descope 1.0.4

data/examples/ruby/management/authz_files.json

@@ -0,0 +1,229 @@
+{
+  "name": "Files",
+  "namespaces": [
+    {
+      "name": "org",
+      "relationDefinitions": [
+        {
+          "name": "parent"
+        },
+        {
+          "name": "member",
+          "complexDefinition": {
+            "nType": "union",
+            "children": [
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "self"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "relationLeft",
+                  "relationDefinition": "parent",
+                  "relationDefinitionNamespace": "org",
+                  "targetRelationDefinition": "member",
+                  "targetRelationDefinitionNamespace": "org"
+                }
+              }
+            ]
+          }
+        }
+      ]
+    },
+    {
+      "name": "folder",
+      "relationDefinitions": [
+        {
+          "name": "parent"
+        },
+        {
+          "name": "owner",
+          "complexDefinition": {
+            "nType": "union",
+            "children": [
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "self"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "relationRight",
+                  "relationDefinition": "parent",
+                  "relationDefinitionNamespace": "folder",
+                  "targetRelationDefinition": "owner",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              }
+            ]
+          }
+        },
+        {
+          "name": "editor",
+          "complexDefinition": {
+            "nType": "union",
+            "children": [
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "self"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "relationRight",
+                  "relationDefinition": "parent",
+                  "relationDefinitionNamespace": "folder",
+                  "targetRelationDefinition": "editor",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "targetSet",
+                  "targetRelationDefinition": "owner",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              }
+            ]
+          }
+        },
+        {
+          "name": "viewer",
+          "complexDefinition": {
+            "nType": "union",
+            "children": [
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "self"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "relationRight",
+                  "relationDefinition": "parent",
+                  "relationDefinitionNamespace": "folder",
+                  "targetRelationDefinition": "viewer",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "targetSet",
+                  "targetRelationDefinition": "editor",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              }
+            ]
+          }
+        }
+      ]
+    },
+    {
+      "name": "doc",
+      "relationDefinitions": [
+        {
+          "name": "parent"
+        },
+        {
+          "name": "owner",
+          "complexDefinition": {
+            "nType": "union",
+            "children": [
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "self"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "relationRight",
+                  "relationDefinition": "parent",
+                  "relationDefinitionNamespace": "doc",
+                  "targetRelationDefinition": "owner",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              }
+            ]
+          }
+        },
+        {
+          "name": "editor",
+          "complexDefinition": {
+            "nType": "union",
+            "children": [
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "self"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "relationRight",
+                  "relationDefinition": "parent",
+                  "relationDefinitionNamespace": "doc",
+                  "targetRelationDefinition": "editor",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "targetSet",
+                  "targetRelationDefinition": "owner",
+                  "targetRelationDefinitionNamespace": "doc"
+                }
+              }
+            ]
+          }
+        },
+        {
+          "name": "viewer",
+          "complexDefinition": {
+            "nType": "union",
+            "children": [
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "self"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "relationRight",
+                  "relationDefinition": "parent",
+                  "relationDefinitionNamespace": "doc",
+                  "targetRelationDefinition": "viewer",
+                  "targetRelationDefinitionNamespace": "folder"
+                }
+              },
+              {
+                "nType": "child",
+                "expression": {
+                  "neType": "targetSet",
+                  "targetRelationDefinition": "editor",
+                  "targetRelationDefinitionNamespace": "doc"
+                }
+              }
+            ]
+          }
+        }
+      ]
+    }
+  ]
+}

data/examples/ruby/management/flow_app.rb

@@ -0,0 +1,57 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+begin
+  name = 'sign-up-or-in'
+
+  begin
+    @logger.info("Going to export 'sign-up-or-in' flow")
+    @res = @client.export_flow(name)
+
+  rescue Descope::AuthException => e
+    @logger.error("Export flow failed #{e}")
+  end
+
+  begin
+    @logger.info('Importing sign-up-or-in flow and change name')
+    @res['flow']['name'] = 'Importing from SDK'
+    @client.import_flow(
+      flow_id: 'sign-up-or-in',
+      flow: @res['flow'],
+      screens: @res['screens']
+    )
+  rescue Descope::AuthException => e
+    @logger.info("Importing flow failed #{e}")
+  end
+
+  begin
+    @logger.info('Going to export the project theme')
+    @res = @client.export_theme
+    @logger.info("Export theme success: #{@res}")
+
+  rescue Descope::AuthException => e
+    @logger.info("Export theme failed #{e}")
+  end
+
+  begin
+    @logger.info('Importing theme back')
+    @client.import_theme(@res)
+    @logger.info('Importing theme success')
+  rescue Descope::AuthException => e
+    @logger.error("Importing theme failed #{e}")
+  end
+
+rescue Descope::AuthException
+  raise
+end

