auth0 5.0.1 → 5.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cf18eaf917c7c8c5e3cccc4dad6a9824e50c921ea6b21612dc175ceb9dc447bc
4
- data.tar.gz: 410e68beb033e30432bef49be72a04a14d65ecc63f5fd3dab784ca0bbf222f02
3
+ metadata.gz: 268e36ef0f352a266607bdad5435b4ebddfacc3b29dd4aa4d922966950ca0e46
4
+ data.tar.gz: 2190414d235036db1218c7560d67a1cb9a300f02495d2fdaa1c267398480d130
5
5
  SHA512:
6
- metadata.gz: eb8c767fc4a1539b9d778893bfd1eda7ccbd5ca1194dba5f79f5d84a5563c6038fdf66d640a0be6150cc913e0ce7479f9b434fe6552eec5459e058b0e3cbab8e
7
- data.tar.gz: f8f03fd5d1e0d5358874fee49e72024942825e38a74799cc732af2977fcc5a582eac211dfbe021e22d8d55992460fbfbf4e48b66511180bb12c4c1ede415cf4b
6
+ metadata.gz: 52706c2e0c0ed270a987ec83568e94cf37d9b4a951ef00f813fed275c6a0ddb15b87324111a399b34d09b3ee448446140d197670a003be6f2bcd930295f73867
7
+ data.tar.gz: 9f316b486484eb9af039b3f39670a259fc9d1e41b249e7faa4916d1b6345a54ba6233f2d2dc4daf4c55dc41756269062a5a7fb539b9c6285224a9b45140911eb
data/.circleci/config.yml CHANGED
@@ -28,12 +28,10 @@ jobs:
28
28
  steps:
29
29
  - checkout
30
30
  - restore_cache:
31
- keys:
32
- - gems-v2-{{ checksum "Gemfile.lock" }}
33
- - gems-v2-
34
- - run: bundle check || bundle install
31
+ key: gems-v2-{{ checksum "Gemfile.lock" }}
32
+ - run: bundle check --path=vendor/bundle || bundle install --path=vendor/bundle
35
33
  - save_cache:
36
- key: gems-v2--{{ checksum "Gemfile.lock" }}
34
+ key: gems-v2-{{ checksum "Gemfile.lock" }}
37
35
  paths:
38
36
  - vendor/bundle
39
37
  # Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
data/CHANGELOG.md CHANGED
@@ -1,5 +1,18 @@
1
1
  # Change Log
2
2
 
3
+ ## [v5.1.0](https://github.com/auth0/ruby-auth0/tree/v5.1.0) (2021-04-09)
4
+
5
+ [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.0.1..v5.1.0)
6
+
7
+ **Added**
8
+
9
+ - Org idtoken validation guidance [\#267](https://github.com/auth0/ruby-auth0/pull/267) ([davidpatrick](https://github.com/davidpatrick))
10
+ - Adds Branding endpoints [\#266](https://github.com/auth0/ruby-auth0/pull/266) ([davidpatrick](https://github.com/davidpatrick))
11
+ - Organizations feature [\#264](https://github.com/auth0/ruby-auth0/pull/264) ([davidpatrick](https://github.com/davidpatrick))
12
+ - Add Organizations support to Authentication API Client [\#263](https://github.com/auth0/ruby-auth0/pull/263) ([davidpatrick](https://github.com/davidpatrick))
13
+ - Add api_identifier as an accepted configurable [\#261](https://github.com/auth0/ruby-auth0/pull/261) ([QWYNBG](https://github.com/QWYNBG))
14
+ - add name param to connections api [\#260](https://github.com/auth0/ruby-auth0/pull/260) ([QWYNBG](https://github.com/QWYNBG))
15
+
3
16
  ## [v5.0.1](https://github.com/auth0/ruby-auth0/tree/v5.0.1) (2021-02-02)
4
17
 
5
18
  [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.0.0..v5.0.1)
data/README.md CHANGED
@@ -113,6 +113,61 @@ In addition to the Management API, this SDK also provides access to [Authenticat
113
113
 
114
114
  Please note that this module implements endpoints that might be deprecated for newer tenants. If you have any questions about how and when the endpoints should be used, consult the [documentation](https://auth0.com/docs/api/authentication) or ask in our [Community forums](https://community.auth0.com/tags/wordpress).
115
115
 
