auth0 4.16.0 → 5.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +29 -8
- data/.github/CODEOWNERS +1 -1
- data/.github/ISSUE_TEMPLATE/config.yml +8 -0
- data/.github/ISSUE_TEMPLATE/feature_request.md +39 -0
- data/.github/ISSUE_TEMPLATE/report_a_bug.md +55 -0
- data/.gitignore +1 -1
- data/.yardoc/checksums +22 -0
- data/.yardoc/complete +0 -0
- data/.yardoc/object_types +0 -0
- data/.yardoc/objects/root.dat +0 -0
- data/.yardoc/proxy_types +0 -0
- data/CHANGELOG.md +84 -0
- data/Gemfile +0 -1
- data/README.md +81 -8
- data/Rakefile +0 -22
- data/auth0.gemspec +4 -3
- data/examples/ruby-api/.gitignore +0 -6
- data/lib/auth0/api/authentication_endpoints.rb +22 -226
- data/lib/auth0/api/v2.rb +8 -4
- data/lib/auth0/api/v2/branding.rb +66 -0
- data/lib/auth0/api/v2/connections.rb +3 -0
- data/lib/auth0/api/v2/jobs.rb +3 -1
- data/lib/auth0/api/v2/organizations.rb +332 -0
- data/lib/auth0/api/v2/tickets.rb +14 -2
- data/lib/auth0/api/v2/users.rb +33 -8
- data/lib/auth0/exception.rb +4 -7
- data/lib/auth0/mixins.rb +0 -1
- data/lib/auth0/mixins/access_token_struct.rb +2 -2
- data/lib/auth0/mixins/api_token_struct.rb +2 -2
- data/lib/auth0/mixins/httpproxy.rb +3 -1
- data/lib/auth0/mixins/initializer.rb +4 -8
- data/lib/auth0/mixins/permission_struct.rb +2 -2
- data/lib/auth0/mixins/validation.rb +15 -1
- data/lib/auth0/version.rb +1 -1
- data/spec/integration/lib/auth0/api/api_authentication_spec.rb +1 -1
- data/spec/integration/lib/auth0/api/v2/api_jobs_spec.rb +1 -1
- data/spec/integration/lib/auth0/api/v2/api_roles_spec.rb +1 -1
- data/spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb +1 -1
- data/spec/integration/lib/auth0/api/v2/api_users_spec.rb +1 -1
- data/spec/lib/auth0/api/v2/branding_spec.rb +70 -0
- data/spec/lib/auth0/api/v2/connections_spec.rb +4 -0
- data/spec/lib/auth0/api/v2/jobs_spec.rb +11 -0
- data/spec/lib/auth0/api/v2/organizations_spec.rb +588 -0
- data/spec/lib/auth0/api/v2/roles_spec.rb +4 -4
- data/spec/lib/auth0/api/v2/tickets_spec.rb +55 -0
- data/spec/lib/auth0/api/v2/users_spec.rb +57 -11
- data/spec/lib/auth0/client_spec.rb +79 -9
- data/spec/lib/auth0/mixins/httpproxy_spec.rb +2 -2
- data/spec/lib/auth0/mixins/validation_spec.rb +32 -0
- data/spec/spec_helper.rb +6 -1
- data/spec/support/credentials.rb +0 -19
- metadata +49 -44
- data/.github/ISSUE_TEMPLATE.md +0 -39
- data/Gemfile.lock +0 -227
- data/deploy_documentation.sh +0 -29
- data/doc_config/templates/default/fulldoc/html/css/full_list.css +0 -79
- data/doc_config/templates/default/fulldoc/html/css/style.css +0 -546
- data/doc_config/templates/default/layout/html/breadcrumb.erb +0 -11
- data/doc_config/templates/default/layout/html/footer.erb +0 -115
- data/doc_config/templates/default/layout/html/headers.erb +0 -17
- data/doc_config/templates/default/layout/html/layout.erb +0 -27
- data/lib/auth0/api/v1.rb +0 -19
- data/lib/auth0/api/v1/clients.rb +0 -58
- data/lib/auth0/api/v1/connections.rb +0 -68
- data/lib/auth0/api/v1/logs.rb +0 -43
- data/lib/auth0/api/v1/rules.rb +0 -57
- data/lib/auth0/api/v1/users.rb +0 -227
- data/spec/lib/auth0/api/authentication_endpoints_spec.rb +0 -703
@@ -293,8 +293,8 @@ describe Auth0::Api::V2::Roles do
|
|
293
293
|
@instance.add_role_permissions(
|
294
294
|
'ROLE_ID',
|
295
295
|
[
|
296
|
-
Permission.new('permission-name-1', 'server-id-1'),
|
297
|
-
Permission.new('permission-name-2', 'server-id-2')
|
296
|
+
Auth0::Permission.new('permission-name-1', 'server-id-1'),
|
297
|
+
Auth0::Permission.new('permission-name-2', 'server-id-2')
|
