auth0 4.4.0 → 5.1.2

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/delete_test_api.yml

@@ -0,0 +1,60 @@
+---
+http_interactions:
+- request:
+    method: delete
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/resource-servers/5d1668d6851f980681712383
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Accept:
+      - "*/*"
+      Accept-Encoding:
+      - gzip, deflate
+      User-Agent:
+      - rest-client/2.0.2 (darwin17.7.0 x86_64) ruby/2.5.1p57
+      Content-Type:
+      - application/json
+      Auth0-Client:
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjcuMCIsImVudiI6eyJydWJ5IjoiMi41LjEifX0=
+      Authorization:
+      - Bearer API_TOKEN
+      Host:
+      - auth0-sdk-tests.auth0.com
+  response:
+    status:
+      code: 204
+      message: No Content
+    headers:
+      Date:
+      - Fri, 28 Jun 2019 19:22:20 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Connection:
+      - keep-alive
+      Ot-Tracer-Spanid:
+      - 558eeafa72b2004a
+      Ot-Tracer-Traceid:
+      - 3919853d1186f854
+      Ot-Tracer-Sampled:
+      - 'true'
+      X-Ratelimit-Limit:
+      - '10'
+      X-Ratelimit-Remaining:
+      - '8'
+      X-Ratelimit-Reset:
+      - '1561749742'
+      Vary:
+      - origin,accept-encoding
+      Cache-Control:
+      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+      Strict-Transport-Security:
+      - max-age=15724800
+      X-Robots-Tag:
+      - noindex, nofollow, nosnippet, noarchive
+    body:
+      encoding: UTF-8
+      string: ''
+    http_version: 
+  recorded_at: Fri, 28 Jun 2019 19:22:20 GMT
+recorded_with: VCR 4.0.0

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/delete_test_role.yml

@@ -0,0 +1,60 @@
+---
+http_interactions:
+- request:
+    method: delete
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/roles/rol_3hkVHzGY5N5F9per
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Accept:
+      - "*/*"
+      Accept-Encoding:
+      - gzip, deflate
+      User-Agent:
+      - rest-client/2.0.2 (darwin17.7.0 x86_64) ruby/2.5.1p57
+      Content-Type:
+      - application/json
+      Auth0-Client:
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjcuMCIsImVudiI6eyJydWJ5IjoiMi41LjEifX0=
+      Authorization:
+      - Bearer API_TOKEN
+      Host:
+      - auth0-sdk-tests.auth0.com
+  response:
+    status:
+      code: 204
+      message: No Content
+    headers:
+      Date:
+      - Fri, 28 Jun 2019 19:22:20 GMT
+      Content-Type:
+      - application/json; charset=utf-8
+      Connection:
+      - keep-alive
+      Ot-Tracer-Spanid:
+      - 22e1927378b4d7bc
+      Ot-Tracer-Traceid:
+      - 67bc7f5f37455748
+      Ot-Tracer-Sampled:
+      - 'true'
+      X-Ratelimit-Limit:
+      - '10'
+      X-Ratelimit-Remaining:
+      - '7'
+      X-Ratelimit-Reset:
+      - '1561749743'
+      Vary:
+      - origin,accept-encoding
+      Cache-Control:
+      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+      Strict-Transport-Security:
+      - max-age=15724800
+      X-Robots-Tag:
+      - noindex, nofollow, nosnippet, noarchive
+    body:
+      encoding: UTF-8
+      string: ''
+    http_version: 
+  recorded_at: Fri, 28 Jun 2019 19:22:20 GMT
+recorded_with: VCR 4.0.0

data/spec/integration/lib/auth0/api/api_authentication_spec.rb

@@ -1,78 +1,120 @@
 require 'spec_helper'
 describe Auth0::Api::AuthenticationEndpoints do
-  attr_reader :client, :impersonate_user, :impersonator_user, :global_client, :password
+  attr_reader :client, :test_user_email, :test_user_pwd, :test_user
 
