auth0 5.12.0 → 5.13.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.circleci/config.yml +3 -2
- data/.semgrepignore +6 -0
- data/CHANGELOG.md +9 -0
- data/Gemfile.lock +27 -27
- data/examples/ruby-api/Gemfile.lock +1 -1
- data/lib/auth0/api/authentication_endpoints.rb +37 -0
- data/lib/auth0/mixins/httpproxy.rb +5 -2
- data/lib/auth0/version.rb +1 -1
- data/spec/lib/auth0/api/authentication_endpoints_spec.rb +90 -0
- data/spec/lib/auth0/mixins/httpproxy_spec.rb +38 -77
- data/spec/support/dummy_class_for_tokens.rb +1 -0
- metadata +4 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: cb764cc8daf156b3d3736bff8c65c69c32db6d15757f2e450ea85eb0dca300c0
|
|
4
|
+
data.tar.gz: b0cfc02df42818062bc5cb609daaffd04806f9ea92f771caf58575b9faa781c8
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 68c6502714f8c631aa92a0b29d387e662cf06b9ec4e18f4d12e3260a7068a5e754b1f29bc60a76b2defa54763919ee9b6e31ffb5181d1c0d38c584bf4d0186a3
|
|
7
|
+
data.tar.gz: 26a2e83b7aa49807d45cda688d857d8dc93177bdd4a47b92b0e952561a2dbda2a056a15c537b71a787d22ddebb5ebb4fddb9f7e83fb26ce7e769b1c23a49c221
|
data/.circleci/config.yml
CHANGED
|
@@ -6,7 +6,7 @@ orbs:
|
|
|
6
6
|
matrix_ruby_versions: &matrix_ruby_versions
|
|
7
7
|
matrix:
|
|
8
8
|
parameters:
|
|
9
|
-
ruby_version: ["
|
|
9
|
+
ruby_version: ["3.0", "3.1", "3.2"]
|
|
10
10
|
# Default version of ruby to use for lint and publishing
|
|
11
11
|
default_ruby_version: &default_ruby_version "3.2"
|
|
12
12
|
|
|
@@ -41,7 +41,8 @@ jobs:
|
|
|
41
41
|
- vendor/bundle
|
|
42
42
|
# Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
|
|
43
43
|
- run: bundle exec rake test
|
|
44
|
-
- codecov/upload
|
|
44
|
+
- codecov/upload:
|
|
45
|
+
file: /home/circleci/project/coverage/coverage.xml
|
|
45
46
|
|
|
46
47
|
workflows:
|
|
47
48
|
tests:
|
data/.semgrepignore
ADDED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,14 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## [v5.13.0](https://github.com/auth0/ruby-auth0/tree/v5.13.0) (2023-04-24)
|
|
4
|
+
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.12.0...v5.13.0)
|
|
5
|
+
|
|
6
|
+
**Added**
|
|
7
|
+
- [SDK-4142] Add support for /oauth/par [\#470](https://github.com/auth0/ruby-auth0/pull/470) ([stevehobbsdev](https://github.com/stevehobbsdev))
|
|
8
|
+
|
|
9
|
+
**Deprecated**
|
|
10
|
+
- Drop support for 2.7 in CI build [\#467](https://github.com/auth0/ruby-auth0/pull/467) ([stevehobbsdev](https://github.com/stevehobbsdev))
|
|
11
|
+
|
|
3
12
|
## [v5.12.0](https://github.com/auth0/ruby-auth0/tree/v5.12.0) (2023-03-13)
|
|
4
13
|
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.11.0...v5.12.0)
|
|
5
14
|
|
data/Gemfile.lock
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
auth0 (5.
|
|
4
|
+
auth0 (5.13.0)
|
|
5
5
|
addressable (~> 2.8)
|
|
6
6
|
jwt (~> 2.5)
|
|
7
7
|
rest-client (~> 2.1)
|
|
@@ -11,25 +11,25 @@ PATH
|
|
|
11
11
|
GEM
|
|
12
12
|
remote: https://rubygems.org/
|
|
13
13
|
specs:
|
|
14
|
-
actionpack (7.0.4.
|
|
15
|
-
actionview (= 7.0.4.
|
|
16
|
-
activesupport (= 7.0.4.
