auth0 5.4.0 → 5.7.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +2 -1
- data/.gitignore +0 -1
- data/.shiprc +7 -0
- data/CHANGELOG.md +106 -30
- data/Gemfile +1 -0
- data/Gemfile.lock +233 -0
- data/README.md +10 -8
- data/auth0.gemspec +2 -1
- data/lib/auth0/api/authentication_endpoints.rb +40 -16
- data/lib/auth0/api/v2/actions.rb +210 -0
- data/lib/auth0/api/v2/attack_protection.rb +79 -0
- data/lib/auth0/api/v2/grants.rb +49 -0
- data/lib/auth0/api/v2/organizations.rb +1 -1
- data/lib/auth0/api/v2.rb +6 -0
- data/lib/auth0/exception.rb +12 -0
- data/lib/auth0/mixins/api_token_struct.rb +0 -1
- data/lib/auth0/mixins/httpproxy.rb +76 -40
- data/lib/auth0/mixins/initializer.rb +2 -3
- data/lib/auth0/mixins/token_management.rb +32 -0
- data/lib/auth0/mixins/validation.rb +1 -1
- data/lib/auth0/mixins.rb +2 -0
- data/lib/auth0/version.rb +1 -1
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_change_password/should_trigger_a_password_reset.yml +53 -23
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_login_with_resource_owner/should_fail_with_an_incorrect_email.yml +49 -18
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_login_with_resource_owner/should_fail_with_an_incorrect_password.yml +49 -18
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_login_with_resource_owner/should_fail_with_an_invalid_audience.yml +46 -15
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_login_with_resource_owner/should_login_successfully_with_a_custom_audience.yml +49 -79
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_login_with_resource_owner/should_login_successfully_with_a_default_scope.yml +49 -80
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_saml_metadata/should_retrieve_SAML_metadata.yml +74 -21
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_userinfo/should_fail_as_not_authorized.yml +53 -14
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_userinfo/should_return_the_userinfo.yml +106 -48
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_wsfed_metadata/should_retrieve_WSFED_metadata.yml +62 -19
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/create_test_user.yml +57 -22
- data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/delete_test_user.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Blacklists/_add_token_to_blacklist/should_add_a_token_to_the_blacklist.yml +37 -19
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Blacklists/_blacklisted_tokens/should_get_the_added_token_from_the_blacklist.yml +38 -23
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/_client_grants/should_return_at_least_1_result.yml +42 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/_client_grants/should_return_the_test_client_grant.yml +42 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/_delete_client_grant/should_delete_the_test_client_grant.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/_patch_client_grant/should_update_the_test_client_grant.yml +39 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/create_test_client.yml +44 -82
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/create_test_client_grant.yml +39 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/delete_test_client.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/delete_test_client_grant.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_client/_filters/should_exclude_and_include_fields_properly.yml +43 -56
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_client/_filters/should_include_the_specified_fields.yml +39 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_client/should_get_the_test_client.yml +43 -57
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_clients/_filters/should_exclude_fields_not_specified.yml +43 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_clients/_filters/should_exclude_the_specified_fields.yml +236 -96
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_clients/_filters/should_include_the_specified_fields.yml +52 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_clients/_filters/should_paginate_results.yml +39 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_clients/should_get_at_least_one_client.yml +235 -96
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_delete_client/should_delete_the_test_client_without_an_error.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_patch_client/should_update_the_client_with_the_correct_attributes.yml +43 -57
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/create_test_client.yml +45 -82
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connection/_filters/should_exclude_the_fields_indicated.yml +15 -16
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connection/_filters/should_include_the_fields_indicated.yml +15 -16
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connection/should_find_the_correct_connection.yml +15 -16
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connections/_filters/should_include_previously-created_connection_when_filtered.yml +14 -15
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connections/_filters/should_should_exclude_the_fields_indicated_from_filtered_results.yml +14 -15
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connections/_filters/should_should_include_the_fields_indicated_from_filtered_results.yml +14 -15
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connections/should_include_the_previously_created_connection.yml +15 -15
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_connections/should_not_be_empty.yml +15 -15
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_delete_connection/should_delete_the_connection.yml +15 -16
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_delete_connection_user/should_delete_the_user_created.yml +29 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_update_connection/should_update_the_connection.yml +15 -16
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/create_test_connection.yml +16 -17
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/create_test_user.yml +40 -32
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/create_test_credential.yml +40 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/create_test_user.yml +40 -32
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/delete_test_user.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/_configure_provider/should_configure_a_new_email_provider.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/_delete_provider/should_delete_the_existing_email_provider_without_an_error.yml +37 -19
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/_delete_provider/should_throw_an_error_trying_to_get_the_email_provider.yml +34 -16
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/_get_provider/_filters/should_get_the_existing_email_provider_with_specific_fields.yml +36 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/_get_provider/_filters/should_get_the_existing_email_provider_without_specific_fields.yml +36 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/_get_provider/should_get_the_existing_email_provider.yml +36 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/_update_provider/should_update_the_existing_email_provider.yml +36 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Emails/delete_existing_provider.yml +37 -19
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/_export_users_and_get_job/should_create_an_export_users_job_successfully.yml +38 -23
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/_export_users_and_get_job/should_get_the_export_users_job.yml +76 -46
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/_import_users_and_get_job/should_create_an_import_users_job_successfully.yml +46 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/_import_users_and_get_job/should_get_the_import_users_job.yml +84 -48
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/_send_verification_email_and_get_job/should_create_a_new_verification_email_job.yml +77 -47
