auth0 5.7.0 → 5.8.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +13 -0
- data/Gemfile.lock +27 -27
- data/README.md +1 -1
- data/lib/auth0/api/authentication_endpoints.rb +1 -1
- data/lib/auth0/api/v2/device_credentials.rb +8 -3
- data/lib/auth0/mixins/validation.rb +4 -4
- data/lib/auth0/version.rb +1 -1
- data/spec/lib/auth0/api/v2/device_credentials_spec.rb +35 -6
- data/spec/lib/auth0/mixins/validation_spec.rb +16 -2
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a86bd11253ba07c2bf5d7440e773dbffca4e9c36a606722934aa4e3d649a6461
|
4
|
+
data.tar.gz: 752e1e0239f3c0282922b7c93c36d79ad903c0f2c0ba98731b84c43a4ac028a5
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: bc9f15b05b0414d83adfa88ada8e815b9d0b50782fdf68c0d8f8ade75da731ab5e564b5a2af0d122cb026ed7443c68769b76bb70fe57585e8c559356a6bcda6b
|
7
|
+
data.tar.gz: 41893dfa7b2f9223a1e54be8f981512402e51755a0e1ed38f8cd8005f53c6305ac9caf6009b984cbea2c5bff8bc4ffbbc51bb17ce6a399c78016ffc164cc186d
|
data/CHANGELOG.md
CHANGED
@@ -1,5 +1,18 @@
|
|
1
1
|
# Change Log
|
2
2
|
|
3
|
+
## [v5.8.0](https://github.com/auth0/ruby-auth0/tree/v5.8.0) (2022-03-25)
|
4
|
+
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.7.0...v5.8.0)
|
5
|
+
|
6
|
+
**Added**
|
7
|
+
- Add parameters for pager to device_credentials method [\#318](https://github.com/auth0/ruby-auth0/pull/318) ([shibayu36](https://github.com/shibayu36))
|
8
|
+
|
9
|
+
**Fixed**
|
10
|
+
- Cache RS256 JWKS by url to allow for multiple Auth0 tenants per runtime [\#325](https://github.com/auth0/ruby-auth0/pull/325) ([rmm5t](https://github.com/rmm5t))
|
11
|
+
- Allow to pass nil to client_id arg of device_credentials [\#321](https://github.com/auth0/ruby-auth0/pull/321) ([shibayu36](https://github.com/shibayu36))
|
12
|
+
|
13
|
+
**Security**
|
14
|
+
- Bump nokogiri from 1.13.1 to 1.13.3 [\#320](https://github.com/auth0/ruby-auth0/pull/320) ([dependabot[bot]](https://github.com/apps/dependabot))
|
15
|
+
|
3
16
|
## [v5.7.0](https://github.com/auth0/ruby-auth0/tree/v5.7.0) (2022-02-17)
|
4
17
|
[Full Changelog](https://github.com/auth0/ruby-auth0/compare/v5.6.1...v5.7.0)
|
5
18
|
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
auth0 (5.
|
4
|
+
auth0 (5.8.0)
|
5
5
|
addressable (~> 2.8)
|
6
6
|
jwt (~> 2.2)
|
7
7
|
rest-client (~> 2.1)
|
@@ -11,20 +11,20 @@ PATH
|
|
11
11
|
GEM
|
12
12
|
remote: https://rubygems.org/
|
13
13
|
specs:
|
14
|
-
actionpack (7.0.2.
|
15
|
-
actionview (= 7.0.2.
|
16
|
-
activesupport (= 7.0.2.
|
14
|
+
actionpack (7.0.2.3)
|
15
|
+
actionview (= 7.0.2.3)
|
16
|
+
activesupport (= 7.0.2.3)
|
17
17
|
rack (~> 2.0, >= 2.2.0)
|
18
18
|
rack-test (>= 0.6.3)
|
19
19
|
rails-dom-testing (~> 2.0)
|
20
20
|
rails-html-sanitizer (~> 1.0, >= 1.2.0)
|
21
|
-
actionview (7.0.2.
|
22
|
-
activesupport (= 7.0.2.
