onelogin 1.4.1 → 3.0.0.pre.alpha.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (436) hide show
  1. checksums.yaml +5 -5
  2. data/Gemfile +7 -4
  3. data/README.md +245 -423
  4. data/Rakefile +7 -3
  5. data/docs/Action.md +26 -0
  6. data/docs/ActivateFactorRequest.md +24 -0
  7. data/docs/AddAccessTokenClaimRequest.md +22 -0
  8. data/docs/AddClientAppRequest.md +20 -0
  9. data/docs/AddRoleUsers200ResponseInner.md +18 -0
  10. data/docs/AddScopeRequest.md +20 -0
  11. data/docs/AuthMethod.md +15 -0
  12. data/docs/AuthServerConfiguration.md +24 -0
  13. data/docs/ClientApp.md +20 -0
  14. data/docs/Condition.md +22 -0
  15. data/docs/Connector.md +26 -0
  16. data/docs/CreateAuthorizationServerRequest.md +22 -0
  17. data/docs/CreateEnvironmentVariableRequest.md +20 -0
  18. data/docs/CreateRoles201ResponseInner.md +18 -0
  19. data/docs/DefaultApi.md +6812 -0
  20. data/docs/Device.md +26 -0
  21. data/docs/EnrollFactorRequest.md +28 -0
  22. data/docs/Envvar.md +24 -0
  23. data/docs/ErrorStatus.md +22 -0
  24. data/docs/ErrorStatusErrorsInner.md +20 -0
  25. data/docs/FactorInner.md +32 -0
  26. data/docs/FactorInnerFactorData.md +20 -0
  27. data/docs/GenerateMfaToken200Response.md +24 -0
  28. data/docs/GenerateMfaToken422Response.md +24 -0
  29. data/docs/GenerateMfaToken422ResponseDetails.md +18 -0
  30. data/docs/GenerateMfaTokenRequest.md +20 -0
  31. data/docs/GenerateSamlAssertionRequest.md +26 -0
  32. data/docs/GenerateToken200Response.md +28 -0
  33. data/docs/GenerateToken400Response.md +18 -0
  34. data/docs/GenerateTokenRequest.md +18 -0
  35. data/docs/GetAuthorizationServer200Response.md +24 -0
  36. data/docs/GetAvailableFactors200ResponseInner.md +22 -0
  37. data/docs/GetClientApps200ResponseInner.md +24 -0
  38. data/docs/GetClientApps200ResponseInnerScopesInner.md +22 -0
  39. data/docs/GetRateLimit200Response.md +20 -0
  40. data/docs/GetRateLimit200ResponseData.md +22 -0
  41. data/docs/GetRiskScore200Response.md +20 -0
  42. data/docs/GetRiskScore400Response.md +18 -0
  43. data/docs/GetRiskScoreRequest.md +30 -0
  44. data/docs/GetScoreInsights200Response.md +20 -0
  45. data/docs/GetScoreInsights200ResponseScores.md +26 -0
  46. data/docs/GetUserApps200ResponseInner.md +32 -0
  47. data/docs/Hook.md +46 -0
  48. data/docs/HookConditionsInner.md +22 -0
  49. data/docs/HookOptions.md +22 -0
  50. data/docs/HookStatus.md +20 -0
  51. data/docs/Id.md +18 -0
  52. data/docs/ListAccessTokenClaims200ResponseInner.md +34 -0
  53. data/docs/ListActions200ResponseInner.md +20 -0
  54. data/docs/ListAppUsers200ResponseInner.md +26 -0
  55. data/docs/ListAuthorizationServers200ResponseInner.md +24 -0
  56. data/docs/ListAuthorizationServers200ResponseInnerConfiguration.md +20 -0
  57. data/docs/ListConditionOperators200ResponseInner.md +20 -0
  58. data/docs/ListConditionValues200ResponseInner.md +20 -0
  59. data/docs/ListConditions200ResponseInner.md +20 -0
  60. data/docs/ListMappingConditionOperators200ResponseInner.md +20 -0
  61. data/docs/ListMappingConditions200ResponseInner.md +20 -0
  62. data/docs/ListScopes200ResponseInner.md +22 -0
  63. data/docs/Log.md +24 -0
  64. data/docs/Mapping.md +30 -0
  65. data/docs/Registration.md +22 -0
  66. data/docs/RemoveRoleUsersRequest.md +18 -0
  67. data/docs/RevokeTokenRequest.md +18 -0
  68. data/docs/RiskDevice.md +18 -0
  69. data/docs/RiskRule.md +30 -0
  70. data/docs/RiskUser.md +22 -0
  71. data/docs/Role.md +26 -0
  72. data/docs/Rule.md +30 -0
  73. data/docs/RuleId.md +18 -0
  74. data/docs/Schema.md +56 -0
  75. data/docs/Schema1.md +28 -0
  76. data/docs/Schema1AddedBy.md +20 -0
  77. data/docs/SchemaProvisioning.md +18 -0
  78. data/docs/Session.md +18 -0
  79. data/docs/SetRoleApps200ResponseInner.md +18 -0
  80. data/docs/Source.md +20 -0
  81. data/docs/Status.md +24 -0
  82. data/docs/Status1.md +22 -0
  83. data/docs/Status2.md +18 -0
  84. data/docs/Status2Status.md +24 -0
  85. data/docs/TrackEventRequest.md +34 -0
  86. data/docs/UpdateAuthorizationServer400Response.md +24 -0
  87. data/docs/UpdateClientAppRequest.md +18 -0
  88. data/docs/UpdateEnvironmentVariableRequest.md +18 -0
  89. data/docs/UpdateRole200Response.md +18 -0
  90. data/docs/User.md +90 -0
  91. data/docs/VerifyEnrollmentRequest.md +18 -0
  92. data/docs/VerifyFactorRequest.md +20 -0
  93. data/docs/VerifyFactorSaml200Response.md +20 -0
  94. data/docs/VerifyFactorSamlRequest.md +26 -0
  95. data/docs/VerifyFactorVoice200ResponseInner.md +22 -0
  96. data/git_push.sh +57 -0
  97. data/lib/onelogin/api/default_api.rb +7334 -0
  98. data/lib/onelogin/api_client.rb +391 -0
  99. data/lib/onelogin/api_error.rb +57 -0
  100. data/lib/onelogin/configuration.rb +282 -0
  101. data/lib/onelogin/models/action.rb +262 -0
  102. data/lib/onelogin/models/activate_factor_request.rb +250 -0
  103. data/lib/onelogin/models/add_access_token_claim_request.rb +237 -0
  104. data/lib/onelogin/models/add_client_app_request.rb +230 -0
  105. data/lib/onelogin/models/add_role_users200_response_inner.rb +219 -0
  106. data/lib/onelogin/models/add_scope_request.rb +228 -0
  107. data/lib/onelogin/models/auth_method.rb +43 -0
  108. data/lib/onelogin/models/auth_server_configuration.rb +248 -0
  109. data/lib/onelogin/models/client_app.rb +228 -0
  110. data/lib/onelogin/models/condition.rb +240 -0
  111. data/lib/onelogin/models/connector.rb +259 -0
  112. data/lib/onelogin/models/create_authorization_server_request.rb +237 -0
  113. data/lib/onelogin/models/create_environment_variable_request.rb +240 -0
  114. data/lib/onelogin/models/create_roles201_response_inner.rb +219 -0
  115. data/lib/onelogin/models/device.rb +255 -0
  116. data/lib/onelogin/models/enroll_factor_request.rb +280 -0
  117. data/lib/onelogin/models/envvar.rb +250 -0
  118. data/lib/onelogin/models/error_status.rb +239 -0
  119. data/lib/onelogin/models/error_status_errors_inner.rb +230 -0
  120. data/lib/onelogin/models/factor_inner.rb +323 -0
  121. data/lib/onelogin/models/factor_inner_factor_data.rb +231 -0
  122. data/lib/onelogin/models/generate_mfa_token200_response.rb +250 -0
  123. data/lib/onelogin/models/generate_mfa_token422_response.rb +246 -0
  124. data/lib/onelogin/models/generate_mfa_token422_response_details.rb +221 -0
  125. data/lib/onelogin/models/generate_mfa_token_request.rb +230 -0
  126. data/lib/onelogin/models/generate_saml_assertion_request.rb +280 -0
  127. data/lib/onelogin/models/generate_token200_response.rb +264 -0
  128. data/lib/onelogin/models/generate_token400_response.rb +219 -0
  129. data/lib/onelogin/models/generate_token_request.rb +253 -0
  130. data/lib/onelogin/models/get_authorization_server200_response.rb +246 -0
  131. data/lib/onelogin/models/get_available_factors200_response_inner.rb +240 -0
  132. data/lib/onelogin/models/get_client_apps200_response_inner.rb +248 -0
  133. data/lib/onelogin/models/get_client_apps200_response_inner_scopes_inner.rb +237 -0
  134. data/lib/onelogin/models/get_rate_limit200_response.rb +228 -0
  135. data/lib/onelogin/models/get_rate_limit200_response_data.rb +237 -0
  136. data/lib/onelogin/models/get_risk_score200_response.rb +256 -0
  137. data/lib/onelogin/models/get_risk_score400_response.rb +221 -0
  138. data/lib/onelogin/models/get_risk_score_request.rb +291 -0
  139. data/lib/onelogin/models/get_score_insights200_response.rb +228 -0
  140. data/lib/onelogin/models/get_score_insights200_response_scores.rb +255 -0
  141. data/lib/onelogin/models/get_user_apps200_response_inner.rb +335 -0
  142. data/lib/onelogin/models/hook.rb +462 -0
  143. data/lib/onelogin/models/hook_conditions_inner.rb +237 -0
  144. data/lib/onelogin/models/hook_options.rb +238 -0
  145. data/lib/onelogin/models/hook_status.rb +228 -0
  146. data/lib/onelogin/models/id.rb +219 -0
  147. data/lib/onelogin/models/list_access_token_claims200_response_inner.rb +293 -0
  148. data/lib/onelogin/models/list_actions200_response_inner.rb +230 -0
  149. data/lib/onelogin/models/list_app_users200_response_inner.rb +255 -0
  150. data/lib/onelogin/models/list_authorization_servers200_response_inner.rb +246 -0
  151. data/lib/onelogin/models/list_authorization_servers200_response_inner_configuration.rb +230 -0
  152. data/lib/onelogin/models/list_condition_operators200_response_inner.rb +230 -0
  153. data/lib/onelogin/models/list_condition_values200_response_inner.rb +228 -0
  154. data/lib/onelogin/models/list_conditions200_response_inner.rb +230 -0
  155. data/lib/onelogin/models/list_mapping_condition_operators200_response_inner.rb +230 -0
  156. data/lib/onelogin/models/list_mapping_conditions200_response_inner.rb +230 -0
  157. data/lib/onelogin/models/list_scopes200_response_inner.rb +237 -0
  158. data/lib/onelogin/models/log.rb +248 -0
  159. data/lib/onelogin/models/mapping.rb +342 -0
  160. data/lib/onelogin/models/registration.rb +274 -0
  161. data/lib/onelogin/models/remove_role_users_request.rb +221 -0
  162. data/lib/onelogin/models/revoke_token_request.rb +219 -0
  163. data/lib/onelogin/models/risk_device.rb +221 -0
  164. data/lib/onelogin/models/risk_rule.rb +325 -0
  165. data/lib/onelogin/models/risk_user.rb +248 -0
  166. data/lib/onelogin/models/role.rb +266 -0
  167. data/lib/onelogin/models/rule.rb +317 -0
  168. data/lib/onelogin/models/rule_id.rb +219 -0
  169. data/lib/onelogin/models/schema.rb +441 -0
  170. data/lib/onelogin/models/schema1.rb +265 -0
  171. data/lib/onelogin/models/schema1_added_by.rb +228 -0
  172. data/lib/onelogin/models/schema_provisioning.rb +220 -0
  173. data/lib/onelogin/models/session.rb +221 -0
  174. data/lib/onelogin/models/set_role_apps200_response_inner.rb +220 -0
  175. data/lib/onelogin/models/source.rb +230 -0
  176. data/lib/onelogin/models/status.rb +246 -0
  177. data/lib/onelogin/models/status1.rb +237 -0
  178. data/lib/onelogin/models/status2.rb +219 -0
  179. data/lib/onelogin/models/status2_status.rb +246 -0
  180. data/lib/onelogin/models/track_event_request.rb +316 -0
  181. data/lib/onelogin/models/update_authorization_server400_response.rb +246 -0
  182. data/lib/onelogin/models/update_client_app_request.rb +221 -0
  183. data/lib/onelogin/models/update_environment_variable_request.rb +225 -0
  184. data/lib/onelogin/models/update_role200_response.rb +219 -0
  185. data/lib/onelogin/models/user.rb +615 -0
  186. data/lib/onelogin/models/verify_enrollment_request.rb +219 -0
  187. data/lib/onelogin/models/verify_factor_request.rb +230 -0
  188. data/lib/onelogin/models/verify_factor_saml200_response.rb +230 -0
  189. data/lib/onelogin/models/verify_factor_saml_request.rb +275 -0
  190. data/lib/onelogin/models/verify_factor_voice200_response_inner.rb +271 -0
  191. data/lib/onelogin/version.rb +13 -1
  192. data/lib/onelogin.rb +130 -1
  193. data/onelogin.gemspec +36 -43
  194. data/spec/api/default_api_spec.rb +1259 -0
  195. data/spec/api_client_spec.rb +226 -0
  196. data/spec/configuration_spec.rb +42 -0
  197. data/spec/models/action_spec.rb +58 -0
  198. data/spec/models/activate_factor_request_spec.rb +52 -0
  199. data/spec/models/add_access_token_claim_request_spec.rb +46 -0
  200. data/spec/models/add_client_app_request_spec.rb +40 -0
  201. data/spec/models/add_role_users200_response_inner_spec.rb +34 -0
  202. data/spec/models/add_scope_request_spec.rb +40 -0
  203. data/spec/models/auth_method_spec.rb +28 -0
  204. data/spec/models/auth_server_configuration_spec.rb +52 -0
  205. data/spec/models/client_app_spec.rb +40 -0
