auth0 5.4.0 → 5.7.0

data/lib/auth0/api/v2/attack_protection.rb

@@ -0,0 +1,79 @@
+module Auth0
+  module Api
+    module V2
+      # Methods to use the attack-protection endpoints
+      module AttackProtection
+        attr_reader :attack_protection_path
+
+        # Get breached password detection settings
+        # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_breached_password_detection
+        # @return [json] The configuration for breached password detection
+        def breached_password_detection
+          get(breached_password_settings_path)
+        end
+        alias get_breached_password_detection_settings breached_password_detection
+
+        # Update breached password detection settings
+        # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_breached_password_detection
+        # @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_breached_password_detection for available options
+        # @return [json] The configuration for breached password detection
+        def patch_breached_password_detection(body)
+          patch(breached_password_settings_path, body)
+        end
+
+        # Get brute force protection settings.
+        # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_brute_force_protection
+        # @return [json] The configuration for brute force protection
+        def brute_force_protection
+          get(brute_force_protection_settings_path)
+        end
+        alias get_brute_force_protection_settings brute_force_protection
+
+        # Update brute force protection settings.
+        # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_brute_force_protection
+        # @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_brute_force_protection for available options
+        # @return [json] The configuration for brute force protection
+        def patch_brute_force_protection(body)
+          patch(brute_force_protection_settings_path, body)
+        end
+        alias update_brute_force_protection_settings patch_brute_force_protection
+
+        # Get suspicious IP throttling settings
+        # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_suspicious_ip_throttling
+        # @return The configuration for suspicious IP throttling
+        def suspicious_ip_throttling
+          get(suspicious_ip_throttling_settings_path)
+        end
+        alias get_suspicious_ip_throttling_settings suspicious_ip_throttling
+
+        # Update suspicious IP throttling settings
+        # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_suspicious_ip_throttling
+        # @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_suspicious_ip_throttling for available options
+        # @return The configuration for suspicious IP throttling
+        def patch_suspicious_ip_throttling(body)
+          patch(suspicious_ip_throttling_settings_path, body)
+        end
+        alias update_suspicious_ip_throttling_settings patch_suspicious_ip_throttling
+
+        private
+        
+        def attack_protection_path
+          @attack_protection_path ||= '/api/v2/attack-protection'
+        end
+        alias update_breached_password_detection_settings patch_breached_password_detection
+        
+        def breached_password_settings_path
+          "#{attack_protection_path}/breached-password-detection"
+        end
+
+        def brute_force_protection_settings_path
+          "#{attack_protection_path}/brute-force-protection"
+        end
+
+        def suspicious_ip_throttling_settings_path
+          "#{attack_protection_path}/suspicious-ip-throttling"
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/grants.rb

@@ -0,0 +1,49 @@
+module Auth0
+  module Api
+    module V2
+      module Grants
+        attr_reader :grants_path
+
+        # Retrieve the grants associated with your account.
+        # @see https://auth0.com/docs/api/management/v2#!/Grants/get_grants
+        # @param client_id [string] The client_id of the grants to retrieve.
+        # @param user_id [string]  The user_id of the grants to retrieve.
+        # @param audience [string] The audience of the grants to retrieve.
+        # @param page [int] The page index of the results to return. First page is 0.
+        # @param per_page [int] The number of results per page. Paging is disabled if parameter not sent.
+        # @param include_totals [boolean] Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).
+        # @return [json] Returns the grants.
+        def grants(client_id: nil, user_id: nil, audience: nil, page: nil, per_page: nil, include_totals: nil)
+          request_params = {
+            client_id: client_id,
+            user_id: user_id,
+            audience: audience,
+            page: page,
+            per_page: per_page,
+            include_totals: include_totals
+          }
+          get(grants_path, request_params)
+        end
+        alias get_all_grants grants
+
+        # Delete a grant associated with your account.
+        # @see https://auth0.com/docs/api/management/v2#!/Grants/delete_grants_by_id
+        # @param id [string] The id of the grant to delete.
+        # @param user_id [string] The user_id of the grant to delete.
+        def delete_grant(id, user_id)
+          raise Auth0::InvalidParameter, 'Must specify a grant id as id' if id.to_s.empty?
+          raise Auth0::InvalidParameter, 'Must specify a user id' if user_id.to_s.empty?
+          path = "#{grants_path}/#{id}"
+          delete(path, user_id: user_id)
+        end
+
+        private
+
+        # Grants API path
+        def grants_path
+          @grants_path ||= '/api/v2/grants'
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/organizations.rb

