auth0 5.6.1 → 5.8.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.circleci/config.yml +16 -2
- data/.github/dependabot.yml +10 -0
- data/.github/workflows/semgrep.yml +28 -0
- data/.gitignore +0 -1
- data/CHANGELOG.md +43 -1
- data/Gemfile +1 -0
- data/Gemfile.lock +241 -0
- data/README.md +1 -1
- data/auth0.gemspec +1 -1
- data/lib/auth0/api/authentication_endpoints.rb +1 -1
- data/lib/auth0/api/v2/attack_protection.rb +79 -0
- data/lib/auth0/api/v2/device_credentials.rb +8 -3
- data/lib/auth0/api/v2/organizations.rb +2 -2
- data/lib/auth0/api/v2.rb +2 -0
- data/lib/auth0/mixins/validation.rb +4 -4
- data/lib/auth0/version.rb +1 -1
- data/spec/lib/auth0/api/v2/actions_spec.rb +13 -13
- data/spec/lib/auth0/api/v2/attack_protection_spec.rb +132 -0
- data/spec/lib/auth0/api/v2/blacklists_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/branding_spec.rb +4 -3
- data/spec/lib/auth0/api/v2/client_grants_spec.rb +8 -8
- data/spec/lib/auth0/api/v2/clients_spec.rb +12 -12
- data/spec/lib/auth0/api/v2/connections_spec.rb +10 -10
- data/spec/lib/auth0/api/v2/device_credentials_spec.rb +39 -10
- data/spec/lib/auth0/api/v2/emails_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/grants_spec.rb +10 -10
- data/spec/lib/auth0/api/v2/jobs_spec.rb +18 -17
- data/spec/lib/auth0/api/v2/log_streams_spec.rb +3 -3
- data/spec/lib/auth0/api/v2/logs_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/organizations_spec.rb +14 -14
- data/spec/lib/auth0/api/v2/resource_servers_spec.rb +5 -5
- data/spec/lib/auth0/api/v2/roles_spec.rb +22 -22
- data/spec/lib/auth0/api/v2/rules_spec.rb +7 -7
- data/spec/lib/auth0/api/v2/stats_spec.rb +1 -1
- data/spec/lib/auth0/api/v2/tenants_spec.rb +1 -1
- data/spec/lib/auth0/api/v2/tickets_spec.rb +14 -14
- data/spec/lib/auth0/api/v2/user_blocks_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/users_by_email_spec.rb +2 -2
- data/spec/lib/auth0/api/v2/users_spec.rb +23 -23
- data/spec/lib/auth0/mixins/validation_spec.rb +16 -2
- metadata +11 -5
|
@@ -17,7 +17,7 @@ describe Auth0::Api::V2::Users do
|
|
|
17
17
|
|
|
18
18
|
it 'is expected to get /api/v2/users' do
|
|
19
19
|
expect(@instance).to receive(:get).with(
|
|
20
|
-
'/api/v2/users',
|
|
20
|
+
'/api/v2/users', {
|
|
21
21
|
per_page: nil,
|
|
22
22
|
page: nil,
|
|
23
23
|
include_totals: nil,
|
|
@@ -27,13 +27,13 @@ describe Auth0::Api::V2::Users do
|
|
|
27
27
|
include_fields: nil,
|
|
28
28
|
q: nil,
|
|
29
29
|
search_engine: nil
|
|
30
|
-
)
|
|
30
|
+
})
|
|
31
31
|
expect { @instance.users }.not_to raise_error
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
it 'is expected to get /api/v2/users with custom parameters' do
|
|
35
35
|
expect(@instance).to receive(:get).with(
|
|
36
|
-
'/api/v2/users',
|
|
36
|
+
'/api/v2/users', {
|
|
37
37
|
per_page: 10,
|
|
38
38
|
page: 1,
|
|
39
39
|
include_totals: true,
|
|
@@ -43,7 +43,7 @@ describe Auth0::Api::V2::Users do
|
|
|
43
43
|
include_fields: nil,
|
|
44
44
|
q: nil,
|
|
45
45
|
search_engine: 'v3'
|
|
46
|
-
)
|
|
46
|
+
})
|
|
47
47
|
expect do
|
|
48
48
|
@instance.users(
|
|
49
49
|
search_engine: 'v3',
|
|
@@ -64,10 +64,10 @@ describe Auth0::Api::V2::Users do
|
|
|
64
64
|
|
|
65
65
|
it 'is expected to call get request to /api/v2/users/USER_ID' do
|
|
66
66
|
expect(@instance).to receive(:get).with(
|
|
67
|
-
'/api/v2/users/USER_ID',
|
|
67
|
+
'/api/v2/users/USER_ID', {
|
|
68
68
|
