auth0 4.8.0 → 4.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3ed0c706e0b34dba7cd8175c2b9a4e0abd8b319d3ee6128885a8fdcfb6b37d9c
-  data.tar.gz: 165ab41e867b81ba5d2d70f11f3e753c9b3fb49617a354a2b3ec747bee86fddb
+  metadata.gz: c38a319b2eed5120bf74fa4c97ec09cc2f445995216a47e455fddf721b320af3
+  data.tar.gz: 025013d61adde5fa27095f50978601851304f3ccd9db40a8826e8a3c0e0857da
 SHA512:
-  metadata.gz: 4ab60f3ca91020f2113f7d804298b0ee483b2aca0b39c28713252ddbdf274de9f2d5fff0834de345fe04d0580a63961aa5b7a71010e3d73ac843de8337781a58
-  data.tar.gz: 4b7c48d5a4caec35b982cd62a541dfea0b5761789e37343e28cad955bad770971ad2b31e04f65648c244c17d5dac7d9c3704f18378cf7993beadd7b8d004e43d
+  metadata.gz: 324b485bfdf6d0043aa0344a0f8dfe296edac94dc6ce8ef86a89cd8993a5e7ae3c558051475bd192b9ea8846597f427c7a2b2c8f39c885ac7eb516fd5032fa45
+  data.tar.gz: 20eaf5dfe12c4006df1d0746a1ab60143d465a7c39e123a357d614a8717c403dd3ee83d8251012d683a43606a3f5af92a76dc65a1aaf9fb39005de613bac134f

data/.circleci/config.yml

@@ -2,7 +2,7 @@ version: 2.1
 jobs:
   run-tests:
     docker:
-      - image: circleci/ruby:2.4.6-jessie
+      - image: circleci/ruby:2.5.7-buster
     steps:
       - checkout
       - restore_cache:
@@ -10,41 +10,14 @@ jobs:
             - gems-v2-{{ checksum "Gemfile.lock" }}
             - gems-v2-
       - run: bundle check || bundle install
-      - persist_to_workspace:
-          root: .
-          paths:
-            - Gemfile
-            - Gemfile.lock
       - save_cache:
           key: gems-v2--{{ checksum "Gemfile.lock" }}
           paths:
             - vendor/bundle
       # Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
       - run: bundle exec rake test
-  snyk:
-    docker:
-      - image: snyk/snyk-cli:rubygems
-    steps:
-      - attach_workspace:
-          at: .
-      - run: snyk test
-      - run:
-          command: |
-            if [[ "${CIRCLE_BRANCH}" == "master" ]]
-            then
-            snyk monitor --org=auth0-sdks
-            fi
-          when: always
 
 workflows:
   tests:
     jobs:
-      - run-tests
-  snyk:
-    jobs:
-      - run-tests
-      - snyk:
-          # Must define SNYK_TOKEN env
-          context: snyk-env 
-          requires: 
-            - run-tests
+      - run-tests

data/.env.example

@@ -0,0 +1,2 @@
+DOMAIN=
+CLIENT_ID=

data/.github/CODEOWNERS

@@ -1 +1 @@
-*	@auth0/sdk-team-approvers
+*	@auth0/dx-sdks-approver

data/.github/stale.yml

@@ -0,0 +1,20 @@
+# Configuration for probot-stale - https://github.com/probot/stale
+
+# Number of days of inactivity before an Issue or Pull Request becomes stale
+daysUntilStale: 90
+
+# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
+daysUntilClose: 7
+
+# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
+exemptLabels: []
+
+# Set to true to ignore issues with an assignee (defaults to false)
+exemptAssignees: true
+
+# Label to use when marking as stale
+staleLabel: closed:stale
+
+# Comment to post when marking as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️

data/.rubocop.yml

@@ -1,4 +1,6 @@
 inherit_from: .rubocop_todo.yml
+require:
+  - rubocop-rails
 Rails:
   Enabled: true
 AllCops:

