descope 1.0.4

Sign up to get free protection for your applications and to get access to all the features.
Files changed (197) hide show
  1. checksums.yaml +7 -0
  2. data/.github/workflows/ci.yaml +54 -0
  3. data/.gitignore +59 -0
  4. data/.release-please-manifest.json +3 -0
  5. data/.rubocop.yml +10 -0
  6. data/.rubocop_todo.yml +10 -0
  7. data/.ruby-version +1 -0
  8. data/CHANGELOG.md +90 -0
  9. data/Gemfile +22 -0
  10. data/Gemfile.lock +204 -0
  11. data/LICENSE +21 -0
  12. data/README.md +1171 -0
  13. data/Rakefile +31 -0
  14. data/descope.gemspec +34 -0
  15. data/examples/ruby/Gemfile +4 -0
  16. data/examples/ruby/Gemfile.lock +41 -0
  17. data/examples/ruby/access_key_app.rb +45 -0
  18. data/examples/ruby/enchantedlink_app.rb +65 -0
  19. data/examples/ruby/magiclink_app.rb +81 -0
  20. data/examples/ruby/management/Gemfile +5 -0
  21. data/examples/ruby/management/Gemfile.lock +38 -0
  22. data/examples/ruby/management/access_key_app.rb +71 -0
  23. data/examples/ruby/management/audit_app.rb +25 -0
  24. data/examples/ruby/management/authz_app.rb +135 -0
  25. data/examples/ruby/management/authz_files.json +229 -0
  26. data/examples/ruby/management/flow_app.rb +57 -0
  27. data/examples/ruby/management/permission_app.rb +56 -0
  28. data/examples/ruby/management/role_app.rb +58 -0
  29. data/examples/ruby/management/tenant_app.rb +60 -0
  30. data/examples/ruby/management/user_app.rb +60 -0
  31. data/examples/ruby/oauth_app.rb +39 -0
  32. data/examples/ruby/otp_app.rb +50 -0
  33. data/examples/ruby/password_app.rb +76 -0
  34. data/examples/ruby/saml_app.rb +38 -0
  35. data/examples/ruby-on-rails-api/descope/.dockerignore +37 -0
  36. data/examples/ruby-on-rails-api/descope/.gitattributes +9 -0
  37. data/examples/ruby-on-rails-api/descope/.gitignore +40 -0
  38. data/examples/ruby-on-rails-api/descope/.node-version +1 -0
  39. data/examples/ruby-on-rails-api/descope/.ruby-version +1 -0
  40. data/examples/ruby-on-rails-api/descope/Dockerfile +75 -0
  41. data/examples/ruby-on-rails-api/descope/Gemfile +67 -0
  42. data/examples/ruby-on-rails-api/descope/Gemfile.lock +284 -0
  43. data/examples/ruby-on-rails-api/descope/Procfile.dev +3 -0
  44. data/examples/ruby-on-rails-api/descope/README.md +54 -0
  45. data/examples/ruby-on-rails-api/descope/Rakefile +6 -0
  46. data/examples/ruby-on-rails-api/descope/app/assets/builds/.keep +0 -0
  47. data/examples/ruby-on-rails-api/descope/app/assets/config/manifest.js +3 -0
  48. data/examples/ruby-on-rails-api/descope/app/assets/images/.keep +0 -0
  49. data/examples/ruby-on-rails-api/descope/app/assets/images/descope.jpeg +0 -0
  50. data/examples/ruby-on-rails-api/descope/app/assets/images/favicon.ico +0 -0
  51. data/examples/ruby-on-rails-api/descope/app/assets/images/logo192.png +0 -0
  52. data/examples/ruby-on-rails-api/descope/app/assets/images/logo512.png +0 -0
  53. data/examples/ruby-on-rails-api/descope/app/assets/stylesheets/application.bootstrap.scss +67 -0
  54. data/examples/ruby-on-rails-api/descope/app/channels/application_cable/channel.rb +4 -0
  55. data/examples/ruby-on-rails-api/descope/app/channels/application_cable/connection.rb +4 -0
  56. data/examples/ruby-on-rails-api/descope/app/controllers/application_controller.rb +2 -0
  57. data/examples/ruby-on-rails-api/descope/app/controllers/concerns/.keep +0 -0
  58. data/examples/ruby-on-rails-api/descope/app/controllers/homepage_controller.rb +4 -0
  59. data/examples/ruby-on-rails-api/descope/app/controllers/session_controller.rb +66 -0
  60. data/examples/ruby-on-rails-api/descope/app/helpers/application_helper.rb +2 -0
  61. data/examples/ruby-on-rails-api/descope/app/helpers/homepage_helper.rb +2 -0
  62. data/examples/ruby-on-rails-api/descope/app/helpers/session_helper.rb +2 -0
  63. data/examples/ruby-on-rails-api/descope/app/javascript/App.css +53 -0
  64. data/examples/ruby-on-rails-api/descope/app/javascript/application.js +5 -0
  65. data/examples/ruby-on-rails-api/descope/app/javascript/components/App.jsx +4 -0
  66. data/examples/ruby-on-rails-api/descope/app/javascript/components/Dashboard.jsx +60 -0
  67. data/examples/ruby-on-rails-api/descope/app/javascript/components/Home.jsx +27 -0
  68. data/examples/ruby-on-rails-api/descope/app/javascript/components/Login.jsx +45 -0
  69. data/examples/ruby-on-rails-api/descope/app/javascript/components/Profile.jsx +81 -0
