auth0 5.17.0 → 5.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 001f09f32948583c13fb7a3bf421d34a469ba5cd4b0b8ce080a5febaf2e8369b
-  data.tar.gz: 671271047cdaa71aa6cbf6595d35623b9cfdc79e59aa2a5f9f6e8af59e1d6e52
+  metadata.gz: 6bc03a5197ed3cf51db9076e4d7429e56a418f94eb440b7f69c1542f1014a7cf
+  data.tar.gz: bb4f921acd2af07f5139b0920064265a539e61862827dac10e5f39988297fbf4
 SHA512:
-  metadata.gz: 5d95a176bd531635ac2502eb147384da9ac0417020dc17e6e0592ba508ece19c70cd1e7037718ffcfdb4b1bcedb3dd6c2866746923328fe5777c075e542aabb0
-  data.tar.gz: 9e693a863adeabb6940f06832ecfd67c30fbcfb6106108f228c3e3959b1bb0892601cca649a5d3a009ec645b24750f5a467a3942be4202c9c30d353102fb4722
+  metadata.gz: '08beebcb81144352182b6af63c5745d55abcf22ef30fee4928141a89c24f61cd5d81414f63f76f6cf6bd9935b5c49d5fe83b92b29298800fefd4a5bd1a2efa87'
+  data.tar.gz: ac02d18db80d57720502db87c88ab4c3f8d07ef00d2f9792e8e41ae383d5d28082523f2d7cd735cfb2b6f7ec94d39ab8a42856b86fae151b838ad0569cc82dcb

data/.github/CODEOWNERS

@@ -1 +1 @@
-*	@auth0/dx-sdks-engineer
+*	@auth0/project-dx-sdks-engineer-codeowner

data/.github/actions/rl-scanner/action.yml

@@ -0,0 +1,71 @@
+name: 'Reversing Labs Scanner'
+description: 'Runs the Reversing Labs scanner on a specified artifact.'
+inputs:
+  artifact-path:
+    description: 'Path to the artifact to be scanned.'
+    required: true
+  version:
+    description: 'Version of the artifact.'
+    required: true
+
+runs:
+  using: 'composite'
+  steps:
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.10'
+
+    - name: Install Python dependencies
+      shell: bash
+      run: |
+        pip install boto3 requests
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v1
+      with:
+        role-to-assume: ${{ env.PRODSEC_TOOLS_ARN }}
+        aws-region: us-east-1
+        mask-aws-account-id: true
+
+    - name: Install RL Wrapper
+      shell: bash
+      run: |
+        pip install rl-wrapper>=1.0.0 --index-url "https://${{ env.PRODSEC_TOOLS_USER }}:${{ env.PRODSEC_TOOLS_TOKEN }}@a0us.jfrog.io/artifactory/api/pypi/python-local/simple"
+
+    - name: Run RL Scanner
+      shell: bash
+      env:
+        RLSECURE_LICENSE: ${{ env.RLSECURE_LICENSE }}
+        RLSECURE_SITE_KEY: ${{ env.RLSECURE_SITE_KEY }}
+        SIGNAL_HANDLER_TOKEN: ${{ env.SIGNAL_HANDLER_TOKEN }}
+        PYTHONUNBUFFERED: 1
+      run: |
+        if [ ! -f "${{ inputs.artifact-path }}" ]; then
+          echo "Artifact not found: ${{ inputs.artifact-path }}"
+          exit 1
+        fi
+
+        rl-wrapper \
+          --artifact "${{ inputs.artifact-path }}" \
+          --name "${{ github.event.repository.name }}" \
+          --version "${{ inputs.version }}" \
+          --repository "${{ github.repository }}" \
+          --commit "${{ github.sha }}" \
+          --build-env "github_actions" \
+          --suppress_output
+
+        # Check the outcome of the scanner
+        if [ $? -ne 0 ]; then
+          echo "RL Scanner failed."
+          echo "scan-status=failed" >> $GITHUB_ENV
+          exit 1
+        else
+          echo "RL Scanner passed."
+          echo "scan-status=success" >> $GITHUB_ENV
+        fi
+
+outputs:
+  scan-status:
+    description: 'The outcome of the scan process.'
+    value: ${{ env.scan-status }}

data/.github/workflows/release.yml

@@ -8,13 +8,27 @@ on:
 
 permissions:
   contents: write
+  id-token: write # This is required for requesting the JWT
 
