auth0 5.6.1 → 5.8.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/config.yml +16 -2
- data/.github/dependabot.yml +10 -0
- data/.github/workflows/semgrep.yml +28 -0
- data/.gitignore +0 -1
- data/CHANGELOG.md +43 -1
- data/Gemfile +1 -0
- data/Gemfile.lock +241 -0
- data/README.md +1 -1
- data/auth0.gemspec +1 -1
- data/lib/auth0/api/authentication_endpoints.rb +1 -1
- data/lib/auth0/api/v2/attack_protection.rb +79 -0
- data/lib/auth0/api/v2/device_credentials.rb +8 -3
- data/lib/auth0/api/v2/organizations.rb +2 -2
- data/lib/auth0/api/v2.rb +2 -0
- data/lib/auth0/mixins/validation.rb +4 -4
- data/lib/auth0/version.rb +1 -1
- data/spec/lib/auth0/api/v2/actions_spec.rb +13 -13
- data/spec/lib/auth0/api/v2/attack_protection_spec.rb +132 -0
- data/spec/lib/auth0/api/v2/blacklists_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/branding_spec.rb +4 -3
- data/spec/lib/auth0/api/v2/client_grants_spec.rb +8 -8
- data/spec/lib/auth0/api/v2/clients_spec.rb +12 -12
- data/spec/lib/auth0/api/v2/connections_spec.rb +10 -10
- data/spec/lib/auth0/api/v2/device_credentials_spec.rb +39 -10
- data/spec/lib/auth0/api/v2/emails_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/grants_spec.rb +10 -10
- data/spec/lib/auth0/api/v2/jobs_spec.rb +18 -17
- data/spec/lib/auth0/api/v2/log_streams_spec.rb +3 -3
- data/spec/lib/auth0/api/v2/logs_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/organizations_spec.rb +14 -14
- data/spec/lib/auth0/api/v2/resource_servers_spec.rb +5 -5
- data/spec/lib/auth0/api/v2/roles_spec.rb +22 -22
- data/spec/lib/auth0/api/v2/rules_spec.rb +7 -7
- data/spec/lib/auth0/api/v2/stats_spec.rb +1 -1
- data/spec/lib/auth0/api/v2/tenants_spec.rb +1 -1
- data/spec/lib/auth0/api/v2/tickets_spec.rb +14 -14
- data/spec/lib/auth0/api/v2/user_blocks_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/users_by_email_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/users_spec.rb +23 -23
- data/spec/lib/auth0/mixins/validation_spec.rb +16 -2
- metadata +11 -5
|
@@ -17,7 +17,7 @@ describe Auth0::Api::V2::Users do
|
|
|
17
17
|
|
|
18
18
|
it 'is expected to get /api/v2/users' do
|
|
19
19
|
expect(@instance).to receive(:get).with(
|
|
20
|
-
'/api/v2/users',
|
|
20
|
+
'/api/v2/users', {
|
|
21
21
|
per_page: nil,
|
|
22
22
|
page: nil,
|
|
23
23
|
include_totals: nil,
|
|
@@ -27,13 +27,13 @@ describe Auth0::Api::V2::Users do
|
|
|
27
27
|
include_fields: nil,
|
|
28
28
|
q: nil,
|
|
29
29
|
search_engine: nil
|
|
30
|
-
)
|
|
30
|
+
})
|
|
31
31
|
expect { @instance.users }.not_to raise_error
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
it 'is expected to get /api/v2/users with custom parameters' do
|
|
35
35
|
expect(@instance).to receive(:get).with(
|
|
36
|
-
'/api/v2/users',
|
|
36
|
+
'/api/v2/users', {
|
|
37
37
|
per_page: 10,
|
|
38
38
|
page: 1,
|
|
39
39
|
include_totals: true,
|
|
@@ -43,7 +43,7 @@ describe Auth0::Api::V2::Users do
|
|
|
43
43
|
include_fields: nil,
|
|
44
44
|
q: nil,
|
|
45
45
|
search_engine: 'v3'
|
|
46
|
-
)
|
|
46
|
+
})
|
|
47
47
|
expect do
|
|
48
48
|
@instance.users(
|
|
49
49
|
search_engine: 'v3',
|
|
@@ -64,10 +64,10 @@ describe Auth0::Api::V2::Users do
|
|
|
64
64
|
|
|
65
65
|
it 'is expected to call get request to /api/v2/users/USER_ID' do
|
|
66
66
|
expect(@instance).to receive(:get).with(
|
|
67
|
-
'/api/v2/users/USER_ID',
|
|
67
|
+
'/api/v2/users/USER_ID', {
|
|
68
68
