auth0 5.1.0 → 5.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 268e36ef0f352a266607bdad5435b4ebddfacc3b29dd4aa4d922966950ca0e46
-  data.tar.gz: 2190414d235036db1218c7560d67a1cb9a300f02495d2fdaa1c267398480d130
+  metadata.gz: 1d21b8018643c7c1fbe1749efc7bd375c6fca4bc67b8a7f6c1036bf17594c886
+  data.tar.gz: 7b89fc89c380469c0db6c86ddd4f00e6c1502a68c5f13c4bfcbbc35d58c6a23f
 SHA512:
-  metadata.gz: 52706c2e0c0ed270a987ec83568e94cf37d9b4a951ef00f813fed275c6a0ddb15b87324111a399b34d09b3ee448446140d197670a003be6f2bcd930295f73867
-  data.tar.gz: 9f316b486484eb9af039b3f39670a259fc9d1e41b249e7faa4916d1b6345a54ba6233f2d2dc4daf4c55dc41756269062a5a7fb539b9c6285224a9b45140911eb
+  metadata.gz: 93fc45bd2a0c457d2f387291eb77cfabcad12c68bfa95d012b9ceeff3b62e25dfd31e8bd7ea67047c89a131f99ef375beb87dedaaabbaae391d6c210860b25cd
+  data.tar.gz: 694021376e92ab80198642919be1c2b94d27eb74a75862c4fdc15509251339faa6dd7eda013f7ab06df202ee4beeceab7465dfa0ae53b454e30c05e6338dbe09

data/CHANGELOG.md

@@ -1,5 +1,46 @@
 # Change Log
 
+## [v5.3.0](https://github.com/auth0/ruby-auth0/tree/v5.3.0) (2021-07-23)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.2.0..v5.3.0)
+
+**Added**
+
+- Checkpoint Pagination [\#284](https://github.com/auth0/ruby-auth0/pull/284) ([davidpatrick](https://github.com/davidpatrick))
+
+## [v5.2.0](https://github.com/auth0/ruby-auth0/tree/v5.2.0) (2021-07-20)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.1.2..v5.2.0)
+
+**Fixed**
+
+- Ensure email param is properly encoded in delete_connection_user [\#280](https://github.com/auth0/ruby-auth0/pull/280) ([widcket](https://github.com/widcket))
+
+**Added**
+
+- Adds Rotating Refresh Token type to Device Credentials [\#275](https://github.com/auth0/ruby-auth0/pull/275) ([epintos](https://github.com/epintos))
+
+**Changed**
+
+- Do not lock dependencies to minor version [\#279](https://github.com/auth0/ruby-auth0/pull/279) ([athix](https://github.com/athix))
+
+## [v5.1.2](https://github.com/auth0/ruby-auth0/tree/v5.1.2) (2021-07-15)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.1.1..v5.1.2)
+
+**Security**
+
+- Bump addressable version per CVE-2021-32740 [\#276](https://github.com/auth0/ruby-auth0/pull/276) ([lostapathy](https://github.com/lostapathy))
+
+## [v5.1.1](https://github.com/auth0/ruby-auth0/tree/v5.1.1) (2021-04-14)
+
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.1.0..v5.1.1)
+
+**Fixed**
+
+- Fixes create_organizations_enabled_connection [\#269](https://github.com/auth0/ruby-auth0/pull/269) ([davidpatrick](https://github.com/apps/davidpatrick))
+
+
 ## [v5.1.0](https://github.com/auth0/ruby-auth0/tree/v5.1.0) (2021-04-09)
 
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.0.1..v5.1.0)

data/README.md

@@ -234,6 +234,7 @@ begin
 rescue Auth0::InvalidIdToken => e
   # In this case the ID Token contents should not be trusted
 end
+```
 
 For more information, please read [Work with Tokens and Organizations](https://auth0.com/docs/organizations/using-tokens) on Auth0 Docs.
 

data/auth0.gemspec

@@ -16,10 +16,10 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
   s.require_paths = ['lib']
 
