auth0 5.10.0 → 5.11.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (25) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +2 -2
  3. data/.devcontainer/devcontainer.json +1 -1
  4. data/CHANGELOG.md +11 -0
  5. data/DEVELOPMENT.md +35 -0
  6. data/EXAMPLES.md +220 -0
  7. data/Gemfile.lock +52 -60
  8. data/README.md +68 -253
  9. data/auth0.gemspec +0 -2
  10. data/examples/ruby-api/Gemfile.lock +5 -4
  11. data/examples/ruby-on-rails-api/README.md +0 -2
  12. data/lib/auth0/api/authentication_endpoints.rb +70 -13
  13. data/lib/auth0/api/v2/clients.rb +42 -0
  14. data/lib/auth0/client_assertion.rb +45 -0
  15. data/lib/auth0/mixins/initializer.rb +2 -0
  16. data/lib/auth0/mixins/token_management.rb +1 -1
  17. data/lib/auth0/version.rb +1 -1
  18. data/opslevel.yml +5 -0
  19. data/spec/lib/auth0/api/authentication_endpoints_spec.rb +632 -0
  20. data/spec/lib/auth0/api/v2/clients_spec.rb +51 -0
  21. data/spec/lib/auth0/mixins/initializer_spec.rb +79 -25
  22. data/spec/lib/auth0/mixins/token_management_spec.rb +45 -30
  23. data/spec/spec_helper.rb +0 -1
  24. data/spec/support/dummy_class_for_tokens.rb +2 -0
  25. metadata +8 -31
data/spec/lib/auth0/api/authentication_endpoints_spec.rb ADDED
@@ -0,0 +1,632 @@
1
+ require 'spec_helper'
2
+ require 'timecop'
3
+
4
+ describe Auth0::Api::AuthenticationEndpoints do
5
+ let(:client_id) { 'test-client-id' }
6
+ let(:client_secret) { 'test-client-secret' }
7
+ let(:api_identifier) { 'test-audience' }
8
+ let(:domain) { 'samples.auth0.com' }
9
+
10
+ let(:client_secret_config) { {
11
+ domain: domain,
12
+ client_id: client_id,
13
+ client_secret: client_secret,
14
+ token: 'test',
15
+ api_identifier: api_identifier
16
+ } }
17
+
18
+ let(:client_assertion_config) { {
19
+ domain: domain,
20
+ client_id: client_id,
21
+ client_assertion_signing_key: client_assertion_signing_key_pair[:private_key],
22
+ client_assertion_signing_alg: 'RS256',
23
+ token: 'test',
24
+ api_identifier: api_identifier
25
+ } }
26
+
27
+ let(:client_assertion_signing_key_pair) do
28
+ rsa_private = OpenSSL::PKey::RSA.generate 2048
29
+
30
+ {
31
+ public_key: rsa_private.public_key,
32
+ private_key: rsa_private
33
+ }
34
+ end
35
+
36
+ let(:client_secret_instance) { DummyClassForTokens.send(:include, described_class).new(client_secret_config) }
37
+ let(:client_assertion_instance) { DummyClassForTokens.send(:include, described_class).new(client_assertion_config) }
38
+ let(:time_now) { Time.now }
39
+
40
+ before :each do
41
+ Timecop.freeze(time_now)
42
+ end
43
+
44
+ after :each do
45
+ Timecop.return
46
+ end
47
+
48
+ context 'AuthenticationEndponts' do
49
+ context 'api_token' do
50
+ it 'requests a new token using client_secret' do
51
+ expect(RestClient::Request).to receive(:execute).with(hash_including(
52
+ method: :post,
53
+ url: 'https://samples.auth0.com/oauth/token',
54
+ payload: {
55
+ grant_type: 'client_credentials',
56
+ client_id: client_id,
57
+ audience: api_identifier,
58
+ client_secret: client_secret
59
+ }.to_json
60
+ ))
61
+ .and_return(StubResponse.new({
62
+ "access_token" => "test_response",
63
+ "expires_in" => 86400,
64
+ "scope" => "scope"},
65
+ true,
66
+ 200))
67
+
68
+ result = client_secret_instance.send :api_token, audience: api_identifier
69
+
70
+ expect(result).to be_a_kind_of(Auth0::ApiToken)
71
+ expect(result.access_token).not_to be_nil