|
|
14
|
+
actionpack (7.0.4.3)
|
|
15
|
+
actionview (= 7.0.4.3)
|
|
16
|
+
activesupport (= 7.0.4.3)
|
|
17
17
|
rack (~> 2.0, >= 2.2.0)
|
|
18
18
|
rack-test (>= 0.6.3)
|
|
19
19
|
rails-dom-testing (~> 2.0)
|
|
20
20
|
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
|
21
|
-
actionview (7.0.4.
|
|
22
|
-
activesupport (= 7.0.4.
|
|
21
|
+
actionview (7.0.4.3)
|
|
22
|
+
activesupport (= 7.0.4.3)
|
|
23
23
|
builder (~> 3.1)
|
|
24
24
|
erubi (~> 1.4)
|
|
25
25
|
rails-dom-testing (~> 2.0)
|
|
26
26
|
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
|
27
|
-
activesupport (7.0.4.
|
|
27
|
+
activesupport (7.0.4.3)
|
|
28
28
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
|
29
29
|
i18n (>= 1.6, < 2)
|
|
30
30
|
minitest (>= 5.1)
|
|
31
31
|
tzinfo (~> 2.0)
|
|
32
|
-
addressable (2.8.
|
|
32
|
+
addressable (2.8.4)
|
|
33
33
|
public_suffix (>= 2.0.2, < 6.0)
|
|
34
34
|
ast (2.4.2)
|
|
35
35
|
builder (3.2.4)
|
|
@@ -65,11 +65,11 @@ GEM
|
|
|
65
65
|
i18n (1.12.0)
|
|
66
66
|
concurrent-ruby (~> 1.0)
|
|
67
67
|
io-console (0.6.0)
|
|
68
|
-
irb (1.6.
|
|
68
|
+
irb (1.6.4)
|
|
69
69
|
reline (>= 0.3.0)
|
|
70
70
|
json (2.6.3)
|
|
71
71
|
jwt (2.7.0)
|
|
72
|
-
loofah (2.
|
|
72
|
+
loofah (2.20.0)
|
|
73
73
|
crass (~> 1.0.2)
|
|
74
74
|
nokogiri (>= 1.5.9)
|
|
75
75
|
method_source (1.0.0)
|
|
@@ -79,17 +79,17 @@ GEM
|
|
|
79
79
|
minitest (5.18.0)
|
|
80
80
|
multi_json (1.15.0)
|
|
81
81
|
netrc (0.11.0)
|
|
82
|
-
nokogiri (1.14.
|
|
82
|
+
nokogiri (1.14.3-x86_64-linux)
|
|
83
83
|
racc (~> 1.4)
|
|
84
|
-
parallel (1.
|
|
85
|
-
parser (3.2.
|
|
84
|
+
parallel (1.23.0)
|
|
85
|
+
parser (3.2.2.1)
|
|
86
86
|
ast (~> 2.4.1)
|
|
87
87
|
pp (0.4.0)
|
|
88
88
|
prettyprint
|
|
89
89
|
prettyprint (0.1.1)
|
|
90
90
|
public_suffix (5.0.1)
|
|
91
91
|
racc (1.6.2)
|
|
92
|
-
rack (2.2.6.
|
|
92
|
+
rack (2.2.6.4)
|
|
93
93
|
rack-test (0.8.3)
|
|
94
94
|
rack (>= 1.0, < 3)
|
|
95
95
|
rails-dom-testing (2.0.3)
|
|
@@ -97,17 +97,17 @@ GEM
|
|
|
97
97
|
nokogiri (>= 1.6)
|
|
98
98
|
rails-html-sanitizer (1.5.0)
|
|
99
99
|
loofah (~> 2.19, >= 2.19.1)
|
|
100
|
-
railties (7.0.4.
|
|
101
|
-
actionpack (= 7.0.4.
|
|
102
|
-
activesupport (= 7.0.4.
|
|
100
|
+
railties (7.0.4.3)
|
|
101
|
+
actionpack (= 7.0.4.3)
|
|
102
|
+
activesupport (= 7.0.4.3)
|
|
103
103
|
method_source
|
|
104
104
|
rake (>= 12.2)
|
|
105
105
|
thor (~> 1.0)
|
|
106
106
|
zeitwerk (~> 2.5)
|
|
107
107
|
rainbow (3.1.1)
|
|
108
108
|
rake (13.0.6)
|
|
109
|
-
regexp_parser (2.
|
|
110
|
-
reline (0.3.
