth0/ruby-auth0/pull/261) ([QWYNBG](https://github.com/QWYNBG))
14
+ - add name param to connections api [\#260](https://github.com/auth0/ruby-auth0/pull/260) ([QWYNBG](https://github.com/QWYNBG))
15
+
16
+ ## [v5.0.1](https://github.com/auth0/ruby-auth0/tree/v5.0.1) (2021-02-02)
17
+
18
+ [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.0.0..v5.0.1)
19
+
20
+ **Added**
21
+
22
+ - Add test support for Ruby 2.6 and 2.7 and 3.0 [\#256](https://github.com/auth0/ruby-auth0/pull/256) ([fursich](https://github.com/fursich))
23
+
24
+ **Fixed**
25
+
26
+ - Fixes recovery-code-regeneration URL [\#257](https://github.com/auth0/ruby-auth0/pull/257) ([epintos](https://github.com/apps/epintos))
27
+
28
+ **Security**
29
+
30
+ - Bumps nokogiri from 1.10.10 to 1.11.1 [\#258](https://github.com/auth0/ruby-auth0/pull/258) ([dependabot](https://github.com/apps/dependabot))
31
+
32
+ ## [v5.0.0](https://github.com/auth0/ruby-auth0/tree/v5.0.0) (2020-10-22)
33
+
34
+ This release addresses some long standing issues with the library that could only be addressed in a major. We have also removed Api/v1 endpoints and other deprecated methods.
35
+
36
+ ### Migration from v4 to v5
37
+
38
+ #### Top Level Structs
39
+ The following top level structs were colliding with other libraries, this was addressed in [\#183](183) and have been namespaced with `::Auth0::`
40
+ - `ApiToken` changed to `::Auth0::ApiToken`
41
+ - `Permission` changed to `::Auth0::Permission`
42
+ - `AccessToken` changed to `::AccessToken::AccessToken`
43
+
44
+ #### Api2 Users create_user method
45
+ This method was requiring you send in a `name`, which was optional, but didn't require `connection_name` which isn't optional. This was fixed in [\#244](244).
46
+
47
+ `Auth0::Api::V2::Users.create_user(name, options = {})` has changed to `Auth0::Api::V2::Users.create_user(connection_name, options = {})`
48
+
49
+ #### APIv1 End of Life
50
+ APIv1 endpoints were deprecated in 4.x and now have been removed in v5. They reached end-of-life in the Public Cloud on 13 July 2020. Migration from v1 to v2 has been documented here https://auth0.com/docs/product-lifecycle/deprecations-and-migrations/migrate-to-management-api-v2
51
+
52
+ #### Catching 429 Errors
53
+ In 4.x `RateLimitEncountered` was inheriting from `Auth0::Unsupported` in order for backwards compatibility. This class is now inheriting `Auth0::HTTPError`. If you are catching 429 errors with `Auth0::Unsupported` then you will need to migrate to catching with `Auth0::HTTPError`.
54
+
55
+ ### Changes
56
+ [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.17.1...v5.0.0)
57
+
58
+ **Fixed**
59
+ - Don't define structs as top-level constants (breaking changes) [\#183](https://github.com/auth0/ruby-auth0/pull/183) ([makimoto](https://github.com/makimoto))
60
+ - Fix create_user implementation (breaking changes) [\#244](https://github.com/auth0/ruby-auth0/pull/244) ([davidpatrick](https://github.com/davidpatrick))
61
+
62
+ **Removed**
63
+ - Removed Deprecations (breaking changes) [\#245](https://github.com/auth0/ruby-auth0/pull/245) ([davidpatrick](https://github.com/davidpatrick))
64
+
65
+ ## [v4.17.1](https://github.com/auth0/ruby-auth0/tree/v4.17.1) (2020-10-21)
66
+
67
+ [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.17.0...v4.17.1)
68
+
69
+ **Fixed**
70
+
71
+ - Addressable dependency [\#247](https://github.com/auth0/ruby-auth0/pull/247) ([davidpatrick](https://github.com/davidpatrick))
72
+
73
+
74
+ ## [v4.17.0](https://github.com/auth0/ruby-auth0/tree/v4.17.0) (2020-10-19)
75
+
76
+ [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.16.0...v4.17.0)
77
+
78
+ **Added**
79
+
80
+ - Add pagination to user permissions [\#241](https://github.com/auth0/ruby-auth0/pull/241) ([davidpatrick](https://github.com/davidpatrick))
81
+
82
+ **Deprecated**
83
+
84
+ - Addressable URI Escape [\#240](https://github.com/auth0/ruby-auth0/pull/240) ([davidpatrick](https://github.com/apps/davidpatrick))
85
+
86
+
3
87
  ## [v4.16.0](https://github.com/auth0/ruby-auth0/tree/v4.16.0) (2020-10-02)
4
88
 