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/_send_verification_email_and_get_job/should_get_the_completed_verification_email.yml +116 -71
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/_send_verification_email_and_get_job/should_reject_an_invalid_client_id.yml +76 -39
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/delete_imported_user.yml +76 -43
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Jobs/search_for_connection_id.yml +43 -23
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/_log/should_match_the_created_log_entry.yml +224 -196
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/_log/should_not_be_empty.yml +224 -196
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/_logs/_filters/should_exclude_fields_not_specified.yml +38 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/_logs/_filters/should_exclude_the_specified_fields.yml +39 -39
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/_logs/_filters/should_have_one_log_entry.yml +41 -40
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/_logs/_filters/should_include_the_specified_fields.yml +38 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/_logs/_from/should_take_one_log_entry.yml +229 -189
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/create_test_user.yml +40 -32
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/delete_test_disabled_rule.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/delete_test_enabled_rule.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Logs/delete_test_user.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/_delete_resource_server/should_delete_the_test_server_without_an_error.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/_patch_resource_server/should_update_the_resource_server_with_the_correct_attributes.yml +39 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/_resource_server/should_get_the_test_server.yml +39 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/_resource_servers/should_get_the_test_server.yml +146 -23
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/_resource_servers/should_return_at_least_1_result.yml +146 -23
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/_resource_servers/should_return_the_first_page_of_one_result.yml +131 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/create_test_server.yml +40 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ResourceServers/delete_test_server.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_add_role_permissions/should_add_a_Permission_to_the_Role_successfully.yml +39 -32
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_add_role_users/should_add_a_User_to_the_Role_successfully.yml +38 -31
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_delete_role/should_delete_the_Role_successfully.yml +42 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_get_role/should_get_the_Role_successfully.yml +38 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_get_role_permissions/should_get_exactly_1_Permission.yml +37 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_get_role_permissions/should_get_the_added_Permission_from_the_Role_successfully.yml +37 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_get_role_users/should_get_exactly_1_User.yml +37 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_get_role_users/should_get_the_added_User_from_the_Role_successfully.yml +37 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_get_roles/should_get_the_Role_successfully.yml +37 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_remove_role_permissions/should_remove_a_Permission_from_the_Role_successfully.yml +39 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/_update_role/should_update_the_Role_successfully.yml +37 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/create_test_api.yml +38 -31
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/create_test_role.yml +39 -31
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/create_test_user.yml +38 -31
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/delete_test_api.yml +36 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Roles/delete_test_user.yml +36 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_delete_rule/should_delete_the_test_disabled_rule_without_an_error.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_delete_rule/should_delete_the_test_enabled_rule_without_an_error.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rule/_filters/should_exclude_the_fields_not_specified.yml +40 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rule/_filters/should_exclude_the_specified_fields.yml +40 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rule/_filters/should_include_the_specified_fields.yml +39 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rule/should_get_a_specific_rule.yml +40 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rules/_filters/should_exclude_fields_not_specified.yml +80 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rules/_filters/should_include_the_specified_fields.yml +82 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rules/_filters/should_return_at_least_1_disabled_rule.yml +59 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rules/_filters/should_return_at_least_1_enabled_rule.yml +68 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rules/_filters/should_return_paginated_results.yml +78 -49
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_rules/should_return_at_least_1_rule.yml +84 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_update_rule/should_update_the_disabled_rule_to_be_enabled.yml +40 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/create_test_disabled_rule.yml +42 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/create_test_enabled_rule.yml +42 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Stats/_active_users/should_have_at_least_one_active_user.yml +38 -23
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Stats/_daily_stats/should_have_at_least_one_stats_entry_for_the_timeframe.yml +38 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tenants/_get_tenant_settings/should_get_the_tenant_settings.yml +72 -59
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tenants/_get_tenant_settings_with_specific_fields/should_exclude_a_field_not_requested.yml +38 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tenants/_get_tenant_settings_with_specific_fields/should_include_the_field_requested.yml +38 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tenants/_update_tenant_settings/should_revert_the_tenant_name.yml +72 -58
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tenants/_update_tenant_settings/should_update_the_tenant_settings_with_a_new_tenant_name.yml +72 -58
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tickets/_post_email_verification/should_create_an_email_verification_ticket.yml +39 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tickets/_post_password_change/should_create_a_password_change_ticket.yml +39 -26
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tickets/create_test_user.yml +40 -32
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tickets/delete_test_user.yml +38 -20
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_add_user_permissions/should_add_a_Permissions_for_a_User_successfully.yml +39 -35
