RubyGems - auth0 - Versions diffs - 4.5.0 → 4.6.0 - Mend

auth0 4.5.0 → 4.6.0

Files changed (172) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8e2d0aa18336dc8b5427ef196eebe49f8232e2776c90307d1c38e2129d8704e8
-  data.tar.gz: acfe0224309b9b2de3faa249f65e40654586f446494b53044d27cea4ad60b5da
+  metadata.gz: 44aa1a52cec04f4b9e2f8ac6f6d032cf599223f962f8f31f5ea75ac66f85a310
+  data.tar.gz: 522d4c589930e8c4036570b8c87fbccb3362cc386dbbc13ec828cc8134bce43a
 SHA512:
-  metadata.gz: 194975ab5dce4b26bae48fdf25b143a7ae7ff47898e500dc0a49913bcecb54276919e79a70a8a5b2d1d064d176f15cd394bd58d26241f2388c35535ebf5614a5
-  data.tar.gz: 29bde6a3792287ecae9d8559e0b52ed8fc57407a183665944e1883cb3ee64dede9169a8525b191042c86b6c05a2833b34b592d60ff58ec97161d427fa4b84f49
+  metadata.gz: d1aec8459dc67d87089273a12d5ab1c02b40509d92442d84d29123d2472c4499a8e252b325c6bc333ac7fc22bc2910bf9ed95cf6429444ec0d7c27b5ee8fe780
+  data.tar.gz: b44f46446c0ea25470b4ff7bfecba848983602cec4404b6221029aac21839e2127a9462ab2560e64b3869ef7f5d4fa212bf32e9b3a06c3858af8d1bc3de5fdaf

data/.bundle/config CHANGED

@@ -1,3 +1,4 @@
 ---
-BUNDLE_JOBS: '4'
-BUNDLE_BIN: bin
+BUNDLE_JOBS: "3"
+BUNDLE_BIN: "bin"
+BUNDLE_RETRY: "3"

data/.github/ISSUE_TEMPLATE.md ADDED

@@ -0,0 +1,39 @@
+In order to efficiently and accurately address your issue or feature request, please read through the template below and answer all relevant questions. Your additional work here is greatly appreciated and will help us respond as quickly as possible. Please delete any sections or questions below that do not pertain to this request.
+For general support or usage questions, please use the [Auth0 Community](https://community.auth0.com/) or [Auth0 Support](https://support.auth0.com.).
+### Description
+Description of the bug or feature request and why it's a problem. Consider including:
+- The use case or overall problem you're trying to solve
+- Information about when the problem started
+### Prerequisites
+* [ ] I have read the [Auth0 general contribution guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md)
+* [ ] I have read the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md)
+* [ ] Did you check the documentation ([repo README](https://github.com/auth0/ruby-auth0/blob/master/README.md) or [Quickstart](https://auth0.com/docs/quickstart/backend/rails))?
+* [ ] Did you check the [Auth0 Community](https://community.auth0.com/)?
+* [ ] Are you reporting this to the correct repository? See also the [OmniAuth-Auth0 strategy](https://github.com/auth0/omniauth-auth0) for logging in with Rails.
+* [ ] Are there any related or duplicate [Issues](https://github.com/auth0/ruby-auth0/issues) or [PRs](https://github.com/auth0/ruby-auth0/pulls) for this issue?
+### Environment
+Please provide the following:
+* Ruby Auth0 version:
+* Ruby version:
+* Rails version (if applicable):
+* Browser version (if applicable):
+* Additional gems that might be affecting your instance
+### Reproduction
+Detail the steps taken to reproduce this error and note if this issue can be reproduced consistently or if it is intermittent.
+Please include:
+- Log files (redact/remove sensitive information)
+- Application settings (redact/remove sensitive information)
+- Screenshots, if helpful