data/examples/ruby/management/permission_app.rb

@@ -0,0 +1,56 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+begin
+  @logger.info('Going to create a new permission')
+  name = 'My Permission'
+  @client.create_permission(name:, description: 'Allowed to test')
+
+rescue Descope::AuthException => e
+  @logger.info("Permission creation failed #{e}")
+end
+
+begin
+  @logger.info('Loading all permissions')
+  permissions_resp = @client.load_all_permissions
+  permissions = permissions_resp['permissions']
+  permissions.each do |permission|
+    @logger.info("Search Found permission #{permission}")
+  end
+
+rescue Descope::AuthException => e
+  @logger.error("Permission load failed #{e}")
+end
+
+begin
+  @logger.info('Updating newly created permission')
+  # update overrides all fields, must provide the entire entity
+  # we mean to update.
+  name = 'My Permission'
+  @client.update_permission(
+    name:, new_name: 'My Updated Permission', description: 'New Description'
+  )
+
+rescue Descope::AuthException => e
+  @logger.error("Permission update failed #{e}")
+end
+
+begin
+  @logger.info('Deleting newly created permission')
+  @client.delete_permission('My Updated Permission')
+
+rescue Descope::AuthException => e
+  @logger.error("Permission deletion failed #{e}")
+end
+

data/examples/ruby/management/role_app.rb

@@ -0,0 +1,58 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+name = 'My Role'
+
+begin
+  @logger.info('Going to create a new role')
+  @client.create_role(
+    name:, description: 'Allowed to test :)', permission_names: ['SSO Admin']
+  )
+rescue Descope::AuthException => e
+  @logger.info("Role creation failed #{e}")
+end
+
+begin
+  @logger.info('Loading all roles')
+  roles_resp = @client.load_all_roles
+  roles = roles_resp['roles']
+  roles.each do |role|
+    @logger.info("Search Found role #{role}")
+  end
+
+rescue Descope::AuthException => e
+  @logger.error("Role load failed #{e}")
+end
+
+begin
+  @logger.info('Updating newly created role')
+  @client.update_role(
+    name:,
+    new_name: 'My Updated Role',
+    description: 'New Description',
+    permission_names: ['User Admin']
+  )
+
+rescue Descope::AuthException => e
+  @logger.error("Role update failed #{e}")
+end
+
+begin
+  @logger.info('Deleting newly created role')
+  @client.delete_role('My Updated Role')
+
+rescue Descope::AuthException => e
+  @logger.error("Role deletion failed #{e}")
+end
+

data/examples/ruby/management/tenant_app.rb

@@ -0,0 +1,60 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+@tenant_id = ''
+
+begin
+  @logger.info('Going to create a new tenant')
+  resp = @client.create_tenant(name: 'My First Tenant')
+  @tenant_id = resp['id']
+  @logger.info("Tenant creation response: #{resp}")
+rescue Descope::AuthException => e
+  @logger.info("Tenant creation failed #{e}")
+end
+
+begin
+  @logger.info('Loading tenant by id')
+  tenant_resp = @client.load_tenant(@tenant_id)
+  @logger.info("Found tenant #{tenant_resp}")
+rescue Descope::AuthException => e
+  @logger.info("Permission load failed #{e}")
+end
+
+begin
+  @logger.info('Loading all tenants')
+  tenants_resp = @client.load_all_tenants
+  tenants = tenants_resp['tenants']
+  tenants.each do |tenant|
+    @logger.info("Search Found tenant #{tenant}")
+  end
+rescue Descope::AuthException => e
+  @logger.error("Permission load failed #{e}")
+end
+
+begin
+  @logger.info('Updating newly created tenant')
+  @client.update_tenant(
+    name: 'My First Tenant', id: @tenant_id, self_provisioning_domains: ['mydomain.com']
+  )
+rescue Descope::AuthException => e
+  @logger.error("Tenant update failed #{e}")
+end
+
+begin
+  @logger.info('Deleting newly created tenant')
+  @client.delete_tenant(@tenant_id)
+rescue Descope::AuthException => e
+  @logger.error("Tenant deletion failed #{e}")
+end
+