|
|
109
|
+
regexp_parser (2.8.0)
|
|
110
|
+
reline (0.3.3)
|
|
111
111
|
io-console (~> 0.5)
|
|
112
112
|
rest-client (2.1.0)
|
|
113
113
|
http-accept (>= 1.7.0, < 2.0)
|
|
@@ -120,28 +120,28 @@ GEM
|
|
|
120
120
|
rspec-core (~> 3.12.0)
|
|
121
121
|
rspec-expectations (~> 3.12.0)
|
|
122
122
|
rspec-mocks (~> 3.12.0)
|
|
123
|
-
rspec-core (3.12.
|
|
123
|
+
rspec-core (3.12.2)
|
|
124
124
|
rspec-support (~> 3.12.0)
|
|
125
|
-
rspec-expectations (3.12.
|
|
125
|
+
rspec-expectations (3.12.3)
|
|
126
126
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
127
127
|
rspec-support (~> 3.12.0)
|
|
128
|
-
rspec-mocks (3.12.
|
|
128
|
+
rspec-mocks (3.12.5)
|
|
129
129
|
diff-lcs (>= 1.2.0, < 2.0)
|
|
130
130
|
rspec-support (~> 3.12.0)
|
|
131
131
|
rspec-support (3.12.0)
|
|
132
|
-
rubocop (1.
|
|
132
|
+
rubocop (1.50.2)
|
|
133
133
|
json (~> 2.3)
|
|
134
134
|
parallel (~> 1.10)
|
|
135
135
|
parser (>= 3.2.0.0)
|
|
136
136
|
rainbow (>= 2.2.2, < 4.0)
|
|
137
137
|
regexp_parser (>= 1.8, < 3.0)
|
|
138
138
|
rexml (>= 3.2.5, < 4.0)
|
|
139
|
-
rubocop-ast (>= 1.
|
|
139
|
+
rubocop-ast (>= 1.28.0, < 2.0)
|
|
140
140
|
ruby-progressbar (~> 1.7)
|
|
141
141
|
unicode-display_width (>= 2.4.0, < 3.0)
|
|
142
|
-
rubocop-ast (1.
|
|
142
|
+
rubocop-ast (1.28.0)
|
|
143
143
|
parser (>= 3.2.1.0)
|
|
144
|
-
rubocop-rails (2.
|
|
144
|
+
rubocop-rails (2.19.1)
|
|
145
145
|
activesupport (>= 4.2.0)
|
|
146
146
|
rack (>= 1.1)
|
|
147
147
|
rubocop (>= 1.33.0, < 2.0)
|
|
@@ -202,4 +202,4 @@ DEPENDENCIES
|
|
|
202
202
|
webmock
|
|
203
203
|
|
|
204
204
|
BUNDLED WITH
|
|
205
|
-
2.
|
|
205
|
+
2.4.10
|
|
@@ -323,6 +323,21 @@ module Auth0
|
|
|
323
323
|
URI::HTTPS.build(host: @domain, path: '/authorize', query: to_query(request_params))
|
|
324
324
|
end
|
|
325
325
|
|
|
326
|
+
# Return an authorization URL for PAR requests
|
|
327
|
+
# @see https://www.rfc-editor.org/rfc/rfc9126.html
|
|
328
|
+
# @param request_uri [string] The request_uri as obtained by calling `pushed_authorization_request`
|
|
329
|
+
# @param additional_parameters Any additional parameters to send
|
|
330
|
+
def par_authorization_url(request_uri)
|
|
331
|
+
raise Auth0::InvalidParameter, 'Must supply a valid request_uri' if request_uri.to_s.empty?
|
|
332
|
+
|
|
333
|
+
request_params = {
|
|
334
|
+
client_id: @client_id,
|
|
335
|
+
request_uri: request_uri,
|
|
336
|
+
}
|
|
337
|
+
|
|
338
|
+
URI::HTTPS.build(host: @domain, path: '/authorize', query: to_query(request_params))
|
|
339
|
+
end
|
|
340
|
+
|
|
326
341
|
# Returns an Auth0 logout URL with a return URL.
|
|
327
342
|
# @see https://auth0.com/docs/api/authentication#logout
|
|
328
343
|
# @see https://auth0.com/docs/logout
|
|
@@ -344,6 +359,28 @@ module Auth0
|
|
|
344
359
|
)
|
|
345
360
|
end
|
|
346
361
|
|
|
362
|
+
# Make a request to the PAR endpoint and receive a `request_uri` to send to the '/authorize' endpoint.
|
|
363
|
+
# @see https://auth0.com/docs/api/authentication#authorization-code-grant
|
|
364
|
+
# @param redirect_uri [string] URL to redirect after authorization
|
|
365
|
+
# @param options [hash] Can contain response_type, connection, state, organization, invitation, and additional_parameters.