   before(:all) do
-    @client = Auth0Client.new(Credentials.v2_creds)
-    impersonate_username = Faker::Internet.user_name
-    impersonate_email = "#{entity_suffix}#{Faker::Internet.safe_email(impersonate_username)}"
-    @password = Faker::Internet.password
-    @impersonate_user = client.create_user(impersonate_username, 'email' => impersonate_email,
-                                                                 'password' => password,
-                                                                 'email_verified' => true,
-                                                                 'connection' =>
-                                                                  Auth0::Api::AuthenticationEndpoints::UP_AUTH,
-                                                                 'app_metadata' => {})
-
-    impersonator_username = Faker::Internet.user_name
-    impersonator_email = "#{entity_suffix}#{Faker::Internet.safe_email(impersonator_username)}"
-    @impersonator_user = client.create_user(impersonator_username, 'email' => impersonator_email,
-                                                                   'password' => password,
-                                                                   'email_verified' => true,
-                                                                   'connection' =>
-                                                                    Auth0::Api::AuthenticationEndpoints::UP_AUTH,
-                                                                   'app_metadata' => {})
-
-    @global_client = Auth0Client.new(v1_global_creds)
+    @client = Auth0Client.new(v2_creds)
+
+    @test_user_email = "#{entity_suffix}-username-1@auth0.com"
+    @test_user_pwd = '23kejn2jk3en2jke2jk3be2jk3ber'
+
+    VCR.use_cassette('Auth0_Api_AuthenticationEndpoints/create_test_user') do
+      @test_user ||= @client.signup(
+        test_user_email,
+        test_user_pwd
+      )
+    end
   end
 
   after(:all) do
-    client.delete_user(impersonate_user['user_id'])
-    client.delete_user(impersonator_user['user_id'])
+    VCR.use_cassette('Auth0_Api_AuthenticationEndpoints/delete_test_user') do
+      @client.delete_user('auth0|' + test_user['_id'])
+    end
   end
 
-  describe '.obtain_access_token' do
-    let(:acces_token) { global_client.obtain_access_token }
-    it { expect(acces_token).to_not be_nil }
-  end
+  describe '.signup', vcr: true do
+    it 'should signup a new user' do
+      expect(test_user).to(include('_id', 'email'))
+    end
 
-  describe '.signup' do
-    let(:signup_username) { Faker::Internet.user_name }
-    let(:signup_email) { "#{entity_suffix}#{Faker::Internet.safe_email(signup_username)}" }
-    let(:signup) { global_client.signup(signup_email, password) }
-    it { expect(signup).to(include('_id', 'email')) }
-    it { expect(signup['email']).to eq signup_email }
+    it 'should return the correct email address' do
+      expect(test_user['email']).to eq test_user_email
+    end
   end
 
-  describe '.change_password' do
-    let(:change_password) do
-      global_client.change_password(impersonate_user['user_id'], '')
+  describe '.change_password', vcr: true do
+    it 'should trigger a password reset' do
+      expect(
+        @client.change_password(test_user_email, '')
+      ).to(include("We've just sent you an email to reset your password."))
     end
-    it { expect(change_password).to(include('We\'ve just sent you an email to reset your password.')) }
   end
 
-  skip '.start_passwordless_email_flow' do
-    let(:start_passwordless_email_flow) do
-      global_client.start_passwordless_email_flow(impersonate_user['email'])
+  describe '.saml_metadata', vcr: true do
+    it 'should retrieve SAML metadata' do
+      expect(@client.saml_metadata).to(include('<EntityDescriptor'))
     end
-    it { expect(start_passwordless_email_flow['email']).to eq impersonate_user['email'] }
-    it { expect(start_passwordless_email_flow).to(include('_id', 'email')) }
   end
 
-  skip '.start_passwordless_sms_flow' do
-    let(:phone_number) { '+19143686854' }
-    let(:start_passwordless_sms_flow) { global_client.start_passwordless_sms_flow(phone_number) }
-    it { expect(start_passwordless_sms_flow['phone_number']).to eq phone_number }
-    it { expect(start_passwordless_sms_flow).to(include('_id', 'phone_number', 'request_language')) }
+  describe '.wsfed_metadata', vcr: true do
+    it 'should retrieve WSFED metadata' do
+      expect(@client.wsfed_metadata).to(include('<EntityDescriptor'))
+    end
   end
 