data/CHANGELOG.md

@@ -1,5 +1,73 @@
 # Change Log
 
+## [v4.13.0](https://github.com/auth0/ruby-auth0/tree/v4.13.0) (2020-06-18)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.12.0...v4.13.0)
+
+**Added**
+
+- Add prompts endpoints [\#205](https://github.com/auth0/ruby-auth0/pull/205) ([unhappychoice](https://github.com/unhappychoice))
+
+**Fixed**
+
+- Fix missing to_json [\#212](https://github.com/auth0/ruby-auth0/pull/212) ([qortex](https://github.com/qortex))
+
+## [v4.12.0](https://github.com/auth0/ruby-auth0/tree/v4.12.0) (2020-06-10)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.11.0...v4.12.0)
+
+**Added**
+
+- Improve OIDC compliance [SDK-987] [\#225](https://github.com/auth0/ruby-auth0/pull/225) ([Widcket](https://github.com/Widcket))
+
+**Security**
+
+- Bump activesupport from 6.0.3 to 6.0.3.1 [\#221](https://github.com/auth0/ruby-auth0/pull/221) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Bump actionpack from 6.0.3 to 6.0.3.1 [\#220](https://github.com/auth0/ruby-auth0/pull/220) ([dependabot[bot]](https://github.com/apps/dependabot))
+
+## [v4.11.0](https://github.com/auth0/ruby-auth0/tree/v4.11.0) (2020-05-06)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.10.0...v4.11.0)
+
+**Added**
+
+- [SDK-1542] Add client secret to Passwordless flow since it is now required [\#217](https://github.com/auth0/ruby-auth0/pull/217) ([stevehobbsdev](https://github.com/stevehobbsdev))
+
+## [v4.10.0](https://github.com/auth0/ruby-auth0/tree/v4.10.0) (2020-04-23)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.9.0...v4.10.0)
+
+**Added**
+
+- Added support for name\_filter parameter \[SDK-1607\] [\#214](https://github.com/auth0/ruby-auth0/pull/214) ([Widcket](https://github.com/Widcket))
+- Pass client\_id, audience at Auth0::Api::V2::ClientGrants\#client\_grants [\#209](https://github.com/auth0/ruby-auth0/pull/209) ([hkdnet](https://github.com/hkdnet))
+- Add rubocop-rails [\#200](https://github.com/auth0/ruby-auth0/pull/200) ([tknzk](https://github.com/tknzk))
+
+**Security**
+
+- Update rack requirement from ~\> 1.6.4 to ~\> 2.1.2 [\#206](https://github.com/auth0/ruby-auth0/pull/206) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Update rake requirement from ~\> 10.4 to ~\> 13.0 [\#207](https://github.com/auth0/ruby-auth0/pull/207) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Update dependencies and CI script [\#210](https://github.com/auth0/ruby-auth0/pull/210) ([lbalmaceda](https://github.com/lbalmaceda))
+
+## [v4.9.0](https://github.com/auth0/ruby-auth0/tree/v4.9.0) (2019-09-25)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.8.0...v4.9.0)
+
+
+**Closed issues:**
+
+- Dot in role name makes description disappear [\#194](https://github.com/auth0/ruby-auth0/issues/194)
+- Missing require Permission [\#192](https://github.com/auth0/ruby-auth0/issues/192)
+- Token required even when not necessary [\#190](https://github.com/auth0/ruby-auth0/issues/190)
+
+**Fixed:**
+
+- Fix request timeout [\#188](https://github.com/auth0/ruby-auth0/pull/188) ([makoto-matsumoto](https://github.com/makoto-matsumoto))
+- Fix missing Permissions mixin [\#196](https://github.com/auth0/ruby-auth0/pull/196) ([joshcanhelp](https://github.com/joshcanhelp))
+
+**Added:**
+
+- Add Management API Guardian enrollments endpoint [\#182](https://github.com/auth0/ruby-auth0/pull/182) ([tomgi](https://github.com/tomgi))
+
 ## [v4.8.0](https://github.com/auth0/ruby-auth0/tree/v4.8.0) (2019-08-01)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.7.0...v4.8.0)
 