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_add_user_roles/should_add_a_Role_to_a_User_successfully.yml +37 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_delete_user/should_delete_the_User_successfully.yml +36 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_delete_user/should_delete_the_secondary_User_successfully.yml +36 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_delete_user_provider/should_attempt_to_delete_the_MFA_provider_for_the_User.yml +36 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_get_enrollments/should_get_Enrollments_for_a_User_successfully.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_get_user_permissions/should_get_exactly_1_Permission_for_a_User_successfully.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_get_user_permissions/should_get_the_correct_Permission_for_a_User_successfully.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_get_user_roles/should_get_Roles_for_a_User_successfully.yml +38 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_invalidate_browsers/should_invalidate_MFA_browsers_for_the_User_successfully.yml +36 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_link_user_account/should_link_two_Users_successfully.yml +38 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_patch_user/should_patch_the_User_successfully.yml +38 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_remove_user_permissions/should_remove_a_Permission_from_a_User_successfully.yml +39 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_remove_user_roles/should_remove_a_Role_from_a_User_successfully.yml +39 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_unlink_user_account/should_unlink_two_Users_successfully.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_user/_filters/should_exclude_fields_not_indicated.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_user/_filters/should_exclude_the_fields_indicated.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_user/_filters/should_include_the_fields_indicated.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_user/should_retrieve_the_created_user.yml +37 -28
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_user_logs/should_get_Logs_for_a_User_successfully.yml +42 -30
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_users/_filters/is_expected_to_find_a_user_with_a_v2_search_engine_query.yml +36 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_users/_filters/is_expected_to_find_a_user_with_a_v3_search_engine_query.yml +36 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_users/_filters/should_exclude_the_indicated_fields_when_paginated.yml +36 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_users/_filters/should_include_the_indicated_fields_when_paginated.yml +36 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_users/_filters/should_not_include_other_fields_when_paginated.yml +36 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_users/_filters/should_return_the_correct_number_of_results_when_paginated.yml +36 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_users/should_have_at_least_one_user.yml +37 -27
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/create_secondary_test_user.yml +38 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/create_test_api.yml +38 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/create_test_role.yml +39 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/create_test_user.yml +38 -29
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/delete_test_api.yml +36 -24
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/delete_test_role.yml +42 -28
- data/spec/integration/lib/auth0/api/v2/api_client_grants_spec.rb +0 -9
- data/spec/integration/lib/auth0/api/v2/api_connections_spec.rb +3 -3
- data/spec/integration/lib/auth0/api/v2/api_email_spec.rb +0 -31
- data/spec/integration/lib/auth0/api/v2/api_jobs_spec.rb +4 -4
- data/spec/integration/lib/auth0/api/v2/api_logs_spec.rb +5 -5
- data/spec/integration/lib/auth0/api/v2/api_roles_spec.rb +3 -3
- data/spec/integration/lib/auth0/api/v2/api_tickets_spec.rb +4 -4
- data/spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb +8 -5
- data/spec/integration/lib/auth0/api/v2/api_users_spec.rb +6 -33
- data/spec/lib/auth0/api/v2/actions_spec.rb +312 -0
- data/spec/lib/auth0/api/v2/attack_protection_spec.rb +132 -0
- data/spec/lib/auth0/api/v2/blacklists_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/branding_spec.rb +4 -3
- data/spec/lib/auth0/api/v2/client_grants_spec.rb +8 -8
- data/spec/lib/auth0/api/v2/clients_spec.rb +12 -12
- data/spec/lib/auth0/api/v2/connections_spec.rb +10 -10
- data/spec/lib/auth0/api/v2/device_credentials_spec.rb +4 -4
- data/spec/lib/auth0/api/v2/emails_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/grants_spec.rb +91 -0
- data/spec/lib/auth0/api/v2/jobs_spec.rb +18 -17
- data/spec/lib/auth0/api/v2/log_streams_spec.rb +3 -3
- data/spec/lib/auth0/api/v2/logs_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/organizations_spec.rb +13 -13
- data/spec/lib/auth0/api/v2/resource_servers_spec.rb +5 -5
- data/spec/lib/auth0/api/v2/roles_spec.rb +22 -22
- data/spec/lib/auth0/api/v2/rules_spec.rb +7 -7
- data/spec/lib/auth0/api/v2/stats_spec.rb +1 -1
- data/spec/lib/auth0/api/v2/tenants_spec.rb +1 -1
- data/spec/lib/auth0/api/v2/tickets_spec.rb +14 -14
- data/spec/lib/auth0/api/v2/user_blocks_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/users_by_email_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/users_spec.rb +23 -23
- data/spec/lib/auth0/client_spec.rb +3 -3
- data/spec/lib/auth0/mixins/httpproxy_spec.rb +293 -0
- data/spec/lib/auth0/mixins/initializer_spec.rb +87 -0
- data/spec/lib/auth0/mixins/token_management_spec.rb +125 -0
- data/spec/spec_helper.rb +1 -1
- data/spec/support/dummy_class_for_proxy.rb +1 -0
- data/spec/support/dummy_class_for_tokens.rb +17 -0
- metadata +35 -25
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Anomaly/_check_if_ip_is_blocked/should_return_200_response_code.yml +0 -65
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Anomaly/_remove_ip_block/should_remove_an_IP_successfully.yml +0 -60
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_ClientGrants/_client_grants/should_return_the_first_page_of_one_result.yml +0 -66
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/_delete_device_credential/should_delete_the_test_credential_without_an_error.yml +0 -54
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/_device_credentials/_filter_by_type/should_exclude_the_test_credential.yml +0 -59
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/_device_credentials/should_have_at_least_1_entry.yml +0 -62
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/_device_credentials/should_include_the_test_credential.yml +0 -62
- data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_DeviceCredentials/delete_test_credential.yml +0 -54
- data/spec/integration/lib/auth0/api/v2/api_anomaly_spec.rb +0 -17
- data/spec/integration/lib/auth0/api/v2/api_device_credentials_spec.rb +0 -128
@@ -0,0 +1,79 @@
|
|
1
|
+
module Auth0
|
2
|
+
module Api
|
3
|
+
module V2
|
4
|
+
# Methods to use the attack-protection endpoints
|
5
|
+
module AttackProtection
|
6
|
+
attr_reader :attack_protection_path
|
7
|
+
|
8
|
+
# Get breached password detection settings
|
9
|
+
# @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_breached_password_detection
|
10
|
+
# @return [json] The configuration for breached password detection
|
11
|
+
def breached_password_detection
|
12
|
+
get(breached_password_settings_path)
|
13
|
+
end
|
14
|
+
alias get_breached_password_detection_settings breached_password_detection
|
15
|
+
|
16
|
+
# Update breached password detection settings
|
17
|
+
# @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_breached_password_detection
|
18
|
+
# @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_breached_password_detection for available options
|
19
|
+
# @return [json] The configuration for breached password detection
|
20
|
+
def patch_breached_password_detection(body)
|
21
|
+
patch(breached_password_settings_path, body)
|
22
|
+
end
|
23
|
+
|
24
|
+
# Get brute force protection settings.
|
25
|
+
# @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_brute_force_protection
|
26
|
+
# @return [json] The configuration for brute force protection
|
27
|
+
def brute_force_protection
|
28
|
+
get(brute_force_protection_settings_path)
