auth0 5.10.0 → 5.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +2 -2
  3. data/.devcontainer/devcontainer.json +1 -1
  4. data/CHANGELOG.md +11 -0
  5. data/DEVELOPMENT.md +35 -0
  6. data/EXAMPLES.md +220 -0
  7. data/Gemfile.lock +52 -60
  8. data/README.md +68 -253
  9. data/auth0.gemspec +0 -2
  10. data/examples/ruby-api/Gemfile.lock +5 -4
  11. data/examples/ruby-on-rails-api/README.md +0 -2
  12. data/lib/auth0/api/authentication_endpoints.rb +70 -13
  13. data/lib/auth0/api/v2/clients.rb +42 -0
  14. data/lib/auth0/client_assertion.rb +45 -0
  15. data/lib/auth0/mixins/initializer.rb +2 -0
  16. data/lib/auth0/mixins/token_management.rb +1 -1
  17. data/lib/auth0/version.rb +1 -1
  18. data/opslevel.yml +5 -0
  19. data/spec/lib/auth0/api/authentication_endpoints_spec.rb +632 -0
  20. data/spec/lib/auth0/api/v2/clients_spec.rb +51 -0
  21. data/spec/lib/auth0/mixins/initializer_spec.rb +79 -25
  22. data/spec/lib/auth0/mixins/token_management_spec.rb +45 -30
  23. data/spec/spec_helper.rb +0 -1
  24. data/spec/support/dummy_class_for_tokens.rb +2 -0
  25. metadata +8 -31
data/spec/lib/auth0/api/authentication_endpoints_spec.rb ADDED
@@ -0,0 +1,632 @@
1
+ require 'spec_helper'
2
+ require 'timecop'
3
+
4
+ describe Auth0::Api::AuthenticationEndpoints do
5
+ let(:client_id) { 'test-client-id' }
6
+ let(:client_secret) { 'test-client-secret' }
7
+ let(:api_identifier) { 'test-audience' }
8
+ let(:domain) { 'samples.auth0.com' }
9
+
10
+ let(:client_secret_config) { {
11
+ domain: domain,
12
+ client_id: client_id,
13
+ client_secret: client_secret,
14
+ token: 'test',
15
+ api_identifier: api_identifier
16
+ } }
17
+
18
+ let(:client_assertion_config) { {
19
+ domain: domain,
20
+ client_id: client_id,
21
+ client_assertion_signing_key: client_assertion_signing_key_pair[:private_key],
22
+ client_assertion_signing_alg: 'RS256',
23
+ token: 'test',
24
+ api_identifier: api_identifier
25
+ } }
26
+
27
+ let(:client_assertion_signing_key_pair) do
28
+ rsa_private = OpenSSL::PKey::RSA.generate 2048
29
+
30
+ {
31
+ public_key: rsa_private.public_key,
32
+ private_key: rsa_private
33
+ }
34
+ end
35
+
36
+ let(:client_secret_instance) { DummyClassForTokens.send(:include, described_class).new(client_secret_config) }
37
+ let(:client_assertion_instance) { DummyClassForTokens.send(:include, described_class).new(client_assertion_config) }
38
+ let(:time_now) { Time.now }
39
+
40
+ before :each do
41
+ Timecop.freeze(time_now)
42
+ end
43
+
44
+ after :each do
45
+ Timecop.return
46
+ end
47
+
48
+ context 'AuthenticationEndponts' do
49
+ context 'api_token' do
50
+ it 'requests a new token using client_secret' do
51
+ expect(RestClient::Request).to receive(:execute).with(hash_including(
52
+ method: :post,
53
+ url: 'https://samples.auth0.com/oauth/token',
54
+ payload: {
55
+ grant_type: 'client_credentials',
56
+ client_id: client_id,
57
+ audience: api_identifier,
58
+ client_secret: client_secret
59
+ }.to_json
60
+ ))
61
+ .and_return(StubResponse.new({
62
+ "access_token" => "test_response",
63
+ "expires_in" => 86400,
64
+ "scope" => "scope"},
65
+ true,
66
+ 200))
67
+
68
+ result = client_secret_instance.send :api_token, audience: api_identifier
69
+
70
+ expect(result).to be_a_kind_of(Auth0::ApiToken)
71
+ expect(result.access_token).not_to be_nil
72
+ expect(result.scope).not_to be_nil
73
+ expect(result.expires_in).not_to be_nil
74
+ end
75
+
76
+ it 'requests a new token using client_assertion' do
77
+ expect(RestClient::Request).to receive(:execute) do |arg|
78
+ expect(arg).to match(
79
+ include(
80
+ method: :post,
81
+ url: 'https://samples.auth0.com/oauth/token'
82
+ ))
83
+
84
+ payload = JSON.parse(arg[:payload], { symbolize_names: true })
85
+
86
+ expect(payload[:client_secret]).to be_nil
87
+ expect(payload[:client_assertion]).not_to be_nil
88
+ expect(payload[:client_assertion_type]).to eq(Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE)
