stytch 10.4.0 → 10.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/stytch/b2b_sessions.rb +3 -3
- data/lib/stytch/b2b_sso.rb +5 -0
- data/lib/stytch/client.rb +3 -1
- data/lib/stytch/impersonation.rb +64 -0
- data/lib/stytch/sessions.rb +3 -3
- data/lib/stytch/version.rb +1 -1
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 1fc94b3f2682727e8313774b34312e8e5b621e012a99cf789c956cfc08a43419
|
|
4
|
+
data.tar.gz: e82cbc5ef8e95c439b0e959c9aeb1b88d123b589e58816be36359654b5c642da
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: e37526e4eeef1517b5aa1fc415a7b9f742943ba89fe97c88088ae7059ecb1840b4330dc7c7dffd7c8b822f3a69697ebcafac2965f735e53bfd1b6fc47dd82c68
|
|
7
|
+
data.tar.gz: 8a84503310f85e276f94d7c8ce7adbc0a3b010669a8d9548256df0c9a8d35a1ec759eb803a74be530dd2226895483f385c0a4fa5e8d1e86e7bc29ddb5f8ce6f5
|
data/lib/stytch/b2b_sessions.rb
CHANGED
|
@@ -414,11 +414,11 @@ module StytchB2B
|
|
|
414
414
|
|
|
415
415
|
# Get the JSON Web Key Set (JWKS) for a project.
|
|
416
416
|
#
|
|
417
|
-
# JWKS are rotated every ~6 months. Upon rotation, new JWTs will be signed using the new key
|
|
417
|
+
# JWKS are rotated every ~6 months. Upon rotation, new JWTs will be signed using the new key, and both keys will be returned by this endpoint for a period of 1 month.
|
|
418
418
|
#
|
|
419
419
|
# JWTs have a set lifetime of 5 minutes, so there will be a 5 minute period where some JWTs will be signed by the old JWKS, and some JWTs will be signed by the new JWKS. The correct JWKS to use for validation is determined by matching the `kid` value of the JWT and JWKS.
|
|
420
420
|
#
|
|
421
|
-
# If you're using one of our [backend SDKs](https://stytch.com/docs/b2b/sdks), the JWKS
|
|
421
|
+
# If you're using one of our [backend SDKs](https://stytch.com/docs/b2b/sdks), the JWKS rotation will be handled for you.
|
|
422
422
|
#
|
|
423
423
|
# If you're using your own JWT validation library, many have built-in support for JWKS rotation, and you'll just need to supply this API endpoint. If not, your application should decide which JWKS to use for validation by inspecting the `kid` value.
|
|
424
424
|
#
|
|
@@ -432,7 +432,7 @@ module StytchB2B
|
|
|
432
432
|
# == Returns:
|
|
433
433
|
# An object with the following fields:
|
|
434
434
|
# keys::
|
|
435
|
-
# The
|
|
435
|
+
# The list of JWKs associated with the project.
|
|
436
436
|
# The type of this field is list of +JWK+ (+object+).
|
|
437
437
|
# request_id::
|
|
438
438
|
# Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
|
data/lib/stytch/b2b_sso.rb
CHANGED
|
@@ -633,6 +633,9 @@ module StytchB2B
|
|
|
633
633
|
#
|
|
634
634
|
# Specifying a known provider allows Stytch to handle any provider-specific logic.
|
|
635
635
|
# The type of this field is nilable +UpdateConnectionRequestIdentityProvider+ (string enum).
|
|
636
|
+
# signing_private_key::
|
|
637
|
+
# A PKCS1 format RSA private key used for signing SAML requests. Only PKCS1 format (starting with "-----BEGIN RSA PRIVATE KEY-----") is supported. When provided, Stytch will generate a new x509 certificate from this key and return it in the signing_certificates array.
|
|
638
|
+
# The type of this field is nilable +String+.
|
|
636
639
|
#
|
|
637
640
|
# == Returns:
|
|
638
641
|
# An object with the following fields:
|
|
@@ -660,6 +663,7 @@ module StytchB2B
|
|
|
660
663
|
saml_group_implicit_role_assignments: nil,
|
|
661
664
|
alternative_audience_uri: nil,
|
|
662
665
|
identity_provider: nil,
|
|
666
|
+
signing_private_key: nil,
|
|
663
667
|
method_options: nil
|
|
664
668
|
)
|
|
665
669
|
headers = {}
|
|
@@ -674,6 +678,7 @@ module StytchB2B
|
|
|
674
678
|
request[:saml_group_implicit_role_assignments] = saml_group_implicit_role_assignments unless saml_group_implicit_role_assignments.nil?
