auth0 5.9.0 → 5.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6d736435ce7655dc7910482e66b43a316a198b6b48ffa0b620830b7b55329dcb
-  data.tar.gz: 1b653fb372276036ecc11df764317d5b2dbc08249dd5eaf78181b0982c8d1d84
+  metadata.gz: 40aab484c4f3864d285e116a837151c8e57872a9f879485bdf2433a926b4f668
+  data.tar.gz: 7affd4b6a58f93b73bfa66c8aea85c8064e14a0c74e692e8952223dfda8947a3
 SHA512:
-  metadata.gz: 84c07d47e830c171210764f6cdf392f0a513b78a0996a9e9763d4a4aa069b8a56f4dab5930330e84efcefc68b16125d68e00c65c71cabbf82bc27bd0e5e56a56
-  data.tar.gz: 27e7dce713e1859455806f9d1a90d86e9b3f9b2fdee1872ff1d1295924e162815995e9299b2d0e111d81622d6884b32b916d02b44ceff65ce13429963c87c336
+  metadata.gz: 68da74cb1dac1f68810babc29ceef1ea51d5ef16db4f462d728feb904e2734aae58882cf8a2e945710ccdd796d0c2957a378a42e36b2d3aeb0a286dd52604eae
+  data.tar.gz: 16a91e8033143986d95d8857c66f2642640df6b8416ab7e88f0478668336447c95fbf30fda20a058656cea7936ae1b36d376f99ade14953b10e25faa458de4bb

data/.circleci/config.yml

@@ -6,9 +6,9 @@ orbs:
 matrix_ruby_versions: &matrix_ruby_versions
   matrix:
     parameters:
-      ruby_version: ["2.5", "2.6", "2.7", "3.0"]
+      ruby_version: ["2.7", "3.0", "3.1"]
 # Default version of ruby to use for lint and publishing
-default_ruby_version: &default_ruby_version "2.7"
+default_ruby_version: &default_ruby_version "3.1"
 
 executors:
   ruby-image:
@@ -30,7 +30,7 @@ jobs:
       ruby_version: << parameters.ruby_version >>
     steps:
       - checkout
-      - run: gem install bundler:1.17.2
+      - run: gem install bundler:2.3.22
       - run: rm Gemfile.lock
       - restore_cache:
           key: gems-v2-{{ checksum "Gemfile.lock" }}

data/.devcontainer/Dockerfile

@@ -0,0 +1,19 @@
+# See here for image contents: https://github.com/microsoft/vscode-dev-containers/tree/v0.245.2/containers/ruby/.devcontainer/base.Dockerfile
+
+# [Choice] Ruby version (use -bullseye variants on local arm64/Apple Silicon): 3, 3.1, 3.0, 2, 2.7, 3-bullseye, 3.1-bullseye, 3.0-bullseye, 2-bullseye, 2.7-bullseye, 3-buster, 3.1-buster, 3.0-buster, 2-buster, 2.7-buster
+ARG VARIANT="3.1-bullseye"
+FROM mcr.microsoft.com/vscode/devcontainers/ruby:0-${VARIANT}
+
+# [Choice] Node.js version: none, lts/*, 16, 14, 12, 10
+ARG NODE_VERSION="none"
+RUN if [ "${NODE_VERSION}" != "none" ]; then su vscode -c "umask 0002 && . /usr/local/share/nvm/nvm.sh && nvm install ${NODE_VERSION} 2>&1"; fi
+
+# [Optional] Uncomment this section to install additional OS packages.
+# RUN apt-get update && export DEBIAN_FRONTEND=noninteractive \
+#     && apt-get -y install --no-install-recommends <your-package-list-here>
+
+# [Optional] Uncomment this line to install additional gems.
+# RUN gem install <your-gem-names-here>
+
+# [Optional] Uncomment this line to install global node packages.
+# RUN su vscode -c "source /usr/local/share/nvm/nvm.sh && npm install -g <your-package-here>" 2>&1