|
21
|
+
actionview (7.0.2.3)
|
22
|
+
activesupport (= 7.0.2.3)
|
23
23
|
builder (~> 3.1)
|
24
24
|
erubi (~> 1.4)
|
25
25
|
rails-dom-testing (~> 2.0)
|
26
26
|
rails-html-sanitizer (~> 1.1, >= 1.2.0)
|
27
|
-
activesupport (7.0.2.
|
27
|
+
activesupport (7.0.2.3)
|
28
28
|
concurrent-ruby (~> 1.0, >= 1.0.2)
|
29
29
|
i18n (>= 1.6, < 2)
|
30
30
|
minitest (>= 5.1)
|
@@ -36,7 +36,7 @@ GEM
|
|
36
36
|
codecov (0.6.0)
|
37
37
|
simplecov (>= 0.15, < 0.22)
|
38
38
|
coderay (1.1.3)
|
39
|
-
concurrent-ruby (1.1.
|
39
|
+
concurrent-ruby (1.1.10)
|
40
40
|
coveralls (0.7.1)
|
41
41
|
multi_json (~> 1.3)
|
42
42
|
rest-client
|
@@ -55,8 +55,8 @@ GEM
|
|
55
55
|
dotenv (= 2.7.6)
|
56
56
|
railties (>= 3.2)
|
57
57
|
erubi (1.10.0)
|
58
|
-
faker (2.
|
59
|
-
i18n (>= 1.
|
58
|
+
faker (2.20.0)
|
59
|
+
i18n (>= 1.8.11, < 2)
|
60
60
|
ffi (1.15.5)
|
61
61
|
formatador (1.1.0)
|
62
62
|
fuubar (2.5.1)
|
@@ -87,7 +87,7 @@ GEM
|
|
87
87
|
listen (3.7.1)
|
88
88
|
rb-fsevent (~> 0.10, >= 0.10.3)
|
89
89
|
rb-inotify (~> 0.9, >= 0.9.10)
|
90
|
-
loofah (2.
|
90
|
+
loofah (2.15.0)
|
91
91
|
crass (~> 1.0.2)
|
92
92
|
nokogiri (>= 1.5.9)
|
93
93
|
lumberjack (1.2.8)
|
@@ -95,19 +95,19 @@ GEM
|
|
95
95
|
mime-types (3.4.1)
|
96
96
|
mime-types-data (~> 3.2015)
|
97
97
|
mime-types-data (3.2022.0105)
|
98
|
-
mini_portile2 (2.
|
98
|
+
mini_portile2 (2.8.0)
|
99
99
|
minitest (5.15.0)
|
100
100
|
multi_json (1.15.0)
|
101
101
|
nenv (0.3.0)
|
102
102
|
netrc (0.11.0)
|
103
|
-
nokogiri (1.13.
|
104
|
-
mini_portile2 (~> 2.
|
103
|
+
nokogiri (1.13.3)
|
104
|
+
mini_portile2 (~> 2.8.0)
|
105
105
|
racc (~> 1.4)
|
106
106
|
notiffany (0.1.3)
|
107
107
|
nenv (~> 0.1)
|
108
108
|
shellany (~> 0.0)
|
109
|
-
parallel (1.
|
110
|
-
parser (3.1.
|
109
|
+
parallel (1.22.0)
|
110
|
+
parser (3.1.1.0)
|
111
111
|
ast (~> 2.4.1)
|
112
112
|
pry (0.12.2)
|
113
113
|
coderay (~> 1.1.0)
|
@@ -124,9 +124,9 @@ GEM
|
|
124
124
|
nokogiri (>= 1.6)
|
125
125
|
rails-html-sanitizer (1.4.2)
|
126
126
|
loofah (~> 2.3)
|
127
|
-
railties (7.0.2.
|
128
|
-
actionpack (= 7.0.2.
|
129
|
-
activesupport (= 7.0.2.
|
127
|
+
railties (7.0.2.3)
|
128
|
+
actionpack (= 7.0.2.3)
|
129
|
+
activesupport (= 7.0.2.3)
|
130
130
|
method_source
|
131
131
|
rake (>= 12.2)
|
132
132
|
thor (~> 1.0)
|
@@ -157,18 +157,18 @@ GEM
|
|
157
157
|
diff-lcs (>= 1.2.0, < 2.0)
|
158
158
|
rspec-support (~> 3.11.0)
|
159
159
|
rspec-support (3.11.0)
|
160
|
-
rubocop (1.
