descope 1.0.5 → 1.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/publish-gem.yaml +30 -5
- data/Gemfile +3 -3
- data/Gemfile.lock +12 -20
- data/README.md +18 -3
- data/descope.gemspec +25 -20
- data/examples/ruby/.ruby-version +1 -0
- data/examples/ruby/access_key_app.rb +4 -3
- data/examples/ruby/enchantedlink_app.rb +1 -0
- data/examples/ruby/magiclink_app.rb +1 -0
- data/examples/ruby/management/.ruby-version +1 -0
- data/examples/ruby/management/Gemfile +2 -2
- data/examples/ruby/management/access_key_app.rb +2 -0
- data/examples/ruby/management/audit_app.rb +32 -8
- data/examples/ruby/management/authz_app.rb +1 -0
- data/examples/ruby/management/flow_app.rb +1 -0
- data/examples/ruby/management/permission_app.rb +3 -2
- data/examples/ruby/management/role_app.rb +3 -2
- data/examples/ruby/management/tenant_app.rb +1 -0
- data/examples/ruby/management/user_app.rb +1 -0
- data/examples/ruby/oauth_app.rb +1 -0
- data/examples/ruby/otp_app.rb +38 -12
- data/examples/ruby/password_app.rb +8 -7
- data/examples/ruby/saml_app.rb +1 -0
- data/examples/ruby/version_check.rb +17 -0
- data/examples/ruby-on-rails-api/descope/Gemfile +3 -1
- data/examples/ruby-on-rails-api/descope/Gemfile.lock +121 -90
- data/examples/ruby-on-rails-api/descope/README.md +18 -18
- data/examples/ruby-on-rails-api/descope/app/assets/builds/application.css +20092 -23
- data/examples/ruby-on-rails-api/descope/app/assets/builds/application.js +0 -1
- data/examples/ruby-on-rails-api/descope/app/assets/builds/components/index.js +0 -14
- data/examples/ruby-on-rails-api/descope/package-lock.json +1021 -19306
- data/examples/ruby-on-rails-api/descope/package.json +8 -16
- data/examples/ruby-on-rails-api/descope/yarn.lock +459 -10641
- data/lib/descope/api/v1/auth/otp.rb +21 -14
- data/lib/descope/api/v1/auth.rb +17 -20
- data/lib/descope/api/v1/management/audit.rb +24 -0
- data/lib/descope/api/v1/management/common.rb +1 -0
- data/lib/descope/mixins/common.rb +5 -2
- data/lib/descope/mixins/validation.rb +21 -6
- data/lib/descope/version.rb +1 -1
- data/spec/integration/lib.descope/api/v1/auth/otp_spec.rb +72 -7
- data/spec/integration/lib.descope/api/v1/management/audit_spec.rb +36 -0
- data/spec/integration/lib.descope/api/v1/management/roles_spec.rb +1 -1
- data/spec/lib.descope/api/v1/auth/otp_spec.rb +176 -18
- data/spec/lib.descope/api/v1/auth_spec.rb +1 -1
- data/spec/lib.descope/api/v1/management/audit_spec.rb +92 -0
- metadata +25 -133
- data/examples/ruby-on-rails-api/descope/app/assets/builds/reportWebVitals.js +0 -211
- data/examples/ruby-on-rails-api/descope/app/assets/builds/reportWebVitals.js.map +0 -7
@@ -10,10 +10,11 @@ module Descope
|
|
10
10
|
include Descope::Mixins::Common::EndpointsV1
|
11
11
|
include Descope::Mixins::Common::EndpointsV2
|
12
12
|
|
13
|
-
def otp_sign_in(method: nil, login_id: nil, login_options: nil, refresh_token: nil,
|
13
|
+
def otp_sign_in(method: nil, login_id: nil, login_options: nil, refresh_token: nil, provider_id: nil,
|
14
14
|
template_id: nil, sso_app_id: nil)