  70. data/examples/ruby-on-rails-api/descope/app/javascript/components/index.html +11 -0
  71. data/examples/ruby-on-rails-api/descope/app/javascript/components/index.jsx +24 -0
  72. data/examples/ruby-on-rails-api/descope/app/javascript/controllers/application.js +9 -0
  73. data/examples/ruby-on-rails-api/descope/app/javascript/controllers/index.js +5 -0
  74. data/examples/ruby-on-rails-api/descope/app/javascript/reportWebVitals.js +13 -0
  75. data/examples/ruby-on-rails-api/descope/app/javascript/routes/index.jsx +17 -0
  76. data/examples/ruby-on-rails-api/descope/app/jobs/application_job.rb +7 -0
  77. data/examples/ruby-on-rails-api/descope/app/mailers/application_mailer.rb +4 -0
  78. data/examples/ruby-on-rails-api/descope/app/models/application_record.rb +3 -0
  79. data/examples/ruby-on-rails-api/descope/app/models/concerns/.keep +0 -0
  80. data/examples/ruby-on-rails-api/descope/app/views/homepage/index.html.erb +2 -0
  81. data/examples/ruby-on-rails-api/descope/app/views/layouts/application.html.erb +16 -0
  82. data/examples/ruby-on-rails-api/descope/app/views/layouts/mailer.html.erb +13 -0
  83. data/examples/ruby-on-rails-api/descope/app/views/layouts/mailer.text.erb +1 -0
  84. data/examples/ruby-on-rails-api/descope/app/views/session/index.html.erb +2 -0
  85. data/examples/ruby-on-rails-api/descope/bin/bundle +109 -0
  86. data/examples/ruby-on-rails-api/descope/bin/dev +11 -0
  87. data/examples/ruby-on-rails-api/descope/bin/docker-entrypoint +8 -0
  88. data/examples/ruby-on-rails-api/descope/bin/rails +4 -0
  89. data/examples/ruby-on-rails-api/descope/bin/rake +4 -0
  90. data/examples/ruby-on-rails-api/descope/bin/setup +36 -0
  91. data/examples/ruby-on-rails-api/descope/build.js +30 -0
  92. data/examples/ruby-on-rails-api/descope/config/application.rb +42 -0
  93. data/examples/ruby-on-rails-api/descope/config/boot.rb +4 -0
  94. data/examples/ruby-on-rails-api/descope/config/cable.yml +10 -0
  95. data/examples/ruby-on-rails-api/descope/config/config.yml +9 -0
  96. data/examples/ruby-on-rails-api/descope/config/credentials.yml.enc +1 -0
  97. data/examples/ruby-on-rails-api/descope/config/database.yml +25 -0
  98. data/examples/ruby-on-rails-api/descope/config/environment.rb +5 -0
  99. data/examples/ruby-on-rails-api/descope/config/environments/development.rb +76 -0
  100. data/examples/ruby-on-rails-api/descope/config/environments/production.rb +97 -0
  101. data/examples/ruby-on-rails-api/descope/config/environments/test.rb +64 -0
  102. data/examples/ruby-on-rails-api/descope/config/initializers/assets.rb +13 -0
  103. data/examples/ruby-on-rails-api/descope/config/initializers/content_security_policy.rb +25 -0
  104. data/examples/ruby-on-rails-api/descope/config/initializers/filter_parameter_logging.rb +8 -0
  105. data/examples/ruby-on-rails-api/descope/config/initializers/inflections.rb +16 -0
  106. data/examples/ruby-on-rails-api/descope/config/initializers/load_config.rb +12 -0
  107. data/examples/ruby-on-rails-api/descope/config/initializers/permissions_policy.rb +13 -0
  108. data/examples/ruby-on-rails-api/descope/config/locales/en.yml +31 -0
  109. data/examples/ruby-on-rails-api/descope/config/puma.rb +35 -0
  110. data/examples/ruby-on-rails-api/descope/config/routes.rb +18 -0
  111. data/examples/ruby-on-rails-api/descope/config/storage.yml +34 -0
  112. data/examples/ruby-on-rails-api/descope/config.ru +6 -0
  113. data/examples/ruby-on-rails-api/descope/db/seeds.rb +9 -0
  114. data/examples/ruby-on-rails-api/descope/lib/assets/.keep +0 -0
  115. data/examples/ruby-on-rails-api/descope/lib/tasks/.keep +0 -0
  116. data/examples/ruby-on-rails-api/descope/log/.keep +0 -0
  117. data/examples/ruby-on-rails-api/descope/package-lock.json +19680 -0
  118. data/examples/ruby-on-rails-api/descope/package.json +51 -0
  119. data/examples/ruby-on-rails-api/descope/public/404.html +67 -0
  120. data/examples/ruby-on-rails-api/descope/public/422.html +67 -0
  121. data/examples/ruby-on-rails-api/descope/public/500.html +66 -0
  122. data/examples/ruby-on-rails-api/descope/public/apple-touch-icon-precomposed.png +0 -0
  123. data/examples/ruby-on-rails-api/descope/public/apple-touch-icon.png +0 -0
  124. data/examples/ruby-on-rails-api/descope/public/favicon.ico +0 -0
  125. data/examples/ruby-on-rails-api/descope/public/robots.txt +1 -0
