auth0 5.12.0 → 5.13.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +3 -2
- data/.semgrepignore +6 -0
- data/CHANGELOG.md +9 -0
- data/Gemfile.lock +27 -27
- data/examples/ruby-api/Gemfile.lock +1 -1
- data/lib/auth0/api/authentication_endpoints.rb +37 -0
- data/lib/auth0/mixins/httpproxy.rb +5 -2
- data/lib/auth0/version.rb +1 -1
- data/spec/lib/auth0/api/authentication_endpoints_spec.rb +90 -0
- data/spec/lib/auth0/mixins/httpproxy_spec.rb +38 -77
- data/spec/support/dummy_class_for_tokens.rb +1 -0
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cb764cc8daf156b3d3736bff8c65c69c32db6d15757f2e450ea85eb0dca300c0
|
|
4
|
+
data.tar.gz: b0cfc02df42818062bc5cb609daaffd04806f9ea92f771caf58575b9faa781c8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 68c6502714f8c631aa92a0b29d387e662cf06b9ec4e18f4d12e3260a7068a5e754b1f29bc60a76b2defa54763919ee9b6e31ffb5181d1c0d38c584bf4d0186a3
|
|
7
|
+
data.tar.gz: 26a2e83b7aa49807d45cda688d857d8dc93177bdd4a47b92b0e952561a2dbda2a056a15c537b71a787d22ddebb5ebb4fddb9f7e83fb26ce7e769b1c23a49c221
|
data/.circleci/config.yml
CHANGED
|
@@ -6,7 +6,7 @@ orbs:
|
|
|
6
6
|
matrix_ruby_versions: &matrix_ruby_versions
|
|
7
7
|
matrix:
|
|
8
8
|
parameters:
|
|
9
|
-
ruby_version: ["
|
|
9
|
+
ruby_version: ["3.0", "3.1", "3.2"]
|
|
10
10
|
# Default version of ruby to use for lint and publishing
|
|
11
11
|
default_ruby_version: &default_ruby_version "3.2"
|
|
12
12
|
|
|
@@ -41,7 +41,8 @@ jobs:
|
|
|
41
41
|
- vendor/bundle
|
|
42
42
|
# Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
|
|
43
43
|
- run: bundle exec rake test
|
|
44
|
-
- codecov/upload
|
|
44
|
+
- codecov/upload:
|
|
45
|
+
file: /home/circleci/project/coverage/coverage.xml
|
|
45
46
|
|
|
46
47
|
workflows:
|
|
47
48
|
tests:
|
data/.semgrepignore
ADDED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,14 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## [v5.13.0](https://github.com/auth0/ruby-auth0/tree/v5.13.0) (2023-04-24)
|
|
4
|
+
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.12.0...v5.13.0)
|
|
5
|
+
|
|
6
|
+
**Added**
|
|
7
|
+
- [SDK-4142] Add support for /oauth/par [\#470](https://github.com/auth0/ruby-auth0/pull/470) ([stevehobbsdev](https://github.com/stevehobbsdev))
|
|
8
|
+
|
|
9
|
+
**Deprecated**
|
|
10
|
+
- Drop support for 2.7 in CI build [\#467](https://github.com/auth0/ruby-auth0/pull/467) ([stevehobbsdev](https://github.com/stevehobbsdev))
|
|
11
|
+
|
|
3
12
|
## [v5.12.0](https://github.com/auth0/ruby-auth0/tree/v5.12.0) (2023-03-13)
|
|
4
13
|
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.11.0...v5.12.0)
|
|
5
14
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
auth0 (5.
|
|
4
|
+
auth0 (5.13.0)
|
|
5
5
|
addressable (~> 2.8)
|
|
6
6
|
jwt (~> 2.5)
|
|
7
7
|
rest-client (~> 2.1)
|
|
@@ -11,25 +11,25 @@ PATH
|
|
|
11
11
|
GEM
|
|
12
12
|
remote: https://rubygems.org/
|
|
13
13
|
specs:
|
|
14
|
-
actionpack (7.0.4.
|
|
15
|
-
actionview (= 7.0.4.
|
|
16
|
-
activesupport (= 7.0.4.