data/DEPLOYMENT.md

@@ -1,3 +1,15 @@
+# Releasing the gem
+
+## Credentials set up
+
+Make sure you have access in https://rubygems.org/gems/auth0/ and that your Ruby Gems tokens are set in `~/.gem/credentials`.
+
+In order to generate the required changelog entry, define an environment variable `GITHUB_READ_TOKEN` with a Github API token that has READ access to `repo:public_repo`. You can generate a Github API Token [here](https://github.com/settings/tokens/new?description=GitHub%20Changelog%20Generator%20token).
+
+Create a new Github Milestone with the version name prefixed with `v`. i.e. `v4.10.2`. Assign every Issue and Pull Request to be included on this release to that Milestone, and tag them with the `CH:xxxxxx` labels, depending on the type of change fixed or introduced there.
+
+Finally, follow the next steps:
+
 ```bash
 # Install gems for exec commands
 bundle install
@@ -45,3 +57,5 @@ git push origin vX.X.X
 # Rubygems token can be updated in ~/.gem/credentials
 bundle exec gem release
 ```
+
+The steps above were tested with Ruby `v2.5.7`.

data/Gemfile

@@ -7,6 +7,7 @@ group :development do
   gem 'terminal-notifier-guard', require: false unless ENV['CIRCLECI']
   gem 'coveralls', require: false
   gem 'rubocop', require: false
+  gem 'rubocop-rails', require: false
   gem 'yard', require: false
 end
 

