RubyGems - auth0 - Versions diffs - 5.1.1 → 5.4.0 - Mend

auth0 5.1.1 → 5.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6363fb309ed21f92b00feb47e3df1a870fb5bdec7e6786eafb436d6c93249afd
-  data.tar.gz: d45130f889436020fea8acb76385fa4a5f884b8c04cda38345ccb06b4408699d
+  metadata.gz: fc12c7c72ce796f0bc1a7599037731d8561438b610c45c7401e164f5c0ffa78e
+  data.tar.gz: a821ee4bccbaa05ecef61d586c36d6088318eaf28f254ee78f387740b4949725
 SHA512:
-  metadata.gz: c736ed7cc86e68643659bec55bca8b26e5a2262f0a1c81547c505c3e9375698a24e4094a72f08412fb6962abe3717c3055bb5ad7c86a91626e1e9585e102a27d
-  data.tar.gz: f201783d610980d679e5c13741c278acd070060f917b4015dc098e2c56c81b265ef3a1e3901849a6662ba97c8627b95b80337e9562461cf825baaa6eec64b7f6
+  metadata.gz: 758ede4765b01d316a9dab22abc0d4ecc315d1e743e8700d5451f61f70e4f8d57c5a3561dfe96f0732546139ff39696e12e16d5ff20daf5e168f726ca1c1d571
+  data.tar.gz: f29e16f61158cbc0651a0b76429032c61c5cde9006ce267d008d9f7ac5ce91136a575e64f419be937df7add6e0f36e7e88e5ea3afa2ea3a654d8c2d7123ef1b2

data/.gitignore CHANGED Viewed

@@ -12,3 +12,8 @@ coverage
 spec/auth0.yml
 .env
 /Gemfile.lock
+/.yardoc/checksums
+/.yardoc/complete
+/.yardoc/object_types
+/.yardoc/objects/root.dat
+/.yardoc/proxy_types

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,50 @@
 # Change Log
-## [v5.1.01(https://github.com/auth0/ruby-auth0/tree/v5.1.1) (2021-04-14)
+## [v5.4.0](https://github.com/auth0/ruby-auth0/tree/v5.4.0) (2021-07-23)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.3.0..v5.4.0)
+**Fixed**
+- Fixing yard issues with documentation [\#288](https://github.com/auth0/ruby-auth0/pull/288) ([davidpatrick](https://github.com/davidpatrick))
+**Changed**
+- Change strategy when normalizing path [\#287](https://github.com/auth0/ruby-auth0/pull/287) ([davidpatrick](https://github.com/davidpatrick))
+## [v5.3.0](https://github.com/auth0/ruby-auth0/tree/v5.3.0) (2021-07-23)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.2.0..v5.3.0)
+**Added**
+- Checkpoint Pagination [\#284](https://github.com/auth0/ruby-auth0/pull/284) ([davidpatrick](https://github.com/davidpatrick))
+## [v5.2.0](https://github.com/auth0/ruby-auth0/tree/v5.2.0) (2021-07-20)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.1.2..v5.2.0)
+**Fixed**
+- Ensure email param is properly encoded in delete_connection_user [\#280](https://github.com/auth0/ruby-auth0/pull/280) ([widcket](https://github.com/widcket))
+**Added**
+- Adds Rotating Refresh Token type to Device Credentials [\#275](https://github.com/auth0/ruby-auth0/pull/275) ([epintos](https://github.com/epintos))
+**Changed**
+- Do not lock dependencies to minor version [\#279](https://github.com/auth0/ruby-auth0/pull/279) ([athix](https://github.com/athix))
+## [v5.1.2](https://github.com/auth0/ruby-auth0/tree/v5.1.2) (2021-07-15)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.1.1..v5.1.2)
+**Security**
+- Bump addressable version per CVE-2021-32740 [\#276](https://github.com/auth0/ruby-auth0/pull/276) ([lostapathy](https://github.com/lostapathy))
+## [v5.1.1](https://github.com/auth0/ruby-auth0/tree/v5.1.1) (2021-04-14)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.1.0..v5.1.1)

data/README.md CHANGED Viewed

@@ -234,6 +234,7 @@ begin
 rescue Auth0::InvalidIdToken => e
   # In this case the ID Token contents should not be trusted
 end
+```
 For more information, please read [Work with Tokens and Organizations](https://auth0.com/docs/organizations/using-tokens) on Auth0 Docs.