data/.devcontainer/devcontainer.json

@@ -0,0 +1,37 @@
+// For format details, see https://aka.ms/devcontainer.json. For config options, see the README at:
+// https://github.com/microsoft/vscode-dev-containers/tree/v0.245.2/containers/ruby
+{
+	"name": "Ruby",
+	"build": {
+		"dockerfile": "Dockerfile",
+		"args": { 
+			// Update 'VARIANT' to pick a Ruby version: 3, 3.1, 3.0, 2, 2.7
+			// Append -bullseye or -buster to pin to an OS version.
+			// Use -bullseye variants on local on arm64/Apple Silicon.
+			"VARIANT": "3.1",
+			// Options
+			"NODE_VERSION": "lts/*"
+		}
+	},
+
+	// Configure tool-specific properties.
+	"customizations": {
+		// Configure properties specific to VS Code.
+		"vscode": {
+			// Add the IDs of extensions you want installed when the container is created.
+			"extensions": [
+				"rebornix.Ruby"
+			]
+		}
+	},
+	
+	// Use 'forwardPorts' to make a list of ports inside the container available locally.
+	// "forwardPorts": [],
+
+	// Use 'postCreateCommand' to run commands after the container is created.
+	// "postCreateCommand": "ruby --version",
+
+	// Comment out to connect as root instead. More info: https://aka.ms/vscode-remote/containers/non-root.
+	"remoteUser": "vscode"
+
+}

data/CHANGELOG.md

@@ -1,5 +1,16 @@
 # Change Log
 
+## [v5.10.0](https://github.com/auth0/ruby-auth0/tree/v5.10.0) (2022-10-10)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.9.0...v5.10.0)
+
+**Changed**
+- Update jwt ~2.5 [\#384](https://github.com/auth0/ruby-auth0/pull/384) ([stevehobbsdev](https://github.com/stevehobbsdev))
+
+**Fixed**
+- Stop :get, :delete parameters from bleeding into subsequent requests [\#388](https://github.com/auth0/ruby-auth0/pull/388) ([stevehobbsdev](https://github.com/stevehobbsdev))
+- Support complex field names in export_users [\#387](https://github.com/auth0/ruby-auth0/pull/387) ([stevehobbsdev](https://github.com/stevehobbsdev))
+- Reconfigure rate limiting exponential backoff [\#386](https://github.com/auth0/ruby-auth0/pull/386) ([stevehobbsdev](https://github.com/stevehobbsdev))
+
 ## [v5.9.0](https://github.com/auth0/ruby-auth0/tree/v5.9.0) (2022-08-24)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.8.1...v5.9.0)
 

data/Gemfile

@@ -16,4 +16,5 @@ group :test do
   gem 'vcr', require: false
   gem 'simplecov-cobertura'
   gem 'timecop', require: false
+  gem 'pp'
 end

data/Gemfile.lock

@@ -1,9 +1,9 @@
 PATH
   remote: .
   specs:
-    auth0 (5.9.0)
+    auth0 (5.10.0)
       addressable (~> 2.8)
-      jwt (~> 2.3.0)
+      jwt (~> 2.5)
       rest-client (~> 2.1)
       retryable (~> 3.0)
       zache (~> 0.12)
@@ -11,20 +11,20 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (7.0.3.1)
-      actionview (= 7.0.3.1)
-      activesupport (= 7.0.3.1)
+    actionpack (7.0.4)
+      actionview (= 7.0.4)
+      activesupport (= 7.0.4)
       rack (~> 2.0, >= 2.2.0)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionview (7.0.3.1)
-      activesupport (= 7.0.3.1)
+    actionview (7.0.4)
+      activesupport (= 7.0.4)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activesupport (7.0.3.1)
+    activesupport (7.0.4)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -53,7 +53,7 @@ GEM
       dotenv (= 2.8.1)
       railties (>= 3.2)
     erubi (1.11.0)
-    faker (2.22.0)
+    faker (2.23.0)
       i18n (>= 1.8.11, < 2)
     fuubar (2.5.1)
       rspec-core (~> 3.0)
@@ -66,11 +66,11 @@ GEM
     i18n (1.12.0)
       concurrent-ruby (~> 1.0)
     io-console (0.5.11)
-    irb (1.4.1)
+    irb (1.4.2)
       reline (>= 0.3.0)
     json (2.6.2)
-    jwt (2.3.0)
-    loofah (2.18.0)
+    jwt (2.5.0)
+    loofah (2.19.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     method_source (0.9.2)
@@ -85,6 +85,9 @@ GEM
     parallel (1.22.1)
     parser (3.1.2.1)
       ast (~> 2.4.1)
+    pp (0.3.0)
+      prettyprint
+    prettyprint (0.1.1)
     pry (0.12.2)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
@@ -100,16 +103,16 @@ GEM
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.4.3)
       loofah (~> 2.3)
-    railties (7.0.3.1)
-      actionpack (= 7.0.3.1)
-      activesupport (= 7.0.3.1)
+    railties (7.0.4)
+      actionpack (= 7.0.4)
+      activesupport (= 7.0.4)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
       zeitwerk (~> 2.5)
     rainbow (3.1.1)
     rake (13.0.6)
-    regexp_parser (2.5.0)
+    regexp_parser (2.6.0)
     reline (0.3.1)
       io-console (~> 0.5)
     rest-client (2.1.0)
@@ -125,14 +128,14 @@ GEM
       rspec-mocks (~> 3.11.0)
     rspec-core (3.11.0)
       rspec-support (~> 3.11.0)
-    rspec-expectations (3.11.0)
+    rspec-expectations (3.11.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.11.0)
     rspec-mocks (3.11.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.11.0)
-    rspec-support (3.11.0)
-    rubocop (1.35.1)
+    rspec-support (3.11.1)
+    rubocop (1.36.0)
       json (~> 2.3)
       parallel (~> 1.10)
       parser (>= 3.1.2.1)
@@ -144,10 +147,10 @@ GEM
       unicode-display_width (>= 1.4.0, < 3.0)
     rubocop-ast (1.21.0)
       parser (>= 3.1.1.0)
-    rubocop-rails (2.15.2)
+    rubocop-rails (2.16.1)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
-      rubocop (>= 1.7.0, < 2.0)
+      rubocop (>= 1.33.0, < 2.0)
     ruby-progressbar (1.11.0)
     simplecov (0.21.2)
       docile (~> 1.1)
@@ -170,14 +173,14 @@ GEM
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.8.2)
-    unicode-display_width (2.2.0)
+    unicode-display_width (2.3.0)
     vcr (6.1.0)
     webmock (3.18.1)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
     zache (0.12.0)
-    zeitwerk (2.6.0)
+    zeitwerk (2.6.1)
 