data/examples/ruby/management/user_app.rb

@@ -0,0 +1,60 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+user_login_id = 'des@copeland.com'
+
+begin
+  @logger.info('Going to create a new user')
+  @client.create_user(login_id: user_login_id)
+rescue Descope::AuthException => e
+  @logger.info("User creation failed #{e}")
+end
+
+begin
+  @logger.info('Searching for created user')
+  user_resp = @client.load_user(user_login_id)
+  user_res = user_resp['user']
+  @logger.info("Load: found user #{user_res}")
+rescue Descope::AuthException => e
+  @logger.info("User load failed #{e}")
+end
+
+begin
+  @logger.info('Searching all users created user')
+  users_resp = @client.search_all_users
+  users = users_resp['users']
+  users.each do |user|
+    @logger.info("Search Found user #{user}")
+  end
+rescue Descope::AuthException => e
+  @logger.info("User load failed #{e}")
+end
+
+begin
+  @logger.info('Updating newly created user')
+  # update overrides all fields, must provide the entire entity
+  # we mean to update.
+  @client.update_user(
+    login_id: user_login_id, name: 'Desmond Copeland'
+  )
+rescue Descope::AuthException => e
+  @logger.info("User update failed #{e}")
+end
+
+begin
+  @logger.info('Deleting newly created user')
+  @client.delete_user(user_login_id)
+rescue Descope::AuthException => e
+  @logger.info("User deletion failed #{e}")
+end

data/examples/ruby/oauth_app.rb

@@ -0,0 +1,39 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+require 'launchy'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+begin
+  @logger.info('Going to login with Oauth auth method ...')
+  resp = @client.oauth_start(provider: 'github', return_url: 'https://www.google.com')
+  @logger.info("oauth response: #{resp}")
+
+  # open the browser with the url
+  link = resp['url']
+  Launchy.open(link) # open the browser with the
+
+
+  puts "Please insert the code you received from redirect URI:\n"
+  code = gets.chomp
+
+  jwt_response = @client.oauth_exchange_token(code)
+  @logger.info('oauth code valid')
+  refresh_token = jwt_response['refreshSessionToken']['jwt']
+  my_details = @client.me(refresh_token)
+  @logger.info("my details: #{my_details}")
+
+  @client.sign_out(refresh_token)
+  @logger.info('User logged out')
+rescue Descope::AuthException => e
+  @logger.error("Error: #{e.message}")
+end

data/examples/ruby/otp_app.rb

@@ -0,0 +1,50 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+begin
+  @logger.info('Going to signup or in using OTP...')
+  puts 'Please insert email to signup or in:\n'
+  email = gets.chomp
+  masked_email = @client.otp_sign_up_or_in(
+    method: Descope::Mixins::Common::DeliveryMethod::EMAIL, login_id: email
+  )
+
+  puts "Please insert the code you received by email to #{masked_email}:\n"
+  value = gets.chomp
+
+  jwt_response = @client.otp_verify_code(
+    method: Descope::Mixins::Common::DeliveryMethod::EMAIL, login_id: email, code: value
+  )
+  @logger.info('Code is valid')
+  puts "jwt_response: #{jwt_response}"
+  session_token = jwt_response[Descope::Mixins::Common::SESSION_TOKEN_NAME].fetch('jwt')
+  refresh_token = jwt_response[Descope::Mixins::Common::REFRESH_SESSION_TOKEN_NAME].fetch('jwt')
+  @logger.info("jwt_response: #{jwt_response}")
+
+  @logger.info('going to validate session..')
+  @client.validate_session(session_token:)
+  @logger.info('Session is valid and all is OK')
+
+  @logger.info('refreshing the session token..')
+  claims = @client.refresh_session(refresh_token:)
+  @logger.info(
+    'going to revalidate the session with the newly refreshed token..'
+  )
+
+  new_session_token = claims.fetch(Descope::Mixins::Common::SESSION_TOKEN_NAME).fetch('jwt')
+  @client.validate_and_refresh_session(session_token: new_session_token, refresh_token:)
+  @logger.info('Session is valid also for the refreshed token.')
+rescue Descope::AuthException => e
+  @logger.error("Error: #{e.message}")
+end