|
|
14
|
+
actionpack (7.0.4.3)
|
|
15
|
+
actionview (= 7.0.4.3)
|
|
16
|
+
activesupport (= 7.0.4.3)
|
|
17
17
|
rack (~> 2.0, >= 2.2.0)
|
|
18
18
|
rack-test (>= 0.6.3)
|
|
19
19
|
rails-dom-testing (~> 2.0)
|
|
20
20
|
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
|
21
|
-
actionview (7.0.4.
|
|
22
|
-
activesupport (= 7.0.4.
|
|
21
|
+
actionview (7.0.4.3)
|
|
22
|
+
activesupport (= 7.0.4.3)
|
|
23
23
|
builder (~> 3.1)
|
|
24
24
|
erubi (~> 1.4)
|
|
25
25
|
rails-dom-testing (~> 2.0)
|
|
26
26
|
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
|
27
|
-
activesupport (7.0.4.
|
|
27
|
+
activesupport (7.0.4.3)
|
|
28
28
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
29
29
|
i18n (>= 1.6, < 2)
|
|
30
30
|
minitest (>= 5.1)
|
|
31
31
|
tzinfo (~> 2.0)
|
|
32
|
-
addressable (2.8.
|
|
32
|
+
addressable (2.8.4)
|
|
33
33
|
public_suffix (>= 2.0.2, < 6.0)
|
|
34
34
|
ast (2.4.2)
|
|
35
35
|
builder (3.2.4)
|
|
@@ -65,11 +65,11 @@ GEM
|
|
|
65
65
|
i18n (1.12.0)
|
|
66
66
|
concurrent-ruby (~> 1.0)
|
|
67
67
|
io-console (0.6.0)
|
|
68
|
-
irb (1.6.
|
|
68
|
+
irb (1.6.4)
|
|
69
69
|
reline (>= 0.3.0)
|
|
70
70
|
json (2.6.3)
|
|
71
71
|
jwt (2.7.0)
|
|
72
|
-
loofah (2.
|
|
72
|
+
loofah (2.20.0)
|
|
73
73
|
crass (~> 1.0.2)
|
|
74
74
|
nokogiri (>= 1.5.9)
|
|
75
75
|
method_source (1.0.0)
|
|
@@ -79,17 +79,17 @@ GEM
|
|
|
79
79
|
minitest (5.18.0)
|
|
80
80
|
multi_json (1.15.0)
|
|
81
81
|
netrc (0.11.0)
|
|
82
|
-
nokogiri (1.14.
|
|
82
|
+
nokogiri (1.14.3-x86_64-linux)
|
|
83
83
|
racc (~> 1.4)
|
|
84
|
-
parallel (1.
|
|
85
|
-
parser (3.2.
|
|
84
|
+
parallel (1.23.0)
|
|
85
|
+
parser (3.2.2.1)
|
|
86
86
|
ast (~> 2.4.1)
|
|
87
87
|
pp (0.4.0)
|
|
88
88
|
prettyprint
|
|
89
89
|
prettyprint (0.1.1)
|
|
90
90
|
public_suffix (5.0.1)
|
|
91
91
|
racc (1.6.2)
|
|
92
|
-
rack (2.2.6.
|
|
92
|
+
rack (2.2.6.4)
|
|
93
93
|
rack-test (0.8.3)
|
|
94
94
|
rack (>= 1.0, < 3)
|
|
95
95
|
rails-dom-testing (2.0.3)
|
|
@@ -97,17 +97,17 @@ GEM
|
|
|
97
97
|
nokogiri (>= 1.6)
|
|
98
98
|
rails-html-sanitizer (1.5.0)
|
|
99
99
|
loofah (~> 2.19, >= 2.19.1)
|
|
100
|
-
railties (7.0.4.
|
|
101
|
-
actionpack (= 7.0.4.
|
|
102
|
-
activesupport (= 7.0.4.
|
|
100
|
+
railties (7.0.4.3)
|
|
101
|
+
actionpack (= 7.0.4.3)
|
|
102
|
+
activesupport (= 7.0.4.3)
|
|
103
103
|
method_source
|
|
104
104
|
rake (>= 12.2)
|
|
105
105
|
thor (~> 1.0)
|
|
106
106
|
zeitwerk (~> 2.5)
|
|
107
107
|
rainbow (3.1.1)
|
|
108
108
|
rake (13.0.6)
|
|
109
|
-
regexp_parser (2.
