auth0 5.0.0 → 5.1.2

data/spec/lib/auth0/api/v2/tickets_spec.rb

@@ -59,5 +59,60 @@ describe Auth0::Api::V2::Tickets do
                                                new_password: nil)
       expect {@instance.post_password_change}.not_to raise_error
     end
+    
+    it 'expect client to accept organization_id' do
+      expect(@instance).to receive(:post).with('/api/v2/tickets/password-change',
+        result_url: nil,
+        user_id: nil,
+        connection_id: nil,
+        email: nil,
+        ttl_sec: nil,
+        mark_email_as_verified: nil,
+        includeEmailInRedirect: nil,
+        new_password: nil,
+        client_id: '123',
+        organization_id: '999'
+      )
+      expect {
+        @instance.post_password_change(
+          result_url: nil,
+          user_id: nil,
+          connection_id: nil,
+          email: nil,
+          ttl_sec: nil,
+          mark_email_as_verified: nil,
+          includeEmailInRedirect: nil,
+          new_password: nil,
+          client_id: '123',
+          organization_id: '999')
+      }.not_to raise_error
+    end
+
+    it 'expect client to accept client_id' do
+      expect(@instance).to receive(:post).with('/api/v2/tickets/password-change',
+        result_url: nil,
+        user_id: nil,
+        connection_id: nil,
+        email: nil,
+        ttl_sec: nil,
+        mark_email_as_verified: nil,
+        includeEmailInRedirect: nil,
+        new_password: nil,
+        client_id: '123'
+      )
+      expect {
+        @instance.post_password_change(
+          result_url: nil,
+          user_id: nil,
+          connection_id: nil,
+          email: nil,
+          ttl_sec: nil,
+          mark_email_as_verified: nil,
+          includeEmailInRedirect: nil,
+          new_password: nil,
+          client_id: '123'
+        )
+      }.not_to raise_error
+    end
   end
 end

data/spec/lib/auth0/api/v2/users_spec.rb

@@ -524,7 +524,7 @@ describe Auth0::Api::V2::Users do
     end
 
     it 'is expected to get generate a recovery code' do
-      expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/recovery-code-generation')
+      expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/recovery-code-regeneration')
       expect do
         @instance.generate_recovery_code('USER_ID')
       end.not_to raise_error
@@ -549,4 +549,23 @@ describe Auth0::Api::V2::Users do
       end.not_to raise_error
     end
   end
+
+  context '.get_user_organizations' do
+    it 'is expected to respond to a get_user_organizations method' do
+      expect(@instance).to respond_to(:get_user_organizations)
+    end
+
+    it 'is expected to raise an exception when the user ID is empty' do
+      expect { @instance.get_user_organizations(nil) }.to raise_exception(Auth0::MissingUserId)
+    end
+
+    it 'is expected to get users organizations' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/users/USER_ID/organizations'
+      )
+      expect do
+        @instance.get_user_organizations('USER_ID')
+      end.not_to raise_error
+    end
+  end
 end

data/spec/lib/auth0/client_spec.rb

@@ -29,7 +29,7 @@ describe Auth0::Client do
   let(:client_id) { '__test_client_id__' }
   let(:client_secret) { '__test_client_secret__' }
   let(:access_token) { '__test_access_token__' }
-  let(:audience) { "https://#{domain}/api/v2/" }
+  let(:organization) { '__test_organization__'}
 
   describe 'V2 client with token' do
 
@@ -84,13 +84,12 @@ describe Auth0::Client do
       it_should_behave_like 'Authentication API client'
     end
 
-    context 'with token, audience, and client_secret' do
+    context 'with token and client_secret' do
       let(:subject) do
         Auth0::Client.new(
           token: access_token,
           domain: domain,
           client_secret: client_secret,
-          audience: audience
         )
       end
       it_should_behave_like 'v2 API client'
@@ -99,19 +98,53 @@ describe Auth0::Client do
   end
 
   describe 'V2 client without token' do
+    context 'should try to get an API token' do
+      before do
+        stub_api_token
+      end
 
-    before do
-      stub_api_token
+      let(:subject) do
+        Auth0::Client.new(
+          domain: domain,
+          client_id: client_id,
+          client_secret: client_secret,
+        )
+      end
+      it_should_behave_like 'v2 API client'
+      it_should_behave_like 'Authentication API client'
     end
 