data/examples/ruby/password_app.rb

@@ -0,0 +1,76 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'descope'
+
+@logger = Logger.new($stdout)
+
+@project_id = ENV['DESCOPE_PROJECT_ID']
+@management_key = ENV['DESCOPE_MANAGEMENT_KEY']
+
+@logger.info("Initializing Descope API with project_id: #{@project_id} and base_uri: #{@base_uri}")
+
+@client = Descope::Client.new({ project_id: @project_id, management_key: @management_key })
+
+begin
+  @logger.info('Going to signup using password...')
+  puts 'Please insert email to signup with:\n'
+  email = gets.chomp
+
+  puts 'Please insert password to signup with:\n'
+  password = gets.chomp
+
+  jwt_response = @client.password_sign_up(login_id: email, password:)
+  @logger.info("Signup successful! jwt_response: #{jwt_response}")
+  puts "=> #{Descope::Mixins::Common::SESSION_TOKEN_NAME}"
+  session_token = jwt_response[Descope::Mixins::Common::SESSION_TOKEN_NAME].fetch('jwt')
+  refresh_token = jwt_response[Descope::Mixins::Common::REFRESH_SESSION_TOKEN_NAME].fetch('jwt')
+
+  @logger.info('Validating email address...')
+  @client.magiclink_update_user_email(login_id: email, email:, refresh_token:)
+
+  puts "Validation email send, please paste the token you received by email:\n"
+  token = gets.chomp
+  jwt_response = @client.magiclink_verify_token(token)
+  @logger.info('Token verified successfully! #{jwt_response}')
+  session_token = jwt_response[Descope::Mixins::Common::SESSION_TOKEN_NAME].fetch('jwt')
+  refresh_token = jwt_response[Descope::Mixins::Common::REFRESH_SESSION_TOKEN_NAME].fetch('jwt')
+
+  @logger.info('Going to reset password...')
+  @client.password_reset(login_id: email)
+  puts 'Reset password email send, please paste the token you received by email:\n'
+  token = gets.chomp
+  jwt_response = @client.magiclink_verify_token(token)
+  @logger.info('Token verified successfully!')
+  session_token = jwt_response[Descope::Mixins::Common::SESSION_TOKEN_NAME].fetch('jwt')
+  refresh_token = jwt_response[Descope::Mixins::Common::REFRESH_SESSION_TOKEN_NAME].fetch('jwt')
+  @logger.info("jwt_response: #{jwt_response}")
+
+  puts "Please insert new password:\n"
+  new_password = gets.chomp
+  @client.password_update(login_id: email, new_password:, refresh_token:)
+  @logger.info('Attempting to sign in with new password...')
+  jwt_response = @client.password_sign_in(login_id: email, password: new_password)
+  session_token = jwt_response[Descope::Mixins::Common::SESSION_TOKEN_NAME].fetch('jwt')
+  refresh_token = jwt_response[Descope::Mixins::Common::REFRESH_SESSION_TOKEN_NAME].fetch('jwt')
+  @logger.info("jwt_response: #{jwt_response}")
+
+  @logger.info('going to validate session...')
+  @client.validate_session(session_token:)
+  @logger.info('Session validated successfully and all is OK!')
+
+  @logger.info('refreshing the session token...')
+  claims = @client.refresh_session(refresh_token:)
+  @logger.info('going to revalidate the session with the newly refreshed token...')
+
+  new_session_token = claims[Descope::Mixins::Common::SESSION_TOKEN_NAME].fetch('jwt')
+  @client.validate_and_refresh_session(session_token: new_session_token, refresh_token:)
+  @logger.info('Session is also valid for the refreshed token.')
+
+  @logger.info('going to sign out...')
+  @client.sign_out(refresh_token)
+  @logger.info('Session is signed out successfully.')
+
+rescue Descope::AuthException => e
+  @logger.error("Error: #{e.message}")
+end