298
298
|
]
|
299
299
|
)
|
300
300
|
end.not_to raise_error
|
@@ -352,8 +352,8 @@ describe Auth0::Api::V2::Roles do
|
|
352
352
|
@instance.remove_role_permissions(
|
353
353
|
'ROLE_ID',
|
354
354
|
[
|
355
|
-
Permission.new('permission-name-3', 'server-id-3'),
|
356
|
-
Permission.new('permission-name-4', 'server-id-4')
|
355
|
+
Auth0::Permission.new('permission-name-3', 'server-id-3'),
|
356
|
+
Auth0::Permission.new('permission-name-4', 'server-id-4')
|
357
357
|
]
|
358
358
|
)
|
359
359
|
end.not_to raise_error
|
@@ -59,5 +59,60 @@ describe Auth0::Api::V2::Tickets do
|
|
59
59
|
new_password: nil)
|
60
60
|
expect {@instance.post_password_change}.not_to raise_error
|
61
61
|
end
|
62
|
+
|
63
|
+
it 'expect client to accept organization_id' do
|
64
|
+
expect(@instance).to receive(:post).with('/api/v2/tickets/password-change',
|
65
|
+
result_url: nil,
|
66
|
+
user_id: nil,
|
67
|
+
connection_id: nil,
|
68
|
+
email: nil,
|
69
|
+
ttl_sec: nil,
|
70
|
+
mark_email_as_verified: nil,
|
71
|
+
includeEmailInRedirect: nil,
|
72
|
+
new_password: nil,
|
73
|
+
client_id: '123',
|
74
|
+
organization_id: '999'
|
75
|
+
)
|
76
|
+
expect {
|
77
|
+
@instance.post_password_change(
|
78
|
+
result_url: nil,
|
79
|
+
user_id: nil,
|
80
|
+
connection_id: nil,
|
81
|
+
email: nil,
|
82
|
+
ttl_sec: nil,
|
83
|
+
mark_email_as_verified: nil,
|
84
|
+
includeEmailInRedirect: nil,
|
85
|
+
new_password: nil,
|
86
|
+
client_id: '123',
|
87
|
+
organization_id: '999')
|
88
|
+
}.not_to raise_error
|
89
|
+
end
|
90
|
+
|
91
|
+
it 'expect client to accept client_id' do
|
92
|
+
expect(@instance).to receive(:post).with('/api/v2/tickets/password-change',
|
93
|
+
result_url: nil,
|
94
|
+
user_id: nil,
|
95
|
+
connection_id: nil,
|
96
|
+
email: nil,
|
97
|
+
ttl_sec: nil,
|
98
|
+
mark_email_as_verified: nil,
|
99
|
+
includeEmailInRedirect: nil,
|
100
|
+
new_password: nil,
|
101
|
+
client_id: '123'
|
102
|
+
)
|
103
|
+
expect {
|
104
|
+
@instance.post_password_change(
|
105
|
+
result_url: nil,
|
106
|
+
user_id: nil,
|
107
|
+
connection_id: nil,
|
108
|
+
email: nil,
|
109
|
+
ttl_sec: nil,
|
110
|
+
mark_email_as_verified: nil,
|
111
|
+
includeEmailInRedirect: nil,
|
112
|
+
new_password: nil,
|
113
|
+
client_id: '123'
|
114
|
+
)
|
115
|
+
}.not_to raise_error
|
116
|
+
end
|
62
117
|
end
|
63
118
|
end
|
@@ -86,18 +86,28 @@ describe Auth0::Api::V2::Users do
|
|
86
86
|
'/api/v2/users',
|
87
87
|
email: 'test@test.com',
|
88
88
|
password: 'password',
|
89
|
-
connection: 'conn'
|
90
|
-
name: 'name'
|
89
|
+
connection: 'conn'
|
91
90
|
)
|
92
91
|
expect do
|
93
92
|
@instance.create_user(
|
94
|
-
'
|
93
|
+
'conn',
|
95
94
|
email: 'test@test.com',
|
96
|
-
password: 'password'
|
97
|
-
connection: 'conn'
|
95
|
+
password: 'password'
|
98
96
|
)
|
99
97
|
end.not_to raise_error
|
100
98
|
end
|
99
|
+
|
100
|
+
it 'is expected to raise error if connection is not specified' do
|
101
|
+
expect(@instance).not_to receive(:delete)
|
102
|
+
expect {
|
103
|
+
@instance.create_user(
|
104
|
+
email: 'test@test.com',
|
105
|
+
password: 'password'
|
106
|
+
)
|
107
|
+
}.to raise_exception(
|
108
|
+
Auth0::MissingParameter
|
109
|
+
)
|
110
|
+
end
|
101
111
|
end
|
102
112
|
|
103
113
|
context '.delete_users' do
|
@@ -390,11 +400,28 @@ describe Auth0::Api::V2::Users do
|
|
390
400
|
end
|
391
401
|
|
392
402
|
it 'is expected to get permissions' do
|
393
|
-
expect(@instance).to receive(:get).with(
|
403
|
+
expect(@instance).to receive(:get).with(
|
404
|
+
