descope 1.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/workflows/ci.yaml +54 -0
- data/.gitignore +59 -0
- data/.release-please-manifest.json +3 -0
- data/.rubocop.yml +10 -0
- data/.rubocop_todo.yml +10 -0
- data/.ruby-version +1 -0
- data/CHANGELOG.md +90 -0
- data/Gemfile +22 -0
- data/Gemfile.lock +204 -0
- data/LICENSE +21 -0
- data/README.md +1171 -0
- data/Rakefile +31 -0
- data/descope.gemspec +34 -0
- data/examples/ruby/Gemfile +4 -0
- data/examples/ruby/Gemfile.lock +41 -0
- data/examples/ruby/access_key_app.rb +45 -0
- data/examples/ruby/enchantedlink_app.rb +65 -0
- data/examples/ruby/magiclink_app.rb +81 -0
- data/examples/ruby/management/Gemfile +5 -0
- data/examples/ruby/management/Gemfile.lock +38 -0
- data/examples/ruby/management/access_key_app.rb +71 -0
- data/examples/ruby/management/audit_app.rb +25 -0
- data/examples/ruby/management/authz_app.rb +135 -0
- data/examples/ruby/management/authz_files.json +229 -0
- data/examples/ruby/management/flow_app.rb +57 -0
- data/examples/ruby/management/permission_app.rb +56 -0
- data/examples/ruby/management/role_app.rb +58 -0
- data/examples/ruby/management/tenant_app.rb +60 -0
- data/examples/ruby/management/user_app.rb +60 -0
- data/examples/ruby/oauth_app.rb +39 -0
- data/examples/ruby/otp_app.rb +50 -0
- data/examples/ruby/password_app.rb +76 -0
- data/examples/ruby/saml_app.rb +38 -0
- data/examples/ruby-on-rails-api/descope/.dockerignore +37 -0
- data/examples/ruby-on-rails-api/descope/.gitattributes +9 -0
- data/examples/ruby-on-rails-api/descope/.gitignore +40 -0
- data/examples/ruby-on-rails-api/descope/.node-version +1 -0
- data/examples/ruby-on-rails-api/descope/.ruby-version +1 -0
- data/examples/ruby-on-rails-api/descope/Dockerfile +75 -0
- data/examples/ruby-on-rails-api/descope/Gemfile +67 -0
- data/examples/ruby-on-rails-api/descope/Gemfile.lock +284 -0
- data/examples/ruby-on-rails-api/descope/Procfile.dev +3 -0
- data/examples/ruby-on-rails-api/descope/README.md +54 -0
- data/examples/ruby-on-rails-api/descope/Rakefile +6 -0
- data/examples/ruby-on-rails-api/descope/app/assets/builds/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/config/manifest.js +3 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/descope.jpeg +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/favicon.ico +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/logo192.png +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/logo512.png +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/stylesheets/application.bootstrap.scss +67 -0
- data/examples/ruby-on-rails-api/descope/app/channels/application_cable/channel.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/channels/application_cable/connection.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/application_controller.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/concerns/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/homepage_controller.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/session_controller.rb +66 -0
- data/examples/ruby-on-rails-api/descope/app/helpers/application_helper.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/helpers/homepage_helper.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/helpers/session_helper.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/App.css +53 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/application.js +5 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/App.jsx +4 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Dashboard.jsx +60 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Home.jsx +27 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Login.jsx +45 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Profile.jsx +81 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/index.html +11 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/index.jsx +24 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/controllers/application.js +9 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/controllers/index.js +5 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/reportWebVitals.js +13 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/routes/index.jsx +17 -0
- data/examples/ruby-on-rails-api/descope/app/jobs/application_job.rb +7 -0
- data/examples/ruby-on-rails-api/descope/app/mailers/application_mailer.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/models/application_record.rb +3 -0
- data/examples/ruby-on-rails-api/descope/app/models/concerns/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/views/homepage/index.html.erb +2 -0
- data/examples/ruby-on-rails-api/descope/app/views/layouts/application.html.erb +16 -0
- data/examples/ruby-on-rails-api/descope/app/views/layouts/mailer.html.erb +13 -0
- data/examples/ruby-on-rails-api/descope/app/views/layouts/mailer.text.erb +1 -0
- data/examples/ruby-on-rails-api/descope/app/views/session/index.html.erb +2 -0
- data/examples/ruby-on-rails-api/descope/bin/bundle +109 -0
- data/examples/ruby-on-rails-api/descope/bin/dev +11 -0
- data/examples/ruby-on-rails-api/descope/bin/docker-entrypoint +8 -0
- data/examples/ruby-on-rails-api/descope/bin/rails +4 -0
- data/examples/ruby-on-rails-api/descope/bin/rake +4 -0
- data/examples/ruby-on-rails-api/descope/bin/setup +36 -0
- data/examples/ruby-on-rails-api/descope/build.js +30 -0
- data/examples/ruby-on-rails-api/descope/config/application.rb +42 -0
- data/examples/ruby-on-rails-api/descope/config/boot.rb +4 -0
- data/examples/ruby-on-rails-api/descope/config/cable.yml +10 -0
- data/examples/ruby-on-rails-api/descope/config/config.yml +9 -0
- data/examples/ruby-on-rails-api/descope/config/credentials.yml.enc +1 -0
- data/examples/ruby-on-rails-api/descope/config/database.yml +25 -0
- data/examples/ruby-on-rails-api/descope/config/environment.rb +5 -0
- data/examples/ruby-on-rails-api/descope/config/environments/development.rb +76 -0
- data/examples/ruby-on-rails-api/descope/config/environments/production.rb +97 -0