  126. data/examples/ruby-on-rails-api/descope/storage/.keep +0 -0
  127. data/examples/ruby-on-rails-api/descope/tmp/.keep +0 -0
  128. data/examples/ruby-on-rails-api/descope/tmp/pids/.keep +0 -0
  129. data/examples/ruby-on-rails-api/descope/tmp/storage/.keep +0 -0
  130. data/examples/ruby-on-rails-api/descope/vendor/.keep +0 -0
  131. data/examples/ruby-on-rails-api/descope/yarn.lock +10780 -0
  132. data/lib/descope/api/v1/auth/enchantedlink.rb +156 -0
  133. data/lib/descope/api/v1/auth/magiclink.rb +170 -0
  134. data/lib/descope/api/v1/auth/oauth.rb +72 -0
  135. data/lib/descope/api/v1/auth/otp.rb +186 -0
  136. data/lib/descope/api/v1/auth/password.rb +100 -0
  137. data/lib/descope/api/v1/auth/saml.rb +48 -0
  138. data/lib/descope/api/v1/auth/totp.rb +72 -0
  139. data/lib/descope/api/v1/auth.rb +452 -0
  140. data/lib/descope/api/v1/management/access_key.rb +81 -0
  141. data/lib/descope/api/v1/management/audit.rb +82 -0
  142. data/lib/descope/api/v1/management/authz.rb +165 -0
  143. data/lib/descope/api/v1/management/common.rb +147 -0
  144. data/lib/descope/api/v1/management/flow.rb +55 -0
  145. data/lib/descope/api/v1/management/password.rb +58 -0
  146. data/lib/descope/api/v1/management/permission.rb +48 -0
  147. data/lib/descope/api/v1/management/project.rb +53 -0
  148. data/lib/descope/api/v1/management/role.rb +48 -0
  149. data/lib/descope/api/v1/management/scim.rb +206 -0
  150. data/lib/descope/api/v1/management/sso_settings.rb +153 -0
  151. data/lib/descope/api/v1/management/tenant.rb +71 -0
  152. data/lib/descope/api/v1/management/user.rb +619 -0
  153. data/lib/descope/api/v1/management.rb +38 -0
  154. data/lib/descope/api/v1/session.rb +84 -0
  155. data/lib/descope/api/v1.rb +13 -0
  156. data/lib/descope/client.rb +6 -0
  157. data/lib/descope/exception.rb +50 -0
  158. data/lib/descope/mixins/common.rb +129 -0
  159. data/lib/descope/mixins/headers.rb +15 -0
  160. data/lib/descope/mixins/http.rb +133 -0
  161. data/lib/descope/mixins/initializer.rb +80 -0
  162. data/lib/descope/mixins/logging.rb +30 -0
  163. data/lib/descope/mixins/validation.rb +79 -0
  164. data/lib/descope/mixins.rb +22 -0
  165. data/lib/descope/version.rb +7 -0
  166. data/lib/descope.rb +9 -0
  167. data/lib/descope_client.rb +5 -0
  168. data/release-please-config.json +18 -0
  169. data/renovate.json +6 -0
  170. data/spec/factories/user.rb +16 -0
  171. data/spec/lib.descope/api/v1/auth/enchantedlink_spec.rb +159 -0
  172. data/spec/lib.descope/api/v1/auth/magiclink_spec.rb +282 -0
  173. data/spec/lib.descope/api/v1/auth/oauth_spec.rb +117 -0
  174. data/spec/lib.descope/api/v1/auth/otp_spec.rb +285 -0
  175. data/spec/lib.descope/api/v1/auth/password_spec.rb +124 -0
  176. data/spec/lib.descope/api/v1/auth/saml_spec.rb +55 -0
  177. data/spec/lib.descope/api/v1/auth/totp_spec.rb +70 -0
  178. data/spec/lib.descope/api/v1/auth_spec.rb +372 -0
  179. data/spec/lib.descope/api/v1/management/access_key_spec.rb +118 -0
  180. data/spec/lib.descope/api/v1/management/audit_spec.rb +78 -0
  181. data/spec/lib.descope/api/v1/management/authz_spec.rb +336 -0
  182. data/spec/lib.descope/api/v1/management/flow_spec.rb +78 -0
  183. data/spec/lib.descope/api/v1/management/password_spec.rb +25 -0
  184. data/spec/lib.descope/api/v1/management/permission_spec.rb +81 -0
  185. data/spec/lib.descope/api/v1/management/project_spec.rb +63 -0
  186. data/spec/lib.descope/api/v1/management/role_spec.rb +85 -0
  187. data/spec/lib.descope/api/v1/management/scim_spec.rb +312 -0
  188. data/spec/lib.descope/api/v1/management/sso_settings_spec.rb +172 -0
  189. data/spec/lib.descope/api/v1/management/tenant_spec.rb +141 -0
  190. data/spec/lib.descope/api/v1/management/user_spec.rb +667 -0
  191. data/spec/lib.descope/api/v1/session_spec.rb +117 -0
  192. data/spec/lib.descope/client_spec.rb +40 -0
  193. data/spec/spec_helper.rb +72 -0
  194. data/spec/support/client_config.rb +14 -0
  195. data/spec/support/dummy_class.rb +36 -0
  196. data/spec/support/utils.rb +32 -0
  197. metadata +420 -0
@@ -0,0 +1,619 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Descope
4
+ module Api
5
+ module V1
6
+ module Management
7
+ # Management API calls
8
+ module User
9
+ include Descope::Api::V1::Management::Common
10
+
11
+ # Create a new user, using a valid management key.