|
15
|
-
# Sign in (log in) an existing user with the unique login_id you provide.
|
16
|
-
# login_id field
|
15
|
+
# Sign in (log in) an existing user with the unique login_id you provide.
|
16
|
+
# The login_id field is used to identify the user. It can be an email address or a phone number.
|
17
|
+
# Provide the DeliveryMethod required for this user. If the login_id value cannot be used for the
|
17
18
|
# DeliverMethod selected (for example, 'login_id = 4567qq445km' and 'DeliveryMethod = email')
|
18
19
|
validate_login_id(login_id)
|
19
20
|
uri = otp_compose_signin_url(method)
|
@@ -23,12 +24,15 @@ module Descope
|
|
23
24
|
end
|
24
25
|
|
25
26
|
def otp_sign_up(method: nil, login_id: nil, user: {}, provider_id: nil, template_id: nil)
|
26
|
-
# Sign up (create) a new user using their email or phone number.
|
27
|
-
#
|
27
|
+
# Sign up (create) a new user using their email or phone number.
|
28
|
+
# The login_id field is used to identify the user. It can be an email address or a phone number.
|
29
|
+
# Choose a delivery method for OTP verification, for example email, SMS, or Voice.
|
28
30
|
# (optional) Include additional user metadata that you wish to preserve.
|
29
|
-
|
31
|
+
validate_login_id(login_id)
|
30
32
|
|
31
|
-
|
33
|
+
unless adjust_and_verify_delivery_method(method, login_id, user)
|
34
|
+
raise Descope::AuthException.new('Could not verify delivery method', code: 400)
|
35
|
+
end
|
32
36
|
|
33
37
|
uri = otp_compose_signup_url(method)
|
34
38
|
body = otp_compose_signup_body(method, login_id, user, provider_id, template_id)
|
@@ -38,9 +42,11 @@ module Descope
|
|
38
42
|
|
39
43
|
def otp_sign_up_or_in(method: nil, login_id: nil, login_options: nil, provider_id: nil, template_id: nil,
|
40
44
|
sso_app_id: nil)
|
41
|
-
# Sign_up_or_in lets you handle both sign up and sign in with a single call.
|
42
|
-
#
|
43
|
-
#
|
45
|
+
# Sign_up_or_in lets you handle both sign up and sign in with a single call.
|
46
|
+
# The login_id field is used to identify the user. It can be an email address or a phone number.
|
47
|
+
# Sign-up_or_in will first determine if login_id is a new or existing end user.
|
48
|
+
# If login_id is new, a new end user user will be created and then authenticated using the
|
49
|
+
# OTP DeliveryMethod specified.
|
44
50
|
# If login_id exists, the end user will be authenticated using the OTP DeliveryMethod specified.
|
45
51
|
validate_login_id(login_id)
|
46
52
|
uri = otp_compose_sign_up_or_in_url(method)
|
@@ -81,9 +87,10 @@ module Descope
|
|
81
87
|
method: nil, login_id: nil, phone: nil, refresh_token: nil, add_to_login_ids: false,
|
82
88
|
on_merge_use_existing: false, provider_id: nil, template_id: nil
|
83
89
|
)
|
84
|
-
# Update the phone number of an existing end user, after verifying the authenticity of the end user using OTP
|
90
|
+
# Update the phone number of an existing end user, after verifying the authenticity of the end user using OTP
|
85
91
|
validate_login_id(login_id)
|
86
92
|
validate_phone(method, phone)
|
93
|
+
|
87
94
|
uri = otp_compose_update_phone_url(method)
|
88
95
|
request_params = {
|
89
96
|
loginId: login_id,
|
@@ -127,7 +134,7 @@ module Descope
|
|
127
134
|
# rubocop:disable Metrics/AbcSize, Metrics/MethodLength
|
128
135
|
def otp_compose_signup_body(method, login_id, user, provider_id, template_id)
|
129
136
|
body = {
|
130
|
-
loginId: login_id
|
137
|
+
loginId: login_id
|
131
138
|
}
|
132
139
|
|
133
140
|
unless user.nil?