89
+
90
+ StubResponse.new({
91
+ "access_token" => "test_response",
92
+ "expires_in" => 86400,
93
+ "scope" => "scope"},
94
+ true,
95
+ 200)
96
+ end
97
+
98
+ result = client_assertion_instance.send :api_token, audience: api_identifier
99
+
100
+ expect(result).to be_a_kind_of(Auth0::ApiToken)
101
+ expect(result.access_token).not_to be_nil
102
+ expect(result.scope).not_to be_nil
103
+ expect(result.expires_in).not_to be_nil
104
+ end
105
+ end
106
+
107
+ context 'exchange_auth_code_for_tokens' do
108
+ it 'requests a new token using client_secret' do
109
+ expect(RestClient::Request).to receive(:execute) do |arg|
110
+ expect(arg).to match(
111
+ include(
112
+ method: :post,
113
+ url: 'https://samples.auth0.com/oauth/token'
114
+ )
115
+ )
116
+
117
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
118
+ grant_type: 'authorization_code',
119
+ client_id: client_id,
120
+ client_secret: client_secret,
121
+ code: 'the_auth_code',
122
+ redirect_uri: nil
123
+ })
124
+
125
+ StubResponse.new({
126
+ "id_token" => "id_token",
127
+ "access_token" => "test_access_token",
128
+ "expires_in" => 86400},
129
+ true,
130
+ 200)
131
+ end
132
+
133
+ result = client_secret_instance.send :exchange_auth_code_for_tokens, 'the_auth_code'
134
+
135
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
136
+ expect(result.id_token).not_to be_nil
137
+ expect(result.access_token).not_to be_nil
138
+ expect(result.expires_in).not_to be_nil
139
+ end
140
+
141
+ it 'requests a new token using client_assertion' do
142
+ expect(RestClient::Request).to receive(:execute) do |arg|
143
+ expect(arg).to match(
144
+ include(
145
+ method: :post,
146
+ url: 'https://samples.auth0.com/oauth/token',
147
+ )
148
+ )
149
+
150
+ payload = JSON.parse arg[:payload], symbolize_names: true
151
+
152
+ expect(payload[:client_secret]).to be_nil
153
+ expect(payload[:client_assertion]).not_to be_nil
154
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
155
+
156
+ StubResponse.new({
157
+ "id_token" => "id_token",
158
+ "access_token" => "test_access_token",
159
+ "expires_in" => 86400},
160
+ true,
161
+ 200)
162
+ end
163
+
164
+ result = client_assertion_instance.send :exchange_auth_code_for_tokens, 'the_auth_code'
165
+
166
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
167
+ expect(result.id_token).not_to be_nil
168
+ expect(result.access_token).not_to be_nil
169
+ expect(result.expires_in).not_to be_nil
170
+ end
171
+ end
172
+
173
+ context 'exchange_refresh_token' do
174
+ it 'exchanges the refresh token using a client secret' do
175
+ expect(RestClient::Request).to receive(:execute) do |arg|
176
+ expect(arg).to match(
177
+ include(
178
+ method: :post,
179
+ url: 'https://samples.auth0.com/oauth/token'
180
+ )
181
+ )
182
+
183
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
184
+ grant_type: 'refresh_token',
185
+ client_id: client_id,
186
+ client_secret: client_secret,
187
+ refresh_token: 'the_refresh_token'
188
+ })
189
+
190
+ StubResponse.new({
191
+ "id_token" => "id_token",
192
+ "access_token" => "test_access_token",
193
+ "expires_in" => 86400},
194
+ true,
195
+ 200)
196
+ end
197
+
198
+ result = client_secret_instance.send :exchange_refresh_token, 'the_refresh_token'
199
+
200
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
201
+ expect(result.id_token).not_to be_nil
202
+ expect(result.access_token).not_to be_nil
203
+ expect(result.expires_in).not_to be_nil
204
+ end
205
+
206
+ it 'exchanges the refresh token using client_assertion' do
207
+ expect(RestClient::Request).to receive(:execute) do |arg|
208
+ expect(arg).to match(
209
+ include(
210
+ method: :post,
211
+ url: 'https://samples.auth0.com/oauth/token'
212
+ )
213
+ )
214
+
215
+ payload = JSON.parse arg[:payload], symbolize_names: true
216
+
217
+ expect(payload[:grant_type]).to eq('refresh_token')
218
+ expect(payload[:refresh_token]).to eq('the_refresh_token')