|
160
|
+
rubocop (1.26.1)
|
161
161
|
parallel (~> 1.10)
|
162
162
|
parser (>= 3.1.0.0)
|
163
163
|
rainbow (>= 2.2.2, < 4.0)
|
164
164
|
regexp_parser (>= 1.8, < 3.0)
|
165
165
|
rexml
|
166
|
-
rubocop-ast (>= 1.
|
166
|
+
rubocop-ast (>= 1.16.0, < 2.0)
|
167
167
|
ruby-progressbar (~> 1.7)
|
168
168
|
unicode-display_width (>= 1.4.0, < 3.0)
|
169
|
-
rubocop-ast (1.
|
170
|
-
parser (>= 3.
|
171
|
-
rubocop-rails (2.
|
169
|
+
rubocop-ast (1.16.0)
|
170
|
+
parser (>= 3.1.1.0)
|
171
|
+
rubocop-rails (2.14.2)
|
172
172
|
activesupport (>= 4.2.0)
|
173
173
|
rack (>= 1.1)
|
174
174
|
rubocop (>= 1.7.0, < 2.0)
|
@@ -185,16 +185,16 @@ GEM
|
|
185
185
|
tins (~> 1.0)
|
186
186
|
terminal-notifier-guard (1.7.0)
|
187
187
|
thor (1.2.1)
|
188
|
-
timecop (0.9.
|
188
|
+
timecop (0.9.5)
|
189
189
|
tins (1.31.0)
|
190
190
|
sync
|
191
191
|
tzinfo (2.0.4)
|
192
192
|
concurrent-ruby (~> 1.0)
|
193
193
|
unf (0.1.4)
|
194
194
|
unf_ext
|
195
|
-
unf_ext (0.0.8)
|
195
|
+
unf_ext (0.0.8.1)
|
196
196
|
unicode-display_width (2.1.0)
|
197
|
-
vcr (6.
|
197
|
+
vcr (6.1.0)
|
198
198
|
webmock (3.14.0)
|
199
199
|
addressable (>= 2.8.0)
|
200
200
|
crack (>= 0.3.2)
|
data/README.md
CHANGED
@@ -152,7 +152,7 @@ module Auth0
|
|
152
152
|
# @param password [string] User's new password. This is only available
|
153
153
|
# on legacy tenants with change password v1 flow enabled
|
154
154
|
# @param connection_name [string] Database connection name
|
155
|
-
# @deprecated Use {#
|
155
|
+
# @deprecated Use {#reset_password} instead.
|
156
156
|
def change_password(email, password, connection_name = UP_AUTH)
|
157
157
|
raise Auth0::InvalidParameter, 'Must supply a valid email' if email.to_s.empty?
|
158
158
|
|
@@ -13,18 +13,23 @@ module Auth0
|
|
13
13
|
# * :include_fields [boolean] True if the fields specified are to be included in the result, false otherwise.
|
14
14
|
# * :user_id [string] The user_id of the devices to retrieve.
|
15
15
|
# * :type [string] Type of credentials to retrieve. Must be 'public_key', 'refresh_token' or 'rotating_refresh_token'
|
16
|
+
# * :page [integer] The page number. Zero based
|
17
|
+
# * :per_page [integer] The amount of entries per page
|
18
|
+
# * :include_totals [boolean] Return results inside an object that contains the total result count (true) or as a direct array of results (false, default).
|
16
19
|
#
|
17
20
|
# @return [json] Returns the list of existing devices for the specified client_id.
|
18
21
|
# rubocop:disable Metrics/AbcSize
|
19
|
-
def device_credentials(client_id, options = {})
|
22
|
+
def device_credentials(client_id = nil, options = {})
|
20
23
|
request_params = {
|
21
24
|
fields: options.fetch(:fields, nil),
|
22
25
|
include_fields: options.fetch(:include_fields, nil),
|
23
26
|
user_id: options.fetch(:user_id, nil),
|
24
27
|
client_id: client_id,
|
25
|
-
type: options.fetch(:type, nil)
|
28
|
+
type: options.fetch(:type, nil),
|
29
|
+
page: options.fetch(:page, nil),
|
30
|
+
per_page: options.fetch(:per_page, nil),
|
31
|
+
include_totals: options.fetch(:include_totals, nil)
|
26
32
|
}
|
27
|
-
raise Auth0::InvalidParameter, 'Must supply a valid client_id' if client_id.to_s.empty?
