auth0 5.15.0 → 5.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ceba936338486855137ba5c59358f8656aaba565e624865a6d0b5e4092e937e7
-  data.tar.gz: 5d2521a3c29afe50813d3b53b7f56d260f075c88116bcb04f14f8b93e0eeaebe
+  metadata.gz: '0978f1fb53fb4cf3047f12b60ae15d131a47e225f124bb74b26a508ba51c1548'
+  data.tar.gz: 37dedc6fe3b8c9cf4a8fe795d0011a73c66a7c79f4485bb72c4f722772bf2644
 SHA512:
-  metadata.gz: b14982084c5e6a3439a5261b4b2afa8712e0bba674ce0cc8c48f408fef5a16320de484f550b80102fb4f2bb21e6af751214e5682489ea2eeb1b9bc77ebfd0bf9
-  data.tar.gz: 2702811340ebdd8748449bcec4f01e2366b02bd2f00aec66168a9f088af8755259a11f76268a22e7cfbb347ca5c02ebd4d6eb251070ee42fe19545dd6b73bc89
+  metadata.gz: 1f5c2df075fd3dea61c55467c3818561f763d459aaeb66c9147849f46c0ed366777e59982438d9479f197f16770e4615bedb3872326775f0ba3782d312a5ad84
+  data.tar.gz: d65412c6bc0a4a1806eb1ff08b92503ea3c60c3e44e359b4c45cde37c715109ced81bd2aa78f726784fc1c82c45a3482aacaacbdcdf3abf58ecf070b505d3de4

data/.github/workflows/snyk.yml

@@ -11,7 +11,7 @@ on:
     branches:
       - master
   schedule:
-    - cron: '30 0 1,15 * *'
+    - cron: "30 0 1,15 * *"
 
 permissions:
   contents: read
@@ -42,6 +42,8 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha || github.ref }}
 
-      - uses: snyk/actions/php@b98d498629f1c368650224d6d212bf7dfa89e4bf # pin@0.4.0
+      - run: npm install -g snyk
+
+      - run: snyk test
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}

data/.github/workflows/test.yml

@@ -14,7 +14,7 @@ permissions:
   contents: read
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
   cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
 
 env:

