RubyGems - auth0 - Versions diffs - 5.4.0 → 5.7.0 - Mend

auth0 5.4.0 → 5.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (233) hide show

data/spec/lib/auth0/mixins/httpproxy_spec.rb CHANGED Viewed

@@ -6,6 +6,7 @@ describe Auth0::Mixins::HTTPProxy do
     dummy_instance = DummyClassForProxy.new
     dummy_instance.extend(Auth0::Mixins::HTTPProxy)
     dummy_instance.base_uri = "https://auth0.com"
+    dummy_instance.retry_count = 0
     @instance = dummy_instance
     @exception = DummyClassForRestClient.new
@@ -152,6 +153,100 @@ describe Auth0::Mixins::HTTPProxy do
           .and_return(StubResponse.new({}, true, 200))
         expect { @instance.send(http_method, '/te st#test') }.not_to raise_error
       end
+      context "when status 429 is recieved on send http #{http_method} method" do
+        it "should retry 3 times when retry_count is not set" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: { params: {} },
+                                                              payload: nil)
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(4).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should retry 2 times when retry_count is set to 2" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: { params: {} },
+                                                              payload: nil)
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(3).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should not retry when retry_count is set to 0" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 0
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: { params: {} },
+                                                              payload: nil)
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(1).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should have have random retry times grow with jitter backoff" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          time_entries = []
+          @time_start
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                               url: 'https://auth0.com/test',
+                                                               timeout: nil,
+                                                               headers: { params: {} },
+                                                               payload: nil) do
+            time_entries.push(Time.now.to_f - @time_start.to_f)
+            @time_start = Time.now.to_f # restart the clock
+            raise @exception
+          end
+          @time_start = Time.now.to_f #start the clock
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries_first_set = time_entries.shift(time_entries.length)
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries.each_with_index do |entry, index|
+            if index > 0 #skip the first request
+              expect(entry != time_entries_first_set[index])
+            end
+          end
+        end
+      end
     end
   end
@@ -301,6 +396,204 @@ describe Auth0::Mixins::HTTPProxy do
           .and_return(StubResponse.new(res, true, 404))
         expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound, res)
       end
+      context "when status 429 is recieved on send http #{http_method} method" do
+        it "should retry 3 times when retry_count is not set" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: nil,
+                                                              payload: '{}')
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(4).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should retry 2 times when retry_count is set to 2" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: nil,
+                                                              payload: '{}')
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(3).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should not retry when retry_count is set to 0" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 0
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                              url: 'https://auth0.com/test',
+                                                              timeout: nil,
+                                                              headers: nil,
+                                                              payload: '{}')
+            .and_raise(@exception)
+          expect(RestClient::Request).to receive(:execute).exactly(1).times
+          expect { retry_instance.send(http_method, '/test') }.to raise_error { |error|
+            expect(error).to be_a(Auth0::RateLimitEncountered)
+          }
+        end
+        it "should have have random retry times grow with jitter backoff" do
+          retry_instance = DummyClassForProxy.new
+          retry_instance.extend(Auth0::Mixins::HTTPProxy)
+          retry_instance.base_uri = "https://auth0.com"
+          retry_instance.retry_count = 2
+          time_entries = []
+          @time_start
+          @exception.response = StubResponse.new({}, false, 429)
+          allow(RestClient::Request).to receive(:execute).with(method: http_method,
+                                                               url: 'https://auth0.com/test',
+                                                               timeout: nil,
+                                                               headers: nil,
+                                                               payload: '{}') do
+            time_entries.push(Time.now.to_f - @time_start.to_f)
+            @time_start = Time.now.to_f # restart the clock
+            raise @exception
+          end
+          @time_start = Time.now.to_f #start the clock
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries_first_set = time_entries.shift(time_entries.length)
+          retry_instance.send(http_method, '/test') rescue nil
+          time_entries.each_with_index do |entry, index|
+            if index > 0 #skip the first request
+              expect(entry != time_entries_first_set[index])
+            end
+          end
+        end
+      end
+    end
+  end
+  context "Renewing tokens" do
+    before :each do
+      @token_instance = DummyClassForTokens.new(
+        client_id: 'test-client-id',
+        client_secret: 'test-client-secret',
+        domain: 'auth0.com')
+    end
+    %i(get delete).each do |http_method|
+      context "for #{http_method}" do
+        it 'should renew the token' do
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ) ).and_return(StubResponse.new({
+            "access_token" => "access_token",
+            "expires_in" => 86400},
+            true,
+            200))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { params: {}, "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+    %i(post put patch).each do |http_method|
+      context "for #{http_method}" do
+        it 'should renew the token' do
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ) ).and_return(StubResponse.new({
+            "access_token" => "access_token",
+            "expires_in" => 86400},
+            true,
+            200))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+  end
+  context "Using cached tokens" do
+    before :each do
+      @token_instance = DummyClassForTokens.new(
+        client_id: 'test-client-id',
+        client_secret: 'test-client-secret',
+        domain: 'auth0.com',
+        token: 'access_token',
+        token_expires_at: Time.now.to_i + 86400)
+    end
+    %i(get delete).each do |http_method|
+      context "for #{http_method}" do
+        it 'should use the cached token' do
+          expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { params: {}, "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+    %i(post put patch).each do |http_method|
+      context "for #{http_method}" do
+        it 'should use the cached token' do
+          expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+            method: :post,
+            url: 'https://auth0.com/oauth/token',
+          ))
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_method,
+            url: 'https://auth0.com/test',
+            headers: { "Authorization" => "Bearer access_token" }
+          )).and_return(StubResponse.new('Some random text here', true, 200))
+          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
     end
   end
 end