|
|
366
|
+
# @return [url] Authorization URL.
|
|
367
|
+
def pushed_authorization_request(parameters = {})
|
|
368
|
+
request_params = {
|
|
369
|
+
client_id: @client_id,
|
|
370
|
+
response_type: parameters.fetch(:response_type, 'code'),
|
|
371
|
+
connection: parameters.fetch(:connection, nil),
|
|
372
|
+
redirect_uri: parameters.fetch(:redirect_uri, nil),
|
|
373
|
+
state: parameters.fetch(:state, nil),
|
|
374
|
+
scope: parameters.fetch(:scope, nil),
|
|
375
|
+
organization: parameters.fetch(:organization, nil),
|
|
376
|
+
invitation: parameters.fetch(:invitation, nil)
|
|
377
|
+
}.merge(parameters.fetch(:additional_parameters, {}))
|
|
378
|
+
|
|
379
|
+
populate_client_assertion_or_secret(request_params)
|
|
380
|
+
|
|
381
|
+
request_with_retry(:post_form, '/oauth/par', request_params, {})
|
|
382
|
+
end
|
|
383
|
+
|
|
347
384
|
# Return a SAMLP URL.
|
|
348
385
|
# The SAML Request AssertionConsumerServiceURL will be used to POST back
|
|
349
386
|
# the assertion and it must match with the application callback URL.
|
|
@@ -16,7 +16,7 @@ module Auth0
|
|
|
16
16
|
BASE_DELAY = 100
|
|
17
17
|
|
|
18
18
|
# proxying requests from instance methods to HTTP class methods
|
|
19
|
-
%i(get post post_file put patch delete delete_with_body).each do |method|
|
|
19
|
+
%i(get post post_file post_form put patch delete delete_with_body).each do |method|
|
|
20
20
|
define_method(method) do |uri, body = {}, extra_headers = {}|
|
|
21
21
|
body = body.delete_if { |_, v| v.nil? }
|
|
22
22
|
token = get_token()
|
|
@@ -85,9 +85,12 @@ module Auth0
|
|
|
85
85
|
elsif method == :post_file
|
|
86
86
|
body.merge!(multipart: true)
|
|
87
87
|
# Ignore the default Content-Type headers and let the HTTP client define them
|
|
88
|
-
post_file_headers = headers.
|
|
88
|
+
post_file_headers = headers.except('Content-Type') if headers != nil
|
|
89
89
|
# Actual call with the altered headers
|
|
90
90
|
call(:post, encode_uri(uri), timeout, post_file_headers, body)
|
|
91
|
+
elsif method == :post_form
|
|
92
|
+
form_post_headers = headers.except('Content-Type') if headers != nil
|
|
93
|
+
call(:post, encode_uri(uri), timeout, form_post_headers, body.compact)
|
|
91
94
|
else
|
|
92
95
|
call(method, encode_uri(uri), timeout, headers, body.to_json)
|
|
93
96
|
end
|
data/lib/auth0/version.rb
CHANGED
|
@@ -6,6 +6,7 @@ describe Auth0::Api::AuthenticationEndpoints do
|
|
|
6
6
|
let(:client_secret) { 'test-client-secret' }
|
|
7
7
|
let(:api_identifier) { 'test-audience' }
|
|
8
8
|
let(:domain) { 'samples.auth0.com' }
|
|
9
|
+
let(:request_uri) { 'urn:ietf:params:oauth:request_uri:the.request.uri' }
|
|
9
10
|
|
|
10
11
|
let(:client_secret_config) { {
|
|
11
12
|
domain: domain,
|
|
@@ -628,5 +629,94 @@ describe Auth0::Api::AuthenticationEndpoints do
|
|
|
628
629
|
client_assertion_instance.send :start_passwordless_sms_flow, '123456789'
|
|
629
630
|
end
|
|
630
631
|
end
|
|
632
|
+
|
|
633
|
+
context 'par_authorization_url' do
|
|
634
|
+
it 'throws an exception if request_uri is nil' do
|
|
635
|
+
expect { client_secret_instance.send :par_authorization_url, nil}.to raise_error Auth0::InvalidParameter
|
|
636
|
+
end
|
|
637
|
+
|
|
638
|
+
it 'throws an exception if request_uri is empty' do
|
|
639
|
+
expect { client_secret_instance.send :par_authorization_url, ''}.to raise_error Auth0::InvalidParameter
|
|
640
|
+
end
|
|
641
|
+
|
|
642
|
+
it 'builds a URL containing the request_uri' do
|
|
643
|
+
url = client_secret_instance.send :par_authorization_url, request_uri
|
|
644
|
+
expect(CGI.unescape(url.to_s)).to eq("https://samples.auth0.com/authorize?client_id=#{client_id}&request_uri=#{request_uri}")