|
|
675
679
|
request[:alternative_audience_uri] = alternative_audience_uri unless alternative_audience_uri.nil?
|
|
676
680
|
request[:identity_provider] = identity_provider unless identity_provider.nil?
|
|
681
|
+
request[:signing_private_key] = signing_private_key unless signing_private_key.nil?
|
|
677
682
|
|
|
678
683
|
put_request("/v1/b2b/sso/saml/#{organization_id}/connections/#{connection_id}", request, headers)
|
|
679
684
|
end
|
data/lib/stytch/client.rb
CHANGED
|
@@ -2,6 +2,7 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'crypto_wallets'
|
|
4
4
|
require_relative 'fraud'
|
|
5
|
+
require_relative 'impersonation'
|
|
5
6
|
require_relative 'm2m'
|
|
6
7
|
require_relative 'magic_links'
|
|
7
8
|
require_relative 'oauth'
|
|
@@ -17,7 +18,7 @@ module Stytch
|
|
|
17
18
|
class Client
|
|
18
19
|
ENVIRONMENTS = %i[live test].freeze
|
|
19
20
|
|
|
20
|
-
attr_reader :crypto_wallets, :fraud, :m2m, :magic_links, :oauth, :otps, :passwords, :project, :sessions, :totps, :users, :webauthn
|
|
21
|
+
attr_reader :crypto_wallets, :fraud, :impersonation, :m2m, :magic_links, :oauth, :otps, :passwords, :project, :sessions, :totps, :users, :webauthn
|
|
21
22
|
|
|
22
23
|
def initialize(project_id:, secret:, env: nil, fraud_env: nil, &block)
|
|
23
24
|
@api_host = api_host(env, project_id)
|
|
@@ -30,6 +31,7 @@ module Stytch
|
|
|
30
31
|
|
|
31
32
|
@crypto_wallets = Stytch::CryptoWallets.new(@connection)
|
|
32
33
|
@fraud = Stytch::Fraud.new(@fraud_connection)
|
|
34
|
+
@impersonation = Stytch::Impersonation.new(@connection)
|
|
33
35
|
@m2m = Stytch::M2M.new(@connection, @project_id, @is_b2b_client)
|
|
34
36
|
@magic_links = Stytch::MagicLinks.new(@connection)
|
|
35
37
|
@oauth = Stytch::OAuth.new(@connection)
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
# !!!
|
|
4
|
+
# WARNING: This file is autogenerated
|
|
5
|
+
# Only modify code within MANUAL() sections
|
|
6
|
+
# or your changes may be overwritten later!
|
|
7
|
+
# !!!
|
|
8
|
+
|
|
9
|
+
require_relative 'request_helper'
|
|
10
|
+
|
|
11
|
+
module Stytch
|
|
12
|
+
class Impersonation
|
|
13
|
+
include Stytch::RequestHelper
|
|
14
|
+
|
|
15
|
+
def initialize(connection)
|
|
16
|
+
@connection = connection
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
# Authenticate an impersonation token to impersonate a User. This endpoint requires an impersonation token that is not expired or previously used.
|
|
20
|
+
# A Stytch session will be created for the impersonated user with a 60 minute duration. Impersonated sessions cannot be extended.
|
|
21
|
+
#
|
|
22
|
+
# == Parameters:
|
|
23
|
+
# impersonation_token::
|
|
24
|
+
# The User Impersonation token to authenticate.
|
|
25
|
+
# The type of this field is +String+.
|
|
26
|
+
#
|
|
27
|
+
# == Returns:
|
|
28
|
+
# An object with the following fields:
|
|
29
|
+
# request_id::
|
|
30
|
+
# Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
|
|
31
|
+
# The type of this field is +String+.
|
|
32
|
+
# user_id::
|
|
33
|
+
# The unique ID of the affected User.
|
|
34
|
+
# The type of this field is +String+.
|
|
35
|
+
# user::
|
|
36
|
+
# The `user` object affected by this API call. See the [Get user endpoint](https://stytch.com/docs/api/get-user) for complete response field details.