|
@@ -167,7 +174,8 @@ module Descope
|
|
167
174
|
end
|
168
175
|
|
169
176
|
private
|
170
|
-
def otp_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil,
|
177
|
+
def otp_user_compose_update_body(login_id: nil, name: nil, phone: nil, email: nil, given_name: nil,
|
178
|
+
middle_name: nil, family_name: nil)
|
171
179
|
user = {}
|
172
180
|
user[:loginId] = login_id if login_id
|
173
181
|
user[:name] = name if name
|
@@ -176,7 +184,6 @@ module Descope
|
|
176
184
|
user[:givenName] = given_name if given_name
|
177
185
|
user[:middleName] = middle_name if middle_name
|
178
186
|
user[:familyName] = family_name if family_name
|
179
|
-
|
180
187
|
user
|
181
188
|
end
|
182
189
|
end
|
data/lib/descope/api/v1/auth.rb
CHANGED
@@ -51,7 +51,7 @@ module Descope
|
|
51
51
|
# Return value (Hash): returns the session token from the server together with the expiry and key id
|
52
52
|
# (sessionToken:Hash, keyId:str, expiration:int)
|
53
53
|
unless (access_key.is_a?(String) || access_key.nil?) && !access_key.to_s.empty?
|
54
|
-
raise
|
54
|
+
raise AuthException.new('Access key should be a string!', code: 400)
|
55
55
|
end
|
56
56
|
|
57
57
|
res = post(EXCHANGE_AUTH_ACCESS_KEY_PATH, { loginOptions: login_options, audience: }, {}, access_key)
|
@@ -407,6 +407,7 @@ module Descope
|
|
407
407
|
login_id = {
|
408
408
|
DeliveryMethod::WHATSAPP => ['whatsapp', user.fetch(:phone, '')],
|
409
409
|
DeliveryMethod::SMS => ['phone', user.fetch(:phone, '')],
|
410
|
+
DeliveryMethod::VOICE => ['phone', user.fetch(:phone, '')],
|
410
411
|
DeliveryMethod::EMAIL => ['email', user.fetch(:email, '')]
|
411
412
|
}[method]
|
412
413
|
|
@@ -416,34 +417,30 @@ module Descope
|
|
416
417
|
end
|
417
418
|
|
418
419
|
def adjust_and_verify_delivery_method(method, login_id, user)
|
419
|
-
|
420
|
+
@logger.debug("adjust_and_verify_delivery_method: method: #{method}, login_id: #{login_id}, user: #{user}")
|
421
|
+
raise AuthException.new("Could not verify delivery method for method: #{method}", code: 400) if method.nil?
|
422
|
+
raise AuthException.new('Could not verify delivery method without login_id', code: 400) if login_id.nil?