|
|
645
|
+
end
|
|
646
|
+
end
|
|
647
|
+
|
|
648
|
+
context 'pushed_authorization_request' do
|
|
649
|
+
it 'sends the request as a form post' do
|
|
650
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
651
|
+
expect(arg[:url]).to eq('https://samples.auth0.com/oauth/par')
|
|
652
|
+
expect(arg[:method]).to eq(:post)
|
|
653
|
+
|
|
654
|
+
expect(arg[:payload]).to eq({
|
|
655
|
+
client_id: client_id,
|
|
656
|
+
client_secret: client_secret,
|
|
657
|
+
response_type: 'code',
|
|
658
|
+
})
|
|
659
|
+
|
|
660
|
+
StubResponse.new({}, true, 200)
|
|
661
|
+
end
|
|
662
|
+
|
|
663
|
+
client_secret_instance.send :pushed_authorization_request
|
|
664
|
+
end
|
|
665
|
+
|
|
666
|
+
it 'allows the RestClient to handle the correct header defaults' do
|
|
667
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
668
|
+
expect(arg[:headers]).not_to have_key('Content-Type')
|
|
669
|
+
|
|
670
|
+
StubResponse.new({}, true, 200)
|
|
671
|
+
end
|
|
672
|
+
|
|
673
|
+
client_secret_instance.headers['Content-Type'] = 'application/x-www-form-urlencoded'
|
|
674
|
+
client_secret_instance.send :pushed_authorization_request
|
|
675
|
+
end
|
|
676
|
+
|
|
677
|
+
it 'sends the request as a form post with all known overrides' do
|
|
678
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
679
|
+
expect(arg[:url]).to eq('https://samples.auth0.com/oauth/par')
|
|
680
|
+
expect(arg[:method]).to eq(:post)
|
|
681
|
+
|
|
682
|
+
expect(arg[:payload]).to eq({
|
|
683
|
+
client_id: client_id,
|
|
684
|
+
client_secret: client_secret,
|
|
685
|
+
connection: 'google-oauth2',
|
|
686
|
+
organization: 'org_id',
|
|
687
|
+
invitation: 'http://invite.url',
|
|
688
|
+
redirect_uri: 'http://localhost:3000',
|
|
689
|
+
response_type: 'id_token',
|
|
690
|
+
scope: 'openid',
|
|
691
|
+
state: 'random_value'
|
|
692
|
+
})
|
|
693
|
+
|
|
694
|
+
StubResponse.new({}, true, 200)
|
|
695
|
+
end
|
|
696
|
+
|
|
697
|
+
client_secret_instance.send(:pushed_authorization_request,
|
|
698
|
+
response_type: 'id_token',
|
|
699
|
+
redirect_uri: 'http://localhost:3000',
|
|
700
|
+
organization: 'org_id',
|
|
701
|
+
invitation: 'http://invite.url',
|
|
702
|
+
scope: 'openid',
|
|
703
|
+
state: 'random_value',
|
|
704
|
+
connection: 'google-oauth2')
|
|
705
|
+
end
|
|
706
|
+
|
|
707
|
+
it 'sends the request as a form post using client assertion' do
|
|
708
|
+
expect(RestClient::Request).to receive(:execute) do |arg|
|
|
709
|
+
expect(arg[:url]).to eq('https://samples.auth0.com/oauth/par')
|
|
710
|
+
expect(arg[:method]).to eq(:post)
|
|
711
|
+
expect(arg[:payload][:client_secret]).to be_nil
|
|
712
|
+
expect(arg[:payload][:client_assertion]).not_to be_nil
|
|
713
|
+
expect(arg[:payload][:client_assertion_type]).to eq Auth0::ClientAssertion::CLIENT_ASSERTION_TYPE
|
|
714
|
+
|
|
715
|
+
StubResponse.new({}, true, 200)
|
|
716
|
+
end
|
|
717
|
+
|
|
718
|
+
client_assertion_instance.send :pushed_authorization_request
|
|
719
|
+
end
|
|
720
|
+
end
|
|
631
721
|
end
|
|
632
722
|
end
|
|
@@ -250,25 +250,37 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
250
250
|
end
|
|
251
251
|
end
|
|
252
252
|
|
|
253
|
-
|
|
253
|
+
def expected_payload(method, overrides = {})
|
|
254
|
+
if method == :post_form
|
|
255
|
+
{
|
|
256
|
+
method: :post,
|
|
257
|
+
url: 'https://auth0.com/test',
|
|
258
|
+
timeout: nil,
|
|
259
|
+
headers: nil,
|
|
260
|
+
payload: {}
|
|
261
|
+
}.merge(overrides)
|
|
262
|
+
else
|
|
263
|
+
{
|
|
264
|
+
method: method,
|
|
265
|
+
url: 'https://auth0.com/test',
|
|
266
|
+
timeout: nil,
|
|
267
|
+
headers: nil,
|
|
268
|
+
payload: '{}'