219
+ expect(payload[:client_secret]).to be_nil
220
+ expect(payload[:client_assertion]).not_to be_nil
221
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
222
+
223
+ StubResponse.new({
224
+ "id_token" => "id_token",
225
+ "access_token" => "test_access_token",
226
+ "expires_in" => 86400},
227
+ true,
228
+ 200)
229
+ end
230
+
231
+ result = client_assertion_instance.send :exchange_refresh_token, 'the_refresh_token'
232
+
233
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
234
+ expect(result.id_token).not_to be_nil
235
+ expect(result.access_token).not_to be_nil
236
+ expect(result.expires_in).not_to be_nil
237
+ end
238
+ end
239
+
240
+ context 'exchange_sms_otp_for_tokens', focus: true do
241
+ it 'requests the tokens using an OTP from SMS' do
242
+ expect(RestClient::Request).to receive(:execute) do |arg|
243
+ expect(arg).to match(
244
+ include(
245
+ method: :post,
246
+ url: 'https://samples.auth0.com/oauth/token'
247
+ )
248
+ )
249
+
250
+ payload = JSON.parse arg[:payload], symbolize_names: true
251
+
252
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
253
+ expect(payload[:username]).to eq 'phone_number'
254
+ expect(payload[:realm]).to eq 'sms'
255
+ expect(payload[:otp]).to eq 'code'
256
+ expect(payload[:client_id]).to eq client_id
257
+ expect(payload[:client_secret]).to eq client_secret
258
+ expect(payload[:scope]).to eq 'openid profile email'
259
+ expect(payload[:audience]).to be_nil
260
+
261
+ StubResponse.new({
262
+ "id_token" => "id_token",
263
+ "access_token" => "test_access_token",
264
+ "expires_in" => 86400},
265
+ true,
266
+ 200)
267
+ end
268
+
269
+ result = client_secret_instance.send :exchange_sms_otp_for_tokens, 'phone_number', 'code'
270
+
271
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
272
+ expect(result.id_token).not_to be_nil
273
+ expect(result.access_token).not_to be_nil
274
+ expect(result.expires_in).not_to be_nil
275
+ end
276
+
277
+ it 'requests the tokens using OTP from SMS, and overrides scope and audience' do
278
+ expect(RestClient::Request).to receive(:execute) do |arg|
279
+ expect(arg).to match(
280
+ include(
281
+ method: :post,
282
+ url: 'https://samples.auth0.com/oauth/token'
283
+ )
284
+ )
285
+
286
+ payload = JSON.parse arg[:payload], symbolize_names: true
287
+
288
+ expect(payload[:scope]).to eq 'openid'
289
+ expect(payload[:audience]).to eq api_identifier
290
+
291
+ StubResponse.new({
292
+ "id_token" => "id_token",
293
+ "access_token" => "test_access_token",
294
+ "expires_in" => 86400},
295
+ true,
296
+ 200)
297
+ end
298
+
299
+ result = client_secret_instance.send(:exchange_sms_otp_for_tokens, 'phone_number', 'code',
300
+ audience: api_identifier,
301
+ scope: 'openid'
302
+ )
303
+
304
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
305
+ expect(result.id_token).not_to be_nil
306
+ expect(result.access_token).not_to be_nil
307
+ expect(result.expires_in).not_to be_nil
308
+ end
309
+
310
+ it 'requests the tokens using an OTP from SMS using client assertion' do
311
+ expect(RestClient::Request).to receive(:execute) do |arg|
312
+ expect(arg).to match(
313
+ include(
314
+ method: :post,
315
+ url: 'https://samples.auth0.com/oauth/token'
316
+ )
317
+ )
318
+
319
+ payload = JSON.parse arg[:payload], symbolize_names: true
320
+
321
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
322
+ expect(payload[:client_secret]).to be_nil
323
+ expect(payload[:client_assertion]).not_to be_nil
324
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
325
+
326
+ StubResponse.new({
327
+ "id_token" => "id_token",
328
+ "access_token" => "test_access_token",
329
+ "expires_in" => 86400},
330
+ true,
331
+ 200)
332
+ end
333
+
334
+ client_assertion_instance.send :exchange_sms_otp_for_tokens, 'phone_number', 'code'
335
+ end
336
+ end
337
+
338
+ context 'exchange_email_otp_for_tokens', focus: true do
339
+ it 'requests the tokens using email OTP' do
