auth0 4.7.0 → 4.12.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 37765b52eeb99f419d48fb8166e496c566e71dbee391ab8a6d964eab4196e32b
-  data.tar.gz: 463bdc63eb772dbdb361c955aa51dc6e0e3c72bdfe37a2dafec92924f947bf75
+  metadata.gz: 5aa06f59c1696dbadf9345ff1843f247ca305fd5340d84b75252fe5bd465d27a
+  data.tar.gz: dd3d9c156870dcf9b50a48870aab8a6b44c67b560835de6b52222f217718a5b1
 SHA512:
-  metadata.gz: ae51583299385b8f3bda6ce6b549690ee9ed4e28c95acfad8a66b0479e3aff0a06964773bcc61cfd881ed67eb226ca83a0858dc8ebdbea811c170b25e1dec4f3
-  data.tar.gz: '018345873306b64d9960fec8d2d7ea50f60f236bced1e546aa3a5bfe098c2291db4a0da9f129e03d9ca3e75f6f6d780b0a4b44b0270e28e748c2f756dc9d8d86'
+  metadata.gz: 8369176c7e8b3dcf740aa144650d345c4c5803e8718764d278591e13b72327c0cb6bae1b2dde710b48fe0c31991433d0433cbac9a422cbea58359abb0b986764
+  data.tar.gz: 5ff4c3af66bc7cd480808c98158f1a039eb765eed10ffa19d8a1c5c7bf4c9c8bdc20d8b535dd7ea5efcf934b64e8ffbd3395480b1925b33a8a6aba7550afdaf7

data/.circleci/config.yml

@@ -0,0 +1,23 @@
+version: 2.1
+jobs:
+  run-tests:
+    docker:
+      - image: circleci/ruby:2.5.7-buster
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - gems-v2-{{ checksum "Gemfile.lock" }}
+            - gems-v2-
+      - run: bundle check || bundle install
+      - save_cache:
+          key: gems-v2--{{ checksum "Gemfile.lock" }}
+          paths:
+            - vendor/bundle
+      # Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
+      - run: bundle exec rake test
+
+workflows:
+  tests:
+    jobs:
+      - run-tests

data/.env.example

@@ -0,0 +1,2 @@
+DOMAIN=
+CLIENT_ID=

data/.github/CODEOWNERS

@@ -0,0 +1 @@
+*	@auth0/dx-sdks-approver

data/.github/stale.yml

@@ -0,0 +1,20 @@
+# Configuration for probot-stale - https://github.com/probot/stale
+
+# Number of days of inactivity before an Issue or Pull Request becomes stale
+daysUntilStale: 90
+
+# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
+daysUntilClose: 7
+
+# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
+exemptLabels: []
+
+# Set to true to ignore issues with an assignee (defaults to false)
+exemptAssignees: true
+
+# Label to use when marking as stale
+staleLabel: closed:stale
+
+# Comment to post when marking as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️

data/.gitignore

@@ -11,5 +11,4 @@ coverage
 *.swo
 spec/auth0.yml
 .yardoc
-Gemfile.lock
 .env

data/.rubocop.yml

@@ -1,4 +1,6 @@
 inherit_from: .rubocop_todo.yml
+require:
+  - rubocop-rails
 Rails:
   Enabled: true
 AllCops:

