From 02df06f545ae833221422e8a62068d9a17a82dfb Mon Sep 17 00:00:00 2001 From: Adam Mcgrath Date: Thu, 26 Oct 2023 14:07:59 +0100 Subject: [PATCH 1/3] Add MFA tenant setting and handle deprecations --- src/deprecations.ts | 68 +++++ src/index.ts | 2 + .../__generated/managers/emails-manager.ts | 8 +- .../__generated/managers/grants-manager.ts | 2 +- .../managers/organizations-manager.ts | 29 +- .../__generated/managers/roles-manager.ts | 4 +- src/management/__generated/models/index.ts | 251 +++++++++++------- test/management/grants.test.ts | 2 +- 8 files changed, 252 insertions(+), 114 deletions(-) create mode 100644 src/deprecations.ts diff --git a/src/deprecations.ts b/src/deprecations.ts new file mode 100644 index 000000000..57dd9b935 --- /dev/null +++ b/src/deprecations.ts @@ -0,0 +1,68 @@ +// These can be removed in the next major. +import { + EmailProviderCreate, + EmailProviderCreateNameEnum, + EmailProviderUpdate, + EmailProviderUpdateNameEnum, + EmailProviderUpdateCredentials, + Client as _Client, + ClientCreate as _ClientCreate, + ClientUpdate as _ClientUpdate, + ClientCreateOidcLogout, + ClientOidcLogout, + ClientUpdateOidcLogout, +} from './management/__generated/models/index.js'; + +/** + * @deprecated Use {@link EmailProviderUpdate} instead. + */ +export type PatchProviderRequest = EmailProviderUpdate; +/** + * @deprecated Use {@link EmailProviderUpdateNameEnum} instead. + */ +export const PatchProviderRequestNameEnum = EmailProviderUpdateNameEnum; +/** + * @deprecated Use {@link EmailProviderCreate} instead. + */ +export type PostProviderRequest = EmailProviderCreate; +/** + * @deprecated Use {@link EmailProviderCreateNameEnum} instead. + */ +export const PostProviderRequestNameEnum = EmailProviderCreateNameEnum; +/** + * @deprecated Use {@link EmailProviderUpdateCredentials} instead. + */ +export type PostProviderRequestCredentials = EmailProviderUpdateCredentials; +/** + * @deprecated Use {@link ClientCreateOidcLogout} instead. + */ +export type ClientCreateOidcBackchannelLogout = ClientCreateOidcLogout; +/** + * @deprecated Use {@link ClientOidcLogout} instead. + */ +export type ClientOidcBackchannelLogout = ClientOidcLogout; +/** + * @deprecated Use {@link ClientUpdateOidcLogout} instead. + */ +export type ClientUpdateOidcBackchannelLogout = ClientUpdateOidcLogout; + +export interface Client extends _Client { + /** + * @deprecated Use {@link _Client.oidc_logout} instead. + */ + oidc_backchannel_logout?: ClientOidcLogout; +} + +export interface ClientCreate extends _ClientCreate { + /** + * @deprecated Use {@link _ClientCreate.oidc_logout} instead. + */ + oidc_backchannel_logout?: ClientCreateOidcLogout; +} + +export interface ClientUpdate extends _ClientUpdate { + /** + * @deprecated Use {@link _ClientUpdate.oidc_logout} instead. + */ + oidc_backchannel_logout?: ClientUpdateOidcLogout; +} diff --git a/src/index.ts b/src/index.ts index f29bd4d92..320647cab 100644 --- a/src/index.ts +++ b/src/index.ts @@ -3,3 +3,5 @@ export * from './auth/index.js'; export * from './userinfo/index.js'; export * from './lib/errors.js'; export * from './lib/models.js'; +export * from './deprecations.js'; +export { Client, ClientCreate, ClientUpdate } from './deprecations.js'; diff --git a/src/management/__generated/managers/emails-manager.ts b/src/management/__generated/managers/emails-manager.ts index df9eac0e2..b31172386 100644 --- a/src/management/__generated/managers/emails-manager.ts +++ b/src/management/__generated/managers/emails-manager.ts @@ -2,8 +2,8 @@ import * as runtime from '../../../lib/runtime.js'; import type { InitOverride, ApiResponse } from '../../../lib/runtime.js'; import type { EmailProvider, - PatchProviderRequest, - PostProviderRequest, + EmailProviderCreate, + EmailProviderUpdate, GetProviderRequest, } from '../models/index.js'; @@ -58,7 +58,7 @@ export class EmailsManager