descope 1.0.4 → 1.0.5

data/spec/lib.descope/api/v1/auth_spec.rb

@@ -180,7 +180,9 @@ describe Descope::Api::V1::Auth do
       token = JWT.encode(default_payload.merge(payload), rsa_private, ALGORITHM)
 
       expect do
-        sleep(20)
+        exp_in_seconds = 20
+        puts "Sleeping for #{exp_in_seconds} seconds to test token expiration. Please wait..."
+        sleep(exp_in_seconds)
         @instance.send(:validate_token, token)
       end.to raise_error(
         Descope::AuthException, /Signature has expired/
@@ -369,4 +371,51 @@ describe Descope::Api::V1::Auth do
       expect(@instance.validate_tenant_roles(jwt_response: { 'tenants' => { 't1' => { 'roles' => 'Role 1' } } }, tenant: 't2', roles: [])).to be false
     end
   end
+
+  context '.exchange_access_key' do
+    it 'is expected to respond to exchange access key' do
+      expect(@instance).to respond_to(:exchange_access_key)
+    end
+
+    it 'is expected to fail when access key is nil' do
+      expect { @instance.exchange_access_key(access_key: nil) }.to raise_error(Descope::AuthException)
+    end
+
+    it 'is expected to fail when access key is empty' do
+      expect { @instance.exchange_access_key(access_key: '') }.to raise_error(Descope::AuthException)
+    end
+
+    it 'is expected to fail when access key is not a string' do
+      expect { @instance.exchange_access_key(access_key: 123) }.to raise_error(Descope::AuthException)
+    end
+
+    it 'is expected to successfully exchange access key without login_options' do
+      jwt_response = { 'fake': 'response' }
+      access_key = 'abc'
+
+      expect(@instance).to receive(:post).with(
+        EXCHANGE_AUTH_ACCESS_KEY_PATH, { loginOptions: {}, audience: 'IT' }, {}, access_key
+      ).and_return(jwt_response)
+
+      allow(@instance).to receive(:generate_jwt_response).and_return(jwt_response)
+
+      expect { @instance.exchange_access_key(access_key:, audience: 'IT') }.not_to raise_error
+    end
+
+    it 'is expected to successfully exchange access key with login_options' do
+      jwt_response = { 'fake': 'response' }
+      access_key = 'abc'
+
+      expect(@instance).to receive(:post).with(
+        EXCHANGE_AUTH_ACCESS_KEY_PATH,
+        { loginOptions: { customClaims: { k1: 'v1' } }, audience: 'IT' },
+        {},
+        access_key
+      ).and_return(jwt_response)
+
+      allow(@instance).to receive(:generate_jwt_response).and_return(jwt_response)
+
+      expect { @instance.exchange_access_key(access_key:, login_options: { customClaims: { k1: 'v1' } }, audience: 'IT') }.not_to raise_error
+    end
+  end
 end

data/spec/lib.descope/api/v1/management/access_key_spec.rb

@@ -22,7 +22,8 @@ describe Descope::Api::V1::Management::AccessKey do
           roleNames: ['test'],
           keyTenants: [
             { tenantId: 'test', roleNames: %w[test test2] }
-          ]
+          ],
+          customClaims: {'k1': 'v1'}
         }
       )
       expect do
@@ -32,7 +33,8 @@ describe Descope::Api::V1::Management::AccessKey do
           role_names: ['test'],
           key_tenants: [
             { tenant_id: 'test', role_names: %w[test test2] }
-          ]
+          ],
+          custom_claims: {'k1': 'v1'}
         )
       end.not_to raise_error
     end