|
fields: nil,
|
|
69
69
|
include_fields: true
|
|
70
|
-
)
|
|
70
|
+
})
|
|
71
71
|
expect { @instance.user('USER_ID') }.not_to raise_error
|
|
72
72
|
end
|
|
73
73
|
|
|
@@ -83,11 +83,11 @@ describe Auth0::Api::V2::Users do
|
|
|
83
83
|
|
|
84
84
|
it 'is expected to post to /api/v2/users' do
|
|
85
85
|
expect(@instance).to receive(:post).with(
|
|
86
|
-
'/api/v2/users',
|
|
86
|
+
'/api/v2/users', {
|
|
87
87
|
email: 'test@test.com',
|
|
88
88
|
password: 'password',
|
|
89
89
|
connection: 'conn'
|
|
90
|
-
)
|
|
90
|
+
})
|
|
91
91
|
expect do
|
|
92
92
|
@instance.create_user(
|
|
93
93
|
'conn',
|
|
@@ -169,12 +169,12 @@ describe Auth0::Api::V2::Users do
|
|
|
169
169
|
|
|
170
170
|
it 'is expected to patch /api/v2/users/USER_ID' do
|
|
171
171
|
expect(@instance).to receive(:patch).with(
|
|
172
|
-
'/api/v2/users/USER_ID',
|
|
172
|
+
'/api/v2/users/USER_ID', {
|
|
173
173
|
email: 'test@test.com',
|
|
174
174
|
password: 'password',
|
|
175
175
|
connection: 'conn',
|
|
176
176
|
name: 'name'
|
|
177
|
-
)
|
|
177
|
+
})
|
|
178
178
|
@instance.patch_user(
|
|
179
179
|
'USER_ID',
|
|
180
180
|
email: 'test@test.com',
|
|
@@ -199,7 +199,7 @@ describe Auth0::Api::V2::Users do
|
|
|
199
199
|
end
|
|
200
200
|
|
|
201
201
|
it 'is expected to post to /api/v2/users/UserId/identities' do
|
|
202
|
-
expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/identities', body: 'json body')
|
|
202
|
+
expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/identities', { body: 'json body' })
|
|
203
203
|
@instance.link_user_account('USER_ID', body: 'json body')
|
|
204
204
|
end
|
|
205
205
|
|
|
@@ -255,12 +255,12 @@ describe Auth0::Api::V2::Users do
|
|
|
255
255
|
|
|
256
256
|
it 'is expected to get /api/v2/USER_ID/logs' do
|
|
257
257
|
expect(@instance).to receive(:get).with(
|
|
258
|
-
'/api/v2/users/USER_ID/logs',
|
|
258
|
+
'/api/v2/users/USER_ID/logs', {
|
|
259
259
|
per_page: nil,
|
|
260
260
|
page: nil,
|
|
261
261
|
include_totals: nil,
|
|
262
262
|
sort: nil
|
|
263
|
-
)
|
|
263
|
+
})
|
|
264
264
|
expect { @instance.user_logs('USER_ID') }.not_to raise_error
|
|
265
265
|
end
|
|
266
266
|
|
|
@@ -292,21 +292,21 @@ describe Auth0::Api::V2::Users do
|
|
|
292
292
|
|
|
293
293
|
it 'is expected to get roles with default parameters' do
|
|
294
294
|
expect(@instance).to receive(:get).with(
|
|
295
|
-
'/api/v2/users/USER_ID/roles',
|
|
295
|
+
'/api/v2/users/USER_ID/roles', {
|
|
296
296
|
per_page: nil,
|
|
297
297
|
page: nil,
|
|
298
298
|
include_totals: nil
|
|
299
|
-
)
|
|
299
|
+
})
|
|
300
300
|
expect { @instance.get_user_roles('USER_ID') }.not_to raise_error
|
|
301
301
|
end
|
|
302
302
|
|
|
303
303
|
it 'is expected to get roles with custom parameters' do
|
|
304
304
|
expect(@instance).to receive(:get).with(
|
|
305
|
-
'/api/v2/users/USER_ID/roles',
|
|
305
|
+
'/api/v2/users/USER_ID/roles', {
|
|
306
306
|
per_page: 20,
|
|
307
307
|
page: 2,
|
|
308
308
|
include_totals: true
|
|
309
|
-
)
|
|
309
|
+
})
|
|
310
310
|
expect do
|
|
311
311
|
@instance.get_user_roles('USER_ID', per_page: 20, page: 2, include_totals: true)
|
|
312
312
|
end.not_to raise_error
|
|
@@ -401,11 +401,11 @@ describe Auth0::Api::V2::Users do
|
|
|
401
401
|
|
|
402
402
|
it 'is expected to get permissions' do
|
|
403
403
|
expect(@instance).to receive(:get).with(
|
|
404
|
-
'/api/v2/users/USER_ID/permissions',
|
|