-  describe '.saml_metadata' do
-    let(:saml_metadata) { global_client.saml_metadata }
-    it { expect(saml_metadata).to(include('<EntityDescriptor')) }
+  describe '.userinfo', vcr: true do
+    it 'should fail as not authorized' do
+      expect do
+        @client.userinfo('invalid_token')
+      end.to raise_error Auth0::Unauthorized
+    end
+
+    it 'should return the userinfo' do
+      tokens = @client.login_with_resource_owner(test_user_email, test_user_pwd)
+      expect(@client.userinfo(tokens['access_token'])).to(
+        include( 'email' => test_user_email )
+      )
+    end
   end
 
-  describe '.wsfed_metadata' do
-    let(:wsfed_metadata) { global_client.wsfed_metadata }
-    it { expect(wsfed_metadata).to(include('<EntityDescriptor')) }
+  describe '.login_with_resource_owner', vcr: true do
+    it 'should fail with an incorrect email' do
+      expect do
+        @client.login_with_resource_owner(
+          test_user['email'] + '_invalid',
+          test_user_pwd
+        )
+      end.to raise_error Auth0::AccessDenied
+    end
+
+    it 'should fail with an incorrect password' do
+      expect do
+        @client.login_with_resource_owner(
+          test_user['email'],
+          test_user_pwd + '_invalid'
+        )
+      end.to raise_error Auth0::AccessDenied
+    end
+
+    it 'should login successfully with a default scope' do
+      expect(
+        @client.login_with_resource_owner(
+          test_user['email'],
+          test_user_pwd
+        ).token
+      ).to_not be_empty
+    end
+
+    it 'should fail with an invalid audience' do
+      expect do
+        @client.login_with_resource_owner(
+          test_user['email'],
+          test_user_pwd,
+          scope: 'test:scope',
+          audience: 'https://brucke.club/invalid/api/v1/'
+        )
+      end.to raise_error Auth0::BadRequest
+    end
+
+    it 'should login successfully with a custom audience' do
+      expect(
+        @client.login_with_resource_owner(
+          test_user['email'],
+          test_user_pwd,
+          scope: 'test:scope',
+          audience: 'https://brucke.club/custom/api/v1/'
+        ).token
+      ).to_not be_empty
+    end
   end
 end

data/spec/integration/lib/auth0/api/v2/api_anomaly_spec.rb

@@ -0,0 +1,17 @@
+require 'spec_helper'
+describe Auth0::Api::V2::Anomaly do
+  let(:client) { Auth0Client.new(v2_creds) }
+  let(:ip) { '192.0.2.0' }
+
+  describe '.check_if_ip_is_blocked', vcr: true do
+    it 'should return 200 response code' do
+      expect { client.check_if_ip_is_blocked(ip) }.to_not raise_error
+    end
+  end
+
+  describe '.remove_ip_block', vcr: true do
+    it 'should remove an IP successfully' do
+      expect { client.remove_ip_block(ip) }.to_not raise_error
+    end
+  end
+end

data/spec/integration/lib/auth0/api/v2/api_blacklist_spec.rb

@@ -3,12 +3,25 @@ describe Auth0::Api::V2::Blacklists do
   let(:client) { Auth0Client.new(v2_creds) }
   let(:token) { 'faketoken' }
 
-  describe '.add_token_to_blacklist' do
-    it { expect(client.add_token_to_blacklist(token)).to be_empty }
+  describe '.add_token_to_blacklist', vcr: true do
+    it 'should add a token to the blacklist' do
+      expect do
+        client.add_token_to_blacklist(
+          token,
+          v2_creds[:client_id]
+        )
+      end.to_not raise_error
+    end
   end
 