- data/examples/ruby-on-rails-api/descope/config/environments/test.rb +64 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/assets.rb +13 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/content_security_policy.rb +25 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/filter_parameter_logging.rb +8 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/inflections.rb +16 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/load_config.rb +12 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/permissions_policy.rb +13 -0
- data/examples/ruby-on-rails-api/descope/config/locales/en.yml +31 -0
- data/examples/ruby-on-rails-api/descope/config/puma.rb +35 -0
- data/examples/ruby-on-rails-api/descope/config/routes.rb +18 -0
- data/examples/ruby-on-rails-api/descope/config/storage.yml +34 -0
- data/examples/ruby-on-rails-api/descope/config.ru +6 -0
- data/examples/ruby-on-rails-api/descope/db/seeds.rb +9 -0
- data/examples/ruby-on-rails-api/descope/lib/assets/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/lib/tasks/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/log/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/package-lock.json +19680 -0
- data/examples/ruby-on-rails-api/descope/package.json +51 -0
- data/examples/ruby-on-rails-api/descope/public/404.html +67 -0
- data/examples/ruby-on-rails-api/descope/public/422.html +67 -0
- data/examples/ruby-on-rails-api/descope/public/500.html +66 -0
- data/examples/ruby-on-rails-api/descope/public/apple-touch-icon-precomposed.png +0 -0
- data/examples/ruby-on-rails-api/descope/public/apple-touch-icon.png +0 -0
- data/examples/ruby-on-rails-api/descope/public/favicon.ico +0 -0
- data/examples/ruby-on-rails-api/descope/public/robots.txt +1 -0
- data/examples/ruby-on-rails-api/descope/storage/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/tmp/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/tmp/pids/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/tmp/storage/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/vendor/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/yarn.lock +10780 -0
- data/lib/descope/api/v1/auth/enchantedlink.rb +156 -0
- data/lib/descope/api/v1/auth/magiclink.rb +170 -0
- data/lib/descope/api/v1/auth/oauth.rb +72 -0
- data/lib/descope/api/v1/auth/otp.rb +186 -0
- data/lib/descope/api/v1/auth/password.rb +100 -0
- data/lib/descope/api/v1/auth/saml.rb +48 -0
- data/lib/descope/api/v1/auth/totp.rb +72 -0
- data/lib/descope/api/v1/auth.rb +452 -0
- data/lib/descope/api/v1/management/access_key.rb +81 -0
- data/lib/descope/api/v1/management/audit.rb +82 -0
- data/lib/descope/api/v1/management/authz.rb +165 -0
- data/lib/descope/api/v1/management/common.rb +147 -0
- data/lib/descope/api/v1/management/flow.rb +55 -0
- data/lib/descope/api/v1/management/password.rb +58 -0
- data/lib/descope/api/v1/management/permission.rb +48 -0
- data/lib/descope/api/v1/management/project.rb +53 -0
- data/lib/descope/api/v1/management/role.rb +48 -0
- data/lib/descope/api/v1/management/scim.rb +206 -0
- data/lib/descope/api/v1/management/sso_settings.rb +153 -0
- data/lib/descope/api/v1/management/tenant.rb +71 -0
- data/lib/descope/api/v1/management/user.rb +619 -0
- data/lib/descope/api/v1/management.rb +38 -0
- data/lib/descope/api/v1/session.rb +84 -0
- data/lib/descope/api/v1.rb +13 -0
- data/lib/descope/client.rb +6 -0
- data/lib/descope/exception.rb +50 -0
- data/lib/descope/mixins/common.rb +129 -0
- data/lib/descope/mixins/headers.rb +15 -0
- data/lib/descope/mixins/http.rb +133 -0
- data/lib/descope/mixins/initializer.rb +80 -0
- data/lib/descope/mixins/logging.rb +30 -0
- data/lib/descope/mixins/validation.rb +79 -0
- data/lib/descope/mixins.rb +22 -0
- data/lib/descope/version.rb +7 -0
- data/lib/descope.rb +9 -0
- data/lib/descope_client.rb +5 -0
- data/release-please-config.json +18 -0
- data/renovate.json +6 -0
- data/spec/factories/user.rb +16 -0
- data/spec/lib.descope/api/v1/auth/enchantedlink_spec.rb +159 -0
- data/spec/lib.descope/api/v1/auth/magiclink_spec.rb +282 -0
- data/spec/lib.descope/api/v1/auth/oauth_spec.rb +117 -0
- data/spec/lib.descope/api/v1/auth/otp_spec.rb +285 -0
- data/spec/lib.descope/api/v1/auth/password_spec.rb +124 -0
- data/spec/lib.descope/api/v1/auth/saml_spec.rb +55 -0
- data/spec/lib.descope/api/v1/auth/totp_spec.rb +70 -0
- data/spec/lib.descope/api/v1/auth_spec.rb +372 -0
- data/spec/lib.descope/api/v1/management/access_key_spec.rb +118 -0
- data/spec/lib.descope/api/v1/management/audit_spec.rb +78 -0
- data/spec/lib.descope/api/v1/management/authz_spec.rb +336 -0
- data/spec/lib.descope/api/v1/management/flow_spec.rb +78 -0
- data/spec/lib.descope/api/v1/management/password_spec.rb +25 -0
- data/spec/lib.descope/api/v1/management/permission_spec.rb +81 -0
- data/spec/lib.descope/api/v1/management/project_spec.rb +63 -0
- data/spec/lib.descope/api/v1/management/role_spec.rb +85 -0
- data/spec/lib.descope/api/v1/management/scim_spec.rb +312 -0
- data/spec/lib.descope/api/v1/management/sso_settings_spec.rb +172 -0
- data/spec/lib.descope/api/v1/management/tenant_spec.rb +141 -0
- data/spec/lib.descope/api/v1/management/user_spec.rb +667 -0
- data/spec/lib.descope/api/v1/session_spec.rb +117 -0
- data/spec/lib.descope/client_spec.rb +40 -0
- data/spec/spec_helper.rb +72 -0
- data/spec/support/client_config.rb +14 -0
- data/spec/support/dummy_class.rb +36 -0
- data/spec/support/utils.rb +32 -0
- metadata +420 -0
@@ -0,0 +1,156 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Descope
|
4
|
+
module Api
|
5
|
+
module V1
|
6
|
+
module Auth
|
7
|
+
# Holds all the password API calls
|
8
|
+
module EnchantedLink
|
9
|
+
include Descope::Mixins::Validation
|
10
|
+
include Descope::Mixins::Common::EndpointsV1
|
11
|
+
include Descope::Mixins::Common::EndpointsV2
|
12
|
+
|
13
|
+
def enchanted_link_sign_in(login_id: nil, uri: nil, login_options: nil, refresh_token: nil)
