auth0 4.9.0 → 4.14.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 858abdf1d6f43a1c046e45f1ad9c70df2115e96c75d78e135261dd3477e630d2
-  data.tar.gz: bf9f13ae3f7cb4e6881a5852fe9a0f95f2dcb7b3b5181c72388c785a2fc6032b
+  metadata.gz: bc1dbd26961a59010e19ffa75076a5e28080735900aaaf4c9c8537656094809e
+  data.tar.gz: 27520c6efd37f253b532d6521b5e46599d9a093dd46500d46997ff3e7f9030ad
 SHA512:
-  metadata.gz: f9e9da5fd0c9aadbead0bb27e2e587893bc7b32cf670fc5237e2ae9adf29fd8d0e315e0b1135f5a68c4d0acd0be7570a803155d1c6e2a32a73a7c7eaf4439694
-  data.tar.gz: 6676874d86123b45e996228cfe3d019baae92ffb6ad1f319cde212bd23bb44480a4e7ac434ca034ad303d4290b712ed80eeb957e2bc75216b00cc2dd7a7d2cdd
+  metadata.gz: a95ccde21a047bd9689f04cb972caf49d7a1cfb409bb72275b0bd0464d6c75f29d1ddb2475ec377b619230c71dfa13f08543557c33a8fc93f40521c322b190d7
+  data.tar.gz: fe75df00376402b03ba921d0bd7bba8d1df3c725966f282bca92948ba18a7343a1c544edc2b722e98b963678d7469d884204e1579d3bf9056fa65574fd4df851

data/.circleci/config.yml

@@ -2,7 +2,7 @@ version: 2.1
 jobs:
   run-tests:
     docker:
-      - image: circleci/ruby:2.4.6-jessie
+      - image: circleci/ruby:2.5.7-buster
     steps:
       - checkout
       - restore_cache:
@@ -10,42 +10,14 @@ jobs:
             - gems-v2-{{ checksum "Gemfile.lock" }}
             - gems-v2-
       - run: bundle check || bundle install
-      - persist_to_workspace:
-          root: .
-          paths:
-            - Gemfile
-            - Gemfile.lock
-            - .snyk
       - save_cache:
           key: gems-v2--{{ checksum "Gemfile.lock" }}
           paths:
             - vendor/bundle
       # Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
       - run: bundle exec rake test
-  snyk:
-    docker:
-      - image: snyk/snyk-cli:rubygems
-    steps:
-      - attach_workspace:
-          at: .
-      - run: snyk test
-      - run:
-          command: |
-            if [[ "${CIRCLE_BRANCH}" == "master" ]]
-            then
-            snyk monitor --org=auth0-sdks
-            fi
-          when: always
 
 workflows:
   tests:
     jobs:
-      - run-tests
-  snyk:
-    jobs:
-      - run-tests
-      - snyk:
-          # Must define SNYK_TOKEN env
-          context: snyk-env 
-          requires: 
-            - run-tests
+      - run-tests

data/.env.example

@@ -0,0 +1,2 @@
+DOMAIN=
+CLIENT_ID=

data/.github/CODEOWNERS

@@ -1 +1 @@
-*	@auth0/sdk-team-approvers
+*	@auth0/dx-sdks-approver

data/.github/stale.yml

@@ -0,0 +1,20 @@
+# Configuration for probot-stale - https://github.com/probot/stale
+
+# Number of days of inactivity before an Issue or Pull Request becomes stale
+daysUntilStale: 90
+
+# Number of days of inactivity before an Issue or Pull Request with the stale label is closed.
+daysUntilClose: 7
+
+# Issues or Pull Requests with these labels will never be considered stale. Set to `[]` to disable
+exemptLabels: []
+
+# Set to true to ignore issues with an assignee (defaults to false)
+exemptAssignees: true
+
+# Label to use when marking as stale
+staleLabel: closed:stale
+
+# Comment to post when marking as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. If you have not received a response for our team (apologies for the delay) and this is still a blocker, please reply with additional information or just a ping. Thank you for your contribution! 🙇‍♂️

data/.rubocop.yml

@@ -1,4 +1,6 @@
 inherit_from: .rubocop_todo.yml
+require:
+  - rubocop-rails
 Rails:
   Enabled: true
 AllCops:

data/CHANGELOG.md

@@ -1,5 +1,70 @@
 # Change Log
 
+## [v4.14.0](https://github.com/auth0/ruby-auth0/tree/v4.14.0) (2020-07-20)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.13.0...v4.14.0)
+
+**Deprecated**
+
+- Deprecate mgmt v1 calls [\#230](https://github.com/auth0/ruby-auth0/pull/230) ([davidpatrick](https://github.com/davidpatrick))
+
+**Removed**
+
+- Remove iat claim value check [\#229](https://github.com/auth0/ruby-auth0/pull/229) ([lbalmaceda](https://github.com/lbalmaceda))
+
+**Fixed**
+
+- Handle missing reset header [\#228](https://github.com/auth0/ruby-auth0/pull/228) ([Widcket](https://github.com/Widcket))
+
+## [v4.13.0](https://github.com/auth0/ruby-auth0/tree/v4.13.0) (2020-06-18)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.12.0...v4.13.0)
+
+**Added**
+
+- Add prompts endpoints [\#205](https://github.com/auth0/ruby-auth0/pull/205) ([unhappychoice](https://github.com/unhappychoice))
+
+**Fixed**
+
+- Fix missing to_json [\#212](https://github.com/auth0/ruby-auth0/pull/212) ([qortex](https://github.com/qortex))
+
+## [v4.12.0](https://github.com/auth0/ruby-auth0/tree/v4.12.0) (2020-06-10)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.11.0...v4.12.0)
+
+**Added**
+
+- Improve OIDC compliance [SDK-987] [\#225](https://github.com/auth0/ruby-auth0/pull/225) ([Widcket](https://github.com/Widcket))
+
+**Security**
+
+- Bump activesupport from 6.0.3 to 6.0.3.1 [\#221](https://github.com/auth0/ruby-auth0/pull/221) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Bump actionpack from 6.0.3 to 6.0.3.1 [\#220](https://github.com/auth0/ruby-auth0/pull/220) ([dependabot[bot]](https://github.com/apps/dependabot))
+
+## [v4.11.0](https://github.com/auth0/ruby-auth0/tree/v4.11.0) (2020-05-06)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.10.0...v4.11.0)
+
+**Added**
+
+- [SDK-1542] Add client secret to Passwordless flow since it is now required [\#217](https://github.com/auth0/ruby-auth0/pull/217) ([stevehobbsdev](https://github.com/stevehobbsdev))
+
+## [v4.10.0](https://github.com/auth0/ruby-auth0/tree/v4.10.0) (2020-04-23)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.9.0...v4.10.0)
+
+**Added**
+
+- Added support for name\_filter parameter \[SDK-1607\] [\#214](https://github.com/auth0/ruby-auth0/pull/214) ([Widcket](https://github.com/Widcket))
+- Pass client\_id, audience at Auth0::Api::V2::ClientGrants\#client\_grants [\#209](https://github.com/auth0/ruby-auth0/pull/209) ([hkdnet](https://github.com/hkdnet))
+- Add rubocop-rails [\#200](https://github.com/auth0/ruby-auth0/pull/200) ([tknzk](https://github.com/tknzk))
+
+**Security**
+
+- Update rack requirement from ~\> 1.6.4 to ~\> 2.1.2 [\#206](https://github.com/auth0/ruby-auth0/pull/206) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Update rake requirement from ~\> 10.4 to ~\> 13.0 [\#207](https://github.com/auth0/ruby-auth0/pull/207) ([dependabot[bot]](https://github.com/apps/dependabot))
+- Update dependencies and CI script [\#210](https://github.com/auth0/ruby-auth0/pull/210) ([lbalmaceda](https://github.com/lbalmaceda))
+
 ## [v4.9.0](https://github.com/auth0/ruby-auth0/tree/v4.9.0) (2019-09-25)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v4.8.0...v4.9.0)
 

data/DEPLOYMENT.md

@@ -1,3 +1,15 @@
+# Releasing the gem
+
+## Credentials set up
+
+Make sure you have access in https://rubygems.org/gems/auth0/ and that your Ruby Gems tokens are set in `~/.gem/credentials`.
+
+In order to generate the required changelog entry, define an environment variable `GITHUB_READ_TOKEN` with a Github API token that has READ access to `repo:public_repo`. You can generate a Github API Token [here](https://github.com/settings/tokens/new?description=GitHub%20Changelog%20Generator%20token).
+
+Create a new Github Milestone with the version name prefixed with `v`. i.e. `v4.10.2`. Assign every Issue and Pull Request to be included on this release to that Milestone, and tag them with the `CH:xxxxxx` labels, depending on the type of change fixed or introduced there.
+
+Finally, follow the next steps:
+
 ```bash
 # Install gems for exec commands
 bundle install
@@ -45,3 +57,5 @@ git push origin vX.X.X
 # Rubygems token can be updated in ~/.gem/credentials
 bundle exec gem release
 ```
+
+The steps above were tested with Ruby `v2.5.7`.