'/api/v2/users/USER_ID/permissions',
|
405
|
+
per_page: nil,
|
406
|
+
page: nil,
|
407
|
+
include_totals: nil,
|
408
|
+
)
|
394
409
|
expect do
|
395
410
|
@instance.get_user_permissions('USER_ID')
|
396
411
|
end.not_to raise_error
|
397
412
|
end
|
413
|
+
|
414
|
+
it 'is expected to get permissions with custom parameters' do
|
415
|
+
expect(@instance).to receive(:get).with(
|
416
|
+
'/api/v2/users/USER_ID/permissions',
|
417
|
+
per_page: 10,
|
418
|
+
page: 3,
|
419
|
+
include_totals: true
|
420
|
+
)
|
421
|
+
expect do
|
422
|
+
@instance.get_user_permissions('USER_ID', per_page: 10, page: 3, include_totals: true)
|
423
|
+
end.not_to raise_error
|
424
|
+
end
|
398
425
|
end
|
399
426
|
|
400
427
|
context '.remove_permissions' do
|
@@ -434,8 +461,8 @@ describe Auth0::Api::V2::Users do
|
|
434
461
|
@instance.remove_user_permissions(
|
435
462
|
'USER_ID',
|
436
463
|
[
|
437
|
-
Permission.new('permission-name-1', 'server-id-1'),
|
438
|
-
Permission.new('permission-name-2', 'server-id-2')
|
464
|
+
Auth0::Permission.new('permission-name-1', 'server-id-1'),
|
465
|
+
Auth0::Permission.new('permission-name-2', 'server-id-2')
|
439
466
|
]
|
440
467
|
)
|
441
468
|
end.not_to raise_error
|
@@ -479,8 +506,8 @@ describe Auth0::Api::V2::Users do
|
|
479
506
|
@instance.add_user_permissions(
|
480
507
|
'USER_ID',
|
481
508
|
[
|
482
|
-
Permission.new('permission-name-1', 'server-id-1'),
|
483
|
-
Permission.new('permission-name-2', 'server-id-2')
|
509
|
+
Auth0::Permission.new('permission-name-1', 'server-id-1'),
|
510
|
+
Auth0::Permission.new('permission-name-2', 'server-id-2')
|
484
511
|
]
|
485
512
|
)
|
486
513
|
end.not_to raise_error
|
@@ -497,7 +524,7 @@ describe Auth0::Api::V2::Users do
|
|
497
524
|
end
|
498
525
|
|
499
526
|
it 'is expected to get generate a recovery code' do
|
500
|
-
expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/recovery-code-
|
527
|
+
expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/recovery-code-regeneration')
|
501
528
|
expect do
|
502
529
|
@instance.generate_recovery_code('USER_ID')
|
503
530
|
end.not_to raise_error
|
@@ -522,4 +549,23 @@ describe Auth0::Api::V2::Users do
|
|
522
549
|
end.not_to raise_error
|
523
550
|
end
|
524
551
|
end
|
552
|
+
|
553
|
+
context '.get_user_organizations' do
|
554
|
+
it 'is expected to respond to a get_user_organizations method' do
|
555
|
+
expect(@instance).to respond_to(:get_user_organizations)
|
556
|
+
end
|
557
|
+
|
558
|
+
it 'is expected to raise an exception when the user ID is empty' do
|
559
|
+
expect { @instance.get_user_organizations(nil) }.to raise_exception(Auth0::MissingUserId)
|
560
|
+
end
|
561
|
+
|
562
|
+
it 'is expected to get users organizations' do
|
563
|
+
expect(@instance).to receive(:get).with(
|
564
|
+
'/api/v2/users/USER_ID/organizations'
|
565
|
+
)
|
566
|
+
expect do
|
567
|
+
@instance.get_user_organizations('USER_ID')
|
568
|
+
end.not_to raise_error
|
569
|
+
end
|
570
|
+
end
|
525
571
|
end
|
@@ -29,7 +29,7 @@ describe Auth0::Client do
|
|
29
29
|
let(:client_id) { '__test_client_id__' }
|
30
30
|
let(:client_secret) { '__test_client_secret__' }
|
31
31
|
let(:access_token) { '__test_access_token__' }
|
32
|
-
let(:
|
32
|
+
let(:organization) { '__test_organization__'}
|
33
33
|
|
34
34
|
describe 'V2 client with token' do
|
35
35
|
|
@@ -84,13 +84,12 @@ describe Auth0::Client do
|
|
84
84
|
it_should_behave_like 'Authentication API client'
|
85
85
|
end
|
86
86
|
|
87
|
-
context 'with token
|
87
|
+
context 'with token and client_secret' do