|
|
110
|
-
reline (0.3.
|
|
109
|
+
regexp_parser (2.8.0)
|
|
110
|
+
reline (0.3.3)
|
|
111
111
|
io-console (~> 0.5)
|
|
112
112
|
rest-client (2.1.0)
|
|
113
113
|
http-accept (>= 1.7.0, < 2.0)
|
|
@@ -120,28 +120,28 @@ GEM
|
|
|
120
120
|
rspec-core (~> 3.12.0)
|
|
121
121
|
rspec-expectations (~> 3.12.0)
|
|
122
122
|
rspec-mocks (~> 3.12.0)
|
|
123
|
-
rspec-core (3.12.
|
|
123
|
+
rspec-core (3.12.2)
|
|
124
124
|
rspec-support (~> 3.12.0)
|
|
125
|
-
rspec-expectations (3.12.
|
|
125
|
+
rspec-expectations (3.12.3)
|
|
126
126
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
127
127
|
rspec-support (~> 3.12.0)
|
|
128
|
-
rspec-mocks (3.12.
|
|
128
|
+
rspec-mocks (3.12.5)
|
|
129
129
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
130
130
|
rspec-support (~> 3.12.0)
|
|
131
131
|
rspec-support (3.12.0)
|
|
132
|
-
rubocop (1.
|
|
132
|
+
rubocop (1.50.2)
|
|
133
133
|
json (~> 2.3)
|
|
134
134
|
parallel (~> 1.10)
|
|
135
135
|
parser (>= 3.2.0.0)
|
|
136
136
|
rainbow (>= 2.2.2, < 4.0)
|
|
137
137
|
regexp_parser (>= 1.8, < 3.0)
|
|
138
138
|
rexml (>= 3.2.5, < 4.0)
|
|
139
|
-
rubocop-ast (>= 1.
|
|
139
|
+
rubocop-ast (>= 1.28.0, < 2.0)
|
|
140
140
|
ruby-progressbar (~> 1.7)
|
|
141
141
|
unicode-display_width (>= 2.4.0, < 3.0)
|
|
142
|
-
rubocop-ast (1.
|
|
142
|
+
rubocop-ast (1.28.0)
|
|
143
143
|
parser (>= 3.2.1.0)
|
|
144
|
-
rubocop-rails (2.
|
|
144
|
+
rubocop-rails (2.19.1)
|
|
145
145
|
activesupport (>= 4.2.0)
|
|
146
146
|
rack (>= 1.1)
|
|
147
147
|
rubocop (>= 1.33.0, < 2.0)
|
|
@@ -202,4 +202,4 @@ DEPENDENCIES
|
|
|
202
202
|
webmock
|
|
203
203
|
|
|
204
204
|
BUNDLED WITH
|
|
205
|
-
2.
|
|
205
|
+
2.4.10
|
|
@@ -323,6 +323,21 @@ module Auth0
|
|
|
323
323
|
URI::HTTPS.build(host: @domain, path: '/authorize', query: to_query(request_params))
|
|
324
324
|
end
|
|
325
325
|
|
|
326
|
+
# Return an authorization URL for PAR requests
|
|
327
|
+
# @see https://www.rfc-editor.org/rfc/rfc9126.html
|
|
328
|
+
# @param request_uri [string] The request_uri as obtained by calling `pushed_authorization_request`
|
|
329
|
+
# @param additional_parameters Any additional parameters to send
|
|
330
|
+
def par_authorization_url(request_uri)
|
|
331
|
+
raise Auth0::InvalidParameter, 'Must supply a valid request_uri' if request_uri.to_s.empty?
|
|
332
|
+
|
|
333
|
+
request_params = {
|
|
334
|
+
client_id: @client_id,
|
|
335
|
+
request_uri: request_uri,
|
|
336
|
+
}
|
|
337
|
+
|
|
338
|
+
URI::HTTPS.build(host: @domain, path: '/authorize', query: to_query(request_params))
|
|
339
|
+
end
|
|
340
|
+
|
|
326
341
|
# Returns an Auth0 logout URL with a return URL.
|
|
327
342
|
# @see https://auth0.com/docs/api/authentication#logout
|
|
328
343
|
# @see https://auth0.com/docs/logout
|
|
@@ -344,6 +359,28 @@ module Auth0
|
|
|
344
359
|
)
|
|
345
360
|
end
|
|
346
361
|
|
|
362
|
+
# Make a request to the PAR endpoint and receive a `request_uri` to send to the '/authorize' endpoint.
|
|
363
|
+
# @see https://auth0.com/docs/api/authentication#authorization-code-grant
|
|
364
|
+
# @param redirect_uri [string] URL to redirect after authorization
|
|
365
|
+
# @param options [hash] Can contain response_type, connection, state, organization, invitation, and additional_parameters.
