descope 1.0.4
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/workflows/ci.yaml +54 -0
- data/.gitignore +59 -0
- data/.release-please-manifest.json +3 -0
- data/.rubocop.yml +10 -0
- data/.rubocop_todo.yml +10 -0
- data/.ruby-version +1 -0
- data/CHANGELOG.md +90 -0
- data/Gemfile +22 -0
- data/Gemfile.lock +204 -0
- data/LICENSE +21 -0
- data/README.md +1171 -0
- data/Rakefile +31 -0
- data/descope.gemspec +34 -0
- data/examples/ruby/Gemfile +4 -0
- data/examples/ruby/Gemfile.lock +41 -0
- data/examples/ruby/access_key_app.rb +45 -0
- data/examples/ruby/enchantedlink_app.rb +65 -0
- data/examples/ruby/magiclink_app.rb +81 -0
- data/examples/ruby/management/Gemfile +5 -0
- data/examples/ruby/management/Gemfile.lock +38 -0
- data/examples/ruby/management/access_key_app.rb +71 -0
- data/examples/ruby/management/audit_app.rb +25 -0
- data/examples/ruby/management/authz_app.rb +135 -0
- data/examples/ruby/management/authz_files.json +229 -0
- data/examples/ruby/management/flow_app.rb +57 -0
- data/examples/ruby/management/permission_app.rb +56 -0
- data/examples/ruby/management/role_app.rb +58 -0
- data/examples/ruby/management/tenant_app.rb +60 -0
- data/examples/ruby/management/user_app.rb +60 -0
- data/examples/ruby/oauth_app.rb +39 -0
- data/examples/ruby/otp_app.rb +50 -0
- data/examples/ruby/password_app.rb +76 -0
- data/examples/ruby/saml_app.rb +38 -0
- data/examples/ruby-on-rails-api/descope/.dockerignore +37 -0
- data/examples/ruby-on-rails-api/descope/.gitattributes +9 -0
- data/examples/ruby-on-rails-api/descope/.gitignore +40 -0
- data/examples/ruby-on-rails-api/descope/.node-version +1 -0
- data/examples/ruby-on-rails-api/descope/.ruby-version +1 -0
- data/examples/ruby-on-rails-api/descope/Dockerfile +75 -0
- data/examples/ruby-on-rails-api/descope/Gemfile +67 -0
- data/examples/ruby-on-rails-api/descope/Gemfile.lock +284 -0
- data/examples/ruby-on-rails-api/descope/Procfile.dev +3 -0
- data/examples/ruby-on-rails-api/descope/README.md +54 -0
- data/examples/ruby-on-rails-api/descope/Rakefile +6 -0
- data/examples/ruby-on-rails-api/descope/app/assets/builds/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/config/manifest.js +3 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/descope.jpeg +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/favicon.ico +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/logo192.png +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/images/logo512.png +0 -0
- data/examples/ruby-on-rails-api/descope/app/assets/stylesheets/application.bootstrap.scss +67 -0
- data/examples/ruby-on-rails-api/descope/app/channels/application_cable/channel.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/channels/application_cable/connection.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/application_controller.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/concerns/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/homepage_controller.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/controllers/session_controller.rb +66 -0
- data/examples/ruby-on-rails-api/descope/app/helpers/application_helper.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/helpers/homepage_helper.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/helpers/session_helper.rb +2 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/App.css +53 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/application.js +5 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/App.jsx +4 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Dashboard.jsx +60 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Home.jsx +27 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Login.jsx +45 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/Profile.jsx +81 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/index.html +11 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/components/index.jsx +24 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/controllers/application.js +9 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/controllers/index.js +5 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/reportWebVitals.js +13 -0