 PLATFORMS
   x86_64-linux
@@ -191,12 +194,13 @@ DEPENDENCIES
   fuubar (~> 2.0)
   gem-release (~> 0.7)
   irb
+  pp
   pry (~> 0.10)
   pry-nav (~> 0.2)
   rack (~> 2.1)
   rack-test (~> 0.6)
   rake (~> 13.0)
-  rspec (~> 3.5)
+  rspec (~> 3.11)
   rubocop
   rubocop-rails
   simplecov (~> 0.9)

data/auth0.gemspec

@@ -17,7 +17,7 @@ Gem::Specification.new do |s|
   s.require_paths = ['lib']
 
   s.add_runtime_dependency 'rest-client', '~> 2.1'
-  s.add_runtime_dependency 'jwt', '~> 2.3.0'
+  s.add_runtime_dependency 'jwt', '~> 2.5'
   s.add_runtime_dependency 'zache', '~> 0.12'
   s.add_runtime_dependency 'addressable', '~> 2.8'
   s.add_runtime_dependency 'retryable', '~> 3.0'
@@ -29,7 +29,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'dotenv-rails', '~> 2.0'
   s.add_development_dependency 'pry', '~> 0.10'
   s.add_development_dependency 'pry-nav', '~> 0.2'
-  s.add_development_dependency 'rspec', '~> 3.5'
+  s.add_development_dependency 'rspec', '~> 3.11'
   s.add_development_dependency 'rack-test', '~> 0.6'
   s.add_development_dependency 'rack', '~> 2.1'
   s.add_development_dependency 'simplecov', '~> 0.9'

data/examples/ruby-api/Gemfile

@@ -3,6 +3,7 @@
 source 'http://rubygems.org'
 
 # gem "rails"
-gem 'sinatra', '~> 1.4'
-gem 'jwt', '~> 1.5'
+gem 'sinatra', '~> 2.2'
+gem 'jwt', '~> 2.5'
 gem 'dotenv'
+gem 'puma'

data/examples/ruby-api/Gemfile.lock

@@ -0,0 +1,32 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    dotenv (2.8.1)
+    jwt (2.5.0)
+    mustermann (2.0.2)
+      ruby2_keywords (~> 0.0.1)
+    nio4r (2.5.8)
+    puma (5.6.5)
+      nio4r (~> 2.0)
+    rack (2.2.4)
+    rack-protection (2.2.2)
+      rack
+    ruby2_keywords (0.0.5)
+    sinatra (2.2.2)
+      mustermann (~> 2.0)
+      rack (~> 2.2)
+      rack-protection (= 2.2.2)
+      tilt (~> 2.0)
+    tilt (2.0.11)
+
+PLATFORMS
+  aarch64-linux
+
+DEPENDENCIES
+  dotenv
+  jwt (~> 2.5)
+  puma
+  sinatra (~> 2.2)
+
+BUNDLED WITH
+   2.3.7