data/CHANGELOG.md

@@ -1,5 +1,11 @@
 # Change Log
 
+## [v5.16.0](https://github.com/auth0/ruby-auth0/tree/v5.16.0) (2023-11-13)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.15.0...v5.16.0)
+
+**Added**
+- [SDK-4546] Add orgs in client credentials support [\#540](https://github.com/auth0/ruby-auth0/pull/540) ([adamjmcgrath](https://github.com/adamjmcgrath))
+
 ## [v5.15.0](https://github.com/auth0/ruby-auth0/tree/v5.15.0) (2023-10-30)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.14.2...v5.15.0)
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    auth0 (5.15.0)
+    auth0 (5.16.0)
       addressable (~> 2.8)
       jwt (~> 2.7)
       rest-client (~> 2.1)
@@ -11,22 +11,23 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (7.1.1)
-      actionview (= 7.1.1)
-      activesupport (= 7.1.1)
+    actionpack (7.1.2)
+      actionview (= 7.1.2)
+      activesupport (= 7.1.2)
       nokogiri (>= 1.8.5)
+      racc
       rack (>= 2.2.4)
       rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    actionview (7.1.1)
-      activesupport (= 7.1.1)
+    actionview (7.1.2)
+      activesupport (= 7.1.2)
       builder (~> 3.1)
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    activesupport (7.1.1)
+    activesupport (7.1.2)
       base64
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.0.2)
@@ -39,7 +40,7 @@ GEM
     addressable (2.8.5)
       public_suffix (>= 2.0.2, < 6.0)
     ast (2.4.2)
-    base64 (0.1.1)
+    base64 (0.2.0)
     bigdecimal (3.1.4)
     builder (3.2.4)
     coderay (1.1.3)
@@ -62,7 +63,7 @@ GEM
     dotenv-rails (2.8.1)
       dotenv (= 2.8.1)
       railties (>= 3.2)
-    drb (2.1.1)
+    drb (2.2.0)
       ruby2_keywords
     erubi (1.12.0)
     faker (2.23.0)
@@ -93,7 +94,7 @@ GEM
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
     io-console (0.6.0)
-    irb (1.8.3)
+    irb (1.9.0)
       rdoc
       reline (>= 0.3.8)
     json (2.6.3)
@@ -112,7 +113,7 @@ GEM
     mime-types-data (3.2023.1003)
     minitest (5.20.0)
     multi_json (1.15.0)
-    mutex_m (0.1.2)
+    mutex_m (0.2.0)
     nenv (0.3.0)
     netrc (0.11.0)
     nokogiri (1.15.4-aarch64-linux)
@@ -130,16 +131,16 @@ GEM
     parser (3.2.2.4)
       ast (~> 2.4.1)
       racc
-    pp (0.4.0)
+    pp (0.5.0)
       prettyprint
-    prettyprint (0.1.1)
+    prettyprint (0.2.0)
     pry (0.14.2)
       coderay (~> 1.1)
       method_source (~> 1.0)
     psych (5.1.1.1)
       stringio
     public_suffix (5.0.3)
-    racc (1.7.1)
+    racc (1.7.3)
     rack (3.0.8)
     rack-session (2.0.0)
       rack (>= 3.0.0)
@@ -155,9 +156,9 @@ GEM
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
-    railties (7.1.1)
-      actionpack (= 7.1.1)
-      activesupport (= 7.1.1)
+    railties (7.1.2)
+      actionpack (= 7.1.2)
+      activesupport (= 7.1.2)
       irb
       rackup (>= 1.0.0)
       rake (>= 12.2)
@@ -168,10 +169,10 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    rdoc (6.5.0)
+    rdoc (6.6.0)
       psych (>= 4.0.0)
     regexp_parser (2.8.2)
-    reline (0.3.9)
+    reline (0.4.0)
       io-console (~> 0.5)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
@@ -222,7 +223,7 @@ GEM
       simplecov (~> 0.19)
     simplecov-html (0.12.3)
     simplecov_json_formatter (0.1.4)
-    stringio (3.0.8)
+    stringio (3.0.9)
     sync (0.5.0)
     term-ansicolor (1.7.1)
       tins (~> 1.0)
@@ -235,7 +236,7 @@ GEM
       concurrent-ruby (~> 1.0)
     unf (0.1.4)
       unf_ext
-    unf_ext (0.0.8.2)
+    unf_ext (0.0.9)
     unicode-display_width (2.5.0)
     vcr (6.2.0)
     webmock (3.19.1)

data/lib/auth0/api/authentication_endpoints.rb

@@ -31,7 +31,8 @@ module Auth0
         request_params = {
           grant_type: 'client_credentials',
           client_id: client_id,
-          audience: audience
+          audience: audience,
+          organization: organization
         }
 
         populate_client_assertion_or_secret(request_params, client_id: client_id, client_secret: client_secret)

data/lib/auth0/api/v2/client_grants.rb

@@ -11,13 +11,15 @@ module Auth0
         # @param audience [string] The audience of the client grant to retrieve.
         # @param page [int] Page number to get, 0-based.
         # @param per_page [int] Results per page if also passing a page number.
+        # @param allow_any_organization [bool] Optional filter on allow_any_organization.
         # @return [json] Returns the client grants.
-        def client_grants (client_id: nil, audience: nil, page: nil, per_page: nil)
+        def client_grants (client_id: nil, audience: nil, page: nil, per_page: nil, allow_any_organization: nil)
           request_params = {
             client_id: client_id,
             audience: audience,
             page: page,
-            per_page: per_page
+            per_page: per_page,
+            allow_any_organization: allow_any_organization
           }
           get(client_grants_path, request_params)
         end
@@ -54,6 +56,29 @@ module Auth0
         end
         alias update_client_grant patch_client_grant
 
+
+        # Get the organizations associated to a client grant.
+        # @param id [string] The client_grant_id of the client grant.
+        # @param options [hash] The Hash options used to define the paging of results
+        #   * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
+        #   * :page [integer] The page number. Zero based.
+        #   * :from [string] For checkpoint pagination, the ID from which to start selection from.
+        #   * :take [integer] For checkpoint pagination, the number of entries to retrieve. Default is 50.
+        #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
+        # @return [json] Returns the organizations.
+        def get_client_grants_organizations(client_grant_id, options = {})
+          raise Auth0::InvalidParameter, 'Must specify a client grant id' if client_grant_id.to_s.empty?
+          request_params = {
+            per_page:       options.fetch(:per_page, nil),
+            page:           options.fetch(:page, nil),
+            from:           options.fetch(:from, nil),
+            take:           options.fetch(:take, nil),
+            include_totals: options.fetch(:include_totals, nil)
+          }
+          path = "#{client_grants_path}/#{client_grant_id}/organizations"
+          get(path, request_params)
+        end
+
         private
 