data/.github/PULL_REQUEST_TEMPLATE.md ADDED

@@ -0,0 +1,35 @@
+### Changes
+Please describe both what is changing and why this is important. Include:
+- Endpoints added, deleted, deprecated, or changed
+- Classes and methods added, deleted, deprecated, or changed
+- Screenshots of new or changed UI, if applicable
+- A summary of usage if this is a new feature or change to a public API (this should also be added to relevant documentation once released)
+### References
+Please include relevant links supporting this change such as a:
+- support ticket
+- community post
+- StackOverflow post
+- support forum thread
+Please note any links that are not publicly accessible.
+### Testing
+Please describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.
+* [ ] This change adds unit test coverage
+* [ ] This change adds integration test coverage
+* [ ] This change has been tested on the latest version of Ruby
+### Checklist
+* [ ] I have read the [Auth0 general contribution guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md)
+* [ ] I have read the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md)
+* [ ] All existing and new tests complete without errors
+* [ ] Rubocop passes on all added/modified files
+* [ ] All active GitHub checks have passed

data/CHANGELOG.md CHANGED

@@ -1,6 +1,42 @@
 # Change Log
-## [v4.5.0](https://github.com/auth0/ruby-auth0/tree/v4.5.0) (2018-07-26)
+## [v4.6.0](https://github.com/auth0/ruby-auth0/tree/v4.6.0) (2018-12-17)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.5.0...v4.6.0)
+**Closed issues**
+- New Release with Client Token work [\#148](https://github.com/auth0/ruby-auth0/issues/148)
+- Unable to initialize Auth0Api [\#147](https://github.com/auth0/ruby-auth0/issues/147)
+- Issues building the documentation [\#135](https://github.com/auth0/ruby-auth0/issues/135)
+- signin with referral token [\#127](https://github.com/auth0/ruby-auth0/issues/127)
+- Some challenges when upgrading to Ruby 2.5.1 [\#122](https://github.com/auth0/ruby-auth0/issues/122)
+- Cannot refresh access token with refresh token. [\#111](https://github.com/auth0/ruby-auth0/issues/111)
+- Incorrect request_params for username-password login [\#109](https://github.com/auth0/ruby-auth0/issues/109)
+- Obtain APIv2 Token [\#86](https://github.com/auth0/ruby-auth0/issues/86)
+**Added**
+- Add refresh token method and unit tests [\#150](https://github.com/auth0/ruby-auth0/pull/150) ([joshcanhelp](https://github.com/joshcanhelp))
+- Improve telemetry; more modular Auth API [\#149](https://github.com/auth0/ruby-auth0/pull/149) ([joshcanhelp](https://github.com/joshcanhelp))
+- Add ttl_sec argument to post_email_verification request. [\#145](https://github.com/auth0/ruby-auth0/pull/145) ([digitaldawn](https://github.com/digitaldawn))
+- Add issue and PR templates, CoC [\#141](https://github.com/auth0/ruby-auth0/pull/141) ([joshcanhelp](https://github.com/joshcanhelp))
+- Add new login_ro method to replace login [\#133](https://github.com/auth0/ruby-auth0/pull/133) ([joshcanhelp](https://github.com/joshcanhelp))
+- Add VCR to and improve all integration tests [\#132](https://github.com/auth0/ruby-auth0/pull/132) ([joshcanhelp](https://github.com/joshcanhelp))
+- Add new method to perform an auth code exchange [\#131](https://github.com/auth0/ruby-auth0/pull/131) ([joshcanhelp](https://github.com/joshcanhelp))
+- Add new userinfo method for auth endpoints [\#130](https://github.com/auth0/ruby-auth0/pull/130) ([joshcanhelp](https://github.com/joshcanhelp))
+- Add Client Credentials grant [\#129](https://github.com/auth0/ruby-auth0/pull/129) ([joshcanhelp](https://github.com/joshcanhelp))
+**Changed**
+- Improve the test suite [\#143](https://github.com/auth0/ruby-auth0/pull/143) ([joshcanhelp](https://github.com/joshcanhelp))
+**Deprecated**
+- Formal deprecation of 4 auth endpoint methods; rubocop [\#151](https://github.com/auth0/ruby-auth0/pull/151) ([joshcanhelp](https://github.com/joshcanhelp))
+**Fixed**
+- Documentation improvements [\#139](https://github.com/auth0/ruby-auth0/pull/139) ([szemek](https://github.com/szemek))
+- Fix typos in README.md [\#137](https://github.com/auth0/ruby-auth0/pull/137) ([swetax](https://github.com/swetax))
+- Explicitly require JSON dependency [\#126](https://github.com/auth0/ruby-auth0/pull/126) ([jgaskins](https://github.com/jgaskins))
+## [v4.5.0](https://github.com/auth0/ruby-auth0/tree/v4.5.0) (2018-07-27)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.4.0...v4.5.0)
 **Closed issues:**
@@ -186,4 +222,4 @@
-\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*
+\* *This Change Log was automatically generated by [github_changelog_generator](https://github.com/skywinder/Github-Changelog-Generator)*