|
14
|
+
# Sign-in existing user by sending an enchanted link via email.
|
15
|
+
# @see https://docs.descope.com/api/openapi/enchantedlink/operation/SignInEnchantedLinkEmail/
|
16
|
+
validate_login_id(login_id)
|
17
|
+
validate_refresh_token_provided(login_options, refresh_token)
|
18
|
+
body = enchanted_link_compose_signin_body(login_id, uri, login_options)
|
19
|
+
uri = enchanted_link_compose_signin_url
|
20
|
+
post(uri, body, nil, refresh_token)
|
21
|
+
end
|
22
|
+
|
23
|
+
def enchanted_link_sign_up(login_id: nil, uri: nil, user: {})
|
24
|
+
# Sign-up new end user by sending an enchanted link via email
|
25
|
+
# @see https://docs.descope.com/api/openapi/enchantedlink/operation/SignUpEnchantedLink/
|
26
|
+
|
27
|
+
unless adjust_and_verify_delivery_method(Descope::Mixins::Common::DeliveryMethod::EMAIL, login_id, user)
|
28
|
+
raise Descope::ArgumentException.new(
|
29
|
+
'Invalid delivery method',
|
30
|
+
code: 400
|
31
|
+
)
|
32
|
+
end
|
33
|
+
|
34
|
+
body = enchanted_link_compose_signup_body(login_id, uri, user)
|
35
|
+
uri = enchanted_link_compose_signup_url
|
36
|
+
post(uri, body)
|
37
|
+
end
|
38
|
+
|
39
|
+
def enchanted_link_sign_up_or_in(login_id: nil, uri: nil, login_options: nil)
|
40
|
+
# @see https://docs.descope.com/api/openapi/enchantedlink/operation/SignUpOrInEnchantedLinkEmail/
|
41
|
+
body = enchanted_link_compose_signin_body(login_id, uri, login_options)
|
42
|
+
uri = enchanted_link_compose_sign_up_or_in_url
|
43
|
+
post(uri, body)
|
44
|
+
end
|
45
|
+
|
46
|
+
def enchanted_link_update_user_email(login_id: nil, email: nil, uri: nil, add_to_login_ids: nil, on_merge_use_existing: nil, provider_id: nil, template_id: nil, template_options: nil, refresh_token: nil)
|
47
|
+
validate_login_id(login_id)
|
48
|
+
validate_token_not_empty(refresh_token)
|
49
|
+
validate_email(email)
|
50
|
+
|
51
|
+
body = enchanted_link_compose_update_user_email_body(
|
52
|
+
login_id, email, add_to_login_ids, on_merge_use_existing
|
53
|
+
)
|
54
|
+
body[:redirectUrl] = uri
|
55
|
+
body[:providerId] = provider_id if provider_id
|
56
|
+
body[:templateId] = template_id if template_id
|
57
|
+
body[:templateOptions] = template_options if template_options
|
58
|
+
uri = UPDATE_USER_EMAIL_ENCHANTEDLINK_PATH
|
59
|
+
post(uri, body, {}, refresh_token)
|
60
|
+
end
|
61
|
+
|
62
|
+
def enchanted_link_verify_token(token = nil)
|
63
|
+
validate_token_not_empty(token)
|
64
|
+
post(VERIFY_ENCHANTEDLINK_AUTH_PATH, { token: })
|
65
|
+
end
|
66
|
+
|
67
|
+
def enchanted_link_get_session(pending_ref = nil)
|
68
|
+
# @see https://docs.descope.com/api/openapi/enchantedlink/operation/GetEnchantedLinkSession/
|
69
|
+
res = post(GET_SESSION_ENCHANTEDLINK_AUTH_PATH, { pendingRef: pending_ref })
|
70
|
+
generate_jwt_response(response_body: res, refresh_cookie: res['refreshJwt'])
|
71
|
+
end
|
72
|
+
|
73
|
+
private
|
74
|
+
|
75
|
+
def enchanted_link_compose_signin_body(login_id, uri, login_options)
|
76
|
+
login_options ||= {}
|
77
|
+
unless login_options.is_a?(Hash)
|
78
|
+
raise Descope::ArgumentException.new(
|
79
|
+
'Unable to read login_option, not a Hash',
|
80
|
+
code: 400
|
81
|
+
)
|
82
|
+
end
|
83
|
+
|
84
|
+
body = {
|
85
|
+
loginId: login_id,
|
86
|
+
redirectUrl: uri,
|
87
|
+
loginOptions: {}
|
88
|
+
}
|
89
|
+
|
90
|
+
body[:loginOptions][:stepup] = login_options.fetch(:stepup, false)
|
91
|
+
body[:loginOptions][:mfa] = login_options.fetch(:mfa, false)
|
92
|
+
body[:loginOptions][:customClaims] = login_options.fetch(:custom_claims, {})
|
93
|
+
body[:loginOptions][:ssoAppId] = login_options.fetch(:sso_app_id, nil)
|
94
|
+
|
95
|
+
body
|
96
|
+
end
|
97
|
+
|
98
|
+
def enchanted_link_compose_signin_url
|
99
|
+
compose_url(SIGN_IN_AUTH_ENCHANTEDLINK_PATH, Descope::Mixins::Common::DeliveryMethod::EMAIL)
|
100
|
+
end
|
101
|
+
|
102
|
+
def enchanted_link_compose_signup_url
|
103
|
+
compose_url(SIGN_UP_AUTH_ENCHANTEDLINK_PATH, Descope::Mixins::Common::DeliveryMethod::EMAIL)
|
104
|
+
end
|
105
|
+
|
106
|
+
def enchanted_link_compose_sign_up_or_in_url
|
107
|
+
compose_url(SIGN_UP_OR_IN_AUTH_ENCHANTEDLINK_PATH, Descope::Mixins::Common::DeliveryMethod::EMAIL)
|
108
|
+
end
|
109
|
+
|
110
|
+
def enchanted_link_compose_signup_body(login_id, uri, user)
|
111
|
+
body = {
|
112
|
+
loginId: login_id,
|
113
|
+
redirectUrl: uri
|
114
|
+
}
|
115
|
+
|
116
|
+
unless user.nil? || user.empty?