         # Client Grants API path

data/lib/auth0/api/v2/organizations.rb

@@ -330,6 +330,52 @@ module Auth0
         end
         alias remove_organizations_member_roles delete_organizations_member_roles
 
+        # Get client grants associated to an organization
+        # @param organization_id [string] The Organization ID
+        # @param options [hash] The Hash options used to define the paging of results
+        #   * :client_id [string] The client_id of the client grant to retrieve.
+        #   * :audience [string] The audience of the client grant to retrieve.
+        #   * :per_page [integer] The amount of entries per page. Default: 50. Max value: 100.
+        #   * :page [integer] The page number. Zero based.
+        #   * :include_totals [boolean] True to include query summary in the result, false or nil otherwise.
+        def get_organizations_client_grants(organization_id, options= {})
+          raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
+          request_params = {
+            client_id:      options.fetch(:client_id, nil),
+            audience:       options.fetch(:audience, nil),
+            per_page:       options.fetch(:per_page, nil),
+            page:           options.fetch(:page, nil),
+            include_totals: options.fetch(:include_totals, nil)
+          }
+          path = "#{organizations_client_grants_path(organization_id)}"
+          get(path, request_params)
+        end
+
+        # Associate a client grant with an organization
+        # @param organization_id [string] The Organization ID
+        # @param grant_id [string] The Client Grant ID you want to associate to the Organization.
+        def create_organizations_client_grant(organization_id, grant_id)
+          raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
+          raise Auth0::InvalidParameter, 'Must supply a valid grant_id' if grant_id.to_s.empty?
+          
+          body = {}
+          body[:grant_id] = grant_id
+
+          path = "#{organizations_client_grants_path(organization_id)}"
+          post(path, body)
+        end
+
+        # Remove a client grant from an organization
+        # @param organization_id [string] The Organization ID
+        # @param grant_id [string] The Client Grant ID you want to remove from the Organization.
+        def delete_organizations_client_grant(organization_id, grant_id)
+          raise Auth0::MissingOrganizationId, 'Must supply a valid organization_id' if organization_id.to_s.empty?
+          raise Auth0::InvalidParameter, 'Must supply a valid grant_id' if grant_id.to_s.empty?
+
+          path = "#{organizations_path}/#{organization_id}/client-grants/#{grant_id}"
+          delete(path)
+        end
+
         private
         # Organizations API path
         def organizations_path
@@ -351,6 +397,10 @@ module Auth0
         def organizations_invitations_path(org_id)
           "#{organizations_path}/#{org_id}/invitations"
         end
+
+        def organizations_client_grants_path(org_id)
+          "#{organizations_path}/#{org_id}/client-grants"
+        end
       end
     end
   end

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '5.15.0'.freeze
+  VERSION = '5.16.0'.freeze
 end

data/spec/lib/auth0/api/authentication_endpoints_spec.rb

@@ -56,6 +56,7 @@ describe Auth0::Api::AuthenticationEndpoints do
             grant_type: 'client_credentials',
             client_id: client_id,
             audience: api_identifier,
+            organization: nil,
             client_secret: client_secret
           }.to_json
         ))
@@ -74,6 +75,33 @@ describe Auth0::Api::AuthenticationEndpoints do
         expect(result.expires_in).not_to be_nil
       end
 