- data/examples/ruby-on-rails-api/descope/app/javascript/routes/index.jsx +17 -0
- data/examples/ruby-on-rails-api/descope/app/jobs/application_job.rb +7 -0
- data/examples/ruby-on-rails-api/descope/app/mailers/application_mailer.rb +4 -0
- data/examples/ruby-on-rails-api/descope/app/models/application_record.rb +3 -0
- data/examples/ruby-on-rails-api/descope/app/models/concerns/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/app/views/homepage/index.html.erb +2 -0
- data/examples/ruby-on-rails-api/descope/app/views/layouts/application.html.erb +16 -0
- data/examples/ruby-on-rails-api/descope/app/views/layouts/mailer.html.erb +13 -0
- data/examples/ruby-on-rails-api/descope/app/views/layouts/mailer.text.erb +1 -0
- data/examples/ruby-on-rails-api/descope/app/views/session/index.html.erb +2 -0
- data/examples/ruby-on-rails-api/descope/bin/bundle +109 -0
- data/examples/ruby-on-rails-api/descope/bin/dev +11 -0
- data/examples/ruby-on-rails-api/descope/bin/docker-entrypoint +8 -0
- data/examples/ruby-on-rails-api/descope/bin/rails +4 -0
- data/examples/ruby-on-rails-api/descope/bin/rake +4 -0
- data/examples/ruby-on-rails-api/descope/bin/setup +36 -0
- data/examples/ruby-on-rails-api/descope/build.js +30 -0
- data/examples/ruby-on-rails-api/descope/config/application.rb +42 -0
- data/examples/ruby-on-rails-api/descope/config/boot.rb +4 -0
- data/examples/ruby-on-rails-api/descope/config/cable.yml +10 -0
- data/examples/ruby-on-rails-api/descope/config/config.yml +9 -0
- data/examples/ruby-on-rails-api/descope/config/credentials.yml.enc +1 -0
- data/examples/ruby-on-rails-api/descope/config/database.yml +25 -0
- data/examples/ruby-on-rails-api/descope/config/environment.rb +5 -0
- data/examples/ruby-on-rails-api/descope/config/environments/development.rb +76 -0
- data/examples/ruby-on-rails-api/descope/config/environments/production.rb +97 -0
- data/examples/ruby-on-rails-api/descope/config/environments/test.rb +64 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/assets.rb +13 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/content_security_policy.rb +25 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/filter_parameter_logging.rb +8 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/inflections.rb +16 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/load_config.rb +12 -0
- data/examples/ruby-on-rails-api/descope/config/initializers/permissions_policy.rb +13 -0
- data/examples/ruby-on-rails-api/descope/config/locales/en.yml +31 -0
- data/examples/ruby-on-rails-api/descope/config/puma.rb +35 -0
- data/examples/ruby-on-rails-api/descope/config/routes.rb +18 -0
- data/examples/ruby-on-rails-api/descope/config/storage.yml +34 -0
- data/examples/ruby-on-rails-api/descope/config.ru +6 -0
- data/examples/ruby-on-rails-api/descope/db/seeds.rb +9 -0
- data/examples/ruby-on-rails-api/descope/lib/assets/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/lib/tasks/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/log/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/package-lock.json +19680 -0
- data/examples/ruby-on-rails-api/descope/package.json +51 -0
- data/examples/ruby-on-rails-api/descope/public/404.html +67 -0
- data/examples/ruby-on-rails-api/descope/public/422.html +67 -0
- data/examples/ruby-on-rails-api/descope/public/500.html +66 -0
- data/examples/ruby-on-rails-api/descope/public/apple-touch-icon-precomposed.png +0 -0
- data/examples/ruby-on-rails-api/descope/public/apple-touch-icon.png +0 -0
- data/examples/ruby-on-rails-api/descope/public/favicon.ico +0 -0
- data/examples/ruby-on-rails-api/descope/public/robots.txt +1 -0
