auth0 5.10.0 → 5.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/config.yml +5 -4
- data/.devcontainer/devcontainer.json +1 -1
- data/.semgrepignore +6 -0
- data/CHANGELOG.md +29 -0
- data/DEVELOPMENT.md +35 -0
- data/EXAMPLES.md +220 -0
- data/Gemfile.lock +58 -66
- data/README.md +67 -253
- data/auth0.gemspec +0 -2
- data/examples/ruby-api/Gemfile.lock +5 -4
- data/examples/ruby-on-rails-api/README.md +0 -2
- data/lib/auth0/api/authentication_endpoints.rb +107 -13
- data/lib/auth0/api/v2/clients.rb +42 -0
- data/lib/auth0/api/v2/users.rb +116 -0
- data/lib/auth0/client_assertion.rb +45 -0
- data/lib/auth0/mixins/httpproxy.rb +5 -2
- data/lib/auth0/mixins/initializer.rb +2 -0
- data/lib/auth0/mixins/token_management.rb +1 -1
- data/lib/auth0/version.rb +1 -1
- data/opslevel.yml +5 -0
- data/spec/lib/auth0/api/authentication_endpoints_spec.rb +722 -0
- data/spec/lib/auth0/api/v2/clients_spec.rb +51 -0
- data/spec/lib/auth0/api/v2/users_spec.rb +218 -0
- data/spec/lib/auth0/mixins/httpproxy_spec.rb +38 -77
- data/spec/lib/auth0/mixins/initializer_spec.rb +79 -25
- data/spec/lib/auth0/mixins/token_management_spec.rb +45 -30
- data/spec/spec_helper.rb +0 -1
- data/spec/support/dummy_class_for_tokens.rb +3 -0
- metadata +9 -31
@@ -101,4 +101,55 @@ describe Auth0::Api::V2::Clients do
|
|
101
101
|
it { expect { @instance.patch_client('', nil) }.to raise_error 'Must specify a client id' }
|
102
102
|
it { expect { @instance.patch_client('some', nil) }.to raise_error 'Must specify a valid body' }
|
103
103
|
end
|
104
|
+
|
105
|
+
context '.create_client_credentials' do
|
106
|
+
it { expect(@instance).to respond_to(:create_client_credentials) }
|
107
|
+
|
108
|
+
it 'is expected to send post to /api/v2/clients/1/credentials' do
|
109
|
+
payload = { credential_type: 'public_key', name: 'my credentials', pem: '' }
|
110
|
+
|
111
|
+
expect(@instance).to receive(:post).with('/api/v2/clients/1/credentials', payload)
|
112
|
+
expect { @instance.create_client_credentials('1', payload) }.not_to raise_error
|
113
|
+
end
|
114
|
+
|
115
|
+
it { expect { @instance.create_client_credentials('', nil) }.to raise_error 'Must specify a client id' }
|
116
|
+
it { expect { @instance.create_client_credentials('1', nil) }.to raise_error 'Must specify a valid body' }
|
117
|
+
end
|
118
|
+
|
119
|
+
context '.client_credentials' do
|
120
|
+
it { expect(@instance).to respond_to(:client_credentials) }
|
121
|
+
it { expect(@instance).to respond_to(:get_client_credentials) }
|
122
|
+
|
123
|
+
it 'is expected to send get to /api/v2/clients/1/credentials' do
|
124
|
+
expect(@instance).to receive(:get).with('/api/v2/clients/1/credentials')
|
125
|
+
expect { @instance.client_credentials('1') }.not_to raise_error
|
126
|
+
end
|
127
|
+
|
128
|
+
it { expect { @instance.client_credentials('') }.to raise_error 'Must specify a client id' }
|
129
|
+
end
|
130
|
+
|
131
|
+
context '.client_credential' do
|
132
|
+
it { expect(@instance).to respond_to(:client_credential) }
|
133
|
+
it { expect(@instance).to respond_to(:get_client_credential) }
|
134
|
+
|
135
|
+
it 'is expected to send get to /api/v2/clients/1/credentials/2' do
|
136
|
+
expect(@instance).to receive(:get).with('/api/v2/clients/1/credentials/2')
|
137
|
+
expect { @instance.client_credential('1', '2') }.not_to raise_error
|
138
|
+