|
88
88
|
let(:subject) do
|
89
89
|
Auth0::Client.new(
|
90
90
|
token: access_token,
|
91
91
|
domain: domain,
|
92
92
|
client_secret: client_secret,
|
93
|
-
audience: audience
|
94
93
|
)
|
95
94
|
end
|
96
95
|
it_should_behave_like 'v2 API client'
|
@@ -99,19 +98,53 @@ describe Auth0::Client do
|
|
99
98
|
end
|
100
99
|
|
101
100
|
describe 'V2 client without token' do
|
101
|
+
context 'should try to get an API token' do
|
102
|
+
before do
|
103
|
+
stub_api_token
|
104
|
+
end
|
102
105
|
|
103
|
-
|
104
|
-
|
106
|
+
let(:subject) do
|
107
|
+
Auth0::Client.new(
|
108
|
+
domain: domain,
|
109
|
+
client_id: client_id,
|
110
|
+
client_secret: client_secret,
|
111
|
+
)
|
112
|
+
end
|
113
|
+
it_should_behave_like 'v2 API client'
|
114
|
+
it_should_behave_like 'Authentication API client'
|
105
115
|
end
|
106
116
|
|
107
|
-
context '
|
117
|
+
context 'when try to get an API tokenwith api_identifier' do
|
118
|
+
let(:api_identifier) { 'https://samples.api_identifier/api/v2/' }
|
119
|
+
|
120
|
+
before do
|
121
|
+
stub_api_token_with_api_identifier
|
122
|
+
end
|
108
123
|
|
109
124
|
let(:subject) do
|
110
125
|
Auth0::Client.new(
|
111
126
|
domain: domain,
|
112
127
|
client_id: client_id,
|
113
128
|
client_secret: client_secret,
|
114
|
-
|
129
|
+
api_identifier: api_identifier
|
130
|
+
)
|
131
|
+
end
|
132
|
+
|
133
|
+
it_should_behave_like 'v2 API client'
|
134
|
+
it_should_behave_like 'Authentication API client'
|
135
|
+
end
|
136
|
+
|
137
|
+
context 'when try to get an API tokenwith organization' do
|
138
|
+
before do
|
139
|
+
stub_api_token_with_organization
|
140
|
+
end
|
141
|
+
|
142
|
+
let(:subject) do
|
143
|
+
Auth0::Client.new(
|
144
|
+
domain: domain,
|
145
|
+
client_id: client_id,
|
146
|
+
client_secret: client_secret,
|
147
|
+
organization: organization
|
115
148
|
)
|
116
149
|
end
|
117
150
|
it_should_behave_like 'v2 API client'
|
@@ -125,7 +158,6 @@ describe Auth0::Client do
|
|
125
158
|
Auth0::Client.new(
|
126
159
|
domain: domain,
|
127
160
|
client_id: client_id,
|
128
|
-
audience: audience
|
129
161
|
)
|
130
162
|
end.to raise_error('Must supply a valid API token')
|
131
163
|
end
|
@@ -140,7 +172,45 @@ describe Auth0::Client do
|
|
140
172
|
grant_type: 'client_credentials',
|
141
173
|
client_id: client_id,
|
142
174
|
client_secret: client_secret,
|
143
|
-
audience:
|
175
|
+
audience: "https://#{domain}/api/v2/"
|
176
|
+
}
|
177
|
+
)
|
178
|
+
)
|
179
|
+
.to_return(
|
180
|
+
headers: { 'Content-Type' => 'application/json' },
|
181
|
+
body: '{"access_token":"__test_access_token__"}',
|
182
|
+
status: 200
|
183
|
+
)
|
184
|
+
end
|
185
|
+
|
186
|
+
def stub_api_token_with_api_identifier
|
187
|
+
stub_request(:post, "https://#{domain}/oauth/token")
|
188
|
+
.with(
|
189
|
+
body: hash_including(
|
190
|
+
{
|
191
|
+
grant_type: 'client_credentials',
|
192
|
+
client_id: client_id,
|
193
|
+
client_secret: client_secret,
|
194
|
+
audience: api_identifier
|
195
|
+
}
|
196
|
+
)
|
197
|
+
)
|
198
|
+
.to_return(
|
199
|
+
headers: { 'Content-Type' => 'application/json' },
|
200
|
+
body: '{"access_token":"__test_access_token__"}',
|
201
|
+
status: 200
|
202
|
+
)
|
203
|
+
end
|
204
|
+
|
205
|
+
def stub_api_token_with_organization
|
206
|
+
stub_request(:post, "https://#{domain}/oauth/token")
|
207
|
+
.with(
|
208
|
+
body: hash_including(
|
209
|
+
{
|
210
|
+
grant_type: 'client_credentials',
|
211
|
+
client_id: client_id,
|
212
|
+
client_secret: client_secret,
|
213