- data/examples/ruby-on-rails-api/descope/storage/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/tmp/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/tmp/pids/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/tmp/storage/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/vendor/.keep +0 -0
- data/examples/ruby-on-rails-api/descope/yarn.lock +10780 -0
- data/lib/descope/api/v1/auth/enchantedlink.rb +156 -0
- data/lib/descope/api/v1/auth/magiclink.rb +170 -0
- data/lib/descope/api/v1/auth/oauth.rb +72 -0
- data/lib/descope/api/v1/auth/otp.rb +186 -0
- data/lib/descope/api/v1/auth/password.rb +100 -0
- data/lib/descope/api/v1/auth/saml.rb +48 -0
- data/lib/descope/api/v1/auth/totp.rb +72 -0
- data/lib/descope/api/v1/auth.rb +452 -0
- data/lib/descope/api/v1/management/access_key.rb +81 -0
- data/lib/descope/api/v1/management/audit.rb +82 -0
- data/lib/descope/api/v1/management/authz.rb +165 -0
- data/lib/descope/api/v1/management/common.rb +147 -0
- data/lib/descope/api/v1/management/flow.rb +55 -0
- data/lib/descope/api/v1/management/password.rb +58 -0
- data/lib/descope/api/v1/management/permission.rb +48 -0
- data/lib/descope/api/v1/management/project.rb +53 -0
- data/lib/descope/api/v1/management/role.rb +48 -0
- data/lib/descope/api/v1/management/scim.rb +206 -0
- data/lib/descope/api/v1/management/sso_settings.rb +153 -0
- data/lib/descope/api/v1/management/tenant.rb +71 -0
- data/lib/descope/api/v1/management/user.rb +619 -0
- data/lib/descope/api/v1/management.rb +38 -0
- data/lib/descope/api/v1/session.rb +84 -0
- data/lib/descope/api/v1.rb +13 -0
- data/lib/descope/client.rb +6 -0
- data/lib/descope/exception.rb +50 -0
- data/lib/descope/mixins/common.rb +129 -0
- data/lib/descope/mixins/headers.rb +15 -0
- data/lib/descope/mixins/http.rb +133 -0
- data/lib/descope/mixins/initializer.rb +80 -0
- data/lib/descope/mixins/logging.rb +30 -0
- data/lib/descope/mixins/validation.rb +79 -0
- data/lib/descope/mixins.rb +22 -0
- data/lib/descope/version.rb +7 -0
- data/lib/descope.rb +9 -0
- data/lib/descope_client.rb +5 -0
- data/release-please-config.json +18 -0
- data/renovate.json +6 -0
- data/spec/factories/user.rb +16 -0
- data/spec/lib.descope/api/v1/auth/enchantedlink_spec.rb +159 -0
- data/spec/lib.descope/api/v1/auth/magiclink_spec.rb +282 -0
- data/spec/lib.descope/api/v1/auth/oauth_spec.rb +117 -0
- data/spec/lib.descope/api/v1/auth/otp_spec.rb +285 -0
- data/spec/lib.descope/api/v1/auth/password_spec.rb +124 -0
- data/spec/lib.descope/api/v1/auth/saml_spec.rb +55 -0
- data/spec/lib.descope/api/v1/auth/totp_spec.rb +70 -0
- data/spec/lib.descope/api/v1/auth_spec.rb +372 -0
- data/spec/lib.descope/api/v1/management/access_key_spec.rb +118 -0
- data/spec/lib.descope/api/v1/management/audit_spec.rb +78 -0
- data/spec/lib.descope/api/v1/management/authz_spec.rb +336 -0
- data/spec/lib.descope/api/v1/management/flow_spec.rb +78 -0
- data/spec/lib.descope/api/v1/management/password_spec.rb +25 -0
- data/spec/lib.descope/api/v1/management/permission_spec.rb +81 -0
- data/spec/lib.descope/api/v1/management/project_spec.rb +63 -0
- data/spec/lib.descope/api/v1/management/role_spec.rb +85 -0
- data/spec/lib.descope/api/v1/management/scim_spec.rb +312 -0
- data/spec/lib.descope/api/v1/management/sso_settings_spec.rb +172 -0
- data/spec/lib.descope/api/v1/management/tenant_spec.rb +141 -0
- data/spec/lib.descope/api/v1/management/user_spec.rb +667 -0
- data/spec/lib.descope/api/v1/session_spec.rb +117 -0
- data/spec/lib.descope/client_spec.rb +40 -0
- data/spec/spec_helper.rb +72 -0
- data/spec/support/client_config.rb +14 -0
- data/spec/support/dummy_class.rb +36 -0
- data/spec/support/utils.rb +32 -0
- metadata +420 -0
data/Rakefile
ADDED
@@ -0,0 +1,31 @@
|
|
1
|
+
#!/usr/bin/env rake
|
2
|
+
require 'bundler/gem_tasks'
|
3
|
+
|
4
|
+
begin
|
5
|
+
require 'rubocop/rake_task'
|
6
|
+
|
7
|
+
require 'rspec/core/rake_task'
|
8
|
+
|
9
|
+
desc 'Run Rubocop'