|
29
|
+
end
|
30
|
+
alias get_brute_force_protection_settings brute_force_protection
|
31
|
+
|
32
|
+
# Update brute force protection settings.
|
33
|
+
# @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_brute_force_protection
|
34
|
+
# @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_brute_force_protection for available options
|
35
|
+
# @return [json] The configuration for brute force protection
|
36
|
+
def patch_brute_force_protection(body)
|
37
|
+
patch(brute_force_protection_settings_path, body)
|
38
|
+
end
|
39
|
+
alias update_brute_force_protection_settings patch_brute_force_protection
|
40
|
+
|
41
|
+
# Get suspicious IP throttling settings
|
42
|
+
# @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_suspicious_ip_throttling
|
43
|
+
# @return The configuration for suspicious IP throttling
|
44
|
+
def suspicious_ip_throttling
|
45
|
+
get(suspicious_ip_throttling_settings_path)
|
46
|
+
end
|
47
|
+
alias get_suspicious_ip_throttling_settings suspicious_ip_throttling
|
48
|
+
|
49
|
+
# Update suspicious IP throttling settings
|
50
|
+
# @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_suspicious_ip_throttling
|
51
|
+
# @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_suspicious_ip_throttling for available options
|
52
|
+
# @return The configuration for suspicious IP throttling
|
53
|
+
def patch_suspicious_ip_throttling(body)
|
54
|
+
patch(suspicious_ip_throttling_settings_path, body)
|
55
|
+
end
|
56
|
+
alias update_suspicious_ip_throttling_settings patch_suspicious_ip_throttling
|
57
|
+
|
58
|
+
private
|
59
|
+
|
60
|
+
def attack_protection_path
|
61
|
+
@attack_protection_path ||= '/api/v2/attack-protection'
|
62
|
+
end
|
63
|
+
alias update_breached_password_detection_settings patch_breached_password_detection
|
64
|
+
|
65
|
+
def breached_password_settings_path
|
66
|
+
"#{attack_protection_path}/breached-password-detection"
|
67
|
+
end
|
68
|
+
|
69
|
+
def brute_force_protection_settings_path
|
70
|
+
"#{attack_protection_path}/brute-force-protection"
|
71
|
+
end
|
72
|
+
|
73
|
+
def suspicious_ip_throttling_settings_path
|
74
|
+
"#{attack_protection_path}/suspicious-ip-throttling"
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
@@ -0,0 +1,49 @@
|
|
1
|
+
module Auth0
|
2
|
+
module Api
|
3
|
+
module V2
|
4
|
+
module Grants
|
5
|
+
attr_reader :grants_path
|
6
|
+
|
7
|
+
# Retrieve the grants associated with your account.
|
8
|
+
# @see https://auth0.com/docs/api/management/v2#!/Grants/get_grants
|
9
|
+
# @param client_id [string] The client_id of the grants to retrieve.
|
10
|
+
# @param user_id [string] The user_id of the grants to retrieve.
|
11
|
+
# @param audience [string] The audience of the grants to retrieve.
|
12
|
+
# @param page [int] The page index of the results to return. First page is 0.
|
13
|
+
# @param per_page [int] The number of results per page. Paging is disabled if parameter not sent.
|
14
|
+
# @param include_totals [boolean] Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).
|
15
|
+
# @return [json] Returns the grants.
|
16
|
+
def grants(client_id: nil, user_id: nil, audience: nil, page: nil, per_page: nil, include_totals: nil)
|
17
|
+
request_params = {
|
18
|
+
client_id: client_id,
|
19
|
+
user_id: user_id,
|
20
|
+
audience: audience,
|
21
|
+
page: page,
|
22
|
+
per_page: per_page,
|
23
|
+
include_totals: include_totals
|
24
|
+
}
|
25
|
+
get(grants_path, request_params)
|
26
|
+
end
|
27
|
+
alias get_all_grants grants
|
28
|
+
|
29
|
+
# Delete a grant associated with your account.
|
30
|
+
# @see https://auth0.com/docs/api/management/v2#!/Grants/delete_grants_by_id
|
31
|
+
# @param id [string] The id of the grant to delete.
|
32
|
+
# @param user_id [string] The user_id of the grant to delete.
|
33
|
+
def delete_grant(id, user_id)
|
34
|
+
raise Auth0::InvalidParameter, 'Must specify a grant id as id' if id.to_s.empty?
|
35
|
+
raise Auth0::InvalidParameter, 'Must specify a user id' if user_id.to_s.empty?
|
36
|
+
path = "#{grants_path}/#{id}"
|
37
|
+
delete(path, user_id: user_id)
|
38
|
+
end
|
39
|
+
|
40
|
+
private
|
41
|
+
|
42
|
+
# Grants API path
|
43
|
+
def grants_path
|
44
|
+
@grants_path ||= '/api/v2/grants'
|
45
|
+
end
|
46
|
+
end
|
47
|
+
end
|
48
|
+
end
|
49
|
+
end
|
data/lib/auth0/api/v2.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'auth0/api/v2/grants'
|
2
|
+
require 'auth0/api/v2/actions'
|
1
3
|
require 'auth0/api/v2/anomaly'
|
2
4
|
require 'auth0/api/v2/blacklists'
|
3
5
|
require 'auth0/api/v2/branding'
|
@@ -21,11 +23,14 @@ require 'auth0/api/v2/logs'
|
|
21
23
|
require 'auth0/api/v2/log_streams'
|
22
24
|
require 'auth0/api/v2/resource_servers'
|
23
25
|
require 'auth0/api/v2/guardian'
|
26
|
+
require 'auth0/api/v2/attack_protection'
|
24
27
|
|
25
28
|
module Auth0
|
26
29