116
+ ### Organizations
117
+
118
+ [Organizations](https://auth0.com/docs/organizations) is a set of features that provide better support for developers who build and maintain SaaS and Business-to-Business (B2B) applications.
119
+
120
+ Using Organizations, you can:
121
+
122
+ - Represent teams, business customers, partner companies, or any logical grouping of users that should have different ways of accessing your applications, as organizations.
123
+ - Manage their membership in a variety of ways, including user invitation.
124
+ - Configure branded, federated login flows for each organization.
125
+ - Implement role-based access control, such that users can have different roles when authenticating in the context of different organizations.
126
+ - Build administration capabilities into your products, using Organizations APIs, so that those businesses can manage their own organizations.
127
+
128
+ Note that Organizations is currently only available to customers on our Enterprise and Startup subscription plans.
129
+
130
+ #### Logging in with an Organization
131
+
132
+ Configure the Authentication API client and pass your Organization ID to the authorize url:
133
+
134
+ ```ruby
135
+ require 'auth0'
136
+
137
+ @auth0_client ||= Auth0Client.new(
138
+ client_id: '{YOUR_APPLICATION_CLIENT_ID}',
139
+ client_secret: '{YOUR_APPLICATION_CLIENT_SECRET}',
140
+ domain: '{YOUR_TENANT}.auth0.com',
141
+ organization: "{YOUR_ORGANIZATION_ID}"
142
+ )
143
+
144
+ universal_login_url = @auth0_client.authorization_url("https://{YOUR_APPLICATION_CALLBACK_URL}")
145
+
146
+ # redirect_to universal_login_url
147
+ ```
148
+
149
+ #### Accepting user invitations
150
+
151
+ Auth0 Organizations allow users to be invited using emailed links, which will direct a user back to your application. The URL the user will arrive at is based on your configured `Application Login URI`, which you can change from your Application's settings inside the Auth0 dashboard. When they arrive at this URL, a `invitation` and `organization` query parameters will be provided
152
+
153
+ ```ruby
154
+ require 'auth0'
155
+
156
+ @auth0_client ||= Auth0Client.new(
157
+ client_id: '{YOUR_APPLICATION_CLIENT_ID}',
158
+ client_secret: '{YOUR_APPLICATION_CLIENT_ID}',
159
+ domain: '{YOUR_TENANT}.auth0.com',
160
+ organization: "{YOUR_ORGANIZATION_ID}"
161
+ )
162
+
163
+ universal_login_url = @auth0_client.authorization_url("https://{YOUR_APPLICATION_CALLBACK_URL}", {
164
+ organization: "{ORGANIZATION_QUERY_PARAM}", # You can override organization if needed
165
+ invitation: "{INVITATION_QUERY_PARAM}"
166
+ })
167
+
168
+ # redirect_to universal_login_url
169
+ ```
170
+
116
171
  ## ID Token Validation
117
172
 
118
173
  An ID token may be present in the credentials received after authentication. This token contains information associated with the user that has just logged in, provided the scope used contained `openid`. You can [read more about ID tokens here](https://auth0.com/docs/tokens/concepts/id-tokens).
@@ -137,6 +192,7 @@ The method takes the following optional keyword parameters:
137
192
  | `max_age` | Integer | The `max_age` value you sent in the call to `/authorize`, if any. | `nil` |
138
193
  | `issuer` | String | By default the `iss` claim will be checked against the URL of your **Auth0 Domain**. Use this parameter to override that. | `nil` |
139
194
  | `audience` | String | By default the `aud` claim will be compared to your **Auth0 Client ID**. Use this parameter to override that. | `nil` |
195
+ | `organization`| String | By default the `org_id` claim will be compared to your **Organization ID**. Use this parameter to override that. | `nil` |
140
196
 
141
197
  You can check the signing algorithm value under **Advanced Settings > OAuth > JsonWebToken Signature Algorithm** in your Auth0 application settings panel. [We recommend](https://auth0.com/docs/tokens/concepts/signing-algorithms#our-recommendation) that you make use of asymmetric signing algorithms like `RS256` instead of symmetric ones like `HS256`.
142
198
 