fields: nil,
|
|
69
69
|
include_fields: true
|
|
70
|
-
)
|
|
70
|
+
})
|
|
71
71
|
expect { @instance.user('USER_ID') }.not_to raise_error
|
|
72
72
|
end
|
|
73
73
|
|
|
@@ -83,11 +83,11 @@ describe Auth0::Api::V2::Users do
|
|
|
83
83
|
|
|
84
84
|
it 'is expected to post to /api/v2/users' do
|
|
85
85
|
expect(@instance).to receive(:post).with(
|
|
86
|
-
'/api/v2/users',
|
|
86
|
+
'/api/v2/users', {
|
|
87
87
|
email: 'test@test.com',
|
|
88
88
|
password: 'password',
|
|
89
89
|
connection: 'conn'
|
|
90
|
-
)
|
|
90
|
+
})
|
|
91
91
|
expect do
|
|
92
92
|
@instance.create_user(
|
|
93
93
|
'conn',
|
|
@@ -169,12 +169,12 @@ describe Auth0::Api::V2::Users do
|
|
|
169
169
|
|
|
170
170
|
it 'is expected to patch /api/v2/users/USER_ID' do
|
|
171
171
|
expect(@instance).to receive(:patch).with(
|
|
172
|
-
'/api/v2/users/USER_ID',
|
|
172
|
+
'/api/v2/users/USER_ID', {
|
|
173
173
|
email: 'test@test.com',
|
|
174
174
|
password: 'password',
|
|
175
175
|
connection: 'conn',
|
|
176
176
|
name: 'name'
|
|
177
|
-
)
|
|
177
|
+
})
|
|
178
178
|
@instance.patch_user(
|
|
179
179
|
'USER_ID',
|
|
180
180
|
email: 'test@test.com',
|
|
@@ -199,7 +199,7 @@ describe Auth0::Api::V2::Users do
|
|
|
199
199
|
end
|
|
200
200
|
|
|
201
201
|
it 'is expected to post to /api/v2/users/UserId/identities' do
|
|
202
|
-
expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/identities', body: 'json body')
|
|
202
|
+
expect(@instance).to receive(:post).with('/api/v2/users/USER_ID/identities', { body: 'json body' })
|
|
203
203
|
@instance.link_user_account('USER_ID', body: 'json body')
|
|
204
204
|
end
|
|
205
205
|
|
|
@@ -255,12 +255,12 @@ describe Auth0::Api::V2::Users do
|
|
|
255
255
|
|
|
256
256
|
it 'is expected to get /api/v2/USER_ID/logs' do
|
|
257
257
|
expect(@instance).to receive(:get).with(
|
|
258
|
-
'/api/v2/users/USER_ID/logs',
|
|
258
|
+
'/api/v2/users/USER_ID/logs', {
|
|
259
259
|
per_page: nil,
|
|
260
260
|
page: nil,
|
|
261
261
|
include_totals: nil,
|
|
262
262
|
sort: nil
|
|
263
|
-
)
|
|
263
|
+
})
|
|
264
264
|
expect { @instance.user_logs('USER_ID') }.not_to raise_error
|
|
265
265
|
end
|
|
266
266
|
|
|
@@ -292,21 +292,21 @@ describe Auth0::Api::V2::Users do
|
|
|
292
292
|
|
|
293
293
|
it 'is expected to get roles with default parameters' do
|
|
294
294
|
expect(@instance).to receive(:get).with(
|
|
295
|
-
'/api/v2/users/USER_ID/roles',
|
|
295
|
+
'/api/v2/users/USER_ID/roles', {
|
|
296
296
|
per_page: nil,
|
|
297
297
|
page: nil,
|
|
298
298
|
include_totals: nil
|
|
299
|
-
)
|
|
299
|
+
})
|
|
300
300
|
expect { @instance.get_user_roles('USER_ID') }.not_to raise_error
|
|
301
301
|
end
|
|
302
302
|
|
|
303
303
|
it 'is expected to get roles with custom parameters' do
|
|
304
304
|
expect(@instance).to receive(:get).with(
|
|
305
|
-
'/api/v2/users/USER_ID/roles',
|
|
305
|
+
'/api/v2/users/USER_ID/roles', {
|
|
306
306
|
per_page: 20,
|
|
307
307
|
page: 2,
|
|
308
308
|
include_totals: true
|
|
309
|
-
)
|
|
309
|
+
})
|
|
310
310
|
expect do
|
|
311
311
|
@instance.get_user_roles('USER_ID', per_page: 20, page: 2, include_totals: true)
|
|
312
312
|
end.not_to raise_error
|
|
@@ -401,11 +401,11 @@ describe Auth0::Api::V2::Users do
|
|
|
401
401
|
|
|
402
402
|
it 'is expected to get permissions' do
|
|
403
403
|
expect(@instance).to receive(:get).with(
|
|
404
|
-
'/api/v2/users/USER_ID/permissions',
|
|
404