|
10
|
+
RuboCop::RakeTask.new(:rubocop)
|
11
|
+
|
12
|
+
desc 'Run Integration Tests'
|
13
|
+
RSpec::Core::RakeTask.new(:integration) do |t|
|
14
|
+
t.pattern = FileList["spec/integration/**/*#{ENV['PATTERN']}*_spec.rb"]
|
15
|
+
end
|
16
|
+
|
17
|
+
desc 'Run Unit Tests'
|
18
|
+
RSpec::Core::RakeTask.new(:spec) do |t|
|
19
|
+
t.pattern = FileList["spec/lib/descope/**/*#{ENV['PATTERN']}*_spec.rb"]
|
20
|
+
end
|
21
|
+
|
22
|
+
desc 'Run All Suites'
|
23
|
+
RSpec::Core::RakeTask.new(:all)
|
24
|
+
|
25
|
+
desc 'Run unit and integration tests'
|
26
|
+
task test: [:spec, :integration]
|
27
|
+
|
28
|
+
task default: [:rubocop, :test]
|
29
|
+
rescue LoadError
|
30
|
+
puts 'Load Error - No RSpec'
|
31
|
+
end
|
data/descope.gemspec
ADDED
@@ -0,0 +1,34 @@
|
|
1
|
+
# -*- encoding: utf-8 -*-
|
2
|
+
$LOAD_PATH.push File.expand_path('../lib', __FILE__)
|
3
|
+
require 'descope/version'
|
4
|
+
|
5
|
+
Gem::Specification.new do |s|
|
6
|
+
s.name = 'descope'
|
7
|
+
s.version = Descope::VERSION
|
8
|
+
s.authors = ['Descope']
|
9
|
+
s.email = ['support@descope.com']
|
10
|
+
s.homepage = 'https://github.com/descope/descope-ruby-sdk'
|
11
|
+
s.summary = 'Descope API Client'
|
12
|
+
s.description = 'Ruby API Client for Descope API https://descope.com'
|
13
|
+
|
14
|
+
s.files = `git ls-files`.split("\n")
|
15
|
+
s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
|
16
|
+
s.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
|
17
|
+
s.require_paths = ['lib']
|
18
|
+
|
19
|
+
s.add_runtime_dependency 'rest-client', '~> 2.1'
|
20
|
+
s.add_runtime_dependency 'jwt', '~> 2.7'
|
21
|
+
s.add_runtime_dependency 'zache', '~> 0.12'
|
22
|
+
s.add_runtime_dependency 'addressable', '~> 2.8'
|
23
|
+
s.add_runtime_dependency 'retryable', '~> 3.0'
|
24
|
+
|
25
|
+
s.add_development_dependency 'bundler'
|
26
|
+
s.add_development_dependency 'rake', '~> 13.0'
|
27
|
+
s.add_development_dependency 'fuubar', '~> 2.0'
|
28
|
+
s.add_development_dependency 'rspec', '~> 3.11'
|
29
|
+
s.add_development_dependency 'simplecov', '~> 0.9'
|
30
|
+
s.add_development_dependency 'faker', '~> 2.0'
|
31
|
+
s.add_development_dependency "super_diff", "~> 1.0"
|
32
|
+
s.add_development_dependency 'concurrent-ruby', '~> 1.1'
|
33
|
+
s.license = 'MIT'
|
34
|
+
end
|
@@ -0,0 +1,41 @@
|
|
1
|
+
GEM
|
2
|
+
remote: https://rubygems.org/
|
3
|
+
specs:
|
4
|
+
addressable (2.8.6)
|
5
|
+
public_suffix (>= 2.0.2, < 6.0)
|
6
|
+
descope (1.0.2)
|
7
|
+
addressable (~> 2.8)
|
8
|
+
jwt (~> 2.7)
|
9
|
+
rest-client (~> 2.1)
|
10
|
+
retryable (~> 3.0)
|
11
|
+
zache (~> 0.12)
|
12
|
+
domain_name (0.6.20240107)
|
13
|
+
http-accept (1.7.0)
|
14
|
+
http-cookie (1.0.5)
|
15
|
+
domain_name (~> 0.5)
|
16
|
+
jwt (2.7.1)
|
17
|
+
launchy (2.5.2)
|
18
|
+
addressable (~> 2.8)
|
19
|
+
mime-types (3.5.2)
|
20
|
+
mime-types-data (~> 3.2015)
|
21
|
+
mime-types-data (3.2024.0206)
|
22
|
+
netrc (0.11.0)
|
23
|
+
public_suffix (5.0.4)
|
24
|
+
rest-client (2.1.0)
|
25
|
+
http-accept (>= 1.7.0, < 2.0)
|
26
|
+
http-cookie (>= 1.0.2, < 2.0)
|
27
|
+
mime-types (>= 1.16, < 4.0)
|
28
|
+
netrc (~> 0.8)
|
29
|
+
retryable (3.0.5)
|
30
|
+
zache (0.13.1)
|
31
|
+
|
32
|
+
PLATFORMS
|
33
|
+
arm64-darwin-23
|
34
|
+
ruby
|
35
|
+
|
36
|
+
DEPENDENCIES
|
37
|
+
descope
|
38
|
+
launchy
|
39
|
+
|
40
|
+
BUNDLED WITH
|
41
|
+
2.5.5
|
@@ -0,0 +1,45 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'descope'
|
5
|
+
|
6
|
+
@logger = Logger.new($stdout)
|
7
|
+
|
8
|
+
@project_id = ENV['DESCOPE_PROJECT_ID']
|
9
|
+
@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
|
10
|
+
|
11
|
+
@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
|
12
|
+
|
13
|
+
@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
|
14
|
+
|
15
|
+
access_key = nil
|
16
|
+
|
17
|
+
begin
|
18
|
+
@logger.info('Going to login by using access key ...')
|
19
|
+
|
20
|
+
if access_key.nil?