data/Gemfile

@@ -7,6 +7,7 @@ group :development do
   gem 'terminal-notifier-guard', require: false unless ENV['CIRCLECI']
   gem 'coveralls', require: false
   gem 'rubocop', require: false
+  gem 'rubocop-rails', require: false
   gem 'yard', require: false
 end
 

data/Gemfile.lock

@@ -1,21 +1,44 @@
 PATH
   remote: .
   specs:
-    auth0 (4.9.0)
+    auth0 (4.14.0)
+      jwt (~> 2.2.0)
       rest-client (~> 2.0.0)
+      zache (~> 0.12.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
+    actionpack (6.0.3.2)
+      actionview (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      rack (~> 2.0, >= 2.0.8)
+      rack-test (>= 0.6.3)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
+    actionview (6.0.3.2)
+      activesupport (= 6.0.3.2)
+      builder (~> 3.1)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
+    activesupport (6.0.3.2)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
+      i18n (>= 0.7, < 2)
+      minitest (~> 5.1)
+      tzinfo (~> 1.1)
+      zeitwerk (~> 2.2, >= 2.2.2)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    ast (2.4.0)
-    codecov (0.1.14)
+    ast (2.4.1)
+    builder (3.2.4)
+    codecov (0.2.2)
+      colorize
       json
       simplecov
-      url
-    coderay (1.1.2)
-    concurrent-ruby (1.1.5)
+    coderay (1.1.3)
+    colorize (0.8.1)
+    concurrent-ruby (1.1.6)
     coveralls (0.7.1)
       multi_json (~> 1.3)
       rest-client
@@ -24,22 +47,25 @@ GEM
       thor
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
-    diff-lcs (1.3)
+    crass (1.0.6)
+    diff-lcs (1.4.4)
     docile (1.3.2)
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
-    dotenv (2.0.1)
-    dotenv-rails (2.0.1)
-      dotenv (= 2.0.1)
+    dotenv (2.7.6)
+    dotenv-rails (2.7.6)
+      dotenv (= 2.7.6)
+      railties (>= 3.2)
+    erubi (1.9.0)
     faker (1.9.6)
       i18n (>= 0.7)
-    ffi (1.11.1)
+    ffi (1.13.1)
     formatador (0.2.5)
-    fuubar (2.4.1)
+    fuubar (2.5.0)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
     gem-release (0.7.4)
-    guard (2.15.1)
+    guard (2.16.2)
       formatador (>= 0.2.4)
       listen (>= 2.7, < 4.0)
       lumberjack (>= 1.0.12, < 2.0)
@@ -53,96 +79,127 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    hashdiff (1.0.0)
+    hashdiff (1.0.1)
     http-cookie (1.0.3)
       domain_name (~> 0.5)
-    i18n (1.6.0)
+    i18n (1.8.4)
       concurrent-ruby (~> 1.0)
-    jaro_winkler (1.5.3)
-    json (2.2.0)
-    listen (3.1.5)
-      rb-fsevent (~> 0.9, >= 0.9.4)
-      rb-inotify (~> 0.9, >= 0.9.7)
-      ruby_dep (~> 1.2)
-    lumberjack (1.0.13)
+    json (2.3.1)
+    jwt (2.2.1)
+    listen (3.2.1)
+      rb-fsevent (~> 0.10, >= 0.10.3)
+      rb-inotify (~> 0.9, >= 0.9.10)
+    loofah (2.6.0)
+      crass (~> 1.0.2)
+      nokogiri (>= 1.5.9)
+    lumberjack (1.2.6)
     method_source (0.8.2)
-    mime-types (3.3)
+    mime-types (3.3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2019.0904)
-    multi_json (1.13.1)
+    mime-types-data (3.2020.0512)
+    mini_portile2 (2.4.0)
+    minitest (5.14.1)
+    multi_json (1.15.0)
     nenv (0.3.0)
     netrc (0.11.0)
+    nokogiri (1.10.10)
+      mini_portile2 (~> 2.4.0)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    parallel (1.17.0)
-    parser (2.6.4.1)