-  s.add_runtime_dependency 'rest-client', '~> 2.0.0'
-  s.add_runtime_dependency 'jwt', '~> 2.2.0'
-  s.add_runtime_dependency 'zache', '~> 0.12.0'
-  s.add_runtime_dependency 'addressable', '~> 2.7.0'
+  s.add_runtime_dependency 'rest-client', '~> 2.0.2' #2.1.0 has breaking changes
+  s.add_runtime_dependency 'jwt', '~> 2.2'
+  s.add_runtime_dependency 'zache', '~> 0.12'
+  s.add_runtime_dependency 'addressable', '~> 2.8'
 
   s.add_development_dependency 'bundler'
   s.add_development_dependency 'rake', '~> 13.0'
@@ -27,10 +27,10 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'guard-rspec', '~> 4.5' unless ENV['CIRCLECI']
   s.add_development_dependency 'dotenv-rails', '~> 2.0'
   s.add_development_dependency 'pry', '~> 0.10'
-  s.add_development_dependency 'pry-nav', '~> 0.2.4'
+  s.add_development_dependency 'pry-nav', '~> 0.2'
   s.add_development_dependency 'rspec', '~> 3.5'
   s.add_development_dependency 'rack-test', '~> 0.6'
-  s.add_development_dependency 'rack', '~> 2.1.2'
+  s.add_development_dependency 'rack', '~> 2.1'
   s.add_development_dependency 'simplecov', '~> 0.9'
   s.add_development_dependency 'faker', '~> 2.0'
   s.add_development_dependency 'gem-release', '~> 0.7'

data/lib/auth0/api/v2/connections.rb

@@ -81,8 +81,11 @@ module Auth0
         def delete_connection_user(connection_id, user_email)
           raise Auth0::InvalidParameter, 'Must supply a valid connection id' if connection_id.to_s.empty?
           raise Auth0::InvalidParameter, 'Must supply a valid user email' if user_email.to_s.empty?
-          path = "#{connections_path}/#{connection_id}/users?email=#{user_email}"
-          delete(path)
+          path = "#{connections_path}/#{connection_id}/users"
+          request_params = {
+            email: user_email
+          }
+          delete(path, request_params)
         end
 
         # Updates a connection. Updates the fields specified in the body parameter.

data/lib/auth0/api/v2/device_credentials.rb

@@ -12,7 +12,7 @@ module Auth0
         #   * :fields [string] A comma separated list of fields to include or exclude from the result.
         #   * :include_fields [boolean] True if the fields specified are to be included in the result, false otherwise.
         #   * :user_id [string] The user_id of the devices to retrieve.
-        #   * :type [string] The type of credentials. Possible values: 'public_key' or 'refresh_token'.
+        #   * :type [string] Type of credentials to retrieve. Must be 'public_key', 'refresh_token' or 'rotating_refresh_token'
         #
         # @return [json] Returns the list of existing devices for the specified client_id.
         # rubocop:disable Metrics/AbcSize
@@ -25,8 +25,8 @@ module Auth0
             type: options.fetch(:type, nil)
           }
           raise Auth0::InvalidParameter, 'Must supply a valid client_id' if client_id.to_s.empty?
-          if !request_params[:type].nil? && !%w(public_key refresh_token).include?(request_params[:type])
-            raise Auth0::InvalidParameter, 'Type must be one of \'public_key\', \'refresh_token\''
+          if !request_params[:type].nil? && !%w(public_key refresh_token rotating_refresh_token).include?(request_params[:type])
+            raise Auth0::InvalidParameter, 'Type must be one of \'public_key\', \'refresh_token\', \'rotating_refresh_token\''
           end
           get(device_credentials_path, request_params)
         end

data/lib/auth0/api/v2/logs.rb

@@ -16,8 +16,8 @@ module Auth0
         #   * :fields [string] A comma separated list of fields to include or exclude from the result.
         #   * :include_fields [boolean] True if the fields specified are to be included in the result, false otherwise.
         #   * :include_totals [string] True if a query summary must be included in the result, false otherwise.
-        #   * :from [string] Log Event Id to start retrieving logs. You can limit the amount of logs using the take parameter.
-        #   * :take [integer] The total amount of entries to retrieve when using the from parameter.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
         # Default: 50. Max value: 100.
         #
         # @return [json] Returns the list of existing log entries.