|
21
|
+
print "Insert access key here\n"
|
22
|
+
access_key = gets.chomp
|
23
|
+
end
|
24
|
+
|
25
|
+
begin
|
26
|
+
jwt_response = @client.exchange_access_key(access_key)
|
27
|
+
@logger.info('exchange access key successfully')
|
28
|
+
@logger.info("jwt_response: #{jwt_response}")
|
29
|
+
|
30
|
+
permission_name = 'TestPermission'
|
31
|
+
permission_presented = @client.validate_permissions(
|
32
|
+
jwt_response:, permissions: [permission_name]
|
33
|
+
)
|
34
|
+
@logger.info("#{permission_name} presented on the jwt: [#{permission_presented}]")
|
35
|
+
role_name = 'TestRole'
|
36
|
+
role_presented = @client.validate_roles(jwt_response:, roles: [role_name])
|
37
|
+
@logger.info("#{role_name} presented on the jwt: [#{role_presented}]")
|
38
|
+
rescue Descope::AuthException => e
|
39
|
+
@logger.error("Failed to exchange access key #{e}")
|
40
|
+
raise
|
41
|
+
end
|
42
|
+
rescue StandardError => e
|
43
|
+
@logger.error("Failed to initialize DescopeClient #{e}")
|
44
|
+
raise
|
45
|
+
end
|
@@ -0,0 +1,65 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'descope'
|
5
|
+
|
6
|
+
@logger = Logger.new($stdout)
|
7
|
+
|
8
|
+
@project_id = ENV['DESCOPE_PROJECT_ID']
|
9
|
+
@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
|
10
|
+
|
11
|
+
@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
|
12
|
+
|
13
|
+
@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
|
14
|
+
|
15
|
+
def verify
|
16
|
+
print "Please insert the token you received by email:\n"
|
17
|
+
token = gets.chomp
|
18
|
+
@client.enchanted_link_verify_token(token)
|
19
|
+
p 'Token is valid'
|
20
|
+
rescue Descope::AuthException => e
|
21
|
+
p "Invalid Token #{e}"
|
22
|
+
raise
|
23
|
+
end
|
24
|
+
|
25
|
+
print 'Going to signup / signin using Enchanted Link ...'
|
26
|
+
print "Please insert email to signup / signin:\n"
|
27
|
+
email = gets.chomp
|
28
|
+
resp = @client.enchanted_link_sign_up_or_in(
|
29
|
+
login_id: email,
|
30
|
+
uri: 'http://test.me'
|
31
|
+
)
|
32
|
+
|
33
|
+
link_identifier = resp['linkId']
|
34
|
+
masked_email = resp['maskedEmail']
|
35
|
+
p "We have sent you an email to #{masked_email}"
|
36
|
+
p "Please click the link with the identifier #{link_identifier}"
|
37
|
+
pending_ref = resp['pendingRef']
|
38
|
+
|
39
|
+
done = false
|
40
|
+
|
41
|
+
# open thread to get input
|
42
|
+
thread = Thread.new { verify }
|
43
|
+
thread.join
|
44
|
+
|
45
|
+
i = 0
|
46
|
+
until done
|
47
|
+
begin
|
48
|
+
i += 1
|
49
|
+
$stdout.write("Sleeping #{i}...")
|
50
|
+
sleep(4)
|
51
|
+
jwt_response = @client.enchanted_link_get_session(pending_ref)
|
52
|
+
done = true
|
53
|
+
rescue Descope::AuthException => e
|
54
|
+
if e.status_code != 401
|
55
|
+
p "Failed pending session, err: #{e}"
|
56
|
+
done = true
|
57
|
+
end
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
if jwt_response
|
62
|
+
refresh_token = jwt_response.fetch(Descope::Mixins::Common::REFRESH_SESSION_TOKEN_NAME).fetch('jwt')
|
63
|
+
@client.sign_out(refresh_token)
|
64
|
+
p 'User logged out'
|
65
|
+
end
|
@@ -0,0 +1,81 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'descope'
|
5
|
+
|
6
|
+
# include Descope::Mixin::Common
|
7
|
+
@logger = Logger.new($stdout)
|
8
|
+
|
9
|
+
@project_id = ENV['DESCOPE_PROJECT_ID']
|
10
|
+
@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
|
11
|
+
|
12
|
+
@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
|
13
|
+
|
14
|
+
@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
|
15
|
+
|
16
|
+
@logger.info('Going to signup / signin using Magic Link ...')
|
17
|
+
print "Please insert email to signup / signin:\n"
|
18
|
+
email = gets.chomp
|
19
|
+
masked_mail = @client.magiclink_sign_up_or_in(
|
20
|
+
method: Descope::Mixins::Common::DeliveryMethod::EMAIL,
|
21
|
+
login_id: email,
|
22
|
+
uri: 'http://test.me'
|
23
|
+
)
|
24
|
+
|
25
|
+
print "Please insert the token you received by email (#{masked_mail}):\n"
|
26
|
+
token = gets.chomp
|
27
|
+
begin
|
28
|
+
jwt_response = @client.magiclink_verify_token(token)
|
29
|
+
@logger.info('Token is valid')
|
30
|
+
refresh_token = jwt_response['refreshJwt']
|
31
|
+
@logger.info("jwt_response: #{jwt_response}")
|
32
|
+
rescue Descope::AuthException => e
|
33
|
+
@logger.error("Invalid Token #{e}")
|
34
|
+
raise
|
35
|
+
end
|
36
|
+
|
37
|
+
begin
|
38
|
+
@logger.info('Going to logout after sign-in / sign-up')
|
39
|
+
@client.sign_out(refresh_token)
|
40
|
+
@logger.info('User logged out after sign-in / sign-up')
|
41
|
+
rescue Descope::AuthException => e
|
42
|
+
@logger.info("Failed to logged after sign-in / sign-up, err: #{e}")
|
43
|
+
end
|
44
|
+
|
45
|
+
@logger.info('Going to sign in same user again...')