72
+ expect(result.scope).not_to be_nil
73
+ expect(result.expires_in).not_to be_nil
74
+ end
75
+
76
+ it 'requests a new token using client_assertion' do
77
+ expect(RestClient::Request).to receive(:execute) do |arg|
78
+ expect(arg).to match(
79
+ include(
80
+ method: :post,
81
+ url: 'https://samples.auth0.com/oauth/token'
82
+ ))
83
+
84
+ payload = JSON.parse(arg[:payload], { symbolize_names: true })
85
+
86
+ expect(payload[:client_secret]).to be_nil
87
+ expect(payload[:client_assertion]).not_to be_nil
88
+ expect(payload[:client_assertion_type]).to eq(Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE)
89
+
90
+ StubResponse.new({
91
+ "access_token" => "test_response",
92
+ "expires_in" => 86400,
93
+ "scope" => "scope"},
94
+ true,
95
+ 200)
96
+ end
97
+
98
+ result = client_assertion_instance.send :api_token, audience: api_identifier
99
+
100
+ expect(result).to be_a_kind_of(Auth0::ApiToken)
101
+ expect(result.access_token).not_to be_nil
102
+ expect(result.scope).not_to be_nil
103
+ expect(result.expires_in).not_to be_nil
104
+ end
105
+ end
106
+
107
+ context 'exchange_auth_code_for_tokens' do
108
+ it 'requests a new token using client_secret' do
109
+ expect(RestClient::Request).to receive(:execute) do |arg|
110
+ expect(arg).to match(
111
+ include(
112
+ method: :post,
113
+ url: 'https://samples.auth0.com/oauth/token'
114
+ )
115
+ )
116
+
117
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
118
+ grant_type: 'authorization_code',
119
+ client_id: client_id,
120
+ client_secret: client_secret,
121
+ code: 'the_auth_code',
122
+ redirect_uri: nil
123
+ })
124
+
125
+ StubResponse.new({
126
+ "id_token" => "id_token",
127
+ "access_token" => "test_access_token",
128
+ "expires_in" => 86400},
129
+ true,
130
+ 200)
131
+ end
132
+
133
+ result = client_secret_instance.send :exchange_auth_code_for_tokens, 'the_auth_code'
134
+
135
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
136
+ expect(result.id_token).not_to be_nil
137
+ expect(result.access_token).not_to be_nil
138
+ expect(result.expires_in).not_to be_nil
139
+ end
140
+
141
+ it 'requests a new token using client_assertion' do
142
+ expect(RestClient::Request).to receive(:execute) do |arg|
143
+ expect(arg).to match(
144
+ include(
145
+ method: :post,
146
+ url: 'https://samples.auth0.com/oauth/token',
147
+ )
148
+ )
149
+
150
+ payload = JSON.parse arg[:payload], symbolize_names: true
151
+
152
+ expect(payload[:client_secret]).to be_nil
153
+ expect(payload[:client_assertion]).not_to be_nil
154
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
155
+
156
+ StubResponse.new({
157
+ "id_token" => "id_token",
158
+ "access_token" => "test_access_token",
159
+ "expires_in" => 86400},
160
+ true,
161
+ 200)
162
+ end
163
+
164
+ result = client_assertion_instance.send :exchange_auth_code_for_tokens, 'the_auth_code'
165
+
166
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
167
+ expect(result.id_token).not_to be_nil
168
+ expect(result.access_token).not_to be_nil
169
+ expect(result.expires_in).not_to be_nil
170
+ end
171
+ end
172
+
173
+ context 'exchange_refresh_token' do
174
+ it 'exchanges the refresh token using a client secret' do
175
+ expect(RestClient::Request).to receive(:execute) do |arg|
176
+ expect(arg).to match(
177
+ include(
178
+ method: :post,
179
+ url: 'https://samples.auth0.com/oauth/token'