data/CODE_OF_CONDUCT.md ADDED

@@ -0,0 +1,3 @@
+# Code of Conduct
+Please see [Auth0's code of conduct guidelines](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md) for information on contributing to this repo.

data/DEPLOYMENT.md CHANGED

@@ -1,14 +1,38 @@
-```
+```bash
+# Install gems for exec commands
 bundle install
-bundle exec rake spec
+# Run all tests
+MODE=full bundle exec rake all
+# Create a release branch
+git checkout master
+git pull
+git checkout -b release-X.X.X
+# Update the version number
 bundle exec gem bump --version x.y.z
+# Generate the changelog
+github_changelog_generator -t $GITHUB_READ_TOKEN
+# Review the changelog
+# Remove "unreleased" section
+# Make sure the tags are ordered
+# Commit, push, and create a PR for this release
+git commit -am "Release vX.X.X"
+git push --set-upstream origin release-X.X.X
+# Add related milestone
+# Create PR on GitHub and assign for review
+# Merge/rebase and delete branch once approved
+# Create and add a tag
+git checkout master
+git pull
 bundle exec gem tag
-github_changelog_generator -t <YOUR TOKEN>
+# Create a new release from this tag on GitHub using markdown from the changelog
+# Make sure you are an author for this gem here https://rubygems.org/gems/auth0/
+# Rubygems token can be updated in ~/.gem/credentials
 bundle exec gem release
 ```
-> Note for the changelog:
-  * Review the changelog.
-  * Remove "unreleased" section.
-  * Make sure the tags are ordered.
-  * Commit / push the changelog to master.

data/Gemfile CHANGED

@@ -9,3 +9,9 @@ group :development do
   gem 'rubocop', require: false
   gem 'yard', require: false
 end
+group :test do
+  gem 'webmock', require: false
+  gem 'vcr', require: false
+  gem 'codecov', require: false
+end

data/README.md CHANGED

@@ -1,7 +1,10 @@
+# Auth0 - Ruby
 [![Build Status](https://travis-ci.org/auth0/ruby-auth0.svg?branch=master)](https://travis-ci.org/auth0/ruby-auth0)
 [![Gem Version](https://badge.fury.io/rb/auth0.svg)](http://badge.fury.io/rb/auth0)
 [![Coverage Status](https://coveralls.io/repos/auth0/ruby-auth0/badge.svg?branch=master)](https://coveralls.io/r/auth0/ruby-auth0?branch=master)
 [![Yard Docs](http://img.shields.io/badge/yard-docs-blue.svg)](http://www.rubydoc.info/github/auth0/ruby-auth0/master/frames)
+[![MIT licensed](https://img.shields.io/dub/l/vibe-d.svg?style=flat)](https://github.com/auth0/ruby-auth0/blob/master/LICENSE)
 Ruby API client for the [Auth0](https://auth0.com) platform.
@@ -27,7 +30,7 @@ You can build the API documentation with the following:
 bundle exec rake documentation
 ```
-To view the generated documentation, open `doc/Auth0/Api.html`
+To view the generated documentation, open `doc/Auth0/Api.html` .
 ## Management API v2
@@ -97,12 +100,12 @@ In addition to the Management API, this SDK also provides access to [Authenticat
 * Register a new user with a database connection using the `signup` method.
 * Redirect a user to the universal login page for authentication using the `authorization_url` method.
-* Log a user in to a highly trusted app with the [Resource Owner Password grant](https://auth0.com/docs/api-auth/tutorials/password-grant) using the `login` method.
+* Log a user into a highly trusted app with the [Resource Owner Password grant](https://auth0.com/docs/api-auth/tutorials/password-grant) using the `login` method.
 * Exchange an authorization code for an access token on callback using the `obtain_user_tokens` method (see the note on state validation below).
 * Send a change password email to a database connection user using the `change_password` method.
 * Log a user out of Auth0 with the `logout_url` method.
-**Important note on state validation**: If you choose to implement a login flow callback youself, it is important to generate and store a `state` value, pass that value to Auth0 in the `authorization_url` method, and validate it in your callback URL before calling `obtain_user_tokens`. For more information on state validation, [please see our documentation](https://auth0.com/docs/protocols/oauth2/oauth-state).
+**Important note on state validation**: If you choose to implement a login flow callback yourself, it is important to generate and store a `state` value, pass that value to Auth0 in the `authorization_url` method, and validate it in your callback URL before calling `obtain_user_tokens`. For more information on state validation, [please see our documentation](https://auth0.com/docs/protocols/oauth2/oauth-state).
 Please note that this module implements endpoints that might be deprecated for newer tenants. If you have any questions about how and when the endpoints should be used, consult the [documentation](https://auth0.com/docs/api/authentication) or ask in our [Community forums](https://community.auth0.com/tags/wordpress).