@@ -158,6 +214,29 @@ rescue Auth0::InvalidIdToken => e
158
214
  end
159
215
  ```
160
216
 
217
+ ### Organization ID Token Validation
218
+
219
+ If an org_id claim is present in the Access Token, then the claim should be validated by the API to ensure that the value received is expected or known.
220
+
221
+ In particular:
222
+
223
+ * The issuer (iss) claim should be checked to ensure the token was issued by Auth0
224
+
225
+ * the org_id claim should be checked to ensure it is a value that is already known to the application. This could be validated against a known list of organization IDs, or perhaps checked in conjunction with the current request URL. e.g. the sub-domain may hint at what organization should be used to validate the Access Token.
226
+
227
+ Normally, validating the issuer would be enough to ensure that the token was issued by Auth0. In the case of organizations, additional checks should be made so that the organization within an Auth0 tenant is expected.
228
+
229
+ If the claim cannot be validated, then the application should deem the token invalid.
230
+
231
+ ```ruby
232
+ begin
233
+ @auth0_client.validate_id_token 'YOUR_ID_TOKEN', organization: '{Expected org_id}'
234
+ rescue Auth0::InvalidIdToken => e
235
+ # In this case the ID Token contents should not be trusted
236
+ end
237
+
238
+ For more information, please read [Work with Tokens and Organizations](https://auth0.com/docs/organizations/using-tokens) on Auth0 Docs.
239
+
161
240
  ## Development
162
241
 
163
242
  In order to set up the local environment you'd have to have Ruby installed and a few global gems used to run and record the unit tests. A working Ruby version can be taken from the [CI script](/.circleci/config.yml). At the moment of this writting we're using Ruby `2.5.7`.
@@ -231,4 +310,4 @@ If you find a bug or have a feature request, please report them in this reposito
231
310
  This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.
232
311
 
233
312
 
234
- [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0?ref=badge_large)
313
+ [![FOSSA Status](https://app.fossa.com/api/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0.svg?type=large)](https://app.fossa.com/projects/git%2Bgithub.com%2Fauth0%2Fruby-auth0?ref=badge_large)
@@ -14,18 +14,23 @@ module Auth0
14
14
  # Request an API access token using a Client Credentials grant
15
15
  # @see https://auth0.com/docs/api-auth/tutorials/client-credentials
16
16
  # @param audience [string] API audience to use
17
+ # @param organization [string] Organization ID
17
18
  # @return [json] Returns the API token
18
19
  def api_token(
19
20
  client_id: @client_id,
20
21
  client_secret: @client_secret,
21
- audience: "https://#{@domain}/api/v2/"
22
+ organization: @organization,
23
+ audience: nil
22
24
  )
25
+
23
26
  request_params = {
24
27
  grant_type: 'client_credentials',
25
28
  client_id: client_id,
26
29
  client_secret: client_secret,
27
- audience: audience
30
+ audience: audience,
31
+ organization: organization
28
32
  }
33
+
29
34
  response = post('/oauth/token', request_params)
30
35
  ::Auth0::ApiToken.new(response['access_token'], response['scope'], response['expires_in'])
31
36
  end
@@ -220,7 +225,7 @@ module Auth0
220
225
  # Return an authorization URL.
221
226
  # @see https://auth0.com/docs/api/authentication#authorization-code-grant
222
227
  # @param redirect_uri [string] URL to redirect after authorization
223
- # @param options [hash] Can contain response_type, connection, state and additional_parameters.
228
+ # @param options [hash] Can contain response_type, connection, state, organization, invitation, and additional_parameters.
224
229
  # @return [url] Authorization URL.
225
230
  def authorization_url(redirect_uri, options = {})
226
231
  raise Auth0::InvalidParameter, 'Must supply a valid redirect_uri' if redirect_uri.to_s.empty?
@@ -231,7 +236,9 @@ module Auth0
231
236
  connection: options.fetch(:connection, nil),
232
237
  redirect_uri: redirect_uri,
233
238
  state: options.fetch(:state, nil),
234
- scope: options.fetch(:scope, nil)
239
+ scope: options.fetch(:scope, nil),
240
+ organization: options.fetch(:organization, @organization),
241
+ invitation: options.fetch(:invitation, nil)
235
242
  }.merge(options.fetch(:additional_parameters, {}))
236
243
 