data/spec/lib.descope/api/v1/management/role_spec.rb

@@ -19,14 +19,16 @@ describe Descope::Api::V1::Management::Role do
         ROLE_CREATE_PATH, {
           name: 'test',
           description: 'test',
-          permissionNames: ['test']
+          permissionNames: ['test'],
+          tenantId: 'test'
         }
       )
       expect do
         @instance.create_role(
           name: 'test',
           description: 'test',
-          permission_names: ['test']
+          permission_names: ['test'],
+          tenant_id: 'test'
         )
       end.not_to raise_error
     end
@@ -43,7 +45,8 @@ describe Descope::Api::V1::Management::Role do
           name: 'test',
           newName: 'production',
           description: 'test',
-          permissionNames: ['test']
+          permissionNames: ['test'],
+          tenantId: 'test'
         }
       )
       expect do
@@ -51,7 +54,8 @@ describe Descope::Api::V1::Management::Role do
           name: 'test',
           new_name: 'production',
           description: 'test',
-          permission_names: ['test']
+          permission_names: ['test'],
+          tenant_id: 'test'
         )
       end.not_to raise_error
     end
@@ -64,10 +68,10 @@ describe Descope::Api::V1::Management::Role do
 
     it 'is expected to delete a role' do
       expect(@instance).to receive(:post).with(
-        ROLE_DELETE_PATH, { name: 'test' }
+        ROLE_DELETE_PATH, { name: 'test', tenantId: 'test' }
       )
       expect do
-        @instance.delete_role('test')
+        @instance.delete_role(name: 'test', tenant_id: 'test')
       end.not_to raise_error
     end
   end
@@ -82,4 +86,29 @@ describe Descope::Api::V1::Management::Role do
       expect { @instance.load_all_roles }.not_to raise_error
     end
   end
+
+  context '.search_roles' do
+    it 'should respond to .search_roles' do
+      expect(@instance).to respond_to :search_roles
+    end
+
+    it 'is expected to search roles' do
+      expect(@instance).to receive(:post).with(
+        ROLE_SEARCH_PATH, {
+          roleNames: %w[tester test2],
+          tenantIds: %w[t1 t2],
+          roleNameLike: 'test',
+          permissionNames: %w[perm1 perm2]
+        }
+      )
+      expect do
+        @instance.search_roles(
+          role_names: %w[tester test2],
+          tenant_ids: %w[t1 t2],
+          role_name_like: 'test',
+          permission_names: %w[perm1 perm2]
+        )
+      end.not_to raise_error
+    end
+  end
 end

data/spec/lib.descope/api/v1/management/user_spec.rb

@@ -548,6 +548,46 @@ describe Descope::Api::V1::Management::User do
     end
   end
 
+  context '.set_temporary_password' do
+    it 'is expected to respond to a set_temporary_password method' do
+      expect(@instance).to respond_to(:set_temporary_password)
+
+      expect(@instance).to receive(:post).with(
+        USER_SET_TEMPORARY_PASSWORD_PATH, {
+          loginId: 'someone@example.com',
+          password: 's3cr3t'
+        }
+      )
+
+      expect do
+        @instance.set_temporary_password(
+          login_id: 'someone@example.com',
+          password: 's3cr3t'
+        )
+      end.not_to raise_error
+    end
+  end
+
+  context '.set_active_password' do
+    it 'is expected to respond to a set_active_password method' do
+      expect(@instance).to respond_to(:set_active_password)
+
+      expect(@instance).to receive(:post).with(
+        USER_SET_ACTIVE_PASSWORD_PATH, {
+          loginId: 'someone@example.com',
+          password: 's3cr3t'
+        }
+      )
+
+      expect do
+        @instance.set_active_password(
+          login_id: 'someone@example.com',
+          password: 's3cr3t'
+        )
+      end.not_to raise_error
+    end
+  end
+
   context '.set_password' do
     it 'is expected to respond to a set_password method' do
       expect(@instance).to respond_to(:set_password)

data/spec/spec_helper.rb

@@ -7,41 +7,27 @@ require 'base64'
 require 'descope'
 require 'super_diff/rspec'
 require 'factory_bot'
-
-if RUBY_VERSION >= '2.7.2'
-  # NOTE: https://bugs.ruby-lang.org/issues/17000
-  Warning[:deprecated] = true
-end
-
 require 'simplecov'
 require 'simplecov-html'
-
-SimpleCov.start
-SimpleCov.formatter = SimpleCov::Formatter::HTMLFormatter
-
-if ENV['CI'] == 'true'
-  require 'simplecov-cobertura'
-  SimpleCov.formatter = SimpleCov::Formatter::CoberturaFormatter
-end
-
-require 'webmock/rspec'
-WebMock.allow_net_connect!
+require 'rspec'
 