data/Rakefile CHANGED

@@ -44,7 +44,10 @@ begin
   desc 'Run All Suites'
   RSpec::Core::RakeTask.new(:all)
-  task default: [:rubocop, :spec]
+  desc 'Run unit and integration tests'
+  task test: [:spec, :integration]
+  task default: [:rubocop, :test]
 rescue LoadError
   puts 'Load Error - No RSpec'
 end

data/build_travis.sh CHANGED

@@ -1,7 +1,7 @@
 #!/bin/bash
 if [ "$TRAVIS_SECURE_ENV_VARS" == "true" ]; then
-  MODE=full bundle exec rake all
+  bundle exec rake all
 else
   bundle exec rake spec
 fi

data/lib/auth0/api/authentication_endpoints.rb CHANGED

@@ -7,68 +7,116 @@ module Auth0
       UP_AUTH = 'Username-Password-Authentication'.freeze
       JWT_BEARER = 'urn:ietf:params:oauth:grant-type:jwt-bearer'.freeze
-      # Retrieve an access token.
-      # @see https://auth0.com/docs/api/authentication#client-credentials
-      # @param access_token [string] Social provider's access_token
-      # @param connection [string] Currently, this endpoint only works for Facebook, Google, Twitter and Weibo
-      # @return [json] Returns the access token
-      def obtain_access_token(access_token = nil, connection = 'facebook', scope = 'openid')
-        if access_token
-          request_params = { client_id: @client_id, access_token: access_token, connection: connection, scope: scope }
-          post('/oauth/access_token', request_params)['access_token']
-        else
-          request_params = { client_id: @client_id, client_secret: @client_secret, grant_type: 'client_credentials' }
-          post('/oauth/token', request_params)['access_token']
-        end
+      # Request an API access token using a Client Credentials grant
+      # @see https://auth0.com/docs/api-auth/tutorials/client-credentials
+      # @param audience [string] API audience to use
+      # @return [json] Returns the API token
+      def api_token(
+        client_id: @client_id,
+        client_secret: @client_secret,
+        audience: "https://#{@domain}/api/v2/"
+      )
+        request_params = {
+          grant_type: 'client_credentials',
+          client_id: client_id,
+          client_secret: client_secret,
+          audience: audience
+        }
+        response = post('/oauth/token', request_params)
+        ApiToken.new(response['access_token'], response['scope'], response['expires_in'])
       end
       # Get access and ID tokens using an Authorization Code.
       # @see https://auth0.com/docs/api/authentication#authorization-code
-      # @param code [string] The access code obtained through passive authentication
-      # @param redirect_uri [string] Url to redirect after authorization
-      # @param connection [string] Currently, this endpoint only works for Facebook, Google, Twitter and Weibo
-      # @param scope [string] Defaults to openid. Can be 'openid name email', 'openid offline_access'
-      # @return [json] Returns the access_token and id_token
-      def obtain_user_tokens(code, redirect_uri, connection = 'facebook', scope = 'openid')
-        raise Auth0::InvalidParameter, 'Must supply a valid code' if code.to_s.empty?
-        raise Auth0::InvalidParameter, 'Must supply a valid redirect_uri' if redirect_uri.to_s.empty?
+      # @param code [string] The authentication code obtained from /authorize
+      # @param redirect_uri [string] URL to redirect to after authorization.
+      #   Required only if it was set at the GET /authorize endpoint
+      # @param client_id [string] Client ID for the Application
+      # @param client_secret [string] Client Secret for the Application.
+      # @return [AccessToken] Returns the access_token and id_token
+      def exchange_auth_code_for_tokens(
+        code,
+        redirect_uri: nil,
+        client_id: @client_id,
+        client_secret: @client_secret
+      )
+        raise Auth0::InvalidParameter, 'Must provide an authorization code' if code.to_s.empty?
         request_params = {
-          client_id:     @client_id,
-          client_secret: @client_secret,
-          connection:    connection,
-          grant_type:    'authorization_code',
-          code:          code,
-          scope:         scope,
