auth0 5.9.0 → 5.11.0

data/spec/lib/auth0/api/v2/jobs_spec.rb

@@ -67,6 +67,7 @@ describe Auth0::Api::V2::Jobs do
         format: 'csv',
         limit: 10
       })
+
       @instance.export_users(
         fields: ['author'],
         connection_id: 'test-connection',
@@ -74,6 +75,23 @@ describe Auth0::Api::V2::Jobs do
         limit: 10
       )
     end
+
+    it 'sends post to /api/v2/jobs/users-exports with export_as field' do
+      expect(@instance).to receive(:post).with(
+        '/api/v2/jobs/users-exports', {
+        fields: [{ name: 'author', export_as: 'writer' }],
+        connection_id: 'test-connection',
+        format: 'csv',
+        limit: 10
+      })
+      
+      @instance.export_users(
+        fields: [{ name: 'author', export_as: 'writer' }],
+        connection_id: 'test-connection',
+        format: 'csv',
+        limit: 10
+      )
+    end
   end
 
   context '.send_verification_email' do

data/spec/lib/auth0/mixins/httpproxy_spec.rb

@@ -494,12 +494,13 @@ describe Auth0::Mixins::HTTPProxy do
   end
 
   context "Renewing tokens" do
-    before :each do
-      @token_instance = DummyClassForTokens.new(
+    let(:httpproxy_instance) {
+      DummyClassForTokens.new(
         client_id: 'test-client-id',
         client_secret: 'test-client-secret',
-        domain: 'auth0.com')
-    end
+        domain: 'auth0.com',
+      )
+    }
 
     %i(get delete).each do |http_method|
       context "for #{http_method}" do
@@ -507,7 +508,7 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: :post,
             url: 'https://auth0.com/oauth/token',
-          ) ).and_return(StubResponse.new({ 
+          )).and_return(StubResponse.new({ 
             "access_token" => "access_token", 
             "expires_in" => 86400}, 
             true, 
@@ -515,11 +516,10 @@ describe Auth0::Mixins::HTTPProxy do
 
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
-            url: 'https://auth0.com/test',
-            headers: { params: {}, "Authorization" => "Bearer access_token" }
+            url: 'https://auth0.com/test'
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
         end
       end
     end
@@ -539,24 +539,24 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
             url: 'https://auth0.com/test',
-            headers: { "Authorization" => "Bearer access_token" }
+            headers: hash_including( "Authorization" => "Bearer access_token")
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
         end
       end
     end
   end
 
   context "Using cached tokens" do
-    before :each do
-      @token_instance = DummyClassForTokens.new(
+    let(:httpproxy_instance) {
+      DummyClassForTokens.new(
         client_id: 'test-client-id',
         client_secret: 'test-client-secret',
         domain: 'auth0.com',
         token: 'access_token',
         token_expires_at: Time.now.to_i + 86400)
-    end
+    }
 
     %i(get delete).each do |http_method|
       context "for #{http_method}" do
@@ -569,10 +569,10 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
             url: 'https://auth0.com/test',
-            headers: { params: {}, "Authorization" => "Bearer access_token" }
+            headers: hash_including(params: {}, "Authorization" => "Bearer access_token")
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
         end
       end
     end
@@ -588,10 +588,46 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
             url: 'https://auth0.com/test',
-            headers: { "Authorization" => "Bearer access_token" }
+            headers: hash_including("Authorization" => "Bearer access_token")
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+  end
+
+  context 'Normal operation' do
+    let(:httpproxy_instance) {
+      DummyClassForTokens.new(
+        client_id: 'test-client-id',
+        client_secret: 'test-client-secret',
+        domain: 'auth0.com',
+        token: 'access_token',
+        token_expires_at: Time.now.to_i + 86400)
+    }
+
+    # This sets up a test matrix to verify that both :get and :delete calls (the only two HTTP methods in the proxy that mutated headers)
+    # don't bleed query params into subsequent calls to :post :patch and :put.
+    %i(get delete).each do |http_get_delete|
+      %i(post patch put).each do |http_ppp|
+        it "should not bleed :#{http_get_delete} headers/parameters to the subsequent :#{http_ppp} request" do
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_get_delete,
+            url: "https://auth0.com/test-#{http_get_delete}",
+            headers: hash_including(params: { email: 'test@test.com' })
+          )).and_return(StubResponse.new('OK', true, 200))
+
+          # email: parameter that is sent in the GET request should not appear
+          # as a parameter in the `headers` hash for the subsequent PATCH request.
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_ppp,
+            url: "https://auth0.com/test-#{http_ppp}",
+            headers: hash_not_including(:params)
+          )).and_return(StubResponse.new('OK', true, 200))
+
+          expect { httpproxy_instance.send(http_get_delete, "/test-#{http_get_delete}", { email: 'test@test.com' }) }.not_to raise_error
+          expect { httpproxy_instance.send(http_ppp, "/test-#{http_ppp}") }.not_to raise_error
         end
       end
     end