  206. data/spec/models/condition_spec.rb +46 -0
  207. data/spec/models/connector_spec.rb +58 -0
  208. data/spec/models/create_authorization_server_request_spec.rb +46 -0
  209. data/spec/models/create_environment_variable_request_spec.rb +40 -0
  210. data/spec/models/create_roles201_response_inner_spec.rb +34 -0
  211. data/spec/models/device_spec.rb +58 -0
  212. data/spec/models/enroll_factor_request_spec.rb +64 -0
  213. data/spec/models/envvar_spec.rb +52 -0
  214. data/spec/models/error_status_errors_inner_spec.rb +40 -0
  215. data/spec/models/error_status_spec.rb +46 -0
  216. data/spec/models/factor_inner_factor_data_spec.rb +40 -0
  217. data/spec/models/factor_inner_spec.rb +80 -0
  218. data/spec/models/generate_mfa_token200_response_spec.rb +52 -0
  219. data/spec/models/generate_mfa_token422_response_details_spec.rb +34 -0
  220. data/spec/models/generate_mfa_token422_response_spec.rb +52 -0
  221. data/spec/models/generate_mfa_token_request_spec.rb +40 -0
  222. data/spec/models/generate_saml_assertion_request_spec.rb +58 -0
  223. data/spec/models/generate_token200_response_spec.rb +64 -0
  224. data/spec/models/generate_token400_response_spec.rb +34 -0
  225. data/spec/models/generate_token_request_spec.rb +38 -0
  226. data/spec/models/get_authorization_server200_response_spec.rb +52 -0
  227. data/spec/models/get_available_factors200_response_inner_spec.rb +46 -0
  228. data/spec/models/get_client_apps200_response_inner_scopes_inner_spec.rb +46 -0
  229. data/spec/models/get_client_apps200_response_inner_spec.rb +52 -0
  230. data/spec/models/get_rate_limit200_response_data_spec.rb +46 -0
  231. data/spec/models/get_rate_limit200_response_spec.rb +40 -0
  232. data/spec/models/get_risk_score200_response_spec.rb +40 -0
  233. data/spec/models/get_risk_score400_response_spec.rb +34 -0
  234. data/spec/models/get_risk_score_request_spec.rb +70 -0
  235. data/spec/models/get_score_insights200_response_scores_spec.rb +58 -0
  236. data/spec/models/get_score_insights200_response_spec.rb +40 -0
  237. data/spec/models/get_user_apps200_response_inner_spec.rb +84 -0
  238. data/spec/models/hook_conditions_inner_spec.rb +46 -0
  239. data/spec/models/hook_options_spec.rb +46 -0
  240. data/spec/models/hook_spec.rb +122 -0
  241. data/spec/models/hook_status_spec.rb +40 -0
  242. data/spec/models/id_spec.rb +34 -0
  243. data/spec/models/list_access_token_claims200_response_inner_spec.rb +82 -0
  244. data/spec/models/list_actions200_response_inner_spec.rb +40 -0
  245. data/spec/models/list_app_users200_response_inner_spec.rb +58 -0
  246. data/spec/models/list_authorization_servers200_response_inner_configuration_spec.rb +40 -0
  247. data/spec/models/list_authorization_servers200_response_inner_spec.rb +52 -0
  248. data/spec/models/list_condition_operators200_response_inner_spec.rb +40 -0
  249. data/spec/models/list_condition_values200_response_inner_spec.rb +40 -0
  250. data/spec/models/list_conditions200_response_inner_spec.rb +40 -0
  251. data/spec/models/list_mapping_condition_operators200_response_inner_spec.rb +40 -0
  252. data/spec/models/list_mapping_conditions200_response_inner_spec.rb +40 -0
  253. data/spec/models/list_scopes200_response_inner_spec.rb +46 -0
  254. data/spec/models/log_spec.rb +52 -0
  255. data/spec/models/mapping_spec.rb +74 -0
  256. data/spec/models/registration_spec.rb +50 -0
  257. data/spec/models/remove_role_users_request_spec.rb +34 -0
  258. data/spec/models/revoke_token_request_spec.rb +34 -0
  259. data/spec/models/risk_device_spec.rb +34 -0
  260. data/spec/models/risk_rule_spec.rb +78 -0
  261. data/spec/models/risk_user_spec.rb +46 -0
  262. data/spec/models/role_spec.rb +58 -0
  263. data/spec/models/rule_id_spec.rb +34 -0
  264. data/spec/models/rule_spec.rb +74 -0
  265. data/spec/models/schema1_added_by_spec.rb +40 -0
  266. data/spec/models/schema1_spec.rb +64 -0
  267. data/spec/models/schema_provisioning_spec.rb +34 -0
  268. data/spec/models/schema_spec.rb +152 -0
  269. data/spec/models/session_spec.rb +34 -0
  270. data/spec/models/set_role_apps200_response_inner_spec.rb +34 -0
  271. data/spec/models/source_spec.rb +40 -0
  272. data/spec/models/status1_spec.rb +46 -0
  273. data/spec/models/status2_spec.rb +34 -0
  274. data/spec/models/status2_status_spec.rb +52 -0
  275. data/spec/models/status_spec.rb +52 -0
  276. data/spec/models/track_event_request_spec.rb +82 -0
  277. data/spec/models/update_authorization_server400_response_spec.rb +52 -0
  278. data/spec/models/update_client_app_request_spec.rb +34 -0
  279. data/spec/models/update_environment_variable_request_spec.rb +34 -0
  280. data/spec/models/update_role200_response_spec.rb +34 -0
  281. data/spec/models/user_spec.rb +258 -0
  282. data/spec/models/verify_enrollment_request_spec.rb +34 -0
  283. data/spec/models/verify_factor_request_spec.rb +40 -0
  284. data/spec/models/verify_factor_saml200_response_spec.rb +40 -0
  285. data/spec/models/verify_factor_saml_request_spec.rb +58 -0
  286. data/spec/models/verify_factor_voice200_response_inner_spec.rb +50 -0
  287. data/spec/spec_helper.rb +111 -0
  288. metadata +402 -210
  289. data/.gitignore +0 -12
  290. data/.travis.yml +0 -6
  291. data/bin/console +0 -14
  292. data/bin/setup +0 -6
  293. data/examples/Gemfile +0 -3
  294. data/examples/Gemfile.lock +0 -21
  295. data/examples/README.md +0 -19
  296. data/examples/all-users-to-csv.rb +0 -48
  297. data/examples/create-user.rb +0 -16
  298. data/examples/events-to-csv.rb +0 -93
  299. data/examples/last-app-user-login-to-csv.rb +0 -72
  300. data/examples/list-users.rb +0 -15
  301. data/examples/rails-custom-login-page/.gitignore +0 -45
  302. data/examples/rails-custom-login-page/.ruby-version +0 -1
  303. data/examples/rails-custom-login-page/Gemfile +0 -57
  304. data/examples/rails-custom-login-page/Gemfile.lock +0 -208
  305. data/examples/rails-custom-login-page/README.md +0 -105
  306. data/examples/rails-custom-login-page/Rakefile +0 -6
  307. data/examples/rails-custom-login-page/app/assets/config/manifest.js +0 -3
  308. data/examples/rails-custom-login-page/app/assets/images/.keep +0 -0
  309. data/examples/rails-custom-login-page/app/assets/javascripts/application.js +0 -18
  310. data/examples/rails-custom-login-page/app/assets/javascripts/cable.js +0 -13
  311. data/examples/rails-custom-login-page/app/assets/javascripts/channels/.keep +0 -0
  312. data/examples/rails-custom-login-page/app/assets/javascripts/dashboard.coffee +0 -3
  313. data/examples/rails-custom-login-page/app/assets/javascripts/home.coffee +0 -3
  314. data/examples/rails-custom-login-page/app/assets/javascripts/sessions.coffee +0 -3
  315. data/examples/rails-custom-login-page/app/assets/stylesheets/application.css +0 -15
  316. data/examples/rails-custom-login-page/app/assets/stylesheets/dashboard.scss +0 -3
  317. data/examples/rails-custom-login-page/app/assets/stylesheets/home.scss +0 -3
  318. data/examples/rails-custom-login-page/app/assets/stylesheets/sessions.scss +0 -3
  319. data/examples/rails-custom-login-page/app/channels/application_cable/channel.rb +0 -4
  320. data/examples/rails-custom-login-page/app/channels/application_cable/connection.rb +0 -4
  321. data/examples/rails-custom-login-page/app/controllers/application_controller.rb +0 -23
  322. data/examples/rails-custom-login-page/app/controllers/concerns/.keep +0 -0
  323. data/examples/rails-custom-login-page/app/controllers/dashboard_controller.rb +0 -10
  324. data/examples/rails-custom-login-page/app/controllers/home_controller.rb +0 -4
  325. data/examples/rails-custom-login-page/app/controllers/sessions_controller.rb +0 -46
  326. data/examples/rails-custom-login-page/app/controllers/users_controller.rb +0 -116
  327. data/examples/rails-custom-login-page/app/helpers/application_helper.rb +0 -2
  328. data/examples/rails-custom-login-page/app/helpers/dashboard_helper.rb +0 -28
  329. data/examples/rails-custom-login-page/app/helpers/home_helper.rb +0 -2
  330. data/examples/rails-custom-login-page/app/helpers/sessions_helper.rb +0 -87
  331. data/examples/rails-custom-login-page/app/helpers/users_helper.rb +0 -3
  332. data/examples/rails-custom-login-page/app/jobs/application_job.rb +0 -2
  333. data/examples/rails-custom-login-page/app/mailers/application_mailer.rb +0 -4
  334. data/examples/rails-custom-login-page/app/models/application_record.rb +0 -3
  335. data/examples/rails-custom-login-page/app/models/concerns/.keep +0 -0
  336. data/examples/rails-custom-login-page/app/views/dashboard/index.html.erb +0 -50
  337. data/examples/rails-custom-login-page/app/views/home/index.html.erb +0 -209
  338. data/examples/rails-custom-login-page/app/views/layouts/application.html.erb +0 -31
  339. data/examples/rails-custom-login-page/app/views/layouts/mailer.html.erb +0 -13
  340. data/examples/rails-custom-login-page/app/views/layouts/mailer.text.erb +0 -1
  341. data/examples/rails-custom-login-page/app/views/users/_form.html.erb +0 -1
  342. data/examples/rails-custom-login-page/app/views/users/_user.json.jbuilder +0 -2
  343. data/examples/rails-custom-login-page/app/views/users/edit.html.erb +0 -27
  344. data/examples/rails-custom-login-page/app/views/users/index.html.erb +0 -30
  345. data/examples/rails-custom-login-page/app/views/users/index.json.jbuilder +0 -1
  346. data/examples/rails-custom-login-page/app/views/users/new.html.erb +0 -60
  347. data/examples/rails-custom-login-page/app/views/users/onboard.html.erb +0 -54
  348. data/examples/rails-custom-login-page/app/views/users/show.html.erb +0 -14
  349. data/examples/rails-custom-login-page/app/views/users/show.json.jbuilder +0 -1
  350. data/examples/rails-custom-login-page/bin/bundle +0 -3
  351. data/examples/rails-custom-login-page/bin/rails +0 -9
  352. data/examples/rails-custom-login-page/bin/rake +0 -9
  353. data/examples/rails-custom-login-page/bin/setup +0 -38
  354. data/examples/rails-custom-login-page/bin/spring +0 -17
  355. data/examples/rails-custom-login-page/bin/update +0 -29
  356. data/examples/rails-custom-login-page/bin/yarn +0 -11
  357. data/examples/rails-custom-login-page/config/application.rb +0 -18
  358. data/examples/rails-custom-login-page/config/boot.rb +0 -3
  359. data/examples/rails-custom-login-page/config/cable.yml +0 -10
  360. data/examples/rails-custom-login-page/config/database.yml +0 -25
  361. data/examples/rails-custom-login-page/config/environment.rb +0 -5
  362. data/examples/rails-custom-login-page/config/environments/development.rb +0 -54
  363. data/examples/rails-custom-login-page/config/environments/production.rb +0 -91
  364. data/examples/rails-custom-login-page/config/environments/test.rb +0 -42
  365. data/examples/rails-custom-login-page/config/initializers/application_controller_renderer.rb +0 -8
  366. data/examples/rails-custom-login-page/config/initializers/assets.rb +0 -14
  367. data/examples/rails-custom-login-page/config/initializers/backtrace_silencers.rb +0 -7
  368. data/examples/rails-custom-login-page/config/initializers/cookies_serializer.rb +0 -5
  369. data/examples/rails-custom-login-page/config/initializers/filter_parameter_logging.rb +0 -4
  370. data/examples/rails-custom-login-page/config/initializers/inflections.rb +0 -16
  371. data/examples/rails-custom-login-page/config/initializers/mime_types.rb +0 -4
  372. data/examples/rails-custom-login-page/config/initializers/onelogin.rb +0 -4
  373. data/examples/rails-custom-login-page/config/initializers/wrap_parameters.rb +0 -14