@@ -320,7 +320,7 @@ module Auth0
           body = {}
           body[:roles] = roles
 
-          delete(path, body)
+          delete_with_body(path, body)
         end
         alias remove_organizations_member_roles delete_organizations_member_roles
 

data/lib/auth0/api/v2.rb

@@ -1,3 +1,5 @@
+require 'auth0/api/v2/grants'
+require 'auth0/api/v2/actions'
 require 'auth0/api/v2/anomaly'
 require 'auth0/api/v2/blacklists'
 require 'auth0/api/v2/branding'
@@ -21,11 +23,14 @@ require 'auth0/api/v2/logs'
 require 'auth0/api/v2/log_streams'
 require 'auth0/api/v2/resource_servers'
 require 'auth0/api/v2/guardian'
+require 'auth0/api/v2/attack_protection'
 
 module Auth0
   module Api
     # https://auth0.com/docs/apiv2
     module V2
+      include Auth0::Api::V2::Grants
+      include Auth0::Api::V2::Actions
       include Auth0::Api::V2::Anomaly
       include Auth0::Api::V2::Blacklists
       include Auth0::Api::V2::Branding
@@ -49,6 +54,7 @@ module Auth0
       include Auth0::Api::V2::ResourceServers
       include Auth0::Api::V2::Tenants
       include Auth0::Api::V2::Tickets
+      include Auth0::Api::V2::AttackProtection
     end
   end
 end

data/lib/auth0/exception.rb

@@ -40,8 +40,20 @@ module Auth0
   class MissingClientId < Auth0::Exception; end
   # exception for unset organization_id
   class MissingOrganizationId < Auth0::Exception; end
+  # exception for unset trigger_id
+  class MissingTriggerId < Auth0::Exception; end
+  # exception for unset action_name
+  class MissingActionName < Auth0::Exception; end
+  # exception for unset action_id
+  class MissingActionId < Auth0::Exception; end
+  # exception for unset execution_id
+  class MissingExecutionId < Auth0::Exception; end
+  # exception for unset trigger_id
+  class MissingTriggerId < Auth0::Exception; end
   # exception for an unset parameter
   class MissingParameter < Auth0::Exception; end
+  # exception for unset version_id
+  class MissingVersionId < Auth0::Exception; end
   # Api v2 access denied
   class AccessDenied < Auth0::HTTPError; end
   # Invalid parameter passed, e.g. empty where ID is required

data/lib/auth0/mixins/api_token_struct.rb

@@ -1,5 +1,4 @@
 Auth0::ApiToken = Struct.new :access_token, :scope, :expires_in do
-
   def token
     access_token
   end

data/lib/auth0/mixins/httpproxy.rb

@@ -1,56 +1,51 @@
 require "addressable/uri"
+require "retryable"
+require_relative "../exception.rb"
 
 module Auth0
   module Mixins
     # here's the proxy for Rest calls based on rest-client, we're building all request on that gem
     # for now, if you want to feel free to use your own http client
     module HTTPProxy
-      attr_accessor :headers, :base_uri, :timeout
+      attr_accessor :headers, :base_uri, :timeout, :retry_count
+      DEAFULT_RETRIES = 3
+      MAX_ALLOWED_RETRIES = 10
+      MAX_REQUEST_RETRY_JITTER = 250
+      MAX_REQUEST_RETRY_DELAY = 1000
+      MIN_REQUEST_RETRY_DELAY = 100
 