|
420
423
|
|
421
|
-
|
424
|
+
unless user.is_a?(Hash)
|
425
|
+
raise AuthException.new('Could not verify delivery method, user is not a Hash', code: 400)
|
426
|
+
end
|
422
427
|
|
423
428
|
case method
|
424
429
|
when DeliveryMethod::EMAIL
|
425
|
-
|
426
|
-
|
427
|
-
|
428
|
-
|
429
|
-
|
430
|
-
|
431
|
-
|
432
|
-
when DeliveryMethod::SMS
|
433
|
-
user[:phone] ||= login_id
|
434
|
-
return false unless /^#{PHONE_REGEX}$/.match(user[:phone])
|
435
|
-
when DeliveryMethod::WHATSAPP
|
436
|
-
user[:phone] ||= login_id
|
437
|
-
return false unless /^#{PHONE_REGEX}$/.match(user[:phone])
|
430
|
+
validate_email(login_id)
|
431
|
+
@logger.debug("email: #{login_id} is valid")
|
432
|
+
true
|
433
|
+
when DeliveryMethod::SMS, DeliveryMethod::WHATSAPP, DeliveryMethod::VOICE
|
434
|
+
validate_phone(method, login_id)
|
435
|
+
@logger.debug("phone number (login_id): #{login_id} is valid")
|
436
|
+
true
|
438
437
|
else
|
439
|
-
|
438
|
+
false
|
440
439
|
end
|
441
|
-
|
442
|
-
true
|
443
440
|
end
|
444
441
|
|
445
442
|
def extract_masked_address(response, method)
|
446
|
-
if [DeliveryMethod::SMS, DeliveryMethod::WHATSAPP].include?(method)
|
443
|
+
if [DeliveryMethod::SMS, DeliveryMethod::WHATSAPP, DeliveryMethod::VOICE].include?(method)
|
447
444
|
response['maskedPhone']
|
448
445
|
elsif method == DeliveryMethod::EMAIL
|
449
446
|
response['maskedEmail']
|
@@ -58,6 +58,30 @@ module Descope
|
|
58
58
|
{ 'audits' => res['audits'].map { |audit| convert_audit_record(audit) } }
|
59
59
|
end
|
60
60
|
|
61
|
+
def audit_create_event(action: nil, type: nil, data: nil, user_id: nil, actor_id: nil, tenant_id: nil)
|
62
|
+
# Create an audit event
|
63
|
+
unless %w[info warn error].include?(type)
|
64
|
+
raise Descope::AuthException, 'type must be either info, warn or error'
|
65
|
+
end
|
66
|
+
|
67
|
+
# validation
|
68
|
+
raise Descope::AuthException, 'data must be provided as a key, value Hash' unless data.is_a?(Hash)
|
69
|
+
raise Descope::AuthException, 'action must be provided' if action.nil?
|
70
|
+
raise Descope::AuthException, 'actor_id must be provided' if actor_id.nil?
|
71
|
+
raise Descope::AuthException, 'tenant_id must be provided' if tenant_id.nil?
|
72
|
+
|
73
|
+
request_params = {
|
74
|
+
action:,
|
75
|
+
tenantId: tenant_id,
|
76
|
+
type:,
|
77
|
+
actorId: actor_id,
|
78
|
+
data:
|
79
|
+
}
|
80
|
+
request_params[:userId] = user_id unless user_id.nil?
|
81
|
+
|
82
|
+
post(AUDIT_CREATE_EVENT, request_params)
|
83
|
+
end
|
84
|
+
|
61
85
|
private
|
62
86
|
|
63
87
|
def convert_audit_record(audit)
|
@@ -9,7 +9,8 @@ module Descope
|
|
9
9
|
DEFAULT_BASE_URL = 'https://api.descope.com' # pragma: no cover
|
10
10
|
DEFAULT_TIMEOUT_SECONDS = 60
|
11
11
|
DEFAULT_JWT_VALIDATION_LEEWAY = 5
|
12
|
-
|
12
|
+
# Using E164 format,\A and \z are start and end of string respectively, to prevent multiline matching
|
13
|
+
PHONE_REGEX = /\A\+[1-9]\d{1,14}\z/
|
13
14
|
|
14
15
|
SESSION_COOKIE_NAME = 'DS'
|
15
16
|
REFRESH_SESSION_COOKIE_NAME = 'DSR'
|
@@ -24,13 +25,15 @@ module Descope
|
|
24
25
|
WHATSAPP = 1
|
25
26
|
SMS = 2
|
26
27
|
EMAIL = 3
|
28
|
+
VOICE = 4
|
27
29
|
end
|
28
30
|
|
29
31
|
def get_method_string(method)
|
30
32
|
name = {
|
31
33
|
DeliveryMethod::WHATSAPP => 'whatsapp',
|
32
34
|
DeliveryMethod::SMS => 'sms',
|
33
|
-
DeliveryMethod::EMAIL => 'email'
|
35
|
+
DeliveryMethod::EMAIL => 'email',
|
36
|
+
DeliveryMethod::VOICE => 'voice'
|
34
37
|
}[method]
|
35
38
|
|
36
39
|
raise ArgumentException, "Unknown delivery method: #{method}" if name.nil?