data/spec/lib/auth0/mixins/initializer_spec.rb CHANGED Viewed

@@ -1,18 +1,36 @@
 require 'spec_helper'
+require 'timecop'
 class MockClass
   attr_reader :token
   include Auth0::Mixins::Initializer
   include Auth0::Mixins::HTTPProxy
   include Auth0::Mixins::Headers
+  include Auth0::Mixins::TokenManagement
 end
 describe Auth0::Mixins::Initializer do
   let(:params) { { namespace: 'samples.auth0.com' } }
   let(:instance) { DummyClassForProxy.send(:include, described_class).new(params) }
+  let(:time_now) { Time.now }
   context 'api v2' do
+    it 'sets retry_count when passed' do
+      params[:token] = '123'
+      params[:retry_count] = 10
+      expect(instance.instance_variable_get('@retry_count')).to eq(10)
+    end
+  end
+  context 'token initialization' do
     before do
       params[:api_version] = 2
+      Timecop.freeze(time_now)
+    end
+    after do
+      Timecop.return
     end
     it 'sets token when access_token is passed' do
@@ -26,5 +44,74 @@ describe Auth0::Mixins::Initializer do
       expect(instance.instance_variable_get('@token')).to eq('123')
     end
+    it 'fetches a token if none was given' do
+      params[:client_id] = client_id = 'test_client_id'
+      params[:client_secret] = client_secret = 'test_client_secret'
+      params[:api_identifier] = api_identifier = 'test'
+      payload = {
+        grant_type: 'client_credentials',
+        client_id: client_id,
+        client_secret: client_secret,
+        audience: api_identifier
+      }
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "test",
+        "expires_in" => 86400},
+        true,
+        200))
+      expect(instance.instance_variable_get('@token')).to eq('test')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it "doesn't get a new token if one was supplied using 'token'" do
+      params[:token] = 'access-token'
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+          method: :post,
+          url: 'https://samples.auth0.com/oauth/token',
+      ))
+      expect(instance.instance_variable_get('@token')).to eq('access-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(Time.now.to_i + 3600)
+    end
+    it "doesn't get a new token if one was supplied using 'access_token'" do
+      params[:access_token] = 'access-token'
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+          method: :post,
+          url: 'https://samples.auth0.com/oauth/token',
+      ))
+      expect(instance.instance_variable_get('@token')).to eq('access-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(Time.now.to_i + 3600)
+    end
+    it 'can supply token_expires_at option' do
+      params[:token] = 'access-token'
+      params[:token_expires_at] = time_now.to_i + 300
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+          method: :post,
+          url: 'https://samples.auth0.com/oauth/token',
+      ))
+      expect(instance.instance_variable_get('@token')).to eq('access-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 300)
+    end
+    it 'throws if no token or credentials were given' do
+      params[:client_id] = 'test-client-id'
+      expect { instance }.to raise_error(Auth0::InvalidCredentials)
+    end
   end
 end