       # proxying requests from instance methods to HTTP class methods
       %i(get post post_file put patch delete delete_with_body).each do |method|
         define_method(method) do |uri, body = {}, extra_headers = {}|
-
-          if base_uri
-            # if a base_uri is set then the uri can be encoded as a path
-            safe_path = Addressable::URI.new(path: uri).normalized_path
-          else
-            safe_path = Addressable::URI.escape(uri)
-          end
-
           body = body.delete_if { |_, v| v.nil? }
-          result = if method == :get
-                     # Mutate the headers property to add parameters.
-                     add_headers({params: body})
-                     # Merge custom headers into existing ones for this req.
-                     # This prevents future calls from using them.
-                     get_headers = headers.merge extra_headers
-                     # Make the call with extra_headers, if provided.
-                     call(:get, url(safe_path), timeout, get_headers)
-                   elsif method == :delete
-                     call(:delete, url(safe_path), timeout, add_headers({params: body}))
-                   elsif method == :delete_with_body
-                     call(:delete, url(safe_path), timeout, headers, body.to_json)
-                   elsif method == :post_file
-                     body.merge!(multipart: true)
-                     # Ignore the default Content-Type headers and let the HTTP client define them
-                     post_file_headers = headers.slice(*headers.keys - ['Content-Type'])
-                     # Actual call with the altered headers
-                     call(:post, url(safe_path), timeout, post_file_headers, body)
-                   else
-                     call(method, url(safe_path), timeout, headers, body.to_json)
-                   end
-          case result.code
-          when 200...226 then safe_parse_json(result.body)
-          when 400       then raise Auth0::BadRequest.new(result.body, code: result.code, headers: result.headers)
-          when 401       then raise Auth0::Unauthorized.new(result.body, code: result.code, headers: result.headers)
-          when 403       then raise Auth0::AccessDenied.new(result.body, code: result.code, headers: result.headers)
-          when 404       then raise Auth0::NotFound.new(result.body, code: result.code, headers: result.headers)
-          when 429       then raise Auth0::RateLimitEncountered.new(result.body, code: result.code, headers: result.headers)
-          when 500       then raise Auth0::ServerError.new(result.body, code: result.code, headers: result.headers)
-          else                raise Auth0::Unsupported.new(result.body, code: result.code, headers: result.headers)
-          end
+          token = get_token()
+          authorization_header(token) unless token.nil?
+          request_with_retry(method, uri, body, extra_headers)
+        end
+      end
+
+      def retry_options
+        sleep_timer = lambda do |attempt|
+          wait = 1000 * 2**attempt # Exponential delay with each subsequent request attempt.
+          wait += rand(wait..wait+MAX_REQUEST_RETRY_JITTER) # Add jitter to the delay window.
+          wait = [MAX_REQUEST_RETRY_DELAY, wait].min # Cap delay at MAX_REQUEST_RETRY_DELAY.
+          wait = [MIN_REQUEST_RETRY_DELAY, wait].max # Ensure delay is no less than MIN_REQUEST_RETRY_DELAY.
+          wait / 1000.to_f.round(2) # convert ms to seconds
         end
+
+        tries = 1 + [Integer(retry_count || DEAFULT_RETRIES), MAX_ALLOWED_RETRIES].min # Cap retries at MAX_ALLOWED_RETRIES
+
+        {
+          tries: tries,
+          sleep: sleep_timer,
+          on: Auth0::RateLimitEncountered
+        }
+      end
+
+      def encode_uri(uri)
+        # if a base_uri is set then the uri can be encoded as a path
+        path = base_uri ? Addressable::URI.new(path: uri).normalized_path : Addressable::URI.escape(uri)
+        url(path)
       end
 