|
46
|
+
@client.magiclink_sign_in(
|
47
|
+
method: Descope::Mixins::Common::DeliveryMethod::EMAIL, login_id: email, uri: 'http://test.me'
|
48
|
+
)
|
49
|
+
|
50
|
+
print "Please insert the Token you received by email:\n"
|
51
|
+
token = gets.chomp
|
52
|
+
begin
|
53
|
+
jwt_response = @client.magiclink_verify_token(token)
|
54
|
+
@logger.info('Token is valid')
|
55
|
+
session_token_1 = jwt_response['sessionJwt']
|
56
|
+
refresh_token_1 = jwt_response['refreshJwt']
|
57
|
+
@logger.info("jwt_response: #{jwt_response}")
|
58
|
+
rescue Descope::AuthException => e
|
59
|
+
@logger.error("Invalid Token #{e}")
|
60
|
+
raise
|
61
|
+
end
|
62
|
+
|
63
|
+
begin
|
64
|
+
@logger.info("going to validate session...#{session_token_1}")
|
65
|
+
@client.validate_and_refresh_session(
|
66
|
+
session_token: session_token_1, refresh_token: refresh_token_1
|
67
|
+
)
|
68
|
+
@logger.info('Session is valid and all is OK')
|
69
|
+
rescue Descope::AuthException => e
|
70
|
+
@logger.error("Session is not valid #{e}")
|
71
|
+
end
|
72
|
+
|
73
|
+
begin
|
74
|
+
@logger.info(
|
75
|
+
"Going to logout at the second time\nrefresh_token: #{refresh_token_1}"
|
76
|
+
)
|
77
|
+
@client.sign_out(refresh_token_1)
|
78
|
+
@logger.info('User logged out')
|
79
|
+
rescue Descope::AuthException => e
|
80
|
+
@logger.error("Failed to logged out user, err: #{e}")
|
81
|
+
end
|
@@ -0,0 +1,38 @@
|
|
1
|
+
GEM
|
2
|
+
remote: http://rubygems.org/
|
3
|
+
specs:
|
4
|
+
addressable (2.8.6)
|
5
|
+
public_suffix (>= 2.0.2, < 6.0)
|
6
|
+
descope (1.0.0)
|
7
|
+
addressable (~> 2.8)
|
8
|
+
jwt (~> 2.7)
|
9
|
+
rest-client (~> 2.1)
|
10
|
+
retryable (~> 3.0)
|
11
|
+
zache (~> 0.12)
|
12
|
+
domain_name (0.6.20240107)
|
13
|
+
http-accept (1.7.0)
|
14
|
+
http-cookie (1.0.5)
|
15
|
+
domain_name (~> 0.5)
|
16
|
+
jwt (2.7.1)
|
17
|
+
mime-types (3.5.2)
|
18
|
+
mime-types-data (~> 3.2015)
|
19
|
+
mime-types-data (3.2023.1205)
|
20
|
+
netrc (0.11.0)
|
21
|
+
public_suffix (5.0.4)
|
22
|
+
rest-client (2.1.0)
|
23
|
+
http-accept (>= 1.7.0, < 2.0)
|
24
|
+
http-cookie (>= 1.0.2, < 2.0)
|
25
|
+
mime-types (>= 1.16, < 4.0)
|
26
|
+
netrc (~> 0.8)
|
27
|
+
retryable (3.0.5)
|
28
|
+
zache (0.13.1)
|
29
|
+
|
30
|
+
PLATFORMS
|
31
|
+
arm64-darwin-23
|
32
|
+
ruby
|
33
|
+
|
34
|
+
DEPENDENCIES
|
35
|
+
descope
|
36
|
+
|
37
|
+
BUNDLED WITH
|
38
|
+
2.5.5
|
@@ -0,0 +1,71 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'descope'
|
5
|
+
|
6
|
+
@logger = Logger.new($stdout)
|
7
|
+
|
8
|
+
@project_id = ENV['DESCOPE_PROJECT_ID']
|
9
|
+
@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
|
10
|
+
|
11
|
+
@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
|
12
|
+
|
13
|
+
@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
|
14
|
+
|
15
|
+
begin
|
16
|
+
@logger.info('Going to create a new access key')
|
17
|
+
access_key_resp = @client.create_access_key(name: 'key-name', expire_time: 1_677_844_931)
|
18
|
+
access_key = access_key_resp['key']
|
19
|
+
key_id = access_key['id']
|
20
|
+
@logger.info("Create: created access key #{access_key}")
|
21
|
+
rescue Descope::AuthException => e
|
22
|
+
@logger.info("Access key creation failed #{e}")
|
23
|
+
end
|
24
|
+
|
25
|
+
begin
|
26
|
+