12
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/CreateUser/
13
+ # Once the user is created, the user can then login utilizing any sign-in api supported. This will then switch the user from invited to active.
14
+ def create_user(**args)
15
+ @logger.debug("Creating user with args: #{args}")
16
+ user_create(**args)
17
+ end
18
+
19
+ # Batch Create Users, using a valid management key.
20
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/CreateUsers/
21
+ def create_batch_users(users = [])
22
+ users_params = []
23
+ users.each do |user|
24
+ users_params.append(user_create(**user.merge(skip_create: true)))
25
+ end
26
+ path = Common::USER_CREATE_BATCH_PATH
27
+ request_params = {
28
+ users: users_params
29
+ }
30
+ post(path, request_params)
31
+ end
32
+
33
+ # Create a new test user.
34
+ # The login_id is required and will determine what the user will use to sign in.
35
+ # Make sure the login id is unique for test. All other fields are optional.
36
+ # @see https://docs.descope.com/api/testusermanagement/
37
+ # Test User Management:
38
+ # 1. Create test Users
39
+ # 2. Generate OTP (sms/email) for test users
40
+ # 3. Generate Magic Link (sms/email) for test users
41
+ # 4. Generate Enchanted Link (email) for test users
42
+ # 5. Delete Test Users
43
+ def create_test_user(**args)
44
+ args[:test] = true
45
+ user_create(**args)
46
+ end
47
+
48
+ # Create a new user and invite them via an email message.
49
+ #
50
+ # Functions exactly the same as the `create` function with the additional invitation
51
+ # behavior. See the documentation above for the general creation behavior.
52
+ #
53
+ # IMPORTANT: Since the invitation is sent by email, make sure either
54
+ # the email is explicitly set, or the login_id itself is an email address.
55
+ # You must configure the invitation URL in the Descope console prior to
56
+ # calling the method.
57
+ def invite_user(**args)
58
+ args[:invite] = true
59
+ user_create(**args)
60
+ end
61
+
62
+ # Updates a user's details, using a valid management key.
63
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUser/
64
+ def update_user(
65
+ login_id: nil,
66
+ email: nil,
67
+ phone: nil,
68
+ name: nil,
69
+ given_name: nil,
70
+ middle_name: nil,
71
+ family_name: nil,
72
+ role_names: [],
73
+ user_tenants: [],
74
+ picture: nil,
75
+ custom_attributes: nil,
76
+ verified_email: nil,
77
+ verified_phone: nil,
78
+ additional_identifiers: [],
79
+ password: nil,
80
+ hashed_password: {},
81
+ sso_app_ids: []
82
+ )
83
+ role_names ||= []
84
+ user_tenants ||= []
85
+ path = Common::USER_UPDATE_PATH
86
+ request_params = user_compose_update_body(
87
+ login_id:,
88
+ email:,
89
+ phone:,
90
+ name:,
91
+ given_name:,
92
+ middle_name:,
93
+ family_name:,
94
+ role_names:,
95
+ user_tenants:,
96
+ picture:,
97
+ custom_attributes:,
98
+ verified_email:,
99
+ verified_phone:,
100
+ additional_identifiers:,
101
+ password:,
102
+ hashed_password:,
103
+ sso_app_ids:
104
+ )
105
+ post(path, request_params)
106
+ end
107
+
108
+ # Delete a user, using a valid management key.