+      it 'requests a new token using organization' do
+        expect(RestClient::Request).to receive(:execute).with(hash_including(
+          method: :post,
+          url: 'https://samples.auth0.com/oauth/token',
+          payload: {
+            grant_type: 'client_credentials',
+            client_id: client_id,
+            audience: api_identifier,
+            organization: 'foo',
+            client_secret: client_secret
+          }.to_json
+        ))
+        .and_return(StubResponse.new({ 
+          "access_token" => "test_response", 
+          "expires_in" => 86400,
+          "scope" => "scope"}, 
+          true, 
+          200))
+
+        result = client_secret_instance.send :api_token, audience: api_identifier, organization: 'foo'
+        
+        expect(result).to be_a_kind_of(Auth0::ApiToken)
+        expect(result.access_token).not_to be_nil
+        expect(result.scope).not_to be_nil
+        expect(result.expires_in).not_to be_nil
+      end
+
       it 'requests a new token using client_assertion' do
         expect(RestClient::Request).to receive(:execute) do |arg|
           expect(arg).to match(

data/spec/lib/auth0/api/v2/client_grants_spec.rb

@@ -14,6 +14,7 @@ describe Auth0::Api::V2::ClientGrants do
       expect(@instance).to receive(:get).with(
         '/api/v2/client-grants', {
         client_id: nil,
+        allow_any_organization: nil,
         audience: nil,
         page: nil,
         per_page: nil
@@ -27,6 +28,7 @@ describe Auth0::Api::V2::ClientGrants do
       expect(@instance).to receive(:get).with(
         '/api/v2/client-grants', {
         client_id: '1',
+        allow_any_organization: nil,
         audience: audience,
         page: nil,
         per_page: nil
@@ -38,12 +40,25 @@ describe Auth0::Api::V2::ClientGrants do
       expect(@instance).to receive(:get).with(
         '/api/v2/client-grants', {
         client_id: nil,
+        allow_any_organization: nil,
         audience: nil,
         page: 1,
         per_page: 2
       })
       expect { @instance.client_grants(page: 1, per_page: 2) }.not_to raise_error
     end
+
+    it 'is expected to send get /api/v2/client-grants/ with allow_any_organization' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/client-grants', {
+        client_id: nil,
+        allow_any_organization: true,
+        audience: nil,
+        page: nil,
+        per_page: nil
+      })
+      expect { @instance.client_grants(allow_any_organization: true) }.not_to raise_error
+    end
   end
 
   context '.create_client_grant' do
@@ -73,4 +88,19 @@ describe Auth0::Api::V2::ClientGrants do
     it { expect { @instance.patch_client_grant('', nil) }.to raise_error 'Must specify a client grant id' }
     it { expect { @instance.patch_client_grant('some', nil) }.to raise_error 'Must specify a valid body' }
   end
+
+  context '.get_client_grants_organizations' do
+    it { expect(@instance).to respond_to(:get_client_grants_organizations) }
+    it 'is expected to send get to /api/v2/client-grants/organizations' do
+      expect(@instance).to receive(:get).with('/api/v2/client-grants/1/organizations', {
+        per_page: nil,
+        page: nil,
+        from: nil,
+        take: nil,
+        include_totals: nil
+      })
+      expect { @instance.get_client_grants_organizations('1') }.not_to raise_error
+    end
+    it { expect { @instance.get_client_grants_organizations('') }.to raise_error 'Must specify a client grant id' }
+  end
 end