180
+ )
181
+ )
182
+
183
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
184
+ grant_type: 'refresh_token',
185
+ client_id: client_id,
186
+ client_secret: client_secret,
187
+ refresh_token: 'the_refresh_token'
188
+ })
189
+
190
+ StubResponse.new({
191
+ "id_token" => "id_token",
192
+ "access_token" => "test_access_token",
193
+ "expires_in" => 86400},
194
+ true,
195
+ 200)
196
+ end
197
+
198
+ result = client_secret_instance.send :exchange_refresh_token, 'the_refresh_token'
199
+
200
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
201
+ expect(result.id_token).not_to be_nil
202
+ expect(result.access_token).not_to be_nil
203
+ expect(result.expires_in).not_to be_nil
204
+ end
205
+
206
+ it 'exchanges the refresh token using client_assertion' do
207
+ expect(RestClient::Request).to receive(:execute) do |arg|
208
+ expect(arg).to match(
209
+ include(
210
+ method: :post,
211
+ url: 'https://samples.auth0.com/oauth/token'
212
+ )
213
+ )
214
+
215
+ payload = JSON.parse arg[:payload], symbolize_names: true
216
+
217
+ expect(payload[:grant_type]).to eq('refresh_token')
218
+ expect(payload[:refresh_token]).to eq('the_refresh_token')
219
+ expect(payload[:client_secret]).to be_nil
220
+ expect(payload[:client_assertion]).not_to be_nil
221
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
222
+
223
+ StubResponse.new({
224
+ "id_token" => "id_token",
225
+ "access_token" => "test_access_token",
226
+ "expires_in" => 86400},
227
+ true,
228
+ 200)
229
+ end
230
+
231
+ result = client_assertion_instance.send :exchange_refresh_token, 'the_refresh_token'
232
+
233
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
234
+ expect(result.id_token).not_to be_nil
235
+ expect(result.access_token).not_to be_nil
236
+ expect(result.expires_in).not_to be_nil
237
+ end
238
+ end
239
+
240
+ context 'exchange_sms_otp_for_tokens', focus: true do
241
+ it 'requests the tokens using an OTP from SMS' do
242
+ expect(RestClient::Request).to receive(:execute) do |arg|
243
+ expect(arg).to match(
244
+ include(
245
+ method: :post,
246
+ url: 'https://samples.auth0.com/oauth/token'
247
+ )
248
+ )
249
+
250
+ payload = JSON.parse arg[:payload], symbolize_names: true
251
+
252
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
253
+ expect(payload[:username]).to eq 'phone_number'
254
+ expect(payload[:realm]).to eq 'sms'
255
+ expect(payload[:otp]).to eq 'code'
256
+ expect(payload[:client_id]).to eq client_id
257
+ expect(payload[:client_secret]).to eq client_secret
258
+ expect(payload[:scope]).to eq 'openid profile email'
259
+ expect(payload[:audience]).to be_nil
260
+
261
+ StubResponse.new({
262
+ "id_token" => "id_token",
263
+ "access_token" => "test_access_token",
264
+ "expires_in" => 86400},
265
+ true,
266
+ 200)
267
+ end
268
+
269
+ result = client_secret_instance.send :exchange_sms_otp_for_tokens, 'phone_number', 'code'
270
+
271
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
272
+ expect(result.id_token).not_to be_nil
273
+ expect(result.access_token).not_to be_nil
274
+ expect(result.expires_in).not_to be_nil
275
+ end
276
+
277
+ it 'requests the tokens using OTP from SMS, and overrides scope and audience' do
278
+ expect(RestClient::Request).to receive(:execute) do |arg|
279
+ expect(arg).to match(
280
+ include(
281
+ method: :post,
282
+ url: 'https://samples.auth0.com/oauth/token'
283