|
|
366
|
+
# @return [url] Authorization URL.
|
|
367
|
+
def pushed_authorization_request(parameters = {})
|
|
368
|
+
request_params = {
|
|
369
|
+
client_id: @client_id,
|
|
370
|
+
response_type: parameters.fetch(:response_type, 'code'),
|
|
371
|
+
connection: parameters.fetch(:connection, nil),
|
|
372
|
+
redirect_uri: parameters.fetch(:redirect_uri, nil),
|
|
373
|
+
state: parameters.fetch(:state, nil),
|
|
374
|
+
scope: parameters.fetch(:scope, nil),
|
|
375
|
+
organization: parameters.fetch(:organization, nil),
|
|
376
|
+
invitation: parameters.fetch(:invitation, nil)
|
|
377
|
+
}.merge(parameters.fetch(:additional_parameters, {}))
|
|
378
|
+
|
|
379
|
+
populate_client_assertion_or_secret(request_params)
|
|
380
|
+
|
|
381
|
+
request_with_retry(:post_form, '/oauth/par', request_params, {})
|
|
382
|
+
end
|
|
383
|
+
|
|
347
384
|
# Return a SAMLP URL.
|
|
348
385
|
# The SAML Request AssertionConsumerServiceURL will be used to POST back
|
|
349
386
|
# the assertion and it must match with the application callback URL.
|
|
@@ -16,7 +16,7 @@ module Auth0
|
|
|
16
16
|
BASE_DELAY = 100
|
|
17
17
|
|
|
18
18
|
# proxying requests from instance methods to HTTP class methods
|
|
19
|
-
%i(get post post_file put patch delete delete_with_body).each do |method|
|
|
19
|
+
%i(get post post_file post_form put patch delete delete_with_body).each do |method|
|
|
20
20
|
define_method(method) do |uri, body = {}, extra_headers = {}|
|
|
21
21
|
body = body.delete_if { |_, v| v.nil? }
|
|
22
22
|
token = get_token()
|
|
@@ -85,9 +85,12 @@ module Auth0
|
|
|
85
85
|
elsif method == :post_file
|
|
86
86
|
body.merge!(multipart: true)
|
|
87
87
|
# Ignore the default Content-Type headers and let the HTTP client define them
|
|
88
|
-
post_file_headers = headers.
|
|
88
|
+
post_file_headers = headers.except('Content-Type') if headers != nil
|
|
89
89
|
# Actual call with the altered headers
|
|
90
90
|
call(:post, encode_uri(uri), timeout, post_file_headers, body)
|
|
91
|
+
elsif method == :post_form
|
|
92
|
+
form_post_headers = headers.except('Content-Type') if headers != nil
|
|
93
|
+
call(:post, encode_uri(uri), timeout, form_post_headers, body.compact)
|
|
91
94
|
else
|
|
92
95
|
call(method, encode_uri(uri), timeout, headers, body.to_json)
|
|
93
96
|
end
|
data/lib/auth0/version.rb
CHANGED
|
@@ -6,6 +6,7 @@ describe Auth0::Api::AuthenticationEndpoints do
|
|
|
6
6
|
let(:client_secret) { 'test-client-secret' }
|
|
7
7
|
let(:api_identifier) { 'test-audience' }
|
|
8
8
|
let(:domain) { 'samples.auth0.com' }
|
|
9
|
+
let(:request_uri) { 'urn:ietf:params:oauth:request_uri:the.request.uri' }
|
|
9
10
|
|
|
10
11
|
let(:client_secret_config) { {
|
|
11
12
|
domain: domain,
|
|
@@ -628,5 +629,94 @@ describe Auth0::Api::AuthenticationEndpoints do
|
|
|
628
629
|
client_assertion_instance.send :start_passwordless_sms_flow, '123456789'
|
|
629
630
|
end
|
|
630
631
|
end
|
|
632
|
+
|
|
633
|
+
context 'par_authorization_url' do
|
|
634
|
+
it 'throws an exception if request_uri is nil' do
|
|
635
|
+
expect { client_secret_instance.send :par_authorization_url, nil}.to raise_error Auth0::InvalidParameter
|
|
636
|
+
end
|
|
637
|
+
|
|
638
|
+
it 'throws an exception if request_uri is empty' do
|
|
639
|
+
expect { client_secret_instance.send :par_authorization_url, ''}.to raise_error Auth0::InvalidParameter
|
|
640
|
+
end
|
|
641
|
+
|
|
642
|
+
it 'builds a URL containing the request_uri' do
|
|
643
|
+
url = client_secret_instance.send :par_authorization_url, request_uri
|
|
644
|
+
expect(CGI.unescape(url.to_s)).to eq("https://samples.auth0.com/authorize?client_id=#{client_id}&request_uri=#{request_uri}")