404
|
+
'/api/v2/users/USER_ID/permissions', {
|
|
405
405
|
per_page: nil,
|
|
406
406
|
page: nil,
|
|
407
407
|
include_totals: nil,
|
|
408
|
-
)
|
|
408
|
+
})
|
|
409
409
|
expect do
|
|
410
410
|
@instance.get_user_permissions('USER_ID')
|
|
411
411
|
end.not_to raise_error
|
|
@@ -413,11 +413,11 @@ describe Auth0::Api::V2::Users do
|
|
|
413
413
|
|
|
414
414
|
it 'is expected to get permissions with custom parameters' do
|
|
415
415
|
expect(@instance).to receive(:get).with(
|
|
416
|
-
'/api/v2/users/USER_ID/permissions',
|
|
416
|
+
'/api/v2/users/USER_ID/permissions', {
|
|
417
417
|
per_page: 10,
|
|
418
418
|
page: 3,
|
|
419
419
|
include_totals: true
|
|
420
|
-
)
|
|
420
|
+
})
|
|
421
421
|
expect do
|
|
422
422
|
@instance.get_user_permissions('USER_ID', per_page: 10, page: 3, include_totals: true)
|
|
423
423
|
end.not_to raise_error
|
|
@@ -445,7 +445,7 @@ describe Auth0::Api::V2::Users do
|
|
|
445
445
|
|
|
446
446
|
it 'is expected to remove permissions' do
|
|
447
447
|
expect(@instance).to receive(:delete_with_body).with(
|
|
448
|
-
'/api/v2/users/USER_ID/permissions',
|
|
448
|
+
'/api/v2/users/USER_ID/permissions', {
|
|
449
449
|
permissions: [
|
|
450
450
|
{
|
|
451
451
|
permission_name: 'permission-name-1',
|
|
@@ -456,7 +456,7 @@ describe Auth0::Api::V2::Users do
|
|
|
456
456
|
resource_server_identifier: 'server-id-2'
|
|
457
457
|
}
|
|
458
458
|
]
|
|
459
|
-
)
|
|
459
|
+
})
|
|
460
460
|
expect do
|
|
461
461
|
@instance.remove_user_permissions(
|
|
462
462
|
'USER_ID',
|
|
@@ -6,6 +6,7 @@ RSA_PUB_KEY_JWK_2 = { 'kty': "RSA", 'use': 'sig', 'n': "uGbXWiK3dQTyCbX5xdE4yCuY
|
|
|
6
6
|
JWKS_RESPONSE_1 = { 'keys': [RSA_PUB_KEY_JWK_1] }.freeze
|
|
7
7
|
JWKS_RESPONSE_2 = { 'keys': [RSA_PUB_KEY_JWK_2] }.freeze
|
|
8
8
|
JWKS_URL = 'https://tokens-test.auth0.com/.well-known/jwks.json'.freeze
|
|
9
|
+
JWKS_URL_2 = 'https://tokens-test2.auth0.com/.well-known/jwks.json'.freeze
|
|
9
10
|
HMAC_SHARED_SECRET = 'secret'.freeze
|
|
10
11
|
|
|
11
12
|
LEEWAY = 60
|
|
@@ -459,6 +460,19 @@ describe Auth0::Algorithm::RS256 do
|
|
|
459
460
|
expect(a_request(:get, JWKS_URL)).to have_been_made.once
|
|
460
461
|
end
|
|
461
462
|
|
|
463
|
+
it 'is expected to fetch the jwks from multiple urls' do
|
|
464
|
+
stub_jwks(JWKS_RESPONSE_2, JWKS_URL_2)
|
|
465
|
+
|
|
466
|
+
instance1 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
|
|
467
|
+
instance2 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL_2)
|
|
468
|
+
instance1.jwks
|
|
469
|
+
instance2.jwks
|
|
470
|
+
instance1.jwks
|
|
471
|
+
|
|
472
|
+
expect(a_request(:get, JWKS_URL)).to have_been_made.once
|
|
473
|
+
expect(a_request(:get, JWKS_URL_2)).to have_been_made.once
|
|
474
|
+
end
|
|
475
|
+
|
|
462
476
|
it 'is expected to forcibly fetch the jwks from the url' do
|
|
463
477
|
instance = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
|
|
464
478
|
instance.jwks
|
|
@@ -493,6 +507,6 @@ describe Auth0::Algorithm::RS256 do
|
|
|
493
507
|
end
|
|
494
508
|
# rubocop:enable Metrics/BlockLength
|
|
495
509
|
|
|
496
|
-
def stub_jwks(stub = JWKS_RESPONSE_1)
|
|
497
|
-
stub_request(:get,
|
|
510
|
+
def stub_jwks(stub = JWKS_RESPONSE_1, url = JWKS_URL)
|
|
511
|
+
stub_request(:get, url).to_return(body: stub.to_json)
|
|
498
512
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: auth0
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.