data/spec/lib/auth0/mixins/initializer_spec.rb

@@ -13,6 +13,15 @@ describe Auth0::Mixins::Initializer do
   let(:params) { { namespace: 'samples.auth0.com' } }
   let(:instance) { DummyClassForProxy.send(:include, described_class).new(params) }
   let(:time_now) { Time.now }
+  
+  let(:client_assertion_signing_key_pair) do
+    rsa_private = OpenSSL::PKey::RSA.generate 2048
+
+    { 
+      public_key: rsa_private.public_key,
+      private_key: rsa_private
+    }
+  end
 
   context 'api v2' do
     it 'sets retry_count when passed' do
@@ -45,31 +54,76 @@ describe Auth0::Mixins::Initializer do
       expect(instance.instance_variable_get('@token')).to eq('123')
     end
 
-    it 'fetches a token if none was given' do
-      params[:client_id] = client_id = 'test_client_id'
-      params[:client_secret] = client_secret = 'test_client_secret'
-      params[:api_identifier] = api_identifier = 'test'
-
-      payload = {
-        grant_type: 'client_credentials',
-        client_id: client_id,
-        client_secret: client_secret,
-        audience: api_identifier
-      }  
-
-      expect(RestClient::Request).to receive(:execute).with(hash_including(
-        method: :post,
-        url: 'https://samples.auth0.com/oauth/token',
-        payload: payload.to_json
-      ))
-      .and_return(StubResponse.new({ 
-        "access_token" => "test", 
-        "expires_in" => 86400}, 
-        true, 
-        200))
-
-      expect(instance.instance_variable_get('@token')).to eq('test')
-      expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+    context 'with a client secret' do
+      it 'fetches a token if none was given' do
+        params[:client_id] = client_id = 'test_client_id'
+        params[:client_secret] = client_secret = 'test_client_secret'
+        params[:api_identifier] = api_identifier = 'test'
+
+        payload = {
+          grant_type: 'client_credentials',
+          client_id: client_id,
+          client_secret: client_secret,
+          audience: api_identifier
+        }  
+
+        expect(RestClient::Request).to receive(:execute) do |arg|
+          expect(arg).to(match(
+            include(
+              method: :post,
+              url: 'https://samples.auth0.com/oauth/token'
+            )
+          ))
+
+          expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
+          
+          StubResponse.new({ 
+          "access_token" => "test", 
+          "expires_in" => 86400}, 
+          true, 
+          200)
+        end
+
+        expect(instance.instance_variable_get('@token')).to eq('test')
+        expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+      end
+    end
+
+    context 'with a client assertion signing key' do
+      it 'fetches a token if none was given' do
+        private_key = client_assertion_signing_key_pair[:private_key]
+
+        params[:client_id] = client_id = 'test_client_id'
+        params[:api_identifier] = api_identifier = 'test'
+        params[:client_assertion_signing_key] = private_key
+
+        expect(RestClient::Request).to receive(:execute) do |arg|
+          expect(arg).to(match(
+            include(
+              method: :post,
+              url: 'https://samples.auth0.com/oauth/token'
+            )
+          ))
+
+          payload = JSON.parse(arg[:payload], { symbolize_names: true })
+
+          expect(payload[:grant_type]).to eq 'client_credentials'
+          expect(payload[:client_id]).to eq client_id
+          expect(payload[:audience]).to eq api_identifier
+          expect(payload[:client_secret]).to be_nil
+          expect(payload[:client_assertion]).not_to be_nil
+          expect(payload[:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
+          
+          StubResponse.new({ 
+          "access_token" => "test", 
+          "expires_in" => 86400}, 
+          true, 
+          200)
+        end
+
+        expect(instance.instance_variable_get('@token')).to eq('test')
+        expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
+      end
     end
 
