RubyGems - auth0 - Versions diffs - 5.4.0 → 5.7.0 - Mend

auth0 5.4.0 → 5.7.0

Files changed (233) hide show

data/spec/lib/auth0/mixins/httpproxy_spec.rb CHANGED Viewed

@@ -6,6 +6,7 @@ describe Auth0::Mixins::HTTPProxy do
     dummy_instance = DummyClassForProxy.new
     dummy_instance.extend(Auth0::Mixins::HTTPProxy)
     dummy_instance.base_uri = "https://auth0.com"
+    dummy_instance.retry_count = 0
     @instance = dummy_instance
     @exception = DummyClassForRestClient.new
@@ -152,6 +153,100 @@ describe Auth0::Mixins::HTTPProxy do
           .and_return(StubResponse.new({}, true, 200))
         expect { @instance.send(http_method, '/te st#test') }.not_to raise_error
       end
+      context "when status 429 is recieved on send http #{http_method} method" do
+        it "should retry 3 times when retry_count is not set" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: { params: {} },
+                                                              payload: nil)
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(4).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should retry 2 times when retry_count is set to 2" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: { params: {} },
+                                                              payload: nil)
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(3).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should not retry when retry_count is set to 0" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 0
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: { params: {} },
+                                                              payload: nil)
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(1).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should have have random retry times grow with jitter backoff" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          time_entries = []
+          @time_start
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                               url: 'https://auth0.com/test',
+                                                               timeout: nil,
+                                                               headers: { params: {} },
+                                                               payload: nil) do
+            time_entries.push(Time.now.to_f - @time_start.to_f)
+            @time_start = Time.now.to_f # restart the clock
+            raise @exception
+          end
+          @time_start = Time.now.to_f #start the clock
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries_first_set = time_entries.shift(time_entries.length)
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries.each_with_index do |entry, index|
+            if index > 0 #skip the first request
+              expect(entry != time_entries_first_set[index])
+            end
+          end
+        end
+      end
     end
   end
@@ -301,6 +396,204 @@ describe Auth0::Mixins::HTTPProxy do
           .and_return(StubResponse.new(res, true, 404))
         expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound, res)
       end
+      context "when status 429 is recieved on send http #{http_method} method" do
+        it "should retry 3 times when retry_count is not set" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: nil,
+                                                              payload: '{}')
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(4).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should retry 2 times when retry_count is set to 2" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: nil,
+                                                              payload: '{}')
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(3).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should not retry when retry_count is set to 0" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 0
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: nil,
+                                                              payload: '{}')
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(1).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should have have random retry times grow with jitter backoff" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          time_entries = []
+          @time_start
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                               url: 'https://auth0.com/test',
+                                                               timeout: nil,
+                                                               headers: nil,
+                                                               payload: '{}') do
+            time_entries.push(Time.now.to_f - @time_start.to_f)
+            @time_start = Time.now.to_f # restart the clock
+            raise @exception
+          end
+          @time_start = Time.now.to_f #start the clock
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries_first_set = time_entries.shift(time_entries.length)
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries.each_with_index do |entry, index|
+            if index > 0 #skip the first request
+              expect(entry != time_entries_first_set[index])
+            end
+          end
+        end
+      end
+    end
+  end
+  context "Renewing tokens" do
+    before :each do
+      @token_instance = DummyClassForTokens.new(
+        client_id: 'test-client-id',
+        client_secret: 'test-client-secret',
+        domain: 'auth0.com')
+    end
+    %i(get delete).each do |http_method|
+      context "for #{http_method}" do
+        it 'should renew the token' do
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ) ).and_return(StubResponse.new({
+            "access_token" => "access_token",
+            "expires_in" => 86400},
+            true,
+            200))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { params: {}, "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+    %i(post put patch).each do |http_method|
+      context "for #{http_method}" do
+        it 'should renew the token' do
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ) ).and_return(StubResponse.new({
+            "access_token" => "access_token",
+            "expires_in" => 86400},
+            true,
+            200))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+  end
+  context "Using cached tokens" do
+    before :each do
+      @token_instance = DummyClassForTokens.new(
+        client_id: 'test-client-id',
+        client_secret: 'test-client-secret',
+        domain: 'auth0.com',
+        token: 'access_token',
+        token_expires_at: Time.now.to_i + 86400)
+    end
+    %i(get delete).each do |http_method|
+      context "for #{http_method}" do
+        it 'should use the cached token' do
+          expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { params: {}, "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+    %i(post put patch).each do |http_method|
+      context "for #{http_method}" do
+        it 'should use the cached token' do
+          expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
     end
   end
 end