|
117
|
+
body[:user] = enchantedlink_user_compose_update_body(**user) unless user.empty?
|
118
|
+
|
119
|
+
method_str, val = get_login_id_by_method(method: Descope::Mixins::Common::DeliveryMethod::EMAIL, user:)
|
120
|
+
body[method_str.to_sym] = val
|
121
|
+
end
|
122
|
+
|
123
|
+
body
|
124
|
+
end
|
125
|
+
|
126
|
+
def enchanted_link_compose_update_user_email_body(login_id, email, add_to_login_ids, on_merge_use_existing)
|
127
|
+
body = {
|
128
|
+
loginId: login_id,
|
129
|
+
email:
|
130
|
+
}
|
131
|
+
|
132
|
+
body[:addToLoginIds] = add_to_login_ids if add_to_login_ids
|
133
|
+
body[:onMergeUseExisting] = on_merge_use_existing if on_merge_use_existing
|
134
|
+
|
135
|
+
body
|
136
|
+
end
|
137
|
+
|
138
|
+
|
139
|
+
private
|
140
|
+
def enchantedlink_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil, middle_name: nil, family_name: nil)
|
141
|
+
user = {}
|
142
|
+
user[:loginId] = login_id if login_id
|
143
|
+
user[:name] = name if name
|
144
|
+
user[:phone] = phone if phone
|
145
|
+
user[:email] = email if email
|
146
|
+
user[:givenName] = given_name if given_name
|
147
|
+
user[:middleName] = middle_name if middle_name
|
148
|
+
user[:familyName] = family_name if family_name
|
149
|
+
|
150
|
+
user
|
151
|
+
end
|
152
|
+
end
|
153
|
+
end
|
154
|
+
end
|
155
|
+
end
|
156
|
+
end
|
@@ -0,0 +1,170 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Descope
|
4
|
+
module Api
|
5
|
+
module V1
|
6
|
+
module Auth
|
7
|
+
# Holds all the password API calls
|
8
|
+
module MagicLink
|
9
|
+
include Descope::Mixins::Validation
|
10
|
+
include Descope::Mixins::Common::EndpointsV1
|
11
|
+
include Descope::Mixins::Common::EndpointsV2
|
12
|
+
|
13
|
+
def magiclink_sign_up(method: nil, login_id: nil, uri: nil, user: {}, provider_id: nil, template_id: nil)
|
14
|
+
# Sign-up new end user by sending a magic link via email
|
15
|
+
# @see https://docs.descope.com/api/openapi/magiclink/operation/SignUpMagicLinkEmail/
|
16
|
+
validate_login_id(login_id)
|
17
|
+
|
18
|
+
body = magiclink_compose_signup_body(login_id, uri, user, method)
|
19
|
+
body[:providerId] = provider_id if provider_id
|
20
|
+
body[:templateId] = template_id if template_id
|
21
|
+
uri = magiclink_compose_signup_url(method)
|
22
|
+
res = post(uri, body)
|
23
|
+
extract_masked_address(res, method)
|
24
|
+
end
|
25
|
+
|
26
|
+
def magiclink_sign_in(method: nil, login_id: nil, uri: nil, login_options: nil, refresh_token: nil)
|
27
|
+
validate_login_id(login_id)
|
28
|
+
validate_refresh_token_provided(login_options, refresh_token)
|
29
|
+
body = magiclink_compose_signin_body(login_id, uri, login_options)
|
30
|
+
uri = magiclink_compose_signin_url(method)
|
31
|
+
res = post(uri, body, {}, refresh_token)
|
32
|
+
extract_masked_address(res, method)
|
33
|
+
end
|
34
|
+
|
35
|
+
def magiclink_sign_up_or_in(method: nil, login_id: nil, uri: nil, login_options: nil)
|
36
|
+
body = magiclink_compose_signin_body(login_id, uri, login_options)
|
37
|
+
uri = magiclink_compose_sign_up_or_in_url(method)
|
38
|
+
res = post(uri, body)
|
39
|
+
extract_masked_address(res, method)
|
40
|
+
end
|
41
|
+
|
42
|
+
def magiclink_verify_token(token = nil)
|
43
|
+
validate_token_not_empty(token)
|
44
|
+
res = post(VERIFY_MAGICLINK_AUTH_PATH, { token: })
|
45
|
+
generate_jwt_response(response_body: res)
|
46
|
+
end
|
47
|
+
|
48
|
+
def magiclink_update_user_email(login_id: nil, email: nil, uri: nil, add_to_login_ids: nil, on_merge_use_existing: nil, provider_id: nil, template_id: nil, template_options: nil, refresh_token: nil)
|
49
|
+
validate_login_id(login_id)
|
50
|
+
validate_token_not_empty(refresh_token)
|
51
|
+
validate_email(email)
|
52
|
+
|
53
|
+
body = magiclink_compose_update_user_email_body(login_id, email, uri, add_to_login_ids, on_merge_use_existing)
|
54
|
+
body[:providerId] = provider_id if provider_id
|
55
|
+
body[:templateId] = template_id if template_id
|
56
|
+
body[:templateOptions] = template_options if template_options
|
57
|
+
uri = UPDATE_USER_EMAIL_MAGICLINK_PATH
|
58
|
+
res = post(uri, body, {}, refresh_token)
|
59
|
+
extract_masked_address(res, Descope::Mixins::Common::DeliveryMethod::EMAIL)
|
60
|
+
end
|
61
|
+
|
62
|
+
def magiclink_update_user_phone(login_id: nil, phone: nil, uri: nil, add_to_login_ids: nil, on_merge_use_existing: nil, provider_id: nil, template_id: nil, template_options: nil, method: nil, refresh_token: nil)
|
63
|
+
validate_login_id(login_id)
|
64
|
+
validate_token_not_empty(refresh_token)
|
65
|
+
validate_phone(method, phone)
|
66
|
+
|
67
|
+
body = magiclink_compose_update_user_phone_body(login_id, phone, uri, add_to_login_ids, on_merge_use_existing)
|
68
|
+
body[:providerId] = provider_id if provider_id
|
69
|
+
body[:templateId] = template_id if template_id
|
70
|
+
body[:templateOptions] = template_options if template_options
|
71
|
+
uri = UPDATE_USER_PHONE_MAGICLINK_PATH
|
72
|
+
res = post(uri, body, {}, refresh_token)
|
73
|
+
extract_masked_address(res, Descope::Mixins::Common::DeliveryMethod::SMS)
|
74
|
+
end
|
75
|
+
|
76
|
+
private
|
77
|
+
|
78
|
+
def magiclink_compose_signin_url(method = nil)
|
79
|
+
method = Descope::Mixins::Common::DeliveryMethod::EMAIL if method.nil?