     it "doesn't get a new token if one was supplied using 'token'" do

data/spec/lib/auth0/mixins/token_management_spec.rb

@@ -34,16 +34,21 @@ describe Auth0::Mixins::TokenManagement do
 
   context 'get_token' do
     it 'renews the token if there is no token set' do
-      expect(RestClient::Request).to receive(:execute).with(hash_including(
-        method: :post,
-        url: 'https://samples.auth0.com/oauth/token',
-        payload: payload.to_json
-      ))
-      .and_return(StubResponse.new({ 
-        "access_token" => "test", 
-        "expires_in" => 86400}, 
-        true, 
-        200))
+      expect(RestClient::Request).to receive(:execute) do |arg|
+        expect(arg).to(match(
+          include(
+            method: :post,
+            url: 'https://samples.auth0.com/oauth/token'
+        )))
+
+        expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
+      
+        StubResponse.new({ 
+          "access_token" => "test", 
+          "expires_in" => 86400}, 
+          true, 
+          200)
+      end
 
       instance.send(:get_token)
 
@@ -70,16 +75,21 @@ describe Auth0::Mixins::TokenManagement do
       params[:token] = 'test-token'
       params[:token_expires_at] = time_now.to_i + 5
 
-      expect(RestClient::Request).to receive(:execute).with(hash_including(
-        method: :post,
-        url: 'https://samples.auth0.com/oauth/token',
-        payload: payload.to_json
-      ))
-      .and_return(StubResponse.new({ 
-        "access_token" => "renewed_token", 
-        "expires_in" => 86400}, 
-        true, 
-        200))
+      expect(RestClient::Request).to receive(:execute) do |arg|
+        expect(arg).to(match(
+          include(
+            method: :post,
+            url: 'https://samples.auth0.com/oauth/token'
+        )))
+
+        expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
+      
+        StubResponse.new({ 
+          "access_token" => "renewed_token", 
+          "expires_in" => 86400}, 
+          true, 
+          200)
+      end
 
       instance.send(:get_token)
 
@@ -91,16 +101,21 @@ describe Auth0::Mixins::TokenManagement do
       params[:token] = 'test-token'
       params[:token_expires_at] = time_now.to_i - 10
 
-      expect(RestClient::Request).to receive(:execute).with(hash_including(
-        method: :post,
-        url: 'https://samples.auth0.com/oauth/token',
-        payload: payload.to_json
-      ))
-      .and_return(StubResponse.new({ 
-        "access_token" => "renewed_token", 
-        "expires_in" => 86400}, 
-        true, 
-        200))
+      expect(RestClient::Request).to receive(:execute) do |arg|
+        expect(arg).to(match(
+          include(
+            method: :post,
+            url: 'https://samples.auth0.com/oauth/token'
+        )))
+
+        expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
+      
+        StubResponse.new({ 
+          "access_token" => "renewed_token", 
+          "expires_in" => 86400}, 
+          true, 
+          200)
+      end
 
       instance.send(:get_token)
 
@@ -110,16 +125,11 @@ describe Auth0::Mixins::TokenManagement do
 
     it 'does not renew existing token if no token_expires_at' do
       params[:token] = 'test-token'
+      instance.instance_variable_set '@token_expires_at', nil
 