-    context 'should try to get an API token' do
+    context 'when try to get an API tokenwith api_identifier' do
+      let(:api_identifier) { 'https://samples.api_identifier/api/v2/' }
+
+      before do
+        stub_api_token_with_api_identifier 
+      end
 
       let(:subject) do
         Auth0::Client.new(
           domain: domain,
           client_id: client_id,
           client_secret: client_secret,
-          audience: audience
+          api_identifier: api_identifier
+        )
+      end
+
+      it_should_behave_like 'v2 API client'
+      it_should_behave_like 'Authentication API client'  
+    end
+
+    context 'when try to get an API tokenwith organization' do
+      before do
+        stub_api_token_with_organization
+      end
+
+      let(:subject) do
+        Auth0::Client.new(
+          domain: domain,
+          client_id: client_id,
+          client_secret: client_secret,
+          organization: organization
         )
       end
       it_should_behave_like 'v2 API client'
@@ -125,7 +158,6 @@ describe Auth0::Client do
           Auth0::Client.new(
             domain: domain,
             client_id: client_id,
-            audience: audience
           )
         end.to raise_error('Must supply a valid API token')
       end
@@ -140,7 +172,45 @@ describe Auth0::Client do
             grant_type: 'client_credentials',
             client_id: client_id,
             client_secret: client_secret,
-            audience: audience
+            audience: "https://#{domain}/api/v2/"
+          }
+        )
+      )
+      .to_return(
+        headers: { 'Content-Type' => 'application/json' },
+        body: '{"access_token":"__test_access_token__"}',
+        status: 200
+      )
+  end
+
+  def stub_api_token_with_api_identifier
+    stub_request(:post, "https://#{domain}/oauth/token")
+      .with(
+        body: hash_including(
+          {
+            grant_type: 'client_credentials',
+            client_id: client_id,
+            client_secret: client_secret,
+            audience: api_identifier
+          }
+        )
+      )
+      .to_return(
+        headers: { 'Content-Type' => 'application/json' },
+        body: '{"access_token":"__test_access_token__"}',
+        status: 200
+      )
+  end
+
+  def stub_api_token_with_organization
+    stub_request(:post, "https://#{domain}/oauth/token")
+      .with(
+        body: hash_including(
+          {
+            grant_type: 'client_credentials',
+            client_id: client_id,
+            client_secret: client_secret,
+            organization: organization
           }
         )
       )

data/spec/lib/auth0/mixins/httpproxy_spec.rb

@@ -104,9 +104,9 @@ describe Auth0::Mixins::HTTPProxy do
       it "should raise Auth0::RateLimitEncountered on send http #{http_method} method
         to path defined through HTTP when 429 recieved" do
         headers = {
-          'X-RateLimit-Limit'     => 10,
-          'X-RateLimit-Remaining' => 0,
-          'X-RateLimit-Reset'     => 1560564149
+          :x_ratelimit_limit     => 10,
+          :x_ratelimit_remaining => 0,
+          :x_ratelimit_reset     => 1560564149
         }
         @exception.response = StubResponse.new({}, false, 429, headers)
         allow(RestClient::Request).to receive(:execute).with(method: http_method,
@@ -127,7 +127,7 @@ describe Auth0::Mixins::HTTPProxy do
             reset: Time.at(1560564149)
           )
         }
-      end      
+      end
 
       it "should raise Auth0::ServerError on send http #{http_method} method
         to path defined through HTTP when 500 received" do
@@ -188,13 +188,13 @@ describe Auth0::Mixins::HTTPProxy do
           .and_raise(@exception)
         expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::Unauthorized)
       end
-      
+
       it "should raise Auth0::RateLimitEncountered on send http #{http_method} method
         to path defined through HTTP when 429 status received" do
         headers = {
-          'X-RateLimit-Limit'     => 10,
-          'X-RateLimit-Remaining' => 0,
-          'X-RateLimit-Reset'     => 1560564149
+          :x_ratelimit_limit     => 10,
+          :x_ratelimit_remaining => 0,
+          :x_ratelimit_reset     => 1560564149
         }
         @exception.response = StubResponse.new({}, false, 429,headers)
         allow(RestClient::Request).to receive(:execute).with(method: http_method,

data/spec/lib/auth0/mixins/validation_spec.rb

@@ -143,6 +143,12 @@ describe Auth0::Mixins::Validation::IdTokenValidator do
       expect { instance.validate(token) }.to raise_exception('Must supply a valid nonce')
     end
 