data/auth0.gemspec CHANGED Viewed

@@ -16,10 +16,10 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
   s.require_paths = ['lib']
-  s.add_runtime_dependency 'rest-client', '~> 2.0.0'
-  s.add_runtime_dependency 'jwt', '~> 2.2.0'
-  s.add_runtime_dependency 'zache', '~> 0.12.0'
-  s.add_runtime_dependency 'addressable', '~> 2.7.0'
+  s.add_runtime_dependency 'rest-client', '~> 2.0.2' #2.1.0 has breaking changes
+  s.add_runtime_dependency 'jwt', '~> 2.2'
+  s.add_runtime_dependency 'zache', '~> 0.12'
+  s.add_runtime_dependency 'addressable', '~> 2.8'
   s.add_development_dependency 'bundler'
   s.add_development_dependency 'rake', '~> 13.0'
@@ -27,10 +27,10 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'guard-rspec', '~> 4.5' unless ENV['CIRCLECI']
   s.add_development_dependency 'dotenv-rails', '~> 2.0'
   s.add_development_dependency 'pry', '~> 0.10'
-  s.add_development_dependency 'pry-nav', '~> 0.2.4'
+  s.add_development_dependency 'pry-nav', '~> 0.2'
   s.add_development_dependency 'rspec', '~> 3.5'
   s.add_development_dependency 'rack-test', '~> 0.6'
-  s.add_development_dependency 'rack', '~> 2.1.2'
+  s.add_development_dependency 'rack', '~> 2.1'
   s.add_development_dependency 'simplecov', '~> 0.9'
   s.add_development_dependency 'faker', '~> 2.0'
   s.add_development_dependency 'gem-release', '~> 0.7'

data/lib/auth0/api/v2/branding.rb CHANGED Viewed

@@ -35,7 +35,6 @@ module Auth0
         # Delete template for New Universal Login Experience
         # @see https://auth0.com/docs/api/management/v2/#!/Branding/delete_universal_login
-        # @param rule_id [string] The id of the rule to delete.
         def delete_branding_templates_for_universal_login
           delete(templates_path)
         end

data/lib/auth0/api/v2/connections.rb CHANGED Viewed

@@ -81,8 +81,11 @@ module Auth0
         def delete_connection_user(connection_id, user_email)
           raise Auth0::InvalidParameter, 'Must supply a valid connection id' if connection_id.to_s.empty?
           raise Auth0::InvalidParameter, 'Must supply a valid user email' if user_email.to_s.empty?
-          path = "#{connections_path}/#{connection_id}/users?email=#{user_email}"
-          delete(path)
+          path = "#{connections_path}/#{connection_id}/users"
+          request_params = {
+            email: user_email
+          }
+          delete(path, request_params)
         end
         # Updates a connection. Updates the fields specified in the body parameter.

data/lib/auth0/api/v2/device_credentials.rb CHANGED Viewed

@@ -12,7 +12,7 @@ module Auth0
         #   * :fields [string] A comma separated list of fields to include or exclude from the result.
         #   * :include_fields [boolean] True if the fields specified are to be included in the result, false otherwise.
         #   * :user_id [string] The user_id of the devices to retrieve.
-        #   * :type [string] The type of credentials. Possible values: 'public_key' or 'refresh_token'.
+        #   * :type [string] Type of credentials to retrieve. Must be 'public_key', 'refresh_token' or 'rotating_refresh_token'
         #
         # @return [json] Returns the list of existing devices for the specified client_id.
         # rubocop:disable Metrics/AbcSize
@@ -25,8 +25,8 @@ module Auth0
             type: options.fetch(:type, nil)
           }
           raise Auth0::InvalidParameter, 'Must supply a valid client_id' if client_id.to_s.empty?
-          if !request_params[:type].nil? && !%w(public_key refresh_token).include?(request_params[:type])
-            raise Auth0::InvalidParameter, 'Type must be one of \'public_key\', \'refresh_token\''
+          if !request_params[:type].nil? && !%w(public_key refresh_token rotating_refresh_token).include?(request_params[:type])
+            raise Auth0::InvalidParameter, 'Type must be one of \'public_key\', \'refresh_token\', \'rotating_refresh_token\''
           end
           get(device_credentials_path, request_params)
         end

data/lib/auth0/api/v2/logs.rb CHANGED Viewed

@@ -16,8 +16,8 @@ module Auth0
         #   * :fields [string] A comma separated list of fields to include or exclude from the result.
         #   * :include_fields [boolean] True if the fields specified are to be included in the result, false otherwise.
         #   * :include_totals [string] True if a query summary must be included in the result, false otherwise.
-        #   * :from [string] Log Event Id to start retrieving logs. You can limit the amount of logs using the take parameter.
-        #   * :take [integer] The total amount of entries to retrieve when using the from parameter.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
         # Default: 50. Max value: 100.
         #
         # @return [json] Returns the list of existing log entries.