 ### TODO: Replace instances of './.github/workflow/' w/ `auth0/dx-sdk-actions/` and append `@latest` after the common `dx-sdk-actions` repo is made public.
 ### TODO: Also remove `get-prerelease`, `get-version`, `rubygems-publish`, `release-create`, `tag-create` and `tag-exists` actions from this repo's .github/actions folder and `ruby-release` from `./github/workflows` once the repo is public.
 
 jobs:
+  rl-scanner:
+    uses: ./.github/workflows/rl-scanner.yml
+    with:
+      ruby-version: 3.2
+    secrets:
+      RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
+      RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
+      SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
+      PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
+      PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
+      PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
+
   release:
     uses: ./.github/workflows/ruby-release.yml
+    needs: rl-scanner
     with:
       ruby-version: 3.2
     secrets:

data/.github/workflows/rl-scanner.yml

@@ -0,0 +1,65 @@
+name: RL-Secure Workflow
+
+on:
+  workflow_call:
+    inputs:
+      ruby-version:
+        required: true
+        type: string
+    secrets:
+      RLSECURE_LICENSE:
+        required: true
+      RLSECURE_SITE_KEY:
+        required: true
+      SIGNAL_HANDLER_TOKEN:
+        required: true
+      PRODSEC_TOOLS_USER:
+        required: true
+      PRODSEC_TOOLS_TOKEN:
+        required: true
+      PRODSEC_TOOLS_ARN:
+        required: true
+
+jobs:
+  rl-scanner:
+    if: github.event_name == 'workflow_dispatch' || (github.event_name == 'pull_request' && github.event.pull_request.merged && startsWith(github.event.pull_request.head.ref, 'release/'))
+    runs-on: ubuntu-latest
+    outputs:
+      scan-status: ${{ steps.rl-scan-conclusion.outcome }}
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Configure Ruby
+        uses: ./.github/actions/setup
+        with:
+          ruby-version: ${{ inputs.ruby-version }}
+
+      - name: Build RubyGems
+        shell: bash
+        run: |
+          gem build *.gemspec
+          export GEM_FILE=$(ls *.gem)
+          echo "gem_file=$GEM_FILE" >> $GITHUB_ENV
+
+      - name: Get Artifact Version
+        id: get_version
+        uses: ./.github/actions/get-version
+
+      - name: Run RL Scanner
+        id: rl-scan-conclusion
+        uses: ./.github/actions/rl-scanner
+        with:
+          artifact-path: "$(pwd)/${{ env.gem_file }}"
+          version: "${{ steps.get_version.outputs.version }}"
+        env:
+          RLSECURE_LICENSE: ${{ secrets.RLSECURE_LICENSE }}
+          RLSECURE_SITE_KEY: ${{ secrets.RLSECURE_SITE_KEY }}
+          SIGNAL_HANDLER_TOKEN: ${{ secrets.SIGNAL_HANDLER_TOKEN }}
+          PRODSEC_TOOLS_USER: ${{ secrets.PRODSEC_TOOLS_USER }}
+          PRODSEC_TOOLS_TOKEN: ${{ secrets.PRODSEC_TOOLS_TOKEN }}
+          PRODSEC_TOOLS_ARN: ${{ secrets.PRODSEC_TOOLS_ARN }}
+
+      - name: Output scan result
+        run: echo "scan-status=${{ steps.rl-scan-conclusion.outcome }}" >> $GITHUB_ENV

data/.github/workflows/semgrep.yml

@@ -2,7 +2,7 @@ name: Semgrep
 
 on:
   merge_group:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - synchronize
@@ -20,16 +20,7 @@ concurrency:
   cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
 
 jobs:
-  authorize:
-    name: Authorize
-    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
-    runs-on: ubuntu-latest
-    steps:
-      - run: true
-
   run:
-    needs: authorize # Require approval before running on forked pull requests
-
     name: Check for Vulnerabilities
     runs-on: ubuntu-latest
 

data/.github/workflows/snyk.yml

@@ -3,7 +3,7 @@ name: Snyk
 on:
   merge_group:
   workflow_dispatch:
-  pull_request_target:
+  pull_request:
     types:
       - opened
       - synchronize
@@ -21,16 +21,7 @@ concurrency:
   cancel-in-progress: ${{ github.ref != 'refs/heads/master' }}
 