  374. data/examples/rails-custom-login-page/config/locales/en.yml +0 -33
  375. data/examples/rails-custom-login-page/config/puma.rb +0 -56
  376. data/examples/rails-custom-login-page/config/routes.rb +0 -23
  377. data/examples/rails-custom-login-page/config/secrets.yml.sample +0 -36
  378. data/examples/rails-custom-login-page/config/spring.rb +0 -6
  379. data/examples/rails-custom-login-page/config.ru +0 -5
  380. data/examples/rails-custom-login-page/db/seeds.rb +0 -7
  381. data/examples/rails-custom-login-page/lib/assets/.keep +0 -0
  382. data/examples/rails-custom-login-page/lib/tasks/.keep +0 -0
  383. data/examples/rails-custom-login-page/package.json +0 -5
  384. data/examples/rails-custom-login-page/public/404.html +0 -67
  385. data/examples/rails-custom-login-page/public/422.html +0 -67
  386. data/examples/rails-custom-login-page/public/500.html +0 -66
  387. data/examples/rails-custom-login-page/public/apple-touch-icon-precomposed.png +0 -0
  388. data/examples/rails-custom-login-page/public/apple-touch-icon.png +0 -0
  389. data/examples/rails-custom-login-page/public/favicon.ico +0 -0
  390. data/examples/rails-custom-login-page/public/robots.txt +0 -1
  391. data/examples/rails-custom-login-page/test/application_system_test_case.rb +0 -5
  392. data/examples/rails-custom-login-page/test/controllers/.keep +0 -0
  393. data/examples/rails-custom-login-page/test/controllers/dashboard_controller_test.rb +0 -9
  394. data/examples/rails-custom-login-page/test/controllers/home_controller_test.rb +0 -9
  395. data/examples/rails-custom-login-page/test/controllers/sessions_controller_test.rb +0 -7
  396. data/examples/rails-custom-login-page/test/controllers/users_controller_test.rb +0 -48
  397. data/examples/rails-custom-login-page/test/fixtures/.keep +0 -0
  398. data/examples/rails-custom-login-page/test/fixtures/files/.keep +0 -0
  399. data/examples/rails-custom-login-page/test/helpers/.keep +0 -0
  400. data/examples/rails-custom-login-page/test/integration/.keep +0 -0
  401. data/examples/rails-custom-login-page/test/mailers/.keep +0 -0
  402. data/examples/rails-custom-login-page/test/models/.keep +0 -0
  403. data/examples/rails-custom-login-page/test/system/.keep +0 -0
  404. data/examples/rails-custom-login-page/test/test_helper.rb +0 -9
  405. data/examples/rails-custom-login-page/vendor/.keep +0 -0
  406. data/lib/onelogin/api/apiexception.rb +0 -10
  407. data/lib/onelogin/api/client.rb +0 -2328
  408. data/lib/onelogin/api/cursor.rb +0 -113
  409. data/lib/onelogin/api/models/app.rb +0 -22
  410. data/lib/onelogin/api/models/auth_factor.rb +0 -16
  411. data/lib/onelogin/api/models/device.rb +0 -18
  412. data/lib/onelogin/api/models/embed_app.rb +0 -31
  413. data/lib/onelogin/api/models/event.rb +0 -54
  414. data/lib/onelogin/api/models/event_type.rb +0 -17
  415. data/lib/onelogin/api/models/factor_enrollment_response.rb +0 -22
  416. data/lib/onelogin/api/models/group.rb +0 -17
  417. data/lib/onelogin/api/models/mfa.rb +0 -26
  418. data/lib/onelogin/api/models/mfa_token.rb +0 -18
  419. data/lib/onelogin/api/models/onelogin_token.rb +0 -20
  420. data/lib/onelogin/api/models/otp_device.rb +0 -25
  421. data/lib/onelogin/api/models/privilege.rb +0 -51
  422. data/lib/onelogin/api/models/rate_limit.rb +0 -17
  423. data/lib/onelogin/api/models/role.rb +0 -16
  424. data/lib/onelogin/api/models/saml_endpoint_response.rb +0 -18
  425. data/lib/onelogin/api/models/session_token_info.rb +0 -21
  426. data/lib/onelogin/api/models/session_token_mfa_info.rb +0 -26
  427. data/lib/onelogin/api/models/statement.rb +0 -36
  428. data/lib/onelogin/api/models/user.rb +0 -135
  429. data/lib/onelogin/api/models/user_data.rb +0 -13
  430. data/lib/onelogin/api/models/user_metadata.rb +0 -13
  431. data/lib/onelogin/api/models.rb +0 -22
  432. data/lib/onelogin/api/util/constants.rb +0 -160
  433. data/lib/onelogin/api/util/parser.rb +0 -56
  434. data/lib/onelogin/api/util/url_builder.rb +0 -24
  435. data/lib/onelogin/api/util.rb +0 -13
  436. data/lib/onelogin/api.rb +0 -2
@@ -1,2328 +0,0 @@
1
- require 'onelogin/version'
2
- require 'onelogin/api/apiexception'
3
- require 'onelogin/api/cursor'
4
- require 'onelogin/api/util'
5
- require 'json'
6
- require 'httparty'
7
- require 'nokogiri'
8
- require 'time'
9
-
10
- module OneLogin
11
- module Api
12
- # Client class
13
- #
14
- # Client class of the OneLogin's Ruby SDK.
15
- # It makes the API calls to the Onelogin's platform described
16
- # at https://developers.onelogin.com/api-docs/1/getting-started/dev-overview.
17
- #
18
- class Client
19
- include OneLogin::Api::Util
20
- include HTTParty
21
-
22
- attr_accessor :client_id, :client_secret, :region
23
- attr_accessor :user_agent, :error, :error_description, :error_attribute
24
-
25
- NOKOGIRI_OPTIONS = Nokogiri::XML::ParseOptions::STRICT |
26
- Nokogiri::XML::ParseOptions::NONET
27
-
28
- DEFAULT_USER_AGENT = "onelogin-ruby-sdk v#{OneLogin::VERSION}".freeze
29
-
30
- # Create a new instance of the Client.
31
- #
32
- # @param config [Hash] Client Id, Client Secret and Region
33
- #
34
- def initialize(config)
35
- options = Hash[config.map { |(k, v)| [k.to_sym, v] }]
36
-
37
- @client_id = options[:client_id]
38
- @client_secret = options[:client_secret]
39
- @region = options[:region] || 'us'
40
- @max_results = options[:max_results] || 1000
41
-
42
- if options[:timeout] and defined? self.class.default_timeout
43
- self.class.default_timeout options[:timeout]
44
- end
45
-
46
- if options[:proxy_host]
47
- self.class.http_proxy options[:proxy_host], options[:proxy_port], options[:proxy_user], options[:proxy_pass]
48
- end
49
-
50
- validate_config
51
-
52
- @user_agent = DEFAULT_USER_AGENT
53
- end
54
-
55
- def validate_config
56
- raise ArgumentError, 'client_id & client_secret are required' unless @client_id && @client_secret
57
- end
58
-
59
- # Clean any previous error registered at the client.
60
- #
61
- def clean_error
62
- @error = nil
63
- @error_description = nil
64
- @error_attribute = nil
65
- end
66
-
67
- def expired?
68
- Time.now.utc > @expiration
69
- end
70
-
71
- def prepare_token
72
- if @access_token.nil?
73
- access_token
74
- elsif expired?
75
- regenerate_token
76
- end
77
- end
78
-
79
- def handle_operation_response(response)
80
- result = false
81
- begin
82
- content = JSON.parse(response.body)
83
- if content
84
- if content.has_key?('status') && content['status'].has_key?('type') && content['status']['type'] == "success"
85
- result = true
86
- elsif content.has_key?('success') && content['success']
87
- result = true
88
- end
89
- end
90
- rescue Exception => e
91
- result = false
92
- end
93
-
94
- result
95
- end
96
-
97
- def handle_session_token_response(response)
98
- content = JSON.parse(response.body)
99
- if content && content.has_key?('status') && content['status'].has_key?('message') && content.has_key?('data')
100
- if content['status']['message'] == "Success"
101
- return OneLogin::Api::Models::SessionTokenInfo.new(content['data'][0])
102
- elsif content['status']['message'] == "MFA is required for this user"
103
- return OneLogin::Api::Models::SessionTokenMFAInfo.new(content['data'][0])
104
- else
105
- raise "Status Message type not reognized: %s" % content['status']['message']
106
- end
107
- end
108
-
109
- nil
110
- end
111
-
112
- def handle_saml_endpoint_response(response)
113
- content = JSON.parse(response.body)
114
- if content && content.has_key?('status') && content['status'].has_key?('message') && content['status'].has_key?('type')
115
- status_type = content['status']['type']
116
- status_message = content['status']['message']
117
- saml_endpoint_response = OneLogin::Api::Models::SAMLEndpointResponse.new(status_type, status_message)
118
- if content.has_key?('data')
119
- if status_message == 'Success'
120
- saml_endpoint_response.saml_response = content['data']
121
- else
122
- mfa = OneLogin::Api::Models::MFA.new(content['data'][0])
123
- saml_endpoint_response.mfa = mfa
124
- end
125
- end
126
-
127
- return saml_endpoint_response
128
- end
129
-
130
- nil
131
- end
132
-
133
- def headers
134
- {
135
- 'Content-Type' => 'application/json',
136
- 'User-Agent' => @user_agent
137
- }
138
- end
139
-
140
- def authorized_headers(bearer = true)
141
- # Removed the ":"
142
- authorization = if bearer
143
- "bearer #{@access_token}"
144
- else
145
- "client_id:#{@client_id},client_secret:#{@client_secret}"
146
- end
147
-
148
- headers.merge({
149
- 'Authorization' => authorization
150
- })
151
- end
152
-
153
- ############################
154
- # OAuth 2.0 Tokens Methods #
155
- ############################
156
-
157
- # Generates an access token and refresh token that you may use to
158
- # call Onelogin's API methods.
159
- #
160
- # @return [OneLoginToken] Returns the generated OAuth Token info
161
- #
162
- # @see {https://developers.onelogin.com/api-docs/1/oauth20-tokens/generate-tokens Generate Tokens documentation}
163
- def access_token
164
- clean_error
165
-
166
- begin
167
- url = url_for(TOKEN_REQUEST_URL)
168
-
169
- data = {
170
- 'grant_type' => 'client_credentials'
171
- }
172
-
173
- response = self.class.post(
174
- url,
175
- headers: authorized_headers(false),
176
- body: data.to_json
177
- )
178
-
179
- if response.code == 200
180
- json_data = JSON.parse(response.body)
181
- if json_data.has_key?('status')
182
- @error = json_data['status']['code'].to_s
183
- @error_description = extract_error_message_from_response(response)
184
- else
185
- token = OneLogin::Api::Models::OneLoginToken.new(json_data)
186
- @access_token = token.access_token
187
- @refresh_token = token.refresh_token
188
- @expiration = token.created_at + token.expires_in
189
- return token
190
- end
191
- else
192
- @error = response.code.to_s
193
- @error_description = extract_error_message_from_response(response)
194
- end
195
- rescue Exception => e
196
- @error = '500'
197
- @error_description = e.message
198
- end
199
-
200
- nil
201
- end
202
-
203
- # Refreshing tokens provides a new set of access and refresh tokens.
204
- #
205
- # @return [OneLoginToken] Returns the refreshed OAuth Token info
206
- #
207
- # @see {https://developers.onelogin.com/api-docs/1/oauth20-tokens/refresh-tokens Refresh Tokens documentation}
208
- def regenerate_token
209
- clean_error
210
-
211
- begin
212
- url = url_for(TOKEN_REQUEST_URL)
213
-
214
- data = {
215
- 'grant_type' => 'refresh_token',
216
- 'access_token' => @access_token,
217
- 'refresh_token' => @refresh_token
218
- }
219
-
220
- response = self.class.post(
221
- url,
222
- headers: headers,
223
- body: data.to_json
224
- )
225
-
226
- if response.code == 200
227
- json_data = JSON.parse(response.body)
228
- if json_data.has_key?('status')
229
- @error = json_data['status']['code'].to_s
230
- @error_description = extract_error_message_from_response(response)
231
- else
232
- token = OneLogin::Api::Models::OneLoginToken.new(json_data)
233
- @access_token = token.access_token
234
- @refresh_token = token.refresh_token
235
- @expiration = token.created_at + token.expires_in
236
- return token
237
- end
238
- else
239
- @error = response.code.to_s
240
- @error_description = extract_error_message_from_response(response)
241
- end
242
- rescue Exception => e
243
- @error = '500'
244
- @error_description = e.message
245
- end
246
-
247
- nil
248
- end
249
-
250
- # Revokes an access token and refresh token pair.