|
+
organization: organization
|
144
214
|
}
|
145
215
|
)
|
146
216
|
)
|
@@ -141,7 +141,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
141
141
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::ServerError)
|
142
142
|
end
|
143
143
|
|
144
|
-
it 'should escape path with URI.escape' do
|
144
|
+
it 'should escape path with Addressable::URI.escape' do
|
145
145
|
expect(RestClient::Request).to receive(:execute).with(method: http_method,
|
146
146
|
url: '/te%20st',
|
147
147
|
timeout: nil,
|
@@ -275,7 +275,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
275
275
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::ServerError)
|
276
276
|
end
|
277
277
|
|
278
|
-
it 'should escape path with URI.escape' do
|
278
|
+
it 'should escape path with Addressable::URI.escape' do
|
279
279
|
expect(RestClient::Request).to receive(:execute).with(method: http_method,
|
280
280
|
url: '/te%20st',
|
281
281
|
timeout: nil,
|
@@ -143,6 +143,12 @@ describe Auth0::Mixins::Validation::IdTokenValidator do
|
|
143
143
|
expect { instance.validate(token) }.to raise_exception('Must supply a valid nonce')
|
144
144
|
end
|
145
145
|
|
146
|
+
it 'is expected to raise an error with an empty organization' do
|
147
|
+
instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: '' }))
|
148
|
+
|
149
|
+
expect { instance.validate(token) }.to raise_exception('Must supply a valid organization')
|
150
|
+
end
|
151
|
+
|
146
152
|
it 'is expected to raise an error with an empty issuer' do
|
147
153
|
instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ issuer: '' }))
|
148
154
|
|
@@ -277,6 +283,32 @@ describe Auth0::Mixins::Validation::IdTokenValidator do
|
|
277
283
|
|
278
284
|
expect { instance.validate(token) }.to raise_exception("Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time \"#{clock}\" is after last auth at \"#{auth_time}\"")
|
279
285
|
end
|
286
|
+
|
287
|
+
it 'is expected not to raise an error when org_id exsist in the token, but not required' do
|
288
|
+
token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE3ODgxLCJpYXQiOjE2MTY0NDUwODEsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTQ4MSwib3JnX2lkIjoidGVzdE9yZyJ9.AOafUKUNgaxUXpSRYFCeJERcwrQZ4q2NZlutwGXnh9I'
|
289
|
+
expect { @instance.validate(token) }.not_to raise_exception
|
290
|
+
end
|
291
|
+
|
292
|
+
it 'is expected to raise an error with a missing but required organization' do
|
293
|
+
token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE4MTg1LCJpYXQiOjE2MTY0NDUzODUsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTc4NX0.UMo5pmgceXO9lIKzbk7X0ZhE5DOe0IP2LfMKdUj03zQ'
|
294
|
+
instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: 'a1b2c3d4e5' }))
|
295
|
+
|
296
|
+
expect { instance.validate(token) }.to raise_exception('Organization Id (org_id) claim must be a string present in the ID token')
|
297
|
+
end
|
298
|
+
|
299
|
+
it 'is expected to raise an error with an invalid organization' do
|
300
|
+
token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE3ODgxLCJpYXQiOjE2MTY0NDUwODEsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTQ4MSwib3JnX2lkIjoidGVzdE9yZyJ9.AOafUKUNgaxUXpSRYFCeJERcwrQZ4q2NZlutwGXnh9I'
|
301
|
+
instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: 'a1b2c3d4e5' }))
|
302
|
+
|
303
|
+
expect { instance.validate(token) }.to raise_exception('Organization Id (org_id) claim value mismatch in the ID token; expected "a1b2c3d4e5", found "testOrg"')
|
304
|
+
end
|
305
|
+
|
306
|
+
it 'is expected to NOT raise an error with a valid organization' do