-      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
-        method: :post,
-        url: 'https://samples.auth0.com/oauth/token',
-      ))
+      expect(RestClient::Request).not_to receive(:execute)
 
       instance.send(:get_token)
-
-      expect(instance.instance_variable_get('@token')).to eq('test-token')
-      expect(instance.instance_variable_get('@token_expires_at')).to be_nil
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,4 +1,3 @@
-require 'pry'
 require 'rack/test'
 require 'faker'
 require 'json'
@@ -51,6 +50,10 @@ RSpec.configure do |config|
   config.filter_run focus: true
   config.run_all_when_everything_filtered = true
   config.include Credentials
+
+  config.expect_with :rspec do |c|
+    c.max_formatted_output_length = 1000000
+  end
 end
 
 def wait(time, increment = 5, elapsed_time = 0, &block)

data/spec/support/dummy_class_for_tokens.rb

@@ -13,5 +13,7 @@ class DummyClassForTokens
     @base_uri = "https://#{@domain}"
     @token = config[:token]
     @token_expires_at = config[:token_expires_at]
+    @client_assertion_signing_key = config[:client_assertion_signing_key]
+    @client_assertion_signing_alg = config[:client_assertion_signing_alg] || 'RS256'
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auth0
 version: !ruby/object:Gem::Version
-  version: 5.9.0
+  version: 5.11.0
 platform: ruby
 authors:
 - Auth0
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-24 00:00:00.000000000 Z
+date: 2023-01-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -33,14 +33,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: '2.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: '2.5'
 - !ruby/object:Gem::Dependency
   name: zache
   requirement: !ruby/object:Gem::Requirement
@@ -139,48 +139,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.0'
-- !ruby/object:Gem::Dependency
-  name: pry
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.10'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.10'
-- !ruby/object:Gem::Dependency
-  name: pry-nav
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.11'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -260,6 +232,8 @@ extra_rdoc_files: []
 files:
 - ".bundle/config"
 - ".circleci/config.yml"
+- ".devcontainer/Dockerfile"
+- ".devcontainer/devcontainer.json"
 - ".env.example"
 - ".gemrelease"
 - ".github/CODEOWNERS"
@@ -278,7 +252,9 @@ files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - DEPLOYMENT.md
+- DEVELOPMENT.md
 - Dockerfile
+- EXAMPLES.md
 - Gemfile
 - Gemfile.lock
 - Guardfile
@@ -291,6 +267,7 @@ files:
 - examples/ruby-api/.env.example
 - examples/ruby-api/.gitignore
 - examples/ruby-api/Gemfile
+- examples/ruby-api/Gemfile.lock
 - examples/ruby-api/README.md
 - examples/ruby-api/config.ru
 - examples/ruby-api/main.rb
@@ -386,6 +363,7 @@ files:
 - lib/auth0/api/v2/users.rb
 - lib/auth0/api/v2/users_by_email.rb
 - lib/auth0/client.rb
+- lib/auth0/client_assertion.rb
 - lib/auth0/exception.rb
 - lib/auth0/mixins.rb
 - lib/auth0/mixins/access_token_struct.rb
@@ -398,6 +376,7 @@ files:
 - lib/auth0/mixins/validation.rb
 - lib/auth0/version.rb
 - lib/auth0_client.rb
+- opslevel.yml
 - publish_rubygem.sh
 - spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_change_password/should_trigger_a_password_reset.yml
 - spec/fixtures/vcr_cassettes/Auth0_Api_AuthenticationEndpoints/_login_with_resource_owner/should_fail_with_an_incorrect_email.yml
@@ -576,6 +555,7 @@ files:
 - spec/integration/lib/auth0/api/v2/api_user_blocks_spec.rb
 - spec/integration/lib/auth0/api/v2/api_users_spec.rb
 - spec/integration/lib/auth0/auth0_client_spec.rb
+- spec/lib/auth0/api/authentication_endpoints_spec.rb
 - spec/lib/auth0/api/v2/actions_spec.rb
 - spec/lib/auth0/api/v2/anomaly_spec.rb
 - spec/lib/auth0/api/v2/attack_protection_spec.rb
@@ -634,7 +614,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.11
+rubygems_version: 3.3.26
 signing_key: 
 specification_version: 4
 summary: Auth0 API Client