 jobs:
-  authorize:
-    name: Authorize
-    environment: ${{ github.actor != 'dependabot[bot]' && github.event_name == 'pull_request_target' && github.event.pull_request.head.repo.full_name != github.repository && 'external' || 'internal' }}
-    runs-on: ubuntu-latest
-    steps:
-      - run: true
-
   check:
-    needs: authorize
-
     name: Check for Vulnerabilities
     runs-on: ubuntu-latest
 

data/.version

@@ -1 +1 @@
-v5.17.0
+v5.18.0

data/CHANGELOG.md

@@ -1,5 +1,12 @@
 # Change Log
 
+## [v5.18.0](https://github.com/auth0/ruby-auth0/tree/v5.18.0) (2024-11-25)
+[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.17.0...v5.18.0)
+
+**Added**
+- Add Refresh Token endpoints for the Auth0 Management API #614 [\#623](https://github.com/auth0/ruby-auth0/pull/623) ([arpit-jn](https://github.com/arpit-jn))
+- Add Management API calls for session API endpoints #613 [\#616](https://github.com/auth0/ruby-auth0/pull/616) ([arpit-jn](https://github.com/arpit-jn))
+
 ## [v5.17.0](https://github.com/auth0/ruby-auth0/tree/v5.17.0) (2024-05-24)
 [Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.16.0...v5.17.0)
 