 $LOAD_PATH.unshift File.expand_path('..', __FILE__)
 $LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
 
-Dir['./lib/*.rb'].each { |f| require f }
-Dir['./lib/api/**/*.rb'].each { |f| require f }
-Dir['./spec/support/**/*.rb'].each { |f| require f }
-Dir['./spec/support/*.rb'].each { |f| require f }
-
 include Descope::Api::V1::Management::Common
 include Descope::Mixins::Common
 include Descope::Mixins::Common::EndpointsV1
 include Descope::Mixins::Common::EndpointsV2
 include Descope::Api::V1::Auth
 
-require 'rspec'
+Dir['./lib/*.rb'].each { |f| require f }
+Dir['./lib/api/**/*.rb'].each { |f| require f }
+Dir['./spec/support/**/*.rb'].each { |f| require f }
+Dir['./spec/support/*.rb'].each { |f| require f }
+
+SimpleCov.start
+SimpleCov.formatter = SimpleCov::Formatter::HTMLFormatter
+
 RSpec.configure do |config|
   config.filter_run focus: true
   config.run_all_when_everything_filtered = true
@@ -55,18 +41,3 @@ RSpec.configure do |config|
     FactoryBot.find_definitions
   end
 end
-
-
-def wait(time, increment = 5, elapsed_time = 0, &block)
-  yield
-rescue RSpec::Expectations::ExpectationNotMetError => e
-  raise e if elapsed_time >= time
-  sleep increment
-  wait(time, increment, elapsed_time + increment, &block)
-end
-
-def entity_suffix
-  'rubytest-210908'
-end
-
-puts "Entity suffix is #{entity_suffix}"

data/spec/support/client_config.rb

@@ -1,11 +1,15 @@
 # frozen_string_literal: true
 
+
 module Configuration
   module_function
 
   def config
+    raise 'DESCOPE_MANAGEMENT_KEY is not set' if ENV['DESCOPE_MANAGEMENT_KEY'].nil?
+    raise 'DESCOPE_PROJECT_ID is not set' if ENV['DESCOPE_PROJECT_ID'].nil?
+
     {
-      base_uri: ENV.fetch('DESCOPE_BASE_URI', nil),
+      descope_base_uri: ENV.fetch('DESCOPE_BASE_URI', Descope::Mixins::Common::DEFAULT_BASE_URL),
       project_id: ENV.fetch('DESCOPE_PROJECT_ID', nil),
       management_key: ENV.fetch('DESCOPE_MANAGEMENT_KEY', nil),
       log_level: ENV.fetch('DESCOPE_LOG_LEVEL', 'info')

data/spec/support/dummy_class.rb

@@ -5,6 +5,7 @@ class DummyClass
   include Descope::Mixins::Headers
   include Descope::Mixins::Common
   include Descope::Mixins::Common::EndpointsV1
+  include Descope::Mixins::Common::EndpointsV2
   include Descope::Api::V1::Management::Common
   include Descope::Api::V1::Auth
 
@@ -22,7 +23,20 @@ class DummyClass
     @management_key = 'management_key'
     @public_keys = {}
     @mlock = Mutex.new
-    @logger ||= Descope::Mixins::Logging.logger_for(self.class.name, 'info')
+    @logger ||= Descope::Mixins::Logging.logger_for(self.class.name, ENV.fetch('DESCOPE_LOG_LEVEL', 'info'))
+  end
+
+  def add_headers(h = {})
+    raise ArgumentError, 'Headers must be an object which responds to #to_hash' unless h.respond_to?(:to_hash)
+
+    @headers ||= {}
+    @headers.merge!(h.to_hash)
+  end
+
+  def authorization_header(pswd = nil)
+    pswd = @default_pswd if pswd.nil? || pswd.empty?
+    bearer = "#{@project_id}:#{pswd}"
+    add_headers('Authorization' => "Bearer #{bearer}")
   end
 