|
@@ -1,9 +1,12 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
+
require 'descope/mixins/common'
|
4
|
+
|
3
5
|
module Descope
|
4
6
|
module Mixins
|
5
7
|
# Module to provide validation for specific data structures.
|
6
8
|
module Validation
|
9
|
+
include Descope::Mixins::Common
|
7
10
|
def validate_tenants(key_tenants)
|
8
11
|
raise ArgumentError, 'key_tenants should be an Array of hashes' unless key_tenants.is_a? Array
|
9
12
|
|
@@ -46,11 +49,18 @@ module Descope
|
|
46
49
|
end
|
47
50
|
|
48
51
|
def validate_phone(method, phone)
|
52
|
+
phone_number_is_invalid = !phone.match?(PHONE_REGEX) unless phone.nil?
|
53
|
+
|
49
54
|
raise AuthException.new('Phone number cannot be empty', code: 400) unless phone.is_a?(String) && !phone.empty?
|
50
|
-
raise AuthException.new(
|
51
|
-
|
52
|
-
|
53
|
-
|
55
|
+
raise AuthException.new("Invalid pattern for phone number: #{phone}", code: 400) if phone_number_is_invalid
|
56
|
+
|
57
|
+
valid_methods = DeliveryMethod.constants.map { |constant| DeliveryMethod.const_get(constant) }
|
58
|
+
|
59
|
+
# rubocop:disable Style/LineLength
|
60
|
+
unless valid_methods.include?(method)
|
61
|
+
valid_methods_names = valid_methods.map { |m| "DeliveryMethod::#{DeliveryMethod.constants[valid_methods.index(m)]}" }.join(', ')
|
62
|
+
raise AuthException.new("Delivery method should be one of the following: #{valid_methods_names}", code: 400)
|
63
|
+
end
|
54
64
|
end
|
55
65
|
|
56
66
|
def verify_provider(oauth_provider)
|
@@ -64,7 +74,9 @@ module Descope
|
|
64
74
|
end
|
65
75
|
|
66
76
|
def validate_redirect_url(return_url)
|
67
|
-
|
77
|
+
return if return_url.is_a?(String) && !return_url.empty?
|
78
|
+
|
79
|
+
raise AuthException.new('Return_url cannot be empty', code: 400)
|
68
80
|
end
|
69
81
|
|
70
82
|
def validate_code(code)
|
@@ -72,7 +84,10 @@ module Descope
|
|
72
84
|
end
|
73
85
|
|
74
86
|
def validate_scim_group_id(group_id)
|
75
|
-
|
87
|
+
return if group_id.is_a?(String) && !group_id.empty?