|
|
269
|
+
}.merge(overrides)
|
|
270
|
+
end
|
|
271
|
+
end
|
|
272
|
+
|
|
273
|
+
%i(post post_form put patch).each do |http_method|
|
|
254
274
|
context ".#{http_method}" do
|
|
255
275
|
it { expect(@instance).to respond_to(http_method.to_sym) }
|
|
256
|
-
it "should call send http #{http_method} method to path defined through HTTP"
|
|
257
|
-
expect(RestClient::Request).to receive(:execute).with(
|
|
258
|
-
url: 'https://auth0.com/test',
|
|
259
|
-
timeout: nil,
|
|
260
|
-
headers: nil,
|
|
261
|
-
payload: '{}')
|
|
276
|
+
it "should call send http #{http_method} method to path defined through HTTP"do
|
|
277
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
262
278
|
.and_return(StubResponse.new({}, true, 200))
|
|
263
279
|
expect { @instance.send(http_method, '/test') }.not_to raise_error
|
|
264
280
|
end
|
|
265
281
|
|
|
266
282
|
it 'should not raise exception if data returned not in json format (should be fixed in v2)' do
|
|
267
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
268
|
-
url: 'https://auth0.com/test',
|
|
269
|
-
timeout: nil,
|
|
270
|
-
headers: nil,
|
|
271
|
-
payload: '{}')
|
|
283
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
272
284
|
.and_return(StubResponse.new('Some random text here', true, 200))
|
|
273
285
|
expect { @instance.send(http_method, '/test') }.not_to raise_error
|
|
274
286
|
expect(@instance.send(http_method, '/test')).to eql('Some random text here')
|
|
@@ -277,11 +289,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
277
289
|
it "should raise Auth0::Unauthorized on send http #{http_method} method
|
|
278
290
|
to path defined through HTTP when 401 status received" do
|
|
279
291
|
@exception.response = StubResponse.new({}, false, 401)
|
|
280
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
281
|
-
url: 'https://auth0.com/test',
|
|
282
|
-
timeout: nil,
|
|
283
|
-
headers: nil,
|
|
284
|
-
payload: '{}')
|
|
292
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
285
293
|
.and_raise(@exception)
|
|
286
294
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::Unauthorized)
|
|
287
295
|
end
|
|
@@ -294,11 +302,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
294
302
|
:x_ratelimit_reset => 1560564149
|
|
295
303
|
}
|
|
296
304
|
@exception.response = StubResponse.new({}, false, 429,headers)
|
|
297
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
298
|
-
url: 'https://auth0.com/test',
|
|
299
|
-
timeout: nil,
|
|
300
|
-
headers: nil,
|
|
301
|
-
payload: '{}')
|
|
305
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
302
306
|
.and_raise(@exception)
|
|
303
307
|
expect { @instance.send(http_method, '/test') }.to raise_error { |error|
|
|
304
308
|
expect(error).to be_a(Auth0::RateLimitEncountered)
|
|
@@ -317,11 +321,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
317
321
|
it "should raise Auth0::NotFound on send http #{http_method} method
|
|
318
322
|
to path defined through HTTP when 404 status received" do
|
|
319
323
|
@exception.response = StubResponse.new({}, false, 404)
|
|
320
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
321
|
-
url: 'https://auth0.com/test',
|
|
322
|
-
timeout: nil,
|
|
323
|
-
headers: nil,
|
|
324
|
-
payload: '{}')
|
|
324
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
325
325
|
.and_raise(@exception)
|
|
326
326
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound)
|
|
327
327
|
end
|
|
@@ -329,22 +329,14 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
329
329
|
it "should raise Auth0::Unsupported on send http #{http_method} method
|
|
330
330
|
to path defined through HTTP when 418 or other unknown status received" do