5
89
  [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.15.0...v4.16.0)
data/Gemfile CHANGED
@@ -8,7 +8,6 @@ group :development do
8
8
  gem 'coveralls', require: false
9
9
  gem 'rubocop', require: false
10
10
  gem 'rubocop-rails', require: false
11
- gem 'yard', require: false
12
11
  end
13
12
 
14
13
  group :test do
data/README.md CHANGED
@@ -25,13 +25,7 @@ bundle add auth0
25
25
 
26
26
  ## API Documentation
27
27
 
28
- You can build the API documentation with the following:
29
-
30
- ```bash
31
- bundle exec rake documentation
32
- ```
33
-
34
- To view the generated documentation, open `doc/Auth0/Api.html` .
28
+ https://www.rubydoc.info/gems/auth0
35
29
 
36
30
  ## Management API v2
37
31
 
@@ -119,6 +113,61 @@ In addition to the Management API, this SDK also provides access to [Authenticat
119
113
 
120
114
  Please note that this module implements endpoints that might be deprecated for newer tenants. If you have any questions about how and when the endpoints should be used, consult the [documentation](https://auth0.com/docs/api/authentication) or ask in our [Community forums](https://community.auth0.com/tags/wordpress).
121
115
 
116
+ ### Organizations
117
+
118
+ [Organizations](https://auth0.com/docs/organizations) is a set of features that provide better support for developers who build and maintain SaaS and Business-to-Business (B2B) applications.
119
+
120
+ Using Organizations, you can:
121
+
122
+ - Represent teams, business customers, partner companies, or any logical grouping of users that should have different ways of accessing your applications, as organizations.
123
+ - Manage their membership in a variety of ways, including user invitation.
124
+ - Configure branded, federated login flows for each organization.
125
+ - Implement role-based access control, such that users can have different roles when authenticating in the context of different organizations.
126
+ - Build administration capabilities into your products, using Organizations APIs, so that those businesses can manage their own organizations.
127
+
128
+ Note that Organizations is currently only available to customers on our Enterprise and Startup subscription plans.
129
+
130
+ #### Logging in with an Organization
131
+
132
+ Configure the Authentication API client and pass your Organization ID to the authorize url:
133
+
134
+ ```ruby
135
+ require 'auth0'
136
+
137
+ @auth0_client ||= Auth0Client.new(
138
+ client_id: '{YOUR_APPLICATION_CLIENT_ID}',
139
+ client_secret: '{YOUR_APPLICATION_CLIENT_SECRET}',
140
+ domain: '{YOUR_TENANT}.auth0.com',
141
+ organization: "{YOUR_ORGANIZATION_ID}"
142
+ )
143
+
144
+ universal_login_url = @auth0_client.authorization_url("https://{YOUR_APPLICATION_CALLBACK_URL}")
145
+
146
+ # redirect_to universal_login_url
147
+ ```
148
+
149
+ #### Accepting user invitations
150
+
151
+ Auth0 Organizations allow users to be invited using emailed links, which will direct a user back to your application. The URL the user will arrive at is based on your configured `Application Login URI`, which you can change from your Application's settings inside the Auth0 dashboard. When they arrive at this URL, a `invitation` and `organization` query parameters will be provided
152
+
153
+ ```ruby
154
+ require 'auth0'
155
+
156
+ @auth0_client ||= Auth0Client.new(
157
+ client_id: '{YOUR_APPLICATION_CLIENT_ID}',
158
+ client_secret: '{YOUR_APPLICATION_CLIENT_ID}',
159
+ domain: '{YOUR_TENANT}.auth0.com',
160
+ organization: "{YOUR_ORGANIZATION_ID}"
161
+ )
162
+
163
+ universal_login_url = @auth0_client.authorization_url("https://{YOUR_APPLICATION_CALLBACK_URL}", {
164
+ organization: "{ORGANIZATION_QUERY_PARAM}", # You can override organization if needed
165
+ invitation: "{INVITATION_QUERY_PARAM}"
166
+ })
167
+
168
+ # redirect_to universal_login_url
169
+ ```
170
+
122
171
  ## ID Token Validation
123
172
 