109
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/DeleteUser/
110
+ def delete_user(login_id = nil)
111
+ validate_login_id(login_id)
112
+ path = Common::USER_DELETE_PATH
113
+ request_params = {
114
+ loginId: login_id
115
+ }
116
+ post(path, request_params)
117
+ end
118
+
119
+ def delete_all_test_users
120
+ path = Common::USER_DELETE_ALL_TEST_USERS_PATH
121
+ delete(path)
122
+ end
123
+
124
+ # Load a user's data, using a valid management key.
125
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/LoadUser/
126
+ def load_user(login_id)
127
+ @logger.debug("Loading user with login_id: #{login_id}")
128
+ # Retrieve user information based on the provided Login ID
129
+ validate_login_id(login_id)
130
+
131
+ request_params = {
132
+ loginId: login_id
133
+ }
134
+ path = Common::USER_LOAD_PATH
135
+ get(path, request_params)
136
+ end
137
+
138
+ # Load a user's data, using a valid management key by user id.
139
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/LoadUser/
140
+ def load_by_user_id(user_id)
141
+ # Retrieve user information based on the provided user ID
142
+ # The user ID can be found on the user's JWT.
143
+ validate_user_id(user_id)
144
+
145
+ path = Common::USER_LOAD_PATH
146
+ request_params = {
147
+ userId: user_id
148
+ }
149
+ get(path, request_params)
150
+ end
151
+
152
+ # Log a user out of all sessions, using a valid management key.
153
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/LogoutAllUserDevices/
154
+ def logout_user(login_id)
155
+ validate_login_id(login_id)
156
+ path = Common::USER_LOGOUT_PATH
157
+ request_params = {
158
+ loginId: login_id
159
+ }
160
+ post(path, request_params)
161
+ end
162
+
163
+ def logout_user_by_id(user_id)
164
+ validate_user_id(user_id)
165
+ path = Common::USER_LOGOUT_PATH
166
+ request_params = {
167
+ userId: user_id
168
+ }
169
+ post(path, request_params)
170
+ end
171
+
172
+ # Search for users, using a valid management key.
173
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/SearchUsers/
174
+ def search_all_users(
175
+ login_id: nil,
176
+ tenant_ids: [],
177
+ role_names: [],
178
+ text: nil,
179
+ limit: 0,
180
+ page: 0,
181
+ sso_only: false,
182
+ test_users_only: false,
183
+ with_test_user: false,
184
+ custom_attributes: {},
185
+ statuses: [],
186
+ emails: [],
187
+ phones: [],
188
+ sso_app_ids: []
189
+ )
190
+ body = {
191
+ loginId: login_id,
192
+ tenantIds: tenant_ids,
193
+ roleNames: role_names,
194
+ ssoOnly: sso_only,
195
+ limit:,
196
+ page:,
197
+ text:,
198
+ testUsersOnly: test_users_only,
199
+ withTestUser: with_test_user,
200
+ ssoAppIds: sso_app_ids,
201
+ }
202
+ body[:statuses] = statuses unless statuses.empty?
203
+ body[:emails] = emails unless emails.empty?
204
+ body[:phones] = phones unless phones.empty?
205
+ body[:customAttributes] = custom_attributes unless custom_attributes.empty?
206
+ body[:limit] = limit unless limit.zero?
207
+ body[:page] = page unless page.zero?
208
+ body[:text] = text unless text.nil?
209
+ body[:testUsersOnly] = test_users_only unless test_users_only.nil?
210
+ body[:withTestUser] = with_test_user unless with_test_user.nil?
211
+ body[:ssoOnly] = sso_only unless sso_only.nil?
212
+ body[:ssoAppIds] = sso_app_ids unless sso_app_ids.empty?
213
+ body[:tenantIds] = tenant_ids unless tenant_ids.empty?
214
+ body[:roleNames] = role_names unless role_names.empty?
215
+ post(Common::USERS_SEARCH_PATH, body)
216
+ end
217
+
218
+ # Get an existing user's provider token, using a valid management key.
219
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/GetUserProviderToken/
220
+ def get_provider_token(login_id: nil, provider: nil)
221
+ path = Common::USER_GET_PROVIDER_TOKEN
222
+ request_params = {
223
+ loginId: login_id,
224
+ provider: provider
225
+ }
226
+ get(path, request_params)
227
+ end
228
+
229
+ # Updates an existing user's status, using a valid management key.
230
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUserStatus/
231
+ def activate(login_id)
232
+ validate_login_id(login_id)
233
+ path = Common::USER_UPDATE_STATUS_PATH
234
+ request_params = {
235
+ loginId: login_id,
236
+ status: 'enabled'
237
+ }
238
+ post(path, request_params)
239
+ end
240
+
241
+ def deactivate(login_id)
242
+ validate_login_id(login_id)
243
+ path = Common::USER_UPDATE_STATUS_PATH
244
+ request_params = {
245
+ loginId: login_id,
246
+ status: 'disabled'
247
+ }
248
+ post(path, request_params)
249
+ end
250
+
251
+ # Updates an existing user's login ID, using a valid management key.