end
|
139
|
+
|
140
|
+
it { expect { @instance.client_credential('', '') }.to raise_error 'Must specify a client id' }
|
141
|
+
it { expect { @instance.client_credential('1', '') }.to raise_error 'Must specify a credential id' }
|
142
|
+
end
|
143
|
+
|
144
|
+
context '.delete_client_credential' do
|
145
|
+
it { expect(@instance).to respond_to(:delete_client_credential) }
|
146
|
+
|
147
|
+
it 'is expected to delete /api/v2/clients/1/credentials/2' do
|
148
|
+
expect(@instance).to receive(:delete).with('/api/v2/clients/1/credentials/2')
|
149
|
+
expect { @instance.delete_client_credential('1', '2') }.not_to raise_error
|
150
|
+
end
|
151
|
+
|
152
|
+
it { expect { @instance.delete_client_credential('', '') }.to raise_error 'Must specify a client id' }
|
153
|
+
it { expect { @instance.delete_client_credential('1', '') }.to raise_error 'Must specify a credential id' }
|
154
|
+
end
|
104
155
|
end
|
@@ -583,4 +583,222 @@ describe Auth0::Api::V2::Users do
|
|
583
583
|
end.not_to raise_error
|
584
584
|
end
|
585
585
|
end
|
586
|
+
|
587
|
+
context '.get_user_authentication_methods' do
|
588
|
+
it 'is expected to respond to user_authentication_methods method' do
|
589
|
+
expect(@instance).to respond_to(:user_authentication_methods)
|
590
|
+
end
|
591
|
+
|
592
|
+
it 'is expected to respond to get_user_authentication_methods method' do
|
593
|
+
expect(@instance).to respond_to(:get_user_authentication_methods)
|
594
|
+
end
|
595
|
+
|
596
|
+
it 'is expected to raise an exception when the user ID is empty' do
|
597
|
+
expect { @instance.user_authentication_methods(nil) }.to raise_exception(Auth0::MissingUserId)
|
598
|
+
end
|
599
|
+
|
600
|
+
it 'is expected to get user authentication methods' do
|
601
|
+
expect(@instance).to receive(:get).with(
|
602
|
+
'/api/v2/users/USER_ID/authentication-methods', {
|
603
|
+
per_page: nil,
|
604
|
+
page: nil,
|
605
|
+
include_totals: nil
|
606
|
+
}
|
607
|
+
)
|
608
|
+
|
609
|
+
expect do
|
610
|
+
@instance.user_authentication_methods('USER_ID')
|
611
|
+
end.not_to raise_error
|
612
|
+
end
|
613
|
+
|
614
|
+
it 'is expected to get user authentication methods with paging' do
|
615
|
+
expect(@instance).to receive(:get).with(
|
616
|
+
'/api/v2/users/USER_ID/authentication-methods', {
|
617
|
+
per_page: 1,
|
618
|
+
page: 2,
|
619
|
+
include_totals: true
|
620
|
+
}
|
621
|
+
)
|
622
|
+
|
623
|
+
expect do
|
624
|
+
@instance.user_authentication_methods('USER_ID', per_page: 1, page: 2, include_totals: true)
|
625
|
+
end.not_to raise_error
|
626
|
+
end
|
627
|
+
end
|
628
|
+
|
629
|
+
context '.get_user_authentication_method' do
|
630
|
+
it 'is expected to respond to get_user_authentication_method' do
|
631
|
+
expect(@instance).to respond_to :user_authentication_method
|
632
|
+
end
|
633
|
+
|
634
|
+
it 'is expected to respond to get_user_authentication_method' do
|
635
|
+
expect(@instance).to respond_to :get_user_authentication_method
|
636
|
+
end
|
637
|
+
|
638
|
+
it 'is expected to raise an exception for a missing user ID' do
|
639
|
+
expect { @instance.user_authentication_method(nil, nil) }.to raise_exception(Auth0::MissingUserId)
|
640
|
+
end
|
641
|
+
|
642
|
+
it 'is expected to raise an exception for a missing authentication method ID' do
|
643
|
+