data/examples/ruby-api/README.md

@@ -1,8 +1,8 @@
-#Auth0 + Ruby API Seed
+# Auth0 + Ruby API Seed
 
 This is the seed project you need to use if you're going to create a Ruby API. You'll mostly use this API either for a SPA or a Mobile app.
 
-#Running the example
+# Running the example
 
 In order to run the example you need to have ruby installed.
 

data/lib/auth0/api/v2/jobs.rb

@@ -60,6 +60,9 @@ module Auth0
         #   :format [string] The format of the file. Valid values are: "json" and "csv".
         #   :limit [integer] Limit the number of users to export.
         #   :fields [array] A list of fields to be included in the CSV.
+        #     This can either be an array of strings representing field names, or an object.
+        #     If it's a string, it is mapped to the correct { name: '<field name>' } object required by the endpoint.
+        #     If it's an object, it is passed through as-is to the endpoint.
         #     If omitted, a set of predefined fields will be exported.
         #
         # @return [json] Returns the job status and properties.
@@ -109,14 +112,22 @@ module Auth0
           @jobs_path ||= '/api/v2/jobs'
         end
 
-        # Map array of field names for export to array of objects
-        # @param fields [array] Field names to be included in the export
-
+        # Map array of fields for export to array of objects
+        # @param fields [array] Fields to be included in the export
+        #     This can either be an array of strings representing field names, or an object.
+        #     If it's a string, it is mapped to the correct { name: '<field name>' } object required by the endpoint.
+        #     If it's an object, it is passed through as-is to the endpoint.
         # @return [array] Returns the fields mapped as array of objects for the export_users endpoint
         def fields_for_export(fields)
           return nil if fields.to_s.empty?
 
-          fields.map { |field| { name: field } }
+          fields.map { |field|             
+            if field.is_a? String
+              { name: field }
+            else
+              field
+            end
+          }
         end
       end
     end

data/lib/auth0/api/v2/organizations.rb

@@ -9,7 +9,7 @@ module Auth0
 
         # Get all organizations.
         # @see https://auth0.com/docs/api/management/v2/#!/Organizations/get_organizations
-        # @param options [hash] The Hash options used to define the paging of rersults
+        # @param options [hash] The Hash options used to define the paging of results
         #   * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
         #   * :page [integer] The page number. Zero based.
         #   * :from [string] For checkpoint pagination, the ID from which to start selection from.

data/lib/auth0/mixins/httpproxy.rb

@@ -8,11 +8,12 @@ module Auth0
     # for now, if you want to feel free to use your own http client
     module HTTPProxy
       attr_accessor :headers, :base_uri, :timeout, :retry_count
-      DEAFULT_RETRIES = 3
+      DEFAULT_RETRIES = 3
       MAX_ALLOWED_RETRIES = 10
       MAX_REQUEST_RETRY_JITTER = 250
       MAX_REQUEST_RETRY_DELAY = 1000
-      MIN_REQUEST_RETRY_DELAY = 100
+      MIN_REQUEST_RETRY_DELAY = 250
+      BASE_DELAY = 100
 
       # proxying requests from instance methods to HTTP class methods
       %i(get post post_file put patch delete delete_with_body).each do |method|
@@ -26,14 +27,14 @@ module Auth0
 
       def retry_options
         sleep_timer = lambda do |attempt|
-          wait = 1000 * 2**attempt # Exponential delay with each subsequent request attempt.
-          wait += rand(wait..wait+MAX_REQUEST_RETRY_JITTER) # Add jitter to the delay window.
+          wait = BASE_DELAY * (2**attempt-1) # Exponential delay with each subsequent request attempt.
+          wait += rand(wait+1..wait+MAX_REQUEST_RETRY_JITTER) # Add jitter to the delay window.
           wait = [MAX_REQUEST_RETRY_DELAY, wait].min # Cap delay at MAX_REQUEST_RETRY_DELAY.
           wait = [MIN_REQUEST_RETRY_DELAY, wait].max # Ensure delay is no less than MIN_REQUEST_RETRY_DELAY.
           wait / 1000.to_f.round(2) # convert ms to seconds
         end
 
