auth0 5.6.1 → 5.8.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. checksums.yaml +4 -4
  2. data/.circleci/config.yml +16 -2
  3. data/.github/dependabot.yml +10 -0
  4. data/.github/workflows/semgrep.yml +28 -0
  5. data/.gitignore +0 -1
  6. data/CHANGELOG.md +43 -1
  7. data/Gemfile +1 -0
  8. data/Gemfile.lock +241 -0
  9. data/README.md +1 -1
  10. data/auth0.gemspec +1 -1
  11. data/lib/auth0/api/authentication_endpoints.rb +1 -1
  12. data/lib/auth0/api/v2/attack_protection.rb +79 -0
  13. data/lib/auth0/api/v2/device_credentials.rb +8 -3
  14. data/lib/auth0/api/v2/organizations.rb +2 -2
  15. data/lib/auth0/api/v2.rb +2 -0
  16. data/lib/auth0/mixins/validation.rb +4 -4
  17. data/lib/auth0/version.rb +1 -1
  18. data/spec/lib/auth0/api/v2/actions_spec.rb +13 -13
  19. data/spec/lib/auth0/api/v2/attack_protection_spec.rb +132 -0
  20. data/spec/lib/auth0/api/v2/blacklists_spec.rb +2 -2
  21. data/spec/lib/auth0/api/v2/branding_spec.rb +4 -3
  22. data/spec/lib/auth0/api/v2/client_grants_spec.rb +8 -8
  23. data/spec/lib/auth0/api/v2/clients_spec.rb +12 -12
  24. data/spec/lib/auth0/api/v2/connections_spec.rb +10 -10
  25. data/spec/lib/auth0/api/v2/device_credentials_spec.rb +39 -10
  26. data/spec/lib/auth0/api/v2/emails_spec.rb +2 -2
  27. data/spec/lib/auth0/api/v2/grants_spec.rb +10 -10
  28. data/spec/lib/auth0/api/v2/jobs_spec.rb +18 -17
  29. data/spec/lib/auth0/api/v2/log_streams_spec.rb +3 -3
  30. data/spec/lib/auth0/api/v2/logs_spec.rb +2 -2
  31. data/spec/lib/auth0/api/v2/organizations_spec.rb +14 -14
  32. data/spec/lib/auth0/api/v2/resource_servers_spec.rb +5 -5
  33. data/spec/lib/auth0/api/v2/roles_spec.rb +22 -22
  34. data/spec/lib/auth0/api/v2/rules_spec.rb +7 -7
  35. data/spec/lib/auth0/api/v2/stats_spec.rb +1 -1
  36. data/spec/lib/auth0/api/v2/tenants_spec.rb +1 -1
  37. data/spec/lib/auth0/api/v2/tickets_spec.rb +14 -14
  38. data/spec/lib/auth0/api/v2/user_blocks_spec.rb +2 -2
  39. data/spec/lib/auth0/api/v2/users_by_email_spec.rb +2 -2
  40. data/spec/lib/auth0/api/v2/users_spec.rb +23 -23
  41. data/spec/lib/auth0/mixins/validation_spec.rb +16 -2
  42. metadata +11 -5
@@ -17,7 +17,7 @@ describe Auth0::Api::V2::Users do
17
17
 
18
18
  it 'is expected to get /api/v2/users' do
19
19
  expect(@instance).to receive(:get).with(
20
- '/api/v2/users',
20
+ '/api/v2/users', {
21
21
  per_page: nil,
22
22
  page: nil,
23
23
  include_totals: nil,
@@ -27,13 +27,13 @@ describe Auth0::Api::V2::Users do
27
27
  include_fields: nil,
28
28
  q: nil,
29
29
  search_engine: nil
30
- )
30
+ })
31
31
  expect { @instance.users }.not_to raise_error
32
32
  end
33
33
 