|
88
|
+
|
89
|
+
raise AuthException.new('SCIM Group ID cannot be empty', code: 400)
|
90
|
+
|
76
91
|
end
|
77
92
|
end
|
78
93
|
end
|
data/lib/descope/version.rb
CHANGED
@@ -5,6 +5,14 @@ require 'spec_helper'
|
|
5
5
|
describe Descope::Api::V1::Auth::OTP do
|
6
6
|
before(:all) do
|
7
7
|
@client = DescopeClient.new(Configuration.config)
|
8
|
+
|
9
|
+
dummy_instance = DummyClass.new
|
10
|
+
dummy_instance.extend(Descope::Api::V1::Session)
|
11
|
+
dummy_instance.extend(Descope::Api::V1::Auth::OTP)
|
12
|
+
@instance = dummy_instance
|
13
|
+
@user = build(:user)
|
14
|
+
@test_user = @client.create_test_user(**@user)['user']
|
15
|
+
@client.create_test_user(**@user)
|
8
16
|
end
|
9
17
|
|
10
18
|
after(:all) do
|
@@ -18,21 +26,78 @@ describe Descope::Api::V1::Auth::OTP do
|
|
18
26
|
end
|
19
27
|
end
|
20
28
|
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
test_user = @client.create_test_user(**user)['user']
|
25
|
-
@client.create_test_user(**user)
|
29
|
+
# SIGN INs
|
30
|
+
context 'test otp sign-in methods' do
|
31
|
+
it 'should sign in a new test user with otp via EMAIL' do
|
26
32
|
res = @client.generate_otp_for_test_user(
|
27
33
|
method: Descope::Mixins::Common::DeliveryMethod::EMAIL,
|
28
|
-
login_id: test_user['loginIds'][0]
|
34
|
+
login_id: @test_user['loginIds'][0]
|
29
35
|
)
|
30
36
|
@client.logger.info("res: #{res}")
|
31
37
|
@client.otp_verify_code(
|
32
38
|
method: Descope::Mixins::Common::DeliveryMethod::EMAIL,
|
33
|
-
login_id: user[:login_id],
|
39
|
+
login_id: @user[:login_id],
|
40
|
+
code: res['code']
|
41
|
+
)
|
42
|
+
end
|
43
|
+
|
44
|
+
it 'should sign in a new test user with otp via SMS' do
|
45
|
+
res = @client.generate_otp_for_test_user(
|
46
|
+
method: Descope::Mixins::Common::DeliveryMethod::SMS,
|
47
|
+
login_id: @test_user['loginIds'][0]
|
48
|
+
)
|
49
|
+
@client.logger.info("res: #{res}")
|
50
|
+
@client.otp_verify_code(
|
51
|
+
method: Descope::Mixins::Common::DeliveryMethod::SMS,
|
52
|
+
login_id: @user[:login_id],
|
34
53
|
code: res['code']
|
35
54
|
)
|
36
55
|
end
|
37
56
|
end
|
57
|
+
|
58
|
+
# SIGN UPs
|
59
|
+
context 'test otp sign-up methods' do
|
60
|
+
it 'should sign up with otp via email' do
|
61
|
+
email = 'someone@example.com'
|
62
|
+
allow_any_instance_of(Descope::Api::V1::Auth).to receive(:extract_masked_address).and_return({})
|
63
|
+
expect(@instance).to receive(:post).with(
|
64
|
+
otp_compose_signup_url, { loginId: email, email: '' }
|
65
|
+
)
|
66
|
+
|
67
|
+
expect do
|
68
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::EMAIL, login_id: email)
|
69
|
+
end.not_to raise_error
|
70
|
+
end
|
71
|
+
|
72
|
+
it 'should sign up with otp via SMS' do
|
73
|
+
phone = '+12123354465'
|
74
|
+
allow_any_instance_of(Descope::Api::V1::Auth).to receive(:extract_masked_address).and_return({})
|
75
|
+
expect(@instance).to receive(:post).with(
|
76
|
+
otp_compose_signup_url(Descope::Mixins::Common::DeliveryMethod::SMS), { loginId: phone, phone: '' }
|
77
|
+
)
|
78
|
+
|
79
|
+
expect do
|
80
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::SMS, login_id: phone)
|
81
|
+
end.not_to raise_error
|
82
|
+
end
|
83
|
+
|
84
|
+
it 'should sign up with otp via voice' do
|
85
|
+
phone = '+12123354465'
|
86
|
+
allow_any_instance_of(Descope::Api::V1::Auth).to receive(:extract_masked_address).and_return({})
|
87
|
+
expect(@instance).to receive(:post).with(
|
88
|
+
otp_compose_signup_url(Descope::Mixins::Common::DeliveryMethod::VOICE), { loginId: phone, phone: '' }
|
89
|
+
)
|
90
|
+
|
91
|
+
expect do
|
92
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::VOICE, login_id: phone)
|
93
|
+
end.not_to raise_error
|
94
|
+
end
|
95
|
+
|
96
|
+
it 'should fail to signup with invalid phone number via SMS' do
|
97
|
+
phone = '1$234.90'
|
98
|
+
expect do
|
99
|
+
@instance.otp_sign_up(method: Descope::Mixins::Common::DeliveryMethod::SMS, login_id: phone)
|
100
|
+
end.to raise_error(Descope::AuthException, "Invalid pattern for phone number: #{phone}")
|
101
|
+
end
|
102
|
+
end
|
38
103
|
end
|
@@ -5,12 +5,48 @@ require 'spec_helper'
|
|
5
5
|
describe Descope::Api::V1::Management::Audit do
|
6
6
|
before(:all) do
|
7
7
|
@client = DescopeClient.new(Configuration.config)
|
8
|
+
@client.logger.info('Deleting all tenants for Ruby SDK...')