-          redirect_uri:  redirect_uri
+          grant_type: 'authorization_code',
+          client_id: client_id,
+          client_secret: client_secret,
+          code: code,
+          redirect_uri: redirect_uri
         }
-        post('/oauth/token', request_params)
+        AccessToken.from_response post('/oauth/token', request_params)
+      end
+      # Get access and ID tokens using a refresh token.
+      # @see https://auth0.com/docs/api/authentication#refresh-token
+      # @param refresh_token [string] Refresh token to use. Request this with
+      #   the offline_access scope when logging in.
+      # @param client_id [string] Client ID for the Application
+      # @param client_secret [string] Client Secret for the Application.
+      #   Required when the Application's Token Endpoint Authentication Method
+      #   is Post or Basic.
+      # @return [AccessToken] Returns tokens allowed in the refresh_token
+      def exchange_refresh_token(
+        refresh_token,
+        client_id: @client_id,
+        client_secret: @client_secret
+      )
+        raise Auth0::InvalidParameter, 'Must provide a refresh token' if refresh_token.to_s.empty?
+        request_params = {
+          grant_type: 'refresh_token',
+          client_id: client_id,
+          client_secret: client_secret,
+          refresh_token: refresh_token
+        }
+        AccessToken.from_response post('/oauth/token', request_params)
       end
+      # rubocop:disable Metrics/ParameterLists
       # Get access and ID tokens using Resource Owner Password.
+      # Requires that your tenant has a Default Audience or Default Directory.
       # @see https://auth0.com/docs/api/authentication#resource-owner-password
-      # @param username [string] Username or email
+      # @param login_name [string] Email or username for the connection
       # @param password [string] Password
-      # @param id_token [string] Token's id
-      # @param connection_name [string] Connection name; use a database or
-      #    passwordless connection, Active Directory/LDAP, Windows Azure or ADF
-      # @param options [hash] Additional options - :scope, :grant_type, :device
+      # @param client_id [string] Client ID from Application settings
+      # @param client_secret [string] Client Secret from Application settings
+      # @param realm [string] Specific realm to authenticate against
+      # @param audience [string] API audience
+      # @param scope [string] Scope(s) requested
+      #   - Include an audience (above) for API access scopes
+      #   - Use the default "openid" for userinfo calls
       # @return [json] Returns the access_token and id_token
-      def login(username, password, id_token = nil, connection_name = UP_AUTH, options = {})
-        raise Auth0::InvalidParameter, 'Must supply a valid username' if username.to_s.empty?
-        raise Auth0::InvalidParameter, 'Must supply a valid password' if password.to_s.empty?
+      def login_with_resource_owner(
+        login_name,
+        password,
+        client_id: @client_id,
+        client_secret: @client_secret,
+        realm: nil,
+        audience: nil,
+        scope: 'openid'
+      )
+        raise Auth0::InvalidParameter, 'Must supply a valid login_name' if login_name.empty?
+        raise Auth0::InvalidParameter, 'Must supply a valid password' if password.empty?
         request_params = {
-          client_id:     @client_id,
-          client_secret: @client_secret,
-          username:      username,
-          password:      password,
-          scope:         options.fetch(:scope, 'openid'),
-          connection:    connection_name,
-          grant_type:    options.fetch(:grant_type, 'password'),
-          id_token:      id_token,
-          device:        options.fetch(:device, nil)
+          username: login_name,
+          password: password,
+          client_id: client_id,
+          client_secret: client_secret,
+          realm: realm,
+          scope: scope,
+          audience: audience,
+          grant_type: realm ? 'http://auth0.com/oauth/grant-type/password-realm' : 'password'
         }
-        post('/oauth/token', request_params)