251
- #
252
- # @return [Boolean] If the opeation succeded
253
- #
254
- # @see {https://developers.onelogin.com/api-docs/1/oauth20-tokens/revoke-tokens Revoke Tokens documentation}
255
- def revoke_token
256
- clean_error
257
-
258
- begin
259
- url = url_for(TOKEN_REVOKE_URL)
260
-
261
- data = {
262
- access_token: @access_token
263
- }
264
-
265
- response = self.class.post(
266
- url,
267
- headers: authorized_headers(false),
268
- body: data.to_json
269
- )
270
-
271
- if response.code == 200
272
- @access_token = nil
273
- @refresh_token = nil
274
- @expiration = nil
275
- return true
276
- else
277
- @error = response.code.to_s
278
- @error_description = extract_error_message_from_response(response)
279
- end
280
- rescue Exception => e
281
- @error = '500'
282
- @error_description = e.message
283
- end
284
-
285
- false
286
- end
287
-
288
- # Gets current rate limit details about an access token.
289
- #
290
- # @return [RateLimit] Returns the rate limit info
291
- #
292
- # @see {https://developers.onelogin.com/api-docs/1/oauth20-tokens/get-rate-limit Get Rate Limit documentation}
293
- def get_rate_limits
294
- clean_error
295
- prepare_token
296
-
297
- begin
298
- url = url_for(GET_RATE_URL)
299
-
300
- response = self.class.get(
301
- url,
302
- headers: authorized_headers
303
- )
304
-
305
- if response.code == 200
306
- json_data = JSON.parse(response.body)
307
- if json_data && json_data['data']
308
- return OneLogin::Api::Models::RateLimit.new(json_data['data'])
309
- end
310
- else
311
- @error = response.code.to_s
312
- @error_description = extract_error_message_from_response(response)
313
- end
314
- rescue Exception => e
315
- @error = '500'
316
- @error_description = e.message
317
- end
318
-
319
- nil
320
- end
321
-
322
- ################
323
- # User Methods #
324
- ################
325
-
326
- # Gets a list of User resources. (if no limit provided, by default gt 50 elements)
327
- #
328
- # @param params [Hash] Parameters to filter the result of the list
329
- #
330
- # @return [Array] list of User objects
331
- #
332
- # @see {https://developers.onelogin.com/api-docs/1/users/get-users Get Users documentation}
333
- def get_users(params = {})
334
- clean_error
335
- prepare_token
336
-
337
- begin
338
- options = {
339
- model: OneLogin::Api::Models::User,
340
- headers: authorized_headers,
341
- max_results: @max_results,
342
- params: params
343
- }
344
-
345
- return Cursor.new(self.class, url_for(GET_USERS_URL), options)
346
-
347
- rescue Exception => e
348
- @error = '500'
349
- @error_description = e.message
350
- end
351
-
352
- nil
353
- end
354
-
355
- # Gets User by ID.
356
- #
357
- # @param user_id [Integer] Id of the user
358
- #
359
- # @return [User] the user identified by the id
360
- #
361
- # @see {https://developers.onelogin.com/api-docs/1/users/get-user-by-id Get User by ID documentation}
362
- def get_user(user_id)
363
- clean_error
364
- prepare_token
365
-
366
- begin
367
-
368
- url = url_for(GET_USER_URL, user_id)
369
-
370
- response = self.class.get(
371
- url,
372
- headers: authorized_headers
373
- )
374
-
375
- if response.code == 200
376
- json_data = JSON.parse(response.body)
377
- if json_data && json_data['data']
378
- return OneLogin::Api::Models::User.new(json_data['data'][0])
379
- end
380
- else
381
- @error = response.code.to_s
382
- @error_description = extract_error_message_from_response(response)
383
- end
384
- rescue Exception => e
385
- @error = '500'
386
- @error_description = e.message
387
- end
388
-
389
- nil
390
- end
391
-
392
- # Gets a list of apps accessible by a user, not including personal apps.
393
- #
394
- # @param user_id [Integer] Id of the user
395
- #
396
- # @return [Array] the apps of the user identified by the id
397
- #
398
- # @see {https://developers.onelogin.com/api-docs/1/users/get-apps-for-user Get Apps for a User documentation}
399
- def get_user_apps(user_id)
400
- clean_error
401
- prepare_token
402
-
403
- begin
404
- options = {
405
- model: OneLogin::Api::Models::App,
406
- headers: authorized_headers,
407
- max_results: @max_results
408
- }
409
-
410
- return Cursor.new(self.class, url_for(GET_APPS_FOR_USER_URL, user_id), options)
411
-
412
- rescue Exception => e
413
- @error = '500'
414
- @error_description = e.message
415
- end
416
-
417
- nil
418
- end
419
-
420
- # Gets a list of role IDs that have been assigned to a user.
421
- #
422
- # @param user_id [Integer] Id of the user
423
- #
424
- # @return [Array] the role ids of the user identified by the id
425
- #
426
- # @see {https://developers.onelogin.com/api-docs/1/users/get-roles-for-user Get Roles for a User documentation}
427
- def get_user_roles(user_id)
428
- clean_error
429
- prepare_token
430
-
431
- begin
432
- url = url_for(GET_ROLES_FOR_USER_URL, user_id)
433
-
434
- response = self.class.get(
435
- url,
436
- headers: authorized_headers
437
- )
438
-
439
- role_ids = []
440
- if response.code == 200
441
- json_data = JSON.parse(response.body)
442
- role_ids = json_data['data'][0] if json_data && json_data['data']
443
- else
444
- @error = response.code.to_s
445
- @error_description = extract_error_message_from_response(response)
446
- end
447
-
448
- return role_ids
449
- rescue Exception => e
450
- @error = '500'
451
- @error_description = e.message
452
- end
453
-
454
- nil
455
- end
456
-
457
- # Gets a list of all custom attribute fields (also known as custom user fields) that have been defined for OL account.
458
- #
459
- # @return [Array] the custom attributes of the account
460
- #
461
- # @see {https://developers.onelogin.com/api-docs/1/users/get-custom-attributes Get Custom Attributes documentation}
462
- def get_custom_attributes
463
- clean_error
464
- prepare_token
465
-
466
- begin
467
- url = url_for(GET_CUSTOM_ATTRIBUTES_URL)
468
-
469
- response = self.class.get(
470
- url,
471
- headers: authorized_headers
472
- )
473
-
474
- custom_attributes = []
475
- if response.code == 200
476
- json_data = JSON.parse(response.body)
477
- if json_data && json_data['data']
478
- custom_attributes = json_data['data'][0]
479
- end
480
- else
481
- @error = response.code.to_s
482
- @error_description = extract_error_message_from_response(response)
483
- end
484
-
485
- return custom_attributes
486
- rescue Exception => e
487
- @error = '500'
488
- @error_description = e.message
489
- end
490
-
491
- nil
492
- end
493
-
494
- # Creates an user
495
- #
496
- # @param user_params [Hash] User data (firstname, lastname, email, username, company,
497
- # department, directory_id, distinguished_name,
498
- # external_id, group_id, invalid_login_attempts,
499
- # locale_code, manager_ad_id, member_of,
500
- # openid_name, phone, samaccountname, title,
501
- # userprincipalname)
502
- #
503
- # @return [User] the created user
504
- #
505
- # @see {https://developers.onelogin.com/api-docs/1/users/create-user Create User documentation}
506
- def create_user(user_params)
507
- clean_error
508
- prepare_token
509
-
510
- begin
511
- url = url_for(CREATE_USER_URL)
512
-
513
- response = self.class.post(
514
- url,
515
- headers: authorized_headers,
516
- body: user_params.to_json
517
- )
518
-
519
- if response.code == 200
520
- json_data = JSON.parse(response.body)
521
- if json_data && json_data['data']
522
- return OneLogin::Api::Models::User.new(json_data['data'][0])
523
- end
524
- else
525
- @error = response.code.to_s
526
- @error_description = extract_error_message_from_response(response)
527
- @error_attribute = extract_error_attribute_from_response(response)
528
- end
529
- rescue Exception => e
530
- @error = '500'
531
- @error_description = e.message
532
- end
533
-
534
- nil
535
- end
536
-
537
- # Updates an user
538
- #
539
- # @param user_id [Integer] Id of the user
540
- # @param user_params [Hash] User data (firstname, lastname, email, username, company,
541
- # department, directory_id, distinguished_name,
542
- # external_id, group_id, invalid_login_attempts,
543
- # locale_code, manager_ad_id, member_of,
544
- # openid_name, phone, samaccountname, title,
545
- # userprincipalname)
546
- #
547
- # @return [User] the modified user
548
- #
549
- # @see {https://developers.onelogin.com/api-docs/1/users/update-user Update User by ID documentation}
550
- def update_user(user_id, user_params)
551
- clean_error
552
- prepare_token
553
-
554
- begin
555
- url = url_for(UPDATE_USER_URL, user_id)
556
-
557
- response = self.class.put(
558
- url,
559
- headers: authorized_headers,
560
- body: user_params.to_json
561
- )
562
-
563
- if response.code == 200
564
- json_data = JSON.parse(response.body)
565
- if json_data && json_data['data']
566
- return OneLogin::Api::Models::User.new(json_data['data'][0])
567
- end
568
- else
569
- @error = response.code.to_s
570
- @error_description = extract_error_message_from_response(response)
571
- @error_attribute = extract_error_attribute_from_response(response)
572
- end
573
- rescue Exception => e
574
- @error = '500'
575
- @error_description = e.message
576
- end
577
-
578
- nil
579
- end
580
-
581
- # Assigns Roles to User
582
- #
583
- # @param user_id [Integer] Id of the user
584
- # @param role_ids [Array] List of role ids to be added
585
- #
586
- # @return [Boolean] if the action succeed
587
- #
588
- # @see {https://developers.onelogin.com/api-docs/1/users/assign-role-to-user Assign Role to User documentation}
589
- def assign_role_to_user(user_id, role_ids)
590
- clean_error
591
- prepare_token
592
-
593
- begin
594
- url = url_for(ADD_ROLE_TO_USER_URL, user_id)
595
-
596
- data = {
597
- 'role_id_array' => role_ids
598
- }
599
-
600
- response = self.class.put(
601
- url,
602
- headers: authorized_headers,
603
- body: data.to_json
604
- )
605
-
606
- if response.code == 200
607
- return handle_operation_response(response)
608
- else
609
- @error = response.code.to_s
610
- @error_description = extract_error_message_from_response(response)
611
- @error_attribute = extract_error_attribute_from_response(response)
612
- end
613
- rescue Exception => e
614
- @error = '500'
615
- @error_description = e.message
616
- end
617
-
618
- false
619
- end
620
-
621
- # Removes Role from User
622
- #
623
- # @param user_id [Integer] Id of the user
624
- # @param role_ids [Array] List of role ids to be removed
625
- #
626
- # @return [Boolean] if the action succeed
627
- #
628
- # @see {https://developers.onelogin.com/api-docs/1/users/remove-role-from-user Remove Role from User documentation}
629
- def remove_role_from_user(user_id, role_ids)
630
- clean_error
631
- prepare_token
632
-
633
- begin
634
- url = url_for(DELETE_ROLE_TO_USER_URL, user_id)
635
-
636
- data = {
637
- 'role_id_array' => role_ids
638
- }
639
-
640
- response = self.class.put(
641
- url,
642
- headers: authorized_headers,
643
- body: data.to_json
644
- )
645
-
646
- if response.code == 200
647
- return handle_operation_response(response)
648
- else
649
- @error = response.code.to_s
650
- @error_description = extract_error_message_from_response(response)
651
- @error_attribute = extract_error_attribute_from_response(response)
652
- end
653
- rescue Exception => e
654
- @error = '500'
655
- @error_description = e.message
656
- end
657
-
658
- false
659
- end
660
-
661
- # Sets Password by ID Using Cleartext
662
- #
663
- # @param user_id [Integer] Id of the user
664
- # @param password [String] Set to the password value using cleartext.
665
- # @param password_confirmation [String] Ensure that this value matches the password value exactly.
666
- # @validate_policy [Boolean] Force validation against assigned OneLogin user password policy
667
- #
668
- # @return [Boolean] if the action succeed
669
- #
670
- # @see {https://developers.onelogin.com/api-docs/1/users/set-password-in-cleartext Set Password by ID Using Cleartext documentation}
671
- def set_password_using_clear_text(user_id, password, password_confirmation, validate_policy=false)
672
- clean_error
673
- prepare_token
674
-
675
- begin
676
- url = url_for(SET_PW_CLEARTEXT, user_id)
677
-
678
- data = {
679
- 'password' => password,
680
- 'password_confirmation' => password_confirmation,
681
- 'validate_policy' => validate_policy
682
- }
683
-
684
- response = self.class.put(
685
- url,
686
- headers: authorized_headers,
687
- body: data.to_json
688
- )
689
-
690
- if response.code == 200
691
- return handle_operation_response(response)
692
- else
693
- @error = response.code.to_s
694
- @error_description = extract_error_message_from_response(response)
695
- @error_attribute = extract_error_attribute_from_response(response)
696
- end
697
- rescue Exception => e
698
- @error = '500'
699
- @error_description = e.message
700
- end
701
-
702
- false
703
- end
704
-
705
- # Set Password by ID Using Salt and SHA-256
706
- #
707
- # @param user_id [Integer] Id of the user
708
- # @param password [String] Set to the password value using cleartext.
