descope 1.0.5 → 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/publish-gem.yaml +30 -5
- data/Gemfile +3 -3
- data/Gemfile.lock +12 -20
- data/README.md +18 -3
- data/descope.gemspec +25 -20
- data/examples/ruby/.ruby-version +1 -0
- data/examples/ruby/access_key_app.rb +4 -3
- data/examples/ruby/enchantedlink_app.rb +1 -0
- data/examples/ruby/magiclink_app.rb +1 -0
- data/examples/ruby/management/.ruby-version +1 -0
- data/examples/ruby/management/Gemfile +2 -2
- data/examples/ruby/management/access_key_app.rb +2 -0
- data/examples/ruby/management/audit_app.rb +32 -8
- data/examples/ruby/management/authz_app.rb +1 -0
- data/examples/ruby/management/flow_app.rb +1 -0
- data/examples/ruby/management/permission_app.rb +3 -2
- data/examples/ruby/management/role_app.rb +3 -2
- data/examples/ruby/management/tenant_app.rb +1 -0
- data/examples/ruby/management/user_app.rb +1 -0
- data/examples/ruby/oauth_app.rb +1 -0
- data/examples/ruby/otp_app.rb +38 -12
- data/examples/ruby/password_app.rb +8 -7
- data/examples/ruby/saml_app.rb +1 -0
- data/examples/ruby/version_check.rb +17 -0
- data/examples/ruby-on-rails-api/descope/Gemfile +3 -1
- data/examples/ruby-on-rails-api/descope/Gemfile.lock +121 -90
- data/examples/ruby-on-rails-api/descope/README.md +18 -18
- data/examples/ruby-on-rails-api/descope/app/assets/builds/application.css +20092 -23
- data/examples/ruby-on-rails-api/descope/app/assets/builds/application.js +0 -1
- data/examples/ruby-on-rails-api/descope/app/assets/builds/components/index.js +0 -14
- data/examples/ruby-on-rails-api/descope/package-lock.json +1021 -19306
- data/examples/ruby-on-rails-api/descope/package.json +8 -16
- data/examples/ruby-on-rails-api/descope/yarn.lock +459 -10641
- data/lib/descope/api/v1/auth/otp.rb +21 -14
- data/lib/descope/api/v1/auth.rb +17 -20
- data/lib/descope/api/v1/management/audit.rb +24 -0
- data/lib/descope/api/v1/management/common.rb +1 -0
- data/lib/descope/mixins/common.rb +5 -2
- data/lib/descope/mixins/validation.rb +21 -6
- data/lib/descope/version.rb +1 -1
- data/spec/integration/lib.descope/api/v1/auth/otp_spec.rb +72 -7
- data/spec/integration/lib.descope/api/v1/management/audit_spec.rb +36 -0
- data/spec/integration/lib.descope/api/v1/management/roles_spec.rb +1 -1
- data/spec/lib.descope/api/v1/auth/otp_spec.rb +176 -18
- data/spec/lib.descope/api/v1/auth_spec.rb +1 -1
- data/spec/lib.descope/api/v1/management/audit_spec.rb +92 -0
- metadata +25 -133
- data/examples/ruby-on-rails-api/descope/app/assets/builds/reportWebVitals.js +0 -211
- data/examples/ruby-on-rails-api/descope/app/assets/builds/reportWebVitals.js.map +0 -7
@@ -10,10 +10,11 @@ module Descope
|
|
10
10
|
include Descope::Mixins::Common::EndpointsV1
|
11
11
|
include Descope::Mixins::Common::EndpointsV2
|
12
12
|
|
13
|
-
def otp_sign_in(method: nil, login_id: nil, login_options: nil, refresh_token: nil,
|
13
|
+
def otp_sign_in(method: nil, login_id: nil, login_options: nil, refresh_token: nil, provider_id: nil,
|
14
14
|
template_id: nil, sso_app_id: nil)