|
module Api
|
27
30
|
# https://auth0.com/docs/apiv2
|
28
31
|
module V2
|
32
|
+
include Auth0::Api::V2::Grants
|
33
|
+
include Auth0::Api::V2::Actions
|
29
34
|
include Auth0::Api::V2::Anomaly
|
30
35
|
include Auth0::Api::V2::Blacklists
|
31
36
|
include Auth0::Api::V2::Branding
|
@@ -49,6 +54,7 @@ module Auth0
|
|
49
54
|
include Auth0::Api::V2::ResourceServers
|
50
55
|
include Auth0::Api::V2::Tenants
|
51
56
|
include Auth0::Api::V2::Tickets
|
57
|
+
include Auth0::Api::V2::AttackProtection
|
52
58
|
end
|
53
59
|
end
|
54
60
|
end
|
data/lib/auth0/exception.rb
CHANGED
@@ -40,8 +40,20 @@ module Auth0
|
|
40
40
|
class MissingClientId < Auth0::Exception; end
|
41
41
|
# exception for unset organization_id
|
42
42
|
class MissingOrganizationId < Auth0::Exception; end
|
43
|
+
# exception for unset trigger_id
|
44
|
+
class MissingTriggerId < Auth0::Exception; end
|
45
|
+
# exception for unset action_name
|
46
|
+
class MissingActionName < Auth0::Exception; end
|
47
|
+
# exception for unset action_id
|
48
|
+
class MissingActionId < Auth0::Exception; end
|
49
|
+
# exception for unset execution_id
|
50
|
+
class MissingExecutionId < Auth0::Exception; end
|
51
|
+
# exception for unset trigger_id
|
52
|
+
class MissingTriggerId < Auth0::Exception; end
|
43
53
|
# exception for an unset parameter
|
44
54
|
class MissingParameter < Auth0::Exception; end
|
55
|
+
# exception for unset version_id
|
56
|
+
class MissingVersionId < Auth0::Exception; end
|
45
57
|
# Api v2 access denied
|
46
58
|
class AccessDenied < Auth0::HTTPError; end
|
47
59
|
# Invalid parameter passed, e.g. empty where ID is required
|
@@ -1,56 +1,51 @@
|
|
1
1
|
require "addressable/uri"
|
2
|
+
require "retryable"
|
3
|
+
require_relative "../exception.rb"
|
2
4
|
|
3
5
|
module Auth0
|
4
6
|
module Mixins
|
5
7
|
# here's the proxy for Rest calls based on rest-client, we're building all request on that gem
|
6
8
|
# for now, if you want to feel free to use your own http client
|
7
9
|
module HTTPProxy
|
8
|
-
attr_accessor :headers, :base_uri, :timeout
|
10
|
+
attr_accessor :headers, :base_uri, :timeout, :retry_count
|
11
|
+
DEAFULT_RETRIES = 3
|
12
|
+
MAX_ALLOWED_RETRIES = 10
|
13
|
+
MAX_REQUEST_RETRY_JITTER = 250
|
14
|
+
MAX_REQUEST_RETRY_DELAY = 1000
|
15
|
+
MIN_REQUEST_RETRY_DELAY = 100
|
9
16
|
|
10
17
|
# proxying requests from instance methods to HTTP class methods
|
11
18
|
%i(get post post_file put patch delete delete_with_body).each do |method|
|
12
19
|
define_method(method) do |uri, body = {}, extra_headers = {}|
|
13
|
-
|
14
|
-
if base_uri
|
15
|
-
# if a base_uri is set then the uri can be encoded as a path
|
16
|
-
safe_path = Addressable::URI.new(path: uri).normalized_path
|
17
|
-
else
|
18
|
-
safe_path = Addressable::URI.escape(uri)
|
19
|
-
end
|
20
|
-
|
21
20
|
body = body.delete_if { |_, v| v.nil? }
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
body.merge!(multipart: true)
|
36
|
-
# Ignore the default Content-Type headers and let the HTTP client define them
|
37
|
-
post_file_headers = headers.slice(*headers.keys - ['Content-Type'])
|
38
|
-
# Actual call with the altered headers
|
39
|
-
call(:post, url(safe_path), timeout, post_file_headers, body)
|
40
|
-
else
|
41
|
-
call(method, url(safe_path), timeout, headers, body.to_json)
|
42
|
-
end
|
43
|
-
case result.code
|
44
|
-
when 200...226 then safe_parse_json(result.body)
|
45
|
-
when 400 then raise Auth0::BadRequest.new(result.body, code: result.code, headers: result.headers)
|
46
|
-
when 401 then raise Auth0::Unauthorized.new(result.body, code: result.code, headers: result.headers)
|
47
|
-
when 403 then raise Auth0::AccessDenied.new(result.body, code: result.code, headers: result.headers)
|
48
|
-
when 404 then raise Auth0::NotFound.new(result.body, code: result.code, headers: result.headers)
|
49
|
-
when 429 then raise Auth0::RateLimitEncountered.new(result.body, code: result.code, headers: result.headers)
|
50
|
-
when 500 then raise Auth0::ServerError.new(result.body, code: result.code, headers: result.headers)
|
51
|
-
else raise Auth0::Unsupported.new(result.body, code: result.code, headers: result.headers)
|
52
|
-
end
|
21
|
+
token = get_token()
|
22
|
+
authorization_header(token) unless token.nil?
|
23
|
+
request_with_retry(method, uri, body, extra_headers)
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
27
|
+
def retry_options
|
28
|
+
sleep_timer = lambda do |attempt|
|
29
|
+
wait = 1000 * 2**attempt # Exponential delay with each subsequent request attempt.
|
30
|
+
wait += rand(wait..wait+MAX_REQUEST_RETRY_JITTER) # Add jitter to the delay window.
|
31
|
+
wait = [MAX_REQUEST_RETRY_DELAY, wait].min # Cap delay at MAX_REQUEST_RETRY_DELAY.
|
32
|
+
wait = [MIN_REQUEST_RETRY_DELAY, wait].max # Ensure delay is no less than MIN_REQUEST_RETRY_DELAY.