340
+ expect(RestClient::Request).to receive(:execute) do |arg|
341
+ expect(arg).to match(
342
+ include(
343
+ method: :post,
344
+ url: 'https://samples.auth0.com/oauth/token'
345
+ )
346
+ )
347
+
348
+ payload = JSON.parse arg[:payload], symbolize_names: true
349
+
350
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
351
+ expect(payload[:username]).to eq 'email_address'
352
+ expect(payload[:realm]).to eq 'email'
353
+ expect(payload[:otp]).to eq 'code'
354
+ expect(payload[:client_id]).to eq client_id
355
+ expect(payload[:client_secret]).to eq client_secret
356
+ expect(payload[:scope]).to eq 'openid profile email'
357
+ expect(payload[:audience]).to be_nil
358
+
359
+ StubResponse.new({
360
+ "id_token" => "id_token",
361
+ "access_token" => "test_access_token",
362
+ "expires_in" => 86400},
363
+ true,
364
+ 200)
365
+ end
366
+
367
+ result = client_secret_instance.send :exchange_email_otp_for_tokens, 'email_address', 'code'
368
+
369
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
370
+ expect(result.id_token).not_to be_nil
371
+ expect(result.access_token).not_to be_nil
372
+ expect(result.expires_in).not_to be_nil
373
+ end
374
+
375
+ it 'requests the tokens using OTP from email, and overrides scope and audience' do
376
+ expect(RestClient::Request).to receive(:execute) do |arg|
377
+ expect(arg).to match(
378
+ include(
379
+ method: :post,
380
+ url: 'https://samples.auth0.com/oauth/token'
381
+ )
382
+ )
383
+
384
+ payload = JSON.parse arg[:payload], symbolize_names: true
385
+
386
+ expect(payload[:scope]).to eq 'openid'
387
+ expect(payload[:audience]).to eq api_identifier
388
+
389
+ StubResponse.new({
390
+ "id_token" => "id_token",
391
+ "access_token" => "test_access_token",
392
+ "expires_in" => 86400},
393
+ true,
394
+ 200)
395
+ end
396
+
397
+ client_secret_instance.send(:exchange_email_otp_for_tokens, 'email_address', 'code',
398
+ audience: api_identifier,
399
+ scope: 'openid'
400
+ )
401
+ end
402
+
403
+ it 'requests the tokens using OTP from email using client assertion' do
404
+ expect(RestClient::Request).to receive(:execute) do |arg|
405
+ expect(arg).to match(
406
+ include(
407
+ method: :post,
408
+ url: 'https://samples.auth0.com/oauth/token'
409
+ )
410
+ )
411
+
412
+ payload = JSON.parse arg[:payload], symbolize_names: true
413
+
414
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
415
+ expect(payload[:client_secret]).to be_nil
416
+ expect(payload[:client_assertion]).not_to be_nil
417
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
418
+
419
+ StubResponse.new({
420
+ "id_token" => "id_token",
421
+ "access_token" => "test_access_token",
422
+ "expires_in" => 86400},
423
+ true,
424
+ 200)
425
+ end
426
+
427
+ client_assertion_instance.send(:exchange_email_otp_for_tokens, 'email_address', 'code',
428
+ audience: api_identifier,
429
+ scope: 'openid'
430
+ )
431
+ end
432
+ end
433
+
434
+ context 'login_with_resource_owner' do
435
+ it 'logs in using a client secret' do
436
+ expect(RestClient::Request).to receive(:execute) do |arg|
437
+ expect(arg).to match(
438
+ include(
439
+ method: :post,
440
+ url: 'https://samples.auth0.com/oauth/token'
441
+ )
442
+ )
443
+
444
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
445
+ username: 'the_username',
446
+ password: 'the_password',
447
+ grant_type: 'password',
448
+ client_id: client_id,
449
+ client_secret: client_secret,
450
+ realm: nil,
451
+ audience: nil,
452
+ scope: 'openid'
453
+ })
454
+
455
+ StubResponse.new({
456
+ "id_token" => "id_token",
457
+ "access_token" => "test_access_token",
458
+ "expires_in" => 86400},
459
+ true,
460
+ 200)
461
+ end
462
+
463
+ result = client_secret_instance.send :login_with_resource_owner, 'the_username', 'the_password'
464
+
465
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
466
+ expect(result.id_token).not_to be_nil
467
+ expect(result.access_token).not_to be_nil