       def url(path)
@@ -69,6 +64,47 @@ module Auth0
         body
       end
 
+      def request_with_retry(method, uri, body = {}, extra_headers = {})
+        Retryable.retryable(retry_options) do
+          request(method, uri, body, extra_headers)
+        end
+      end
+
+      def request(method, uri, body = {}, extra_headers = {})
+        result = if method == :get
+          # Mutate the headers property to add parameters.
+          add_headers({params: body})
+          # Merge custom headers into existing ones for this req.
+          # This prevents future calls from using them.
+          get_headers = headers.merge extra_headers
+          # Make the call with extra_headers, if provided.
+          call(:get, encode_uri(uri), timeout, get_headers)
+        elsif method == :delete
+          call(:delete, encode_uri(uri), timeout, add_headers({params: body}))
+        elsif method == :delete_with_body
+          call(:delete, encode_uri(uri), timeout, headers, body.to_json)
+        elsif method == :post_file
+          body.merge!(multipart: true)
+          # Ignore the default Content-Type headers and let the HTTP client define them
+          post_file_headers = headers.slice(*headers.keys - ['Content-Type'])
+          # Actual call with the altered headers
+          call(:post, encode_uri(uri), timeout, post_file_headers, body)
+        else
+          call(method, encode_uri(uri), timeout, headers, body.to_json)
+        end
+
+        case result.code
+        when 200...226 then safe_parse_json(result.body)
+        when 400       then raise Auth0::BadRequest.new(result.body, code: result.code, headers: result.headers)
+        when 401       then raise Auth0::Unauthorized.new(result.body, code: result.code, headers: result.headers)
+        when 403       then raise Auth0::AccessDenied.new(result.body, code: result.code, headers: result.headers)
+        when 404       then raise Auth0::NotFound.new(result.body, code: result.code, headers: result.headers)
+        when 429       then raise Auth0::RateLimitEncountered.new(result.body, code: result.code, headers: result.headers)
+        when 500       then raise Auth0::ServerError.new(result.body, code: result.code, headers: result.headers)
+        else           raise Auth0::Unsupported.new(result.body, code: result.code, headers: result.headers)
+        end
+      end
+
       def call(method, url, timeout, headers, body = nil)
         RestClient::Request.execute(
           method: method,

data/lib/auth0/mixins/initializer.rb

@@ -15,6 +15,7 @@ module Auth0
         @base_uri = base_url(options)
         @headers = client_headers
         @timeout = options[:timeout] || 10
+        @retry_count = options[:retry_count]
         extend Auth0::Api::AuthenticationEndpoints
         @client_id = options[:client_id]
         @client_secret = options[:client_secret]
@@ -58,9 +59,7 @@ module Auth0
 
       def initialize_v2(options)
         extend Auth0::Api::V2
-        @token = options[:access_token] || options[:token]
-        api_identifier = options[:api_identifier] || "https://#{@domain}/api/v2/"
-        @token = api_token(audience: api_identifier).token if @token.nil? && @client_id && @client_secret
+        initialize_token(options)
       end
 
       def api_v2?(options)

data/lib/auth0/mixins/token_management.rb

@@ -0,0 +1,32 @@
+module Auth0
+  module Mixins
+    module TokenManagement
+      
+      private
+
+      def initialize_token(options)
+        @token = options[:access_token] || options[:token]
+        
+        # default expiry to an hour if a token was given but no expires_at
+        @token_expires_at = @token ? options[:token_expires_at] || Time.now.to_i + 3600 : nil 
+
+        @audience = options[:api_identifier] || "https://#{@domain}/api/v2/"
+        get_token() if @token.nil?
+      end
+
+      def get_token
+        has_expired = @token && @token_expires_at ? @token_expires_at < (Time.now.to_i + 10) : false
+        
+        if (@token.nil? || has_expired) && @client_id && @client_secret
+          response = api_token(audience: @audience)
+          @token = response.token
+          @token_expires_at = response.expires_in ? Time.now.to_i + response.expires_in : nil
+
+          @token
+        else
+          @token
+        end
+      end
+    end
+  end
+end

data/lib/auth0/mixins/validation.rb

@@ -335,7 +335,7 @@ module Auth0
           private
 
           def fetch_jwks
-            result = get(@jwks_url)
+            result = request_with_retry(:get, @jwks_url, {}, {})
             @did_fetch_jwks = result.is_a?(Hash) && result.key?('keys')
             result if @did_fetch_jwks
           end

data/lib/auth0/mixins.rb

@@ -9,6 +9,7 @@ require 'auth0/mixins/httpproxy'
 require 'auth0/mixins/initializer'
 require 'auth0/mixins/permission_struct'
 require 'auth0/mixins/validation'
+require 'auth0/mixins/token_management'
 
 require 'auth0/api/authentication_endpoints'
 require 'auth0/api/v2'
@@ -17,6 +18,7 @@ module Auth0
   # Collecting dependencies here
   module Mixins
     include Auth0::Mixins::Headers
+    include Auth0::Mixins::TokenManagement
     include Auth0::Mixins::HTTPProxy
     include Auth0::Mixins::Initializer
   end

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '5.4.0'.freeze
+  VERSION = '5.7.0'.freeze
 end

data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_change_password/should_trigger_a_password_reset.yml