data/spec/lib/auth0/mixins/token_management_spec.rb ADDED Viewed

@@ -0,0 +1,125 @@
+require 'spec_helper'
+require 'timecop'
+describe Auth0::Mixins::TokenManagement do
+  let(:client_id) { 'test-client-id' }
+  let(:client_secret) { 'test-client-secret' }
+  let(:api_identifier) { 'test-audience' }
+  let(:domain) { 'samples.auth0.com' }
+  let(:payload) { {
+    grant_type: 'client_credentials',
+    client_id: client_id,
+    client_secret: client_secret,
+    audience: api_identifier
+  } }
+  let(:params) { {
+    domain: domain,
+    client_id: client_id,
+    client_secret: client_secret,
+    api_identifier: api_identifier
+  } }
+  let(:instance) { DummyClassForTokens.send(:include, described_class).new(params) }
+  let(:time_now) { Time.now }
+  before :each do
+    Timecop.freeze(time_now)
+  end
+  after :each do
+    Timecop.return
+  end
+  context 'get_token' do
+    it 'renews the token if there is no token set' do
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "test",
+        "expires_in" => 86400},
+        true,
+        200))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('test')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'does not renew the token if the expiry time has not been reached' do
+      params[:token] = 'test-token'
+      params[:token_expires_at] = time_now.to_i + 86400
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+      ))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('test-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'renews the token if within 10 seconds of the expiry' do
+      params[:token] = 'test-token'
+      params[:token_expires_at] = time_now.to_i + 5
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "renewed_token",
+        "expires_in" => 86400},
+        true,
+        200))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('renewed_token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'renews the token if past the expiry' do
+      params[:token] = 'test-token'
+      params[:token_expires_at] = time_now.to_i - 10
+      expect(RestClient::Request).to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+        payload: payload.to_json
+      ))
+      .and_return(StubResponse.new({
+        "access_token" => "renewed_token",
+        "expires_in" => 86400},
+        true,
+        200))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('renewed_token')
+      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    end
+    it 'does not renew existing token if no token_expires_at' do
+      params[:token] = 'test-token'
+      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
+        method: :post,
+        url: 'https://samples.auth0.com/oauth/token',
+      ))
+      instance.send(:get_token)
+      expect(instance.instance_variable_get('@token')).to eq('test-token')
+      expect(instance.instance_variable_get('@token_expires_at')).to be_nil
+    end
+  end
+end

data/spec/spec_helper.rb CHANGED Viewed

@@ -62,7 +62,7 @@ rescue RSpec::Expectations::ExpectationNotMetError => e
 end
 def entity_suffix
-  'rubytest'
+  'rubytest-210908'
 end
 puts "Entity suffix is #{entity_suffix}"

data/spec/support/dummy_class_for_proxy.rb CHANGED Viewed

@@ -1,4 +1,5 @@
 class DummyClassForProxy
   include Auth0::Mixins::HTTPProxy
   include Auth0::Mixins::Headers
+  include Auth0::Mixins::TokenManagement
 end

data/spec/support/dummy_class_for_tokens.rb ADDED Viewed

@@ -0,0 +1,17 @@
+class DummyClassForTokens
+  include Auth0::Mixins::HTTPProxy
+  include Auth0::Mixins::Headers
+  include Auth0::Mixins::TokenManagement
+  include Auth0::Mixins::Initializer
+  def initialize(config)
+    extend Auth0::Api::AuthenticationEndpoints
+    @client_id = config[:client_id]
+    @client_secret = config[:client_secret]
+    @audience = config[:api_identifier]
+    @domain = config[:domain]
+    @base_uri = "https://#{@domain}"
+    @token = config[:token]
+    @token_expires_at = config[:token_expires_at]
+  end
+end