|
|
645
|
+
end
|
|
646
|
+
end
|
|
647
|
+
|
|
648
|
+
context 'pushed_authorization_request' do
|
|
649
|
+
it 'sends the request as a form post' do
|
|
650
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
651
|
+
expect(arg[:url]).to eq('https://samples.auth0.com/oauth/par')
|
|
652
|
+
expect(arg[:method]).to eq(:post)
|
|
653
|
+
|
|
654
|
+
expect(arg[:payload]).to eq({
|
|
655
|
+
client_id: client_id,
|
|
656
|
+
client_secret: client_secret,
|
|
657
|
+
response_type: 'code',
|
|
658
|
+
})
|
|
659
|
+
|
|
660
|
+
StubResponse.new({}, true, 200)
|
|
661
|
+
end
|
|
662
|
+
|
|
663
|
+
client_secret_instance.send :pushed_authorization_request
|
|
664
|
+
end
|
|
665
|
+
|
|
666
|
+
it 'allows the RestClient to handle the correct header defaults' do
|
|
667
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
668
|
+
expect(arg[:headers]).not_to have_key('Content-Type')
|
|
669
|
+
|
|
670
|
+
StubResponse.new({}, true, 200)
|
|
671
|
+
end
|
|
672
|
+
|
|
673
|
+
client_secret_instance.headers['Content-Type'] = 'application/x-www-form-urlencoded'
|
|
674
|
+
client_secret_instance.send :pushed_authorization_request
|
|
675
|
+
end
|
|
676
|
+
|
|
677
|
+
it 'sends the request as a form post with all known overrides' do
|
|
678
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
679
|
+
expect(arg[:url]).to eq('https://samples.auth0.com/oauth/par')
|
|
680
|
+
expect(arg[:method]).to eq(:post)
|
|
681
|
+
|
|
682
|
+
expect(arg[:payload]).to eq({
|
|
683
|
+
client_id: client_id,
|
|
684
|
+
client_secret: client_secret,
|
|
685
|
+
connection: 'google-oauth2',
|
|
686
|
+
organization: 'org_id',
|
|
687
|
+
invitation: 'http://invite.url',
|
|
688
|
+
redirect_uri: 'http://localhost:3000',
|
|
689
|
+
response_type: 'id_token',
|
|
690
|
+
scope: 'openid',
|
|
691
|
+
state: 'random_value'
|
|
692
|
+
})
|
|
693
|
+
|
|
694
|
+
StubResponse.new({}, true, 200)
|
|
695
|
+
end
|
|
696
|
+
|
|
697
|
+
client_secret_instance.send(:pushed_authorization_request,
|
|
698
|
+
response_type: 'id_token',
|
|
699
|
+
redirect_uri: 'http://localhost:3000',
|
|
700
|
+
organization: 'org_id',
|
|
701
|
+
invitation: 'http://invite.url',
|
|
702
|
+
scope: 'openid',
|
|
703
|
+
state: 'random_value',
|
|
704
|
+
connection: 'google-oauth2')
|
|
705
|
+
end
|
|
706
|
+
|
|
707
|
+
it 'sends the request as a form post using client assertion' do
|
|
708
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
709
|
+
expect(arg[:url]).to eq('https://samples.auth0.com/oauth/par')
|
|
710
|
+
expect(arg[:method]).to eq(:post)
|
|
711
|
+
expect(arg[:payload][:client_secret]).to be_nil
|
|
712
|
+
expect(arg[:payload][:client_assertion]).not_to be_nil
|
|
713
|
+
expect(arg[:payload][:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
|
|
714
|
+
|
|
715
|
+
StubResponse.new({}, true, 200)
|
|
716
|
+
end
|
|
717
|
+
|
|
718
|
+
client_assertion_instance.send :pushed_authorization_request
|
|
719
|
+
end
|
|
720
|
+
end
|
|
631
721
|
end
|
|
632
722
|
end
|
|
@@ -250,25 +250,37 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
250
250
|
end
|
|
251
251
|
end
|
|
252
252
|
|
|
253
|
-
|
|
253
|
+
def expected_payload(method, overrides = {})
|
|
254
|
+
if method == :post_form
|
|
255
|
+
{
|
|
256
|
+
method: :post,
|
|
257
|
+
url: 'https://auth0.com/test',
|
|
258
|
+
timeout: nil,
|
|
259
|
+
headers: nil,
|
|
260
|
+
payload: {}
|
|
261
|
+
}.merge(overrides)
|
|
262
|
+
else
|
|
263
|
+
{
|
|
264
|
+
method: method,
|
|
265
|
+
url: 'https://auth0.com/test',
|
|
266
|
+
timeout: nil,
|
|
267
|
+
headers: nil,
|
|
268
|