data/lib/auth0/api/v2/organizations.rb

@@ -12,12 +12,16 @@ module Auth0
         # @param options [hash] The Hash options used to define the paging of rersults
         #   * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
         #   * :page [integer] The page number. Zero based.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
         #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
         # @return [json] All Organizations
         def organizations(options = {})
           request_params = {
             per_page:       options.fetch(:per_page, nil),
             page:           options.fetch(:page, nil),
+            from:           options.fetch(:from, nil),
+            take:           options.fetch(:take, nil),
             include_totals: options.fetch(:include_totals, nil)
           }
           get(organizations_path, request_params)
@@ -127,15 +131,18 @@ module Auth0
         # Add an enabled connection for an Organization
         # @see https://auth0.com/docs/api/management/v2/#!/Organizations/post_enabled_connections
         # @param organization_id [string] The Organization ID
+        # @param connection_id [string] The Organization ID
         # @param assign_membership_on_login [boolean] flag to allow assign membership on login
         #
         # @return [json] Returns the connection for the given organization
-        def create_organizations_enabled_connection(organization_id, assign_membership_on_login: false)
+        def create_organizations_enabled_connection(organization_id, connection_id, assign_membership_on_login: false)
           raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
+          raise Auth0::InvalidParameter, 'Must supply a valid connection id' if connection_id.to_s.empty?
           path = "#{organizations_enabled_connections_path(organization_id)}"
           
           body = {}
           body[:assign_membership_on_login] = assign_membership_on_login
+          body[:connection_id] = connection_id
 
           post(path, body)
         end
@@ -209,13 +216,25 @@ module Auth0
         # Get Members in a Organization
         # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_members
         # @param organization_id [string] The Organization ID
-        # @param user_id [string] The User ID
+        # @param options [hash] The Hash options used to define the paging of rersults
+        #   * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
+        #   * :page [integer] The page number. Zero based.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
+        #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
         #
         # @return [json] Returns the members for the given organization
-        def get_organizations_members(organization_id)
+        def get_organizations_members(organization_id, options = {})
           raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
+          request_params = {
+            per_page:       options.fetch(:per_page, nil),
+            page:           options.fetch(:page, nil),
+            from:           options.fetch(:from, nil),
+            take:           options.fetch(:take, nil),
+            include_totals: options.fetch(:include_totals, nil)
+          }
           path = "#{organizations_members_path(organization_id)}"
-          get(path)
+          get(path, request_params)
         end
 
         # Add members in an organization

data/lib/auth0/api/v2/roles.rb

@@ -87,13 +87,17 @@ module Auth0
         # @param options [hash] A hash of options for getting Roles
         #   - per_page: Number of Roles to return.
         #   - page: Page number to return, zero-based.
-        #   - include_totals: True to include query summary in the result, false or nil otherwise.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
+        #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
         def get_role_users(role_id, options = {})
           raise Auth0::MissingParameter, 'Must supply a valid role_id' if role_id.to_s.empty?
 
           request_params = {
-            per_page: options.fetch(:per_page, nil),
-            page: options.fetch(:page, nil),
+            per_page:       options.fetch(:per_page, nil),
+            page:           options.fetch(:page, nil),
+            from:           options.fetch(:from, nil),
+            take:           options.fetch(:take, nil),
             include_totals: options.fetch(:include_totals, nil)
           }
           get "#{roles_path}/#{role_id}/users", request_params

data/lib/auth0/exception.rb

@@ -53,7 +53,7 @@ module Auth0
   # Auth0 API rate-limiting encountered
   class RateLimitEncountered < Auth0::HTTPError
     def reset
-      Time.at(headers['X-RateLimit-Reset']).utc
+      Time.at(Integer(headers[:x_ratelimit_reset])).utc
     end
   end
 

data/lib/auth0/mixins/httpproxy.rb

@@ -26,7 +26,10 @@ module Auth0
                      call(:delete, url(safe_path), timeout, headers, body.to_json)
                    elsif method == :post_file
                      body.merge!(multipart: true)
-                     call(:post, url(safe_path), timeout, headers, body)
+                     # Ignore the default Content-Type headers and let the HTTP client define them
+                     post_file_headers = headers.slice(*headers.keys - ['Content-Type'])
+                     # Actual call with the altered headers
+                     call(:post, url(safe_path), timeout, post_file_headers, body)
                    else
                      call(method, url(safe_path), timeout, headers, body.to_json)
                    end