34
34
  it 'is expected to get /api/v2/users with custom parameters' do
35
35
  expect(@instance).to receive(:get).with(
36
- '/api/v2/users',
36
+ '/api/v2/users', {
37
37
  per_page: 10,
38
38
  page: 1,
39
39
  include_totals: true,
@@ -43,7 +43,7 @@ describe Auth0::Api::V2::Users do
43
43
  include_fields: nil,
44
44
  q: nil,
45
45
  search_engine: 'v3'
46
- )
46
+ })
47
47
  expect do
48
48
  @instance.users(
49
49
  search_engine: 'v3',
@@ -64,10 +64,10 @@ describe Auth0::Api::V2::Users do
64
64
 
65
65
  it 'is expected to call get request to /api/v2/users/USER_ID' do
66
66
  expect(@instance).to receive(:get).with(
67
- '/api/v2/users/USER_ID',
67
+ '/api/v2/users/USER_ID', {
68
68
  fields: nil,
69
69
  include_fields: true
70
- )
70
+ })
71
71
  expect { @instance.user('USER_ID') }.not_to raise_error
72
72
  end
73
73
 
@@ -83,11 +83,11 @@ describe Auth0::Api::V2::Users do
83
83
 
84
84
  it 'is expected to post to /api/v2/users' do
85
85
  expect(@instance).to receive(:post).with(
86
- '/api/v2/users',
86
+ '/api/v2/users', {
87
87
  email: 'test@test.com',
88
88
  password: 'password',
89
89
  connection: 'conn'
90
- )
90
+ })
91
91
  expect do
92
92
  @instance.create_user(
93
93
  'conn',
@@ -169,12 +169,12 @@ describe Auth0::Api::V2::Users do
169
169
 
170
170
  it 'is expected to patch /api/v2/users/USER_ID' do
171
171
  expect(@instance).to receive(:patch).with(
172
- '/api/v2/users/USER_ID',
172
+ '/api/v2/users/USER_ID', {
173
173
  email: 'test@test.com',
174
174
  password: 'password',
175
175
  connection: 'conn',
176
176
  name: 'name'
177
- )
177
+ })
178
178
  @instance.patch_user(
179
179
  'USER_ID',
180
180
  email: 'test@test.com',
@@ -199,7 +199,7 @@ describe Auth0::Api::V2::Users do
199
199
  end
200
200
 
201
201
  it 'is expected to post to /api/v2/users/UserId/identities' do
202
- expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/identities', body: 'json body')
202
+ expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/identities', { body: 'json body' })
203
203
  @instance.link_user_account('USER_ID', body: 'json body')
204
204
  end
205
205
 
@@ -255,12 +255,12 @@ describe Auth0::Api::V2::Users do
255
255
 
256
256
  it 'is expected to get /api/v2/USER_ID/logs' do
257
257
  expect(@instance).to receive(:get).with(
258
- '/api/v2/users/USER_ID/logs',
258
+ '/api/v2/users/USER_ID/logs', {
259
259
  per_page: nil,
260
260
  page: nil,
261
261
  include_totals: nil,
262
262
  sort: nil
263
- )
263
+ })
264
264
  expect { @instance.user_logs('USER_ID') }.not_to raise_error
265
265
  end
266
266
 
@@ -292,21 +292,21 @@ describe Auth0::Api::V2::Users do
292
292
 
293
293
  it 'is expected to get roles with default parameters' do
294
294
  expect(@instance).to receive(:get).with(
295
- '/api/v2/users/USER_ID/roles',
295
+ '/api/v2/users/USER_ID/roles', {
296
296
  per_page: nil,
297
297
  page: nil,
298
298
  include_totals: nil
299
- )
299
+ })
300
300
  expect { @instance.get_user_roles('USER_ID') }.not_to raise_error
301
301
  end
302
302
 
303
303
  it 'is expected to get roles with custom parameters' do
304
304
  expect(@instance).to receive(:get).with(
305
- '/api/v2/users/USER_ID/roles',
305
+ '/api/v2/users/USER_ID/roles', {
306
306
  per_page: 20,
307
307
  page: 2,
308
308
  include_totals: true
309
- )
309
+ })
310
310
  expect do
311
311
  @instance.get_user_roles('USER_ID', per_page: 20, page: 2, include_totals: true)
312
312
  end.not_to raise_error
@@ -401,11 +401,11 @@ describe Auth0::Api::V2::Users do
401
401
 