|
15
|
-
# Sign in (log in) an existing user with the unique login_id you provide.
|
16
|
-
# login_id field
|
15
|
+
# Sign in (log in) an existing user with the unique login_id you provide.
|
16
|
+
# The login_id field is used to identify the user. It can be an email address or a phone number.
|
17
|
+
# Provide the DeliveryMethod required for this user. If the login_id value cannot be used for the
|
17
18
|
# DeliverMethod selected (for example, 'login_id = 4567qq445km' and 'DeliveryMethod = email')
|
18
19
|
validate_login_id(login_id)
|
19
20
|
uri = otp_compose_signin_url(method)
|
@@ -23,12 +24,15 @@ module Descope
|
|
23
24
|
end
|
24
25
|
|
25
26
|
def otp_sign_up(method: nil, login_id: nil, user: {}, provider_id: nil, template_id: nil)
|
26
|
-
# Sign up (create) a new user using their email or phone number.
|
27
|
-
#
|
27
|
+
# Sign up (create) a new user using their email or phone number.
|
28
|
+
# The login_id field is used to identify the user. It can be an email address or a phone number.
|
29
|
+
# Choose a delivery method for OTP verification, for example email, SMS, or Voice.
|
28
30
|
# (optional) Include additional user metadata that you wish to preserve.
|
29
|
-
|
31
|
+
validate_login_id(login_id)
|
30
32
|
|
31
|
-
|
33
|
+
unless adjust_and_verify_delivery_method(method, login_id, user)
|
34
|
+
raise Descope::AuthException.new('Could not verify delivery method', code: 400)
|
35
|
+
end
|
32
36
|
|
33
37
|
uri = otp_compose_signup_url(method)
|
34
38
|
body = otp_compose_signup_body(method, login_id, user, provider_id, template_id)
|
@@ -38,9 +42,11 @@ module Descope
|
|
38
42
|
|
39
43
|
def otp_sign_up_or_in(method: nil, login_id: nil, login_options: nil, provider_id: nil, template_id: nil,
|
40
44
|
sso_app_id: nil)
|
41
|
-
# Sign_up_or_in lets you handle both sign up and sign in with a single call.
|
42
|
-
#
|
43
|
-
#
|
45
|
+
# Sign_up_or_in lets you handle both sign up and sign in with a single call.
|
46
|
+
# The login_id field is used to identify the user. It can be an email address or a phone number.
|
47
|
+
# Sign-up_or_in will first determine if login_id is a new or existing end user.
|
48
|
+
# If login_id is new, a new end user user will be created and then authenticated using the
|
49
|
+
# OTP DeliveryMethod specified.
|
44
50
|
# If login_id exists, the end user will be authenticated using the OTP DeliveryMethod specified.
|
45
51
|
validate_login_id(login_id)
|
46
52
|
uri = otp_compose_sign_up_or_in_url(method)
|
@@ -81,9 +87,10 @@ module Descope
|
|
81
87
|
method: nil, login_id: nil, phone: nil, refresh_token: nil, add_to_login_ids: false,
|
82
88
|
on_merge_use_existing: false, provider_id: nil, template_id: nil
|
83
89
|
)
|
84
|
-
# Update the phone number of an existing end user, after verifying the authenticity of the end user using OTP
|
90
|
+
# Update the phone number of an existing end user, after verifying the authenticity of the end user using OTP
|
85
91
|
validate_login_id(login_id)
|
86
92
|
validate_phone(method, phone)
|
93
|
+
|
87
94
|
uri = otp_compose_update_phone_url(method)
|
88
95
|
request_params = {
|
89
96
|
loginId: login_id,
|
@@ -127,7 +134,7 @@ module Descope
|
|
127
134
|
# rubocop:disable Metrics/AbcSize, Metrics/MethodLength
|
128
135
|
def otp_compose_signup_body(method, login_id, user, provider_id, template_id)
|
129
136
|
body = {
|
130
|
-
loginId: login_id
|
137
|
+
loginId: login_id
|
131
138
|
}
|
132
139
|
|
133
140
|
unless user.nil?
|
@@ -167,7 +174,8 @@ module Descope
|
|
167
174
|
end
|
168
175
|
|
169
176
|
private
|
170
|
-
def otp_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil,
|
177
|
+
def otp_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil,
|
178
|
+
middle_name: nil, family_name: nil)
|
171
179
|
user = {}
|
172
180
|
user[:loginId] = login_id if login_id
|
173
181
|
user[:name] = name if name
|
@@ -176,7 +184,6 @@ module Descope
|
|
176
184
|
user[:givenName] = given_name if given_name
|
177
185
|
user[:middleName] = middle_name if middle_name
|
178
186
|
user[:familyName] = family_name if family_name
|
179
|
-
|
180
187
|
user
|
181
188
|
end
|
182
189
|
end
|
data/lib/descope/api/v1/auth.rb
CHANGED
@@ -51,7 +51,7 @@ module Descope
|
|
51
51
|
# Return value (Hash): returns the session token from the server together with the expiry and key id
|
52
52
|
# (sessionToken:Hash, keyId:str, expiration:int)
|
53
53
|
unless (access_key.is_a?(String) || access_key.nil?) && !access_key.to_s.empty?