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    auth0 (5.17.0)
+    auth0 (5.18.0)
       addressable (~> 2.8)
       jwt (~> 2.7)
       rest-client (~> 2.1)
@@ -11,40 +11,44 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionpack (7.1.3.3)
-      actionview (= 7.1.3.3)
-      activesupport (= 7.1.3.3)
+    actionpack (8.0.0)
+      actionview (= 8.0.0)
+      activesupport (= 8.0.0)
       nokogiri (>= 1.8.5)
-      racc
       rack (>= 2.2.4)
       rack-session (>= 1.0.1)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    actionview (7.1.3.3)
-      activesupport (= 7.1.3.3)
+      useragent (~> 0.16)
+    actionview (8.0.0)
+      activesupport (= 8.0.0)
       builder (~> 3.1)
       erubi (~> 1.11)
       rails-dom-testing (~> 2.2)
       rails-html-sanitizer (~> 1.6)
-    activesupport (7.1.3.3)
+    activesupport (8.0.0)
       base64
+      benchmark (>= 0.3)
       bigdecimal
-      concurrent-ruby (~> 1.0, >= 1.0.2)
+      concurrent-ruby (~> 1.0, >= 1.3.1)
       connection_pool (>= 2.2.5)
       drb
       i18n (>= 1.6, < 2)
+      logger (>= 1.4.2)
       minitest (>= 5.1)
-      mutex_m
-      tzinfo (~> 2.0)
-    addressable (2.8.6)
-      public_suffix (>= 2.0.2, < 6.0)
+      securerandom (>= 0.3)
+      tzinfo (~> 2.0, >= 2.0.5)
+      uri (>= 0.13.1)
+    addressable (2.8.7)
+      public_suffix (>= 2.0.2, < 7.0)
     ast (2.4.2)
     base64 (0.2.0)
+    benchmark (0.4.0)
     bigdecimal (3.1.8)
-    builder (3.2.4)
+    builder (3.3.0)
     coderay (1.1.3)
-    concurrent-ruby (1.2.3)
+    concurrent-ruby (1.3.4)
     connection_pool (2.4.1)
     coveralls (0.7.1)
       multi_json (~> 1.3)
@@ -57,22 +61,31 @@ GEM
       rexml
     crass (1.0.6)
     diff-lcs (1.5.1)
-    docile (1.4.0)
+    docile (1.4.1)
     domain_name (0.6.20240107)
     dotenv (2.8.1)
     dotenv-rails (2.8.1)
       dotenv (= 2.8.1)
       railties (>= 3.2)
     drb (2.2.1)
-    erubi (1.12.0)
+    erubi (1.13.0)
     faker (2.23.0)
       i18n (>= 1.8.11, < 2)
-    ffi (1.16.3)
+    ffi (1.17.0-aarch64-linux-gnu)
+    ffi (1.17.0-aarch64-linux-musl)
+    ffi (1.17.0-arm-linux-gnu)
+    ffi (1.17.0-arm-linux-musl)
+    ffi (1.17.0-arm64-darwin)
+    ffi (1.17.0-x86-linux-gnu)
+    ffi (1.17.0-x86-linux-musl)
+    ffi (1.17.0-x86_64-darwin)
+    ffi (1.17.0-x86_64-linux-gnu)
+    ffi (1.17.0-x86_64-linux-musl)
     formatador (1.1.0)
     fuubar (2.5.1)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
-    guard (2.18.1)
+    guard (2.19.0)
       formatador (>= 0.2.4)
       listen (>= 2.7, < 4.0)
       lumberjack (>= 1.0.12, < 2.0)
@@ -86,69 +99,73 @@ GEM
       guard (~> 2.1)
       guard-compat (~> 1.1)
       rspec (>= 2.99.0, < 4.0)
-    hashdiff (1.1.0)
+    hashdiff (1.1.2)
     http-accept (1.7.0)
-    http-cookie (1.0.5)
+    http-cookie (1.0.7)
       domain_name (~> 0.5)
-    i18n (1.14.5)
+    i18n (1.14.6)
       concurrent-ruby (~> 1.0)
     io-console (0.7.2)
-    irb (1.13.1)
+    irb (1.14.1)
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
-    json (2.7.2)
-    jwt (2.8.1)
+    json (2.8.2)
+    jwt (2.9.3)
       base64
     language_server-protocol (3.17.0.3)
     listen (3.9.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.22.0)
+    logger (1.6.1)
+    loofah (2.23.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     lumberjack (1.2.10)
     method_source (1.1.0)
-    mime-types (3.5.2)
+    mime-types (3.6.0)
+      logger
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2024.0507)
-    minitest (5.23.1)
+    mime-types-data (3.2024.1105)
+    minitest (5.25.2)
     multi_json (1.15.0)
-    mutex_m (0.2.0)
     nenv (0.3.0)
     netrc (0.11.0)
-    nokogiri (1.16.5-aarch64-linux)
+    nokogiri (1.16.7-aarch64-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.7-arm-linux)
+      racc (~> 1.4)
+    nokogiri (1.16.7-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.5-arm64-darwin)