expect { @instance.user_authentication_method('USER_ID', nil) }.to raise_exception(Auth0::MissingParameter)
|
644
|
+
end
|
645
|
+
|
646
|
+
it 'is expected to GET a user authentication method' do
|
647
|
+
expect(@instance).to receive(:get).with(
|
648
|
+
'/api/v2/users/USER_ID/authentication-methods/AUTH_METHOD_ID'
|
649
|
+
)
|
650
|
+
|
651
|
+
expect do
|
652
|
+
@instance.user_authentication_method('USER_ID', 'AUTH_METHOD_ID')
|
653
|
+
end.not_to raise_error
|
654
|
+
|
655
|
+
end
|
656
|
+
end
|
657
|
+
|
658
|
+
context '.create_user_authentication_method' do
|
659
|
+
it 'is expected to respond to create_user_authentication_method' do
|
660
|
+
expect(@instance).to respond_to :create_user_authentication_method
|
661
|
+
end
|
662
|
+
|
663
|
+
it 'is expected to respond to post_user_authentication_method' do
|
664
|
+
expect(@instance).to respond_to :post_user_authentication_method
|
665
|
+
end
|
666
|
+
|
667
|
+
it 'is expected to raise an exception for a missing user ID' do
|
668
|
+
expect { @instance.create_user_authentication_method(nil, nil) }.to raise_exception(Auth0::MissingUserId)
|
669
|
+
end
|
670
|
+
|
671
|
+
it 'is expected to raise an exception for a missing body' do
|
672
|
+
expect { @instance.create_user_authentication_method('USER_ID', nil) }.to raise_exception(Auth0::MissingParameter)
|
673
|
+
end
|
674
|
+
|
675
|
+
it 'is expected to send the body to the endpoint' do
|
676
|
+
body = {
|
677
|
+
type: 'phone'
|
678
|
+
}
|
679
|
+
|
680
|
+
expect(@instance).to receive(:post).with(
|
681
|
+
'/api/v2/users/USER_ID/authentication-methods',
|
682
|
+
body
|
683
|
+
)
|
684
|
+
|
685
|
+
expect do
|
686
|
+
@instance.create_user_authentication_method 'USER_ID', body
|
687
|
+
end.not_to raise_error
|
688
|
+
end
|
689
|
+
end
|
690
|
+
|
691
|
+
context '.put_all_user_authentication_methods' do
|
692
|
+
it 'is expected to respond to put_all_user_authentication_methods' do
|
693
|
+
expect(@instance).to respond_to(:put_all_user_authentication_methods)
|
694
|
+
end
|
695
|
+
|
696
|
+
it 'is expected to respond to update_all_user_authentication_methods' do
|
697
|
+
expect(@instance).to respond_to(:update_all_user_authentication_methods)
|
698
|
+
end
|
699
|
+
|
700
|
+
it 'is expected to raise an exception for a missing user ID' do
|
701
|
+
expect { @instance.put_all_user_authentication_methods(nil, nil) }.to raise_exception(Auth0::MissingUserId)
|
702
|
+
end
|
703
|
+
|
704
|
+
it 'is expected to raise an exception for a missing body' do
|
705
|
+
expect { @instance.put_all_user_authentication_methods('USER_ID', nil) }.to raise_exception(Auth0::MissingParameter)
|
706
|
+
end
|
707
|
+
|
708
|
+
it 'is expected to send the body to the endpoint' do
|
709
|
+
body = {
|
710
|
+
type: 'phone'
|
711
|
+
}
|
712
|
+
|
713
|
+
expect(@instance).to receive(:put).with(
|
714
|
+
'/api/v2/users/USER_ID/authentication-methods',
|
715
|
+
[body]
|
716
|
+
)
|
717
|
+
|
718
|
+
expect do
|
719
|
+
@instance.put_all_user_authentication_methods 'USER_ID', [body]
|
720
|
+
end.to_not raise_error
|
721
|
+
end
|
722
|
+
end
|
723
|
+
|
724
|
+
context '.patch_user_authentication_method' do
|
725
|
+
it 'is expected to respond to patch_user_authentication_method' do
|
726
|
+
expect(@instance).to respond_to(:patch_user_authentication_method)
|
727
|
+
end
|
728
|
+
|
729
|
+
it 'is expected to respond to update_user_authentication_method' do