|
33
|
+
wait / 1000.to_f.round(2) # convert ms to seconds
|
53
34
|
end
|
35
|
+
|
36
|
+
tries = 1 + [Integer(retry_count || DEAFULT_RETRIES), MAX_ALLOWED_RETRIES].min # Cap retries at MAX_ALLOWED_RETRIES
|
37
|
+
|
38
|
+
{
|
39
|
+
tries: tries,
|
40
|
+
sleep: sleep_timer,
|
41
|
+
on: Auth0::RateLimitEncountered
|
42
|
+
}
|
43
|
+
end
|
44
|
+
|
45
|
+
def encode_uri(uri)
|
46
|
+
# if a base_uri is set then the uri can be encoded as a path
|
47
|
+
path = base_uri ? Addressable::URI.new(path: uri).normalized_path : Addressable::URI.escape(uri)
|
48
|
+
url(path)
|
54
49
|
end
|
55
50
|
|
56
51
|
def url(path)
|
@@ -69,6 +64,47 @@ module Auth0
|
|
69
64
|
body
|
70
65
|
end
|
71
66
|
|
67
|
+
def request_with_retry(method, uri, body = {}, extra_headers = {})
|
68
|
+
Retryable.retryable(retry_options) do
|
69
|
+
request(method, uri, body, extra_headers)
|
70
|
+
end
|
71
|
+
end
|
72
|
+
|
73
|
+
def request(method, uri, body = {}, extra_headers = {})
|
74
|
+
result = if method == :get
|
75
|
+
# Mutate the headers property to add parameters.
|
76
|
+
add_headers({params: body})
|
77
|
+
# Merge custom headers into existing ones for this req.
|
78
|
+
# This prevents future calls from using them.
|
79
|
+
get_headers = headers.merge extra_headers
|
80
|
+
# Make the call with extra_headers, if provided.
|
81
|
+
call(:get, encode_uri(uri), timeout, get_headers)
|
82
|
+
elsif method == :delete
|
83
|
+
call(:delete, encode_uri(uri), timeout, add_headers({params: body}))
|
84
|
+
elsif method == :delete_with_body
|
85
|
+
call(:delete, encode_uri(uri), timeout, headers, body.to_json)
|
86
|
+
elsif method == :post_file
|
87
|
+
body.merge!(multipart: true)
|
88
|
+
# Ignore the default Content-Type headers and let the HTTP client define them
|
89
|
+
post_file_headers = headers.slice(*headers.keys - ['Content-Type'])
|
90
|
+
# Actual call with the altered headers
|
91
|
+
call(:post, encode_uri(uri), timeout, post_file_headers, body)
|
92
|
+
else
|
93
|
+
call(method, encode_uri(uri), timeout, headers, body.to_json)
|
94
|
+
end
|
95
|
+
|
96
|
+
case result.code
|
97
|
+
when 200...226 then safe_parse_json(result.body)
|
98
|
+
when 400 then raise Auth0::BadRequest.new(result.body, code: result.code, headers: result.headers)
|
99
|
+
when 401 then raise Auth0::Unauthorized.new(result.body, code: result.code, headers: result.headers)
|
100
|
+
when 403 then raise Auth0::AccessDenied.new(result.body, code: result.code, headers: result.headers)
|
101
|
+
when 404 then raise Auth0::NotFound.new(result.body, code: result.code, headers: result.headers)
|
102
|
+
when 429 then raise Auth0::RateLimitEncountered.new(result.body, code: result.code, headers: result.headers)
|
103
|
+
when 500 then raise Auth0::ServerError.new(result.body, code: result.code, headers: result.headers)
|
104
|
+
else raise Auth0::Unsupported.new(result.body, code: result.code, headers: result.headers)
|
105
|
+
end
|
106
|
+
end
|
107
|
+
|
72
108
|
def call(method, url, timeout, headers, body = nil)
|
73
109
|
RestClient::Request.execute(
|
74
110
|
method: method,
|
@@ -15,6 +15,7 @@ module Auth0
|
|
15
15
|
@base_uri = base_url(options)
|
16
16
|
@headers = client_headers
|
17
17
|
@timeout = options[:timeout] || 10
|
18
|
+
@retry_count = options[:retry_count]
|
18
19
|
extend Auth0::Api::AuthenticationEndpoints
|
19
20
|
@client_id = options[:client_id]
|
20
21
|
@client_secret = options[:client_secret]
|
@@ -58,9 +59,7 @@ module Auth0
|
|
58
59
|
|
59
60
|
def initialize_v2(options)
|
60
61
|
extend Auth0::Api::V2
|
61
|
-
|
62
|
-
api_identifier = options[:api_identifier] || "https://#{@domain}/api/v2/"
|
63
|
-
@token = api_token(audience: api_identifier).token if @token.nil? && @client_id && @client_secret
|
62
|
+
initialize_token(options)
|
64
63
|
end
|
65
64
|
|
66
65
|
def api_v2?(options)
|
@@ -0,0 +1,32 @@
|
|
1
|
+
module Auth0
|
2
|
+
module Mixins
|
3
|
+
module TokenManagement
|
4
|
+
|
5
|
+
private
|
6
|
+
|
7
|
+
def initialize_token(options)
|
8
|
+
@token = options[:access_token] || options[:token]
|
9
|
+
|
10
|
+
# default expiry to an hour if a token was given but no expires_at
|
11
|
+
@token_expires_at = @token ? options[:token_expires_at] || Time.now.to_i + 3600 : nil
|
12
|
+
|
13
|
+
@audience = options[:api_identifier] || "https://#{@domain}/api/v2/"
|
14
|
+
get_token() if @token.nil?