+ )
284
+ )
285
+
286
+ payload = JSON.parse arg[:payload], symbolize_names: true
287
+
288
+ expect(payload[:scope]).to eq 'openid'
289
+ expect(payload[:audience]).to eq api_identifier
290
+
291
+ StubResponse.new({
292
+ "id_token" => "id_token",
293
+ "access_token" => "test_access_token",
294
+ "expires_in" => 86400},
295
+ true,
296
+ 200)
297
+ end
298
+
299
+ result = client_secret_instance.send(:exchange_sms_otp_for_tokens, 'phone_number', 'code',
300
+ audience: api_identifier,
301
+ scope: 'openid'
302
+ )
303
+
304
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
305
+ expect(result.id_token).not_to be_nil
306
+ expect(result.access_token).not_to be_nil
307
+ expect(result.expires_in).not_to be_nil
308
+ end
309
+
310
+ it 'requests the tokens using an OTP from SMS using client assertion' do
311
+ expect(RestClient::Request).to receive(:execute) do |arg|
312
+ expect(arg).to match(
313
+ include(
314
+ method: :post,
315
+ url: 'https://samples.auth0.com/oauth/token'
316
+ )
317
+ )
318
+
319
+ payload = JSON.parse arg[:payload], symbolize_names: true
320
+
321
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
322
+ expect(payload[:client_secret]).to be_nil
323
+ expect(payload[:client_assertion]).not_to be_nil
324
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
325
+
326
+ StubResponse.new({
327
+ "id_token" => "id_token",
328
+ "access_token" => "test_access_token",
329
+ "expires_in" => 86400},
330
+ true,
331
+ 200)
332
+ end
333
+
334
+ client_assertion_instance.send :exchange_sms_otp_for_tokens, 'phone_number', 'code'
335
+ end
336
+ end
337
+
338
+ context 'exchange_email_otp_for_tokens', focus: true do
339
+ it 'requests the tokens using email OTP' do
340
+ expect(RestClient::Request).to receive(:execute) do |arg|
341
+ expect(arg).to match(
342
+ include(
343
+ method: :post,
344
+ url: 'https://samples.auth0.com/oauth/token'
345
+ )
346
+ )
347
+
348
+ payload = JSON.parse arg[:payload], symbolize_names: true
349
+
350
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
351
+ expect(payload[:username]).to eq 'email_address'
352
+ expect(payload[:realm]).to eq 'email'
353
+ expect(payload[:otp]).to eq 'code'
354
+ expect(payload[:client_id]).to eq client_id
355
+ expect(payload[:client_secret]).to eq client_secret
356
+ expect(payload[:scope]).to eq 'openid profile email'
357
+ expect(payload[:audience]).to be_nil
358
+
359
+ StubResponse.new({
360
+ "id_token" => "id_token",
361
+ "access_token" => "test_access_token",
362
+ "expires_in" => 86400},
363
+ true,
364
+ 200)
365
+ end
366
+
367
+ result = client_secret_instance.send :exchange_email_otp_for_tokens, 'email_address', 'code'
368
+
369
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
370
+ expect(result.id_token).not_to be_nil
371
+ expect(result.access_token).not_to be_nil
372
+ expect(result.expires_in).not_to be_nil
373
+ end
374
+
375
+ it 'requests the tokens using OTP from email, and overrides scope and audience' do
376
+ expect(RestClient::Request).to receive(:execute) do |arg|
377
+ expect(arg).to match(
378
+ include(
379
+ method: :post,
380
+ url: 'https://samples.auth0.com/oauth/token'
381
+ )
382
+ )
383
+
384
+ payload = JSON.parse arg[:payload], symbolize_names: true
385
+
386
+ expect(payload[:scope]).to eq 'openid'
387
+ expect(payload[:audience]).to eq api_identifier
388
+
389
+ StubResponse.new({