|
80
|
+
compose_url(SIGN_IN_AUTH_MAGICLINK_PATH, method)
|
81
|
+
end
|
82
|
+
|
83
|
+
def magiclink_compose_signup_url(method = nil)
|
84
|
+
method = Descope::Mixins::Common::DeliveryMethod::EMAIL if method.nil?
|
85
|
+
compose_url(SIGN_UP_AUTH_MAGICLINK_PATH, method)
|
86
|
+
end
|
87
|
+
|
88
|
+
def magiclink_compose_sign_up_or_in_url(method = nil)
|
89
|
+
method = Descope::Mixins::Common::DeliveryMethod::EMAIL if method.nil?
|
90
|
+
compose_url(SIGN_UP_OR_IN_AUTH_MAGICLINK_PATH, method)
|
91
|
+
end
|
92
|
+
|
93
|
+
def magiclink_compose_signup_body(login_id, uri, user = nil, method = nil)
|
94
|
+
body = {
|
95
|
+
loginId: login_id,
|
96
|
+
redirectUrl: uri
|
97
|
+
}
|
98
|
+
|
99
|
+
unless user.nil?
|
100
|
+
body[:user] = magiclink_user_compose_update_body(**user) unless user.empty?
|
101
|
+
|
102
|
+
method_str, val = get_login_id_by_method(method:, user:)
|
103
|
+
body[method_str.to_sym] = val
|
104
|
+
end
|
105
|
+
|
106
|
+
body
|
107
|
+
end
|
108
|
+
|
109
|
+
# rubocop:disable Metrics/MethodLength
|
110
|
+
def magiclink_compose_signin_body(login_id, uri, login_options)
|
111
|
+
login_options ||= {}
|
112
|
+
unless login_options.is_a?(Hash)
|
113
|
+
raise Descope::ArgumentException.new(
|
114
|
+
'Unable to read login_option, not a Hash',
|
115
|
+
code: 400
|
116
|
+
)
|
117
|
+
end
|
118
|
+
|
119
|
+
body = {
|
120
|
+
loginId: login_id,
|
121
|
+
redirectUrl: uri,
|
122
|
+
loginOptions: {}
|
123
|
+
}
|
124
|
+
|
125
|
+
body[:loginOptions][:stepup] = login_options.fetch(:stepup, false)
|
126
|
+
body[:loginOptions][:mfa] = login_options.fetch(:mfa, false)
|
127
|
+
body[:loginOptions][:customClaims] = login_options.fetch(:custom_claims, {})
|
128
|
+
body[:loginOptions][:ssoAppId] = login_options.fetch(:sso_app_id, nil)
|
129
|
+
|
130
|
+
body
|
131
|
+
end
|
132
|
+
|
133
|
+
def magiclink_compose_update_user_email_body(login_id, email, uri, add_to_login_ids, on_merge_use_existing)
|
134
|
+
{
|
135
|
+
loginId: login_id,
|
136
|
+
email:,
|
137
|
+
redirectUrl: uri,
|
138
|
+
addToLoginIDs: add_to_login_ids,
|
139
|
+
onMergeUseExisting: on_merge_use_existing
|
140
|
+
}
|
141
|
+
end
|
142
|
+
|
143
|
+
def magiclink_compose_update_user_phone_body(login_id, phone, uri, add_to_login_ids, on_merge_use_existing)
|
144
|
+
{
|
145
|
+
loginId: login_id,
|
146
|
+
phone:,
|
147
|
+
redirectUrl: uri,
|
148
|
+
addToLoginIDs: add_to_login_ids,
|
149
|
+
onMergeUseExisting: on_merge_use_existing
|
150
|
+
}
|
151
|
+
end
|
152
|
+
|
153
|
+
private
|
154
|
+
def magiclink_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil, middle_name: nil, family_name: nil)
|
155
|
+
user = {}
|
156
|
+
user[:loginId] = login_id if login_id
|
157
|
+
user[:name] = name if name
|
158
|
+
user[:phone] = phone if phone
|
159
|
+
user[:email] = email if email
|
160
|
+
user[:givenName] = given_name if given_name
|
161
|
+
user[:middleName] = middle_name if middle_name
|
162
|
+
user[:familyName] = family_name if family_name
|
163
|
+
|
164
|
+
user
|
165
|
+
end
|
166
|
+
end
|
167
|
+
end
|
168
|
+
end
|
169
|
+
end
|
170
|
+
end
|
@@ -0,0 +1,72 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
require 'cgi'
|
3
|
+
|
4
|
+
module Descope
|
5
|
+
module Api
|
6
|
+
module V1
|
7
|
+
module Auth
|
8
|
+
# Holds all the password API calls
|
9
|
+
module OAuth
|
10
|
+
include Descope::Mixins::Validation
|
11
|
+
include Descope::Mixins::Common::EndpointsV1
|
12
|
+
include Descope::Mixins::Common::EndpointsV2
|
13
|
+
|
14
|
+
def oauth_start(provider: nil, return_url: nil, prompt: nil, login_options: nil, refresh_token: nil, template_options: nil)
|
15
|
+
body = compose_start_params(login_options:, template_options:)
|
16
|
+
url = "#{OAUTH_START_PATH}?provider=#{provider}"
|
17
|
+
url += "&redirectUrl=#{CGI.escape(return_url)}" if return_url
|
18
|
+