|
15
|
+
end
|
16
|
+
|
17
|
+
def get_token
|
18
|
+
has_expired = @token && @token_expires_at ? @token_expires_at < (Time.now.to_i + 10) : false
|
19
|
+
|
20
|
+
if (@token.nil? || has_expired) && @client_id && @client_secret
|
21
|
+
response = api_token(audience: @audience)
|
22
|
+
@token = response.token
|
23
|
+
@token_expires_at = response.expires_in ? Time.now.to_i + response.expires_in : nil
|
24
|
+
|
25
|
+
@token
|
26
|
+
else
|
27
|
+
@token
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
31
|
+
end
|
32
|
+
end
|
data/lib/auth0/mixins.rb
CHANGED
@@ -9,6 +9,7 @@ require 'auth0/mixins/httpproxy'
|
|
9
9
|
require 'auth0/mixins/initializer'
|
10
10
|
require 'auth0/mixins/permission_struct'
|
11
11
|
require 'auth0/mixins/validation'
|
12
|
+
require 'auth0/mixins/token_management'
|
12
13
|
|
13
14
|
require 'auth0/api/authentication_endpoints'
|
14
15
|
require 'auth0/api/v2'
|
@@ -17,6 +18,7 @@ module Auth0
|
|
17
18
|
# Collecting dependencies here
|
18
19
|
module Mixins
|
19
20
|
include Auth0::Mixins::Headers
|
21
|
+
include Auth0::Mixins::TokenManagement
|
20
22
|
include Auth0::Mixins::HTTPProxy
|
21
23
|
include Auth0::Mixins::Initializer
|
22
24
|
end
|
data/lib/auth0/version.rb
CHANGED
@@ -5,22 +5,22 @@ http_interactions:
|
|
5
5
|
uri: https://auth0-sdk-tests.auth0.com/dbconnections/change_password
|
6
6
|
body:
|
7
7
|
encoding: UTF-8
|
8
|
-
string: '{"email":"rubytest-username-1@auth0.com","password":"","connection":"Username-Password-Authentication","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI"}'
|
8
|
+
string: '{"email":"rubytest-210908-username-1@auth0.com","password":"","connection":"Username-Password-Authentication","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI"}'
|
9
9
|
headers:
|
10
10
|
Accept:
|
11
11
|
- "*/*"
|
12
|
-
Accept-Encoding:
|
13
|
-
- gzip, deflate
|
14
12
|
User-Agent:
|
15
|
-
-
|
13
|
+
- rest-client/2.1.0 (darwin19.6.0 x86_64) ruby/2.7.0p0
|
16
14
|
Content-Type:
|
17
15
|
- application/json
|
18
16
|
Auth0-Client:
|
19
|
-
-
|
17
|
+
- eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjUuMCIsImVudiI6eyJydWJ5IjoiMi43LjAifX0=
|
20
18
|
Authorization:
|
21
19
|
- Bearer API_TOKEN
|
22
20
|
Content-Length:
|
23
|
-
- '
|
21
|
+
- '157'
|
22
|
+
Accept-Encoding:
|
23
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
24
24
|
Host:
|
25
25
|
- auth0-sdk-tests.auth0.com
|
26
26
|
response:
|
@@ -29,35 +29,65 @@ http_interactions:
|
|
29
29
|
message: OK
|
30
30
|
headers:
|
31
31
|
Date:
|
32
|
-
-
|
32
|
+
- Fri, 03 Sep 2021 20:16:11 GMT
|
33
33
|
Content-Type:
|
34
34
|
- text/html; charset=utf-8
|
35
35
|
Transfer-Encoding:
|
36
36
|
- chunked
|
37
37
|
Connection:
|
38
38
|
- keep-alive
|
39
|
+
Cf-Ray:
|
40
|
+
- 6891a783fa1aeb79-LAX
|
41
|
+
Access-Control-Allow-Origin:
|
42
|
+
- "*"
|
43
|
+
Cache-Control:
|
44
|
+
- private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
|
45
|
+
Etag:
|
46
|
+
- W/"34-isurgRF3drpbztqj/kuLX3wcQN4"
|
47
|
+
Set-Cookie:
|
48
|
+
- did=s%3Av0%3Ac7c670e0-0cf3-11ec-8fcc-b1ac7dd7e8e6.SMKCwsFbZxS1wgznun%2Bc4MrNN8Yb7eXSJYergKRIbm4;
|
49
|
+
Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:10 GMT; HttpOnly;
|
50
|
+
Secure; SameSite=None
|
51
|
+
- did_compat=s%3Av0%3Ac7c670e0-0cf3-11ec-8fcc-b1ac7dd7e8e6.SMKCwsFbZxS1wgznun%2Bc4MrNN8Yb7eXSJYergKRIbm4;
|
52
|
+
Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:11 GMT; HttpOnly;
|
53
|
+
Secure
|
54
|
+
Strict-Transport-Security:
|
55
|
+
- max-age=31536000
|
39
56
|
Vary:
|
40
|
-
- Accept-Encoding
|
57
|
+
- Accept-Encoding, Origin
|
58
|
+
Cf-Cache-Status:
|
59
|
+
- DYNAMIC
|
60
|
+
Access-Control-Allow-Credentials:
|
61
|
+
- 'false'
|
62
|
+
Access-Control-Expose-Headers:
|
63
|
+
- X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
|
64
|
+
Expect-Ct:
|
65
|
+
- max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
|
66
|
+
Ot-Baggage-Auth0-Request-Id:
|
67
|
+
- 6891a783fa1aeb79
|
68
|
+
Ot-Tracer-Sampled:
|
69
|
+
- 'true'
|
70
|
+
Ot-Tracer-Spanid:
|
71
|
+
- 73ed236e3e952604
|
72
|
+
Ot-Tracer-Traceid:
|
73
|
+
- 75dde96b4f4143d1
|
41
74
|
X-Auth0-Requestid:
|
42
|
-
-
|
75
|
+
- 46bd91e5c530f4b3a9f7
|
76
|
+
X-Content-Type-Options:
|
77
|
+
- nosniff
|
43
78
|
X-Ratelimit-Limit:
|
44
79
|
- '10'
|
45
80
|
X-Ratelimit-Remaining:
|
46
81
|
- '9'
|
47
82
|
X-Ratelimit-Reset:
|
48
|
-
- '
|
49
|
-
|
50
|
-
-
|
51
|
-
|
52
|
-
-
|
53
|
-
|
54
|
-
- noindex, nofollow, nosnippet, noarchive
|
55
|
-
Content-Encoding:
|
56
|
-
- gzip
|
83
|
+
- '1630700231'
|
84
|
+
Server:
|
85
|
+
- cloudflare
|
86
|
+
Alt-Svc:
|
87
|
+
- h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
|
88
|
+
ma=86400
|
57
89
|
body:
|
58
90
|
encoding: ASCII-8BIT
|
59
|
-
string:
|
60
|
-
|
61
|
-
|
62
|
-
recorded_at: Wed, 10 Oct 2018 23:19:59 GMT
|
63
|
-
recorded_with: VCR 4.0.0
|
91
|
+
string: We've just sent you an email to reset your password.