709
- # @param password_confirmation [String] Ensure that this value matches the password value exactly.
710
- # @param password_algorithm [String] Set to salt+sha256.
711
- # @param password_salt [String] (Optional) To provide your own salt value.
712
- #
713
- # @return [Boolean] if the action succeed
714
- #
715
- # @see {https://developers.onelogin.com/api-docs/1/users/set-password-using-sha-256 Set Password by ID Using Salt and SHA-256 documentation}
716
- def set_password_using_hash_salt(user_id, password, password_confirmation, password_algorithm, password_salt=nil)
717
- clean_error
718
- prepare_token
719
-
720
- begin
721
- url = url_for(SET_PW_SALT, user_id)
722
-
723
- data = {
724
- 'password' => password,
725
- 'password_confirmation' => password_confirmation,
726
- 'password_algorithm' => password_algorithm
727
- }
728
-
729
- unless password_salt.nil?
730
- data['password_salt'] = password_salt
731
- end
732
-
733
- response = self.class.put(
734
- url,
735
- headers: authorized_headers,
736
- body: data.to_json
737
- )
738
-
739
- if response.code == 200
740
- return handle_operation_response(response)
741
- else
742
- @error = response.code.to_s
743
- @error_description = extract_error_message_from_response(response)
744
- @error_attribute = extract_error_attribute_from_response(response)
745
- end
746
- rescue Exception => e
747
- @error = '500'
748
- @error_description = e.message
749
- end
750
-
751
- false
752
- end
753
-
754
- # Set User State
755
- #
756
- # @param id [Integer] Id of the user to be modified
757
- # @param state [Integer] Set to the state value. [Unapproved: 0, Approved (licensed): 1, Rejected: 2, Unlicensed: 3]
758
- #
759
- # @return [Boolean] if the action succeed
760
- #
761
- # @see {https://developers.onelogin.com/api-docs/1/users/set-state Set User State documentation}
762
- def set_state_to_user(user_id, state)
763
- clean_error
764
- prepare_token
765
-
766
- begin
767
- url = url_for(SET_USER_STATE_URL, user_id)
768
-
769
- data = {
770
- 'state' => state
771
- }
772
-
773
- response = self.class.put(
774
- url,
775
- headers: authorized_headers,
776
- body: data.to_json
777
- )
778
-
779
- if response.code == 200
780
- return handle_operation_response(response)
781
- else
782
- @error = response.code.to_s
783
- @error_description = extract_error_message_from_response(response)
784
- @error_attribute = extract_error_attribute_from_response(response)
785
- end
786
- rescue Exception => e
787
- @error = '500'
788
- @error_description = e.message
789
- end
790
-
791
- false
792
- end
793
-
794
- # Set Custom Attribute Value
795
- #
796
- # @param user_id [Integer] Id of the user
797
- # @param custom_attributes [Hash] Provide one or more key value pairs composed of the custom attribute field shortname and the value that you want to set the field to.
798
- #
799
- # @return [Boolean] if the action succeed
800
- #
801
- # @see {https://developers.onelogin.com/api-docs/1/users/set-custom-attribute Set Custom Attribute Value documentation}
802
- def set_custom_attribute_to_user(user_id, custom_attributes)
803
- clean_error
804
- prepare_token
805
-
806
- begin
807
- url = url_for(SET_CUSTOM_ATTRIBUTE_TO_USER_URL, user_id)
808
-
809
- data = {
810
- 'custom_attributes' => custom_attributes
811
- }
812
-
813
- response = self.class.put(
814
- url,
815
- headers: authorized_headers,
816
- body: data.to_json
817
- )
818
-
819
- if response.code == 200
820
- return handle_operation_response(response)
821
- else
822
- @error = response.code.to_s
823
- @error_description = extract_error_message_from_response(response)
824
- @error_attribute = extract_error_attribute_from_response(response)
825
- end
826
- rescue Exception => e
827
- @error = '500'
828
- @error_description = e.message
829
- end
830
-
831
- false
832
- end
833
-
834
- # Log a user out of any and all sessions.
835
- #
836
- # @param user_id [Integer] Id of the user to be logged out
837
- #
838
- # @return [Boolean] if the action succeed
839
- #
840
- # @see {https://developers.onelogin.com/api-docs/1/users/log-user-out Log User Out documentation}
841
- def log_user_out(user_id)
842
- clean_error
843
- prepare_token
844
-
845
- begin
846
- url = url_for(LOG_USER_OUT_URL, user_id)
847
-
848
- response = self.class.put(
849
- url,
850
- headers: authorized_headers
851
- )
852
-
853
- if response.code == 200
854
- return handle_operation_response(response)
855
- else
856
- @error = response.code.to_s
857
- @error_description = extract_error_message_from_response(response)
858
- @error_attribute = extract_error_attribute_from_response(response)
859
- end
860
- rescue Exception => e
861
- @error = '500'
862
- @error_description = e.message
863
- end
864
-
865
- false
866
- end
867
-
868
- # Use this call to lock a user's account based on the policy assigned to
869
- # the user, for a specific time you define in the request, or until you
870
- # unlock it.
871
- #
872
- # @param user_id [Integer] Id of the user to be locked
873
- # @param minutes [Integer] Set to the number of minutes for which you want to lock the user account. (0 to delegate on policy)
874
- #
875
- # @return [Boolean] if the action succeed
876
- #
877
- # @see {https://developers.onelogin.com/api-docs/1/users/lock-user-account Lock User Account documentation}
878
- def lock_user(user_id, minutes)
879
- clean_error
880
- prepare_token
881
-
882
- begin
883
- url = url_for(LOCK_USER_URL, user_id)
884
-
885
- data = {
886
- 'locked_until' => minutes
887
- }
888
-
889
- response = self.class.put(
890
- url,
891
- headers: authorized_headers,
892
- body: data.to_json
893
- )
894
-
895
- if response.code == 200
896
- return handle_operation_response(response)
897
- else
898
- @error = response.code.to_s
899
- @error_description = extract_error_message_from_response(response)
900
- @error_attribute = extract_error_attribute_from_response(response)
901
- end
902
- rescue Exception => e
903
- @error = '500'
904
- @error_description = e.message
905
- end
906
-
907
- false
908
- end
909
-
910
- # Deletes an user
911
- #
912
- # @param user_id [Integer] Id of the user to be removed
913
- #
914
- # @return [Boolean] if the action succeed
915
- #
916
- # @see {https://developers.onelogin.com/api-docs/1/users/delete-user Delete User by ID documentation}
917
- def delete_user(user_id)
918
- clean_error
919
- prepare_token
920
-
921
- begin
922
- url = url_for(DELETE_USER_URL, user_id)
923
-
924
- response = self.class.delete(
925
- url,
926
- headers: authorized_headers
927
- )
928
-
929
- if response.code == 200
930
- return handle_operation_response(response)
931
- else
932
- @error = response.code.to_s
933
- @error_description = extract_error_message_from_response(response)
934
- @error_attribute = extract_error_attribute_from_response(response)
935
- end
936
- rescue Exception => e
937
- @error = '500'
938
- @error_description = e.message
939
- end
940
-
941
- false
942
- end
943
-
944
- # Use to generate a temporary MFA token that can be used in place of other MFA tokens for a set time period.
945
- # For example, use this token for account recovery.
946
- #
947
- # @param user_id [Integer] Id of the user
948
- # @param expires_in [Integer] Set the duration of the token in seconds.
949
- # (default: 259200 seconds = 72h) 72 hours is the max value.
950
- # @param reusable [Boolean] Defines if the token reusable. (default: false) If set to true, token can be used for multiple apps, until it expires.
951
- #
952
- # @return [MFAToken] if the action succeed
953
- #
954
- # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/generate-mfa-token Generate MFA Token documentation}
955
- def generate_mfa_token(user_id, expires_in=259200, reusable=False)
956
- clean_error
957
- prepare_token
958
-
959
- begin
960
- url = url_for(GENERATE_MFA_TOKEN_URL, user_id)
961
-
962
- data = {
963
- 'expires_in' => expires_in,
964
- 'reusable' => reusable
965
- }
966
-
967
- response = self.class.post(
968
- url,
969
- headers: authorized_headers,
970
- body: data.to_json
971
- )
972
-
973
- if response.code == 201
974
- json_data = JSON.parse(response.body)
975
- if !json_data.empty?
976
- return OneLogin::Api::Models::MFAToken.new(json_data)
977
- end
978
- else
979
- @error = extract_status_code_from_response(response)
980
- @error_description = extract_error_message_from_response(response)
981
- end
982
- rescue Exception => e
983
- @error = '500'
984
- @error_description = e.message
985
- end
986
-
987
- nil
988
- end
989
-
990
- # Generates a session login token in scenarios in which MFA may or may not be required.
991
- # A session login token expires two minutes after creation.
992
- #
993
- # @param query_params [Hash] Query Parameters (username_or_email, password, subdomain, return_to_url,
994
- # ip_address, browser_id)
995
- # @param allowed_origin [String] Custom-Allowed-Origin-Header. Required for CORS requests only.
996
- # Set to the Origin URI from which you are allowed to send a request
997
- # using CORS.
998
- #
999
- # @return [SessionTokenInfo|SessionTokenMFAInfo] if the action succeed
1000
- #
1001
- # @see {https://developers.onelogin.com/api-docs/1/users/create-session-login-token Create Session Login Token documentation}
1002
- def create_session_login_token(query_params, allowed_origin='')
1003
- clean_error
1004
- prepare_token
1005
-
1006
- begin
1007
- url = url_for(SESSION_LOGIN_TOKEN_URL)
1008
-
1009
- if query_params.nil? || !query_params.has_key?('username_or_email') || !query_params.has_key?('password') || !query_params.has_key?('subdomain')
1010
- raise "username_or_email, password and subdomain are required parameters"
1011
- end
1012
-
1013
- headers = authorized_headers
1014
- if allowed_origin
1015
- headers = headers.merge({ 'Custom-Allowed-Origin-Header-1' => allowed_origin })
1016
- end
1017
-
1018
- response = self.class.post(
1019
- url,
1020
- headers: headers,
1021
- body: query_params.to_json
1022
- )
1023
-
1024
- if response.code == 200
1025
- return handle_session_token_response(response)
1026
- else
1027
- @error = response.code.to_s
1028
- @error_description = extract_error_message_from_response(response)
1029
- end
1030
- rescue Exception => e
1031
- @error = '500'
1032
- @error_description = e.message
1033
- end
1034
-
1035
- nil
1036
- end
1037
-
1038
- # Verify a one-time password (OTP) value provided for multi-factor authentication (MFA).
1039
- #
1040
- # @param device_id [String] Provide the MFA device_id you are submitting for verification.
1041
- # @param state_token [String] Provide the state_token associated with the MFA device_id you are submitting for verification.
1042
- # @param otp_token [String] (Optional) Provide the OTP value for the MFA factor you are submitting for verification.
1043
- # @param allowed_origin [String] (Optional) Required for CORS requests only. Set to the Origin URI from which you are allowed to send a request using CORS.
1044
- # @param do_not_notify [String] (Optional) When verifying MFA via Protect Push, set this to true to stop additional push notifications being sent to the OneLogin Protect device.
1045
- #
1046
- # @return [SessionTokenInfo] if the action succeed
1047
- #
1048
- # @see {https://developers.onelogin.com/api-docs/1/users/verify-factor Verify Factor documentation}
1049
- def get_session_token_verified(device_id, state_token, otp_token=nil, allowed_origin='', do_not_notify=false)
1050
- clean_error
1051
- prepare_token
1052
-
1053
- begin
1054
- url = url_for(GET_TOKEN_VERIFY_FACTOR)
1055
-
1056
- data = {
1057
- 'device_id'=> device_id.to_s,
1058
- 'state_token'=> state_token,
1059
- 'do_not_notify'=> do_not_notify
1060
- }
1061
-
1062
- unless otp_token.nil? || otp_token.empty?
1063
- data['otp_token'] = otp_token
1064
- end
1065
-
1066
- headers = authorized_headers
1067
- if allowed_origin
1068
- headers = headers.merge({ 'Custom-Allowed-Origin-Header-1' => allowed_origin })
1069
- end
1070
-
1071
- response = self.class.post(
1072
- url,
1073
- headers: headers,
1074
- body: data.to_json
1075
- )
1076
-
1077
- if response.code == 200
1078
- return handle_session_token_response(response)
1079
- else
1080
- @error = response.code.to_s
1081
- @error_description = extract_error_message_from_response(response)
1082
- end
1083
- rescue Exception => e
1084
- @error = '500'
1085
- @error_description = e.message
1086
- end
1087
-
1088
- nil
1089
- end
1090
-
1091
-
1092
- ################
1093
- # Role Methods #
1094
- ################
1095
-
1096
- # Gets a list of Role resources. (if no limit provided, by default get 50 elements)
1097
- #
1098
- # @param params [Hash] Parameters to filter the result of the list
1099
- #
1100
- # @return [Array] list of Role objects
1101
- #
1102
- # @see {https://developers.onelogin.com/api-docs/1/roles/get-roles Get Roles documentation}
1103
- def get_roles(params = {})
1104
- clean_error
1105
- prepare_token
1106
-
1107
- begin
1108
- options = {
1109
- model: OneLogin::Api::Models::Role,
1110
- headers: authorized_headers,
1111
- max_results: @max_results,
1112
- params: params
1113
- }
1114
-
1115
- return Cursor.new(self.class, url_for(GET_ROLES_URL), options)
1116
-
1117
- rescue Exception => e
1118
- @error = '500'
1119
- @error_description = e.message
1120
- end
1121
-
1122
- nil
1123
- end
1124
-
1125
- # Gets Role by ID.