+
payload: '{}'
|
|
269
|
+
}.merge(overrides)
|
|
270
|
+
end
|
|
271
|
+
end
|
|
272
|
+
|
|
273
|
+
%i(post post_form put patch).each do |http_method|
|
|
254
274
|
context ".#{http_method}" do
|
|
255
275
|
it { expect(@instance).to respond_to(http_method.to_sym) }
|
|
256
|
-
it "should call send http #{http_method} method to path defined through HTTP"
|
|
257
|
-
expect(RestClient::Request).to receive(:execute).with(
|
|
258
|
-
url: 'https://auth0.com/test',
|
|
259
|
-
timeout: nil,
|
|
260
|
-
headers: nil,
|
|
261
|
-
payload: '{}')
|
|
276
|
+
it "should call send http #{http_method} method to path defined through HTTP"do
|
|
277
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
262
278
|
.and_return(StubResponse.new({}, true, 200))
|
|
263
279
|
expect { @instance.send(http_method, '/test') }.not_to raise_error
|
|
264
280
|
end
|
|
265
281
|
|
|
266
282
|
it 'should not raise exception if data returned not in json format (should be fixed in v2)' do
|
|
267
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
268
|
-
url: 'https://auth0.com/test',
|
|
269
|
-
timeout: nil,
|
|
270
|
-
headers: nil,
|
|
271
|
-
payload: '{}')
|
|
283
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
272
284
|
.and_return(StubResponse.new('Some random text here', true, 200))
|
|
273
285
|
expect { @instance.send(http_method, '/test') }.not_to raise_error
|
|
274
286
|
expect(@instance.send(http_method, '/test')).to eql('Some random text here')
|
|
@@ -277,11 +289,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
277
289
|
it "should raise Auth0::Unauthorized on send http #{http_method} method
|
|
278
290
|
to path defined through HTTP when 401 status received" do
|
|
279
291
|
@exception.response = StubResponse.new({}, false, 401)
|
|
280
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
281
|
-
url: 'https://auth0.com/test',
|
|
282
|
-
timeout: nil,
|
|
283
|
-
headers: nil,
|
|
284
|
-
payload: '{}')
|
|
292
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
285
293
|
.and_raise(@exception)
|
|
286
294
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::Unauthorized)
|
|
287
295
|
end
|
|
@@ -294,11 +302,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
294
302
|
:x_ratelimit_reset => 1560564149
|
|
295
303
|
}
|
|
296
304
|
@exception.response = StubResponse.new({}, false, 429,headers)
|
|
297
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
298
|
-
url: 'https://auth0.com/test',
|
|
299
|
-
timeout: nil,
|
|
300
|
-
headers: nil,
|
|
301
|
-
payload: '{}')
|
|
305
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
302
306
|
.and_raise(@exception)
|
|
303
307
|
expect { @instance.send(http_method, '/test') }.to raise_error { |error|
|
|
304
308
|
expect(error).to be_a(Auth0::RateLimitEncountered)
|
|
@@ -317,11 +321,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
317
321
|
it "should raise Auth0::NotFound on send http #{http_method} method
|
|
318
322
|
to path defined through HTTP when 404 status received" do
|
|
319
323
|
@exception.response = StubResponse.new({}, false, 404)
|
|
320
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
321
|
-
url: 'https://auth0.com/test',
|
|
322
|
-
timeout: nil,
|
|
323
|
-
headers: nil,
|
|
324
|
-
payload: '{}')
|
|
324
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
325
325
|
.and_raise(@exception)
|
|
326
326
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound)
|
|
327
327
|
end
|
|
@@ -329,22 +329,14 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
329
329
|
it "should raise Auth0::Unsupported on send http #{http_method} method
|
|
330
330
|