|
54
|
-
raise
|
54
|
+
raise AuthException.new('Access key should be a string!', code: 400)
|
55
55
|
end
|
56
56
|
|
57
57
|
res = post(EXCHANGE_AUTH_ACCESS_KEY_PATH, { loginOptions: login_options, audience: }, {}, access_key)
|
@@ -407,6 +407,7 @@ module Descope
|
|
407
407
|
login_id = {
|
408
408
|
DeliveryMethod::WHATSAPP => ['whatsapp', user.fetch(:phone, '')],
|
409
409
|
DeliveryMethod::SMS => ['phone', user.fetch(:phone, '')],
|
410
|
+
DeliveryMethod::VOICE => ['phone', user.fetch(:phone, '')],
|
410
411
|
DeliveryMethod::EMAIL => ['email', user.fetch(:email, '')]
|
411
412
|
}[method]
|
412
413
|
|
@@ -416,34 +417,30 @@ module Descope
|
|
416
417
|
end
|
417
418
|
|
418
419
|
def adjust_and_verify_delivery_method(method, login_id, user)
|
419
|
-
|
420
|
+
@logger.debug("adjust_and_verify_delivery_method: method: #{method}, login_id: #{login_id}, user: #{user}")
|
421
|
+
raise AuthException.new("Could not verify delivery method for method: #{method}", code: 400) if method.nil?
|
422
|
+
raise AuthException.new('Could not verify delivery method without login_id', code: 400) if login_id.nil?
|
420
423
|
|
421
|
-
|
424
|
+
unless user.is_a?(Hash)
|
425
|
+
raise AuthException.new('Could not verify delivery method, user is not a Hash', code: 400)
|
426
|
+
end
|
422
427
|
|
423
428
|
case method
|
424
429
|
when DeliveryMethod::EMAIL
|
425
|
-
|
426
|
-
|
427
|
-
|
428
|
-
|
429
|
-
|
430
|
-
|
431
|
-
|
432
|
-
when DeliveryMethod::SMS
|
433
|
-
user[:phone] ||= login_id
|
434
|
-
return false unless /^#{PHONE_REGEX}$/.match(user[:phone])
|
435
|
-
when DeliveryMethod::WHATSAPP
|
436
|
-
user[:phone] ||= login_id
|
437
|
-
return false unless /^#{PHONE_REGEX}$/.match(user[:phone])
|
430
|
+
validate_email(login_id)
|
431
|
+
@logger.debug("email: #{login_id} is valid")
|
432
|
+
true
|
433
|
+
when DeliveryMethod::SMS, DeliveryMethod::WHATSAPP, DeliveryMethod::VOICE
|
434
|
+
validate_phone(method, login_id)
|
435
|
+
@logger.debug("phone number (login_id): #{login_id} is valid")
|
436
|
+
true
|
438
437
|
else
|
439
|
-
|
438
|
+
false
|
440
439
|
end
|
441
|
-
|
442
|
-
true
|
443
440
|
end
|
444
441
|
|
445
442
|
def extract_masked_address(response, method)
|
446
|
-
if [DeliveryMethod::SMS, DeliveryMethod::WHATSAPP].include?(method)
|
443
|
+
if [DeliveryMethod::SMS, DeliveryMethod::WHATSAPP, DeliveryMethod::VOICE].include?(method)
|
447
444
|
response['maskedPhone']
|
448
445
|
elsif method == DeliveryMethod::EMAIL
|
449
446
|
response['maskedEmail']
|
@@ -58,6 +58,30 @@ module Descope
|
|
58
58
|
{ 'audits' => res['audits'].map { |audit| convert_audit_record(audit) } }
|
59
59
|
end
|
60
60
|
|
61
|
+
def audit_create_event(action: nil, type: nil, data: nil, user_id: nil, actor_id: nil, tenant_id: nil)
|
62
|
+
# Create an audit event
|
63
|
+
unless %w[info warn error].include?(type)
|
64
|
+
raise Descope::AuthException, 'type must be either info, warn or error'
|
65
|
+
end
|
66
|
+
|
67
|
+
# validation
|
68
|
+
raise Descope::AuthException, 'data must be provided as a key, value Hash' unless data.is_a?(Hash)
|
69
|
+
raise Descope::AuthException, 'action must be provided' if action.nil?
|
70
|
+
raise Descope::AuthException, 'actor_id must be provided' if actor_id.nil?