@@ -5,22 +5,22 @@ http_interactions:
     uri: https://auth0-sdk-tests.auth0.com/dbconnections/change_password
     body:
       encoding: UTF-8
-      string: '{"email":"rubytest-username-1@auth0.com","password":"","connection":"Username-Password-Authentication","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI"}'
+      string: '{"email":"rubytest-210908-username-1@auth0.com","password":"","connection":"Username-Password-Authentication","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI"}'
     headers:
       Accept:
       - "*/*"
-      Accept-Encoding:
-      - gzip, deflate
       User-Agent:
-      - Ruby/2.5.1
+      - rest-client/2.1.0 (darwin19.6.0 x86_64) ruby/2.7.0p0
       Content-Type:
       - application/json
       Auth0-Client:
-      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjUuMCJ9
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjUuMCIsImVudiI6eyJydWJ5IjoiMi43LjAifX0=
       Authorization:
       - Bearer API_TOKEN
       Content-Length:
-      - '150'
+      - '157'
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
       Host:
       - auth0-sdk-tests.auth0.com
   response:
@@ -29,35 +29,65 @@ http_interactions:
       message: OK
     headers:
       Date:
-      - Wed, 10 Oct 2018 23:19:59 GMT
+      - Fri, 03 Sep 2021 20:16:11 GMT
       Content-Type:
       - text/html; charset=utf-8
       Transfer-Encoding:
       - chunked
       Connection:
       - keep-alive
+      Cf-Ray:
+      - 6891a783fa1aeb79-LAX
+      Access-Control-Allow-Origin:
+      - "*"
+      Cache-Control:
+      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
+      Etag:
+      - W/"34-isurgRF3drpbztqj/kuLX3wcQN4"
+      Set-Cookie:
+      - did=s%3Av0%3Ac7c670e0-0cf3-11ec-8fcc-b1ac7dd7e8e6.SMKCwsFbZxS1wgznun%2Bc4MrNN8Yb7eXSJYergKRIbm4;
+        Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:10 GMT; HttpOnly;
+        Secure; SameSite=None
+      - did_compat=s%3Av0%3Ac7c670e0-0cf3-11ec-8fcc-b1ac7dd7e8e6.SMKCwsFbZxS1wgznun%2Bc4MrNN8Yb7eXSJYergKRIbm4;
+        Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:11 GMT; HttpOnly;
+        Secure
+      Strict-Transport-Security:
+      - max-age=31536000
       Vary:
-      - Accept-Encoding
+      - Accept-Encoding, Origin
+      Cf-Cache-Status:
+      - DYNAMIC
+      Access-Control-Allow-Credentials:
+      - 'false'
+      Access-Control-Expose-Headers:
+      - X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset
+      Expect-Ct:
+      - max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
+      Ot-Baggage-Auth0-Request-Id:
+      - 6891a783fa1aeb79
+      Ot-Tracer-Sampled:
+      - 'true'
+      Ot-Tracer-Spanid:
+      - 73ed236e3e952604
+      Ot-Tracer-Traceid:
+      - 75dde96b4f4143d1
       X-Auth0-Requestid:
-      - b1edcce5da4346cf4e72
+      - 46bd91e5c530f4b3a9f7
+      X-Content-Type-Options:
+      - nosniff
       X-Ratelimit-Limit:
       - '10'
       X-Ratelimit-Remaining:
       - '9'
       X-Ratelimit-Reset:
-      - '1539213660'
-      Cache-Control:
-      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
-      Strict-Transport-Security:
-      - max-age=15724800
-      X-Robots-Tag:
-      - noindex, nofollow, nosnippet, noarchive
-      Content-Encoding:
-      - gzip
+      - '1630700231'
+      Server:
+      - cloudflare
+      Alt-Svc:
+      - h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
+        ma=86400
     body:
       encoding: ASCII-8BIT
-      string: !binary |-
-        H4sIAAAAAAAAAwtPVS9LVcgqLS5RKE7NK1GozC9VSMxTSM1NzMxRKMlXKEotTgWLFikUJBYXl+cXpegBAKHKLwA0AAAA
-    http_version: 
-  recorded_at: Wed, 10 Oct 2018 23:19:59 GMT
-recorded_with: VCR 4.0.0
+      string: We've just sent you an email to reset your password.
+  recorded_at: Fri, 03 Sep 2021 20:16:10 GMT
+recorded_with: VCR 6.0.0

data/spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_login_with_resource_owner/should_fail_with_an_incorrect_email.yml