data/lib/auth0/api/v2/organizations.rb CHANGED Viewed

@@ -12,12 +12,16 @@ module Auth0
         # @param options [hash] The Hash options used to define the paging of rersults
         #   * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
         #   * :page [integer] The page number. Zero based.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
         #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
         # @return [json] All Organizations
         def organizations(options = {})
           request_params = {
             per_page:       options.fetch(:per_page, nil),
             page:           options.fetch(:page, nil),
+            from:           options.fetch(:from, nil),
+            take:           options.fetch(:take, nil),
             include_totals: options.fetch(:include_totals, nil)
           }
           get(organizations_path, request_params)
@@ -212,13 +216,25 @@ module Auth0
         # Get Members in a Organization
         # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_members
         # @param organization_id [string] The Organization ID
-        # @param user_id [string] The User ID
+        # @param options [hash] The Hash options used to define the paging of rersults
+        #   * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
+        #   * :page [integer] The page number. Zero based.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
+        #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
         #
         # @return [json] Returns the members for the given organization
-        def get_organizations_members(organization_id)
+        def get_organizations_members(organization_id, options = {})
           raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
+          request_params = {
+            per_page:       options.fetch(:per_page, nil),
+            page:           options.fetch(:page, nil),
+            from:           options.fetch(:from, nil),
+            take:           options.fetch(:take, nil),
+            include_totals: options.fetch(:include_totals, nil)
+          }
           path = "#{organizations_members_path(organization_id)}"
-          get(path)
+          get(path, request_params)
         end
         # Add members in an organization

data/lib/auth0/api/v2/roles.rb CHANGED Viewed

@@ -87,13 +87,17 @@ module Auth0
         # @param options [hash] A hash of options for getting Roles
         #   - per_page: Number of Roles to return.
         #   - page: Page number to return, zero-based.
-        #   - include_totals: True to include query summary in the result, false or nil otherwise.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
+        #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
         def get_role_users(role_id, options = {})
           raise Auth0::MissingParameter, 'Must supply a valid role_id' if role_id.to_s.empty?
           request_params = {
-            per_page: options.fetch(:per_page, nil),
-            page: options.fetch(:page, nil),
+            per_page:       options.fetch(:per_page, nil),
+            page:           options.fetch(:page, nil),
+            from:           options.fetch(:from, nil),
+            take:           options.fetch(:take, nil),
             include_totals: options.fetch(:include_totals, nil)
           }
           get "#{roles_path}/#{role_id}/users", request_params

data/lib/auth0/exception.rb CHANGED Viewed

@@ -53,7 +53,7 @@ module Auth0
   # Auth0 API rate-limiting encountered
   class RateLimitEncountered < Auth0::HTTPError
     def reset
-      Time.at(headers['X-RateLimit-Reset']).utc
+      Time.at(Integer(headers[:x_ratelimit_reset])).utc
     end
   end

data/lib/auth0/mixins/httpproxy.rb CHANGED Viewed

@@ -9,8 +9,15 @@ module Auth0
       # proxying requests from instance methods to HTTP class methods
       %i(get post post_file put patch delete delete_with_body).each do |method|
-        define_method(method) do |path, body = {}, extra_headers = {}|
-          safe_path = Addressable::URI.escape(path)
+        define_method(method) do |uri, body = {}, extra_headers = {}|
+          if base_uri
+            # if a base_uri is set then the uri can be encoded as a path
+            safe_path = Addressable::URI.new(path: uri).normalized_path
+          else
+            safe_path = Addressable::URI.escape(uri)
+          end
           body = body.delete_if { |_, v| v.nil? }
           result = if method == :get
                      # Mutate the headers property to add parameters.
@@ -26,7 +33,10 @@ module Auth0
                      call(:delete, url(safe_path), timeout, headers, body.to_json)
                    elsif method == :post_file
                      body.merge!(multipart: true)
-                     call(:post, url(safe_path), timeout, headers, body)
+                     # Ignore the default Content-Type headers and let the HTTP client define them
+                     post_file_headers = headers.slice(*headers.keys - ['Content-Type'])
+                     # Actual call with the altered headers
+                     call(:post, url(safe_path), timeout, post_file_headers, body)
                    else
                      call(method, url(safe_path), timeout, headers, body.to_json)
                    end