402
402
  it 'is expected to get permissions' do
403
403
  expect(@instance).to receive(:get).with(
404
- '/api/v2/users/USER_ID/permissions',
404
+ '/api/v2/users/USER_ID/permissions', {
405
405
  per_page: nil,
406
406
  page: nil,
407
407
  include_totals: nil,
408
- )
408
+ })
409
409
  expect do
410
410
  @instance.get_user_permissions('USER_ID')
411
411
  end.not_to raise_error
@@ -413,11 +413,11 @@ describe Auth0::Api::V2::Users do
413
413
 
414
414
  it 'is expected to get permissions with custom parameters' do
415
415
  expect(@instance).to receive(:get).with(
416
- '/api/v2/users/USER_ID/permissions',
416
+ '/api/v2/users/USER_ID/permissions', {
417
417
  per_page: 10,
418
418
  page: 3,
419
419
  include_totals: true
420
- )
420
+ })
421
421
  expect do
422
422
  @instance.get_user_permissions('USER_ID', per_page: 10, page: 3, include_totals: true)
423
423
  end.not_to raise_error
@@ -445,7 +445,7 @@ describe Auth0::Api::V2::Users do
445
445
 
446
446
  it 'is expected to remove permissions' do
447
447
  expect(@instance).to receive(:delete_with_body).with(
448
- '/api/v2/users/USER_ID/permissions',
448
+ '/api/v2/users/USER_ID/permissions', {
449
449
  permissions: [
450
450
  {
451
451
  permission_name: 'permission-name-1',
@@ -456,7 +456,7 @@ describe Auth0::Api::V2::Users do
456
456
  resource_server_identifier: 'server-id-2'
457
457
  }
458
458
  ]
459
- )
459
+ })
460
460
  expect do
461
461
  @instance.remove_user_permissions(
462
462
  'USER_ID',
@@ -6,6 +6,7 @@ RSA_PUB_KEY_JWK_2 = { 'kty': "RSA", 'use': 'sig', 'n': "uGbXWiK3dQTyCbX5xdE4yCuY
6
6
  JWKS_RESPONSE_1 = { 'keys': [RSA_PUB_KEY_JWK_1] }.freeze
7
7
  JWKS_RESPONSE_2 = { 'keys': [RSA_PUB_KEY_JWK_2] }.freeze
8
8
  JWKS_URL = 'https://tokens-test.auth0.com/.well-known/jwks.json'.freeze
9
+ JWKS_URL_2 = 'https://tokens-test2.auth0.com/.well-known/jwks.json'.freeze
9
10
  HMAC_SHARED_SECRET = 'secret'.freeze
10
11
 
11
12
  LEEWAY = 60
@@ -459,6 +460,19 @@ describe Auth0::Algorithm::RS256 do
459
460
  expect(a_request(:get, JWKS_URL)).to have_been_made.once
460
461
  end
461
462
 
463
+ it 'is expected to fetch the jwks from multiple urls' do
464
+ stub_jwks(JWKS_RESPONSE_2, JWKS_URL_2)
465
+
466
+ instance1 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
467
+ instance2 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL_2)
468
+ instance1.jwks
469
+ instance2.jwks
470
+ instance1.jwks
471
+
472
+ expect(a_request(:get, JWKS_URL)).to have_been_made.once
473
+ expect(a_request(:get, JWKS_URL_2)).to have_been_made.once
474
+ end
475
+
462
476
  it 'is expected to forcibly fetch the jwks from the url' do
463
477
  instance = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
464
478
  instance.jwks
@@ -493,6 +507,6 @@ describe Auth0::Algorithm::RS256 do
493
507
  end
494
508
  # rubocop:enable Metrics/BlockLength
495
509
 