|
730
|
+
expect(@instance).to respond_to(:update_user_authentication_method)
|
731
|
+
end
|
732
|
+
|
733
|
+
it 'is expected to raise an exception for a missing user ID' do
|
734
|
+
expect { @instance.patch_user_authentication_method(nil, nil, nil) }.to raise_exception(Auth0::MissingUserId)
|
735
|
+
end
|
736
|
+
|
737
|
+
it 'is expected to raise an exception for a missing authentication_method_id' do
|
738
|
+
expect { @instance.patch_user_authentication_method('USER_ID', nil, nil) }.to raise_exception(Auth0::MissingParameter)
|
739
|
+
end
|
740
|
+
|
741
|
+
it 'is expected to raise an exception for a missing body' do
|
742
|
+
expect { @instance.patch_user_authentication_method('USER_ID', 'AUTH_METHOD_ID', nil) }.to raise_exception(Auth0::MissingParameter)
|
743
|
+
end
|
744
|
+
|
745
|
+
it 'is expected to send the body to the endpoint' do
|
746
|
+
body = {
|
747
|
+
name: 'auth method name'
|
748
|
+
}
|
749
|
+
|
750
|
+
expect(@instance).to receive(:patch).with(
|
751
|
+
'/api/v2/users/USER_ID/authentication-methods/AUTH_METHOD_ID',
|
752
|
+
body
|
753
|
+
)
|
754
|
+
|
755
|
+
expect do
|
756
|
+
@instance.patch_user_authentication_method 'USER_ID', 'AUTH_METHOD_ID', body
|
757
|
+
end.to_not raise_error
|
758
|
+
end
|
759
|
+
end
|
760
|
+
|
761
|
+
context '.delete_user_authentication_methods' do
|
762
|
+
it 'is expected to respond to delete_user_authentication_methods' do
|
763
|
+
expect(@instance).to respond_to(:delete_user_authentication_methods)
|
764
|
+
end
|
765
|
+
|
766
|
+
it 'is expected to raise an exception for a missing user ID' do
|
767
|
+
expect { @instance.delete_user_authentication_methods(nil) }.to raise_exception(Auth0::MissingUserId)
|
768
|
+
end
|
769
|
+
|
770
|
+
it 'is expected to call the endpoint' do
|
771
|
+
expect(@instance).to receive(:delete).with(
|
772
|
+
'/api/v2/users/USER_ID/authentication-methods'
|
773
|
+
)
|
774
|
+
|
775
|
+
expect do
|
776
|
+
@instance.delete_user_authentication_methods 'USER_ID'
|
777
|
+
end.to_not raise_error
|
778
|
+
end
|
779
|
+
end
|
780
|
+
|
781
|
+
context '.delete_user_authentication_method' do
|
782
|
+
it 'is expected to respond to delete_user_authentication_method' do
|
783
|
+
expect(@instance).to respond_to(:delete_user_authentication_method)
|
784
|
+
end
|
785
|
+
|
786
|
+
it 'is expected to raise an exception for a missing user ID' do
|
787
|
+
expect { @instance.delete_user_authentication_method(nil, nil) }.to raise_exception(Auth0::MissingUserId)
|
788
|
+
end
|
789
|
+
|
790
|
+
it 'is expected to raise an exception for a missing authentication_method_id' do
|
791
|
+
expect { @instance.delete_user_authentication_method('USER_ID', nil) }.to raise_exception(Auth0::MissingParameter)
|
792
|
+
end
|
793
|
+
|
794
|
+
it 'is expected to call the endpoint' do
|
795
|
+
expect(@instance).to receive(:delete).with(
|
796
|
+
'/api/v2/users/USER_ID/authentication-methods/AUTH_METHOD_ID'
|
797
|
+
)
|
798
|
+
|
799
|
+
expect do
|
800
|
+
@instance.delete_user_authentication_method 'USER_ID', 'AUTH_METHOD_ID'
|
801
|
+
end.to_not raise_error
|
802
|
+
end
|
803
|
+
end
|
586
804
|
end
|
@@ -250,25 +250,37 @@ describe Auth0::Mixins::HTTPProxy do
|
|
250
250
|
end
|
251
251
|
end
|
252
252
|
|
253
|
-
|
253
|
+
def expected_payload(method, overrides = {})