url += "&prompt=#{CGI.escape(prompt)}" if prompt
|
19
|
+
post(url, body, {}, refresh_token)
|
20
|
+
end
|
21
|
+
|
22
|
+
def oauth_exchange_token(code = nil)
|
23
|
+
exchange_token(OAUTH_EXCHANGE_TOKEN_PATH, code)
|
24
|
+
end
|
25
|
+
|
26
|
+
def oauth_create_redirect_url_for_sign_in_request(stepup: false, custom_claims: {}, mfa: false,
|
27
|
+
sso_app_id: nil)
|
28
|
+
request_params = {
|
29
|
+
stepup:,
|
30
|
+
customClaims: custom_claims,
|
31
|
+
mfa:,
|
32
|
+
ssoAppId: sso_app_id
|
33
|
+
}
|
34
|
+
post(OAUTH_CREATE_REDIRECT_URL_FOR_SIGN_IN_REQUEST_PATH, request_params)
|
35
|
+
end
|
36
|
+
|
37
|
+
def oauth_create_redirect_url_for_sign_up_request(stepup: false, custom_claims: {}, mfa: false,
|
38
|
+
sso_app_id: nil)
|
39
|
+
request_params = {
|
40
|
+
stepup:,
|
41
|
+
customClaims: custom_claims,
|
42
|
+
mfa:,
|
43
|
+
ssoAppId: sso_app_id
|
44
|
+
}
|
45
|
+
post(OAUTH_CREATE_REDIRECT_URL_FOR_SIGN_UP_REQUEST_PATH, request_params)
|
46
|
+
end
|
47
|
+
|
48
|
+
private
|
49
|
+
|
50
|
+
def compose_start_params(login_options: nil, template_options: nil)
|
51
|
+
login_options ||= {}
|
52
|
+
|
53
|
+
unless login_options.is_a?(Hash)
|
54
|
+
raise Descope::ArgumentException.new(
|
55
|
+
'Unable to read login_options, not a Hash',
|
56
|
+
code: 400
|
57
|
+
)
|
58
|
+
end
|
59
|
+
|
60
|
+
body = {}
|
61
|
+
body[:stepup] = login_options.fetch(:stepup, false)
|
62
|
+
body[:mfa] = login_options.fetch(:mfa, false)
|
63
|
+
body[:customClaims] = login_options.fetch(:custom_claims, {})
|
64
|
+
body[:ssoAppId] = login_options.fetch(:sso_app_id, nil) if login_options.key?(:sso_app_id)
|
65
|
+
body[:templateOptions] = template_options unless template_options.nil?
|
66
|
+
body
|
67
|
+
end
|
68
|
+
end
|
69
|
+
end
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
@@ -0,0 +1,186 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Descope
|
4
|
+
module Api
|
5
|
+
module V1
|
6
|
+
module Auth
|
7
|
+
# Holds all the password API calls
|
8
|
+
module OTP
|
9
|
+
include Descope::Mixins::Validation
|
10
|
+
include Descope::Mixins::Common::EndpointsV1
|
11
|
+
include Descope::Mixins::Common::EndpointsV2
|
12
|
+
|
13
|
+
def otp_sign_in(method: nil, login_id: nil, login_options: nil, refresh_token: nil, provider_id: nil,
|
14
|
+
template_id: nil, sso_app_id: nil)
|
15
|
+
# Sign in (log in) an existing user with the unique login_id you provide. (See 'sign_up' function for an explanation of the
|
16
|
+
# login_id field.) Provide the DeliveryMethod required for this user. If the login_id value cannot be used for the
|
17
|
+
# DeliverMethod selected (for example, 'login_id = 4567qq445km' and 'DeliveryMethod = email')
|
18
|
+
validate_login_id(login_id)
|
19
|
+
uri = otp_compose_signin_url(method)
|
20
|
+
body = otp_compose_signin_body(login_id, login_options, provider_id, template_id, sso_app_id)
|
21
|
+
res = post(uri, body, {}, refresh_token)
|
22
|
+
extract_masked_address(res, method)
|
23
|
+
end
|
24
|
+
|
25
|
+
def otp_sign_up(method: nil, login_id: nil, user: {}, provider_id: nil, template_id: nil)
|
26
|
+
# Sign up (create) a new user using their email or phone number. Choose a delivery method for OTP
|
27
|
+
# verification, for example email, SMS, or WhatsApp.
|
28
|
+
# (optional) Include additional user metadata that you wish to preserve.
|
29
|
+
user ||= {}
|
30
|
+
|
31
|
+
raise AuthException unless adjust_and_verify_delivery_method(method, login_id, user)
|
32
|
+
|
33
|
+
uri = otp_compose_signup_url(method)
|
34
|
+
body = otp_compose_signup_body(method, login_id, user, provider_id, template_id)
|
35
|
+
res = post(uri, body)
|
36
|
+
extract_masked_address(res, method)
|
37
|
+
end
|
38
|
+
|
39
|
+
def otp_sign_up_or_in(method: nil, login_id: nil, login_options: nil, provider_id: nil, template_id: nil,
|
40
|
+
sso_app_id: nil)