|
|
37
|
+
# The type of this field is +User+ (+object+).
|
|
38
|
+
# session_token::
|
|
39
|
+
# A secret token for a given Stytch Session.
|
|
40
|
+
# The type of this field is +String+.
|
|
41
|
+
# session_jwt::
|
|
42
|
+
# The JSON Web Token (JWT) for a given Stytch Session.
|
|
43
|
+
# The type of this field is +String+.
|
|
44
|
+
# status_code::
|
|
45
|
+
# The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.
|
|
46
|
+
# The type of this field is +Integer+.
|
|
47
|
+
# session::
|
|
48
|
+
# If you initiate a Session, by including `session_duration_minutes` in your authenticate call, you'll receive a full Session object in the response.
|
|
49
|
+
#
|
|
50
|
+
# See [GET sessions](https://stytch.com/docs/api/session-get) for complete response fields.
|
|
51
|
+
#
|
|
52
|
+
# The type of this field is nilable +Session+ (+object+).
|
|
53
|
+
def authenticate(
|
|
54
|
+
impersonation_token:
|
|
55
|
+
)
|
|
56
|
+
headers = {}
|
|
57
|
+
request = {
|
|
58
|
+
impersonation_token: impersonation_token
|
|
59
|
+
}
|
|
60
|
+
|
|
61
|
+
post_request('/v1/impersonation/authenticate', request, headers)
|
|
62
|
+
end
|
|
63
|
+
end
|
|
64
|
+
end
|
data/lib/stytch/sessions.rb
CHANGED
|
@@ -222,11 +222,11 @@ module Stytch
|
|
|
222
222
|
|
|
223
223
|
# Get the JSON Web Key Set (JWKS) for a project.
|
|
224
224
|
#
|
|
225
|
-
# JWKS are rotated every ~6 months. Upon rotation, new JWTs will be signed using the new key
|
|
225
|
+
# JWKS are rotated every ~6 months. Upon rotation, new JWTs will be signed using the new key, and both keys will be returned by this endpoint for a period of 1 month.
|
|
226
226
|
#
|
|
227
227
|
# JWTs have a set lifetime of 5 minutes, so there will be a 5 minute period where some JWTs will be signed by the old JWKS, and some JWTs will be signed by the new JWKS. The correct JWKS to use for validation is determined by matching the `kid` value of the JWT and JWKS.
|
|
228
228
|
#
|
|
229
|
-
# If you're using one of our [backend SDKs](https://stytch.com/docs/sdks), the JWKS
|
|
229
|
+
# If you're using one of our [backend SDKs](https://stytch.com/docs/sdks), the JWKS rotation will be handled for you.
|
|
230
230
|
#
|
|
231
231
|
# If you're using your own JWT validation library, many have built-in support for JWKS rotation, and you'll just need to supply this API endpoint. If not, your application should decide which JWKS to use for validation by inspecting the `kid` value.
|
|
232
232
|
#
|
|
@@ -240,7 +240,7 @@ module Stytch
|
|
|
240
240
|
# == Returns:
|
|
241
241
|
# An object with the following fields:
|
|
242
242
|
# keys::
|
|
243
|
-
# The
|
|
243
|
+
# The list of JWKs associated with the project.
|
|
244
244
|
# The type of this field is list of +JWK+ (+object+).
|
|
245
245
|
# request_id::
|
|
246
246
|
# Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.
|
data/lib/stytch/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: stytch
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 10.
|
|
4
|
+
version: 10.6.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- stytch
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-02-
|
|
11
|
+
date: 2025-02-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: faraday
|
|
@@ -142,6 +142,7 @@ files:
|
|
|
142
142
|
- lib/stytch/crypto_wallets.rb
|
|
143
143
|
- lib/stytch/errors.rb
|
|
144
144
|
- lib/stytch/fraud.rb
|
|
145
|
+
- lib/stytch/impersonation.rb
|
|
145
146
|
- lib/stytch/m2m.rb
|
|
146
147
|
- lib/stytch/magic_links.rb
|
|
147
148
|
- lib/stytch/method_options.rb
|