|
254
|
+
if method == :post_form
|
255
|
+
{
|
256
|
+
method: :post,
|
257
|
+
url: 'https://auth0.com/test',
|
258
|
+
timeout: nil,
|
259
|
+
headers: nil,
|
260
|
+
payload: {}
|
261
|
+
}.merge(overrides)
|
262
|
+
else
|
263
|
+
{
|
264
|
+
method: method,
|
265
|
+
url: 'https://auth0.com/test',
|
266
|
+
timeout: nil,
|
267
|
+
headers: nil,
|
268
|
+
payload: '{}'
|
269
|
+
}.merge(overrides)
|
270
|
+
end
|
271
|
+
end
|
272
|
+
|
273
|
+
%i(post post_form put patch).each do |http_method|
|
254
274
|
context ".#{http_method}" do
|
255
275
|
it { expect(@instance).to respond_to(http_method.to_sym) }
|
256
|
-
it "should call send http #{http_method} method to path defined through HTTP"
|
257
|
-
expect(RestClient::Request).to receive(:execute).with(
|
258
|
-
url: 'https://auth0.com/test',
|
259
|
-
timeout: nil,
|
260
|
-
headers: nil,
|
261
|
-
payload: '{}')
|
276
|
+
it "should call send http #{http_method} method to path defined through HTTP"do
|
277
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
262
278
|
.and_return(StubResponse.new({}, true, 200))
|
263
279
|
expect { @instance.send(http_method, '/test') }.not_to raise_error
|
264
280
|
end
|
265
281
|
|
266
282
|
it 'should not raise exception if data returned not in json format (should be fixed in v2)' do
|
267
|
-
allow(RestClient::Request).to receive(:execute).with(
|
268
|
-
url: 'https://auth0.com/test',
|
269
|
-
timeout: nil,
|
270
|
-
headers: nil,
|
271
|
-
payload: '{}')
|
283
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
272
284
|
.and_return(StubResponse.new('Some random text here', true, 200))
|
273
285
|
expect { @instance.send(http_method, '/test') }.not_to raise_error
|
274
286
|
expect(@instance.send(http_method, '/test')).to eql('Some random text here')
|
@@ -277,11 +289,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
277
289
|
it "should raise Auth0::Unauthorized on send http #{http_method} method
|
278
290
|
to path defined through HTTP when 401 status received" do
|
279
291
|
@exception.response = StubResponse.new({}, false, 401)
|
280
|
-
allow(RestClient::Request).to receive(:execute).with(
|
281
|
-
url: 'https://auth0.com/test',
|
282
|
-
timeout: nil,
|
283
|
-
headers: nil,
|
284
|
-
payload: '{}')
|
292
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
285
293
|
.and_raise(@exception)
|
286
294
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::Unauthorized)
|
287
295
|
end
|
@@ -294,11 +302,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
294
302
|
:x_ratelimit_reset => 1560564149
|
295
303
|
}
|
296
304
|
@exception.response = StubResponse.new({}, false, 429,headers)
|
297
|
-
allow(RestClient::Request).to receive(:execute).with(
|
298
|
-
url: 'https://auth0.com/test',
|
299
|
-
timeout: nil,
|
300
|
-
headers: nil,
|
301
|
-
payload: '{}')
|
305
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
302
306
|
.and_raise(@exception)
|
303
307
|
expect { @instance.send(http_method, '/test') }.to raise_error { |error|
|
304
308
|
expect(error).to be_a(Auth0::RateLimitEncountered)
|
@@ -317,11 +321,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
317
321
|
it "should raise Auth0::NotFound on send http #{http_method} method
|
318
322
|
to path defined through HTTP when 404 status received" do
|
319
323
|
@exception.response = StubResponse.new({}, false, 404)