|
|
331
331
|
@exception.response = StubResponse.new({}, false, 418)
|
|
332
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
333
|
-
url: 'https://auth0.com/test',
|
|
334
|
-
timeout: nil,
|
|
335
|
-
headers: nil,
|
|
336
|
-
payload: '{}')
|
|
332
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
337
333
|
.and_raise(@exception)
|
|
338
334
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::Unsupported)
|
|
339
335
|
end
|
|
340
336
|
|
|
341
337
|
it "should raise Auth0::RequestTimeout on send http #{http_method} method
|
|
342
338
|
to path defined through HTTP when RestClient::RequestTimeout received" do
|
|
343
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
344
|
-
url: 'https://auth0.com/test',
|
|
345
|
-
timeout: nil,
|
|
346
|
-
headers: nil,
|
|
347
|
-
payload: '{}')
|
|
339
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
348
340
|
.and_raise(RestClient::Exceptions::OpenTimeout.new)
|
|
349
341
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::RequestTimeout)
|
|
350
342
|
end
|
|
@@ -352,11 +344,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
352
344
|
it "should raise Auth0::BadRequest on send http #{http_method} method
|
|
353
345
|
to path defined through HTTP when 400 status received" do
|
|
354
346
|
@exception.response = StubResponse.new({}, false, 400)
|
|
355
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
356
|
-
url: 'https://auth0.com/test',
|
|
357
|
-
timeout: nil,
|
|
358
|
-
headers: nil,
|
|
359
|
-
payload: '{}')
|
|
347
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
360
348
|
.and_raise(@exception)
|
|
361
349
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::BadRequest)
|
|
362
350
|
end
|
|
@@ -364,20 +352,13 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
364
352
|
it "should raise Auth0::ServerError on send http #{http_method} method
|
|
365
353
|
to path defined through HTTP when 500 received" do
|
|
366
354
|
@exception.response = StubResponse.new({}, false, 500)
|
|
367
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
368
|
-
timeout: nil,
|
|
369
|
-
headers: nil,
|
|
370
|
-
payload: '{}')
|
|
355
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
371
356
|
.and_raise(@exception)
|
|
372
357
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::ServerError)
|
|
373
358
|
end
|
|
374
359
|
|
|
375
360
|
it 'should normalize path with Addressable::URI' do
|
|
376
|
-
expect(RestClient::Request).to receive(:execute).with(
|
|
377
|
-
url: 'https://auth0.com/te%20st',
|
|
378
|
-
timeout: nil,
|
|
379
|
-
headers: nil,
|
|
380
|
-
payload: '{}')
|
|
361
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method, url: 'https://auth0.com/te%20st'))
|
|
381
362
|
.and_return(StubResponse.new({}, true, 200))
|
|
382
363
|
expect { @instance.send(http_method, '/te st') }.not_to raise_error
|
|
383
364
|
end
|
|
@@ -388,11 +369,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
388
369
|
'message' => "Path validation error: 'String does not match pattern ^.+\\|.+$:
|
|
389
370
|
3241312' on property id (The user_id of the user to retrieve).",
|
|
390
371
|
'errorCode' => 'invalid_uri')
|
|
391
|
-
expect(RestClient::Request).to receive(:execute).with(
|
|
392
|
-
url: 'https://auth0.com/test',
|
|
393
|
-
timeout: nil,
|
|
394
|
-
headers: nil,
|
|
395
|
-
payload: '{}')
|
|
372
|
+
expect(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
396
373
|
.and_return(StubResponse.new(res, true, 404))
|
|
397
374
|
expect { @instance.send(http_method, '/test') }.to raise_error(Auth0::NotFound, res)
|
|
398
375
|
end
|
|
@@ -404,11 +381,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