468
+ expect(result.expires_in).not_to be_nil
469
+ end
470
+
471
+ it 'logs in using a client secret, realm and audience' do
472
+ expect(RestClient::Request).to receive(:execute) do |arg|
473
+ expect(arg).to match(
474
+ include(
475
+ method: :post,
476
+ url: 'https://samples.auth0.com/oauth/token'
477
+ )
478
+ )
479
+
480
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
481
+ username: 'the_username',
482
+ password: 'the_password',
483
+ grant_type: 'http://auth0.com/oauth/grant-type/password-realm',
484
+ client_id: client_id,
485
+ client_secret: client_secret,
486
+ realm: 'my-realm',
487
+ audience: api_identifier,
488
+ scope: 'openid'
489
+ })
490
+
491
+ StubResponse.new({
492
+ "id_token" => "id_token",
493
+ "access_token" => "test_access_token",
494
+ "expires_in" => 86400},
495
+ true,
496
+ 200)
497
+ end
498
+
499
+ result = client_secret_instance.send :login_with_resource_owner, 'the_username', 'the_password', realm: 'my-realm', audience: api_identifier
500
+
501
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
502
+ expect(result.id_token).not_to be_nil
503
+ expect(result.access_token).not_to be_nil
504
+ expect(result.expires_in).not_to be_nil
505
+ end
506
+
507
+ it 'logs in using client assertion' do
508
+ expect(RestClient::Request).to receive(:execute) do |arg|
509
+ expect(arg).to match(
510
+ include(
511
+ method: :post,
512
+ url: 'https://samples.auth0.com/oauth/token'
513
+ )
514
+ )
515
+
516
+ payload = JSON.parse arg[:payload], symbolize_names: true
517
+
518
+ expect(payload[:grant_type]).to eq('password')
519
+ expect(payload[:client_secret]).to be_nil
520
+ expect(payload[:client_assertion]).not_to be_nil
521
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
522
+
523
+ StubResponse.new({
524
+ "id_token" => "id_token",
525
+ "access_token" => "test_access_token",
526
+ "expires_in" => 86400},
527
+ true,
528
+ 200)
529
+ end
530
+
531
+ result = client_assertion_instance.send :login_with_resource_owner, 'the_username', 'the_password'
532
+
533
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
534
+ expect(result.id_token).not_to be_nil
535
+ expect(result.access_token).not_to be_nil
536
+ expect(result.expires_in).not_to be_nil
537
+ end
538
+ end
539
+
540
+ context 'start_passwordless_email_flow' do
541
+ it 'starts passwordless flow using a client secret' do
542
+ expect(RestClient::Request).to receive(:execute) do |arg|
543
+ expect(arg).to match(
544
+ include(
545
+ method: :post,
546
+ url: 'https://samples.auth0.com/passwordless/start'
547
+ )
548
+ )
549
+
550
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
551
+ email: 'email@test.com',
552
+ send: 'link',
553
+ authParams: {},
554
+ connection: 'email',
555
+ client_id: client_id,
556
+ client_secret: client_secret
557
+ })
558
+
559
+ StubResponse.new({}, true, 200)
560
+ end
561
+
562
+ client_secret_instance.send :start_passwordless_email_flow, 'email@test.com'
563
+ end
564
+
565
+ it 'starts passwordless email flow using client assertion' do
566
+ expect(RestClient::Request).to receive(:execute) do |arg|
567
+ expect(arg).to match(
568
+ include(
569
+ method: :post,
570
+ url: 'https://samples.auth0.com/passwordless/start'
571
+ )
572
+ )
573
+
574
+ payload = JSON.parse arg[:payload], symbolize_names: true
575
+
576
+ expect(payload[:client_secret]).to be_nil
577
+ expect(payload[:client_assertion]).not_to be_nil
578
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
579
+
580
+ StubResponse.new({}, true, 200)
581
+ end
582
+
583
+ client_assertion_instance.send :start_passwordless_email_flow, 'email@test.com'
584
+ end
585
+ end
586
+
587
+ context 'start_passwordless_sms_flow' do
588
+ it 'starts passwordless flow using a client secret' do
589
+ expect(RestClient::Request).to receive(:execute) do |arg|
590
+ expect(arg).to match(
591
+ include(
592
+ method: :post,
593
+ url: 'https://samples.auth0.com/passwordless/start'