|
+
'/api/v2/users/USER_ID/permissions', {
|
|
405
405
|
per_page: nil,
|
|
406
406
|
page: nil,
|
|
407
407
|
include_totals: nil,
|
|
408
|
-
)
|
|
408
|
+
})
|
|
409
409
|
expect do
|
|
410
410
|
@instance.get_user_permissions('USER_ID')
|
|
411
411
|
end.not_to raise_error
|
|
@@ -413,11 +413,11 @@ describe Auth0::Api::V2::Users do
|
|
|
413
413
|
|
|
414
414
|
it 'is expected to get permissions with custom parameters' do
|
|
415
415
|
expect(@instance).to receive(:get).with(
|
|
416
|
-
'/api/v2/users/USER_ID/permissions',
|
|
416
|
+
'/api/v2/users/USER_ID/permissions', {
|
|
417
417
|
per_page: 10,
|
|
418
418
|
page: 3,
|
|
419
419
|
include_totals: true
|
|
420
|
-
)
|
|
420
|
+
})
|
|
421
421
|
expect do
|
|
422
422
|
@instance.get_user_permissions('USER_ID', per_page: 10, page: 3, include_totals: true)
|
|
423
423
|
end.not_to raise_error
|
|
@@ -445,7 +445,7 @@ describe Auth0::Api::V2::Users do
|
|
|
445
445
|
|
|
446
446
|
it 'is expected to remove permissions' do
|
|
447
447
|
expect(@instance).to receive(:delete_with_body).with(
|
|
448
|
-
'/api/v2/users/USER_ID/permissions',
|
|
448
|
+
'/api/v2/users/USER_ID/permissions', {
|
|
449
449
|
permissions: [
|
|
450
450
|
{
|
|
451
451
|
permission_name: 'permission-name-1',
|
|
@@ -456,7 +456,7 @@ describe Auth0::Api::V2::Users do
|
|
|
456
456
|
resource_server_identifier: 'server-id-2'
|
|
457
457
|
}
|
|
458
458
|
]
|
|
459
|
-
)
|
|
459
|
+
})
|
|
460
460
|
expect do
|
|
461
461
|
@instance.remove_user_permissions(
|
|
462
462
|
'USER_ID',
|
|
@@ -6,6 +6,7 @@ RSA_PUB_KEY_JWK_2 = { 'kty': "RSA", 'use': 'sig', 'n': "uGbXWiK3dQTyCbX5xdE4yCuY
|
|
|
6
6
|
JWKS_RESPONSE_1 = { 'keys': [RSA_PUB_KEY_JWK_1] }.freeze
|
|
7
7
|
JWKS_RESPONSE_2 = { 'keys': [RSA_PUB_KEY_JWK_2] }.freeze
|
|
8
8
|
JWKS_URL = 'https://tokens-test.auth0.com/.well-known/jwks.json'.freeze
|
|
9
|
+
JWKS_URL_2 = 'https://tokens-test2.auth0.com/.well-known/jwks.json'.freeze
|
|
9
10
|
HMAC_SHARED_SECRET = 'secret'.freeze
|
|
10
11
|
|
|
11
12
|
LEEWAY = 60
|
|
@@ -459,6 +460,19 @@ describe Auth0::Algorithm::RS256 do
|
|
|
459
460
|
expect(a_request(:get, JWKS_URL)).to have_been_made.once
|
|
460
461
|
end
|
|
461
462
|
|
|
463
|
+
it 'is expected to fetch the jwks from multiple urls' do
|
|
464
|
+
stub_jwks(JWKS_RESPONSE_2, JWKS_URL_2)
|
|
465
|
+
|
|
466
|
+
instance1 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
|
|
467
|
+
instance2 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL_2)
|
|
468
|
+
instance1.jwks
|
|
469
|
+
instance2.jwks
|
|
470
|
+
instance1.jwks
|
|
471
|
+
|
|
472
|
+
expect(a_request(:get, JWKS_URL)).to have_been_made.once
|
|
473
|
+
expect(a_request(:get, JWKS_URL_2)).to have_been_made.once
|
|
474
|
+
end
|
|
475
|
+
|
|
462
476
|
it 'is expected to forcibly fetch the jwks from the url' do
|
|
463
477
|
instance = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
|
|
464
478
|
instance.jwks
|
|
@@ -493,6 +507,6 @@ describe Auth0::Algorithm::RS256 do
|
|
|
493
507
|
end
|
|
494
508
|
# rubocop:enable Metrics/BlockLength
|
|
495
509
|
|
|
496
|
-
def stub_jwks(stub = JWKS_RESPONSE_1)
|
|
497
|
-
stub_request(:get,
|
|
510
|
+
def stub_jwks(stub = JWKS_RESPONSE_1, url = JWKS_URL)
|
|
511
|
+
stub_request(:get, url).to_return(body: stub.to_json)
|
|
498
512
|
end
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: auth0
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.