+        AccessToken.from_response post('/oauth/token', request_params)
       end
+      # rubocop:enable Metrics/ParameterLists
       # Sign up with a database connection using a username and password.
       # @see https://auth0.com/docs/api/authentication#signup
@@ -79,11 +127,12 @@ module Auth0
       def signup(email, password, connection_name = UP_AUTH)
         raise Auth0::InvalidParameter, 'Must supply a valid email' if email.to_s.empty?
         raise Auth0::InvalidParameter, 'Must supply a valid password' if password.to_s.empty?
         request_params = {
-          email:      email,
-          password:   password,
+          email: email,
+          password: password,
           connection: connection_name,
-          client_id:  @client_id
+          client_id: @client_id
         }
         post('/dbconnections/signup', request_params)
       end
@@ -97,11 +146,12 @@ module Auth0
       # @param connection_name [string] Database connection name
       def change_password(email, password, connection_name = UP_AUTH)
         raise Auth0::InvalidParameter, 'Must supply a valid email' if email.to_s.empty?
         request_params = {
-          email:      email,
-          password:   password,
+          email: email,
+          password: password,
           connection: connection_name,
-          client_id:  @client_id
+          client_id: @client_id
         }
         post('/dbconnections/change_password', request_params)
       end
@@ -114,12 +164,13 @@ module Auth0
       # @param auth_params [hash] Append or override the magic link parameters
       def start_passwordless_email_flow(email, send = 'link', auth_params = {})
         raise Auth0::InvalidParameter, 'Must supply a valid email' if email.to_s.empty?
         request_params = {
-          email:       email,
-          send:        send,
-          authParams:  auth_params,
-          connection:  'email',
-          client_id:   @client_id
+          email: email,
+          send: send,
+          authParams: auth_params,
+          connection: 'email',
+          client_id: @client_id
         }
         post('/passwordless/start', request_params)
       end
@@ -130,10 +181,11 @@ module Auth0
       # @param phone_number [string] User's phone number.
       def start_passwordless_sms_flow(phone_number)
         raise Auth0::InvalidParameter, 'Must supply a valid phone number' if phone_number.to_s.empty?
         request_params = {
           phone_number: phone_number,
-          connection:   'sms',
-          client_id:    @client_id
+          connection: 'sms',
+          client_id: @client_id
         }
         post('/passwordless/start', request_params)
       end
@@ -155,8 +207,8 @@ module Auth0
       # Return the user information based on the Auth0 access token.
       # @see https://auth0.com/docs/api/authentication#get-user-info
       # @return [json] User information based on the Auth0 access token
-      def user_info
-        get('/userinfo')
+      def userinfo(access_token)
+        get('/userinfo', {}, 'Authorization' => "Bearer #{access_token}")
       end
       # Return an authorization URL.
@@ -166,6 +218,7 @@ module Auth0
       # @return [url] Authorization URL.
       def authorization_url(redirect_uri, options = {})
         raise Auth0::InvalidParameter, 'Must supply a valid redirect_uri' if redirect_uri.to_s.empty?
         request_params = {
           client_id: @client_id,
           response_type: options.fetch(:response_type, 'code'),
@@ -225,7 +278,7 @@ module Auth0
           wreply: options[:wreply]
         }
-        url_client_id = @client_id if !request_params[:wtrealm]
+        url_client_id = @client_id unless request_params[:wtrealm]
         URI::HTTPS.build(
           host: @domain,
           path: "/wsfed/#{url_client_id}",
@@ -233,6 +286,86 @@ module Auth0
         )
       end
+      #
+      # DEPRECATED
+      #
+      # Retrieve an access token.
+      # @deprecated 4.6.0 - Use the api_token method instead.
+      # @see https://auth0.com/docs/api/authentication#client-credentials
+      # @param access_token [string] Social provider's access_token