124
173
  An ID token may be present in the credentials received after authentication. This token contains information associated with the user that has just logged in, provided the scope used contained `openid`. You can [read more about ID tokens here](https://auth0.com/docs/tokens/concepts/id-tokens).
@@ -143,6 +192,7 @@ The method takes the following optional keyword parameters:
143
192
  | `max_age` | Integer | The `max_age` value you sent in the call to `/authorize`, if any. | `nil` |
144
193
  | `issuer` | String | By default the `iss` claim will be checked against the URL of your **Auth0 Domain**. Use this parameter to override that. | `nil` |
145
194
  | `audience` | String | By default the `aud` claim will be compared to your **Auth0 Client ID**. Use this parameter to override that. | `nil` |
195
+ | `organization`| String | By default the `org_id` claim will be compared to your **Organization ID**. Use this parameter to override that. | `nil` |
146
196
 
147
197
  You can check the signing algorithm value under **Advanced Settings > OAuth > JsonWebToken Signature Algorithm** in your Auth0 application settings panel. [We recommend](https://auth0.com/docs/tokens/concepts/signing-algorithms#our-recommendation) that you make use of asymmetric signing algorithms like `RS256` instead of symmetric ones like `HS256`.
148
198
 
@@ -164,6 +214,29 @@ rescue Auth0::InvalidIdToken => e
164
214
  end
165
215
  ```
166
216
 
217
+ ### Organization ID Token Validation
218
+
219
+ If an org_id claim is present in the Access Token, then the claim should be validated by the API to ensure that the value received is expected or known.
220
+
221
+ In particular:
222
+
223
+ * The issuer (iss) claim should be checked to ensure the token was issued by Auth0
224
+
225
+ * the org_id claim should be checked to ensure it is a value that is already known to the application. This could be validated against a known list of organization IDs, or perhaps checked in conjunction with the current request URL. e.g. the sub-domain may hint at what organization should be used to validate the Access Token.
226
+
227
+ Normally, validating the issuer would be enough to ensure that the token was issued by Auth0. In the case of organizations, additional checks should be made so that the organization within an Auth0 tenant is expected.
228
+
229
+ If the claim cannot be validated, then the application should deem the token invalid.
230
+
231
+ ```ruby
232
+ begin
233
+ @auth0_client.validate_id_token 'YOUR_ID_TOKEN', organization: '{Expected org_id}'
234
+ rescue Auth0::InvalidIdToken => e
235
+ # In this case the ID Token contents should not be trusted
236
+ end
237
+
238
+ For more information, please read [Work with Tokens and Organizations](https://auth0.com/docs/organizations/using-tokens) on Auth0 Docs.
239
+
167
240
  ## Development
168
241
 
169
242
  In order to set up the local environment you'd have to have Ruby installed and a few global gems used to run and record the unit tests. A working Ruby version can be taken from the [CI script](/.circleci/config.yml). At the moment of this writting we're using Ruby `2.5.7`.
@@ -237,4 +310,4 @@ If you find a bug or have a feature request, please report them in this reposito
237
310
  This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.
238
311
 
239
312
 
240
- [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0?ref=badge_large)
313
+ [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0?ref=badge_large)
data/Rakefile CHANGED
@@ -9,28 +9,6 @@ begin
9
9
  desc 'Run Rubocop'
10
10
  RuboCop::RakeTask.new(:rubocop)
11
11
 
12
- require 'yard'
13
- DOC_FILES = ['lib/auth0/api/v2/*.rb', 'lib/auth0/api/authentication_endpoints.rb'].freeze
14
-
15
- desc 'Build Documentation'
16
- YARD::Rake::YardocTask.new(:documentation) do |t|
17
- t.files = DOC_FILES
18
- t.options = ['-p', 'doc_config/templates']
19
- end
20
-
21
- desc 'Publish SDK documentation'
22
- task :publish do
23
- sh 'rake documentation'
24
- sh 'cp -R doc /tmp/ruby-auth0-doc'
25
- sh 'git checkout gh-pages'
26
- sh 'cp -R /tmp/ruby-auth0-doc/* .'
27
- sh 'rm -rf /tmp/ruby-auth0-doc'
28
- sh 'git add .'
29
- sh 'git commit -am "Rebuild documentation"'
30
- sh 'git push origin gh-pages'
31
- sh 'git checkout master'
32
- end
33
-
34
12
  desc 'Run Integration Tests'
35
13
  RSpec::Core::RakeTask.new(:integration) do |t|
36
14
  t.pattern = FileList["spec/integration/**/*#{ENV['PATTERN']}*_spec.rb"]