496
- def stub_jwks(stub = JWKS_RESPONSE_1)
497
- stub_request(:get, JWKS_URL).to_return(body: stub.to_json)
510
+ def stub_jwks(stub = JWKS_RESPONSE_1, url = JWKS_URL)
511
+ stub_request(:get, url).to_return(body: stub.to_json)
498
512
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: auth0
3
3
  version: !ruby/object:Gem::Version
4
- version: 5.6.1
4
+ version: 5.8.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Auth0
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2021-11-09 00:00:00.000000000 Z
14
+ date: 2022-06-30 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: rest-client
@@ -33,14 +33,14 @@ dependencies:
33
33
  requirements:
34
34
  - - "~>"
35
35
  - !ruby/object:Gem::Version
36
- version: '2.2'
36
+ version: 2.3.0
37
37
  type: :runtime
38
38
  prerelease: false
39
39
  version_requirements: !ruby/object:Gem::Requirement
40
40
  requirements:
41
41
  - - "~>"
42
42
  - !ruby/object:Gem::Version
43
- version: '2.2'
43
+ version: 2.3.0
44
44
  - !ruby/object:Gem::Dependency
45
45
  name: zache
46
46
  requirement: !ruby/object:Gem::Requirement
@@ -281,7 +281,9 @@ files:
281
281
  - ".github/ISSUE_TEMPLATE/feature_request.md"
282
282
  - ".github/ISSUE_TEMPLATE/report_a_bug.md"
283
283
  - ".github/PULL_REQUEST_TEMPLATE.md"
284
+ - ".github/dependabot.yml"
284
285
  - ".github/stale.yml"
286
+ - ".github/workflows/semgrep.yml"
285
287
  - ".gitignore"
286
288
  - ".rspec"
287
289
  - ".rubocop.yml"
@@ -292,6 +294,7 @@ files:
292
294
  - DEPLOYMENT.md
293
295
  - Dockerfile
294
296
  - Gemfile
297
+ - Gemfile.lock
295
298
  - Guardfile
296
299
  - LICENSE
297
300
  - README.md
@@ -372,6 +375,7 @@ files:
372
375
  - lib/auth0/api/v2.rb
373
376
  - lib/auth0/api/v2/actions.rb
374
377
  - lib/auth0/api/v2/anomaly.rb
378
+ - lib/auth0/api/v2/attack_protection.rb
375
379
  - lib/auth0/api/v2/blacklists.rb
376
380
  - lib/auth0/api/v2/branding.rb
377
381
  - lib/auth0/api/v2/client_grants.rb
@@ -588,6 +592,7 @@ files:
588
592
  - spec/integration/lib/auth0/auth0_client_spec.rb
589
593
  - spec/lib/auth0/api/v2/actions_spec.rb
590
594
  - spec/lib/auth0/api/v2/anomaly_spec.rb
595
+ - spec/lib/auth0/api/v2/attack_protection_spec.rb
591
596
  - spec/lib/auth0/api/v2/blacklists_spec.rb
592
597
  - spec/lib/auth0/api/v2/branding_spec.rb
593
598
  - spec/lib/auth0/api/v2/client_grants_spec.rb
@@ -643,7 +648,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
643
648
  - !ruby/object:Gem::Version
644
649
  version: '0'
645
650
  requirements: []
646
- rubygems_version: 3.1.4
651
+ rubygems_version: 3.2.22
647
652
  signing_key:
648
653
  specification_version: 4
649
654
  summary: Auth0 API Client
@@ -827,6 +832,7 @@ test_files:
827
832
  - spec/integration/lib/auth0/auth0_client_spec.rb
828
833
  - spec/lib/auth0/api/v2/actions_spec.rb
829
834
  - spec/lib/auth0/api/v2/anomaly_spec.rb
835
+ - spec/lib/auth0/api/v2/attack_protection_spec.rb
830
836
  - spec/lib/auth0/api/v2/blacklists_spec.rb
831
837
  - spec/lib/auth0/api/v2/branding_spec.rb
832
838
  - spec/lib/auth0/api/v2/client_grants_spec.rb