252
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUserLoginID/
253
+ def update_login_id(login_id: nil, new_login_id: nil)
254
+ validate_login_id(login_id)
255
+ path = Common::USER_UPDATE_LOGIN_ID_PATH
256
+ request_params = {
257
+ loginId: login_id,
258
+ newLoginId: new_login_id
259
+ }
260
+ post(path, request_params)
261
+ end
262
+
263
+ # Updates an existing user's email, using a valid management key.
264
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUserEmail/
265
+ def update_email(login_id: nil, email: nil, verified: true)
266
+ @logger.debug("Updating user's email with login_id: #{login_id} to #{email} verified: #{verified}")
267
+ path = Common::USER_UPDATE_EMAIL_PATH
268
+ request_params = {
269
+ loginId: login_id,
270
+ email:,
271
+ verified:
272
+ }
273
+ post(path, request_params)
274
+ end
275
+
276
+ # Updates an existing user's phone number, using a valid management key.
277
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUserPhone/
278
+ def update_phone(login_id: nil, phone: nil, verified: true)
279
+ path = Common::USER_UPDATE_PHONE_PATH
280
+ request_params = {
281
+ loginId: login_id,
282
+ phone:,
283
+ verified:
284
+ }
285
+ post(path, request_params)
286
+ end
287
+
288
+ # Updates an existing user's display name, using a valid management key.
289
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUserDisplayName/
290
+ def update_display_name(
291
+ login_id: nil,
292
+ name: nil,
293
+ given_name: nil,
294
+ middle_name: nil,
295
+ family_name: nil
296
+ )
297
+ body = { loginId: login_id }
298
+ body[:name] = name unless name.nil?
299
+ body[:givenName] = given_name unless given_name.nil?
300
+ body[:middleName] = middle_name unless middle_name.nil?
301
+ body[:familyName] = family_name unless family_name.nil?
302
+ post(Common::USER_UPDATE_NAME_PATH, body)
303
+ end
304
+
305
+ # Update an existing user's profile picture, using a valid management key.
306
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUserPicture/
307
+ def update_picture(login_id: nil, picture: nil)
308
+ body = {
309
+ loginId: login_id,
310
+ picture: picture
311
+ }
312
+ post(Common::USER_UPDATE_PICTURE_PATH, body)
313
+ end
314
+
315
+ # Update an existing user's custom attributes, using a valid management key.
316
+ # @see https://docs.descope.com/api/openapi/usermanagement/operation/UpdateUserCustomAttribute/
317
+ def update_custom_attribute(login_id: nil, attribute_key: nil, attribute_value: nil)
318
+ @logger.debug("Updating user's custom attribute with login_id: #{login_id} to #{attribute_key}: #{attribute_value}")
319
+ body = {
320
+ loginId: login_id,
321
+ attributeKey: attribute_key,
322
+ attributeValue: attribute_value
323
+ }
324
+ post(Common::USER_UPDATE_CUSTOM_ATTRIBUTE_PATH, body)
325
+ end
326
+
327
+ def update_jwt(jwt: nil, custom_claims: nil)
328
+ body = {
329
+ jwt:,
330
+ customClaims: custom_claims,
331
+ }
332
+ post(Common::UPDATE_JWT_PATH, body)
333
+ end
334
+
335
+ #
336
+ def user_add_roles(login_id: nil, tenant_id: nil, role_names: [])
337
+ body = {
338
+ loginId: login_id,
339
+ roleNames: role_names,
340
+ tenantId: tenant_id
341
+ }
342
+ post(Common::USER_ADD_ROLE_PATH, body)
343
+ end
344
+
345
+ def user_remove_roles(login_id: nil, tenant_id:nil, role_names: [])
346
+ body = {
347
+ loginId: login_id,
348
+ roleNames: role_names,
349
+ tenantId: tenant_id
350
+ }
351
+ post(Common::USER_REMOVE_ROLE_PATH, body)
352
+ end
353
+
354
+ def user_add_tenant(login_id: nil, tenant_id: nil)
355
+ body = {
356
+ loginId: login_id,
357
+ tenantId: tenant_id
358
+ }
359
+ post(Common::USER_ADD_TENANT_PATH, body)
360
+ end
361
+
362
+ def user_remove_tenant(login_id: nil, tenant_id: nil)
363
+ body = {
364
+ loginId: login_id,
365
+ tenantId: tenant_id
366
+ }
367
+ post(Common::USER_REMOVE_TENANT_PATH, body)
368
+ end
369
+
370
+ def add_tenant_role(login_id: nil, tenant_id: nil, role_names: [])
371
+ body = {
372
+ loginId: login_id,
373
+ tenantId: tenant_id,
374
+ roleNames: role_names
375
+ }
376
+ post(Common::USER_ADD_TENANT_PATH, body)
377
+ end
378
+
379