+    nokogiri (1.16.7-x86-linux)
       racc (~> 1.4)
-    nokogiri (1.16.5-x86_64-darwin)
+    nokogiri (1.16.7-x86_64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.5-x86_64-linux)
+    nokogiri (1.16.7-x86_64-linux)
       racc (~> 1.4)
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    parallel (1.24.0)
-    parser (3.3.1.0)
+    parallel (1.26.3)
+    parser (3.3.6.0)
       ast (~> 2.4.1)
       racc
-    pp (0.5.0)
+    pp (0.6.1)
       prettyprint
     prettyprint (0.2.0)
-    pry (0.14.2)
+    pry (0.15.0)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    psych (5.1.2)
+    psych (5.2.0)
       stringio
-    public_suffix (5.0.5)
-    racc (1.8.0)
-    rack (3.0.11)
+    public_suffix (6.0.1)
+    racc (1.8.1)
+    rack (3.1.8)
     rack-session (2.0.0)
       rack (>= 3.0.0)
     rack-test (2.1.0)
       rack (>= 1.3)
-    rackup (2.1.0)
+    rackup (2.2.1)
       rack (>= 3)
-      webrick (~> 1.8)
     rails-dom-testing (2.2.0)
       activesupport (>= 5.0.0)
       minitest
@@ -156,10 +173,10 @@ GEM
     rails-html-sanitizer (1.6.0)
       loofah (~> 2.21)
       nokogiri (~> 1.14)
-    railties (7.1.3.3)
-      actionpack (= 7.1.3.3)
-      activesupport (= 7.1.3.3)
-      irb
+    railties (8.0.0)
+      actionpack (= 8.0.0)
+      activesupport (= 8.0.0)
+      irb (~> 1.13)
       rackup (>= 1.0.0)
       rake (>= 12.2)
       thor (~> 1.0, >= 1.2.2)
@@ -169,10 +186,10 @@ GEM
     rb-fsevent (0.11.2)
     rb-inotify (0.11.1)
       ffi (~> 1.0)
-    rdoc (6.7.0)
+    rdoc (6.8.1)
       psych (>= 4.0.0)
     regexp_parser (2.9.2)
-    reline (0.5.7)
+    reline (0.5.11)
       io-console (~> 0.5)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
@@ -180,40 +197,39 @@ GEM
       mime-types (>= 1.16, < 4.0)
       netrc (~> 0.8)
     retryable (3.0.5)
-    rexml (3.2.8)
-      strscan (>= 3.0.9)
+    rexml (3.3.9)
     rspec (3.13.0)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
       rspec-mocks (~> 3.13.0)
-    rspec-core (3.13.0)
+    rspec-core (3.13.2)
       rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.0)
+    rspec-expectations (3.13.3)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.1)
+    rspec-mocks (3.13.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
     rspec-support (3.13.1)
-    rubocop (1.64.0)
+    rubocop (1.68.0)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.31.1, < 2.0)
+      regexp_parser (>= 2.4, < 3.0)
+      rubocop-ast (>= 1.32.2, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.31.3)
+    rubocop-ast (1.36.1)
       parser (>= 3.3.1.0)
-    rubocop-rails (2.25.0)
+    rubocop-rails (2.27.0)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
-      rubocop (>= 1.33.0, < 2.0)
+      rubocop (>= 1.52.0, < 2.0)
       rubocop-ast (>= 1.31.1, < 2.0)
     ruby-progressbar (1.13.0)
+    securerandom (0.3.2)
     shellany (0.0.1)
     simplecov (0.22.0)
       docile (~> 1.1)
@@ -222,37 +238,47 @@ GEM
     simplecov-cobertura (2.1.0)
       rexml
       simplecov (~> 0.19)
-    simplecov-html (0.12.3)
+    simplecov-html (0.13.1)
     simplecov_json_formatter (0.1.4)
-    stringio (3.1.0)
-    strscan (3.1.0)
+    stringio (3.1.2)
     sync (0.5.0)
-    term-ansicolor (1.8.0)
+    term-ansicolor (1.11.2)
       tins (~> 1.0)
     terminal-notifier-guard (1.7.0)
-    thor (1.3.1)
-    timecop (0.9.8)
-    tins (1.33.0)
+    thor (1.3.2)
+    timecop (0.9.10)
+    tins (1.37.0)
       bigdecimal
       sync
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.5.0)
-    vcr (6.2.0)
-    webmock (3.23.1)
+    unicode-display_width (2.6.0)
+    uri (1.0.2)
+    useragent (0.16.10)
+    vcr (6.3.1)
+      base64
+    webmock (3.24.0)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    webrick (1.8.1)
-    zache (0.13.1)
-    zeitwerk (2.6.14)
+    zache (0.13.2)
+    zeitwerk (2.7.1)
 