237
244
  URI::HTTPS.build(host: @domain, path: '/authorize', query: to_query(request_params))
@@ -296,7 +303,7 @@ module Auth0
296
303
  # @see https://auth0.com/docs/tokens/guides/validate-id-tokens
297
304
  # @param id_token [string] The JWT to validate.
298
305
  # @param algorithm [JWKAlgorithm] The expected signing algorithm.
299
- # Defaults to +Auth0::Algorithm::RS256.jwks_url("https://YOUR_AUTH0_DOMAIN/.well-known/jwks.json", lifetime: 10 * 60)+.
306
+
300
307
  # @param leeway [integer] The clock skew to accept when verifying date related claims in seconds.
301
308
  # Must be a non-negative value. Defaults to *60 seconds*.
302
309
  # @param nonce [string] The nonce value sent during authentication.
@@ -306,8 +313,10 @@ module Auth0
306
313
  # Defaults to +https://YOUR_AUTH0_DOMAIN/+.
307
314
  # @param audience [string] The expected audience claim value.
308
315
  # Defaults to your *Auth0 Client ID*.
316
+ # @param organization [string] Organization ID
317
+ # Defaults to your *Auth0 Organization ID*.
309
318
  # rubocop:disable Metrics/MethodLength, Metrics/AbcSize, Metrics/ParameterLists
310
- def validate_id_token(id_token, algorithm: nil, leeway: 60, nonce: nil, max_age: nil, issuer: nil, audience: nil)
319
+ def validate_id_token(id_token, algorithm: nil, leeway: 60, nonce: nil, max_age: nil, issuer: nil, audience: nil, organization: @organization)
311
320
  context = {
312
321
  issuer: issuer || "https://#{@domain}/",
313
322
  audience: audience || @client_id,
@@ -317,6 +326,7 @@ module Auth0
317
326
 
318
327
  context[:nonce] = nonce unless nonce.nil?
319
328
  context[:max_age] = max_age unless max_age.nil?
329
+ context[:organization] = organization unless !organization
320
330
 