|
71
|
+
raise Descope::AuthException, 'tenant_id must be provided' if tenant_id.nil?
|
72
|
+
|
73
|
+
request_params = {
|
74
|
+
action:,
|
75
|
+
tenantId: tenant_id,
|
76
|
+
type:,
|
77
|
+
actorId: actor_id,
|
78
|
+
data:
|
79
|
+
}
|
80
|
+
request_params[:userId] = user_id unless user_id.nil?
|
81
|
+
|
82
|
+
post(AUDIT_CREATE_EVENT, request_params)
|
83
|
+
end
|
84
|
+
|
61
85
|
private
|
62
86
|
|
63
87
|
def convert_audit_record(audit)
|
@@ -9,7 +9,8 @@ module Descope
|
|
9
9
|
DEFAULT_BASE_URL = 'https://api.descope.com' # pragma: no cover
|
10
10
|
DEFAULT_TIMEOUT_SECONDS = 60
|
11
11
|
DEFAULT_JWT_VALIDATION_LEEWAY = 5
|
12
|
-
|
12
|
+
# Using E164 format,\A and \z are start and end of string respectively, to prevent multiline matching
|
13
|
+
PHONE_REGEX = /\A\+[1-9]\d{1,14}\z/
|
13
14
|
|
14
15
|
SESSION_COOKIE_NAME = 'DS'
|
15
16
|
REFRESH_SESSION_COOKIE_NAME = 'DSR'
|
@@ -24,13 +25,15 @@ module Descope
|
|
24
25
|
WHATSAPP = 1
|
25
26
|
SMS = 2
|
26
27
|
EMAIL = 3
|
28
|
+
VOICE = 4
|
27
29
|
end
|
28
30
|
|
29
31
|
def get_method_string(method)
|
30
32
|
name = {
|
31
33
|
DeliveryMethod::WHATSAPP => 'whatsapp',
|
32
34
|
DeliveryMethod::SMS => 'sms',
|
33
|
-
DeliveryMethod::EMAIL => 'email'
|
35
|
+
DeliveryMethod::EMAIL => 'email',
|
36
|
+
DeliveryMethod::VOICE => 'voice'
|
34
37
|
}[method]
|
35
38
|
|
36
39
|
raise ArgumentException, "Unknown delivery method: #{method}" if name.nil?
|
@@ -1,9 +1,12 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
require 'descope/mixins/common'
|
4
|
+
|
3
5
|
module Descope
|
4
6
|
module Mixins
|
5
7
|
# Module to provide validation for specific data structures.
|
6
8
|
module Validation
|
9
|
+
include Descope::Mixins::Common
|
7
10
|
def validate_tenants(key_tenants)
|
8
11
|
raise ArgumentError, 'key_tenants should be an Array of hashes' unless key_tenants.is_a? Array
|
9
12
|
|
@@ -46,11 +49,18 @@ module Descope
|
|
46
49
|
end
|
47
50
|
|
48
51
|
def validate_phone(method, phone)
|
52
|
+
phone_number_is_invalid = !phone.match?(PHONE_REGEX) unless phone.nil?
|
53
|
+
|
49
54
|
raise AuthException.new('Phone number cannot be empty', code: 400) unless phone.is_a?(String) && !phone.empty?
|
50
|
-
raise AuthException.new(
|
51
|
-
|
52
|
-
|
53
|
-
|
55
|
+
raise AuthException.new("Invalid pattern for phone number: #{phone}", code: 400) if phone_number_is_invalid
|
56
|
+
|
57
|
+
valid_methods = DeliveryMethod.constants.map { |constant| DeliveryMethod.const_get(constant) }
|
58
|
+
|
59
|
+
# rubocop:disable Style/LineLength
|
60
|
+
unless valid_methods.include?(method)
|
61
|
+
valid_methods_names = valid_methods.map { |m| "DeliveryMethod::#{DeliveryMethod.constants[valid_methods.index(m)]}" }.join(', ')
|
62
|
+
raise AuthException.new("Delivery method should be one of the following: #{valid_methods_names}", code: 400)
|
63
|
+
end
|
54
64
|
end
|
55
65
|
|
56
66
|
def verify_provider(oauth_provider)
|
@@ -64,7 +74,9 @@ module Descope
|
|
64
74
|
end
|
65
75
|
|
66
76
|
def validate_redirect_url(return_url)
|
67
|
-
|
77
|
+
return if return_url.is_a?(String) && !return_url.empty?