|
320
|
-
allow(RestClient::Request).to receive(:execute).with(
|
321
|
-
url: 'https://auth0.com/test',
|
322
|
-
timeout: nil,
|
323
|
-
headers: nil,
|
324
|
-
payload: '{}')
|
324
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
325
325
|
.and_raise(@exception)
|
326
326
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound)
|
327
327
|
end
|
@@ -329,22 +329,14 @@ describe Auth0::Mixins::HTTPProxy do
|
|
329
329
|
it "should raise Auth0::Unsupported on send http #{http_method} method
|
330
330
|
to path defined through HTTP when 418 or other unknown status received" do
|
331
331
|
@exception.response = StubResponse.new({}, false, 418)
|
332
|
-
allow(RestClient::Request).to receive(:execute).with(
|
333
|
-
url: 'https://auth0.com/test',
|
334
|
-
timeout: nil,
|
335
|
-
headers: nil,
|
336
|
-
payload: '{}')
|
332
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
337
333
|
.and_raise(@exception)
|
338
334
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::Unsupported)
|
339
335
|
end
|
340
336
|
|
341
337
|
it "should raise Auth0::RequestTimeout on send http #{http_method} method
|
342
338
|
to path defined through HTTP when RestClient::RequestTimeout received" do
|
343
|
-
allow(RestClient::Request).to receive(:execute).with(
|
344
|
-
url: 'https://auth0.com/test',
|
345
|
-
timeout: nil,
|
346
|
-
headers: nil,
|
347
|
-
payload: '{}')
|
339
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
348
340
|
.and_raise(RestClient::Exceptions::OpenTimeout.new)
|
349
341
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::RequestTimeout)
|
350
342
|
end
|
@@ -352,11 +344,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
352
344
|
it "should raise Auth0::BadRequest on send http #{http_method} method
|
353
345
|
to path defined through HTTP when 400 status received" do
|
354
346
|
@exception.response = StubResponse.new({}, false, 400)
|
355
|
-
allow(RestClient::Request).to receive(:execute).with(
|
356
|
-
url: 'https://auth0.com/test',
|
357
|
-
timeout: nil,
|
358
|
-
headers: nil,
|
359
|
-
payload: '{}')
|
347
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
360
348
|
.and_raise(@exception)
|
361
349
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::BadRequest)
|
362
350
|
end
|
@@ -364,20 +352,13 @@ describe Auth0::Mixins::HTTPProxy do
|
|
364
352
|
it "should raise Auth0::ServerError on send http #{http_method} method
|
365
353
|
to path defined through HTTP when 500 received" do
|
366
354
|
@exception.response = StubResponse.new({}, false, 500)
|
367
|
-
allow(RestClient::Request).to receive(:execute).with(
|
368
|
-
timeout: nil,
|
369
|
-
headers: nil,
|
370
|
-
payload: '{}')
|
355
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
371
356
|
.and_raise(@exception)
|
372
357
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::ServerError)
|
373
358
|
end
|
374
359
|
|
375
360
|
it 'should normalize path with Addressable::URI' do
|
376
|
-
expect(RestClient::Request).to receive(:execute).with(
|
377
|
-
url: 'https://auth0.com/te%20st',
|
378
|
-
timeout: nil,
|
379
|
-
headers: nil,
|
380
|
-
payload: '{}')
|
361
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method, url: 'https://auth0.com/te%20st'))
|
381
362
|
.and_return(StubResponse.new({}, true, 200))
|
382
363
|
expect { @instance.send(http_method, '/te st') }.not_to raise_error