+      # @param connection [string] Currently, this endpoint only works for Facebook, Google, Twitter and Weibo
+      # @return [json] Returns the access token
+      def obtain_access_token(access_token = nil, connection = 'facebook', scope = 'openid')
+        if access_token
+          request_params = { client_id: @client_id, access_token: access_token, connection: connection, scope: scope }
+          post('/oauth/access_token', request_params)['access_token']
+        else
+          request_params = { client_id: @client_id, client_secret: @client_secret, grant_type: 'client_credentials' }
+          post('/oauth/token', request_params)['access_token']
+        end
+      end
+      # Get access and ID tokens using an Authorization Code.
+      # @deprecated 4.6.0 - Use the exchange_auth_code_for_tokens method instead.
+      # @see https://auth0.com/docs/api/authentication#authorization-code
+      # @param code [string] The access code obtained through passive authentication
+      # @param redirect_uri [string] Url to redirect after authorization
+      # @param connection [string] Currently, this endpoint only works for Facebook, Google, Twitter and Weibo
+      # @param scope [string] Defaults to openid. Can be 'openid name email', 'openid offline_access'
+      # @return [json] Returns the access_token and id_token
+      def obtain_user_tokens(code, redirect_uri, connection = 'facebook', scope = 'openid')
+        raise Auth0::InvalidParameter, 'Must supply a valid code' if code.to_s.empty?
+        raise Auth0::InvalidParameter, 'Must supply a valid redirect_uri' if redirect_uri.to_s.empty?
+        request_params = {
+          client_id: @client_id,
+          client_secret: @client_secret,
+          connection: connection,
+          grant_type: 'authorization_code',
+          code: code,
+          scope: scope,
+          redirect_uri: redirect_uri
+        }
+        post('/oauth/token', request_params)
+      end
+      # Get access and ID tokens using Resource Owner Password.
+      # @deprecated 4.6.0 - Use the login_with_resource_owner method instead.
+      # @see https://auth0.com/docs/api/authentication#resource-owner-password
+      # @param username [string] Username or email
+      # @param password [string] Password
+      # @param id_token [string] Token's id
+      # @param connection_name [string] Connection name; use a database or
+      #    passwordless connection, Active Directory/LDAP, Windows Azure or ADF
+      # @param options [hash] Additional options - :scope, :grant_type, :device
+      # @return [json] Returns the access_token and id_token
+      def login(username, password, id_token = nil, connection_name = UP_AUTH, options = {})
+        raise Auth0::InvalidParameter, 'Must supply a valid username' if username.to_s.empty?
+        raise Auth0::InvalidParameter, 'Must supply a valid password' if password.to_s.empty?
+        request_params = {
+          client_id: @client_id,
+          client_secret: @client_secret,
+          username: username,
+          password: password,
+          scope: options.fetch(:scope, 'openid'),
+          connection: connection_name,
+          grant_type: options.fetch(:grant_type, 'password'),
+          id_token: id_token,
+          device: options.fetch(:device, nil)
+        }
+        post('/oauth/token', request_params)
+      end
+      # Return the user information based on the Auth0 access token.
+      # @deprecated 4.6.0 - Use the userinfo method instead.
+      # @see https://auth0.com/docs/api/authentication#get-user-info
+      # @return [json] User information based on the Auth0 access token
+      def user_info
+        get('/userinfo')
+      end
       # Login using phone number + verification code.
       # @deprecated 4.5.0 - Legacy authentication pipeline; use a Password Grant
       #   instead - https://auth0.com/docs/api-auth/tutorials/password-grant
@@ -243,11 +376,12 @@ module Auth0
       def phone_login(phone_number, code, scope = 'openid')
         raise Auth0::InvalidParameter, 'Must supply a valid phone number' if phone_number.to_s.empty?