1126
- #
1127
- # @param role_id [Integer] Id of the Role
1128
- #
1129
- # @return [Role] the role identified by the id
1130
- #
1131
- # @see {https://developers.onelogin.com/api-docs/1/roles/get-role-by-id Get Role by ID documentation}
1132
- def get_role(role_id)
1133
- clean_error
1134
- prepare_token
1135
-
1136
- begin
1137
- url = url_for(GET_ROLE_URL, role_id)
1138
-
1139
- response = self.class.get(
1140
- url,
1141
- headers: authorized_headers
1142
- )
1143
-
1144
- if response.code == 200
1145
- json_data = JSON.parse(response.body)
1146
- if json_data && json_data['data']
1147
- return OneLogin::Api::Models::Role.new(json_data['data'][0])
1148
- end
1149
- else
1150
- @error = response.code.to_s
1151
- @error_description = extract_error_message_from_response(response)
1152
- end
1153
- rescue Exception => e
1154
- @error = '500'
1155
- @error_description = e.message
1156
- end
1157
-
1158
- nil
1159
- end
1160
-
1161
- #################
1162
- # Event Methods #
1163
- #################
1164
-
1165
- # List of all OneLogin event types available to the Events API.
1166
- #
1167
- # @return [Array] the list of event type
1168
- #
1169
- # @see {https://developers.onelogin.com/api-docs/1/events/event-types Get Event Types documentation}
1170
- def get_event_types
1171
- clean_error
1172
- prepare_token
1173
-
1174
- begin
1175
- options = {
1176
- model: OneLogin::Api::Models::EventType,
1177
- headers: authorized_headers,
1178
- max_results: @max_results
1179
- }
1180
-
1181
- return Cursor.new(self.class, url_for(GET_EVENT_TYPES_URL), options)
1182
-
1183
- rescue Exception => e
1184
- @error = '500'
1185
- @error_description = e.message
1186
- end
1187
-
1188
- nil
1189
- end
1190
-
1191
- # Gets a list of Event resources. (if no limit provided, by default get 50 elements)
1192
- #
1193
- # @param params [Hash] Parameters to filter the result of the list
1194
- #
1195
- # @return [Array] list of Event objects
1196
- #
1197
- # @see {https://developers.onelogin.com/api-docs/1/events/get-events Get Events documentation}
1198
- def get_events(params={})
1199
- clean_error
1200
- prepare_token
1201
-
1202
- begin
1203
- options = {
1204
- model: OneLogin::Api::Models::Event,
1205
- headers: authorized_headers,
1206
- max_results: @max_results,
1207
- params: params
1208
- }
1209
-
1210
- return Cursor.new(self.class, url_for(GET_EVENTS_URL), options)
1211
-
1212
- rescue Exception => e
1213
- @error = '500'
1214
- @error_description = e.message
1215
- end
1216
-
1217
- nil
1218
- end
1219
-
1220
- # Gets Event by ID.
1221
- #
1222
- # @param event_id [Integer] Id of the Event
1223
- #
1224
- # @return [Event] the event identified by the id
1225
- #
1226
- # @see {https://developers.onelogin.com/api-docs/1/events/get-event-by-id Get Event by ID documentation}
1227
- def get_event(event_id)
1228
- clean_error
1229
- prepare_token
1230
-
1231
- begin
1232
- url = url_for(GET_EVENT_URL, event_id)
1233
-
1234
- response = self.class.get(
1235
- url,
1236
- headers: authorized_headers
1237
- )
1238
-
1239
- if response.code == 200
1240
- json_data = JSON.parse(response.body)
1241
- if json_data && json_data['data']
1242
- return OneLogin::Api::Models::Event.new(json_data['data'][0])
1243
- end
1244
- else
1245
- @error = response.code.to_s
1246
- @error_description = extract_error_message_from_response(response)
1247
- end
1248
- rescue Exception => e
1249
- @error = '500'
1250
- @error_description = e.message
1251
- end
1252
-
1253
- nil
1254
- end
1255
-
1256
- # Create an event in the OneLogin event log.
1257
- #
1258
- # @param event_params [Hash] Event data (event_type_id, account_id, actor_system,
1259
- # actor_user_id, actor_user_name, app_id,
1260
- # assuming_acting_user_id, custom_message,
1261
- # directory_sync_run_id, group_id, group_name,
1262
- # ipaddr, otp_device_id, otp_device_name,
1263
- # policy_id, policy_name, role_id, role_name,
1264
- # user_id, user_name)
1265
- #
1266
- # @return [Boolean] the result of the operation
1267
- #
1268
- # @see {https://developers.onelogin.com/api-docs/1/events/create-event Create Event documentation}
1269
- def create_event(event_params)
1270
- clean_error
1271
- prepare_token
1272
-
1273
- begin
1274
- url = url_for(CREATE_EVENT_URL)
1275
-
1276
- response = self.class.post(
1277
- url,
1278
- headers: authorized_headers,
1279
- body: event_params.to_json
1280
- )
1281
-
1282
- if response.code == 200
1283
- return handle_operation_response(response)
1284
- else
1285
- @error = response.code.to_s
1286
- @error_description = extract_error_message_from_response(response)
1287
- @error_attribute = extract_error_attribute_from_response(response)
1288
- end
1289
- rescue Exception => e
1290
- @error = '500'
1291
- @error_description = e.message
1292
- end
1293
-
1294
- false
1295
- end
1296
-
1297
- #################
1298
- # Group Methods #
1299
- #################
1300
-
1301
- # Gets a list of Group resources (element of groups limited with the limit parameter).
1302
- #
1303
- # @return [Array] the list of groups
1304
- #
1305
- # @see {https://developers.onelogin.com/api-docs/1/groups/get-groups Get Groups documentation}
1306
- def get_groups(params = {})
1307
- clean_error
1308
- prepare_token
1309
-
1310
- begin
1311
- options = {
1312
- model: OneLogin::Api::Models::Group,
1313
- headers: authorized_headers,
1314
- max_results: @max_results,
1315
- params: params
1316
- }
1317
-
1318
- return Cursor.new(self.class, url_for(GET_GROUPS_URL), options)
1319
-
1320
- rescue Exception => e
1321
- @error = '500'
1322
- @error_description = e.message
1323
- end
1324
-
1325
- nil
1326
- end
1327
-
1328
- # Gets Group by ID.
1329
- #
1330
- # @param group_id [Integer] Id of the Group
1331
- #
1332
- # @return [Group] the group identified by the id
1333
- #
1334
- # @see {https://developers.onelogin.com/api-docs/1/groups/get-group-by-id Get Group by ID documentation}
1335
- def get_group(group_id)
1336
- clean_error
1337
- prepare_token
1338
-
1339
- begin
1340
- url = url_for(GET_GROUP_URL, group_id)
1341
-
1342
- response = self.class.get(
1343
- url,
1344
- headers: authorized_headers
1345
- )
1346
-
1347
- if response.code == 200
1348
- json_data = JSON.parse(response.body)
1349
- if json_data && json_data['data']
1350
- return OneLogin::Api::Models::Group.new(json_data['data'][0])
1351
- end
1352
- else
1353
- @error = response.code.to_s
1354
- @error_description = extract_error_message_from_response(response)
1355
- end
1356
- rescue Exception => e
1357
- @error = '500'
1358
- @error_description = e.message
1359
- end
1360
-
1361
- nil
1362
- end
1363
-
1364
- ##########################
1365
- # SAML Assertion Methods #
1366
- ##########################
1367
-
1368
- # Generates a SAML Assertion.
1369
- #
1370
- # @param username_or_email [String] username or email of the OneLogin user accessing the app
1371
- # @param password [String] Password of the OneLogin user accessing the app
1372
- # @param app_id [String] App ID of the app for which you want to generate a SAML token
1373
- # @param subdomain [String] subdomain of the OneLogin account related to the user/app
1374
- # @param ip_address [String] (Optional) whitelisted IP address that needs to be bypassed (some MFA scenarios)
1375
- #
1376
- # @return [SAMLEndpointResponse] object with an encoded SAMLResponse
1377
- #
1378
- # @see {https://developers.onelogin.com/api-docs/1/saml-assertions/generate-saml-assertion Generate SAML Assertion documentation}
1379
- def get_saml_assertion(username_or_email, password, app_id, subdomain, ip_address=nil)
1380
- clean_error
1381
- prepare_token
1382
-
1383
- begin
1384
- url = url_for(GET_SAML_ASSERTION_URL)
1385
-
1386
- data = {
1387
- 'username_or_email'=> username_or_email,
1388
- 'password'=> password,
1389
- 'app_id'=> app_id,
1390
- 'subdomain'=> subdomain,
1391
- }
1392
-
1393
- unless ip_address.nil? || ip_address.empty?
1394
- data['ip_address'] = ip_address
1395
- end
1396
-
1397
- response = self.class.post(
1398
- url,
1399
- headers: authorized_headers,
1400
- body: data.to_json
1401
- )
1402
-
1403
- if response.code == 200
1404
- return handle_saml_endpoint_response(response)
1405
- else
1406
- @error = response.code.to_s
1407
- @error_description = extract_error_message_from_response(response)
1408
- end
1409
- rescue Exception => e
1410
- @error = '500'
1411
- @error_description = e.message
1412
- end
1413
-
1414
- nil
1415
- end
1416
-
1417
- # Verify a one-time password (OTP) value provided for a second factor when multi-factor authentication (MFA) is required for SAML authentication.
1418
- #
1419
- # @param app_id [String] App ID of the app for which you want to generate a SAML token
1420
- # @param devide_id [String] Provide the MFA device_id you are submitting for verification.
1421
- # @param state_token [String] Provide the state_token associated with the MFA device_id you are submitting for verification.
1422
- # @param otp_token [String] (Optional) Provide the OTP value for the MFA factor you are submitting for verification.
1423
- # @param url_endpoint [String] (Optional) Specify an url where return the response.
1424
- # @param do_not_notify [String] (Optional) When verifying MFA via Protect Push, set this to true to stop additional push notifications being sent to the OneLogin Protect device
1425
- #
1426
- # @return [SAMLEndpointResponse] object with an encoded SAMLResponse
1427
- #
1428
- # @see {https://developers.onelogin.com/api-docs/1/saml-assertions/verify-factor Verify Factor documentation}
1429
- def get_saml_assertion_verifying(app_id, device_id, state_token, otp_token=nil, url_endpoint=nil, do_not_notify=false)
1430
- clean_error
1431
- prepare_token
1432
-
1433
- begin
1434
-
1435
- if url_endpoint.nil? || url_endpoint.empty?
1436
- url = url_for(GET_SAML_VERIFY_FACTOR)
1437
- else
1438
- url = url_endpoint
1439
- end
1440
-
1441
- data = {
1442
- 'app_id'=> app_id,
1443
- 'device_id'=> device_id.to_s,
1444
- 'state_token'=> state_token,
1445
- 'do_not_notify'=> do_not_notify
1446
- }
1447
-
1448
- unless otp_token.nil? || otp_token.empty?
1449
- data['otp_token'] = otp_token
1450
- end
1451
-
1452
- response = self.class.post(
1453
- url,
1454
- headers: authorized_headers,
1455
- body: data.to_json
1456
- )
1457
-
1458
- if response.code == 200
1459
- return handle_saml_endpoint_response(response)
1460
- else
1461
- @error = response.code.to_s
1462
- @error_description = extract_error_message_from_response(response)
1463
- end
1464
- rescue Exception => e
1465
- @error = '500'
1466
- @error_description = e.message
1467
- end
1468
-
1469
- nil
1470
- end
1471
-
1472
- #############################
1473
- # Multi-factor Auth Methods #
1474
- #############################
1475
-
1476
- # Returns a list of authentication factors that are available for user enrollment via API.
1477
- #
1478
- # @param user_id [Integer] The id of the user.
1479
- #
1480
- # @return [Array] AuthFactor list
1481
- #
1482
- # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/available-factors Get Available Authentication Factors documentation}
1483
- def get_factors(user_id)
1484
- clean_error
1485
- prepare_token
1486
-
1487
- begin
1488
- url = url_for(GET_FACTORS_URL, user_id)
1489
-
1490
- response = self.class.get(
1491
- url,
1492
- :headers => authorized_headers
1493
- )
1494
-
1495
- factors = []
1496
- if response.code == 200
1497
- json_data = JSON.parse(response.body)
1498
- if json_data and json_data['data'] and json_data['data']['auth_factors']
1499
- json_data['data']['auth_factors'].each do |factor_data|
1500
- factors << OneLogin::Api::Models::AuthFactor.new(factor_data)
1501
- end
1502
- end
1503
- else
1504
- @error = response.code.to_s
1505
- @error_description = extract_error_message_from_response(response)
1506
- end
1507
- return factors
1508
- rescue Exception => e
1509
- @error = '500'
1510
- @error_description = e.message
1511
- end
1512
-
1513
- nil
1514
- end
1515
-
1516
- # Enroll a user with a given authentication factor.