321
331
  Auth0::Mixins::Validation::IdTokenValidator.new(context).validate(id_token)
322
332
  end
data/lib/auth0/api/v2.rb CHANGED
@@ -1,5 +1,6 @@
1
1
  require 'auth0/api/v2/anomaly'
2
2
  require 'auth0/api/v2/blacklists'
3
+ require 'auth0/api/v2/branding'
3
4
  require 'auth0/api/v2/clients'
4
5
  require 'auth0/api/v2/client_grants'
5
6
  require 'auth0/api/v2/connections'
@@ -7,6 +8,7 @@ require 'auth0/api/v2/device_credentials'
7
8
  require 'auth0/api/v2/emails'
8
9
  require 'auth0/api/v2/jobs'
9
10
  require 'auth0/api/v2/prompts'
11
+ require 'auth0/api/v2/organizations'
10
12
  require 'auth0/api/v2/rules'
11
13
  require 'auth0/api/v2/roles'
12
14
  require 'auth0/api/v2/stats'
@@ -26,25 +28,27 @@ module Auth0
26
28
  module V2
27
29
  include Auth0::Api::V2::Anomaly
28
30
  include Auth0::Api::V2::Blacklists
31
+ include Auth0::Api::V2::Branding
29
32
  include Auth0::Api::V2::Clients
30
33
  include Auth0::Api::V2::ClientGrants
31
34
  include Auth0::Api::V2::Connections
32
35
  include Auth0::Api::V2::DeviceCredentials
33
36
  include Auth0::Api::V2::Emails
37
+ include Auth0::Api::V2::Guardian
34
38
  include Auth0::Api::V2::Jobs
39
+ include Auth0::Api::V2::Logs
40
+ include Auth0::Api::V2::LogStreams
35
41
  include Auth0::Api::V2::Prompts
42
+ include Auth0::Api::V2::Organizations
36
43
  include Auth0::Api::V2::Rules
37
44
  include Auth0::Api::V2::Roles
38
45
  include Auth0::Api::V2::Stats
39
46
  include Auth0::Api::V2::Users
40
47
  include Auth0::Api::V2::UsersByEmail
41
48
  include Auth0::Api::V2::UserBlocks
49
+ include Auth0::Api::V2::ResourceServers
42
50
  include Auth0::Api::V2::Tenants
43
51
  include Auth0::Api::V2::Tickets
44
- include Auth0::Api::V2::Logs
45
- include Auth0::Api::V2::LogStreams
46
- include Auth0::Api::V2::ResourceServers
47
- include Auth0::Api::V2::Guardian
48
52
  end
49
53
  end
50
54
  end
@@ -0,0 +1,66 @@
1
+ module Auth0
2
+ module Api
3
+ module V2
4
+ # Methods to use the branding endpoints
5
+ module Branding
6
+ attr_reader :branding_path
7
+
8
+ # Retrieve branding settings.
9
+ # @see https://auth0.com/docs/api/management/v2/#!/Branding/get_branding
10
+ #
11
+ # @return [json] Returns branding settings.
12
+ def branding()
13
+ get(branding_path)
14
+ end
15
+ alias get_branding branding
16
+
17
+ # Update branding settings.
18
+ # @see https://auth0.com/docs/api/management/v2/#!/Branding/patch_branding
19
+ # @param body [hash] the branding settings to update
20
+ #
21
+ # @return [json] Returns branding settings.
22
+ def patch_branding(body = {})
23
+ patch(branding_path, body)
24
+ end
25
+ alias update_branding patch_branding
26
+
27
+ # Get template for New Universal Login Experience
28
+ # @see https://auth0.com/docs/api/management/v2/#!/Branding/get_universal_login
29
+ #
30
+ # @return [json] Returns branding settings.
31
+ def branding_templates_for_universal_login
32
+ get(templates_path)
33
+ end
34
+ alias get_branding_templates_for_universal_login branding_templates_for_universal_login
35
+
36
+ # Delete template for New Universal Login Experience
37
+ # @see https://auth0.com/docs/api/management/v2/#!/Branding/delete_universal_login
38
+ # @param rule_id [string] The id of the rule to delete.
39
+ def delete_branding_templates_for_universal_login
40
+ delete(templates_path)
41
+ end
42
+
43
+ # Set template for New Universal Login Experience
44
+ # @see https://auth0.com/docs/api/management/v2/#!/Branding/put_universal_login
45
+ # @param body [hash] the branding settings to update
46
+ #
47
+ # @return [json] Returns branding settings.
48
+ def put_branding_templates_for_universal_login(body = {})
49
+ put(templates_path, body)
50
+ end
51
+ alias set_branding_templates_for_universal_login put_branding_templates_for_universal_login
52
+
53
+ private
54
+
55
+ # Branding API path
56
+ def branding_path
57
+ @branding_path ||= '/api/v2/branding'
58
+ end
59
+
60
+ def templates_path
61
+ @templates_path ||= "#{branding_path}/templates/universal-login"
62
+ end
63
+ end
64
+ end
65
+ end
66
+ end
@@ -9,6 +9,7 @@ module Auth0
9
9
  # being specified. Accepts a list of fields to include or exclude in the resulting list of connection objects.
10
10
  # @see https://auth0.com/docs/api/management/v2#!/Connections/get_connections
11
11
  # @param strategy [string] Strategy to filter connection results.
12
+ # @param name [string] Name to filter connection results.
12
13
  # @param fields [string] A comma separated list of fields to include or exclude from the result.
13
14
  # @param include_fields [boolean] True if the fields specified are to be included in the result, false otherwise.
14
15
  # @param page [int] Page number to get, 0-based.
@@ -16,6 +17,7 @@ module Auth0
16
17
  # @return [json] Returns the existing connections matching the strategy.
17
18
  def connections(
18
19
  strategy: nil,
20
+ name: nil,
19
21
  fields: nil,
20
22
  include_fields: nil,
21
23
  page: nil,
@@ -24,6 +26,7 @@ module Auth0
24
26
  include_fields = true if !fields.nil? && include_fields.nil?
25
27
  request_params = {
26
28
  strategy: strategy,
29
+ name: name,
27
30
  fields: fields.is_a?(Array) ? fields.join(',') : fields,
28
31
  include_fields: include_fields,
29
32
  page: !page.nil? ? page.to_i : nil,
@@ -81,13 +81,15 @@ module Auth0
81
81
  # @param identity [hash] Used to verify secondary, federated, and passwordless-email identities.
82
82
  # * :user_id [string] user_id of the identity.
83
83
  # * :provider [string] provider of the identity.
84
+ # @param organization_id [string] organization id
84
85
  #
85
86
  # @return [json] Returns the job status and properties.
86
- def send_verification_email(user_id, client_id = nil, identity: nil)
87
+ def send_verification_email(user_id, client_id = nil, identity: nil, organization_id: nil)
87
88
  raise Auth0::InvalidParameter, 'Must specify a user id' if user_id.to_s.empty?
88
89
 
89
90
  request_params = { user_id: user_id }
90
91
  request_params[:client_id] = client_id unless client_id.nil?
92
+ request_params[:organization_id] = organization_id unless organization_id.nil?
91
93
 