         raise Auth0::InvalidParameter, 'Must supply a valid code' if code.to_s.empty?
         request_params = {
-          client_id:  @client_id,
-          username:   phone_number,
-          password:   code,
-          scope:      scope,
+          client_id: @client_id,
+          username: phone_number,
+          password: code,
+          scope: scope,
           connection: 'sms',
           grant_type: 'password'
         }
@@ -261,6 +395,7 @@ module Auth0
       # @return User information associated with the user id (sub property) of the token.
       def token_info(id_token)
         raise Auth0::InvalidParameter, 'Must supply a valid id_token' if id_token.to_s.empty?
         request_params = { id_token: id_token }
         post('/tokeninfo', request_params)
       end
@@ -278,13 +413,14 @@ module Auth0
       # @return [json] Returns the refreshed delegation token
       def refresh_delegation(refresh_token, target, scope = 'openid', api_type = 'app', extra_parameters = {})
         raise Auth0::InvalidParameter, 'Must supply a valid token to refresh' if refresh_token.to_s.empty?
         request_params = {
-          client_id:      @client_id,
-          grant_type:     JWT_BEARER,
-          refresh_token:  refresh_token,
-          target:         target,
-          api_type:       api_type,
-          scope:          scope
+          client_id: @client_id,
+          grant_type: JWT_BEARER,
+          refresh_token: refresh_token,
+          target: target,
+          api_type: api_type,
+          scope: scope
         }.merge(extra_parameters)
         post('/delegation', request_params)
       end
@@ -302,13 +438,14 @@ module Auth0
       # @return [json] Returns the refreshed delegation token
       def delegation(id_token, target, scope = 'openid', api_type = 'app', extra_parameters = {})
         raise Auth0::InvalidParameter, 'Must supply a valid id_token' if id_token.to_s.empty?
         request_params = {
-          client_id:  @client_id,
+          client_id: @client_id,
           grant_type: JWT_BEARER,
-          id_token:   id_token,
-          target:     target,
-          api_type:   api_type,
-          scope:      scope
+          id_token: id_token,
+          target: target,
+          api_type: api_type,
+          scope: scope
         }.merge(extra_parameters)
         post('/delegation', request_params)
       end
@@ -327,16 +464,17 @@ module Auth0
         raise Auth0::InvalidParameter, 'Must supply a valid app_client_id' if app_client_id.to_s.empty?
         raise Auth0::InvalidParameter, 'Must supply a valid impersonator_id' if impersonator_id.to_s.empty?
         raise Auth0::MissingParameter, 'Must supply client_secret' if @client_secret.nil?
         authorization_header obtain_access_token
         request_params = {
-          protocol:         options.fetch(:protocol, 'oauth2'),
-          impersonator_id:  impersonator_id,
-          client_id:        app_client_id,
+          protocol: options.fetch(:protocol, 'oauth2'),
+          impersonator_id: impersonator_id,
+          client_id: app_client_id,
           additionalParameters: {
-            response_type:  options.fetch(:response_type, 'code'),
-            state:          options.fetch(:state, ''),
-            scope:          options.fetch(:scope, 'openid'),
-            callback_url:   options.fetch(:callback_url, '')
+            response_type: options.fetch(:response_type, 'code'),
+            state: options.fetch(:state, ''),
+            scope: options.fetch(:scope, 'openid'),
+            callback_url: options.fetch(:callback_url, '')
           }
         }
         result = post("/users/#{user_id}/impersonate", request_params)
@@ -354,8 +492,9 @@ module Auth0
       def unlink_user(access_token, user_id)
         raise Auth0::InvalidParameter, 'Must supply a valid access_token' if access_token.to_s.empty?
         raise Auth0::InvalidParameter, 'Must supply a valid user_id' if user_id.to_s.empty?
         request_params = {
-          access_token:  access_token,
+          access_token: access_token,
           user_id: user_id
         }
         post('/unlink', request_params)