390
+ "id_token" => "id_token",
391
+ "access_token" => "test_access_token",
392
+ "expires_in" => 86400},
393
+ true,
394
+ 200)
395
+ end
396
+
397
+ client_secret_instance.send(:exchange_email_otp_for_tokens, 'email_address', 'code',
398
+ audience: api_identifier,
399
+ scope: 'openid'
400
+ )
401
+ end
402
+
403
+ it 'requests the tokens using OTP from email using client assertion' do
404
+ expect(RestClient::Request).to receive(:execute) do |arg|
405
+ expect(arg).to match(
406
+ include(
407
+ method: :post,
408
+ url: 'https://samples.auth0.com/oauth/token'
409
+ )
410
+ )
411
+
412
+ payload = JSON.parse arg[:payload], symbolize_names: true
413
+
414
+ expect(payload[:grant_type]).to eq 'http://auth0.com/oauth/grant-type/passwordless/otp'
415
+ expect(payload[:client_secret]).to be_nil
416
+ expect(payload[:client_assertion]).not_to be_nil
417
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
418
+
419
+ StubResponse.new({
420
+ "id_token" => "id_token",
421
+ "access_token" => "test_access_token",
422
+ "expires_in" => 86400},
423
+ true,
424
+ 200)
425
+ end
426
+
427
+ client_assertion_instance.send(:exchange_email_otp_for_tokens, 'email_address', 'code',
428
+ audience: api_identifier,
429
+ scope: 'openid'
430
+ )
431
+ end
432
+ end
433
+
434
+ context 'login_with_resource_owner' do
435
+ it 'logs in using a client secret' do
436
+ expect(RestClient::Request).to receive(:execute) do |arg|
437
+ expect(arg).to match(
438
+ include(
439
+ method: :post,
440
+ url: 'https://samples.auth0.com/oauth/token'
441
+ )
442
+ )
443
+
444
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
445
+ username: 'the_username',
446
+ password: 'the_password',
447
+ grant_type: 'password',
448
+ client_id: client_id,
449
+ client_secret: client_secret,
450
+ realm: nil,
451
+ audience: nil,
452
+ scope: 'openid'
453
+ })
454
+
455
+ StubResponse.new({
456
+ "id_token" => "id_token",
457
+ "access_token" => "test_access_token",
458
+ "expires_in" => 86400},
459
+ true,
460
+ 200)
461
+ end
462
+
463
+ result = client_secret_instance.send :login_with_resource_owner, 'the_username', 'the_password'
464
+
465
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
466
+ expect(result.id_token).not_to be_nil
467
+ expect(result.access_token).not_to be_nil
468
+ expect(result.expires_in).not_to be_nil
469
+ end
470
+
471
+ it 'logs in using a client secret, realm and audience' do
472
+ expect(RestClient::Request).to receive(:execute) do |arg|
473
+ expect(arg).to match(
474
+ include(
475
+ method: :post,
476
+ url: 'https://samples.auth0.com/oauth/token'
477
+ )
478
+ )
479
+
480
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
481
+ username: 'the_username',
482
+ password: 'the_password',
483
+ grant_type: 'http://auth0.com/oauth/grant-type/password-realm',
484
+ client_id: client_id,
485
+ client_secret: client_secret,
486
+ realm: 'my-realm',
487
+ audience: api_identifier,
488
+ scope: 'openid'
489
+ })
490
+
491
+ StubResponse.new({
492
+ "id_token" => "id_token",
493
+ "access_token" => "test_access_token",
494
+ "expires_in" => 86400},
495
+ true,
496
+ 200)
497
+ end
498
+
499
+ result = client_secret_instance.send :login_with_resource_owner, 'the_username', 'the_password', realm: 'my-realm', audience: api_identifier
500
+
501
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
502
+ expect(result.id_token).not_to be_nil