92
94
  if identity
93
95
  unless identity.is_a? Hash
@@ -0,0 +1,332 @@
1
+ module Auth0
2
+ module Api
3
+ module V2
4
+ # Methods to use the organizations endpoints
5
+ module Organizations
6
+ include Auth0::Mixins::Validation
7
+
8
+ attr_reader :organizations_path
9
+
10
+ # Get all organizations.
11
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_organizations
12
+ # @param options [hash] The Hash options used to define the paging of rersults
13
+ # * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
14
+ # * :page [integer] The page number. Zero based.
15
+ # * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
16
+ # @return [json] All Organizations
17
+ def organizations(options = {})
18
+ request_params = {
19
+ per_page: options.fetch(:per_page, nil),
20
+ page: options.fetch(:page, nil),
21
+ include_totals: options.fetch(:include_totals, nil)
22
+ }
23
+ get(organizations_path, request_params)
24
+ end
25
+ alias get_organizations organizations
26
+
27
+ # Create a new organization.
28
+ # @see ttps://auth0.com/docs/api/management/v2/#!/Organizations/post_organizations
29
+ # @param options [hash] See https://auth0.com/docs/api/management/v2/#!/Organizations/post_organizations for available options
30
+ # @return [json] Returns the created organization.
31
+ def create_organization(options = {})
32
+ post(organizations_path, options)
33
+ end
34
+
35
+ # Get an organization by id. A token with read:organizations scope is required
36
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_organizations_by_id
37
+ # @param organization_id [string] The organization_id of the user to retrieve.
38
+ #
39
+ # @return [json] Returns the organization with the given organization_id if it exists.
40
+ def organization(organization_id)
41
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
42
+ path = "#{organizations_path}/#{organization_id}"
43
+ get(path)
44
+ end
45
+
46
+ # Get an organization by name. A token with read:organizations scope is required.
47
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_name_by_name
48
+ # @param organization_name [string] The Organization name
49
+ #
50
+ # @return [json] Returns the organization with the given organization_name if it exists.
51
+ def organization_by_name(organization_name)
52
+ raise Auth0::InvalidParameter, 'Must supply a valid organization_name' if organization_name.to_s.empty?
53
+ path = "#{organizations_path}/name/#{organization_name}"
54
+ get(path)
55
+ end
56
+
57
+
58
+ # Deletes a single organization given its id
59
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/delete_organizations_by_id
60
+ # @param organization_id [string] The Organization ID
61
+ def delete_organization(organization_id)
62
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
63
+ path = "#{organizations_path}/#{organization_id}"
64
+ delete(path)
65
+ end
66
+
67
+ # Update an existing organization.
68
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/patch_organizations_by_id
69
+ # @param organization_id [string] The Organization ID
70
+ # @param body [hash] The optional parameters to update.
71
+ #
72
+ # @return [json] Returns the updated user.
73
+ def patch_organization(organization_id, body)
74
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
75
+ raise Auth0::InvalidParameter, 'Must supply a valid body' if body.to_s.empty? || body.empty?
76
+ path = "#{organizations_path}/#{organization_id}"
77
+ patch(path, body)
78
+ end
79
+ alias update_organization patch_organization
80
+
81
+ ### Organization Enabled Connections
82
+
83
+ # Get enabled connections in an Organization
84
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_enabled_connections
85
+ # @param organization_id [string] The Organization ID
86
+ #
87
+ # @return [json] Returns the enabled connections for the given organization
88
+ def get_organizations_enabled_connections(organization_id)
89
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
90
+ path = "#{organizations_enabled_connections_path(organization_id)}"
91
+ get(path)
92
+ end
93
+
94
+ # Get enabled connection by id in an Organization
95
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_enabled_connections_by_connectionId
96
+ # @param organization_id [string] The Organization ID
97
+ # @param connection_id [string] The Connection id
98
+ #
99
+ # @return [json] Returns the connection for the given organization
100
+ def get_organizations_enabled_connection(organization_id, connection_id)
101
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
102
+ raise Auth0::InvalidParameter, 'Must supply a valid connection id' if connection_id.to_s.empty?
103
+ path = "#{organizations_enabled_connections_path(organization_id)}/#{connection_id}"
104
+ get(path)
105
+ end
106
+
107
+ # Update an eanbled connection in an Organization
108
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/patch_enabled_connections_by_connectionId
109
+ # @param organization_id [string] The Organization ID
110
+ # @param connection_id [string] The Connection id
111