+ def user_remove_tenant_roles(login_id: nil, tenant_id: nil, role_names: [])
380
+ body = {
381
+ loginId: login_id,
382
+ tenantId: tenant_id,
383
+ roleNames: role_names
384
+ }
385
+ post(Common::USER_REMOVE_TENANT_PATH, body)
386
+ end
387
+
388
+ def set_password(login_id: nil, password: nil)
389
+ body = {
390
+ loginId: login_id,
391
+ password:
392
+ }
393
+ post(Common::USER_SET_PASSWORD_PATH, body)
394
+ end
395
+
396
+ def expire_password(login_id)
397
+ validate_login_id(login_id)
398
+ body = {
399
+ loginId: login_id
400
+ }
401
+ post(Common::USER_EXPIRE_PASSWORD_PATH, body)
402
+ end
403
+
404
+ def generate_otp_for_test_user(method: nil, login_id: nil)
405
+ body = {
406
+ loginId: login_id,
407
+ deliveryMethod: get_method_string(method)
408
+ }
409
+ post(Common::USER_GENERATE_OTP_FOR_TEST_PATH, body)
410
+ end
411
+
412
+ def generate_magic_link_for_test_user(method: nil, login_id: nil, uri: nil)
413
+ body = {
414
+ loginId: login_id,
415
+ deliveryMethod: get_method_string(method),
416
+ URI: uri
417
+ }
418
+ post(Common::USER_GENERATE_MAGIC_LINK_FOR_TEST_PATH, body)
419
+ end
420
+
421
+ def generate_enchanted_link_for_test_user(login_id: nil, uri: nil)
422
+ body = {
423
+ loginId: login_id,
424
+ URI: uri
425
+ }
426
+ post(Common::USER_GENERATE_ENCHANTED_LINK_FOR_TEST_PATH, body)
427
+ end
428
+
429
+ def generate_embedded_link(login_id: nil, custom_claims: nil)
430
+ custom_claims ||= {}
431
+ unless custom_claims.is_a?(Hash)
432
+ raise Descope::ArgumentException.new(
433
+ 'Unable to read custom_claims, not a Hash',
434
+ code: 400
435
+ )
436
+ end
437
+
438
+ validate_login_id(login_id)
439
+ request_params = {
440
+ loginId: login_id,
441
+ customClaims: custom_claims.to_h
442
+ }
443
+ post(USER_GENERATE_EMBEDDED_LINK_PATH, request_params)
444
+ end
445
+
446
+
447
+ private
448
+
449
+ def user_create(
450
+ login_id: nil,
451
+ email: nil,
452
+ phone: nil,
453
+ verified_email: nil,
454
+ verified_phone: nil,
455
+ name: nil,
456
+ role_names: [],
457
+ user_tenants: [],
458
+ invite: false,
459
+ test: false,
460
+ custom_attributes: nil,
461
+ picture: nil,
462
+ send_mail: nil,
463
+ send_sms: nil,
464
+ additional_identifiers: [],
465
+ invite_url: nil,
466
+ password: nil,
467
+ hashed_password: {},
468
+ given_name: nil,
469
+ middle_name: nil,
470
+ family_name: nil,
471
+ sso_app_ids: [],
472
+ skip_create: false
473
+ )
474
+ role_names ||= []
475
+ user_tenants ||= []
476
+ path = Common::USER_CREATE_PATH
477
+ request_params = user_compose_create_body(
478
+ login_id:,
479
+ email:,
480
+ phone:,
481
+ name:,
482
+ given_name:,
483
+ middle_name:,
484
+ family_name:,
485
+ role_names:,
486
+ user_tenants:,
487
+ invite:,
488
+ test:,
489
+ picture:,
490
+ custom_attributes:,
491
+ verified_email:,
492
+ verified_phone:,
493
+ invite_url:,
494
+ send_mail:,
495
+ send_sms:,
496
+ additional_identifiers:,
497
+ password:,
498
+ hashed_password:,
499
+ sso_app_ids:
500
+ )
501
+ return request_params if skip_create
502
+
503
+ post(path, request_params)
504
+ end
505
+
506
+ def user_compose_create_body(
507
+ login_id: nil,
508
+ email: nil,
509
+ phone: nil,
510
+ name: nil,
511
+ given_name: nil,
512
+ middle_name: nil,
513
+ family_name: nil,
514
+ role_names: nil,
515
+ user_tenants: nil,
516
+ invite: false,
517
+ test: false,
518
+ picture: nil,
519
+ custom_attributes: nil,
520
+ verified_email: nil,
521
+ verified_phone: nil,
522
+ invite_url: nil,
523
+ send_mail: nil,
524
+ send_sms: nil,
525
+ additional_identifiers: [],
526
+ password: nil,
527
+ hashed_password: {},
528
+ sso_app_ids: []
529
+ )
530
+ body = user_compose_update_body(
531
+ login_id:,
532
+ email:,
533
+ phone:,
534
+ name:,
535
+ given_name:,
536
+ middle_name:,
537
+ family_name:,
538
+ role_names:,
539
+ user_tenants:,
540
+ test:,
541
+ invite:,
542
+ picture:,
543
+ custom_attributes:,
544
+ additional_identifiers:,
545
+ password:,
546
+ hashed_password:,
547
+ sso_app_ids:
548
+ )
549
+ body[:invite] = invite
550
+ body[:verifiedEmail] = verified_email unless verified_email.nil? || !verified_email.empty?