-        tries = 1 + [Integer(retry_count || DEAFULT_RETRIES), MAX_ALLOWED_RETRIES].min # Cap retries at MAX_ALLOWED_RETRIES
+        tries = 1 + [Integer(retry_count || DEFAULT_RETRIES), MAX_ALLOWED_RETRIES].min # Cap retries at MAX_ALLOWED_RETRIES
 
         {
           tries: tries,
@@ -72,15 +73,13 @@ module Auth0
 
       def request(method, uri, body = {}, extra_headers = {})
         result = if method == :get
-          # Mutate the headers property to add parameters.
-          add_headers({params: body})
-          # Merge custom headers into existing ones for this req.
-          # This prevents future calls from using them.
-          get_headers = headers.merge extra_headers
-          # Make the call with extra_headers, if provided.
+          @headers ||= {}
+          get_headers = @headers.merge({params: body}).merge(extra_headers)
           call(:get, encode_uri(uri), timeout, get_headers)
         elsif method == :delete
-          call(:delete, encode_uri(uri), timeout, add_headers({params: body}))
+          @headers ||= {}
+          delete_headers = @headers.merge({ params: body })
+          call(:delete, encode_uri(uri), timeout, delete_headers)
         elsif method == :delete_with_body
           call(:delete, encode_uri(uri), timeout, headers, body.to_json)
         elsif method == :post_file

data/lib/auth0/mixins/token_management.rb

@@ -6,7 +6,6 @@ module Auth0
 
       def initialize_token(options)
         @token = options[:access_token] || options[:token]
-        
         # default expiry to an hour if a token was given but no expires_at
         @token_expires_at = @token ? options[:token_expires_at] || Time.now.to_i + 3600 : nil 
 
@@ -15,6 +14,7 @@ module Auth0
       end
 
       def get_token
+        # pp @token_expires_at
         has_expired = @token && @token_expires_at ? @token_expires_at < (Time.now.to_i + 10) : false
         
         if (@token.nil? || has_expired) && @client_id && @client_secret

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '5.9.0'.freeze
+  VERSION = '5.10.0'.freeze
 end

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Clients/_patch_client/should_update_the_client_with_the_correct_attributes.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: patch
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/clients/SftKo9ySyHnMPezQUFd0C70GBoNFM21F?fields=jwt_configuration&include_fields=false
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/clients/SftKo9ySyHnMPezQUFd0C70GBoNFM21F
     body:
       encoding: UTF-8
       string: '{"custom_login_page_on":false,"sso":true}'
@@ -12,6 +12,7 @@ http_interactions:
       User-Agent:
       - rest-client/2.1.0 (darwin19.6.0 x86_64) ruby/2.7.0p0
       Content-Type:
+
       - application/json
       Auth0-Client:
       - eyJuYW1lIjoicnVieS1hdXRoMCIsInZlcnNpb24iOiI1LjUuMCIsImVudiI6eyJydWJ5IjoiMi43LjAifX0=

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Connections/_update_connection/should_update_the_connection.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: patch
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_WltM0fv20JCnxOuY?email=rubytest-210908-rubytest-210908-username@auth0.com
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/connections/con_WltM0fv20JCnxOuY
     body:
       encoding: UTF-8
       string: '{"options":{"mfa":{"active":true,"return_enroll_settings":true},"passwordPolicy":"excellent","strategy_version":2,"brute_force_protection":true}}'

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Rules/_update_rule/should_update_the_disabled_rule_to_be_enabled.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: patch
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/rules/rul_bsg64xEPZz4WOkXz?fields=stage&include_fields=false
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/rules/rul_bsg64xEPZz4WOkXz
     body:
       encoding: UTF-8
       string: '{"enabled":true}'

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tenants/_update_tenant_settings/should_revert_the_tenant_name.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: patch
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/tenants/settings?fields=support_email&include_fields=true
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/tenants/settings
     body:
       encoding: UTF-8
       string: '{"friendly_name":"Auth0"}'

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Tenants/_update_tenant_settings/should_update_the_tenant_settings_with_a_new_tenant_name.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: patch
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/tenants/settings?fields=support_email&include_fields=true
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/tenants/settings
     body:
       encoding: UTF-8
       string: '{"friendly_name":"Auth0-CHANGED"}'