data/lib/auth0/version.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '5.1.1'.freeze
+  VERSION = '5.4.0'.freeze
 end

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connection/_filters/should_exclude_the_fields_indicated.yml CHANGED Viewed

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_LW7vB80FsVmRF4fN?fields=name,id&include_fields=false
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_n8MJ02x2Zs0JBUWN?fields=name,id&include_fields=false
     body:
       encoding: US-ASCII
       string: ''
@@ -12,52 +12,64 @@ http_interactions:
       Accept-Encoding:
       - gzip, deflate
       User-Agent:
-      - Ruby/2.3.1
+      - rest-client/2.0.2 (darwin20.2.0 x86_64) ruby/2.7.2p137
       Content-Type:
       - application/json
       Auth0-Client:
-      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjUuMCJ9
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjEuMiIsImVudiI6eyJydWJ5IjoiMi43LjIifX0=
       Authorization:
       - Bearer API_TOKEN
-      Host:
-      - auth0-sdk-tests.auth0.com
   response:
     status:
       code: 200
       message: OK
     headers:
       Date:
-      - Fri, 05 Oct 2018 20:17:17 GMT
+      - Tue, 20 Jul 2021 02:14:49 GMT
       Content-Type:
       - application/json; charset=utf-8
       Transfer-Encoding:
       - chunked
       Connection:
       - keep-alive
-      X-Ratelimit-Limit:
-      - '10'
-      X-Ratelimit-Remaining:
-      - '7'
-      X-Ratelimit-Reset:
-      - '1538770639'
-      Vary:
-      - origin,accept-encoding
+      Cf-Ray:
+      - 6718ada05caf0d20-LAX
       Cache-Control:
-      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+      - no-cache
       Content-Encoding:
       - gzip
       Strict-Transport-Security:
-      - max-age=15724800
-      X-Robots-Tag:
-      - noindex, nofollow, nosnippet, noarchive
+      - max-age=31536000
+      Vary:
+      - origin,accept-encoding
+      Cf-Cache-Status:
+      - DYNAMIC
+      Expect-Ct:
+      - max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
+      Ot-Baggage-Auth0-Request-Id:
+      - 6718ada05caf0d20
+      Ot-Tracer-Sampled:
+      - 'true'
+      Ot-Tracer-Spanid:
+      - 25f1c5cc01ec17ff
+      Ot-Tracer-Traceid:
+      - 1a4dd66f250d867d
+      X-Content-Type-Options:
+      - nosniff
+      X-Ratelimit-Limit:
+      - '50'
+      X-Ratelimit-Remaining:
+      - '49'
+      X-Ratelimit-Reset:
+      - '1626747290'
+      Server:
+      - cloudflare
+      Alt-Svc:
+      - h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
+        ma=86400
     body:
       encoding: ASCII-8BIT
       string: !binary |-
-        H4sIAAAAAAAAA0WOQQrCQAxF75J1BXHZrRdw4U5kSKdpHZgmJckoRXp3p4q6
-        SnifvPwnyOxJ2KB9wjTgNjB6uhO0roUaUPKiHIhVcg5G7olH+6RrAzOaPUT7
-        k+QUF2hhFOmhgU6LUxhEI4VZxSlub75Sc0WncQl3Unvzw/qn1YLFb/uqSRZ6
-        mTBxiML8lQyYrVqIscvUh5gTsddOl+vWF/O07XAm8+PvaqelW7wiuK4ve7Zv
-        I/YAAAA=
-    http_version:
-  recorded_at: Fri, 05 Oct 2018 20:17:17 GMT
-recorded_with: VCR 4.0.0
+        H4sIAAAAAAAAAz2PwWrDQAxE/0VnF5xQCvGtFAK9BdqSQAjLei27G9aSkbQpbsi/d5M2PQk0o6eZM/BkkUmhOcPY++vwweIJoTHJWIGgZSGHJJySUzSLNOiveqlg8qpfLN2GUwwzNDAwd1CBmnjDYXYnFC0PoFlW0Eo2dD1LQDcJGwa7SX+s+02h+GyfdcFEdR2PPpILTHT39z5piYbk24SdCykiWcm0h2Wgbc7D07df7xbHesDFZrU6Pn9QvX7cveVXOFwb+TTe3O+o9vLPfZDczlZWcLj8ALzgJBkYAQAA
+  recorded_at: Tue, 20 Jul 2021 02:14:49 GMT
+recorded_with: VCR 6.0.0