1517
- #
1518
- # @param user_id [Integer] The id of the user.
1519
- # @param factor_id [Integer] The identifier of the factor to enroll the user with.
1520
- # @param display_name [String] A name for the users device.
1521
- # @param number [String] The phone number of the user in E.164 format.
1522
- #
1523
- # @return [OTPDevice] MFA device
1524
- #
1525
- # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/enroll-factor Enroll an Authentication Factor documentation}
1526
- def enroll_factor(user_id, factor_id, display_name, number)
1527
- clean_error
1528
- prepare_token
1529
-
1530
- begin
1531
- url = url_for(ENROLL_FACTOR_URL, user_id)
1532
-
1533
- data = {
1534
- 'factor_id'=> factor_id.to_i,
1535
- 'display_name'=> display_name,
1536
- 'number'=> number
1537
- }
1538
-
1539
- response = self.class.post(
1540
- url,
1541
- :headers => authorized_headers,
1542
- body: data.to_json
1543
- )
1544
-
1545
- if response.code == 200
1546
- json_data = JSON.parse(response.body)
1547
- if json_data and json_data['data']
1548
- return OneLogin::Api::Models::OTPDevice.new(json_data['data'][0])
1549
- end
1550
- else
1551
- @error = response.code.to_s
1552
- @error_description = extract_error_message_from_response(response)
1553
- end
1554
- rescue Exception => e
1555
- @error = '500'
1556
- @error_description = e.message
1557
- end
1558
-
1559
- nil
1560
- end
1561
-
1562
- # Return a list of authentication factors registered to a particular user for multifactor authentication (MFA)
1563
- #
1564
- # @param user_id [Integer] The id of the user.
1565
- #
1566
- # @return [Array] OTPDevice List
1567
- #
1568
- # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/enrolled-factors Get Enrolled Authentication Factors documentation}
1569
- def get_enrolled_factors(user_id)
1570
- clean_error
1571
- prepare_token
1572
-
1573
- begin
1574
- url = url_for(GET_ENROLLED_FACTORS_URL, user_id)
1575
-
1576
- response = self.class.get(
1577
- url,
1578
- :headers => authorized_headers
1579
- )
1580
-
1581
- otp_devices = []
1582
- if response.code == 200
1583
- json_data = JSON.parse(response.body)
1584
- if json_data and json_data['data'] and json_data['data']['otp_devices']
1585
- json_data['data']['otp_devices'].each do |otp_device_data|
1586
- otp_devices << OneLogin::Api::Models::OTPDevice.new(otp_device_data)
1587
- end
1588
- end
1589
- else
1590
- @error = response.code.to_s
1591
- @error_description = extract_error_message_from_response(response)
1592
- end
1593
- return otp_devices
1594
- rescue Exception => e
1595
- @error = '500'
1596
- @error_description = e.message
1597
- end
1598
-
1599
- nil
1600
- end
1601
-
1602
- # Triggers an SMS or Push notification containing a One-Time Password (OTP)
1603
- # that can be used to authenticate a user with the Verify Factor call.
1604
- #
1605
- # @param user_id [Integer] The id of the user.
1606
- # @param device_id [Integer] The id of the MFA device.
1607
- #
1608
- # @return [FactorEnrollmentResponse] Info with User Id, Device Id, and OTP Device
1609
- #
1610
- # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/activate-factor Activate an Authentication Factor documentation}
1611
- def activate_factor(user_id, device_id)
1612
- clean_error
1613
- prepare_token
1614
-
1615
- begin
1616
- url = url_for(ACTIVATE_FACTOR_URL, user_id, device_id)
1617
-
1618
- response = self.class.post(
1619
- url,
1620
- headers: authorized_headers
1621
- )
1622
-
1623
- if response.code == 200
1624
- json_data = JSON.parse(response.body)
1625
- if json_data && json_data['data']
1626
- return OneLogin::Api::Models::FactorEnrollmentResponse.new(json_data['data'][0])
1627
- end
1628
- else
1629
- @error = response.code.to_s
1630
- @error_description = extract_error_message_from_response(response)
1631
- end
1632
- rescue Exception => e
1633
- @error = '500'
1634
- @error_description = e.message
1635
- end
1636
-
1637
- nil
1638
- end
1639
-
1640
- # Authenticates a one-time password (OTP) code provided by a multifactor authentication (MFA) device.
1641
- #
1642
- # @param user_id [Integer] The id of the user.
1643
- # @param device_id [Integer] The id of the MFA device.
1644
- # @param otp_token [String] OTP code provided by the device or SMS message sent to user.
1645
- # When a device like OneLogin Protect that supports Push has
1646
- # been used you do not need to provide the otp_token.
1647
- # @param state_token [String] The state_token is returned after a successful request
1648
- # to Enroll a Factor or Activate a Factor.
1649
- # MUST be provided if the needs_trigger attribute from
1650
- # the proceeding calls is set to true.
1651
- #
1652
- # @return [Boolean] True if Factor is verified
1653
- #
1654
- # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/verify-factor Verify an Authentication Factor documentation}
1655
- def verify_factor(user_id, device_id, otp_token=nil, state_token=nil)
1656
- clean_error
1657
- prepare_token
1658
-
1659
- begin
1660
- url = url_for(VERIFY_FACTOR_URL, user_id, device_id)
1661
-
1662
- data = {
1663
- 'user_id'=> user_id,
1664
- 'device_id'=> device_id
1665
- }
1666
-
1667
- unless otp_token.nil? || otp_token.empty?
1668
- data['otp_token'] = otp_token
1669
- end
1670
-
1671
- unless state_token.nil? || state_token.empty?
1672
- data['state_token'] = state_token
1673
- end
1674
-
1675
- response = self.class.post(
1676
- url,
1677
- headers: authorized_headers,
1678
- body: data.to_json
1679
- )
1680
-
1681
- if response.code == 200
1682
- return handle_operation_response(response)
1683
- else
1684
- @error = response.code.to_s
1685
- @error_description = extract_error_message_from_response(response)
1686
- end
1687
- rescue Exception => e
1688
- @error = '500'
1689
- @error_description = e.message
1690
- end
1691
-
1692
- false
1693
- end
1694
-
1695
- # Remove an enrolled factor from a user.
1696
- #
1697
- # @param user_id [Integer] The id of the user.
1698
- # @param device_id [Integer] The device_id of the MFA device.
1699
- #
1700
- # @return [Boolean] The result of the action
1701
- #
1702
- # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/remove-factor Remove a Factor documentation}
1703
- def remove_factor(user_id, device_id)
1704
- clean_error
1705
- prepare_token
1706
-
1707
- begin
1708
- url = url_for(REMOVE_FACTOR_URL, user_id, device_id)
1709
-
1710
- response = self.class.delete(
1711
- url,
1712
- :headers => authorized_headers
1713
- )
1714
-
1715
- if response.code == 200
1716
- return true
1717
- else
1718
- @error = response.code.to_s
1719
- @error_description = extract_error_message_from_response(response)
1720
- return false
1721
- end
1722
- rescue Exception => e
1723
- @error = '500'
1724
- @error_description = e.message
1725
- end
1726
-
1727
- nil
1728
- end
1729
-
1730
- ########################
1731
- # Invite Links Methods #
1732
- ########################
1733
-
1734
- # Generates an invite link for a user that you have already created in your OneLogin account.
1735
- #
1736
- # @param email [String] Set to the email address of the user that you want to generate an invite link for.
1737
- #
1738
- # @return [String] the invitation link
1739
- #
1740
- # @see {https://developers.onelogin.com/api-docs/1/invite-links/generate-invite-link Generate Invite Link documentation}
1741
- def generate_invite_link(email)
1742
- clean_error
1743
- prepare_token
1744
-
1745
- begin
1746
- url = url_for(GENERATE_INVITE_LINK_URL)
1747
-
1748
- data = {
1749
- 'email'=> email
1750
- }
1751
-
1752
- response = self.class.post(
1753
- url,
1754
- headers: authorized_headers,
1755
- body: data.to_json
1756
- )
1757
-
1758
- if response.code == 200
1759
- json_data = JSON.parse(response.body)
1760
- if json_data && json_data['data']
1761
- return json_data['data'][0]
1762
- end
1763
- else
1764
- @error = response.code.to_s
1765
- @error_description = extract_error_message_from_response(response)
1766
- end
1767
- rescue Exception => e
1768
- @error = '500'
1769
- @error_description = e.message
1770
- end
1771
-
1772
- nil
1773
- end
1774
-
1775
- # Sends an invite link to a user that you have already created in your OneLogin account.
1776
- #
1777
- # @param email [String] Set to the email address of the user that you want to send an invite link for.
1778
- # @param personal_email [String] (Optional) If you want to send the invite email to an email other than the
1779
- # one provided in email, provide it here. The invite link will be
1780
- # sent to this address instead.
1781
- #
1782
- # @return [String] the result of the operation
1783
- #
1784
- # @see {https://developers.onelogin.com/api-docs/1/invite-links/send-invite-link Send Invite Link documentation}
1785
- def send_invite_link(email, personal_email=nil)
1786
- clean_error
1787
- prepare_token
1788
-
1789
- begin
1790
- url = url_for(SEND_INVITE_LINK_URL)
1791
-
1792
- data = {
1793
- 'email'=> email
1794
- }
1795
-
1796
- unless personal_email.nil? || personal_email.empty?
1797
- data['personal_email'] = personal_email
1798
- end
1799
-
1800
- response = self.class.post(
1801
- url,
1802
- headers: authorized_headers,
1803
- body: data.to_json
1804
- )
1805
-
1806
- if response.code == 200
1807
- return handle_operation_response(response)
1808
- else
1809
- @error = response.code.to_s
1810
- @error_description = extract_error_message_from_response(response)
1811
- end
1812
- rescue Exception => e
1813
- @error = '500'
1814
- @error_description = e.message
1815
- end
1816
-
1817
- false
1818
- end
1819
-
1820
- # Lists apps accessible by a OneLogin user.
1821
- #
1822
- # @param token [String] Provide your embedding token.
1823
- # @param email [String] Provide the email of the user for which you want to return a list of embeddable apps.
1824
- #
1825
- # @return [Array] the embed apps
1826
- #
1827
- # @see {https://developers.onelogin.com/api-docs/1/embed-apps/get-apps-to-embed-for-a-user Get Apps to Embed for a User documentation}
1828
- def get_embed_apps(token, email)
1829
- clean_error
1830
-
1831
- begin
1832
- response = self.class.get(
1833
- EMBED_APP_URL,
1834
- headers: {
1835
- 'User-Agent' => @user_agent
1836
- },
1837
- query: {
1838
- token: token,
1839
- email: email
1840
- }
1841
- )
1842
-
1843
- if response.code == 200 && !(response.body.nil? || response.body.empty?)
1844
- return retrieve_apps_from_xml(response.body)
1845
- else
1846
- @error = response.code.to_s
1847
- unless response.body.nil? || response.body.empty?
1848
- @error_description = response.body
1849
- end
1850
- end
1851
- rescue Exception => e
1852
- @error = '500'
1853
- @error_description = e.message
1854
- end
1855
-
1856
- nil
1857
- end
1858
-
1859
- def retrieve_apps_from_xml(xml_content)
1860
- doc = Nokogiri::XML(xml_content) do |config|
1861
- config.options = NOKOGIRI_OPTIONS
1862
- end
1863
-
1864
- node_list = doc.xpath("/apps/app")
1865
- attributes = ['id', 'icon', 'name', 'provisioned', 'extension_required', 'personal', 'login_id']
1866
- apps = []
1867
- node_list.each do |node|
1868
- app_data = {}
1869
- node.children.each do |children|
1870
- if attributes.include? children.name
1871
- app_data[children.name] = children.content
1872
- end
1873
- end
1874
- apps << OneLogin::Api::Models::EmbedApp.new(app_data)
1875
- end
1876
-
1877
- apps
1878
- end
1879
-
1880
- #####################
1881
- # Privilege Methods #
1882
- #####################
1883
-
1884
- # Gets a list of the Privileges created in an account.
1885
- #
1886
- # @return [Array] list of privilege objects
1887
- #
1888
- # @see {https://developers.onelogin.com/api-docs/1/privileges/list-privileges List Privileges documentation}
1889
- def get_privileges()
1890
- clean_error
1891
- prepare_token
1892
-
1893
- begin
1894
-
1895
- url = url_for(LIST_PRIVILEGES_URL)
1896
-
1897
- privileges = []
1898
- response = self.class.get(
1899
- url,
1900
- headers: authorized_headers
1901
- )
1902
-
1903
- if response.code == 200
1904
- json_data = JSON.parse(response.body)
1905
- if !json_data.empty?
1906
- json_data.each do |data|
1907
- privileges << OneLogin::Api::Models::Privilege.new(data)
1908
- end
1909
- end
1910
- return privileges
1911
- else
1912
- @error = extract_status_code_from_response(response)
1913
- @error_description = extract_error_message_from_response(response)
1914
- end
1915
- rescue Exception => e
1916
- @error = '500'
1917
- @error_description = e.message
1918
- end
1919
-
1920
- nil
1921
- end
1922
-
1923
- # Creates a Privilege
1924
- #
1925
- # @param name [string] The name of the privilege.
1926
- # @param version [string] The version for the privilege schema. Set to 2018-05-18.