|
307
|
+
token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE3ODgxLCJpYXQiOjE2MTY0NDUwODEsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTQ4MSwib3JnX2lkIjoidGVzdE9yZyJ9.AOafUKUNgaxUXpSRYFCeJERcwrQZ4q2NZlutwGXnh9I'
|
308
|
+
instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: 'testOrg' }))
|
309
|
+
|
310
|
+
expect { instance.validate(token) }.not_to raise_exception
|
311
|
+
end
|
280
312
|
end
|
281
313
|
end
|
282
314
|
|
data/spec/spec_helper.rb
CHANGED
@@ -4,6 +4,11 @@ require 'faker'
|
|
4
4
|
require 'json'
|
5
5
|
require 'auth0'
|
6
6
|
|
7
|
+
if RUBY_VERSION >= '2.7.2'
|
8
|
+
# NOTE: https://bugs.ruby-lang.org/issues/17000
|
9
|
+
Warning[:deprecated] = true
|
10
|
+
end
|
11
|
+
|
7
12
|
require 'simplecov'
|
8
13
|
SimpleCov.start
|
9
14
|
|
@@ -60,4 +65,4 @@ def entity_suffix
|
|
60
65
|
'rubytest'
|
61
66
|
end
|
62
67
|
|
63
|
-
puts "Entity suffix is #{entity_suffix}"
|
68
|
+
puts "Entity suffix is #{entity_suffix}"
|
data/spec/support/credentials.rb
CHANGED
@@ -1,24 +1,5 @@
|
|
1
1
|
module Credentials
|
2
2
|
module_function
|
3
|
-
|
4
|
-
def v1_creds
|
5
|
-
{
|
6
|
-
client_id: ENV['CLIENT_ID'],
|
7
|
-
client_secret: ENV['CLIENT_SECRET'],
|
8
|
-
domain: ENV['DOMAIN'],
|
9
|
-
api_version: 1
|
10
|
-
}
|
11
|
-
end
|
12
|
-
|
13
|
-
def v1_global_creds
|
14
|
-
{
|
15
|
-
client_id: ENV['GLOBAL_CLIENT_ID'],
|
16
|
-
client_secret: ENV['GLOBAL_CLIENT_SECRET'],
|
17
|
-
domain: ENV['DOMAIN'],
|
18
|
-
api_version: 1
|
19
|
-
}
|
20
|
-
end
|
21
|
-
|
22
3
|
def v2_creds
|
23
4
|
{
|
24
5
|
domain: ENV.fetch( 'DOMAIN', 'DOMAIN' ),
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: auth0
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 5.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Auth0
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date:
|
14
|
+
date: 2021-04-09 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rest-client
|
@@ -55,6 +55,34 @@ dependencies:
|
|
55
55
|
- - "~>"
|
56
56
|
- !ruby/object:Gem::Version
|
57
57
|
version: 0.12.0
|
58
|
+
- !ruby/object:Gem::Dependency
|
59
|
+
name: addressable
|
60
|
+
requirement: !ruby/object:Gem::Requirement
|
61
|
+
requirements:
|
62
|
+
- - "~>"
|
63
|
+
- !ruby/object:Gem::Version
|
64
|
+
version: 2.7.0
|
65
|
+
type: :runtime
|
66
|
+
prerelease: false
|
67
|
+
version_requirements: !ruby/object:Gem::Requirement
|
68
|
+
requirements:
|
69
|
+
- - "~>"
|
70
|
+
- !ruby/object:Gem::Version
|
71
|
+
version: 2.7.0
|
72
|
+
- !ruby/object:Gem::Dependency
|
73
|
+
name: bundler
|
74
|
+
requirement: !ruby/object:Gem::Requirement
|
75
|
+
requirements:
|
76
|
+
- - ">="
|
77
|
+
- !ruby/object:Gem::Version
|
78
|
+
version: '0'
|
79
|
+
type: :development
|
80
|
+
prerelease: false
|
81
|
+
version_requirements: !ruby/object:Gem::Requirement
|
82
|
+
requirements:
|
83
|
+
- - ">="
|
84
|
+
- !ruby/object:Gem::Version
|
85
|
+
version: '0'
|
58
86
|
- !ruby/object:Gem::Dependency
|
59
87
|
name: rake
|
60
88
|
requirement: !ruby/object:Gem::Requirement
|
@@ -145,20 +173,14 @@ dependencies:
|
|
145
173
|
requirements:
|
146
174
|
- - "~>"
|
147
175
|
- !ruby/object:Gem::Version
|
148
|
-
version: '3.
|
149
|
-
- - ">="
|
150
|
-
- !ruby/object:Gem::Version
|
151
|
-
version: 3.1.0
|
176
|
+
version: '3.5'
|
152
177
|
type: :development
|
153
178
|
prerelease: false
|
154
179
|
version_requirements: !ruby/object:Gem::Requirement
|
155
180
|
requirements:
|
156
181
|
- - "~>"
|
157
182
|
- !ruby/object:Gem::Version
|
158
|
-
version: '3.