extends BaseAPI { * @throws {RequiredError} */ async update( - bodyParameters: PatchProviderRequest, + bodyParameters: EmailProviderUpdate, initOverrides?: InitOverride ): Promise> { const headerParameters: runtime.HTTPHeaders = {}; @@ -89,7 +89,7 @@ export class EmailsManager extends BaseAPI { * @throws {RequiredError} */ async configure( - bodyParameters: PostProviderRequest, + bodyParameters: EmailProviderCreate, initOverrides?: InitOverride ): Promise> { const headerParameters: runtime.HTTPHeaders = {}; diff --git a/src/management/__generated/managers/grants-manager.ts b/src/management/__generated/managers/grants-manager.ts index 485edfd0d..17262cdfe 100644 --- a/src/management/__generated/managers/grants-manager.ts +++ b/src/management/__generated/managers/grants-manager.ts @@ -59,7 +59,7 @@ export class GrantsManager extends BaseAPI { const response = await this.request( { - path: `/grants/`, + path: `/grants`, method: 'DELETE', query: queryParameters, }, diff --git a/src/management/__generated/managers/organizations-manager.ts b/src/management/__generated/managers/organizations-manager.ts index 6bf3af73d..a2940a518 100644 --- a/src/management/__generated/managers/organizations-manager.ts +++ b/src/management/__generated/managers/organizations-manager.ts @@ -362,19 +362,34 @@ export class OrganizationsManager extends BaseAPI { } /** - * List organization members. This endpoint supports two types of pagination: + * List organization members. + * + *
    + *
  • + * Use the fields parameter to optionally define the specific member details retrieved. If + * fields is left blank, all fields (except roles) are returned. + *
    • + *
  • + * Member roles are not sent by default. Use fields=roles to retrieve the roles assigned to each listed + * member. To use this parameter, you must include the read:organization_member_roles scope in the token. + *
    • + *
+ * + * This endpoint supports two types of pagination: + * * - Offset pagination * - Checkpoint pagination * - * Checkpoint pagination must be used if you need to retrieve more than 1000 organization members. + * Checkpoint pagination must be used if you need to retrieve more than 1000 + * organization members. * *

Checkpoint Pagination

* - * To search by checkpoint, use the following parameters: - * - from: Optional id from which to start selection. - * - take: The total amount of entries to retrieve when using the from parameter. Defaults to 50. - * - * Note: The first time you call this endpoint using Checkpoint Pagination, you should omit the from parameter. If there are more results, a next value will be included in the response. You can use this for subsequent API calls. When next is no longer included in the response, this indicates there are no more pages remaining. + * To search by checkpoint, use the following parameters: - from: Optional id from which to start selection. - take: The + * total amount of entries to retrieve when using the from parameter. Defaults to 50. Note: The first time you call this + * endpoint using Checkpoint Pagination, you should omit the from parameter. If there are more results, a + * next value will be included in the response. You can use this for subsequent API calls. When + * next is no longer included in the response, this indicates there are no more pages remaining. * * Get members who belong to an organization * diff --git a/src/management/__generated/managers/roles-manager.ts b/src/management/__generated/managers/roles-manager.ts index c33ad4855..8fa1490dc 100644 --- a/src/management/__generated/managers/roles-manager.ts +++ b/src/management/__generated/managers/roles-manager.ts @@ -12,7 +12,7 @@ import type { GetRolePermission200ResponseOneOf, Permission, GetRoleUser200ResponseOneOf, - GetMembers200ResponseOneOfInner, + GetRoleUser200ResponseOneOfInner, GetOrganizationMemberRoles200ResponseOneOf, DeleteRolePermissionAssignmentRequest, DeleteRolesByIdRequest, @@ -166,7 +166,7 @@ export class RolesManager extends BaseAPI { async getUsers( requestParameters?: GetRoleUserRequest, initOverrides?: InitOverride - ): Promise>>; + ): Promise>>; async getUsers( requestParameters: GetRoleUserRequest, initOverrides?: InitOverride diff --git a/src/management/__generated/models/index.ts b/src/management/__generated/models/index.ts index 572fd9b0e..e7d2d79fa 100644 --- a/src/management/__generated/models/index.ts +++ b/src/management/__generated/models/index.ts @@ -95,7 +95,7 @@ export interface Client { allowed_logout_urls: Array; /** */ - oidc_backchannel_logout: ClientOidcBackchannelLogout; + oidc_logout: ClientOidcLogout; /** * List of grant types supported for this application. Can include `authorization_code`, `implicit`, `refresh_token`, `client_credentials`, `password`, `http://auth0.com/oauth/grant-type/password-realm`, `http://auth0.com/oauth/grant-type/mfa-oob`, `http://auth0.com/oauth/grant-type/mfa-otp`, `http://auth0.com/oauth/grant-type/mfa-recovery-code`, and `urn:ietf:params:oauth:grant-type:device_code`. * @@ -893,7 +893,7 @@ export interface ClientCreate { callbacks?: Array; /** */ - oidc_backchannel_logout?: ClientCreateOidcBackchannelLogout; + oidc_logout?: ClientCreateOidcLogout; /** * Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs. * @@ -1825,7 +1825,7 @@ export interface ClientCreateNativeSocialLoginFacebook { /** * Configuration for OIDC backchannel logout */ -export interface ClientCreateOidcBackchannelLogout { +export interface ClientCreateOidcLogout { /** * Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. * @@ -2011,7 +2011,7 @@ export interface ClientNativeSocialLoginFacebook { /** * Configuration for OIDC backchannel logout */ -export interface ClientOidcBackchannelLogout { +export interface ClientOidcLogout { [key: string]: any | any; /** * Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. @@ -2126,7 +2126,7 @@ export interface ClientUpdate { callbacks?: Array; /** */ - oidc_backchannel_logout?: ClientUpdateOidcBackchannelLogout | null; + oidc_logout?: ClientUpdateOidcLogout | null; /** * A set of URLs that represents valid origins for CORS * @@ -2517,7 +2517,7 @@ export interface ClientUpdateMobileIos { /** * Configuration for OIDC backchannel logout */ -export interface ClientUpdateOidcBackchannelLogout { +export interface ClientUpdateOidcLogout { /** * Comma-separated list of URLs that are valid to call back from Auth0 for OIDC backchannel logout. Currently only one URL is allowed. * @@ -3364,6 +3364,48 @@ export interface EmailProvider { */ settings: { [key: string]: any }; } +/** + * + */ +export interface EmailProviderCreate { + /** + * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, or `ms365`. + * + */ + name: EmailProviderCreateNameEnum; + /** + * Whether the provider is enabled (true) or disabled (false). + * + */ + enabled?: boolean; + /** + * Email address to use as "from" when no other address specified. + * + */ + default_from_address?: string; + /** + */ + credentials: EmailProviderUpdateCredentials; + /** + * Specific provider setting + * + */ + settings?: { [key: string]: any } | null; +} + +export const EmailProviderCreateNameEnum = { + mailgun: 'mailgun', + mandrill: 'mandrill', + sendgrid: 'sendgrid', + ses: 'ses', + sparkpost: 'sparkpost', + smtp: 'smtp', + azure_cs: 'azure_cs', + ms365: 'ms365', +} as const; +export type EmailProviderCreateNameEnum = + (typeof EmailProviderCreateNameEnum)[keyof typeof EmailProviderCreateNameEnum]; + /** * Credentials required to use the provider. */ @@ -3394,6 +3436,52 @@ export interface EmailProviderCredentials { */ smtp_user: string; } +/** + * + */ +export interface EmailProviderUpdate { + /** + * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, or `ms365`. + * + */ + name?: EmailProviderUpdateNameEnum; + /** + * Whether the provider is enabled (true) or disabled (false). + * + */ + enabled?: boolean; + /** + * Email address to use as "from" when no other address specified. + * + */ + default_from_address?: string; + /** + */ + credentials?: EmailProviderUpdateCredentials; + /** + * Specific provider setting + * + */ + settings?: { [key: string]: any } | null; +} + +export const EmailProviderUpdateNameEnum = { + mailgun: 'mailgun', + mandrill: 'mandrill', + sendgrid: 'sendgrid', + ses: 'ses', + sparkpost: 'sparkpost', + smtp: 'smtp', + azure_cs: 'azure_cs', + ms365: 'ms365', +} as const; +export type EmailProviderUpdateNameEnum = + (typeof EmailProviderUpdateNameEnum)[keyof typeof EmailProviderUpdateNameEnum]; + +/** + * Credentials required to use the provider. + */ +export type EmailProviderUpdateCredentials = any; /** * */ @@ -5917,6 +6005,24 @@ export interface GetMembers200ResponseOneOfInner { * */ email: string; + /** + */ + roles: Array; +} +/** + * + */ +export interface GetMembers200ResponseOneOfInnerRolesInner { + /** + * ID for this role. + * + */ + id: string; + /** + * Name of this role. + * + */ + name: string; } /** * @@ -5969,12 +6075,12 @@ export interface GetOrganizationMemberRoles200ResponseOneOfInner { */ id: string; /** - * Name of the role. + * Name of this role. * */ name: string; /** - * Description of the role. + * Description of this role. * */ description: string; @@ -6204,7 +6310,7 @@ export interface GetRolePermission200ResponseOneOf { * */ export type GetRoleUser200Response = - | Array + | Array | GetRoleUser200ResponseOneOf | GetRoleUser200ResponseOneOf1; /** @@ -6222,7 +6328,7 @@ export interface GetRoleUser200ResponseOneOf { total: number; /** */ - users: Array; + users: Array; } /** * @@ -6233,7 +6339,32 @@ export interface GetRoleUser200ResponseOneOf1 { next: string; /** */ - users: Array; + users: Array; +} +/** + * + */ +export interface GetRoleUser200ResponseOneOfInner { + /** + * ID of this user. + * + */ + user_id: string; + /** + * URL to a picture for this user. + * + */ + picture: string; + /** + * Name of this user. + * + */ + name: string; + /** + * Email address of this user. + * + */ + email: string; } /** * @@ -7581,48 +7712,6 @@ export interface PatchOrganizationsByIdRequestBranding { */ colors?: GetOrganizations200ResponseOneOfInnerBrandingColors; } -/** - * - */ -export interface PatchProviderRequest { - /** - * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, or `ms365`. - * - */ - name?: PatchProviderRequestNameEnum; - /** - * Whether the provider is enabled (true) or disabled (false). - * - */ - enabled?: boolean; - /** - * Email address to use as "from" when no other address specified. - * - */ - default_from_address?: string; - /** - */ - credentials?: PostProviderRequestCredentials; - /** - * Specific provider setting - * - */ - settings?: { [key: string]: any } | null; -} - -export const PatchProviderRequestNameEnum = { - mailgun: 'mailgun', - mandrill: 'mandrill', - sendgrid: 'sendgrid', - ses: 'ses', - sparkpost: 'sparkpost', - smtp: 'smtp', - azure_cs: 'azure_cs', - ms365: 'ms365', -} as const; -export type PatchProviderRequestNameEnum = - (typeof PatchProviderRequestNameEnum)[keyof typeof PatchProviderRequestNameEnum]; - /** * */ @@ -9469,52 +9558,6 @@ export interface PostPermissionsRequest { */ permissions: Array; } -/** - * - */ -export interface PostProviderRequest { - /** - * Name of the email provider. Can be `mailgun`, `mandrill`, `sendgrid`, `ses`, `sparkpost`, `smtp`, `azure_cs`, or `ms365`. - * - */ - name: PostProviderRequestNameEnum; - /** - * Whether the provider is enabled (true) or disabled (false). - * - */ - enabled?: boolean; - /** - * Email address to use as "from" when no other address specified. - * - */ - default_from_address?: string; - /** - */ - credentials: PostProviderRequestCredentials; - /** - * Specific provider setting - * - */ - settings?: { [key: string]: any } | null; -} - -export const PostProviderRequestNameEnum = { - mailgun: 'mailgun', - mandrill: 'mandrill', - sendgrid: 'sendgrid', - ses: 'ses', - sparkpost: 'sparkpost', - smtp: 'smtp', - azure_cs: 'azure_cs', - ms365: 'ms365', -} as const; -export type PostProviderRequestNameEnum = - (typeof PostProviderRequestNameEnum)[keyof typeof PostProviderRequestNameEnum]; - -/** - * Credentials required to use the provider. - */ -export type PostProviderRequestCredentials = any; /** * */ @@ -10778,6 +10821,11 @@ export interface TenantSettings { * */ allow_organization_name_in_authentication_api: boolean; + /** + * Whether to enable flexible factors for MFA in the PostLogin action + * + */ + customize_mfa_in_postlogin_action: boolean; } export const TenantSettingsEnabledLocalesEnum = { @@ -11135,6 +11183,11 @@ export interface TenantSettingsUpdate { /** */ sessions?: TenantSettingsUpdateSessions | null; + /** + * Whether to enable flexible factors for MFA in the PostLogin action + * + */ + customize_mfa_in_postlogin_action?: boolean | null; /** * Whether to accept an organization name instead of an ID on auth endpoints * diff --git a/test/management/grants.test.ts b/test/management/grants.test.ts index b437347c7..a884b3cfb 100644 --- a/test/management/grants.test.ts +++ b/test/management/grants.test.ts @@ -154,7 +154,7 @@ describe('GrantsManager', () => { let request: nock.Scope; beforeEach(() => { - request = nock(API_URL).delete(`/grants/?user_id=${user_id}`).reply(200, {}); + request = nock(API_URL).delete(`/grants?user_id=${user_id}`).reply(200, {}); }); it('should return a promise when no callback is given', (done) => { From fa49d694a42eff56214212652ae6a8289b594660 Mon Sep 17 00:00:00 2001 From: Adam Mcgrath Date: Thu, 26 Oct 2023 15:39:37 +0100 Subject: [PATCH 2/3] Remove oidc_logout deprecations --- src/deprecations.ts | 21 --------------------- src/index.ts | 1 - 2 files changed, 22 deletions(-) diff --git a/src/deprecations.ts b/src/deprecations.ts index 57dd9b935..3d9ce9f2e 100644 --- a/src/deprecations.ts +++ b/src/deprecations.ts @@ -45,24 +45,3 @@ export type ClientOidcBackchannelLogout = ClientOidcLogout; * @deprecated Use {@link ClientUpdateOidcLogout} instead. */ export type ClientUpdateOidcBackchannelLogout = ClientUpdateOidcLogout; - -export interface Client extends _Client { - /** - * @deprecated Use {@link _Client.oidc_logout} instead. - */ - oidc_backchannel_logout?: ClientOidcLogout; -} - -export interface ClientCreate extends _ClientCreate { - /** - * @deprecated Use {@link _ClientCreate.oidc_logout} instead. - */ - oidc_backchannel_logout?: ClientCreateOidcLogout; -} - -export interface ClientUpdate extends _ClientUpdate { - /** - * @deprecated Use {@link _ClientUpdate.oidc_logout} instead. - */ - oidc_backchannel_logout?: ClientUpdateOidcLogout; -} diff --git a/src/index.ts b/src/index.ts index 320647cab..a0adba413 100644 --- a/src/index.ts +++ b/src/index.ts @@ -4,4 +4,3 @@ export * from './userinfo/index.js'; export * from './lib/errors.js'; export * from './lib/models.js'; export * from './deprecations.js'; -export { Client, ClientCreate, ClientUpdate } from './deprecations.js'; From 9f848bb8aeb79f0ac47b5b239375bc3c78d3d6ce Mon Sep 17 00:00:00 2001 From: Adam Mcgrath Date: Thu, 26 Oct 2023 15:41:52 +0100 Subject: [PATCH 3/3] Fix lint --- src/deprecations.ts | 3 --- 1 file changed, 3 deletions(-) diff --git a/src/deprecations.ts b/src/deprecations.ts index 3d9ce9f2e..be81e7abe 100644 --- a/src/deprecations.ts +++ b/src/deprecations.ts @@ -5,9 +5,6 @@ import { EmailProviderUpdate, EmailProviderUpdateNameEnum, EmailProviderUpdateCredentials, - Client as _Client, - ClientCreate as _ClientCreate, - ClientUpdate as _ClientUpdate, ClientCreateOidcLogout, ClientOidcLogout, ClientUpdateOidcLogout,