|
383
364
|
end
|
@@ -388,11 +369,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
388
369
|
'message' => "Path validation error: 'String does not match pattern ^.+\\|.+$:
|
389
370
|
3241312' on property id (The user_id of the user to retrieve).",
|
390
371
|
'errorCode' => 'invalid_uri')
|
391
|
-
expect(RestClient::Request).to receive(:execute).with(
|
392
|
-
url: 'https://auth0.com/test',
|
393
|
-
timeout: nil,
|
394
|
-
headers: nil,
|
395
|
-
payload: '{}')
|
372
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
396
373
|
.and_return(StubResponse.new(res, true, 404))
|
397
374
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound, res)
|
398
375
|
end
|
@@ -404,11 +381,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
404
381
|
retry_instance.base_uri = "https://auth0.com"
|
405
382
|
|
406
383
|
@exception.response = StubResponse.new({}, false, 429)
|
407
|
-
allow(RestClient::Request).to receive(:execute).with(
|
408
|
-
url: 'https://auth0.com/test',
|
409
|
-
timeout: nil,
|
410
|
-
headers: nil,
|
411
|
-
payload: '{}')
|
384
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
412
385
|
.and_raise(@exception)
|
413
386
|
expect(RestClient::Request).to receive(:execute).exactly(4).times
|
414
387
|
|
@@ -424,11 +397,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
424
397
|
retry_instance.retry_count = 2
|
425
398
|
|
426
399
|
@exception.response = StubResponse.new({}, false, 429)
|
427
|
-
allow(RestClient::Request).to receive(:execute).with(
|
428
|
-
url: 'https://auth0.com/test',
|
429
|
-
timeout: nil,
|
430
|
-
headers: nil,
|
431
|
-
payload: '{}')
|
400
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
432
401
|
.and_raise(@exception)
|
433
402
|
expect(RestClient::Request).to receive(:execute).exactly(3).times
|
434
403
|
|
@@ -445,11 +414,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
445
414
|
|
446
415
|
@exception.response = StubResponse.new({}, false, 429)
|
447
416
|
|
448
|
-
allow(RestClient::Request).to receive(:execute).with(
|
449
|
-
url: 'https://auth0.com/test',
|
450
|
-
timeout: nil,
|
451
|
-
headers: nil,
|
452
|
-
payload: '{}')
|
417
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
453
418
|
.and_raise(@exception)
|
454
419
|
|
455
420
|
expect(RestClient::Request).to receive(:execute).exactly(1).times
|
@@ -467,11 +432,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
467
432
|
@time_start
|
468
433
|
|
469
434
|
@exception.response = StubResponse.new({}, false, 429)
|
470
|
-
allow(RestClient::Request).to receive(:execute).with(
|
471
|
-
url: 'https://auth0.com/test',
|
472
|
-
timeout: nil,
|
473
|
-
headers: nil,
|
474
|
-
payload: '{}') do
|
435
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method)) do
|
475
436
|
|
476
437
|
time_entries.push(Time.now.to_f - @time_start.to_f)
|
477
438
|
@time_start = Time.now.to_f # restart the clock
|
@@ -492,6 +453,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
492
453
|
end
|
493
454
|
end
|
494
455
|
end
|
456
|
+
end
|
495
457
|
|
496
458
|
context "Renewing tokens" do
|
497
459
|
let(:httpproxy_instance) {
|
@@ -546,7 +508,6 @@ describe Auth0::Mixins::HTTPProxy do
|
|
546
508
|
end
|
547
509
|
end
|
548
510
|
end
|
549
|
-
end
|
550
511
|
|
551
512
|
context "Using cached tokens" do
|
552
513
|
let(:httpproxy_instance) {