|
159
|
-
- - ">="
|
160
|
-
- !ruby/object:Gem::Version
|
161
|
-
version: 3.1.0
|
183
|
+
version: '3.5'
|
162
184
|
- !ruby/object:Gem::Dependency
|
163
185
|
name: rack-test
|
164
186
|
requirement: !ruby/object:Gem::Requirement
|
@@ -207,28 +229,14 @@ dependencies:
|
|
207
229
|
requirements:
|
208
230
|
- - "~>"
|
209
231
|
- !ruby/object:Gem::Version
|
210
|
-
version: '
|
211
|
-
type: :development
|
212
|
-
prerelease: false
|
213
|
-
version_requirements: !ruby/object:Gem::Requirement
|
214
|
-
requirements:
|
215
|
-
- - "~>"
|
216
|
-
- !ruby/object:Gem::Version
|
217
|
-
version: '1.4'
|
218
|
-
- !ruby/object:Gem::Dependency
|
219
|
-
name: yard
|
220
|
-
requirement: !ruby/object:Gem::Requirement
|
221
|
-
requirements:
|
222
|
-
- - "~>"
|
223
|
-
- !ruby/object:Gem::Version
|
224
|
-
version: 0.9.12
|
232
|
+
version: '2.0'
|
225
233
|
type: :development
|
226
234
|
prerelease: false
|
227
235
|
version_requirements: !ruby/object:Gem::Requirement
|
228
236
|
requirements:
|
229
237
|
- - "~>"
|
230
238
|
- !ruby/object:Gem::Version
|
231
|
-
version: 0
|
239
|
+
version: '2.0'
|
232
240
|
- !ruby/object:Gem::Dependency
|
233
241
|
name: gem-release
|
234
242
|
requirement: !ruby/object:Gem::Requirement
|
@@ -255,19 +263,25 @@ files:
|
|
255
263
|
- ".env.example"
|
256
264
|
- ".gemrelease"
|
257
265
|
- ".github/CODEOWNERS"
|
258
|
-
- ".github/ISSUE_TEMPLATE.
|
266
|
+
- ".github/ISSUE_TEMPLATE/config.yml"
|
267
|
+
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
268
|
+
- ".github/ISSUE_TEMPLATE/report_a_bug.md"
|
259
269
|
- ".github/PULL_REQUEST_TEMPLATE.md"
|
260
270
|
- ".github/stale.yml"
|
261
271
|
- ".gitignore"
|
262
272
|
- ".rspec"
|
263
273
|
- ".rubocop.yml"
|
264
274
|
- ".rubocop_todo.yml"
|
275
|
+
- ".yardoc/checksums"
|
276
|
+
- ".yardoc/complete"
|
277
|
+
- ".yardoc/object_types"
|
278
|
+
- ".yardoc/objects/root.dat"
|
279
|
+
- ".yardoc/proxy_types"
|
265
280
|
- CHANGELOG.md
|
266
281
|
- CODE_OF_CONDUCT.md
|
267
282
|
- DEPLOYMENT.md
|
268
283
|
- Dockerfile
|
269
284
|
- Gemfile
|
270
|
-
- Gemfile.lock
|
271
285
|
- Guardfile
|
272
286
|
- LICENSE
|
273
287
|
- README.md
|
@@ -275,13 +289,6 @@ files:
|
|
275
289
|
- Rakefile
|
276
290
|
- auth0.gemspec
|
277
291
|
- codecov.yml
|
278
|
-
- deploy_documentation.sh
|
279
|
-
- doc_config/templates/default/fulldoc/html/css/full_list.css
|
280
|
-
- doc_config/templates/default/fulldoc/html/css/style.css
|
281
|
-
- doc_config/templates/default/layout/html/breadcrumb.erb
|
282
|
-
- doc_config/templates/default/layout/html/footer.erb
|
283
|
-
- doc_config/templates/default/layout/html/headers.erb
|
284
|
-
- doc_config/templates/default/layout/html/layout.erb
|
285
292
|
- examples/ruby-api/.env.example
|
286
293
|
- examples/ruby-api/.gitignore
|
287
294
|
- examples/ruby-api/Gemfile
|
@@ -352,15 +359,10 @@ files:
|
|
352
359
|
- lib/auth0.rb
|
353
360
|
- lib/auth0/algorithm.rb
|
354
361
|
- lib/auth0/api/authentication_endpoints.rb
|
355
|
-
- lib/auth0/api/v1.rb
|
356
|
-
- lib/auth0/api/v1/clients.rb
|
357
|
-
- lib/auth0/api/v1/connections.rb
|
358
|
-