551
+ body[:verifiedPhone] = verified_phone unless verified_phone.nil? || !verified_phone.empty?
552
+ body[:inviteUrl] = invite_url unless invite_url.nil? || !invite_url.empty?
553
+ body[:sendMail] = send_mail unless send_mail.nil? || !send_mail.empty?
554
+ body[:sendSMS] = send_sms unless send_sms.nil? || !send_sms.empty?
555
+
556
+ body
557
+ end
558
+
559
+ def user_compose_update_body(
560
+ login_id: nil,
561
+ email: nil,
562
+ phone: nil,
563
+ name: nil,
564
+ given_name: nil,
565
+ middle_name: nil,
566
+ family_name: nil,
567
+ role_names: nil,
568
+ user_tenants: nil,
569
+ test: false,
570
+ invite: false,
571
+ picture: nil,
572
+ custom_attributes: nil,
573
+ verified_email: nil,
574
+ verified_phone: nil,
575
+ additional_identifiers: [],
576
+ password: nil,
577
+ hashed_password: {},
578
+ sso_app_ids: []
579
+ )
580
+ body = {
581
+ loginId: login_id,
582
+ }
583
+ if (hashed_password.nil? || hashed_password.empty?) && (!password.nil? && !password.empty?)
584
+ body[:password] = password
585
+ end
586
+
587
+ if password.nil? && (!hashed_password.nil? && !hashed_password.empty?)
588
+ unless hashed_password.is_a?(Hash)
589
+ raise Descope::ArgumentException.new(
590
+ 'Invalid password hash', code: 400
591
+ )
592
+ end
593
+
594
+ body[:hashedPassword] = hashed_password.to_hash
595
+ end
596
+
597
+ body[:email] = email unless email.nil? || email.empty?
598
+ body[:phone] = phone unless phone.nil? || phone.empty?
599
+ body[:name] = name unless name.nil? || name.empty?
600
+ body[:roleNames] = role_names unless role_names.nil? || role_names.empty?
601
+ body[:userTenants] = associated_tenants_to_hash_array(user_tenants) unless user_tenants.nil? || user_tenants.empty?
602
+ body[:test] = test unless test.nil?
603
+ body[:invite] = invite unless invite.nil?
604
+ body[:picture] = picture unless picture.nil? || picture.empty?
605
+ body[:customAttributes] = custom_attributes unless custom_attributes.nil? || custom_attributes.empty?
606
+ body[:additionalIdentifiers] = additional_identifiers unless additional_identifiers.nil? || additional_identifiers.empty?
607
+ body[:ssoAppIds] = sso_app_ids unless sso_app_ids.nil? || sso_app_ids.empty?
608
+ body[:verifiedEmail] = verified_email unless verified_email.nil? || !verified_email.to_s.empty?
609
+ body[:givenName] = given_name unless given_name.nil?
610
+ body[:middleName] = middle_name unless middle_name.nil?
611
+ body[:familyName] = family_name unless family_name.nil?
612
+ body[:verifiedPhone] = verified_phone unless verified_phone.nil?
613
+ body
614
+ end
615
+ end
616
+ end
617
+ end
618
+ end
619
+ end
@@ -0,0 +1,38 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'descope/api/v1/management/common'
4
+ require 'descope/api/v1/management/user'
5
+ require 'descope/api/v1/management/flow'
6
+ require 'descope/api/v1/management/access_key'
7
+ require 'descope/api/v1/management/tenant'
8
+ require 'descope/api/v1/management/permission'
9
+ require 'descope/api/v1/management/role'
10
+ require 'descope/api/v1/management/project'
11
+ require 'descope/api/v1/management/authz'
12
+ require 'descope/api/v1/management/audit'
13
+ require 'descope/api/v1/management/sso_settings'
14
+ require 'descope/api/v1/management/scim'
15
+ require 'descope/api/v1/management/password'
16
+
17
+ module Descope
18
+ module Api
19
+ module V1
20
+ # Holds all the management API calls
21
+ module Management
22
+ include Descope::Api::V1::Management::Common
23
+ include Descope::Api::V1::Management::User
24
+ include Descope::Api::V1::Management::Flow
25
+ include Descope::Api::V1::Management::AccessKey
26
+ include Descope::Api::V1::Management::Tenant
27
+ include Descope::Api::V1::Management::Permission
28
+ include Descope::Api::V1::Management::Role
29
+ include Descope::Api::V1::Management::Project
30
+ include Descope::Api::V1::Management::Authz
31
+ include Descope::Api::V1::Management::Audit
32
+ include Descope::Api::V1::Management::SSOSettings
33
+ include Descope::Api::V1::Management::SCIM
34
+ include Descope::Api::V1::Management::Password
35
+ end
36
+ end
37
+ end
38
+ end