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '5.1.0'.freeze
+  VERSION = '5.3.0'.freeze
 end

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connection/_filters/should_exclude_the_fields_indicated.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_LW7vB80FsVmRF4fN?fields=name,id&include_fields=false
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_n8MJ02x2Zs0JBUWN?fields=name,id&include_fields=false
     body:
       encoding: US-ASCII
       string: ''
@@ -12,52 +12,64 @@ http_interactions:
       Accept-Encoding:
       - gzip, deflate
       User-Agent:
-      - Ruby/2.3.1
+      - rest-client/2.0.2 (darwin20.2.0 x86_64) ruby/2.7.2p137
       Content-Type:
       - application/json
       Auth0-Client:
-      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjUuMCJ9
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjEuMiIsImVudiI6eyJydWJ5IjoiMi43LjIifX0=
       Authorization:
       - Bearer API_TOKEN
-      Host:
-      - auth0-sdk-tests.auth0.com
   response:
     status:
       code: 200
       message: OK
     headers:
       Date:
-      - Fri, 05 Oct 2018 20:17:17 GMT
+      - Tue, 20 Jul 2021 02:14:49 GMT
       Content-Type:
       - application/json; charset=utf-8
       Transfer-Encoding:
       - chunked
       Connection:
       - keep-alive
-      X-Ratelimit-Limit:
-      - '10'
-      X-Ratelimit-Remaining:
-      - '7'
-      X-Ratelimit-Reset:
-      - '1538770639'
-      Vary:
-      - origin,accept-encoding
+      Cf-Ray:
+      - 6718ada05caf0d20-LAX
       Cache-Control:
-      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+      - no-cache
       Content-Encoding:
       - gzip
       Strict-Transport-Security:
-      - max-age=15724800
-      X-Robots-Tag:
-      - noindex, nofollow, nosnippet, noarchive
+      - max-age=31536000
+      Vary:
+      - origin,accept-encoding
+      Cf-Cache-Status:
+      - DYNAMIC
+      Expect-Ct:
+      - max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
+      Ot-Baggage-Auth0-Request-Id:
+      - 6718ada05caf0d20
+      Ot-Tracer-Sampled:
+      - 'true'
+      Ot-Tracer-Spanid:
+      - 25f1c5cc01ec17ff
+      Ot-Tracer-Traceid:
+      - 1a4dd66f250d867d
+      X-Content-Type-Options:
+      - nosniff
+      X-Ratelimit-Limit:
+      - '50'
+      X-Ratelimit-Remaining:
+      - '49'
+      X-Ratelimit-Reset:
+      - '1626747290'
+      Server:
+      - cloudflare
+      Alt-Svc:
+      - h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
+        ma=86400
     body:
       encoding: ASCII-8BIT
       string: !binary |-
-        H4sIAAAAAAAAA0WOQQrCQAxF75J1BXHZrRdw4U5kSKdpHZgmJckoRXp3p4q6
-        SnifvPwnyOxJ2KB9wjTgNjB6uhO0roUaUPKiHIhVcg5G7olH+6RrAzOaPUT7
-        k+QUF2hhFOmhgU6LUxhEI4VZxSlub75Sc0WncQl3Unvzw/qn1YLFb/uqSRZ6
-        mTBxiML8lQyYrVqIscvUh5gTsddOl+vWF/O07XAm8+PvaqelW7wiuK4ve7Zv
-        I/YAAAA=
-    http_version: 
-  recorded_at: Fri, 05 Oct 2018 20:17:17 GMT
-recorded_with: VCR 4.0.0
+        H4sIAAAAAAAAAz2PwWrDQAxE/0VnF5xQCvGtFAK9BdqSQAjLei27G9aSkbQpbsi/d5M2PQk0o6eZM/BkkUmhOcPY++vwweIJoTHJWIGgZSGHJJySUzSLNOiveqlg8qpfLN2GUwwzNDAwd1CBmnjDYXYnFC0PoFlW0Eo2dD1LQDcJGwa7SX+s+02h+GyfdcFEdR2PPpILTHT39z5piYbk24SdCykiWcm0h2Wgbc7D07df7xbHesDFZrU6Pn9QvX7cveVXOFwb+TTe3O+o9vLPfZDczlZWcLj8ALzgJBkYAQAA
+  recorded_at: Tue, 20 Jul 2021 02:14:49 GMT
+recorded_with: VCR 6.0.0