|
41
|
+
# Sign_up_or_in lets you handle both sign up and sign in with a single call. Sign-up_or_in will first
|
42
|
+
# determine if login_id is a new or existing end user. If login_id is new, a new end user user will be
|
43
|
+
# created and then authenticated using the OTP DeliveryMethod specified.
|
44
|
+
# If login_id exists, the end user will be authenticated using the OTP DeliveryMethod specified.
|
45
|
+
validate_login_id(login_id)
|
46
|
+
uri = otp_compose_sign_up_or_in_url(method)
|
47
|
+
body = otp_compose_signin_body(login_id, login_options, provider_id, template_id, sso_app_id)
|
48
|
+
res = post(uri, body)
|
49
|
+
extract_masked_address(res, method)
|
50
|
+
end
|
51
|
+
|
52
|
+
def otp_verify_code(method: nil, login_id: nil, code: nil)
|
53
|
+
validate_login_id(login_id)
|
54
|
+
uri = otp_compose_verify_code_url(method)
|
55
|
+
request_params = {
|
56
|
+
loginId: login_id,
|
57
|
+
code:
|
58
|
+
}
|
59
|
+
res = post(uri, request_params)
|
60
|
+
generate_jwt_response(response_body: res, refresh_cookie: res.fetch('refreshJwt', {}))
|
61
|
+
end
|
62
|
+
|
63
|
+
def otp_update_user_email(login_id: nil, email: nil, refresh_token: nil, add_to_login_ids: false,
|
64
|
+
on_merge_use_existing: false, provider_id: nil, template_id: nil)
|
65
|
+
# Update the email address of an end user, after verifying the authenticity of the end user using OTP.
|
66
|
+
validate_login_id(login_id)
|
67
|
+
validate_email(email)
|
68
|
+
request_params = {
|
69
|
+
loginId: login_id,
|
70
|
+
email:,
|
71
|
+
addToLoginIDs: add_to_login_ids,
|
72
|
+
onMergeUseExisting: on_merge_use_existing
|
73
|
+
}
|
74
|
+
request_params[:providerId] = provider_id if provider_id
|
75
|
+
request_params[:templateId] = template_id if template_id
|
76
|
+
res = post(UPDATE_USER_EMAIL_OTP_PATH, request_params, {}, refresh_token)
|
77
|
+
extract_masked_address(res, DeliveryMethod::EMAIL)
|
78
|
+
end
|
79
|
+
|
80
|
+
def otp_update_user_phone(
|
81
|
+
method: nil, login_id: nil, phone: nil, refresh_token: nil, add_to_login_ids: false,
|
82
|
+
on_merge_use_existing: false, provider_id: nil, template_id: nil
|
83
|
+
)
|
84
|
+
# Update the phone number of an existing end user, after verifying the authenticity of the end user using OTP.
|
85
|
+
validate_login_id(login_id)
|
86
|
+
validate_phone(method, phone)
|
87
|
+
uri = otp_compose_update_phone_url(method)
|
88
|
+
request_params = {
|
89
|
+
loginId: login_id,
|
90
|
+
phone:,
|
91
|
+
addToLoginIDs: add_to_login_ids,
|
92
|
+
onMergeUseExisting: on_merge_use_existing
|
93
|
+
}
|
94
|
+
request_params[:providerId] = provider_id if provider_id
|
95
|
+
request_params[:templateId] = template_id if template_id
|
96
|
+
res = post(uri, request_params, {}, refresh_token)
|
97
|
+
extract_masked_address(res, method)
|
98
|
+
end
|
99
|
+
|
100
|
+
private
|
101
|
+
|
102
|
+
def otp_compose_signin_url(method = nil)
|
103
|
+
method = Descope::Mixins::Common::DeliveryMethod::EMAIL if method.nil?
|
104
|
+
compose_url(SIGN_IN_AUTH_OTP_PATH, method)
|
105
|
+
end
|
106
|
+
|
107
|
+
def otp_compose_signup_url(method = nil)
|
108
|
+
method = Descope::Mixins::Common::DeliveryMethod::EMAIL if method.nil?
|
109
|
+
compose_url(SIGN_UP_AUTH_OTP_PATH, method)
|
110
|
+
end
|
111
|
+
|
112
|
+
def otp_compose_sign_up_or_in_url(method = nil)
|
113
|
+
method = Descope::Mixins::Common::DeliveryMethod::EMAIL if method.nil?
|
114
|
+
compose_url(SIGN_UP_OR_IN_AUTH_OTP_PATH, method)
|
115
|
+
end
|
116
|
+
|
117
|
+
def otp_compose_verify_code_url(method = nil)
|
118
|
+
method = Descope::Mixins::Common::DeliveryMethod::EMAIL if method.nil?
|
119
|
+
compose_url(VERIFY_CODE_AUTH_PATH, method)
|
120
|
+
end
|
121
|
+
|
122
|
+
def otp_compose_update_phone_url(method = nil)
|
123
|
+
method = Descope::Mixins::Common::DeliveryMethod::SMS if method.nil?
|
124
|
+
compose_url(UPDATE_USER_PHONE_OTP_PATH, method)
|
125
|
+
end
|
126
|
+
|
127
|
+
# rubocop:disable Metrics/AbcSize, Metrics/MethodLength
|
128
|
+
def otp_compose_signup_body(method, login_id, user, provider_id, template_id)
|
129
|
+
body = {
|
130
|
+
loginId: login_id,
|
131
|
+
}
|
132
|
+
|
133
|
+
unless user.nil?
|
134
|
+
body[:user] = otp_user_compose_update_body(**user) unless user.empty?