to path defined through HTTP when 418 or other unknown status received" do
|
|
331
331
|
@exception.response = StubResponse.new({}, false, 418)
|
|
332
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
333
|
-
url: 'https://auth0.com/test',
|
|
334
|
-
timeout: nil,
|
|
335
|
-
headers: nil,
|
|
336
|
-
payload: '{}')
|
|
332
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
337
333
|
.and_raise(@exception)
|
|
338
334
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::Unsupported)
|
|
339
335
|
end
|
|
340
336
|
|
|
341
337
|
it "should raise Auth0::RequestTimeout on send http #{http_method} method
|
|
342
338
|
to path defined through HTTP when RestClient::RequestTimeout received" do
|
|
343
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
344
|
-
url: 'https://auth0.com/test',
|
|
345
|
-
timeout: nil,
|
|
346
|
-
headers: nil,
|
|
347
|
-
payload: '{}')
|
|
339
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
348
340
|
.and_raise(RestClient::Exceptions::OpenTimeout.new)
|
|
349
341
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::RequestTimeout)
|
|
350
342
|
end
|
|
@@ -352,11 +344,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
352
344
|
it "should raise Auth0::BadRequest on send http #{http_method} method
|
|
353
345
|
to path defined through HTTP when 400 status received" do
|
|
354
346
|
@exception.response = StubResponse.new({}, false, 400)
|
|
355
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
356
|
-
url: 'https://auth0.com/test',
|
|
357
|
-
timeout: nil,
|
|
358
|
-
headers: nil,
|
|
359
|
-
payload: '{}')
|
|
347
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
360
348
|
.and_raise(@exception)
|
|
361
349
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::BadRequest)
|
|
362
350
|
end
|
|
@@ -364,20 +352,13 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
364
352
|
it "should raise Auth0::ServerError on send http #{http_method} method
|
|
365
353
|
to path defined through HTTP when 500 received" do
|
|
366
354
|
@exception.response = StubResponse.new({}, false, 500)
|
|
367
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
368
|
-
timeout: nil,
|
|
369
|
-
headers: nil,
|
|
370
|
-
payload: '{}')
|
|
355
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
371
356
|
.and_raise(@exception)
|
|
372
357
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::ServerError)
|
|
373
358
|
end
|
|
374
359
|
|
|
375
360
|
it 'should normalize path with Addressable::URI' do
|
|
376
|
-
expect(RestClient::Request).to receive(:execute).with(
|
|
377
|
-
url: 'https://auth0.com/te%20st',
|
|
378
|
-
timeout: nil,
|
|
379
|
-
headers: nil,
|
|
380
|
-
payload: '{}')
|
|
361
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method, url: 'https://auth0.com/te%20st'))
|
|
381
362
|
.and_return(StubResponse.new({}, true, 200))
|
|
382
363
|
expect { @instance.send(http_method, '/te st') }.not_to raise_error
|
|
383
364
|
end
|
|
@@ -388,11 +369,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
388
369
|
'message' => "Path validation error: 'String does not match pattern ^.+\\|.+$:
|
|
389
370
|
3241312' on property id (The user_id of the user to retrieve).",
|
|
390
371
|
'errorCode' => 'invalid_uri')
|
|
391
|
-
expect(RestClient::Request).to receive(:execute).with(
|
|
392
|
-
url: 'https://auth0.com/test',
|
|
393
|
-
timeout: nil,
|
|
394
|
-
headers: nil,
|
|
395
|
-
payload: '{}')
|
|
372
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
396
373
|
.and_return(StubResponse.new(res, true, 404))
|
|
397
374
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound, res)
|
|
398
375
|
end
|
|
@@ -404,11 +381,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