|
78
|
+
|
79
|
+
raise AuthException.new('Return_url cannot be empty', code: 400)
|
68
80
|
end
|
69
81
|
|
70
82
|
def validate_code(code)
|
@@ -72,7 +84,10 @@ module Descope
|
|
72
84
|
end
|
73
85
|
|
74
86
|
def validate_scim_group_id(group_id)
|
75
|
-
|
87
|
+
return if group_id.is_a?(String) && !group_id.empty?
|
88
|
+
|
89
|
+
raise AuthException.new('SCIM Group ID cannot be empty', code: 400)
|
90
|
+
|
76
91
|
end
|
77
92
|
end
|
78
93
|
end
|
data/lib/descope/version.rb
CHANGED
@@ -5,6 +5,14 @@ require 'spec_helper'
|
|
5
5
|
describe Descope::Api::V1::Auth::OTP do
|
6
6
|
before(:all) do
|
7
7
|
@client = DescopeClient.new(Configuration.config)
|
8
|
+
|
9
|
+
dummy_instance = DummyClass.new
|
10
|
+
dummy_instance.extend(Descope::Api::V1::Session)
|
11
|
+
dummy_instance.extend(Descope::Api::V1::Auth::OTP)
|
12
|
+
@instance = dummy_instance
|
13
|
+
@user = build(:user)
|
14
|
+
@test_user = @client.create_test_user(**@user)['user']
|
15
|
+
@client.create_test_user(**@user)
|
8
16
|
end
|
9
17
|
|
10
18
|
after(:all) do
|
@@ -18,21 +26,78 @@ describe Descope::Api::V1::Auth::OTP do
|
|
18
26
|
end
|
19
27
|
end
|
20
28
|
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
test_user = @client.create_test_user(**user)['user']
|
25
|
-
@client.create_test_user(**user)
|
29
|
+
# SIGN INs
|
30
|
+
context 'test otp sign-in methods' do
|
31
|
+
it 'should sign in a new test user with otp via EMAIL' do
|
26
32
|
res = @client.generate_otp_for_test_user(
|
27
33
|
method: Descope::Mixins::Common::DeliveryMethod::EMAIL,
|
28
|
-
login_id: test_user['loginIds'][0]
|
34
|
+
login_id: @test_user['loginIds'][0]
|
29
35
|
)
|
30
36
|
@client.logger.info("res: #{res}")
|
31
37
|
@client.otp_verify_code(
|
32
38
|
method: Descope::Mixins::Common::DeliveryMethod::EMAIL,
|
33
|
-
login_id: user[:login_id],
|
39
|
+
login_id: @user[:login_id],
|
40
|
+
code: res['code']
|
41
|
+
)
|
42
|
+
end
|
43
|
+
|
44
|
+
it 'should sign in a new test user with otp via SMS' do
|
45
|
+
res = @client.generate_otp_for_test_user(
|
46
|
+
method: Descope::Mixins::Common::DeliveryMethod::SMS,
|
47
|
+
login_id: @test_user['loginIds'][0]
|
48
|
+
)
|
49
|
+
@client.logger.info("res: #{res}")
|
50
|
+
@client.otp_verify_code(
|
51
|
+
method: Descope::Mixins::Common::DeliveryMethod::SMS,
|
52
|
+
login_id: @user[:login_id],
|
34
53
|
code: res['code']
|
35
54
|
)
|
36
55
|
end
|
37
56
|
end
|
57
|
+
|
58
|
+
# SIGN UPs
|
59
|
+
context 'test otp sign-up methods' do
|
60
|
+
it 'should sign up with otp via email' do
|
61
|
+
email = 'someone@example.com'
|
62
|
+
allow_any_instance_of(Descope::Api::V1::Auth).to receive(:extract_masked_address).and_return({})
|
63
|
+
expect(@instance).to receive(:post).with(
|
64
|
+
otp_compose_signup_url, { loginId: email, email: '' }
|
65
|
+
)
|
66
|
+
|
67
|
+
expect do
|
68
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::EMAIL, login_id: email)
|
69
|
+
end.not_to raise_error
|
70
|
+
end
|
71
|
+
|
72
|
+
it 'should sign up with otp via SMS' do
|
73
|
+
phone = '+12123354465'
|
74
|
+
allow_any_instance_of(Descope::Api::V1::Auth).to receive(:extract_masked_address).and_return({})
|
75
|
+
expect(@instance).to receive(:post).with(
|
76
|
+
otp_compose_signup_url(Descope::Mixins::Common::DeliveryMethod::SMS), { loginId: phone, phone: '' }
|
77
|
+
)
|
78
|
+
|
79
|
+
expect do
|