|
@@ -13,6 +13,15 @@ describe Auth0::Mixins::Initializer do
|
|
13
13
|
let(:params) { { namespace: 'samples.auth0.com' } }
|
14
14
|
let(:instance) { DummyClassForProxy.send(:include, described_class).new(params) }
|
15
15
|
let(:time_now) { Time.now }
|
16
|
+
|
17
|
+
let(:client_assertion_signing_key_pair) do
|
18
|
+
rsa_private = OpenSSL::PKey::RSA.generate 2048
|
19
|
+
|
20
|
+
{
|
21
|
+
public_key: rsa_private.public_key,
|
22
|
+
private_key: rsa_private
|
23
|
+
}
|
24
|
+
end
|
16
25
|
|
17
26
|
context 'api v2' do
|
18
27
|
it 'sets retry_count when passed' do
|
@@ -45,31 +54,76 @@ describe Auth0::Mixins::Initializer do
|
|
45
54
|
expect(instance.instance_variable_get('@token')).to eq('123')
|
46
55
|
end
|
47
56
|
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
57
|
+
context 'with a client secret' do
|
58
|
+
it 'fetches a token if none was given' do
|
59
|
+
params[:client_id] = client_id = 'test_client_id'
|
60
|
+
params[:client_secret] = client_secret = 'test_client_secret'
|
61
|
+
params[:api_identifier] = api_identifier = 'test'
|
62
|
+
|
63
|
+
payload = {
|
64
|
+
grant_type: 'client_credentials',
|
65
|
+
client_id: client_id,
|
66
|
+
client_secret: client_secret,
|
67
|
+
audience: api_identifier
|
68
|
+
}
|
69
|
+
|
70
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
71
|
+
expect(arg).to(match(
|
72
|
+
include(
|
73
|
+
method: :post,
|
74
|
+
url: 'https://samples.auth0.com/oauth/token'
|
75
|
+
)
|
76
|
+
))
|
77
|
+
|
78
|
+
expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
|
79
|
+
|
80
|
+
StubResponse.new({
|
81
|
+
"access_token" => "test",
|
82
|
+
"expires_in" => 86400},
|
83
|
+
true,
|
84
|
+
200)
|
85
|
+
end
|
86
|
+
|
87
|
+
expect(instance.instance_variable_get('@token')).to eq('test')
|
88
|
+
expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
|
89
|
+
end
|
90
|
+
end
|
91
|
+
|
92
|
+
context 'with a client assertion signing key' do
|
93
|
+
it 'fetches a token if none was given' do
|
94
|
+
private_key = client_assertion_signing_key_pair[:private_key]
|
95
|
+
|
96
|
+
params[:client_id] = client_id = 'test_client_id'
|
97
|
+
params[:api_identifier] = api_identifier = 'test'
|
98
|
+
params[:client_assertion_signing_key] = private_key
|
99
|
+
|
100
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
101
|
+
expect(arg).to(match(
|
102
|
+
include(
|
103
|
+
method: :post,
|
104
|
+
url: 'https://samples.auth0.com/oauth/token'
|
105
|
+
)
|
106
|
+
))
|
107
|
+
|
108
|
+
payload = JSON.parse(arg[:payload], { symbolize_names: true })
|
109
|
+
|
110
|
+
expect(payload[:grant_type]).to eq 'client_credentials'
|
111
|
+
expect(payload[:client_id]).to eq client_id
|
112
|
+
expect(payload[:audience]).to eq api_identifier
|
113
|
+
expect(payload[:client_secret]).to be_nil
|
114
|
+
expect(payload[:client_assertion]).not_to be_nil
|
115
|
+
expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
|
116
|
+
|
117
|
+
StubResponse.new({
|
118
|
+
"access_token" => "test",
|
119
|
+
"expires_in" => 86400},
|
120
|
+
true,
|
121
|
+
200)
|
122
|
+
end
|
123
|
+
|
124
|
+
expect(instance.instance_variable_get('@token')).to eq('test')
|
125
|
+
expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
|
126
|
+
end
|
73
127
|
end
|
74
128
|
|
75
129
|
it "doesn't get a new token if one was supplied using 'token'" do
|