data/CHANGELOG.md

@@ -1,5 +1,88 @@
 # Change Log
 
+## [v4.12.0](https://github.com/auth0/ruby-auth0/tree/v4.12.0) (2020-06-10)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.11.0...v4.12.0)
+
+**Added**
+
+- Improve OIDC compliance [SDK-987] [\#225](https://github.com/auth0/ruby-auth0/pull/225) ([Widcket](https://github.com/Widcket))
+
+**Security**
+
+- Bump activesupport from 6.0.3 to 6.0.3.1 [\#221](https://github.com/auth0/ruby-auth0/pull/221) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Bump actionpack from 6.0.3 to 6.0.3.1 [\#220](https://github.com/auth0/ruby-auth0/pull/220) ([dependabot[bot]](https://github.com/apps/dependabot))
+
+## [v4.11.0](https://github.com/auth0/ruby-auth0/tree/v4.11.0) (2020-05-06)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.10.0...v4.11.0)
+
+**Added**
+
+- [SDK-1542] Add client secret to Passwordless flow since it is now required [\#217](https://github.com/auth0/ruby-auth0/pull/217) ([stevehobbsdev](https://github.com/stevehobbsdev))
+
+## [v4.10.0](https://github.com/auth0/ruby-auth0/tree/v4.10.0) (2020-04-23)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.9.0...v4.10.0)
+
+**Added**
+
+- Added support for name\_filter parameter \[SDK-1607\] [\#214](https://github.com/auth0/ruby-auth0/pull/214) ([Widcket](https://github.com/Widcket))
+- Pass client\_id, audience at Auth0::Api::V2::ClientGrants\#client\_grants [\#209](https://github.com/auth0/ruby-auth0/pull/209) ([hkdnet](https://github.com/hkdnet))
+- Add rubocop-rails [\#200](https://github.com/auth0/ruby-auth0/pull/200) ([tknzk](https://github.com/tknzk))
+
+**Security**
+
+- Update rack requirement from ~\> 1.6.4 to ~\> 2.1.2 [\#206](https://github.com/auth0/ruby-auth0/pull/206) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Update rake requirement from ~\> 10.4 to ~\> 13.0 [\#207](https://github.com/auth0/ruby-auth0/pull/207) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Update dependencies and CI script [\#210](https://github.com/auth0/ruby-auth0/pull/210) ([lbalmaceda](https://github.com/lbalmaceda))
+
+## [v4.9.0](https://github.com/auth0/ruby-auth0/tree/v4.9.0) (2019-09-25)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.8.0...v4.9.0)
+
+
+**Closed issues:**
+
+- Dot in role name makes description disappear [\#194](https://github.com/auth0/ruby-auth0/issues/194)
+- Missing require Permission [\#192](https://github.com/auth0/ruby-auth0/issues/192)
+- Token required even when not necessary [\#190](https://github.com/auth0/ruby-auth0/issues/190)
+
+**Fixed:**
+
+- Fix request timeout [\#188](https://github.com/auth0/ruby-auth0/pull/188) ([makoto-matsumoto](https://github.com/makoto-matsumoto))
+- Fix missing Permissions mixin [\#196](https://github.com/auth0/ruby-auth0/pull/196) ([joshcanhelp](https://github.com/joshcanhelp))
+
+**Added:**
+
+- Add Management API Guardian enrollments endpoint [\#182](https://github.com/auth0/ruby-auth0/pull/182) ([tomgi](https://github.com/tomgi))
+
+## [v4.8.0](https://github.com/auth0/ruby-auth0/tree/v4.8.0) (2019-08-01)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.7.0...v4.8.0)
+
+**Closed issues**
+- Not enough information in exception when Rate Limiting is encountered [\#158](https://github.com/auth0/ruby-auth0/issues/158)
+
+**Added**
+- Add Management API Anomaly endpoints [\#179](https://github.com/auth0/ruby-auth0/pull/179) ([makoto-matsumoto](https://github.com/makoto-matsumoto))
+- Add parameters for users imports [\#177](https://github.com/auth0/ruby-auth0/pull/177) ([makoto-matsumoto](https://github.com/makoto-matsumoto))
+- Add failed job error details endpoint [\#176](https://github.com/auth0/ruby-auth0/pull/176) ([makoto-matsumoto](https://github.com/makoto-matsumoto))
+- Add Management API Roles endpoints [\#172](https://github.com/auth0/ruby-auth0/pull/172) ([joshcanhelp](https://github.com/joshcanhelp))
+- Expose rate limiting information [\#170](https://github.com/auth0/ruby-auth0/pull/170) ([philomory](https://github.com/philomory))
+- Add missing User Management API endpoints [\#169](https://github.com/auth0/ruby-auth0/pull/169) ([joshcanhelp](https://github.com/joshcanhelp))
+- Add Gemfile.lock file [\#165](https://github.com/auth0/ruby-auth0/pull/165) ([lbalmaceda](https://github.com/lbalmaceda))
+
+**Changed**
+- Add Roles and Users endpoints integration tests [\#174](https://github.com/auth0/ruby-auth0/pull/174) ([joshcanhelp](https://github.com/joshcanhelp))
+
+**Deprecated**
+- Deprecate Auth0::Api::V2::Users.delete_users [\#181](https://github.com/auth0/ruby-auth0/pull/181) ([joshcanhelp](https://github.com/joshcanhelp))
+
+**Removed**
+- Gemspec: Drop EOL'd property rubyforge_project [\#180](https://github.com/auth0/ruby-auth0/pull/180) ([olleolleolle](https://github.com/olleolleolle))
+
+**Security**
+- Fix Yard dependency vulnerability [\#184](https://github.com/auth0/ruby-auth0/pull/184) ([joshcanhelp](https://github.com/joshcanhelp))
+
 ## [v4.7.0](https://github.com/auth0/ruby-auth0/tree/v4.7.0) (2019-03-19)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.6.0...v4.7.0)
 