data/spec/lib/auth0/mixins/initializer_spec.rb CHANGED Viewed

@@ -1,18 +1,36 @@
 require 'spec_helper'
+require 'timecop'
 class MockClass
   attr_reader :token
   include Auth0::Mixins::Initializer
   include Auth0::Mixins::HTTPProxy
   include Auth0::Mixins::Headers
+  include Auth0::Mixins::TokenManagement
 end
 describe Auth0::Mixins::Initializer do
   let(:params) { { namespace: 'samples.auth0.com' } }
   let(:instance) { DummyClassForProxy.send(:include, described_class).new(params) }
+  let(:time_now) { Time.now }
   context 'api v2' do
+    it 'sets retry_count when passed' do
+      params[:token] = '123'
+      params[:retry_count] = 10
+      expect(instance.instance_variable_get('@retry_count')).to eq(10)
+    end
+  end
+  context 'token initialization' do
     before do
       params[:api_version] = 2
+      Timecop.freeze(time_now)
+    end
+    after do
+      Timecop.return
     end
     it 'sets token when access_token is passed' do
@@ -26,5 +44,74 @@ describe Auth0::Mixins::Initializer do
       expect(instance.instance_variable_get('@token')).to eq('123')
     end
+    it 'fetches a token if none was given' do
+      params[:client_id] = client_id = 'test_client_id'
+      params[:client_secret] = client_secret = 'test_client_secret'
+      params[:api_identifier] = api_identifier = 'test'
+      payload = {
+        grant_type: 'client_credentials',
+        client_id: client_id,
+        client_secret: client_secret,
+        audience: api_identifier
+      }
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "test",
+        "expires_in" => 86400},
+        true,
+        200))
+      expect(instance.instance_variable_get('@token')).to eq('test')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it "doesn't get a new token if one was supplied using 'token'" do
+      params[:token] = 'access-token'
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+          method: :post,
+          url: 'https://samples.auth0.com/oauth/token',
+      ))
+      expect(instance.instance_variable_get('@token')).to eq('access-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(Time.now.to_i + 3600)
+    end
+    it "doesn't get a new token if one was supplied using 'access_token'" do
+      params[:access_token] = 'access-token'
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+          method: :post,
+          url: 'https://samples.auth0.com/oauth/token',
+      ))
+      expect(instance.instance_variable_get('@token')).to eq('access-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(Time.now.to_i + 3600)
+    end
+    it 'can supply token_expires_at option' do
+      params[:token] = 'access-token'
+      params[:token_expires_at] = time_now.to_i + 300
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+          method: :post,
+          url: 'https://samples.auth0.com/oauth/token',
+      ))
+      expect(instance.instance_variable_get('@token')).to eq('access-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 300)
+    end
+    it 'throws if no token or credentials were given' do
+      params[:client_id] = 'test-client-id'
+      expect { instance }.to raise_error(Auth0::InvalidCredentials)
+    end
   end
 end

data/spec/lib/auth0/mixins/token_management_spec.rb ADDED Viewed

@@ -0,0 +1,125 @@
+require 'spec_helper'
+require 'timecop'
+describe Auth0::Mixins::TokenManagement do
+  let(:client_id) { 'test-client-id' }
+  let(:client_secret) { 'test-client-secret' }
+  let(:api_identifier) { 'test-audience' }
+  let(:domain) { 'samples.auth0.com' }
+  let(:payload) { {
+    grant_type: 'client_credentials',
+    client_id: client_id,
+    client_secret: client_secret,
+    audience: api_identifier
+  } }
+  let(:params) { {
+    domain: domain,
+    client_id: client_id,
+    client_secret: client_secret,
+    api_identifier: api_identifier
+  } }
+  let(:instance) { DummyClassForTokens.send(:include, described_class).new(params) }
+  let(:time_now) { Time.now }
+  before :each do
+    Timecop.freeze(time_now)
+  end
+  after :each do
+    Timecop.return
+  end
+  context 'get_token' do
+    it 'renews the token if there is no token set' do
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "test",
+        "expires_in" => 86400},
+        true,
+        200))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('test')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'does not renew the token if the expiry time has not been reached' do
+      params[:token] = 'test-token'
+      params[:token_expires_at] = time_now.to_i + 86400
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+      ))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('test-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'renews the token if within 10 seconds of the expiry' do
+      params[:token] = 'test-token'
+      params[:token_expires_at] = time_now.to_i + 5
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "renewed_token",
+        "expires_in" => 86400},
+        true,
+        200))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('renewed_token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'renews the token if past the expiry' do
+      params[:token] = 'test-token'
+      params[:token_expires_at] = time_now.to_i - 10
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "renewed_token",
+        "expires_in" => 86400},
+        true,
+        200))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('renewed_token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'does not renew existing token if no token_expires_at' do
+      params[:token] = 'test-token'
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+      ))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('test-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to be_nil
+    end
+  end
+end

data/spec/spec_helper.rb CHANGED Viewed

@@ -62,7 +62,7 @@ rescue RSpec::Expectations::ExpectationNotMetError => e
 end
 def entity_suffix
-  'rubytest'
+  'rubytest-210908'
 end
 puts "Entity suffix is #{entity_suffix}"

data/spec/support/dummy_class_for_proxy.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 class DummyClassForProxy
   include Auth0::Mixins::HTTPProxy
   include Auth0::Mixins::Headers
+  include Auth0::Mixins::TokenManagement
 end

data/spec/support/dummy_class_for_tokens.rb ADDED Viewed

@@ -0,0 +1,17 @@
+class DummyClassForTokens
+  include Auth0::Mixins::HTTPProxy
+  include Auth0::Mixins::Headers
+  include Auth0::Mixins::TokenManagement
+  include Auth0::Mixins::Initializer
+  def initialize(config)
+    extend Auth0::Api::AuthenticationEndpoints
+    @client_id = config[:client_id]
+    @client_secret = config[:client_secret]
+    @audience = config[:api_identifier]
+    @domain = config[:domain]
+    @base_uri = "https://#{@domain}"
+    @token = config[:token]
+    @token_expires_at = config[:token_expires_at]
+  end
+end