80
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::SMS, login_id: phone)
|
81
|
+
end.not_to raise_error
|
82
|
+
end
|
83
|
+
|
84
|
+
it 'should sign up with otp via voice' do
|
85
|
+
phone = '+12123354465'
|
86
|
+
allow_any_instance_of(Descope::Api::V1::Auth).to receive(:extract_masked_address).and_return({})
|
87
|
+
expect(@instance).to receive(:post).with(
|
88
|
+
otp_compose_signup_url(Descope::Mixins::Common::DeliveryMethod::VOICE), { loginId: phone, phone: '' }
|
89
|
+
)
|
90
|
+
|
91
|
+
expect do
|
92
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::VOICE, login_id: phone)
|
93
|
+
end.not_to raise_error
|
94
|
+
end
|
95
|
+
|
96
|
+
it 'should fail to signup with invalid phone number via SMS' do
|
97
|
+
phone = '1$234.90'
|
98
|
+
expect do
|
99
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::SMS, login_id: phone)
|
100
|
+
end.to raise_error(Descope::AuthException, "Invalid pattern for phone number: #{phone}")
|
101
|
+
end
|
102
|
+
end
|
38
103
|
end
|
@@ -5,12 +5,48 @@ require 'spec_helper'
|
|
5
5
|
describe Descope::Api::V1::Management::Audit do
|
6
6
|
before(:all) do
|
7
7
|
@client = DescopeClient.new(Configuration.config)
|
8
|
+
@client.logger.info('Deleting all tenants for Ruby SDK...')
|
9
|
+
@client.search_all_tenants(names: ['Ruby-SDK-test'])['tenants'].each do |tenant|
|
10
|
+
@client.logger.info("Deleting tenant: #{tenant['name']}")
|
11
|
+
@client.delete_tenant(tenant['id'])
|
12
|
+
end
|
13
|
+
@client.logger.info('Cleanup completed. Starting tests...')
|
8
14
|
end
|
9
15
|
|
16
|
+
after(:all) do
|
17
|
+
all_users = @client.search_all_users
|
18
|
+
all_users['users'].each do |user|
|
19
|
+
if user['middleName'] == 'Ruby SDK User'
|
20
|
+
puts "Deleting ruby spec test user #{user['loginIds'][0]}"
|
21
|
+
@client.delete_user(user['loginIds'][0])
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
10
25
|
|
11
26
|
it 'should search the audit trail for user operations' do
|
12
27
|
res = @client.audit_search(actions: ['LoginSucceed'])
|
13
28
|
expect(res).to be_a(Hash)
|
14
29
|
expect(res['audits']).to be_a(Array)
|
15
30
|
end
|
31
|
+
|
32
|
+
it 'should create a new audit event' do
|
33
|
+
# Create tenants
|
34
|
+
@client.logger.info('creating Ruby-SDK-test tenant')
|
35
|
+
tenant_id = @client.create_tenant(name: 'Ruby-SDK-test')['id']
|
36
|
+
|
37
|
+
# Create a user (actor)
|
38
|
+
user = build(:user)
|
39
|
+
created_user = @client.create_user(**user)['user']
|
40
|
+
|
41
|
+
expect do
|
42
|
+
res = @client.audit_create_event(
|
43
|
+
action: 'pencil.created',
|
44
|
+
type: 'info',
|
45
|
+
tenant_id:,
|
46
|
+
actor_id: created_user['loginIds'][0],
|
47
|
+
data: { 'key' => 'value' }
|
48
|
+
)
|
49
|
+
expect(res).to eq({})
|
50
|
+
end.not_to raise_error
|
51
|
+
end
|
16
52
|
end
|
@@ -96,7 +96,7 @@ describe Descope::Api::V1::Management::Role do
|
|
96
96
|
expect(all_roles.map { |role| role['name'] }).to include('Ruby-SDK-test-admin')
|
97
97
|
|
98
98
|
@client.logger.info('searching for roles with tenant ids...')
|
99
|
-
all_roles = @client.search_roles(
|
99
|
+
all_roles = @client.search_roles(role_name_like: 'Ruby-SDK-test', tenant_ids: [tenant_id])['roles']
|
100
100
|
expect(all_roles.map { |role| role['name'] }).to include('Ruby-SDK-test-admin')
|
101
101
|
|
102
102
|
@client.logger.info('deleting permission')
|