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_add_user_roles/should_add_a_Role_to_a_User_successfully.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: post
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/users/auth0%7C613282adac819400692c0dd9/roles?per_page=2
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/users/auth0%7C613282adac819400692c0dd9/roles
     body:
       encoding: UTF-8
       string: '{"roles":["rol_2VZOCes8HgBar3Tp"]}'

data/spec/fixtures/vcr_cassettes/Auth0_Api_V2_Users/_patch_user/should_patch_the_User_successfully.yml

@@ -2,7 +2,7 @@
 http_interactions:
 - request:
     method: patch
-    uri: https://auth0-sdk-tests.auth0.com/api/v2/users/auth0%7C613282adac819400692c0dd9?fields=email&include_fields=true
+    uri: https://auth0-sdk-tests.auth0.com/api/v2/users/auth0%7C613282adac819400692c0dd9
     body:
       encoding: UTF-8
       string: '{"email_verified":true,"user_metadata":{"addresses":{"home_address":"742

data/spec/lib/auth0/api/v2/jobs_spec.rb

@@ -67,6 +67,7 @@ describe Auth0::Api::V2::Jobs do
         format: 'csv',
         limit: 10
       })
+
       @instance.export_users(
         fields: ['author'],
         connection_id: 'test-connection',
@@ -74,6 +75,23 @@ describe Auth0::Api::V2::Jobs do
         limit: 10
       )
     end
+
+    it 'sends post to /api/v2/jobs/users-exports with export_as field' do
+      expect(@instance).to receive(:post).with(
+        '/api/v2/jobs/users-exports', {
+        fields: [{ name: 'author', export_as: 'writer' }],
+        connection_id: 'test-connection',
+        format: 'csv',
+        limit: 10
+      })
+      
+      @instance.export_users(
+        fields: [{ name: 'author', export_as: 'writer' }],
+        connection_id: 'test-connection',
+        format: 'csv',
+        limit: 10
+      )
+    end
   end
 
   context '.send_verification_email' do

data/spec/lib/auth0/mixins/httpproxy_spec.rb

@@ -494,12 +494,13 @@ describe Auth0::Mixins::HTTPProxy do
   end
 
   context "Renewing tokens" do
-    before :each do
-      @token_instance = DummyClassForTokens.new(
+    let(:httpproxy_instance) {
+      DummyClassForTokens.new(
         client_id: 'test-client-id',
         client_secret: 'test-client-secret',
-        domain: 'auth0.com')
-    end
+        domain: 'auth0.com',
+      )
+    }
 
     %i(get delete).each do |http_method|
       context "for #{http_method}" do
@@ -507,7 +508,7 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: :post,
             url: 'https://auth0.com/oauth/token',
-          ) ).and_return(StubResponse.new({ 
+          )).and_return(StubResponse.new({ 
             "access_token" => "access_token", 
             "expires_in" => 86400}, 
             true, 
@@ -515,11 +516,10 @@ describe Auth0::Mixins::HTTPProxy do
 
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
-            url: 'https://auth0.com/test',
-            headers: { params: {}, "Authorization" => "Bearer access_token" }
+            url: 'https://auth0.com/test'
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
         end
       end
     end
@@ -539,24 +539,24 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
             url: 'https://auth0.com/test',
-            headers: { "Authorization" => "Bearer access_token" }
+            headers: hash_including( "Authorization" => "Bearer access_token")
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
         end
       end
     end
   end
 
   context "Using cached tokens" do
-    before :each do
-      @token_instance = DummyClassForTokens.new(
+    let(:httpproxy_instance) {
+      DummyClassForTokens.new(
         client_id: 'test-client-id',
         client_secret: 'test-client-secret',
         domain: 'auth0.com',
         token: 'access_token',
         token_expires_at: Time.now.to_i + 86400)
-    end
+    }
 
     %i(get delete).each do |http_method|
       context "for #{http_method}" do
@@ -569,10 +569,10 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
             url: 'https://auth0.com/test',
-            headers: { params: {}, "Authorization" => "Bearer access_token" }
+            headers: hash_including(params: {}, "Authorization" => "Bearer access_token")
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
         end
       end
     end
@@ -588,10 +588,46 @@ describe Auth0::Mixins::HTTPProxy do
           expect(RestClient::Request).to receive(:execute).with(hash_including(
             method: http_method,
             url: 'https://auth0.com/test',
-            headers: { "Authorization" => "Bearer access_token" }
+            headers: hash_including("Authorization" => "Bearer access_token")
           )).and_return(StubResponse.new('Some random text here', true, 200))
 