@@ -5,22 +5,22 @@ http_interactions:
     uri: https://auth0-sdk-tests.auth0.com/oauth/token
     body:
       encoding: UTF-8
-      string: '{"username":"rubytest-username-1@auth0.com_invalid","password":"23kejn2jk3en2jke2jk3be2jk3ber","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI","client_secret":"CLIENT_SECRET","scope":"openid","grant_type":"password"}'
+      string: '{"username":"rubytest-210908-username-1@auth0.com_invalid","password":"23kejn2jk3en2jke2jk3be2jk3ber","client_id":"2cnWuug6zaFX1j0ge1P99jAUn0F4XSuI","client_secret":"CLIENT_SECRET","scope":"openid","grant_type":"password"}'
     headers:
       Accept:
       - "*/*"
-      Accept-Encoding:
-      - gzip, deflate
       User-Agent:
-      - Ruby/2.5.1
+      - rest-client/2.1.0 (darwin19.6.0 x86_64) ruby/2.7.0p0
       Content-Type:
       - application/json
       Auth0-Client:
-      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI0LjUuMCJ9
+      - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjUuMCIsImVudiI6eyJydWJ5IjoiMi43LjAifX0=
       Authorization:
       - Bearer API_TOKEN
       Content-Length:
-      - '266'
+      - '273'
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
       Host:
       - auth0-sdk-tests.auth0.com
   response:
@@ -29,26 +29,57 @@ http_interactions:
       message: Forbidden
     headers:
       Date:
-      - Wed, 17 Oct 2018 17:17:52 GMT
+      - Fri, 03 Sep 2021 20:16:12 GMT
       Content-Type:
       - application/json
-      Content-Length:
-      - '72'
+      Transfer-Encoding:
+      - chunked
       Connection:
       - keep-alive
+      Cf-Ray:
+      - 6891a78eaa9d04b4-LAX
+      Cache-Control:
+      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
+      Set-Cookie:
+      - did=s%3Av0%3Ac8c67bc0-0cf3-11ec-a06b-fb16f7884f9b.SifCcrmcjM8PKlpAAH8qLYoWeyeN%2FqvtDC0ZweexKDY;
+        Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:12 GMT; HttpOnly;
+        Secure; SameSite=None
+      - did_compat=s%3Av0%3Ac8c67bc0-0cf3-11ec-a06b-fb16f7884f9b.SifCcrmcjM8PKlpAAH8qLYoWeyeN%2FqvtDC0ZweexKDY;
+        Max-Age=31557600; Path=/; Expires=Sun, 04 Sep 2022 02:16:12 GMT; HttpOnly;
+        Secure
+      Strict-Transport-Security:
+      - max-age=31536000
+      Vary:
+      - Accept-Encoding, Origin
+      Cf-Cache-Status:
+      - DYNAMIC
+      Expect-Ct:
+      - max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
+      Ot-Baggage-Auth0-Request-Id:
+      - 6891a78eaa9d04b4
+      Ot-Tracer-Sampled:
+      - 'true'
+      Ot-Tracer-Spanid:
+      - 238a8dd0640d43a0
+      Ot-Tracer-Traceid:
+      - 431cac8f77136f2c
       X-Auth0-Requestid:
-      - b6bab16857282fef5757
+      - b0a5dc12c514c43e1e72
+      X-Content-Type-Options:
+      - nosniff
       X-Ratelimit-Limit:
       - '100'
       X-Ratelimit-Remaining:
-      - '94'
+      - '97'
       X-Ratelimit-Reset:
-      - '1539801484'
-      Cache-Control:
-      - private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
+      - '1630702765'
+      Server:
+      - cloudflare
+      Alt-Svc:
+      - h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
+        ma=86400
     body:
-      encoding: UTF-8
+      encoding: ASCII-8BIT
       string: '{"error":"invalid_grant","error_description":"Wrong email or password."}'
-    http_version: 
-  recorded_at: Wed, 17 Oct 2018 17:17:52 GMT
-recorded_with: VCR 4.0.0
+  recorded_at: Fri, 03 Sep 2021 20:16:12 GMT
+recorded_with: VCR 6.0.0