-  describe '.blacklisted_tokens' do
-    let(:response) { { 'aud' => ENV['GLOBAL_CLIENT_ID'], 'jti' => token } }
-    it { expect(client.blacklisted_tokens).to include response }
+  describe '.blacklisted_tokens', vcr: true do
+    it 'should get the added token from the blacklist' do
+      expect(client.blacklisted_tokens.first).to(
+        include(
+          'aud' => v2_creds[:client_id],
+          'jti' => token
+        )
+      )
+    end
   end
 end

data/spec/integration/lib/auth0/api/v2/api_client_grants_spec.rb

@@ -1,62 +1,75 @@
 require 'spec_helper'
 describe Auth0::Api::V2::ClientGrants do
-  attr_reader :client, :client_id, :audience, :existing_grant, :scope, :existing_client
+  attr_reader :client, :test_client_grant, :test_client
 
   before(:all) do
     @client = Auth0Client.new(v2_creds)
-    @client_id = v2_creds[:client_id]
-    sleep 1
-    @existing_client = client.create_client("client#{entity_suffix}")
-    sleep 1
-    @audience = "https://#{client.clients[0]['tenant']}.auth0.com/api/v2/"
-    @scope = [Faker::Lorem.word]
-    sleep 1
-    @existing_grant = client.create_client_grant('client_id' => existing_client['client_id'],
-                                                 'audience' => audience,
-                                                 'scope' => scope)
+
+    VCR.use_cassette('Auth0_Api_V2_ClientGrants/create_test_client') do
+      @test_client = client.create_client(
+        "ClientGrantTestClient-#{entity_suffix}"
+      )
+    end
+
+    VCR.use_cassette('Auth0_Api_V2_ClientGrants/create_test_client_grant') do
+      @test_client_grant = client.create_client_grant(
+        'client_id' => test_client['client_id'],
+        'audience' => "https://#{test_client['tenant']}.auth0.com/api/v2/",
+        'scope' => ['test:scope']
+      )
+    end
+
   end
 
   after(:all) do
-    grants = client.client_grants
-    grants.each do |grant|
-      sleep 1
-      client.delete_client_grant(grant['id'])
+    VCR.use_cassette('Auth0_Api_V2_ClientGrants/delete_test_client') do
+      client.delete_client(test_client['client_id'])
+    end
+
+    VCR.use_cassette('Auth0_Api_V2_ClientGrants/delete_test_client_grant') do
+      client.delete_client_grant(test_client_grant['id'])
     end
   end
 
-  describe '.client_grants' do
+  describe '.client_grants', vcr: true do
     let(:client_grants) do
-      sleep 1
       client.client_grants
     end
 
-    it do
-      sleep 1
+    it 'should return at least 1 result' do
       expect(client_grants.size).to be > 0
     end
-    it do
-      sleep 1
-      expect(client_grants).to include(existing_grant)
+
+    it 'should return the test client grant' do
+      expect(client_grants).to include(test_client_grant)
+    end
+
+    it 'should return the first page of one result' do
+      results = client.client_grants(
+        page: 0,
+        per_page: 1
+      )
+      expect(results.first).to equal(results.last)
+      expect(results.first).to eq(test_client_grant)
     end
   end
 
-  describe '.patch_client_grant' do
-    let(:new_scope) { [Faker::Lorem.word] }
-    it do
-      sleep 1
+  describe '.patch_client_grant', vcr: true do
+    it 'should update the test client grant' do
       expect(
         client.patch_client_grant(
-          existing_grant['id'],
-          'scope' => new_scope
+          test_client_grant['id'],
+          'scope' => ['new:scope']
         )
-      ).to(include('scope' => new_scope))
+      ).to(include('scope' => ['new:scope']))
     end
   end
 
-  describe '.delete_client_grant' do
-    it do
-      sleep 1
-      expect { client.delete_client_grant(existing_grant['id']) }.to_not raise_error
+  describe '.delete_client_grant', vcr: true do
+    it 'should delete the test client grant' do
+      expect do
+        client.delete_client_grant(test_client_grant['id'])
+      end.to_not raise_error
     end
   end
 end