|
28
33
|
if !request_params[:type].nil? && !%w(public_key refresh_token rotating_refresh_token).include?(request_params[:type])
|
29
34
|
raise Auth0::InvalidParameter, 'Type must be one of \'public_key\', \'refresh_token\', \'rotating_refresh_token\''
|
30
35
|
end
|
@@ -286,7 +286,7 @@ module Auth0
|
|
286
286
|
|
287
287
|
# Clear the JWK set cache.
|
288
288
|
def remove_jwks
|
289
|
-
@@cache.
|
289
|
+
@@cache.remove_by { true }
|
290
290
|
end
|
291
291
|
end
|
292
292
|
|
@@ -311,13 +311,13 @@ module Auth0
|
|
311
311
|
result = fetch_jwks if force
|
312
312
|
|
313
313
|
if result
|
314
|
-
@@cache.put(
|
314
|
+
@@cache.put(@jwks_url, result, lifetime: @lifetime)
|
315
315
|
return result
|
316
316
|
end
|
317
317
|
|
318
|
-
previous_value = @@cache.last(
|
318
|
+
previous_value = @@cache.last(@jwks_url)
|
319
319
|
|
320
|
-
@@cache.get(
|
320
|
+
@@cache.get(@jwks_url, lifetime: @lifetime, dirty: true) do
|
321
321
|
new_value = fetch_jwks
|
322
322
|
|
323
323
|
raise Auth0::InvalidIdToken, 'Could not fetch the JWK set' unless new_value || previous_value
|
data/lib/auth0/version.rb
CHANGED
@@ -1,29 +1,58 @@
|
|
1
1
|
require 'spec_helper'
|
2
2
|
describe Auth0::Api::V2::DeviceCredentials do
|
3
|
-
attr_reader :client_id
|
4
|
-
|
5
3
|
before :all do
|
6
4
|
dummy_instance = DummyClass.new
|
7
5
|
dummy_instance.extend(Auth0::Api::V2::DeviceCredentials)
|
8
6
|
@instance = dummy_instance
|
9
|
-
@client_id = Faker::Lorem.word
|
10
7
|
end
|
11
8
|
context '.device_credentials' do
|
12
9
|
it { expect(@instance).to respond_to(:device_credentials) }
|
13
10
|
it { expect(@instance).to respond_to(:list_device_credentials) }
|
14
|
-
it 'is expected to send get request to /api/v2/device-credentials' do
|
11
|
+
it 'is expected to send get request with no parameters to /api/v2/device-credentials' do
|
12
|
+
expect(@instance).to receive(:get).with(
|
13
|
+
'/api/v2/device-credentials', {
|
14
|
+
fields: nil,
|
15
|
+
include_fields: nil,
|
16
|
+
user_id: nil,
|
17
|
+
client_id: nil,
|
18
|
+
type: nil,
|
19
|
+
page: nil,
|
20
|
+
per_page: nil,
|
21
|
+
include_totals: nil
|
22
|
+
})
|
23
|
+
expect { @instance.device_credentials }.not_to raise_error
|
24
|
+
end
|
25
|
+
it 'is expected to send get request with client_id to /api/v2/device-credentials' do
|
26
|
+
client_id = Faker::Lorem.word
|
15
27
|
expect(@instance).to receive(:get).with(
|
16
28
|
'/api/v2/device-credentials', {
|
17
29
|
fields: nil,
|
18
30
|
include_fields: nil,
|
19
31
|
user_id: nil,
|
20
32
|
client_id: client_id,
|
21
|
-
type: nil
|
33
|
+
type: nil,
|
34
|
+
page: nil,
|
35
|
+
per_page: nil,
|
36
|
+
include_totals: nil
|
22
37
|
})
|
23
38
|
expect { @instance.device_credentials(client_id) }.not_to raise_error
|
24
39
|
end
|
40
|
+
it 'is expected to send get request with options to /api/v2/device-credentials' do
|
41
|
+
expect(@instance).to receive(:get).with(
|
42
|
+
'/api/v2/device-credentials', {
|
43
|
+
fields: 'name',
|
44
|
+