+ # @param assign_membership_on_login [boolean] flag to allow assign membership on login
112
+ #
113
+ # @return [json] Returns the connection for the given organization
114
+ def patch_organizations_enabled_connection(organization_id, connection_id, assign_membership_on_login: nil)
115
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
116
+ raise Auth0::InvalidParameter, 'Must supply a valid connection id' if connection_id.to_s.empty?
117
+ raise Auth0::InvalidParameter, 'Must supply a valid assign_membership_on_login value' if assign_membership_on_login.nil?
118
+ path = "#{organizations_enabled_connections_path(organization_id)}/#{connection_id}"
119
+
120
+ body = {}
121
+ body[:assign_membership_on_login] = assign_membership_on_login
122
+
123
+ patch(path, body)
124
+ end
125
+ alias update_organizations_enabled_connection patch_organizations_enabled_connection
126
+
127
+ # Add an enabled connection for an Organization
128
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/post_enabled_connections
129
+ # @param organization_id [string] The Organization ID
130
+ # @param assign_membership_on_login [boolean] flag to allow assign membership on login
131
+ #
132
+ # @return [json] Returns the connection for the given organization
133
+ def create_organizations_enabled_connection(organization_id, assign_membership_on_login: false)
134
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
135
+ path = "#{organizations_enabled_connections_path(organization_id)}"
136
+
137
+ body = {}
138
+ body[:assign_membership_on_login] = assign_membership_on_login
139
+
140
+ post(path, body)
141
+ end
142
+ alias add_organizations_enabled_connection create_organizations_enabled_connection
143
+
144
+ # Remove an enabled connection from an Organization
145
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/delete_enabled_connections_by_connectionId
146
+ # @param organization_id [string] The Organization ID
147
+ # @param connection_id [string] The Connection id
148
+ def delete_organizations_enabled_connection(organization_id, connection_id)
149
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
150
+ raise Auth0::InvalidParameter, 'Must supply a valid connection id' if connection_id.to_s.empty?
151
+ path = "#{organizations_enabled_connections_path(organization_id)}/#{connection_id}"
152
+ delete(path)
153
+ end
154
+ alias remove_organizations_enabled_connection delete_organizations_enabled_connection
155
+
156
+ ### Organization Invites
157
+
158
+ # Get invites in an Organization
159
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_invitations
160
+ # @param organization_id [string] The Organization ID
161
+ #
162
+ # @return [json] Returns the invites for the given organization
163
+ def get_organizations_invites(organization_id)
164
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
165
+ path = "#{organizations_invitations_path(organization_id)}"
166
+ get(path)
167
+ end
168
+
169
+ # Get invite by id in an Organization
170
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_invitations_by_invitation_id
171
+ # @param organization_id [string] The Organization ID
172
+ # @param invitation_id [string] The invitation id
173
+ #
174
+ # @return [json] Returns the invitation for the given organization
175
+ def get_organizations_invite(organization_id, invitation_id)
176
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
177
+ raise Auth0::InvalidParameter, 'Must supply a valid invitation id' if invitation_id.to_s.empty?
178
+ path = "#{organizations_invitations_path(organization_id)}/#{invitation_id}"
179
+ get(path)
180
+ end
181
+
182
+ # Create an invitation in an organization
183
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/post_invitations
184
+ # @param organization_id [string] The Organization ID
185
+ # @param options [hash] See https://auth0.com/docs/api/management/v2/#!/Organizations/post_invitations
186
+ # @return [json] Returns the invitation for the given organization
187
+ def create_organizations_invite(organization_id, options = {})
188
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
189
+ path = "#{organizations_invitations_path(organization_id)}"
190
+
191
+ post(path, options)
192
+ end
193
+ alias add_organizations_invite create_organizations_invite
194
+
195
+ # Delete an invitation to organization
196
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/delete_invitations_by_invitation_id
197
+ # @param organization_id [string] The Organization ID
198
+ # @param invitation_id [string] The Invitation id
199
+ def delete_organizations_invite(organization_id, invitation_id)
200
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
201
+ raise Auth0::InvalidParameter, 'Must supply a valid invitation id' if invitation_id.to_s.empty?
202
+ path = "#{organizations_invitations_path(organization_id)}/#{invitation_id}"
203
+ delete(path)
204
+ end
205
+ alias remove_organizations_invite delete_organizations_invite
206
+
207
+ ### Organization Member
208
+
209
+ # Get Members in a Organization
210