503
+ expect(result.access_token).not_to be_nil
504
+ expect(result.expires_in).not_to be_nil
505
+ end
506
+
507
+ it 'logs in using client assertion' do
508
+ expect(RestClient::Request).to receive(:execute) do |arg|
509
+ expect(arg).to match(
510
+ include(
511
+ method: :post,
512
+ url: 'https://samples.auth0.com/oauth/token'
513
+ )
514
+ )
515
+
516
+ payload = JSON.parse arg[:payload], symbolize_names: true
517
+
518
+ expect(payload[:grant_type]).to eq('password')
519
+ expect(payload[:client_secret]).to be_nil
520
+ expect(payload[:client_assertion]).not_to be_nil
521
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
522
+
523
+ StubResponse.new({
524
+ "id_token" => "id_token",
525
+ "access_token" => "test_access_token",
526
+ "expires_in" => 86400},
527
+ true,
528
+ 200)
529
+ end
530
+
531
+ result = client_assertion_instance.send :login_with_resource_owner, 'the_username', 'the_password'
532
+
533
+ expect(result).to be_a_kind_of(Auth0::AccessToken)
534
+ expect(result.id_token).not_to be_nil
535
+ expect(result.access_token).not_to be_nil
536
+ expect(result.expires_in).not_to be_nil
537
+ end
538
+ end
539
+
540
+ context 'start_passwordless_email_flow' do
541
+ it 'starts passwordless flow using a client secret' do
542
+ expect(RestClient::Request).to receive(:execute) do |arg|
543
+ expect(arg).to match(
544
+ include(
545
+ method: :post,
546
+ url: 'https://samples.auth0.com/passwordless/start'
547
+ )
548
+ )
549
+
550
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
551
+ email: 'email@test.com',
552
+ send: 'link',
553
+ authParams: {},
554
+ connection: 'email',
555
+ client_id: client_id,
556
+ client_secret: client_secret
557
+ })
558
+
559
+ StubResponse.new({}, true, 200)
560
+ end
561
+
562
+ client_secret_instance.send :start_passwordless_email_flow, 'email@test.com'
563
+ end
564
+
565
+ it 'starts passwordless email flow using client assertion' do
566
+ expect(RestClient::Request).to receive(:execute) do |arg|
567
+ expect(arg).to match(
568
+ include(
569
+ method: :post,
570
+ url: 'https://samples.auth0.com/passwordless/start'
571
+ )
572
+ )
573
+
574
+ payload = JSON.parse arg[:payload], symbolize_names: true
575
+
576
+ expect(payload[:client_secret]).to be_nil
577
+ expect(payload[:client_assertion]).not_to be_nil
578
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
579
+
580
+ StubResponse.new({}, true, 200)
581
+ end
582
+
583
+ client_assertion_instance.send :start_passwordless_email_flow, 'email@test.com'
584
+ end
585
+ end
586
+
587
+ context 'start_passwordless_sms_flow' do
588
+ it 'starts passwordless flow using a client secret' do
589
+ expect(RestClient::Request).to receive(:execute) do |arg|
590
+ expect(arg).to match(
591
+ include(
592
+ method: :post,
593
+ url: 'https://samples.auth0.com/passwordless/start'
594
+ )
595
+ )
596
+
597
+ expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq({
598
+ phone_number: '123456789',
599
+ connection: 'sms',
600
+ client_id: client_id,
601
+ client_secret: client_secret
602
+ })
603
+
604
+ StubResponse.new({}, true, 200)
605
+ end
606
+
607
+ client_secret_instance.send :start_passwordless_sms_flow, '123456789'
608
+ end
609
+
610
+ it 'starts passwordless email flow using client assertion' do
611
+ expect(RestClient::Request).to receive(:execute) do |arg|
612
+ expect(arg).to match(
613