-          expect { @token_instance.send(http_method, '/test') }.not_to raise_error
+          expect { httpproxy_instance.send(http_method, '/test') }.not_to raise_error
+        end
+      end
+    end
+  end
+
+  context 'Normal operation' do
+    let(:httpproxy_instance) {
+      DummyClassForTokens.new(
+        client_id: 'test-client-id',
+        client_secret: 'test-client-secret',
+        domain: 'auth0.com',
+        token: 'access_token',
+        token_expires_at: Time.now.to_i + 86400)
+    }
+
+    # This sets up a test matrix to verify that both :get and :delete calls (the only two HTTP methods in the proxy that mutated headers)
+    # don't bleed query params into subsequent calls to :post :patch and :put.
+    %i(get delete).each do |http_get_delete|
+      %i(post patch put).each do |http_ppp|
+        it "should not bleed :#{http_get_delete} headers/parameters to the subsequent :#{http_ppp} request" do
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_get_delete,
+            url: "https://auth0.com/test-#{http_get_delete}",
+            headers: hash_including(params: { email: 'test@test.com' })
+          )).and_return(StubResponse.new('OK', true, 200))
+
+          # email: parameter that is sent in the GET request should not appear
+          # as a parameter in the `headers` hash for the subsequent PATCH request.
+          expect(RestClient::Request).to receive(:execute).with(hash_including(
+            method: http_ppp,
+            url: "https://auth0.com/test-#{http_ppp}",
+            headers: hash_not_including(:params)
+          )).and_return(StubResponse.new('OK', true, 200))
+
+          expect { httpproxy_instance.send(http_get_delete, "/test-#{http_get_delete}", { email: 'test@test.com' }) }.not_to raise_error
+          expect { httpproxy_instance.send(http_ppp, "/test-#{http_ppp}") }.not_to raise_error
         end
       end
     end

data/spec/lib/auth0/mixins/token_management_spec.rb

@@ -110,16 +110,11 @@ describe Auth0::Mixins::TokenManagement do
 
     it 'does not renew existing token if no token_expires_at' do
       params[:token] = 'test-token'
+      instance.instance_variable_set '@token_expires_at', nil
 
-      expect(RestClient::Request).not_to receive(:execute).with(hash_including(
-        method: :post,
-        url: 'https://samples.auth0.com/oauth/token',
-      ))
+      expect(RestClient::Request).not_to receive(:execute)
 
       instance.send(:get_token)
-
-      expect(instance.instance_variable_get('@token')).to eq('test-token')
-      expect(instance.instance_variable_get('@token_expires_at')).to be_nil
     end
   end
 end

data/spec/spec_helper.rb

@@ -51,6 +51,10 @@ RSpec.configure do |config|
   config.filter_run focus: true
   config.run_all_when_everything_filtered = true
   config.include Credentials
+
+  config.expect_with :rspec do |c|
+    c.max_formatted_output_length = 1000000
+  end
 end
 
 def wait(time, increment = 5, elapsed_time = 0, &block)

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auth0
 version: !ruby/object:Gem::Version
-  version: 5.9.0
+  version: 5.10.0
 platform: ruby
 authors:
 - Auth0
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-08-24 00:00:00.000000000 Z
+date: 2022-10-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -33,14 +33,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: '2.5'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.3.0
+        version: '2.5'
 - !ruby/object:Gem::Dependency
   name: zache
   requirement: !ruby/object:Gem::Requirement
@@ -173,14 +173,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.11'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '3.11'
 - !ruby/object:Gem::Dependency
   name: rack-test
   requirement: !ruby/object:Gem::Requirement
@@ -260,6 +260,8 @@ extra_rdoc_files: []
 files:
 - ".bundle/config"
 - ".circleci/config.yml"
+- ".devcontainer/Dockerfile"
+- ".devcontainer/devcontainer.json"
 - ".env.example"
 - ".gemrelease"
 - ".github/CODEOWNERS"
@@ -291,6 +293,7 @@ files:
 - examples/ruby-api/.env.example
 - examples/ruby-api/.gitignore
 - examples/ruby-api/Gemfile
+- examples/ruby-api/Gemfile.lock
 - examples/ruby-api/README.md
 - examples/ruby-api/config.ru
 - examples/ruby-api/main.rb