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_members
211
+ # @param organization_id [string] The Organization ID
212
+ # @param user_id [string] The User ID
213
+ #
214
+ # @return [json] Returns the members for the given organization
215
+ def get_organizations_members(organization_id)
216
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
217
+ path = "#{organizations_members_path(organization_id)}"
218
+ get(path)
219
+ end
220
+
221
+ # Add members in an organization
222
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/post_members
223
+ # @param organization_id [string] The Organization ID
224
+ # @param members [array] Array of user IDs.
225
+ #
226
+ # @return [json] Returns the invitation for the given organization
227
+ def create_organizations_members(organization_id, members = [])
228
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
229
+ raise Auth0::InvalidParameter, 'Must supply an array of member ids' if members.empty?
230
+ path = "#{organizations_members_path(organization_id)}"
231
+
232
+ body = {}
233
+ body[:members] = members
234
+
235
+ post(path, body)
236
+ end
237
+ alias add_organizations_members create_organizations_members
238
+
239
+ # Remove members from an organization
240
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/delete_members
241
+ # @param organization_id [string] The Organization ID
242
+ # @param members [array] Array of user IDs.
243
+ def delete_organizations_members(organization_id, members = [])
244
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
245
+ raise Auth0::InvalidParameter, 'Must supply an array of member ids' if members.empty?
246
+ path = "#{organizations_members_path(organization_id)}"
247
+
248
+ body = {}
249
+ body[:members] = members
250
+
251
+ delete(path, body)
252
+ end
253
+ alias remove_organizations_members delete_organizations_members
254
+
255
+ ### Organization Member Roles
256
+
257
+ # Get Roles assigned to a Member in an Organization
258
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_organization_member_roles
259
+ # @param organization_id [string] The Organization ID
260
+ # @param user_id [string] The User ID
261
+ #
262
+ # @return [json] Returns the member_roles for the given organization
263
+ def get_organizations_member_roles(organization_id, user_id)
264
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
265
+ raise Auth0::InvalidParameter, 'Must supply a valid user id' if user_id.to_s.empty?
266
+ path = "#{organizations_member_roles_path(organization_id, user_id)}"
267
+ get(path)
268
+ end
269
+
270
+ # Assign roles to a member in an organization
271
+ # @see https://auth0.com/docs/api/management/v2/#!/Organizations/post_organization_member_roles
272
+ # @param organization_id [string] The Organization ID
273
+ # @param user_id [string] The User ID
274
+ # @param roles [array] Array of role IDs.
275
+ #
276
+ # @return [json] Returns the invitation for the given organization
277
+ def create_organizations_member_roles(organization_id, user_id, roles = [])
278
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
279
+ raise Auth0::InvalidParameter, 'Must supply a valid user id' if user_id.to_s.empty?
280
+ raise Auth0::InvalidParameter, 'Must supply an array of role ids' if roles.empty?
281
+ path = "#{organizations_member_roles_path(organization_id, user_id)}"
282
+
283
+ body = {}
284
+ body[:roles] = roles
285
+
286
+ post(path, body)
287
+ end
288
+ alias add_organizations_member_roles create_organizations_member_roles
289
+
290
+ # Remove roles from a Member of an organization
291
+ # @https://auth0.com/docs/api/management/v2/#!/Organizations/delete_organization_member_roles
292
+ # @param organization_id [string] The Organization ID
293
+ # @param user_id [string] The User ID
294
+ # @param roles [array] Array of role IDs.
295
+ def delete_organizations_member_roles(organization_id, user_id, roles = [])
296
+ raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
297
+ raise Auth0::InvalidParameter, 'Must supply a valid user id' if user_id.to_s.empty?
298
+ raise Auth0::InvalidParameter, 'Must supply an array of role ids' if roles.empty?
299
+ path = "#{organizations_member_roles_path(organization_id, user_id)}"
300
+
301
+ body = {}
302
+ body[:roles] = roles
303
+
304
+ delete(path, body)
305
+ end
306
+ alias remove_organizations_member_roles delete_organizations_member_roles
307
+
308
+ private
309
+ # Organizations API path
310
+ def organizations_path
311
+ @organizations_path ||= '/api/v2/organizations'
312
+ end
313
+
314
+ def organizations_enabled_connections_path(org_id)
315
+ "#{organizations_path}/#{org_id}/enabled_connections"
316
+ end
317
+
318
+ def organizations_members_path(org_id)
319
+ "#{organizations_path}/#{org_id}/members"
320
+ end
321
+
322
+ def organizations_member_roles_path(org_id, user_id)
323
+ "#{organizations_path}/#{org_id}/members/#{user_id}/roles"
324
+ end
325
+
326
+ def organizations_invitations_path(org_id)
327
+ "#{organizations_path}/#{org_id}/invitations"
328
+ end
329
+ end
330
+ end
331
+ end
332
+ end