|
92
|
+
recorded_at: Fri, 03 Sep 2021 20:16:10 GMT
|
93
|
+
recorded_with: VCR 6.0.0
|
@@ -5,22 +5,22 @@ http_interactions:
|
|
5
5
|
uri: https://auth0-sdk-tests.auth0.com/oauth/token
|
6
6
|
body:
|
7
7
|
encoding: UTF-8
|
8
|
-
string: '{"username":"rubytest-username-1@auth0.com_invalid","password":"23kejn2jk3en2jke2jk3be2jk3ber","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI","client_secret":"CLIENT_SECRET","scope":"openid","grant_type":"password"}'
|
8
|
+
string: '{"username":"rubytest-210908-username-1@auth0.com_invalid","password":"23kejn2jk3en2jke2jk3be2jk3ber","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI","client_secret":"CLIENT_SECRET","scope":"openid","grant_type":"password"}'
|
9
9
|
headers:
|
10
10
|
Accept:
|
11
11
|
- "*/*"
|
12
|
-
Accept-Encoding:
|
13
|
-
- gzip, deflate
|
14
12
|
User-Agent:
|
15
|
-
-
|
13
|
+
- rest-client/2.1.0 (darwin19.6.0 x86_64) ruby/2.7.0p0
|
16
14
|
Content-Type:
|
17
15
|
- application/json
|
18
16
|
Auth0-Client:
|
19
|
-
-
|
17
|
+
- eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjUuMCIsImVudiI6eyJydWJ5IjoiMi43LjAifX0=
|
20
18
|
Authorization:
|
21
19
|
- Bearer API_TOKEN
|
22
20
|
Content-Length:
|
23
|
-
- '
|
21
|
+
- '273'
|
22
|
+
Accept-Encoding:
|
23
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
24
24
|
Host:
|
25
25
|
- auth0-sdk-tests.auth0.com
|
26
26
|
response:
|
@@ -29,26 +29,57 @@ http_interactions:
|
|
29
29
|
message: Forbidden
|
30
30
|
headers:
|
31
31
|
Date:
|
32
|
-
-
|
32
|
+
- Fri, 03 Sep 2021 20:16:12 GMT
|
33
33
|
Content-Type:
|
34
34
|
- application/json
|
35
|
-
|
36
|
-
-
|
35
|
+
Transfer-Encoding:
|
36
|
+
- chunked
|
37
37
|
Connection:
|
38
38
|
- keep-alive
|
39
|
+
Cf-Ray:
|
40
|
+
- 6891a78eaa9d04b4-LAX
|
41
|
+
Cache-Control:
|
42
|
+
- private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
|
43
|
+
Set-Cookie:
|
44
|
+
- did=s%3Av0%3Ac8c67bc0-0cf3-11ec-a06b-fb16f7884f9b.SifCcrmcjM8PKlpAAH8qLYoWeyeN%2FqvtDC0ZweexKDY;
|
45
|
+
Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:12 GMT; HttpOnly;
|
46
|
+
Secure; SameSite=None
|
47
|
+
- did_compat=s%3Av0%3Ac8c67bc0-0cf3-11ec-a06b-fb16f7884f9b.SifCcrmcjM8PKlpAAH8qLYoWeyeN%2FqvtDC0ZweexKDY;
|
48
|
+
Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:12 GMT; HttpOnly;
|
49
|
+
Secure
|
50
|
+
Strict-Transport-Security:
|
51
|
+
- max-age=31536000
|
52
|
+
Vary:
|
53
|
+
- Accept-Encoding, Origin
|
54
|
+
Cf-Cache-Status:
|
55
|
+
- DYNAMIC
|
56
|
+
Expect-Ct:
|
57
|
+
- max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
|
58
|
+
Ot-Baggage-Auth0-Request-Id:
|
59
|
+
- 6891a78eaa9d04b4
|
60
|
+
Ot-Tracer-Sampled:
|
61
|
+
- 'true'
|
62
|
+
Ot-Tracer-Spanid:
|
63
|
+
- 238a8dd0640d43a0
|
64
|
+
Ot-Tracer-Traceid:
|
65
|
+
- 431cac8f77136f2c
|
39
66
|
X-Auth0-Requestid:
|
40
|
-
-
|
67
|
+
- b0a5dc12c514c43e1e72
|
68
|
+
X-Content-Type-Options:
|
69
|
+
- nosniff
|
41
70
|
X-Ratelimit-Limit:
|
42
71
|
- '100'
|
43
72
|
X-Ratelimit-Remaining:
|
44
|
-
- '
|
73
|
+
- '97'
|
45
74
|
X-Ratelimit-Reset:
|
46
|
-
- '
|
47
|
-
|
48
|
-
-
|
75
|
+
- '1630702765'
|
76
|
+
Server:
|
77
|
+
- cloudflare
|
78
|
+
Alt-Svc:
|
79
|
+
- h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
|
80
|
+
ma=86400
|
49
81
|
body:
|
50
|
-
encoding:
|
82
|
+
encoding: ASCII-8BIT
|
51
83
|
string: '{"error":"invalid_grant","error_description":"Wrong email or password."}'
|
52
|
-
|
53
|
-
|
54
|
-
recorded_with: VCR 4.0.0
|
84
|
+
recorded_at: Fri, 03 Sep 2021 20:16:12 GMT
|
85
|
+
recorded_with: VCR 6.0.0
|