|
|
4
|
+
version: 5.8.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Auth0
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date:
|
|
14
|
+
date: 2022-06-30 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rest-client
|
|
@@ -33,14 +33,14 @@ dependencies:
|
|
|
33
33
|
requirements:
|
|
34
34
|
- - "~>"
|
|
35
35
|
- !ruby/object:Gem::Version
|
|
36
|
-
version:
|
|
36
|
+
version: 2.3.0
|
|
37
37
|
type: :runtime
|
|
38
38
|
prerelease: false
|
|
39
39
|
version_requirements: !ruby/object:Gem::Requirement
|
|
40
40
|
requirements:
|
|
41
41
|
- - "~>"
|
|
42
42
|
- !ruby/object:Gem::Version
|
|
43
|
-
version:
|
|
43
|
+
version: 2.3.0
|
|
44
44
|
- !ruby/object:Gem::Dependency
|
|
45
45
|
name: zache
|
|
46
46
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -281,7 +281,9 @@ files:
|
|
|
281
281
|
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
|
282
282
|
- ".github/ISSUE_TEMPLATE/report_a_bug.md"
|
|
283
283
|
- ".github/PULL_REQUEST_TEMPLATE.md"
|
|
284
|
+
- ".github/dependabot.yml"
|
|
284
285
|
- ".github/stale.yml"
|
|
286
|
+
- ".github/workflows/semgrep.yml"
|
|
285
287
|
- ".gitignore"
|
|
286
288
|
- ".rspec"
|
|
287
289
|
- ".rubocop.yml"
|
|
@@ -292,6 +294,7 @@ files:
|
|
|
292
294
|
- DEPLOYMENT.md
|
|
293
295
|
- Dockerfile
|
|
294
296
|
- Gemfile
|
|
297
|
+
- Gemfile.lock
|
|
295
298
|
- Guardfile
|
|
296
299
|
- LICENSE
|
|
297
300
|
- README.md
|
|
@@ -372,6 +375,7 @@ files:
|
|
|
372
375
|
- lib/auth0/api/v2.rb
|
|
373
376
|
- lib/auth0/api/v2/actions.rb
|
|
374
377
|
- lib/auth0/api/v2/anomaly.rb
|
|
378
|
+
- lib/auth0/api/v2/attack_protection.rb
|
|
375
379
|
- lib/auth0/api/v2/blacklists.rb
|
|
376
380
|
- lib/auth0/api/v2/branding.rb
|
|
377
381
|
- lib/auth0/api/v2/client_grants.rb
|
|
@@ -588,6 +592,7 @@ files:
|
|
|
588
592
|
- spec/integration/lib/auth0/auth0_client_spec.rb
|
|
589
593
|
- spec/lib/auth0/api/v2/actions_spec.rb
|
|
590
594
|
- spec/lib/auth0/api/v2/anomaly_spec.rb
|
|
595
|
+
- spec/lib/auth0/api/v2/attack_protection_spec.rb
|
|
591
596
|
- spec/lib/auth0/api/v2/blacklists_spec.rb
|
|
592
597
|
- spec/lib/auth0/api/v2/branding_spec.rb
|
|
593
598
|
- spec/lib/auth0/api/v2/client_grants_spec.rb
|
|
@@ -643,7 +648,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
643
648
|
- !ruby/object:Gem::Version
|
|
644
649
|
version: '0'
|
|
645
650
|
requirements: []
|
|
646
|
-
rubygems_version: 3.
|
|
651
|
+
rubygems_version: 3.2.22
|
|
647
652
|
signing_key:
|
|
648
653
|
specification_version: 4
|
|
649
654
|
summary: Auth0 API Client
|
|
@@ -827,6 +832,7 @@ test_files:
|
|
|
827
832
|
- spec/integration/lib/auth0/auth0_client_spec.rb
|
|
828
833
|
- spec/lib/auth0/api/v2/actions_spec.rb
|
|
829
834
|
- spec/lib/auth0/api/v2/anomaly_spec.rb
|
|
835
|
+
- spec/lib/auth0/api/v2/attack_protection_spec.rb
|
|
830
836
|
- spec/lib/auth0/api/v2/blacklists_spec.rb
|
|
831
837
|
- spec/lib/auth0/api/v2/branding_spec.rb
|
|
832
838
|
- spec/lib/auth0/api/v2/client_grants_spec.rb
|