data/DEPLOYMENT.md

@@ -1,3 +1,15 @@
+# Releasing the gem
+
+## Credentials set up
+
+Make sure you have access in https://rubygems.org/gems/auth0/ and that your Ruby Gems tokens are set in `~/.gem/credentials`.
+
+In order to generate the required changelog entry, define an environment variable `GITHUB_READ_TOKEN` with a Github API token that has READ access to `repo:public_repo`. You can generate a Github API Token [here](https://github.com/settings/tokens/new?description=GitHub%20Changelog%20Generator%20token).
+
+Create a new Github Milestone with the version name prefixed with `v`. i.e. `v4.10.2`. Assign every Issue and Pull Request to be included on this release to that Milestone, and tag them with the `CH:xxxxxx` labels, depending on the type of change fixed or introduced there.
+
+Finally, follow the next steps:
+
 ```bash
 # Install gems for exec commands
 bundle install
@@ -12,17 +24,24 @@ git checkout -b release-X.X.X
 git push --set-upstream origin release-X.X.X
 
 # Update the version number
-bundle exec gem bump --version x.y.z
+# This will create a commit with the new version
+bundle exec gem bump --version X.X.X
+
+# Make sure the Gemfile.lock is up-to-date
+bundle update
+git commit -am "Update gems"
 
 # Generate the changelog
 github_changelog_generator -t $GITHUB_READ_TOKEN
+# ... or similar.
 # Review the changelog
 # Remove "unreleased" section
 # Make sure the tags are ordered
 
 # Commit, push, and create a PR for this release
-git commit -am "Release vX.X.X"
-git push --set-upstream origin release-X.X.X
+git commit -am "Update CHANGELOG.md"
+git push
+
 # Add related milestone
 # Create PR on GitHub and assign for review
 # Merge/rebase and delete branch once approved
@@ -31,9 +50,12 @@ git push --set-upstream origin release-X.X.X
 git checkout master
 git pull
 bundle exec gem tag
+git push origin vX.X.X
 # Create a new release from this tag on GitHub using markdown from the changelog
 
 # Make sure you are an author for this gem here https://rubygems.org/gems/auth0/
 # Rubygems token can be updated in ~/.gem/credentials
 bundle exec gem release
 ```
+
+The steps above were tested with Ruby `v2.5.7`.

data/Gemfile

@@ -4,9 +4,10 @@ source 'https://rubygems.org'
 gemspec
 
 group :development do
-  gem 'terminal-notifier-guard', require: false unless ENV['TRAVIS']
+  gem 'terminal-notifier-guard', require: false unless ENV['CIRCLECI']
   gem 'coveralls', require: false
   gem 'rubocop', require: false
+  gem 'rubocop-rails', require: false
   gem 'yard', require: false
 end
 
@@ -14,4 +15,5 @@ group :test do
   gem 'webmock', require: false
   gem 'vcr', require: false
   gem 'codecov', require: false
+  gem 'simplecov'
 end