data/spec/lib/auth0/api/v2/organizations_spec.rb

@@ -639,4 +639,70 @@ describe Auth0::Api::V2::Organizations do
       expect { @instance.delete_organizations_member_roles('org_id', 'user_id') }.to raise_error 'Must supply an array of role ids'
     end
   end
+
+  context '.get_organizations_client_grants' do
+    it 'is expected to respond to a get_organizations_client_grants method' do
+      expect(@instance).to respond_to(:get_organizations_client_grants)
+    end
+
+    it 'is expected to get /api/v2/organizations/org_id/client-grants' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/organizations/org_id/client-grants', {
+        per_page: nil,
+        page: nil,
+        client_id: nil,
+        audience: nil,
+        include_totals: nil
+      })
+      expect { @instance.get_organizations_client_grants('org_id') }.not_to raise_error
+    end
+
+    it 'is expected to get /api/v2/organizations/org_id/client-grants with custom parameters' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/organizations/org_id/client-grants', {
+        per_page: 10,
+        page: 1,
+        client_id: 'client_id',
+        audience: 'api',
+        include_totals: true
+      })
+      expect do
+        @instance.get_organizations_client_grants(
+          'org_id',
+          per_page: 10,
+          page: 1,
+          client_id: 'client_id',
+          audience: 'api',
+          include_totals: true
+        )
+      end.not_to raise_error
+    end
+  end
+
+  context '.create_organizations_client_grants' do
+    it 'is expected to respond to a create_organizations_client_grants method' do
+      expect(@instance).to respond_to(:create_organizations_client_grant)
+    end
+
+    it 'is expected to post /api/v2/organizations/org_id/client-grants' do
+      expect(@instance).to receive(:post).with(
+        '/api/v2/organizations/org_id/client-grants', {
+        grant_id: 'grant_id'
+      })
+      expect { @instance.create_organizations_client_grant('org_id', 'grant_id') }.not_to raise_error
+    end
+  end
+
+  context '.delete_organizations_client_grant' do
+    it 'is expected to respond to a delete_organizations_client_grant method' do
+      expect(@instance).to respond_to(:delete_organizations_client_grant)
+    end
+
+    it 'is expected to delete /api/v2/organizations/org_id/client-grants' do
+      expect(@instance).to receive(:delete).with(
+        '/api/v2/organizations/org_id/client-grants/grant_id')
+      expect { @instance.delete_organizations_client_grant('org_id', 'grant_id') }.not_to raise_error
+    end
+  end
+  
 end

data/spec/lib/auth0/mixins/initializer_spec.rb

@@ -64,7 +64,8 @@ describe Auth0::Mixins::Initializer do
           grant_type: 'client_credentials',
           client_id: client_id,
           client_secret: client_secret,
-          audience: api_identifier
+          audience: api_identifier,
+          organization: nil
         }  
 
         expect(RestClient::Request).to receive(:execute) do |arg|

data/spec/lib/auth0/mixins/token_management_spec.rb

@@ -11,7 +11,8 @@ describe Auth0::Mixins::TokenManagement do
     grant_type: 'client_credentials',
     client_id: client_id,
     client_secret: client_secret,
-    audience: api_identifier
+    audience: api_identifier,
+    organization: nil
   } }
 
   let(:params) { { 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auth0
 version: !ruby/object:Gem::Version
-  version: 5.15.0
+  version: 5.16.0
 platform: ruby
 authors:
 - Auth0
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-10-30 00:00:00.000000000 Z
+date: 2023-11-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -203,7 +203,6 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".bundle/config"
-- ".circleci/config.yml"
 - ".devcontainer/Dockerfile"
 - ".devcontainer/devcontainer.json"
 - ".env.example"

data/.circleci/config.yml

@@ -1,60 +0,0 @@
-version: 2.1
-orbs:
-  ship: auth0/ship@0
-  codecov: codecov/codecov@3
-
-matrix_ruby_versions: &matrix_ruby_versions
-  matrix:
-    parameters:
-      ruby_version: ["3.0", "3.1", "3.2"]
-# Default version of ruby to use for lint and publishing
-default_ruby_version: &default_ruby_version "3.2"
-
-executors:
-  ruby-image:
-    parameters:
-      ruby_version:
-        type: string
-        default: *default_ruby_version
-    docker:
-      - image: cimg/ruby:<< parameters.ruby_version >>
-
-jobs:
-  run-tests:
-    parameters:
-      ruby_version:
-        type: string
-        default: *default_ruby_version
-    executor:
-      name: ruby-image
-      ruby_version: << parameters.ruby_version >>
-    steps:
-      - checkout
-      - run: gem install bundler:2.3.22
-      - restore_cache:
-          key: gems-v2-{{ checksum "Gemfile.lock" }}
-      - run: bundle check --path=vendor/bundle || bundle install --path=vendor/bundle
-      - save_cache:
-          key: gems-v2-{{ checksum "Gemfile.lock" }}
-          paths:
-            - vendor/bundle
-      # Must define DOMAIN, CLIENT_ID, CLIENT_SECRET and MASTER_JWT env
-      - run: bundle exec rake test
-      - codecov/upload:
-        file: /home/circleci/project/coverage/coverage.xml
-
-workflows:
-  tests:
-    jobs:
-      - run-tests:
-          <<: *matrix_ruby_versions
-      - ship/ruby-publish:
-          context:
-            - publish-rubygems
-            - publish-gh
-          filters:
-            branches:
-              only:
-                - master
-          requires:
-            - run-tests