data/Gemfile.lock

@@ -1,45 +1,70 @@
 PATH
   remote: .
   specs:
-    auth0 (4.8.0)
-      rest-client (~> 2.0)
+    auth0 (4.13.0)
+      jwt (~> 2.2.0)
+      rest-client (~> 2.0.0)
+      zache (~> 0.12.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    addressable (2.6.0)
-      public_suffix (>= 2.0.2, < 4.0)
-    ast (2.4.0)
-    codecov (0.1.14)
+    actionpack (6.0.3.2)
+      actionview (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      rack (~> 2.0, >= 2.0.8)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actionview (6.0.3.2)
+      activesupport (= 6.0.3.2)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activesupport (6.0.3.2)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+      zeitwerk (~> 2.2, >= 2.2.2)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
+    ast (2.4.1)
+    builder (3.2.4)
+    codecov (0.1.17)
       json
       simplecov
       url
-    coderay (1.1.2)
-    concurrent-ruby (1.1.5)
-    coveralls (0.8.23)
-      json (>= 1.8, < 3)
-      simplecov (~> 0.16.1)
-      term-ansicolor (~> 1.3)
-      thor (>= 0.19.4, < 2.0)
-      tins (~> 1.6)
+    coderay (1.1.3)
+    concurrent-ruby (1.1.6)
+    coveralls (0.7.1)
+      multi_json (~> 1.3)
+      rest-client
+      simplecov (>= 0.7)
+      term-ansicolor
+      thor
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
+    crass (1.0.6)
     diff-lcs (1.3)
     docile (1.3.2)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
-    dotenv (2.0.1)
-    dotenv-rails (2.0.1)
-      dotenv (= 2.0.1)
+    dotenv (2.7.5)
+    dotenv-rails (2.7.5)
+      dotenv (= 2.7.5)
+      railties (>= 3.2, < 6.1)
+    erubi (1.9.0)
     faker (1.9.6)
       i18n (>= 0.7)
-    ffi (1.11.1)
+    ffi (1.13.1)
     formatador (0.2.5)
-    fuubar (2.4.1)
+    fuubar (2.5.0)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
     gem-release (0.7.4)
-    guard (2.15.0)
+    guard (2.16.2)
       formatador (>= 0.2.4)
       listen (>= 2.7, < 4.0)
       lumberjack (>= 1.0.12, < 2.0)
@@ -53,29 +78,36 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    hashdiff (1.0.0)
+    hashdiff (1.0.1)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    i18n (1.6.0)
+    i18n (1.8.3)
       concurrent-ruby (~> 1.0)
-    jaro_winkler (1.5.3)
-    json (2.2.0)
-    listen (3.1.5)
-      rb-fsevent (~> 0.9, >= 0.9.4)
-      rb-inotify (~> 0.9, >= 0.9.7)
-      ruby_dep (~> 1.2)
-    lumberjack (1.0.13)
+    json (2.3.0)
+    jwt (2.2.1)
+    listen (3.2.1)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
+    loofah (2.6.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    lumberjack (1.2.5)
     method_source (0.8.2)
-    mime-types (3.2.2)
+    mime-types (3.3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2019.0331)
+    mime-types-data (3.2020.0512)
+    mini_portile2 (2.4.0)
+    minitest (5.14.1)
+    multi_json (1.14.1)
     nenv (0.3.0)
     netrc (0.11.0)
+    nokogiri (1.10.9)
+      mini_portile2 (~> 2.4.0)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    parallel (1.17.0)
-    parser (2.6.3.0)
+    parallel (1.19.2)
+    parser (2.7.1.3)
       ast (~> 2.4.0)
     pry (0.10.4)
       coderay (~> 1.1.0)
@@ -83,65 +115,91 @@ GEM
       slop (~> 3.4)
     pry-nav (0.2.4)
       pry (>= 0.9.10, < 0.11.0)
-    public_suffix (3.1.1)
-    rack (1.6.11)
+    public_suffix (4.0.5)
+    rack (2.1.4)
     rack-test (0.8.3)
       rack (>= 1.0, < 3)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    railties (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.20.3, < 2.0)
     rainbow (3.0.0)
-    rake (10.5.0)
-    rb-fsevent (0.10.3)
-    rb-inotify (0.10.0)
+    rake (13.0.1)
+    rb-fsevent (0.10.4)
+    rb-inotify (0.10.1)
       ffi (~> 1.0)
+    regexp_parser (1.7.1)
     rest-client (2.0.2)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.2)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.4)
+    rexml (3.2.4)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.1)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.2)
-    rubocop (0.74.0)
-      jaro_winkler (~> 1.5.1)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.3)
+    rubocop (0.85.1)
       parallel (~> 1.10)
-      parser (>= 2.6)
+      parser (>= 2.7.0.1)
       rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.7)
+      rexml
+      rubocop-ast (>= 0.0.3)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-ast (0.0.3)
+      parser (>= 2.7.0.1)
+    rubocop-rails (2.6.0)
+      activesupport (>= 4.2.0)
+      rack (>= 1.1)
+      rubocop (>= 0.82.0)
     ruby-progressbar (1.10.1)
-    ruby_dep (1.5.0)
     safe_yaml (1.0.5)
     shellany (0.0.1)
-    simplecov (0.16.1)
+    simplecov (0.18.5)
       docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
+      simplecov-html (~> 0.11)
+    simplecov-html (0.12.2)
     slop (3.6.0)
+    sync (0.5.0)
     term-ansicolor (1.7.1)
       tins (~> 1.0)
     terminal-notifier-guard (1.7.0)
-    thor (0.20.3)
-    tins (1.21.1)
+    thor (1.0.1)
+    thread_safe (0.3.6)
+    tins (1.25.0)
+      sync
+    tzinfo (1.2.7)
+      thread_safe (~> 0.1)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.6)
-    unicode-display_width (1.6.0)
+    unf_ext (0.0.7.7)
+    unicode-display_width (1.7.0)
     url (0.3.2)
-    vcr (5.0.0)
-    webmock (3.6.2)
+    vcr (6.0.0)
+    webmock (3.8.3)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    yard (0.9.20)
+    yard (0.9.25)
+    zache (0.12.0)
+    zeitwerk (2.3.0)
 
 PLATFORMS
   ruby
@@ -157,11 +215,12 @@ DEPENDENCIES
   guard-rspec (~> 4.5)
   pry (~> 0.10)
   pry-nav (~> 0.2.4)
-  rack (~> 1.6.4)
+  rack (~> 2.1.2)
   rack-test (~> 0.6)
-  rake (~> 10.4)
+  rake (~> 13.0)
   rspec (~> 3.1, >= 3.1.0)
   rubocop
+  rubocop-rails
   simplecov
   terminal-notifier-guard
   vcr