+    it 'is expected to raise an error with an empty organization' do
+      instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: '' }))
+
+      expect { instance.validate(token) }.to raise_exception('Must supply a valid organization')
+    end
+
     it 'is expected to raise an error with an empty issuer' do
       instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ issuer: '' }))
 
@@ -277,6 +283,32 @@ describe Auth0::Mixins::Validation::IdTokenValidator do
 
       expect { instance.validate(token) }.to raise_exception("Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time \"#{clock}\" is after last auth at \"#{auth_time}\"")
     end
+
+    it 'is expected not to raise an error when org_id exsist in the token, but not required' do
+      token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE3ODgxLCJpYXQiOjE2MTY0NDUwODEsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTQ4MSwib3JnX2lkIjoidGVzdE9yZyJ9.AOafUKUNgaxUXpSRYFCeJERcwrQZ4q2NZlutwGXnh9I'
+      expect { @instance.validate(token) }.not_to raise_exception
+    end
+
+    it 'is expected to raise an error with a missing but required organization' do
+      token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE4MTg1LCJpYXQiOjE2MTY0NDUzODUsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTc4NX0.UMo5pmgceXO9lIKzbk7X0ZhE5DOe0IP2LfMKdUj03zQ'
+      instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: 'a1b2c3d4e5' }))
+
+      expect { instance.validate(token) }.to raise_exception('Organization Id (org_id) claim must be a string present in the ID token')
+    end
+
+    it 'is expected to raise an error with an invalid organization' do
+      token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE3ODgxLCJpYXQiOjE2MTY0NDUwODEsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTQ4MSwib3JnX2lkIjoidGVzdE9yZyJ9.AOafUKUNgaxUXpSRYFCeJERcwrQZ4q2NZlutwGXnh9I'
+      instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: 'a1b2c3d4e5' }))
+
+      expect { instance.validate(token) }.to raise_exception('Organization Id (org_id) claim value mismatch in the ID token; expected "a1b2c3d4e5", found "testOrg"')
+    end
+
+    it 'is expected to NOT raise an error with a valid organization' do
+      token = 'eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL3Rva2Vucy10ZXN0LmF1dGgwLmNvbS8iLCJzdWIiOiJhdXRoMHwxMjM0NTY3ODkiLCJhdWQiOlsidG9rZW5zLXRlc3QtMTIzIiwiZXh0ZXJuYWwtdGVzdC05OTkiXSwiZXhwIjoxNjE2NjE3ODgxLCJpYXQiOjE2MTY0NDUwODEsIm5vbmNlIjoiYTFiMmMzZDRlNSIsImF6cCI6InRva2Vucy10ZXN0LTEyMyIsImF1dGhfdGltZSI6MTYxNjUzMTQ4MSwib3JnX2lkIjoidGVzdE9yZyJ9.AOafUKUNgaxUXpSRYFCeJERcwrQZ4q2NZlutwGXnh9I'
+      instance = Auth0::Mixins::Validation::IdTokenValidator.new(CONTEXT.merge({ organization: 'testOrg' }))
+
+      expect { instance.validate(token) }.not_to raise_exception
+    end
   end
 end
 

data/spec/spec_helper.rb

@@ -4,6 +4,11 @@ require 'faker'
 require 'json'
 require 'auth0'
 
+if RUBY_VERSION >= '2.7.2'
+  # NOTE: https://bugs.ruby-lang.org/issues/17000
+  Warning[:deprecated] = true
+end
+
 require 'simplecov'
 SimpleCov.start
 