data/Gemfile.lock

@@ -0,0 +1,231 @@
+PATH
+  remote: .
+  specs:
+    auth0 (4.12.0)
+      jwt (~> 2.2.0)
+      rest-client (~> 2.0.0)
+      zache (~> 0.12.0)
+
+GEM
+  remote: https://rubygems.org/
+  specs:
+    actionpack (6.0.3.1)
+      actionview (= 6.0.3.1)
+      activesupport (= 6.0.3.1)
+      rack (~> 2.0, >= 2.0.8)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actionview (6.0.3.1)
+      activesupport (= 6.0.3.1)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activesupport (6.0.3.1)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+      zeitwerk (~> 2.2, >= 2.2.2)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    ast (2.4.1)
+    builder (3.2.4)
+    codecov (0.1.17)
+      json
+      simplecov
+      url
+    coderay (1.1.3)
+    concurrent-ruby (1.1.6)
+    coveralls (0.7.1)
+      multi_json (~> 1.3)
+      rest-client
+      simplecov (>= 0.7)
+      term-ansicolor
+      thor
+    crack (0.4.3)
+      safe_yaml (~> 1.0.0)
+    crass (1.0.6)
+    diff-lcs (1.3)
+    docile (1.3.2)
+    domain_name (0.5.20190701)
+      unf (>= 0.0.5, < 1.0.0)
+    dotenv (2.7.5)
+    dotenv-rails (2.7.5)
+      dotenv (= 2.7.5)
+      railties (>= 3.2, < 6.1)
+    erubi (1.9.0)
+    faker (1.9.6)
+      i18n (>= 0.7)
+    ffi (1.13.1)
+    formatador (0.2.5)
+    fuubar (2.5.0)
+      rspec-core (~> 3.0)
+      ruby-progressbar (~> 1.4)
+    gem-release (0.7.4)
+    guard (2.16.2)
+      formatador (>= 0.2.4)
+      listen (>= 2.7, < 4.0)
+      lumberjack (>= 1.0.12, < 2.0)
+      nenv (~> 0.1)
+      notiffany (~> 0.0)
+      pry (>= 0.9.12)
+      shellany (~> 0.0)
+      thor (>= 0.18.1)
+    guard-compat (1.2.1)
+    guard-rspec (4.7.3)
+      guard (~> 2.1)
+      guard-compat (~> 1.1)
+      rspec (>= 2.99.0, < 4.0)
+    hashdiff (1.0.1)
+    http-cookie (1.0.3)
+      domain_name (~> 0.5)
+    i18n (1.8.3)
+      concurrent-ruby (~> 1.0)
+    json (2.3.0)
+    jwt (2.2.1)
+    listen (3.2.1)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
+    loofah (2.5.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    lumberjack (1.2.5)
+    method_source (0.8.2)
+    mime-types (3.3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2020.0512)
+    mini_portile2 (2.4.0)
+    minitest (5.14.1)
+    multi_json (1.14.1)
+    nenv (0.3.0)
+    netrc (0.11.0)
+    nokogiri (1.10.9)
+      mini_portile2 (~> 2.4.0)
+    notiffany (0.1.3)
+      nenv (~> 0.1)
+      shellany (~> 0.0)
+    parallel (1.19.1)
+    parser (2.7.1.3)
+      ast (~> 2.4.0)
+    pry (0.10.4)
+      coderay (~> 1.1.0)
+      method_source (~> 0.8.1)
+      slop (~> 3.4)
+    pry-nav (0.2.4)
+      pry (>= 0.9.10, < 0.11.0)
+    public_suffix (4.0.5)
+    rack (2.1.3)
+    rack-test (0.8.3)
+      rack (>= 1.0, < 3)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    railties (6.0.3.1)
+      actionpack (= 6.0.3.1)
+      activesupport (= 6.0.3.1)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.20.3, < 2.0)
+    rainbow (3.0.0)
+    rake (13.0.1)
+    rb-fsevent (0.10.4)
+    rb-inotify (0.10.1)
+      ffi (~> 1.0)
+    regexp_parser (1.7.1)
+    rest-client (2.0.2)
+      http-cookie (>= 1.0.2, < 2.0)
+      mime-types (>= 1.16, < 4.0)
+      netrc (~> 0.8)
+    rexml (3.2.4)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.3)
+    rubocop (0.85.1)
+      parallel (~> 1.10)
+      parser (>= 2.7.0.1)
+      rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.7)
+      rexml
+      rubocop-ast (>= 0.0.3)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-ast (0.0.3)
+      parser (>= 2.7.0.1)
+    rubocop-rails (2.6.0)
+      activesupport (>= 4.2.0)
+      rack (>= 1.1)
+      rubocop (>= 0.82.0)
+    ruby-progressbar (1.10.1)
+    safe_yaml (1.0.5)
+    shellany (0.0.1)
+    simplecov (0.18.5)
+      docile (~> 1.1)
+      simplecov-html (~> 0.11)
+    simplecov-html (0.12.2)
+    slop (3.6.0)
+    sync (0.5.0)
+    term-ansicolor (1.7.1)
+      tins (~> 1.0)
+    terminal-notifier-guard (1.7.0)
+    thor (1.0.1)
+    thread_safe (0.3.6)
+    tins (1.25.0)
+      sync
+    tzinfo (1.2.7)
+      thread_safe (~> 0.1)
+    unf (0.1.4)
+      unf_ext
+    unf_ext (0.0.7.7)
+    unicode-display_width (1.7.0)
+    url (0.3.2)
+    vcr (6.0.0)
+    webmock (3.8.3)
+      addressable (>= 2.3.6)
+      crack (>= 0.3.2)
+      hashdiff (>= 0.4.0, < 2.0.0)
+    yard (0.9.25)
+    zache (0.12.0)
+    zeitwerk (2.3.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  auth0!
+  codecov
+  coveralls
+  dotenv-rails (~> 2.0)
+  faker (~> 1.4)
+  fuubar (~> 2.0)
+  gem-release (~> 0.7)
+  guard-rspec (~> 4.5)
+  pry (~> 0.10)
+  pry-nav (~> 0.2.4)
+  rack (~> 2.1.2)
+  rack-test (~> 0.6)
+  rake (~> 13.0)
+  rspec (~> 3.1, >= 3.1.0)
+  rubocop
+  rubocop-rails
+  simplecov
+  terminal-notifier-guard
+  vcr
+  webmock
+  yard
+
+BUNDLED WITH
+   1.17.3