@logger.info('Searching for created access key')
|
27
|
+
access_key_resp = @client.load_access_key(key_id)
|
28
|
+
access_key = access_key_resp['key']
|
29
|
+
@logger.info("Load: found access key #{access_key}")
|
30
|
+
rescue Descope::AuthException => e
|
31
|
+
@logger.info("Access key load failed #{e}")
|
32
|
+
end
|
33
|
+
|
34
|
+
begin
|
35
|
+
@logger.info('Searching all access keys')
|
36
|
+
users_resp = @client.search_all_access_keys
|
37
|
+
access_keys = users_resp['keys']
|
38
|
+
access_keys.each do |key|
|
39
|
+
@logger.info("Search Found access key #{key}")
|
40
|
+
end
|
41
|
+
rescue Descope::AuthException => e
|
42
|
+
@logger.info("Access key load failed #{e}")
|
43
|
+
end
|
44
|
+
|
45
|
+
begin
|
46
|
+
@logger.info('Updating newly created access key')
|
47
|
+
@client.update_access_key(id: key_id, name: 'New key name')
|
48
|
+
rescue Descope::AuthException => e
|
49
|
+
@logger.info("Access key update failed #{e}")
|
50
|
+
end
|
51
|
+
|
52
|
+
begin
|
53
|
+
@logger.info('Deactivating newly created access key')
|
54
|
+
@client.deactivate_access_key(key_id)
|
55
|
+
rescue Descope::AuthException => e
|
56
|
+
@logger.info("Access key deactivate failed #{e}")
|
57
|
+
end
|
58
|
+
|
59
|
+
begin
|
60
|
+
@logger.info('Activating newly created access key')
|
61
|
+
@client.activate_access_key(key_id)
|
62
|
+
rescue Descope::AuthException => e
|
63
|
+
@logger.info("Access key activate failed #{e}")
|
64
|
+
end
|
65
|
+
|
66
|
+
begin
|
67
|
+
@logger.info('Deleting newly created access key')
|
68
|
+
@client.delete_access_key(key_id)
|
69
|
+
rescue Descope::AuthException => e
|
70
|
+
@logger.info("Access key deletion failed #{e}")
|
71
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'descope'
|
5
|
+
|
6
|
+
@logger = Logger.new($stdout)
|
7
|
+
|
8
|
+
@project_id = ENV['DESCOPE_PROJECT_ID']
|
9
|
+
@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
|
10
|
+
|
11
|
+
@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
|
12
|
+
|
13
|
+
@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
|
14
|
+
|
15
|
+
begin
|
16
|
+
@logger.info('Going to search audit')
|
17
|
+
text = nil
|
18
|
+
text = ARGV[0] if ARGV.length > 1
|
19
|
+
from_ts = nil
|
20
|
+
from_ts = DateTime.iso8601(ARGV[1]) if ARGV.length > 2
|
21
|
+
res = @client.audit_search(text:, from_ts:)
|
22
|
+
@logger.info("Audit search result: #{res}")
|
23
|
+
rescue Descope::AuthException => e
|
24
|
+
@logger.error("Audit search failed #{e}")
|
25
|
+
end
|
@@ -0,0 +1,135 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
4
|
+
require 'descope'
|
5
|
+
|
6
|
+
@logger = Logger.new($stdout)
|
7
|
+
|
8
|
+
@project_id = ENV['DESCOPE_PROJECT_ID']
|
9
|
+
@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
|
10
|
+
|
11
|
+
@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
|
12
|
+
|
13
|
+
@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
|
14
|
+
|
15
|
+
begin
|
16
|
+
@logger.info('Creating test authz schema if different name')
|
17
|
+
schema = @client.authz_load_schema
|
18
|
+
File.open('./authz_files.json', 'rt') do |f|
|
19
|
+
schema_from_file = JSON.parse(f.read)
|
20
|
+
if schema['name'] != schema_from_file['name']
|
21
|
+
@logger.info('Schema is different, upgrading...')