 PLATFORMS
   aarch64-linux
-  arm64-darwin-21
-  arm64-darwin-22
-  x86_64-darwin-21
+  aarch64-linux-gnu
+  aarch64-linux-musl
+  arm-linux
+  arm-linux-gnu
+  arm-linux-musl
+  arm64-darwin
+  x86-linux
+  x86-linux-gnu
+  x86-linux-musl
+  x86_64-darwin
   x86_64-linux
+  x86_64-linux-gnu
+  x86_64-linux-musl
 
 DEPENDENCIES
   auth0!
@@ -276,4 +302,4 @@ DEPENDENCIES
   webmock
 
 BUNDLED WITH
-   2.3.7
+   2.5.23

data/examples/ruby-api/Gemfile.lock

@@ -5,10 +5,10 @@ GEM
     jwt (2.5.0)
     mustermann (2.0.2)
       ruby2_keywords (~> 0.0.1)
-    nio4r (2.7.0)
-    puma (5.6.8)
+    nio4r (2.7.3)
+    puma (5.6.9)
       nio4r (~> 2.0)
-    rack (2.2.6.4)
+    rack (2.2.9)
     rack-protection (2.2.3)
       rack
     ruby2_keywords (0.0.5)

data/lib/auth0/api/v2/refresh_tokens.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Auth0
+  module Api
+    module V2
+      # Methods to use the Refresh Token endpoints
+      module RefreshTokens
+        # Retrieve refresh token information.
+        # @see https://auth0.com/docs/api/management/v2/refresh-tokens/get-refresh-token
+        # @param id [string] The id of the refresh token to retrieve
+        def refresh_token(id)
+          raise Auth0::InvalidParameter, 'Must supply a valid id' if id.to_s.empty?
+
+          get "#{resource_path}/#{id}"
+        end
+
+        # Delete a refresh token by its ID.
+        # @see https://auth0.com/docs/api/management/v2/refresh-tokens/delete-refresh-token
+        # @param id [string] The id of the refresh token to delete
+        def delete_refresh_token(id)
+          raise Auth0::InvalidParameter, 'Must supply a valid id' if id.to_s.empty?
+
+          delete "#{resource_path}/#{id}"
+        end
+
+        private
+
+        def resource_path
+          @resource_path ||= '/api/v2/refresh-tokens'
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/sessions.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module Auth0
+  module Api
+    module V2
+      # Methods to use the Session endpoints
+      module Sessions
+        # Retrieve session information by id
+        # @see https://auth0.com/docs/api/management/v2/sessions/get-session
+        # @param id [string] The id of the session to retrieve.
+        def session(session_id)
+          raise Auth0::InvalidParameter, 'Must supply a valid session_id' if session_id.to_s.empty?
+
+          get "#{sessions_path}/#{session_id}"
+        end
+
+        # Deletes a session by id
+        # @see https://auth0.com/docs/api/management/v2/sessions/delete-session
+        # @param id [string] The id of the session to delete.
+        def delete_session(session_id)
+          raise Auth0::InvalidParameter, 'Must supply a valid session_id' if session_id.to_s.empty?
+
+          delete "#{sessions_path}/#{session_id}"
+        end
+
+        # Revokes a session by ID and all associated refresh tokens
+        # @see https://auth0.com/docs/api/management/v2/sessions/revoke-session
+        # @param id [string] The ID of the session to revoke
+        def revoke_session(session_id)
+          raise Auth0::InvalidParameter, 'Must supply a valid session_id' if session_id.to_s.empty?
+
+          post "#{sessions_path}/#{session_id}/revoke"
+        end
+
+        private
+
+        def sessions_path
+          @sessions_path ||= '/api/v2/sessions'
+        end
+      end
+    end
+  end
+end

data/lib/auth0/api/v2/users.rb

@@ -465,13 +465,45 @@ module Auth0
           get "#{users_path}/#{user_id}/sessions"
         end
 
+        # Retrieve details for a user's refresh tokens.
+        # @see https://auth0.com/docs/api/management/v2/users/get-refresh-tokens-for-user
+        #
+        # @param use_id [String] The user ID
+        # @param options [hash] A hash of options for getting permissions
+        #   * :take [Integer] Number of results per page. Defaults to 50.
+        #   * :from [String] Optional token ID from which to start selection (exclusive).
+        #   * :include_totals [boolean] Return results inside an object that contains the total result count (true)
+        #     or as a direct array of results (false, default)
+        #
+        # @return [json] Returns refresh tokens for the given user_id.
+        def user_refresh_tokens(user_id, options = {})
+          raise Auth0::MissingUserId, 'Must supply a valid user_id' if user_id.to_s.empty?
+
+          request_params = {
+            take: options.fetch(:take, nil),
+            from: options.fetch(:from, nil),
+            include_totals: options.fetch(:include_totals, nil)
+          }
+
+          get "#{users_path}/#{user_id}/refresh-tokens", request_params
+        end
+
+        # Delete all refresh tokens for a user.
+        #
+        # @param user_id [String] ID of the user to get remove refresh tokens for
+        # @see https://auth0.com/docs/api/management/v2/users/delete-refresh-tokens-for-user
+        def delete_user_refresh_tokens(user_id)
+          raise Auth0::MissingUserId, 'Must supply a valid user_id' if user_id.to_s.empty?
+
+          delete "#{users_path}/#{user_id}/refresh-tokens"
+        end
+
         private
 
         # Users API path
         def users_path
           @users_path ||= '/api/v2/users'
         end
-
       end
     end
   end

data/lib/auth0/api/v2.rb

@@ -11,6 +11,7 @@ require 'auth0/api/v2/emails'
 require 'auth0/api/v2/jobs'
 require 'auth0/api/v2/prompts'
 require 'auth0/api/v2/organizations'
+require 'auth0/api/v2/refresh_tokens'
 require 'auth0/api/v2/rules'
 require 'auth0/api/v2/roles'
 require 'auth0/api/v2/stats'
@@ -24,6 +25,7 @@ require 'auth0/api/v2/log_streams'
 require 'auth0/api/v2/resource_servers'
 require 'auth0/api/v2/guardian'
 require 'auth0/api/v2/attack_protection'
+require 'auth0/api/v2/sessions'
 
 module Auth0
   module Api
@@ -45,6 +47,7 @@ module Auth0
       include Auth0::Api::V2::LogStreams
       include Auth0::Api::V2::Prompts
       include Auth0::Api::V2::Organizations
+      include Auth0::Api::V2::RefreshTokens
       include Auth0::Api::V2::Rules
       include Auth0::Api::V2::Roles
       include Auth0::Api::V2::Stats
@@ -55,6 +58,7 @@ module Auth0
       include Auth0::Api::V2::Tenants
       include Auth0::Api::V2::Tickets
       include Auth0::Api::V2::AttackProtection
+      include Auth0::Api::V2::Sessions
     end
   end
 end