-      ast (~> 2.4.0)
+    parallel (1.19.2)
+    parser (2.7.1.4)
+      ast (~> 2.4.1)
     pry (0.10.4)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
     pry-nav (0.2.4)
       pry (>= 0.9.10, < 0.11.0)
-    public_suffix (4.0.1)
-    rack (1.6.11)
+    public_suffix (4.0.5)
+    rack (2.1.4)
     rack-test (0.8.3)
       rack (>= 1.0, < 3)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
+    rails-html-sanitizer (1.3.0)
+      loofah (~> 2.3)
+    railties (6.0.3.2)
+      actionpack (= 6.0.3.2)
+      activesupport (= 6.0.3.2)
+      method_source
+      rake (>= 0.8.7)
+      thor (>= 0.20.3, < 2.0)
     rainbow (3.0.0)
-    rake (10.5.0)
-    rb-fsevent (0.10.3)
-    rb-inotify (0.10.0)
+    rake (13.0.1)
+    rb-fsevent (0.10.4)
+    rb-inotify (0.10.1)
       ffi (~> 1.0)
+    regexp_parser (1.7.1)
     rest-client (2.0.2)
       http-cookie (>= 1.0.2, < 2.0)
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
-    rspec (3.8.0)
-      rspec-core (~> 3.8.0)
-      rspec-expectations (~> 3.8.0)
-      rspec-mocks (~> 3.8.0)
-    rspec-core (3.8.2)
-      rspec-support (~> 3.8.0)
-    rspec-expectations (3.8.4)
+    rexml (3.2.4)
+    rspec (3.9.0)
+      rspec-core (~> 3.9.0)
+      rspec-expectations (~> 3.9.0)
+      rspec-mocks (~> 3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-mocks (3.8.1)
+      rspec-support (~> 3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.8.0)
-    rspec-support (3.8.2)
-    rubocop (0.74.0)
-      jaro_winkler (~> 1.5.1)
+      rspec-support (~> 3.9.0)
+    rspec-support (3.9.3)
+    rubocop (0.88.0)
       parallel (~> 1.10)
-      parser (>= 2.6)
+      parser (>= 2.7.1.1)
       rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.7)
+      rexml
+      rubocop-ast (>= 0.1.0, < 1.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 1.7)
+      unicode-display_width (>= 1.4.0, < 2.0)
+    rubocop-ast (0.2.0)
+      parser (>= 2.7.0.1)
+    rubocop-rails (2.7.0)
+      activesupport (>= 4.2.0)
+      rack (>= 1.1)
+      rubocop (>= 0.87.0)
     ruby-progressbar (1.10.1)
-    ruby_dep (1.5.0)
     safe_yaml (1.0.5)
     shellany (0.0.1)
-    simplecov (0.17.1)
+    simplecov (0.18.5)
       docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
+      simplecov-html (~> 0.11)
+    simplecov-html (0.12.2)
     slop (3.6.0)
+    sync (0.5.0)
     term-ansicolor (1.7.1)
       tins (~> 1.0)
     terminal-notifier-guard (1.7.0)
-    thor (0.20.3)
-    tins (1.21.1)
+    thor (1.0.1)
+    thread_safe (0.3.6)
+    tins (1.25.0)
+      sync
+    tzinfo (1.2.7)
+      thread_safe (~> 0.1)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.7.6)
-    unicode-display_width (1.6.0)
-    url (0.3.2)
-    vcr (5.0.0)
-    webmock (3.7.5)
+    unf_ext (0.0.7.7)
+    unicode-display_width (1.7.0)
+    vcr (6.0.0)
+    webmock (3.8.3)
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    yard (0.9.20)
+    yard (0.9.25)
+    zache (0.12.0)
+    zeitwerk (2.4.0)
 
 PLATFORMS
   ruby
@@ -158,11 +215,12 @@ DEPENDENCIES
   guard-rspec (~> 4.5)
   pry (~> 0.10)
   pry-nav (~> 0.2.4)
-  rack (~> 1.6.4)
+  rack (~> 2.1.2)
   rack-test (~> 0.6)
-  rake (~> 10.4)
+  rake (~> 13.0)
   rspec (~> 3.1, >= 3.1.0)
   rubocop
+  rubocop-rails
   simplecov
   terminal-notifier-guard
   vcr