   %i[get post post_file post_form put patch delete delete_with_body].each do |method|

data/spec/support/utils.rb

@@ -16,7 +16,7 @@ module SpecUtils
       special_chars.sample
 
     # Fill in remaining characters randomly
-    4.times { password += [lowercase_characters, uppercase_characters, digits, special_chars].sample.sample }
+    5.times { password += [lowercase_characters, uppercase_characters, digits, special_chars].sample.sample }
 
     # Randomize the order of characters to make the password less predictable
     password.split('').shuffle.join

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: descope
 version: !ruby/object:Gem::Version
-  version: 1.0.4
+  version: 1.0.5
 platform: ruby
 authors:
 - Descope
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2024-02-13 00:00:00.000000000 Z
+date: 2024-03-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rest-client
@@ -200,6 +200,7 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".github/workflows/ci.yaml"
+- ".github/workflows/publish-gem.yaml"
 - ".gitignore"
 - ".release-please-manifest.json"
 - ".rubocop.yml"
@@ -224,6 +225,46 @@ files:
 - examples/ruby-on-rails-api/descope/README.md
 - examples/ruby-on-rails-api/descope/Rakefile
 - examples/ruby-on-rails-api/descope/app/assets/builds/.keep
+- examples/ruby-on-rails-api/descope/app/assets/builds/App.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/App.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/application.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/application.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/application.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/application.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/App.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/App.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/App.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/App.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Dashboard.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Dashboard.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Dashboard.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Dashboard.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Home.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Home.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Home.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Home.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Login.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Login.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Login.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Login.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Profile.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Profile.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Profile.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/Profile.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/index.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/index.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/index.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/components/index.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/controllers/application.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/controllers/application.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/controllers/index.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/controllers/index.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/reportWebVitals.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/reportWebVitals.js.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/routes/index.css
+- examples/ruby-on-rails-api/descope/app/assets/builds/routes/index.css.map
+- examples/ruby-on-rails-api/descope/app/assets/builds/routes/index.js
+- examples/ruby-on-rails-api/descope/app/assets/builds/routes/index.js.map
 - examples/ruby-on-rails-api/descope/app/assets/config/manifest.js
 - examples/ruby-on-rails-api/descope/app/assets/images/.keep
 - examples/ruby-on-rails-api/descope/app/assets/images/descope.jpeg
@@ -305,8 +346,6 @@ files:
 - examples/ruby-on-rails-api/descope/public/robots.txt
 - examples/ruby-on-rails-api/descope/storage/.keep
 - examples/ruby-on-rails-api/descope/tmp/.keep
-- examples/ruby-on-rails-api/descope/tmp/pids/.keep
-- examples/ruby-on-rails-api/descope/tmp/storage/.keep
 - examples/ruby-on-rails-api/descope/vendor/.keep
 - examples/ruby-on-rails-api/descope/yarn.lock
 - examples/ruby/Gemfile
@@ -368,6 +407,19 @@ files:
 - release-please-config.json
 - renovate.json
 - spec/factories/user.rb
+- spec/integration/lib.descope/api/v1/auth/enchantedlink_spec.rb
+- spec/integration/lib.descope/api/v1/auth/magiclink_spec.rb
+- spec/integration/lib.descope/api/v1/auth/otp_spec.rb
+- spec/integration/lib.descope/api/v1/auth/password_spec.rb
+- spec/integration/lib.descope/api/v1/auth/totp_spec.rb
+- spec/integration/lib.descope/api/v1/management/access_key_spec.rb
+- spec/integration/lib.descope/api/v1/management/audit_spec.rb
+- spec/integration/lib.descope/api/v1/management/authz_spec.rb
+- spec/integration/lib.descope/api/v1/management/flow_spec.rb
+- spec/integration/lib.descope/api/v1/management/permissions_spec.rb
+- spec/integration/lib.descope/api/v1/management/project_spec.rb
+- spec/integration/lib.descope/api/v1/management/roles_spec.rb
+- spec/integration/lib.descope/api/v1/management/user_spec.rb
 - spec/lib.descope/api/v1/auth/enchantedlink_spec.rb
 - spec/lib.descope/api/v1/auth/magiclink_spec.rb
 - spec/lib.descope/api/v1/auth/oauth_spec.rb