404
381
|
retry_instance.base_uri = "https://auth0.com"
|
|
405
382
|
|
|
406
383
|
@exception.response = StubResponse.new({}, false, 429)
|
|
407
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
408
|
-
url: 'https://auth0.com/test',
|
|
409
|
-
timeout: nil,
|
|
410
|
-
headers: nil,
|
|
411
|
-
payload: '{}')
|
|
384
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
412
385
|
.and_raise(@exception)
|
|
413
386
|
expect(RestClient::Request).to receive(:execute).exactly(4).times
|
|
414
387
|
|
|
@@ -424,11 +397,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
424
397
|
retry_instance.retry_count = 2
|
|
425
398
|
|
|
426
399
|
@exception.response = StubResponse.new({}, false, 429)
|
|
427
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
428
|
-
url: 'https://auth0.com/test',
|
|
429
|
-
timeout: nil,
|
|
430
|
-
headers: nil,
|
|
431
|
-
payload: '{}')
|
|
400
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
432
401
|
.and_raise(@exception)
|
|
433
402
|
expect(RestClient::Request).to receive(:execute).exactly(3).times
|
|
434
403
|
|
|
@@ -445,11 +414,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
445
414
|
|
|
446
415
|
@exception.response = StubResponse.new({}, false, 429)
|
|
447
416
|
|
|
448
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
449
|
-
url: 'https://auth0.com/test',
|
|
450
|
-
timeout: nil,
|
|
451
|
-
headers: nil,
|
|
452
|
-
payload: '{}')
|
|
417
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method))
|
|
453
418
|
.and_raise(@exception)
|
|
454
419
|
|
|
455
420
|
expect(RestClient::Request).to receive(:execute).exactly(1).times
|
|
@@ -467,11 +432,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
467
432
|
@time_start
|
|
468
433
|
|
|
469
434
|
@exception.response = StubResponse.new({}, false, 429)
|
|
470
|
-
allow(RestClient::Request).to receive(:execute).with(
|
|
471
|
-
url: 'https://auth0.com/test',
|
|
472
|
-
timeout: nil,
|
|
473
|
-
headers: nil,
|
|
474
|
-
payload: '{}') do
|
|
435
|
+
allow(RestClient::Request).to receive(:execute).with(expected_payload(http_method)) do
|
|
475
436
|
|
|
476
437
|
time_entries.push(Time.now.to_f - @time_start.to_f)
|
|
477
438
|
@time_start = Time.now.to_f # restart the clock
|
|
@@ -492,6 +453,7 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
492
453
|
end
|
|
493
454
|
end
|
|
494
455
|
end
|
|
456
|
+
end
|
|
495
457
|
|
|
496
458
|
context "Renewing tokens" do
|
|
497
459
|
let(:httpproxy_instance) {
|
|
@@ -546,7 +508,6 @@ describe Auth0::Mixins::HTTPProxy do
|
|
|
546
508
|
end
|
|
547
509
|
end
|
|
548
510
|
end
|
|
549
|
-
end
|
|
550
511
|
|
|
551
512
|
context "Using cached tokens" do
|
|
552
513
|
let(:httpproxy_instance) {
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: auth0
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 5.
|
|
4
|
+
version: 5.13.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Auth0
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2023-
|
|
14
|
+
date: 2023-04-24 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rest-client
|
|
@@ -248,6 +248,7 @@ files:
|
|
|
248
248
|
- ".rspec"
|
|
249
249
|
- ".rubocop.yml"
|
|
250
250
|
- ".rubocop_todo.yml"
|
|
251
|
+
- ".semgrepignore"
|
|
251
252
|
- ".shiprc"
|
|
252
253
|
- CHANGELOG.md
|
|
253
254
|
- CODE_OF_CONDUCT.md
|
|
@@ -614,7 +615,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
614
615
|
- !ruby/object:Gem::Version
|
|
615
616
|
version: '0'
|
|
616
617
|
requirements: []
|
|
617
|
-
rubygems_version: 3.
|
|
618
|
+
rubygems_version: 3.4.10
|
|
618
619
|
signing_key:
|
|
619
620
|
specification_version: 4
|
|
620
621
|
summary: Auth0 API Client
|