@@ -60,4 +65,4 @@ def entity_suffix
   'rubytest'
 end
 
-puts "Entity suffix is #{entity_suffix}"
+puts "Entity suffix is #{entity_suffix}"

metadata

@@ -1,17 +1,17 @@
 --- !ruby/object:Gem::Specification
 name: auth0
 version: !ruby/object:Gem::Version
-  version: 5.0.0
+  version: 5.1.2
 platform: ruby
 authors:
 - Auth0
 - Jose Romaniello
 - Ivan Petroe
 - Patrik Ragnarsson
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-10-23 00:00:00.000000000 Z
+date: 2021-07-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -61,14 +61,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: 2.8.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.7.0
+        version: 2.8.0
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -159,20 +173,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: '3.5'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.1'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 3.1.0
+        version: '3.5'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -221,14 +229,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '2.0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: gem-release
   requirement: !ruby/object:Gem::Requirement
@@ -255,7 +263,9 @@ files:
 - ".env.example"
 - ".gemrelease"
 - ".github/CODEOWNERS"
-- ".github/ISSUE_TEMPLATE.md"
+- ".github/ISSUE_TEMPLATE/config.yml"
+- ".github/ISSUE_TEMPLATE/feature_request.md"
+- ".github/ISSUE_TEMPLATE/report_a_bug.md"
 - ".github/PULL_REQUEST_TEMPLATE.md"
 - ".github/stale.yml"
 - ".gitignore"
@@ -272,7 +282,6 @@ files:
 - DEPLOYMENT.md
 - Dockerfile
 - Gemfile
-- Gemfile.lock
 - Guardfile
 - LICENSE
 - README.md
@@ -353,6 +362,7 @@ files:
 - lib/auth0/api/v2.rb
 - lib/auth0/api/v2/anomaly.rb
 - lib/auth0/api/v2/blacklists.rb
+- lib/auth0/api/v2/branding.rb
 - lib/auth0/api/v2/client_grants.rb
 - lib/auth0/api/v2/clients.rb
 - lib/auth0/api/v2/connections.rb
@@ -362,6 +372,7 @@ files:
 - lib/auth0/api/v2/jobs.rb
 - lib/auth0/api/v2/log_streams.rb
 - lib/auth0/api/v2/logs.rb
+- lib/auth0/api/v2/organizations.rb
 - lib/auth0/api/v2/prompts.rb
 - lib/auth0/api/v2/resource_servers.rb
 - lib/auth0/api/v2/roles.rb
@@ -574,6 +585,7 @@ files:
 - spec/integration/lib/auth0/auth0_client_spec.rb
 - spec/lib/auth0/api/v2/anomaly_spec.rb
 - spec/lib/auth0/api/v2/blacklists_spec.rb
+- spec/lib/auth0/api/v2/branding_spec.rb
 - spec/lib/auth0/api/v2/client_grants_spec.rb
 - spec/lib/auth0/api/v2/clients_spec.rb
 - spec/lib/auth0/api/v2/connections_spec.rb
@@ -583,6 +595,7 @@ files:
 - spec/lib/auth0/api/v2/jobs_spec.rb
 - spec/lib/auth0/api/v2/log_streams_spec.rb
 - spec/lib/auth0/api/v2/logs_spec.rb
+- spec/lib/auth0/api/v2/organizations_spec.rb
 - spec/lib/auth0/api/v2/prompts_spec.rb
 - spec/lib/auth0/api/v2/resource_servers_spec.rb
 - spec/lib/auth0/api/v2/roles_spec.rb
@@ -608,7 +621,7 @@ homepage: https://github.com/auth0/ruby-auth0
 licenses:
 - MIT
 metadata: {}
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -624,7 +637,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.2
-signing_key:
+signing_key: 
 specification_version: 4
 summary: Auth0 API Client
 test_files:
@@ -817,6 +830,7 @@ test_files:
 - spec/integration/lib/auth0/auth0_client_spec.rb
 - spec/lib/auth0/api/v2/anomaly_spec.rb
 - spec/lib/auth0/api/v2/blacklists_spec.rb
+- spec/lib/auth0/api/v2/branding_spec.rb
 - spec/lib/auth0/api/v2/client_grants_spec.rb
 - spec/lib/auth0/api/v2/clients_spec.rb
 - spec/lib/auth0/api/v2/connections_spec.rb
@@ -826,6 +840,7 @@ test_files:
 - spec/lib/auth0/api/v2/jobs_spec.rb
 - spec/lib/auth0/api/v2/log_streams_spec.rb
 - spec/lib/auth0/api/v2/logs_spec.rb
+- spec/lib/auth0/api/v2/organizations_spec.rb
 - spec/lib/auth0/api/v2/prompts_spec.rb
 - spec/lib/auth0/api/v2/resource_servers_spec.rb
 - spec/lib/auth0/api/v2/roles_spec.rb