include_fields: true,
|
45
|
+
user_id: '1',
|
46
|
+
client_id: 'client_id',
|
47
|
+
type: 'rotating_refresh_token',
|
48
|
+
page: 1,
|
49
|
+
per_page: 10,
|
50
|
+
include_totals: true
|
51
|
+
})
|
52
|
+
expect { @instance.device_credentials('client_id', fields: 'name', include_fields: true, user_id: '1', type: 'rotating_refresh_token', page: 1, per_page: 10, include_totals: true) }.not_to raise_error
|
53
|
+
end
|
25
54
|
it 'is expect to raise an error when type is not one of \'public_key\', \'refresh_token\', \'rotating_refresh_token\'' do
|
26
|
-
expect { @instance.device_credentials(client_id, type: 'invalid_type') }.to raise_error(
|
55
|
+
expect { @instance.device_credentials('client_id', type: 'invalid_type') }.to raise_error(
|
27
56
|
'Type must be one of \'public_key\', \'refresh_token\', \'rotating_refresh_token\''
|
28
57
|
)
|
29
58
|
end
|
@@ -6,6 +6,7 @@ RSA_PUB_KEY_JWK_2 = { 'kty': "RSA", 'use': 'sig', 'n': "uGbXWiK3dQTyCbX5xdE4yCuY
|
|
6
6
|
JWKS_RESPONSE_1 = { 'keys': [RSA_PUB_KEY_JWK_1] }.freeze
|
7
7
|
JWKS_RESPONSE_2 = { 'keys': [RSA_PUB_KEY_JWK_2] }.freeze
|
8
8
|
JWKS_URL = 'https://tokens-test.auth0.com/.well-known/jwks.json'.freeze
|
9
|
+
JWKS_URL_2 = 'https://tokens-test2.auth0.com/.well-known/jwks.json'.freeze
|
9
10
|
HMAC_SHARED_SECRET = 'secret'.freeze
|
10
11
|
|
11
12
|
LEEWAY = 60
|
@@ -459,6 +460,19 @@ describe Auth0::Algorithm::RS256 do
|
|
459
460
|
expect(a_request(:get, JWKS_URL)).to have_been_made.once
|
460
461
|
end
|
461
462
|
|
463
|
+
it 'is expected to fetch the jwks from multiple urls' do
|
464
|
+
stub_jwks(JWKS_RESPONSE_2, JWKS_URL_2)
|
465
|
+
|
466
|
+
instance1 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
|
467
|
+
instance2 = Auth0::Algorithm::RS256.jwks_url(JWKS_URL_2)
|
468
|
+
instance1.jwks
|
469
|
+
instance2.jwks
|
470
|
+
instance1.jwks
|
471
|
+
|
472
|
+
expect(a_request(:get, JWKS_URL)).to have_been_made.once
|
473
|
+
expect(a_request(:get, JWKS_URL_2)).to have_been_made.once
|
474
|
+
end
|
475
|
+
|
462
476
|
it 'is expected to forcibly fetch the jwks from the url' do
|
463
477
|
instance = Auth0::Algorithm::RS256.jwks_url(JWKS_URL)
|
464
478
|
instance.jwks
|
@@ -493,6 +507,6 @@ describe Auth0::Algorithm::RS256 do
|
|
493
507
|
end
|
494
508
|
# rubocop:enable Metrics/BlockLength
|
495
509
|
|
496
|
-
def stub_jwks(stub = JWKS_RESPONSE_1)
|
497
|
-
stub_request(:get,
|
510
|
+
def stub_jwks(stub = JWKS_RESPONSE_1, url = JWKS_URL)
|
511
|
+
stub_request(:get, url).to_return(body: stub.to_json)
|
498
512
|
end
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: auth0
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 5.
|
4
|
+
version: 5.8.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Auth0
|
@@ -11,7 +11,7 @@ authors:
|
|
11
11
|
autorequire:
|
12
12
|
bindir: bin
|
13
13
|
cert_chain: []
|
14
|
-
date: 2022-
|
14
|
+
date: 2022-03-29 00:00:00.000000000 Z
|
15
15
|
dependencies:
|
16
16
|
- !ruby/object:Gem::Dependency
|
17
17
|
name: rest-client
|