- lib/auth0/api/v1/logs.rb
|
359
|
-
- lib/auth0/api/v1/rules.rb
|
360
|
-
- lib/auth0/api/v1/users.rb
|
361
362
|
- lib/auth0/api/v2.rb
|
362
363
|
- lib/auth0/api/v2/anomaly.rb
|
363
364
|
- lib/auth0/api/v2/blacklists.rb
|
365
|
+
- lib/auth0/api/v2/branding.rb
|
364
366
|
- lib/auth0/api/v2/client_grants.rb
|
365
367
|
- lib/auth0/api/v2/clients.rb
|
366
368
|
- lib/auth0/api/v2/connections.rb
|
@@ -370,6 +372,7 @@ files:
|
|
370
372
|
- lib/auth0/api/v2/jobs.rb
|
371
373
|
- lib/auth0/api/v2/log_streams.rb
|
372
374
|
- lib/auth0/api/v2/logs.rb
|
375
|
+
- lib/auth0/api/v2/organizations.rb
|
373
376
|
- lib/auth0/api/v2/prompts.rb
|
374
377
|
- lib/auth0/api/v2/resource_servers.rb
|
375
378
|
- lib/auth0/api/v2/roles.rb
|
@@ -580,9 +583,9 @@ files:
|
|
580
583
|
- spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb
|
581
584
|
- spec/integration/lib/auth0/api/v2/api_users_spec.rb
|
582
585
|
- spec/integration/lib/auth0/auth0_client_spec.rb
|
583
|
-
- spec/lib/auth0/api/authentication_endpoints_spec.rb
|
584
586
|
- spec/lib/auth0/api/v2/anomaly_spec.rb
|
585
587
|
- spec/lib/auth0/api/v2/blacklists_spec.rb
|
588
|
+
- spec/lib/auth0/api/v2/branding_spec.rb
|
586
589
|
- spec/lib/auth0/api/v2/client_grants_spec.rb
|
587
590
|
- spec/lib/auth0/api/v2/clients_spec.rb
|
588
591
|
- spec/lib/auth0/api/v2/connections_spec.rb
|
@@ -592,6 +595,7 @@ files:
|
|
592
595
|
- spec/lib/auth0/api/v2/jobs_spec.rb
|
593
596
|
- spec/lib/auth0/api/v2/log_streams_spec.rb
|
594
597
|
- spec/lib/auth0/api/v2/logs_spec.rb
|
598
|
+
- spec/lib/auth0/api/v2/organizations_spec.rb
|
595
599
|
- spec/lib/auth0/api/v2/prompts_spec.rb
|
596
600
|
- spec/lib/auth0/api/v2/resource_servers_spec.rb
|
597
601
|
- spec/lib/auth0/api/v2/roles_spec.rb
|
@@ -632,7 +636,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
632
636
|
- !ruby/object:Gem::Version
|
633
637
|
version: '0'
|
634
638
|
requirements: []
|
635
|
-
rubygems_version: 3.1.
|
639
|
+
rubygems_version: 3.1.4
|
636
640
|
signing_key:
|
637
641
|
specification_version: 4
|
638
642
|
summary: Auth0 API Client
|
@@ -824,9 +828,9 @@ test_files:
|
|
824
828
|
- spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb
|
825
829
|
- spec/integration/lib/auth0/api/v2/api_users_spec.rb
|
826
830
|
- spec/integration/lib/auth0/auth0_client_spec.rb
|
827
|
-
- spec/lib/auth0/api/authentication_endpoints_spec.rb
|
828
831
|
- spec/lib/auth0/api/v2/anomaly_spec.rb
|
829
832
|
- spec/lib/auth0/api/v2/blacklists_spec.rb
|
833
|
+
- spec/lib/auth0/api/v2/branding_spec.rb
|
830
834
|
- spec/lib/auth0/api/v2/client_grants_spec.rb
|
831
835
|
- spec/lib/auth0/api/v2/clients_spec.rb
|
832
836
|
- spec/lib/auth0/api/v2/connections_spec.rb
|
@@ -836,6 +840,7 @@ test_files:
|
|
836
840
|
- spec/lib/auth0/api/v2/jobs_spec.rb
|
837
841
|
- spec/lib/auth0/api/v2/log_streams_spec.rb
|
838
842
|
- spec/lib/auth0/api/v2/logs_spec.rb
|
843
|
+
- spec/lib/auth0/api/v2/organizations_spec.rb
|
839
844
|
- spec/lib/auth0/api/v2/prompts_spec.rb
|
840
845
|
- spec/lib/auth0/api/v2/resource_servers_spec.rb
|
841
846
|
- spec/lib/auth0/api/v2/roles_spec.rb
|