594
+ )
595
+ )
596
+
597
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
598
+ phone_number: '123456789',
599
+ connection: 'sms',
600
+ client_id: client_id,
601
+ client_secret: client_secret
602
+ })
603
+
604
+ StubResponse.new({}, true, 200)
605
+ end
606
+
607
+ client_secret_instance.send :start_passwordless_sms_flow, '123456789'
608
+ end
609
+
610
+ it 'starts passwordless email flow using client assertion' do
611
+ expect(RestClient::Request).to receive(:execute) do |arg|
612
+ expect(arg).to match(
613
+ include(
614
+ method: :post,
615
+ url: 'https://samples.auth0.com/passwordless/start'
616
+ )
617
+ )
618
+
619
+ payload = JSON.parse arg[:payload], symbolize_names: true
620
+
621
+ expect(payload[:client_secret]).to be_nil
622
+ expect(payload[:client_assertion]).not_to be_nil
623
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
624
+
625
+ StubResponse.new({}, true, 200)
626
+ end
627
+
628
+ client_assertion_instance.send :start_passwordless_sms_flow, '123456789'
629
+ end
630
+ end
631
+ end
632
+ end
data/spec/lib/auth0/api/v2/clients_spec.rb CHANGED
@@ -101,4 +101,55 @@ describe Auth0::Api::V2::Clients do
101
101
  it { expect { @instance.patch_client('', nil) }.to raise_error 'Must specify a client id' }
102
102
  it { expect { @instance.patch_client('some', nil) }.to raise_error 'Must specify a valid body' }
103
103
  end
104
+
105
+ context '.create_client_credentials' do
106
+ it { expect(@instance).to respond_to(:create_client_credentials) }
107
+
108
+ it 'is expected to send post to /api/v2/clients/1/credentials' do
109
+ payload = { credential_type: 'public_key', name: 'my credentials', pem: '' }
110
+
111
+ expect(@instance).to receive(:post).with('/api/v2/clients/1/credentials', payload)
112
+ expect { @instance.create_client_credentials('1', payload) }.not_to raise_error
113
+ end
114
+
115
+ it { expect { @instance.create_client_credentials('', nil) }.to raise_error 'Must specify a client id' }
116
+ it { expect { @instance.create_client_credentials('1', nil) }.to raise_error 'Must specify a valid body' }
117
+ end
118
+
119
+ context '.client_credentials' do
120
+ it { expect(@instance).to respond_to(:client_credentials) }
121
+ it { expect(@instance).to respond_to(:get_client_credentials) }
122
+
123
+ it 'is expected to send get to /api/v2/clients/1/credentials' do
124
+ expect(@instance).to receive(:get).with('/api/v2/clients/1/credentials')
125
+ expect { @instance.client_credentials('1') }.not_to raise_error
126
+ end
127
+
128
+ it { expect { @instance.client_credentials('') }.to raise_error 'Must specify a client id' }
129
+ end
130
+
131
+ context '.client_credential' do
132
+ it { expect(@instance).to respond_to(:client_credential) }
133
+ it { expect(@instance).to respond_to(:get_client_credential) }
134
+
135
+ it 'is expected to send get to /api/v2/clients/1/credentials/2' do
136
+ expect(@instance).to receive(:get).with('/api/v2/clients/1/credentials/2')
137
+ expect { @instance.client_credential('1', '2') }.not_to raise_error
138
+ end
139
+
140
+ it { expect { @instance.client_credential('', '') }.to raise_error 'Must specify a client id' }
141
+ it { expect { @instance.client_credential('1', '') }.to raise_error 'Must specify a credential id' }
142
+ end
143
+
144
+ context '.delete_client_credential' do
145
+ it { expect(@instance).to respond_to(:delete_client_credential) }
146
+
147
+ it 'is expected to delete /api/v2/clients/1/credentials/2' do
148
+ expect(@instance).to receive(:delete).with('/api/v2/clients/1/credentials/2')
149
+ expect { @instance.delete_client_credential('1', '2') }.not_to raise_error
150
+ end
151
+
152
+ it { expect { @instance.delete_client_credential('', '') }.to raise_error 'Must specify a client id' }
153
+ it { expect { @instance.delete_client_credential('1', '') }.to raise_error 'Must specify a credential id' }
154
+ end
104
155
  end