404
381
|
retry_instance.base_uri = "https://auth0.com"
|
|
405
382
|
|
|
406
383
|
@exception.response = StubResponse.new({}, false, 429)
|
|
407
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
408
|
-
url: 'https://auth0.com/test',
|
|
409
|
-
timeout: nil,
|
|
410
|
-
headers: nil,
|
|
411
|
-
payload: '{}')
|
|
384
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
412
385
|
.and_raise(@exception)
|
|
413
386
|
expect(RestClient::Request).to receive(:execute).exactly(4).times
|
|
414
387
|
|
|
@@ -424,11 +397,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
424
397
|
retry_instance.retry_count = 2
|
|
425
398
|
|
|
426
399
|
@exception.response = StubResponse.new({}, false, 429)
|
|
427
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
428
|
-
url: 'https://auth0.com/test',
|
|
429
|
-
timeout: nil,
|
|
430
|
-
headers: nil,
|
|
431
|
-
payload: '{}')
|
|
400
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
432
401
|
.and_raise(@exception)
|
|
433
402
|
expect(RestClient::Request).to receive(:execute).exactly(3).times
|
|
434
403
|
|
|
@@ -445,11 +414,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
445
414
|
|
|
446
415
|
@exception.response = StubResponse.new({}, false, 429)
|
|
447
416
|
|
|
448
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
449
|
-
url: 'https://auth0.com/test',
|
|
450
|
-
timeout: nil,
|
|
451
|
-
headers: nil,
|
|
452
|
-
payload: '{}')
|
|
417
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
453
418
|
.and_raise(@exception)
|
|
454
419
|
|
|
455
420
|
expect(RestClient::Request).to receive(:execute).exactly(1).times
|
|
@@ -467,11 +432,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
467
432
|
@time_start
|
|
468
433
|
|
|
469
434
|
@exception.response = StubResponse.new({}, false, 429)
|
|
470
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
471
|
-
url: 'https://auth0.com/test',
|
|
472
|
-
timeout: nil,
|
|
473
|
-
headers: nil,
|
|
474
|
-
payload: '{}') do
|
|
435
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method)) do
|
|
475
436
|
|
|
476
437
|
time_entries.push(Time.now.to_f - @time_start.to_f)
|
|
477
438
|
@time_start = Time.now.to_f # restart the clock
|
|
@@ -492,6 +453,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
492
453
|
end
|
|
493
454
|
end
|
|
494
455
|
end
|
|
456
|
+
end
|
|
495
457
|
|
|
496
458
|
context "Renewing tokens" do
|
|
497
459
|
let(:httpproxy_instance) {
|
|
@@ -546,7 +508,6 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
546
508
|
end
|
|
547
509
|
end
|
|
548
510
|
end
|
|
549
|
-
end
|
|
550
511
|
|
|
551
512
|
context "Using cached tokens" do
|
|
552
513
|
let(:httpproxy_instance) {
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: auth0
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.
|
|
4
|
+
version: 5.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Auth0
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2023-
|
|
14
|
+
date: 2023-04-24 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rest-client
|
|
@@ -248,6 +248,7 @@ files:
|
|
|
248
248
|
- ".rspec"
|
|
249
249
|
- ".rubocop.yml"
|
|
250
250
|
- ".rubocop_todo.yml"
|
|
251
|
+
- ".semgrepignore"
|
|
251
252
|
- ".shiprc"
|
|
252
253
|
- CHANGELOG.md
|
|
253
254
|
- CODE_OF_CONDUCT.md
|
|
@@ -614,7 +615,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
614
615
|
- !ruby/object:Gem::Version
|
|
615
616
|
version: '0'
|
|
616
617
|
requirements: []
|
|
617
|
-
rubygems_version: 3.
|
|
618
|
+
rubygems_version: 3.4.10
|
|
618
619
|
signing_key:
|
|
619
620
|
specification_version: 4
|
|
620
621
|
summary: Auth0 API Client
|