|
9
|
+
@client.search_all_tenants(names: ['Ruby-SDK-test'])['tenants'].each do |tenant|
|
10
|
+
@client.logger.info("Deleting tenant: #{tenant['name']}")
|
11
|
+
@client.delete_tenant(tenant['id'])
|
12
|
+
end
|
13
|
+
@client.logger.info('Cleanup completed. Starting tests...')
|
8
14
|
end
|
9
15
|
|
16
|
+
after(:all) do
|
17
|
+
all_users = @client.search_all_users
|
18
|
+
all_users['users'].each do |user|
|
19
|
+
if user['middleName'] == 'Ruby SDK User'
|
20
|
+
puts "Deleting ruby spec test user #{user['loginIds'][0]}"
|
21
|
+
@client.delete_user(user['loginIds'][0])
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
10
25
|
|
11
26
|
it 'should search the audit trail for user operations' do
|
12
27
|
res = @client.audit_search(actions: ['LoginSucceed'])
|
13
28
|
expect(res).to be_a(Hash)
|
14
29
|
expect(res['audits']).to be_a(Array)
|
15
30
|
end
|
31
|
+
|
32
|
+
it 'should create a new audit event' do
|
33
|
+
# Create tenants
|
34
|
+
@client.logger.info('creating Ruby-SDK-test tenant')
|
35
|
+
tenant_id = @client.create_tenant(name: 'Ruby-SDK-test')['id']
|
36
|
+
|
37
|
+
# Create a user (actor)
|
38
|
+
user = build(:user)
|
39
|
+
created_user = @client.create_user(**user)['user']
|
40
|
+
|
41
|
+
expect do
|
42
|
+
res = @client.audit_create_event(
|
43
|
+
action: 'pencil.created',
|
44
|
+
type: 'info',
|
45
|
+
tenant_id:,
|
46
|
+
actor_id: created_user['loginIds'][0],
|
47
|
+
data: { 'key' => 'value' }
|
48
|
+
)
|
49
|
+
expect(res).to eq({})
|
50
|
+
end.not_to raise_error
|
51
|
+
end
|
16
52
|
end
|
@@ -96,7 +96,7 @@ describe Descope::Api::V1::Management::Role do
|
|
96
96
|
expect(all_roles.map { |role| role['name'] }).to include('Ruby-SDK-test-admin')
|
97
97
|
|
98
98
|
@client.logger.info('searching for roles with tenant ids...')
|
99
|
-
all_roles = @client.search_roles(
|
99
|
+
all_roles = @client.search_roles(role_name_like: 'Ruby-SDK-test', tenant_ids: [tenant_id])['roles']
|
100
100
|
expect(all_roles.map { |role| role['name'] }).to include('Ruby-SDK-test-admin')
|
101
101
|
|
102
102
|
@client.logger.info('deleting permission')
|