|
|
4
|
+
version: 5.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Auth0
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date:
|
|
14
|
+
date: 2022-06-30 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rest-client
|
|
@@ -33,14 +33,14 @@ dependencies:
|
|
|
33
33
|
requirements:
|
|
34
34
|
- - "~>"
|
|
35
35
|
- !ruby/object:Gem::Version
|
|
36
|
-
version:
|
|
36
|
+
version: 2.3.0
|
|
37
37
|
type: :runtime
|
|
38
38
|
prerelease: false
|
|
39
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
40
40
|
requirements:
|
|
41
41
|
- - "~>"
|
|
42
42
|
- !ruby/object:Gem::Version
|
|
43
|
-
version:
|
|
43
|
+
version: 2.3.0
|
|
44
44
|
- !ruby/object:Gem::Dependency
|
|
45
45
|
name: zache
|
|
46
46
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -281,7 +281,9 @@ files:
|
|
|
281
281
|
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
|
282
282
|
- ".github/ISSUE_TEMPLATE/report_a_bug.md"
|
|
283
283
|
- ".github/PULL_REQUEST_TEMPLATE.md"
|
|
284
|
+
- ".github/dependabot.yml"
|
|
284
285
|
- ".github/stale.yml"
|
|
286
|
+
- ".github/workflows/semgrep.yml"
|
|
285
287
|
- ".gitignore"
|
|
286
288
|
- ".rspec"
|
|
287
289
|
- ".rubocop.yml"
|
|
@@ -292,6 +294,7 @@ files:
|
|
|
292
294
|
- DEPLOYMENT.md
|
|
293
295
|
- Dockerfile
|
|
294
296
|
- Gemfile
|
|
297
|
+
- Gemfile.lock
|
|
295
298
|
- Guardfile
|
|
296
299
|
- LICENSE
|
|
297
300
|
- README.md
|
|
@@ -372,6 +375,7 @@ files:
|
|
|
372
375
|
- lib/auth0/api/v2.rb
|
|
373
376
|
- lib/auth0/api/v2/actions.rb
|
|
374
377
|
- lib/auth0/api/v2/anomaly.rb
|
|
378
|
+
- lib/auth0/api/v2/attack_protection.rb
|
|
375
379
|
- lib/auth0/api/v2/blacklists.rb
|
|
376
380
|
- lib/auth0/api/v2/branding.rb
|
|
377
381
|
- lib/auth0/api/v2/client_grants.rb
|
|
@@ -588,6 +592,7 @@ files:
|
|
|
588
592
|
- spec/integration/lib/auth0/auth0_client_spec.rb
|
|
589
593
|
- spec/lib/auth0/api/v2/actions_spec.rb
|
|
590
594
|
- spec/lib/auth0/api/v2/anomaly_spec.rb
|
|
595
|
+
- spec/lib/auth0/api/v2/attack_protection_spec.rb
|
|
591
596
|
- spec/lib/auth0/api/v2/blacklists_spec.rb
|
|
592
597
|
- spec/lib/auth0/api/v2/branding_spec.rb
|
|
593
598
|
- spec/lib/auth0/api/v2/client_grants_spec.rb
|
|
@@ -643,7 +648,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
643
648
|
- !ruby/object:Gem::Version
|
|
644
649
|
version: '0'
|
|
645
650
|
requirements: []
|
|
646
|
-
rubygems_version: 3.
|
|
651
|
+
rubygems_version: 3.2.22
|
|
647
652
|
signing_key:
|
|
648
653
|
specification_version: 4
|
|
649
654
|
summary: Auth0 API Client
|
|
@@ -827,6 +832,7 @@ test_files:
|
|
|
827
832
|
- spec/integration/lib/auth0/auth0_client_spec.rb
|
|
828
833
|
- spec/lib/auth0/api/v2/actions_spec.rb
|
|
829
834
|
- spec/lib/auth0/api/v2/anomaly_spec.rb
|
|
835
|
+
- spec/lib/auth0/api/v2/attack_protection_spec.rb
|
|
830
836
|
- spec/lib/auth0/api/v2/blacklists_spec.rb
|
|
831
837
|
- spec/lib/auth0/api/v2/branding_spec.rb
|
|
832
838
|
- spec/lib/auth0/api/v2/client_grants_spec.rb
|