|
135
|
+
method_str, val = get_login_id_by_method(method:, user:)
|
136
|
+
body[method_str.to_sym] = val
|
137
|
+
end
|
138
|
+
|
139
|
+
body[:provider_id] = provider_id if provider_id
|
140
|
+
body[:template_id] = template_id if template_id
|
141
|
+
|
142
|
+
body
|
143
|
+
end
|
144
|
+
|
145
|
+
def otp_compose_signin_body(login_id, login_options, provider_id, template_id, sso_app_id)
|
146
|
+
login_options ||= {}
|
147
|
+
unless login_options.is_a?(Hash)
|
148
|
+
raise Descope::ArgumentException.new(
|
149
|
+
'Unable to read login_option, not a Hash',
|
150
|
+
code: 400
|
151
|
+
)
|
152
|
+
end
|
153
|
+
|
154
|
+
body = {
|
155
|
+
loginId: login_id,
|
156
|
+
loginOptions: {}
|
157
|
+
}
|
158
|
+
body[:providerId] = provider_id if provider_id
|
159
|
+
body[:templateId] = template_id if template_id
|
160
|
+
body[:ssoAppId] = sso_app_id if sso_app_id
|
161
|
+
body[:loginOptions][:stepup] = login_options.fetch(:stepup, false)
|
162
|
+
body[:loginOptions][:mfa] = login_options.fetch(:mfa, false)
|
163
|
+
body[:loginOptions][:customClaims] = login_options.fetch(:custom_claims, {})
|
164
|
+
body[:loginOptions][:ssoAppId] = login_options.fetch(:sso_app_id, nil)
|
165
|
+
|
166
|
+
body
|
167
|
+
end
|
168
|
+
|
169
|
+
private
|
170
|
+
def otp_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil, middle_name: nil, family_name: nil)
|
171
|
+
user = {}
|
172
|
+
user[:loginId] = login_id if login_id
|
173
|
+
user[:name] = name if name
|
174
|
+
user[:phone] = phone if phone
|
175
|
+
user[:email] = email if email
|
176
|
+
user[:givenName] = given_name if given_name
|
177
|
+
user[:middleName] = middle_name if middle_name
|
178
|
+
user[:familyName] = family_name if family_name
|
179
|
+
|
180
|
+
user
|
181
|
+
end
|
182
|
+
end
|
183
|
+
end
|
184
|
+
end
|
185
|
+
end
|
186
|
+
end
|
@@ -0,0 +1,100 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module Descope
|
4
|
+
module Api
|
5
|
+
module V1
|
6
|
+
module Auth
|
7
|
+
# Holds all the password API calls
|
8
|
+
module Password
|
9
|
+
include Descope::Mixins::Validation
|
10
|
+
include Descope::Mixins::Common::EndpointsV1
|
11
|
+
include Descope::Mixins::Common::EndpointsV2
|
12
|
+
|
13
|
+
def password_sign_up(login_id: nil, password: nil, user: nil)
|
14
|
+
# Sign up (create) a new user using a login ID and password.
|
15
|
+
# (optional) Include additional user metadata that you wish to save.
|
16
|
+
validate_login_id(login_id)
|
17
|
+
validate_password(password)
|
18
|
+
request_params = {
|
19
|
+
loginId: login_id,
|
20
|
+
password:
|
21
|
+
}
|
22
|
+
|
23
|
+
request_params[:user] = password_user_compose_update_body(**user) unless user.nil?
|
24
|
+
res = post(SIGN_UP_PASSWORD_PATH, request_params)
|
25
|
+
generate_jwt_response(response_body: res)
|
26
|
+
end
|
27
|
+
|
28
|
+
def password_sign_in(login_id: nil, password: nil, sso_app_id: nil)
|
29
|
+
# Sign-In an existing user utilizing password authentication. This endpoint will return the user's JWT..
|
30
|
+
# Return dict in the format
|
31
|
+
# {"jwts": [], "user": "", "firstSeen": "", "error": ""}
|
32
|
+
# Includes all the jwts tokens (session token, refresh token), token claims, and user information
|
33
|
+
validate_login_id(login_id)
|
34
|
+
validate_password(password)
|
35
|
+
request_params = {
|
36
|
+
loginId: login_id,
|
37
|
+
password:,
|
38
|
+
ssoAppId: sso_app_id
|
39
|
+
}
|
40
|
+
res = post(SIGN_IN_PASSWORD_PATH, request_params)
|
41
|
+
generate_jwt_response(response_body: res)
|
42
|
+
end
|
43
|
+
|
44
|
+
def password_replace(login_id: nil, old_password: nil, new_password: nil)
|
45
|
+
# Replace an existing user's password with a new password.
|
46
|
+
validate_login_id(login_id)
|
47
|
+
validate_password(old_password)
|
48
|
+
validate_password(new_password)
|
49
|
+
request_params = {
|
50
|
+
loginId: login_id,
|
51
|
+
oldPassword: old_password,
|
52
|
+
newPassword: new_password
|
53
|
+
}
|
54
|
+
post(REPLACE_PASSWORD_PATH, request_params)
|
55
|
+
end
|
56
|
+
|
57
|
+
def password_update(login_id: nil, new_password: nil, refresh_token: nil)
|
58
|
+
# Update an existing user's password with a new password.
|
59
|
+
validate_login_id(login_id)
|
60
|
+
validate_password(new_password)
|
61
|
+
validate_refresh_token_not_nil(refresh_token)
|
62
|
+
request_params = {
|
63
|
+
loginId: login_id,
|
64
|
+
newPassword: new_password
|
65
|
+
}
|
66
|
+
post(UPDATE_PASSWORD_PATH, request_params, {}, refresh_token)
|
67
|
+
end
|
68
|
+
|
69
|
+
def get_password_policy(refresh_token = nil)
|
70
|
+
# Get the configured password policy for the project.
|
71
|
+
get(PASSWORD_POLICY_PATH, {}, {}, refresh_token)
|
72
|
+
end
|
73
|
+
|
74
|
+
def password_reset(login_id: nil, redirect_url: nil, provider_id: nil, template_id: nil)
|
75
|
+
# Sends a password reset prompt to the user with the given
|
76
|
+
# login_id according to the password settings defined in the Descope console.
|
77
|
+
# NOTE: The user must be verified according to the configured password reset method.
|
78
|
+
validate_login_id(login_id)
|
79
|
+
post(SEND_RESET_PASSWORD_PATH,
|
80
|
+
loginId: login_id, redirectUrl: redirect_url, providerId: provider_id, templateId: template_id)
|
81
|
+
end
|
82
|
+
|
83
|
+
private
|
84
|
+
def password_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil, middle_name: nil, family_name: nil)
|
85
|
+
user = {}
|
86
|
+
user[:loginId] = login_id if login_id
|
87
|
+
user[:name] = name if name
|
88
|
+
user[:phone] = phone if phone
|
89
|
+
user[:email] = email if email
|
90
|
+
user[:givenName] = given_name if given_name
|
91
|
+
user[:middleName] = middle_name if middle_name
|
92
|
+
user[:familyName] = family_name if family_name
|
93
|
+
|
94
|
+
user
|
95
|
+
end
|
96
|
+
end
|
97
|
+
end
|
98
|
+
end
|
99
|
+
end
|
100
|
+
end
|