data/lib/auth0/version.rb

@@ -1,4 +1,4 @@
 # current version of gem
 module Auth0
-  VERSION = '5.17.0'.freeze
+  VERSION = '5.18.0'.freeze
 end

data/spec/lib/auth0/api/v2/refresh_tokens_spec.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Auth0::Api::V2::RefreshTokens do
+  before :all do
+    dummy_instance = DummyClass.new
+    dummy_instance.extend(Auth0::Api::V2::RefreshTokens)
+    @instance = dummy_instance
+  end
+
+  describe '.refresh_token' do
+    it 'is expected to respond to a refresh_token method' do
+      expect(@instance).to respond_to(:refresh_token)
+    end
+
+    it 'is expected to GET a refresh_token' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/refresh-tokens/REFRESH_TOKEN_ID'
+      )
+
+      expect do
+        @instance.refresh_token('REFRESH_TOKEN_ID')
+      end.not_to raise_error
+    end
+
+    it 'is expected to raise an exception when the id is empty' do
+      expect { @instance.refresh_token(nil) }.to raise_error('Must supply a valid id')
+    end
+  end
+
+  describe '.delete_refresh_token' do
+    it 'is expected to respond to a delete_refresh_token method' do
+      expect(@instance).to respond_to(:delete_refresh_token)
+    end
+
+    it 'is expected to DELETE a refresh_token' do
+      expect(@instance).to receive(:delete).with(
+        '/api/v2/refresh-tokens/REFRESH_TOKEN_ID'
+      )
+
+      expect do
+        @instance.delete_refresh_token('REFRESH_TOKEN_ID')
+      end.not_to raise_error
+    end
+
+    it 'is expected to raise an exception when the id is empty' do
+      expect { @instance.delete_refresh_token(nil) }.to raise_error('Must supply a valid id')
+    end
+  end
+end

data/spec/lib/auth0/api/v2/sessions_spec.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe Auth0::Api::V2::Sessions do
+  before :all do
+    dummy_instance = DummyClass.new
+    dummy_instance.extend(Auth0::Api::V2::Sessions)
+    @instance = dummy_instance
+  end
+
+  context '.session' do
+    it 'is expected to respond to a session method' do
+      expect(@instance).to respond_to(:session)
+    end
+
+    it 'is expected to GET a session' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/sessions/SESSION_ID'
+      )
+
+      expect do
+        @instance.session('SESSION_ID')
+      end.not_to raise_error
+    end
+
+    it 'is expected to raise an exception when the session ID is empty' do
+      expect { @instance.session(nil) }.to raise_error('Must supply a valid session_id')
+    end
+  end
+
+  context '.delete_session' do
+    it 'is expected to respond to a delete_session method' do
+      expect(@instance).to respond_to(:delete_session)
+    end
+
+    it 'is expected to DELETE a session' do
+      expect(@instance).to receive(:delete).with(
+        '/api/v2/sessions/SESSION_ID'
+      )
+
+      expect do
+        @instance.delete_session('SESSION_ID')
+      end.not_to raise_error
+    end
+
+    it 'is expected to raise an exception when the session ID is empty' do
+      expect { @instance.delete_session(nil) }.to raise_error('Must supply a valid session_id')
+    end
+  end
+
+  context '.revoke_session' do
+    it 'is expected to respond to a revoke_session method' do
+      expect(@instance).to respond_to(:revoke_session)
+    end
+
+    it 'is expected to POST to /api/v2/sessions/{id}/revoke' do
+      expect(@instance).to receive(:post).with(
+        '/api/v2/sessions/SESSION_ID/revoke'
+      )
+
+      expect do
+        @instance.revoke_session('SESSION_ID')
+      end.not_to raise_error
+    end
+
+    it 'is expected to raise an exception when the session ID is empty' do
+      expect { @instance.revoke_session(nil) }.to raise_error('Must supply a valid session_id')
+    end
+  end
+end

data/spec/lib/auth0/api/v2/users_spec.rb

@@ -843,7 +843,62 @@ describe Auth0::Api::V2::Users do
       expect do
         @instance.user_sessions('USER_ID')
       end.not_to raise_error
+    end
+  end
 