+ include(
614
+ method: :post,
615
+ url: 'https://samples.auth0.com/passwordless/start'
616
+ )
617
+ )
618
+
619
+ payload = JSON.parse arg[:payload], symbolize_names: true
620
+
621
+ expect(payload[:client_secret]).to be_nil
622
+ expect(payload[:client_assertion]).not_to be_nil
623
+ expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
624
+
625
+ StubResponse.new({}, true, 200)
626
+ end
627
+
628
+ client_assertion_instance.send :start_passwordless_sms_flow, '123456789'
629
+ end
630
+ end
631
+ end
632
+ end
data/spec/lib/auth0/api/v2/clients_spec.rb CHANGED
@@ -101,4 +101,55 @@ describe Auth0::Api::V2::Clients do
101
101
  it { expect { @instance.patch_client('', nil) }.to raise_error 'Must specify a client id' }
102
102
  it { expect { @instance.patch_client('some', nil) }.to raise_error 'Must specify a valid body' }
103
103
  end
104
+
105
+ context '.create_client_credentials' do
106
+ it { expect(@instance).to respond_to(:create_client_credentials) }
107
+
108
+ it 'is expected to send post to /api/v2/clients/1/credentials' do
109
+ payload = { credential_type: 'public_key', name: 'my credentials', pem: '' }
110
+
111
+ expect(@instance).to receive(:post).with('/api/v2/clients/1/credentials', payload)
112
+ expect { @instance.create_client_credentials('1', payload) }.not_to raise_error
113
+ end
114
+
115
+ it { expect { @instance.create_client_credentials('', nil) }.to raise_error 'Must specify a client id' }
116
+ it { expect { @instance.create_client_credentials('1', nil) }.to raise_error 'Must specify a valid body' }
117
+ end
118
+
119
+ context '.client_credentials' do
120
+ it { expect(@instance).to respond_to(:client_credentials) }
121
+ it { expect(@instance).to respond_to(:get_client_credentials) }
122
+
123
+ it 'is expected to send get to /api/v2/clients/1/credentials' do
124
+ expect(@instance).to receive(:get).with('/api/v2/clients/1/credentials')
125
+ expect { @instance.client_credentials('1') }.not_to raise_error
126
+ end
127
+
128
+ it { expect { @instance.client_credentials('') }.to raise_error 'Must specify a client id' }
129
+ end
130
+
131
+ context '.client_credential' do
132
+ it { expect(@instance).to respond_to(:client_credential) }
133
+ it { expect(@instance).to respond_to(:get_client_credential) }
134
+
135
+ it 'is expected to send get to /api/v2/clients/1/credentials/2' do
136
+ expect(@instance).to receive(:get).with('/api/v2/clients/1/credentials/2')
137
+ expect { @instance.client_credential('1', '2') }.not_to raise_error
138
+ end
139
+
140
+ it { expect { @instance.client_credential('', '') }.to raise_error 'Must specify a client id' }
141
+ it { expect { @instance.client_credential('1', '') }.to raise_error 'Must specify a credential id' }
142
+ end
143
+
144
+ context '.delete_client_credential' do
145
+ it { expect(@instance).to respond_to(:delete_client_credential) }
146
+
147
+ it 'is expected to delete /api/v2/clients/1/credentials/2' do
148
+ expect(@instance).to receive(:delete).with('/api/v2/clients/1/credentials/2')
149
+ expect { @instance.delete_client_credential('1', '2') }.not_to raise_error
150
+ end
151
+
152
+ it { expect { @instance.delete_client_credential('', '') }.to raise_error 'Must specify a client id' }
153
+ it { expect { @instance.delete_client_credential('1', '') }.to raise_error 'Must specify a credential id' }
154
+ end
104
155
  end