1927
- # @param statements [Array] A list of statements. Statement object or a dict with the keys Effect, Action and Scope
1928
- #
1929
- # @return [Privilege] the created privilege
1930
- #
1931
- # @see {https://developers.onelogin.com/api-docs/1/privileges/create-privilege Create Privilege documentation}
1932
- def create_privilege(name, version, statements)
1933
- clean_error
1934
- prepare_token
1935
-
1936
- begin
1937
- url = url_for(CREATE_PRIVILEGE_URL)
1938
-
1939
- statement_data = []
1940
- for statement in statements
1941
- if statement.instance_of?(OneLogin::Api::Models::Statement)
1942
- statement_data << {
1943
- 'Effect' => statement.effect,
1944
- 'Action' => statement.actions,
1945
- 'Scope' => statement.scopes
1946
- }
1947
- elsif statement.instance_of?(Hash) && statement.has_key?('Effect') && statement.has_key?('Action') && statement.has_key?('Scope')
1948
- statement_data << statement
1949
- else
1950
- @error = 400.to_s
1951
- @error_description = "statements is invalid. Provide a list of statements. The statement should be an Statement object or dict with the keys Effect, Action and Scope"
1952
- return
1953
- end
1954
- end
1955
-
1956
- privilege_data = {
1957
- 'name' => name,
1958
- 'privilege' => {
1959
- 'Version'=> version,
1960
- 'Statement' => statement_data
1961
- }
1962
- }
1963
-
1964
- response = self.class.post(
1965
- url,
1966
- headers: authorized_headers,
1967
- body: privilege_data.to_json
1968
- )
1969
-
1970
- if response.code == 201
1971
- json_data = JSON.parse(response.body)
1972
- if json_data && json_data.has_key?('id')
1973
- return OneLogin::Api::Models::Privilege.new(json_data['id'], name, version, statements)
1974
- end
1975
- else
1976
- @error = extract_status_code_from_response(response)
1977
- @error_description = extract_error_message_from_response(response)
1978
- end
1979
- rescue Exception => e
1980
- @error = '500'
1981
- @error_description = e.message
1982
- end
1983
-
1984
- nil
1985
- end
1986
-
1987
- # Get a Privilege.
1988
- #
1989
- # @param privilege_id [string] Id of the privilege
1990
- #
1991
- # @return [Privilege] the privilege identified by the id
1992
- #
1993
- # @see {https://developers.onelogin.com/api-docs/1/privileges/get-privilege Get Privilege documentation}
1994
- def get_privilege(privilege_id)
1995
- clean_error
1996
- prepare_token
1997
-
1998
- begin
1999
-
2000
- url = url_for(GET_PRIVILEGE_URL, privilege_id)
2001
-
2002
- response = self.class.get(
2003
- url,
2004
- headers: authorized_headers
2005
- )
2006
-
2007
- if response.code == 200
2008
- json_data = JSON.parse(response.body)
2009
- if json_data && json_data.has_key?('id')
2010
- return OneLogin::Api::Models::Privilege.new(json_data)
2011
- end
2012
- else
2013
- @error = extract_status_code_from_response(response)
2014
- @error_description = extract_error_message_from_response(response)
2015
- end
2016
- rescue Exception => e
2017
- @error = '500'
2018
- @error_description = e.message
2019
- end
2020
-
2021
- nil
2022
- end
2023
-
2024
- # Updates a Privilege
2025
- #
2026
- # @param privilege_id [string] The id of the privilege to be updated.
2027
- # @param name [string] The name of the privilege.
2028
- # @param version [string] The version for the privilege schema. Set to 2018-05-18.
2029
- # @param statements [Array] A list of statements. Statement object or a dict with the keys Effect, Action and Scope
2030
- #
2031
- #
2032
- # @return [Privilege] the modified privilege
2033
- #
2034
- # @see {https://developers.onelogin.com/api-docs/1/privileges/update-privilege Update Privilege documentation}
2035
- def update_privilege(privilege_id, name, version, statements)
2036
- clean_error
2037
- prepare_token
2038
-
2039
- begin
2040
- url = url_for(UPDATE_PRIVILEGE_URL, privilege_id)
2041
-
2042
- statement_data = []
2043
- for statement in statements
2044
- if statement.instance_of?(OneLogin::Api::Models::Statement)
2045
- statement_data << {
2046
- 'Effect' => statement.effect,
2047
- 'Action' => statement.actions,
2048
- 'Scope' => statement.scopes
2049
- }
2050
- elsif statement.instance_of?(Hash) && statement.has_key?('Effect') && statement.has_key?('Action') && statement.has_key?('Scope')
2051
- statement_data << statement
2052
- else
2053
- @error = 400.to_s
2054
- @error_description = "statements is invalid. Provide a list of statements. The statement should be an Statement object or dict with the keys Effect, Action and Scope"
2055
- return
2056
- end
2057
- end
2058
-
2059
- privilege_data = {
2060
- 'name' => name,
2061
- 'privilege' => {
2062
- 'Version'=> version,
2063
- 'Statement' => statement_data
2064
- }
2065
- }
2066
-
2067
- response = self.class.put(
2068
- url,
2069
- headers: authorized_headers,
2070
- body: privilege_data.to_json
2071
- )
2072
-
2073
- if response.code == 200
2074
- json_data = JSON.parse(response.body)
2075
- if json_data && json_data.has_key?('id')
2076
- return OneLogin::Api::Models::Privilege.new(json_data['id'], name, version, statements)
2077
- end
2078
- else
2079
- @error = extract_status_code_from_response(response)
2080
- @error_description = extract_error_message_from_response(response)
2081
- end
2082
- rescue Exception => e
2083
- @error = '500'
2084
- @error_description = e.message
2085
- end
2086
-
2087
- nil
2088
- end
2089
-
2090
- # Deletes a Privilege
2091
- #
2092
- # @param privilege_id [string] Id of the privilege to be removed.
2093
- #
2094
- # @return [Boolean] if the action succeed
2095
- #
2096
- # @see {https://developers.onelogin.com/api-docs/1/privileges/delete-privilege Delete Privilege documentation}
2097
- def delete_privilege(privilege_id)
2098
- clean_error
2099
- prepare_token
2100
-
2101
- begin
2102
- url = url_for(DELETE_PRIVILEGE_URL, privilege_id)
2103
-
2104
- response = self.class.delete(
2105
- url,
2106
- headers: authorized_headers
2107
- )
2108
-
2109
- if response.code == 204
2110
- return handle_operation_response(response)
2111
- else
2112
- @error = extract_status_code_from_response(response)
2113
- @error_description = extract_error_message_from_response(response)
2114
- end
2115
- rescue Exception => e
2116
- @error = '500'
2117
- @error_description = e.message
2118
- end
2119
-
2120
- false
2121
- end
2122
-
2123
- # Gets a list of the roles assigned to a privilege.
2124
- #
2125
- # @param privilege_id [string] Id of the privilege.
2126
- #
2127
- # @return [Array] list of Role Id
2128
- #
2129
- # @see {https://developers.onelogin.com/api-docs/1/privileges/get-roles Get Assigned Roles documentation}
2130
- def get_roles_assigned_to_privilege(privilege_id)
2131
- clean_error
2132
- prepare_token
2133
-
2134
- begin
2135
- options = {
2136
- headers: authorized_headers,
2137
- max_results: @max_results,
2138
- container: 'roles'
2139
- }
2140
-
2141
- return Cursor.new(self.class, url_for(GET_ROLES_ASSIGNED_TO_PRIVILEGE_URL, privilege_id), options)
2142
-
2143
- rescue Exception => e
2144
- @error = '500'
2145
- @error_description = e.message
2146
- end
2147
-
2148
- nil
2149
- end
2150
-
2151
- # Assign one or more roles to a privilege.
2152
- #
2153
- # @param privilege_id [string] Id of the privilege.
2154
- # @param role_ids [Array] Ids of the roles to be added.
2155
- #
2156
- # @return [Boolean] if the action succeed
2157
- #
2158
- # @see {https://developers.onelogin.com/api-docs/1/privileges/assign-role Assign Roles documentation}
2159
- def assign_roles_to_privilege(privilege_id, role_ids)
2160
- clean_error
2161
- prepare_token
2162
-
2163
- begin
2164
- url = url_for(ASSIGN_ROLES_TO_PRIVILEGE_URL, privilege_id)
2165
-
2166
- data = {
2167
- 'roles' => role_ids
2168
- }
2169
-
2170
- response = self.class.post(
2171
- url,
2172
- headers: authorized_headers,
2173
- body: data.to_json
2174
- )
2175
-
2176
- if response.code == 201
2177
- return handle_operation_response(response)
2178
- else
2179
- @error = extract_status_code_from_response(response)
2180
- @error_description = extract_error_message_from_response(response)
2181
-
2182
- end
2183
- rescue Exception => e
2184
- @error = '500'
2185
- @error_description = e.message
2186
- end
2187
-
2188
- false
2189
- end
2190
-
2191
- # Removes one role from the privilege.
2192
- #
2193
- # @param privilege_id [string] Id of the privilege.
2194
- # @param role_id [Integer] Id of the role to be removed.
2195
- #
2196
- # @return [Boolean] if the action succeed
2197
- #
2198
- # @see {https://developers.onelogin.com/api-docs/1/privileges/remove-role Remove Role documentation}
2199
- def remove_role_from_privilege(privilege_id, role_id)
2200
- clean_error
2201
- prepare_token
2202
-
2203
- begin
2204
- url = url_for(REMOVE_ROLE_FROM_PRIVILEGE_URL, privilege_id, role_id)
2205
-
2206
- response = self.class.delete(
2207
- url,
2208
- headers: authorized_headers
2209
- )
2210
-
2211
- if response.code == 204
2212
- return true
2213
- else
2214
- @error = extract_status_code_from_response(response)
2215
- @error_description = extract_error_message_from_response(response)
2216
- end
2217
- rescue Exception => e
2218
- @error = '500'
2219
- @error_description = e.message
2220
- end
2221
-
2222
- false
2223
- end
2224
-
2225
- # Gets a list of the users assigned to a privilege.
2226
- #
2227
- # @param privilege_id [string] Id of the privilege.
2228
- #
2229
- # @return [Array] list of User Id
2230
- #
2231
- # @see {https://developers.onelogin.com/api-docs/1/privileges/get-users Get Assigned Users documentation}
2232
- def get_users_assigned_to_privilege(privilege_id)
2233
- clean_error
2234
- prepare_token
2235
-
2236
- begin
2237
- options = {
2238
- headers: authorized_headers,
2239
- max_results: @max_results,
2240
- container: 'users'
2241
- }
2242
-
2243
- return Cursor.new(self.class, url_for(GET_USERS_ASSIGNED_TO_PRIVILEGE_URL, privilege_id), options)
2244
-
2245
- rescue Exception => e
2246
- @error = '500'
2247
- @error_description = e.message
2248
- end
2249
-
2250
- nil
2251
- end
2252
-
2253
- # Assign one or more users to a privilege.
2254
- #
2255
- # @param privilege_id [string] Id of the privilege.
2256
- # @param user_ids [Array] Ids of the users to be added.
2257
- #
2258
- # @return [Boolean] if the action succeed
2259
- #
2260
- # @see {https://developers.onelogin.com/api-docs/1/privileges/assign-users Assign Users documentation}
2261
- def assign_users_to_privilege(privilege_id, user_ids)
2262
- clean_error
2263
- prepare_token
2264
-
2265
- begin
2266
- url = url_for(ASSIGN_USERS_TO_PRIVILEGE_URL, privilege_id)
2267
-
2268
- data = {
2269
- 'users' => user_ids
2270
- }
2271
-
2272
- response = self.class.post(
2273
- url,
2274
- headers: authorized_headers,
2275
- body: data.to_json
2276
- )
2277
-
2278
- if response.code == 201
2279
- return handle_operation_response(response)
2280
- else
2281
- @error = extract_status_code_from_response(response)
2282
- @error_description = extract_error_message_from_response(response)
2283
- end
2284
- rescue Exception => e
2285
- @error = '500'
2286
- @error_description = e.message
2287
- end
2288
-
2289
- false
2290
- end
2291
-
2292
- # Removes one user from the privilege.
2293
- #
2294
- # @param privilege_id [string] Id of the privilege.
2295
- # @param user_id [Integer] Id of the user to be removed.
2296
- #
2297
- # @return [Boolean] if the action succeed
2298
- #
2299
- # @see {https://developers.onelogin.com/api-docs/1/privileges/remove-user Remove User documentation}
2300
- def remove_user_from_privilege(privilege_id, user_id)
2301
- clean_error
2302
- prepare_token
2303
-
2304
- begin
2305
- url = url_for(REMOVE_USER_FROM_PRIVILEGE_URL, privilege_id, user_id)
2306
-
2307
- response = self.class.delete(
2308
- url,
2309
- headers: authorized_headers
2310
- )
2311
-
2312
- if response.code == 204
2313
- return true
2314
- else
2315
- @error = extract_status_code_from_response(response)
2316
- @error_description = extract_error_message_from_response(response)
2317
- end
2318
- rescue Exception => e
2319
- @error = '500'
2320
- @error_description = e.message
2321
- end
2322
-
2323
- false
2324
- end
2325
-
2326
- end
2327
- end
2328
- end