|
22
|
+
@client.authz_save_schema(schema: schema_from_file, upgrade: true)
|
23
|
+
@client.authz_create_relations(
|
24
|
+
[
|
25
|
+
{
|
26
|
+
"resource": 'Dev',
|
27
|
+
"relationDefinition": 'parent',
|
28
|
+
"namespace": 'org',
|
29
|
+
"target": 'Descope'
|
30
|
+
},
|
31
|
+
{
|
32
|
+
"resource": 'Sales',
|
33
|
+
"relationDefinition": 'parent',
|
34
|
+
"namespace": 'org',
|
35
|
+
"target": 'Descope'
|
36
|
+
},
|
37
|
+
{
|
38
|
+
"resource": 'Dev',
|
39
|
+
"relationDefinition": 'member',
|
40
|
+
"namespace": 'org',
|
41
|
+
"target": 'u1'
|
42
|
+
},
|
43
|
+
{
|
44
|
+
"resource": 'Dev',
|
45
|
+
"relationDefinition": 'member',
|
46
|
+
"namespace": 'org',
|
47
|
+
"target": 'u3'
|
48
|
+
},
|
49
|
+
{
|
50
|
+
"resource": 'Sales',
|
51
|
+
"relationDefinition": 'member',
|
52
|
+
"namespace": 'org',
|
53
|
+
"target": 'u2'
|
54
|
+
},
|
55
|
+
{
|
56
|
+
"resource": 'Presentations',
|
57
|
+
"relationDefinition": 'parent',
|
58
|
+
"namespace": 'folder',
|
59
|
+
"target": 'Internal'
|
60
|
+
},
|
61
|
+
{
|
62
|
+
"resource": 'roadmap.ppt',
|
63
|
+
"relationDefinition": 'parent',
|
64
|
+
"namespace": 'doc',
|
65
|
+
"target": 'Presentations'
|
66
|
+
},
|
67
|
+
{
|
68
|
+
"resource": 'roadmap.ppt',
|
69
|
+
"relationDefinition": 'owner',
|
70
|
+
"namespace": 'doc',
|
71
|
+
"target": 'u1'
|
72
|
+
},
|
73
|
+
{
|
74
|
+
"resource": 'Internal',
|
75
|
+
"relationDefinition": 'viewer',
|
76
|
+
"namespace": 'folder',
|
77
|
+
"targetSetResource": 'Descope',
|
78
|
+
"targetSetRelationDefinition": 'member',
|
79
|
+
"targetSetRelationDefinitionNamespace": 'org'
|
80
|
+
},
|
81
|
+
{
|
82
|
+
"resource": 'Presentations',
|
83
|
+
"relationDefinition": 'editor',
|
84
|
+
"namespace": 'folder',
|
85
|
+
"targetSetResource": 'Sales',
|
86
|
+
"targetSetRelationDefinition": 'member',
|
87
|
+
"targetSetRelationDefinitionNamespace": 'org'
|
88
|
+
}
|
89
|
+
]
|
90
|
+
)
|
91
|
+
end
|
92
|
+
|
93
|
+
res = @client.authz_has_relations?([
|
94
|
+
{
|
95
|
+
"resource": 'roadmap.ppt',
|
96
|
+
"relationDefinition": 'owner',
|
97
|
+
"namespace": 'doc',
|
98
|
+
"target": 'u1'
|
99
|
+
},
|
100
|
+
{
|
101
|
+
"resource": 'roadmap.ppt',
|
102
|
+
"relationDefinition": 'editor',
|
103
|
+
"namespace": 'doc',
|
104
|
+
"target": 'u1'
|
105
|
+
},
|
106
|
+
{
|
107
|
+
"resource": 'roadmap.ppt',
|
108
|
+
"relationDefinition": 'viewer',
|
109
|
+
"namespace": 'doc',
|
110
|
+
"target": 'u1'
|
111
|
+
},
|
112
|
+
{
|
113
|
+
"resource": 'roadmap.ppt',
|
114
|
+
"relationDefinition": 'viewer',
|
115
|
+
"namespace": 'doc',
|
116
|
+
"target": 'u3'
|
117
|
+
},
|
118
|
+
{
|
119
|
+
"resource": 'roadmap.ppt',
|
120
|
+
"relationDefinition": 'editor',
|
121
|
+
"namespace": 'doc',
|
122
|
+
"target": 'u3'
|
123
|
+
},
|
124
|
+
{
|
125
|
+
"resource": 'roadmap.ppt',
|
126
|
+
"relationDefinition": 'editor',
|
127
|
+
"namespace": 'doc',
|
128
|
+
"target": 'u2'
|
129
|
+
}
|
130
|
+
])
|
131
|
+
@logger.info("Checking existing relations: #{res}")
|
132
|
+
rescue Descope::AuthException => e
|
133
|
+
@logger.error("Audit search failed #{e}")
|
134
|
+
end
|
135
|
+
end
|