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connection/_filters/should_include_the_fields_indicated.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_LW7vB80FsVmRF4fN?fields=name,id&include_fields=true
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_n8MJ02x2Zs0JBUWN?fields=name,id&include_fields=true
     body:
       encoding: US-ASCII
       string: ''
@@ -12,50 +12,64 @@ http_interactions:
       Accept-Encoding:
       - gzip, deflate
       User-Agent:
-      - Ruby/2.3.1
+      - rest-client/2.0.2 (darwin20.2.0 x86_64) ruby/2.7.2p137
       Content-Type:
       - application/json
       Auth0-Client:
-      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjUuMCJ9
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjEuMiIsImVudiI6eyJydWJ5IjoiMi43LjIifX0=
       Authorization:
       - Bearer API_TOKEN
-      Host:
-      - auth0-sdk-tests.auth0.com
   response:
     status:
       code: 200
       message: OK
     headers:
       Date:
-      - Fri, 05 Oct 2018 20:17:17 GMT
+      - Tue, 20 Jul 2021 02:14:49 GMT
       Content-Type:
       - application/json; charset=utf-8
       Transfer-Encoding:
       - chunked
       Connection:
       - keep-alive
-      X-Ratelimit-Limit:
-      - '10'
-      X-Ratelimit-Remaining:
-      - '8'
-      X-Ratelimit-Reset:
-      - '1538770639'
-      Vary:
-      - origin,accept-encoding
+      Cf-Ray:
+      - 6718ad9ea9c23173-LAX
       Cache-Control:
-      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+      - no-cache
       Content-Encoding:
       - gzip
       Strict-Transport-Security:
-      - max-age=15724800
-      X-Robots-Tag:
-      - noindex, nofollow, nosnippet, noarchive
+      - max-age=31536000
+      Vary:
+      - origin,accept-encoding
+      Cf-Cache-Status:
+      - DYNAMIC
+      Expect-Ct:
+      - max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
+      Ot-Baggage-Auth0-Request-Id:
+      - 6718ad9ea9c23173
+      Ot-Tracer-Sampled:
+      - 'true'
+      Ot-Tracer-Spanid:
+      - 1bb309994137c31b
+      Ot-Tracer-Traceid:
+      - 0747a0f428a15eca
+      X-Content-Type-Options:
+      - nosniff
+      X-Ratelimit-Limit:
+      - '50'
+      X-Ratelimit-Remaining:
+      - '49'
+      X-Ratelimit-Reset:
+      - '1626747290'
+      Server:
+      - cloudflare
+      Alt-Svc:
+      - h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
+        ma=86400
     body:
       encoding: ASCII-8BIT
       string: !binary |-
-        H4sIAAAAAAAAA6tWykxRslJKzs+L9wk3L3OyMHArDssNcjNJ81PSUcpLzE0F
-        yoakFpc45+flpSaXZObn6RaVJlWWAIWACjKL41PycxMz8+KT4fJKVmmJOcWp
-        tQCC/XfpWwAAAA==
-    http_version: 
-  recorded_at: Fri, 05 Oct 2018 20:17:17 GMT
-recorded_with: VCR 4.0.0
+        H4sIAAAAAAAAA6tWykxRslJKzs+Lz7Pw9TIwqjCKKjbwcgoN91PSUcpLzE0FyoakFpc45+flpSaXZObn6RaVJlWWAIWACjKL41PycxMz8+KT4fJKVmmJOcWptQAJ916aWwAAAA==
+  recorded_at: Tue, 20 Jul 2021 02:14:49 GMT
+recorded_with: VCR 6.0.0