+  context '.user_refresh_tokens' do
+    it 'is expected to respond to a user_refresh_tokens method' do
+      expect(@instance).to respond_to(:user_refresh_tokens)
+    end
+
+    it 'is expected to raise an exception when the user ID is empty' do
+      expect { @instance.user_refresh_tokens(nil) }.to raise_exception(Auth0::MissingUserId)
+    end
+
+    it 'is expected to get user refresh tokens' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/users/USER_ID/refresh-tokens', {
+          from: nil,
+          take: nil,
+          include_totals: nil
+        }
+      )
+      expect do
+        @instance.user_refresh_tokens('USER_ID')
+      end.not_to raise_error
+    end
+
+    it 'is expected to get user refresh tokens with custom parameters' do
+      expect(@instance).to receive(:get).with(
+        '/api/v2/users/USER_ID/refresh-tokens', {
+          from: 'TOKEN_ID',
+          take: 10,
+          include_totals: true
+        }
+      )
+      expect do
+        @instance.user_refresh_tokens('USER_ID', from: 'TOKEN_ID', take: 10, include_totals: true)
+      end.not_to raise_error
+    end
+  end
+
+  context '.delete_user_refresh_tokens' do
+    it 'is expected to respond to delete_user_refresh_tokens' do
+      expect(@instance).to respond_to(:delete_user_refresh_tokens)
+    end
+
+    it 'is expected to raise an exception for a missing user ID' do
+      expect { @instance.delete_user_refresh_tokens(nil) }.to raise_exception(Auth0::MissingUserId)
+    end
+
+    it 'is expected to call the endpoint' do
+      expect(@instance).to receive(:delete).with(
+        '/api/v2/users/USER_ID/refresh-tokens'
+      )
+
+      expect do
+        @instance.delete_user_refresh_tokens 'USER_ID'
+      end.to_not raise_error
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,4 +1,3 @@
-require 'rack/test'
 require 'faker'
 require 'json'
 require 'auth0'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: auth0
 version: !ruby/object:Gem::Version
-  version: 5.17.0
+  version: 5.18.0
 platform: ruby
 authors:
 - Auth0
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-05-28 00:00:00.000000000 Z
+date: 2024-12-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -215,6 +215,7 @@ files:
 - ".github/actions/get-release-notes/action.yml"
 - ".github/actions/get-version/action.yml"
 - ".github/actions/release-create/action.yml"
+- ".github/actions/rl-scanner/action.yml"
 - ".github/actions/rubygems-publish/action.yml"
 - ".github/actions/setup/action.yml"
 - ".github/actions/tag-exists/action.yml"
@@ -223,6 +224,7 @@ files:
 - ".github/workflows/codeql.yml"
 - ".github/workflows/matrix.json"
 - ".github/workflows/release.yml"
+- ".github/workflows/rl-scanner.yml"
 - ".github/workflows/ruby-release.yml"
 - ".github/workflows/semgrep.yml"
 - ".github/workflows/snyk.yml"
@@ -339,9 +341,11 @@ files:
 - lib/auth0/api/v2/logs.rb
 - lib/auth0/api/v2/organizations.rb
 - lib/auth0/api/v2/prompts.rb
+- lib/auth0/api/v2/refresh_tokens.rb
 - lib/auth0/api/v2/resource_servers.rb
 - lib/auth0/api/v2/roles.rb
 - lib/auth0/api/v2/rules.rb
+- lib/auth0/api/v2/sessions.rb
 - lib/auth0/api/v2/stats.rb
 - lib/auth0/api/v2/tenants.rb
 - lib/auth0/api/v2/tickets.rb
@@ -559,9 +563,11 @@ files:
 - spec/lib/auth0/api/v2/logs_spec.rb
 - spec/lib/auth0/api/v2/organizations_spec.rb
 - spec/lib/auth0/api/v2/prompts_spec.rb
+- spec/lib/auth0/api/v2/refresh_tokens_spec.rb
 - spec/lib/auth0/api/v2/resource_servers_spec.rb
 - spec/lib/auth0/api/v2/roles_spec.rb
 - spec/lib/auth0/api/v2/rules_spec.rb
+- spec/lib/auth0/api/v2/sessions_spec.rb
 - spec/lib/auth0/api/v2/stats_spec.rb
 - spec/lib/auth0/api/v2/tenants_spec.rb
 - spec/lib/auth0/api/v2/tickets_spec.rb