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connection/_filters/should_include_the_fields_indicated.yml CHANGED Viewed

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: get
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_LW7vB80FsVmRF4fN?fields=name,id&include_fields=true
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_n8MJ02x2Zs0JBUWN?fields=name,id&include_fields=true
     body:
       encoding: US-ASCII
       string: ''
@@ -12,50 +12,64 @@ http_interactions:
       Accept-Encoding:
       - gzip, deflate
       User-Agent:
-      - Ruby/2.3.1
+      - rest-client/2.0.2 (darwin20.2.0 x86_64) ruby/2.7.2p137
       Content-Type:
       - application/json
       Auth0-Client:
-      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjUuMCJ9
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjEuMiIsImVudiI6eyJydWJ5IjoiMi43LjIifX0=
       Authorization:
       - Bearer API_TOKEN
-      Host:
-      - auth0-sdk-tests.auth0.com
   response:
     status:
       code: 200
       message: OK
     headers:
       Date:
-      - Fri, 05 Oct 2018 20:17:17 GMT
+      - Tue, 20 Jul 2021 02:14:49 GMT
       Content-Type:
       - application/json; charset=utf-8
       Transfer-Encoding:
       - chunked
       Connection:
       - keep-alive
-      X-Ratelimit-Limit:
-      - '10'
-      X-Ratelimit-Remaining:
-      - '8'
-      X-Ratelimit-Reset:
-      - '1538770639'
-      Vary:
-      - origin,accept-encoding
+      Cf-Ray:
+      - 6718ad9ea9c23173-LAX
       Cache-Control:
-      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+      - no-cache
       Content-Encoding:
       - gzip
       Strict-Transport-Security:
-      - max-age=15724800
-      X-Robots-Tag:
-      - noindex, nofollow, nosnippet, noarchive
+      - max-age=31536000
+      Vary:
+      - origin,accept-encoding
+      Cf-Cache-Status:
+      - DYNAMIC
+      Expect-Ct:
+      - max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
+      Ot-Baggage-Auth0-Request-Id:
+      - 6718ad9ea9c23173
+      Ot-Tracer-Sampled:
+      - 'true'
+      Ot-Tracer-Spanid:
+      - 1bb309994137c31b
+      Ot-Tracer-Traceid:
+      - 0747a0f428a15eca
+      X-Content-Type-Options:
+      - nosniff
+      X-Ratelimit-Limit:
+      - '50'
+      X-Ratelimit-Remaining:
+      - '49'
+      X-Ratelimit-Reset:
+      - '1626747290'
+      Server:
+      - cloudflare
+      Alt-Svc:
+      - h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
+        ma=86400
     body:
       encoding: ASCII-8BIT
       string: !binary |-
-        H4sIAAAAAAAAA6tWykxRslJKzs+L9wk3L3OyMHArDssNcjNJ81PSUcpLzE0F
-        yoakFpc45+flpSaXZObn6RaVJlWWAIWACjKL41PycxMz8+KT4fJKVmmJOcWp
-        tQCC/XfpWwAAAA==
-    http_version:
-  recorded_at: Fri, 05 Oct 2018 20:17:17 GMT
-recorded_with: VCR 4.0.0
+        H4sIAAAAAAAAA6tWykxRslJKzs+Lz7Pw9TIwqjCKKjbwcgoN91PSUcpLzE0FyoakFpc45+flpSaXZObn6RaVJlWWAIWACjKL41PycxMz8+KT4fJKVmmJOcWptQAJ916aWwAAAA==
+  recorded_at: Tue, 20 Jul 2021 02:14:49 GMT
+recorded_with: VCR 6.0.0