Merge branch 'master' into fix/gemspec-packaging-reduce-false-positives

Author: arpit-jn

.github/workflows/semgrep.yml

@@ -66,4 +66,4 @@ jobs:
 
       - name: Upload coverage
         if: matrix.ruby == '3.2' || matrix.ruby == '3.3'
-        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # pin@5.5.2
+        uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # pin@6.0.0

.github/workflows/test.yml

@@ -11,7 +11,7 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (8.1.2)
+    activesupport (8.1.2.1)
       base64
       bigdecimal
       concurrent-ruby (~> 1.0, >= 1.3.1)
@@ -24,11 +24,11 @@ GEM
       securerandom (>= 0.3)
       tzinfo (~> 2.0, >= 2.0.5)
       uri (>= 0.13.1)
-    addressable (2.8.9)
+    addressable (2.9.0)
       public_suffix (>= 2.0.2, < 8.0)
     ast (2.4.3)
     base64 (0.3.0)
-    bigdecimal (4.0.1)
+    bigdecimal (4.1.2)
     coderay (1.1.3)
     concurrent-ruby (1.3.6)
     connection_pool (3.0.2)
@@ -79,10 +79,7 @@ GEM
     i18n (1.14.8)
       concurrent-ruby (~> 1.0)
     io-console (0.8.2)
-    json (2.19.1)
-    json-schema (6.2.0)
-      addressable (~> 2.8)
-      bigdecimal (>= 3.1, < 5)
+    json (2.19.4)
     jwt (2.10.2)
       base64
     language_server-protocol (3.17.0.5)
@@ -93,8 +90,6 @@ GEM
       rb-inotify (~> 0.9, >= 0.9.10)
     logger (1.7.0)
     lumberjack (1.4.2)
-    mcp (0.8.0)
-      json-schema (>= 4.1)
     method_source (1.1.0)
     mime-types (3.7.0)
       logger
@@ -108,8 +103,8 @@ GEM
     notiffany (0.1.3)
       nenv (~> 0.1)
       shellany (~> 0.0)
-    parallel (1.27.0)
-    parser (3.3.10.2)
+    parallel (2.1.0)
+    parser (3.3.11.1)
       ast (~> 2.4.1)
       racc
     pp (0.6.3)
@@ -122,13 +117,13 @@ GEM
       reline (>= 0.6.0)
     public_suffix (7.0.5)
     racc (1.8.1)
-    rack (3.2.5)
+    rack (3.2.6)
     rainbow (3.1.1)
-    rake (13.3.1)
+    rake (13.4.2)
     rb-fsevent (0.11.2)
     rb-inotify (0.11.1)
       ffi (~> 1.0)
-    regexp_parser (2.11.3)
+    regexp_parser (2.12.0)
     reline (0.6.3)
       io-console (~> 0.5)
     rest-client (2.1.0)
@@ -151,12 +146,11 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
     rspec-support (3.13.7)
-    rubocop (1.85.1)
+    rubocop (1.86.1)
       json (~> 2.3)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.1.0)
-      mcp (~> 0.6)
-      parallel (~> 1.10)
+      parallel (>= 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 2.9.3, < 3.0)
@@ -186,15 +180,15 @@ GEM
     simplecov_json_formatter (0.1.4)
     terminal-notifier-guard (1.7.0)
     thor (1.5.0)
-    timecop (0.9.10)
+    timecop (0.9.11)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     unicode-display_width (3.2.0)
       unicode-emoji (~> 4.1)
     unicode-emoji (4.2.0)
     uri (1.1.1)
     vcr (6.4.0)
-    webmock (3.26.1)
+    webmock (3.26.2)
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)

Gemfile.lock

@@ -13,6 +13,17 @@ Ruby API client for the [Auth0](https://auth0.com) platform.
 📚 <a href="#documentation">Documentation</a> - 🚀 <a href="#getting-started">Getting started</a> - 💻 <a href="#api-reference">API reference</a> - 💬 <a href="#feedback">Feedback</a>
 </div>
 
+> [!NOTE]
+> **[v6.0.0.beta.0](https://github.com/auth0/ruby-auth0/releases/tag/v6.0.0.beta.0) is now available!** This release features a completely rewritten Management API client, auto-generated from the Auth0 OpenAPI spec using [Fern](https://buildwithfern.com/), with strongly-typed responses, built-in pagination, and automatic token management.
+>
+> ```bash
+> gem install auth0 --pre
+> ```
+>
+> We'd love your feedback - please [open an issue](https://github.com/auth0/ruby-auth0/issues/new) if you encounter any problems.
+>
+> 📖 [Migration Guide](https://github.com/auth0/ruby-auth0/blob/v6/v6_MIGRATION_GUIDE.md) ・ [Changelog](https://github.com/auth0/ruby-auth0/blob/v6/CHANGELOG.md) ・ [API Reference](https://github.com/auth0/ruby-auth0/blob/v6/reference.md)
+
 ## Documentation
 
 - [API documentation](https://www.rubydoc.info/gems/auth0) - documentation auto-generated from the code comments that explains all the available features

README.md

@@ -10,12 +10,12 @@ GEM
     nio4r (2.7.3)
     puma (5.6.9)
       nio4r (~> 2.0)
-    rack (3.2.5)
+    rack (3.2.6)
     rack-protection (4.2.0)
       base64 (>= 0.1.0)
       logger (>= 1.6.0)
       rack (>= 3.0.0, < 4)
-    rack-session (2.1.1)
+    rack-session (2.1.2)
       base64 (>= 0.1.0)
       rack (>= 3.0.0)
     ruby2_keywords (0.0.5)

examples/ruby-api/Gemfile.lock

@@ -1,22 +1,14 @@
 module Auth0
   module Mixins
     module TokenManagement
-      
-      private
-
-      def initialize_token(options)
-        @token = options[:access_token] || options[:token]
-        # default expiry to an hour if a token was given but no expires_at
-        @token_expires_at = @token ? options[:token_expires_at] || Time.now.to_i + 3600 : nil 
-
-        @audience = options[:api_identifier] || "https://#{@domain}/api/v2/"
-        get_token() if @token.nil?
-      end
 
+      # Get the Client's api token (or generate a new one if it has expired).
+      #
+      # @note This method may perform a network request to refresh an expired token. It is not thread-safe.
+      # @return [String] the api token
       def get_token
-        # pp @token_expires_at
         has_expired = @token && @token_expires_at ? @token_expires_at < (Time.now.to_i + 10) : false
-        
+
         if (@token.nil? || has_expired) && @client_id && (@client_secret || @client_assertion_signing_key)
           response = api_token(audience: @audience)
           @token = response.token
@@ -27,6 +19,17 @@ def get_token
           @token
         end
       end
+
+      private
+
+      def initialize_token(options)
+        @token = options[:access_token] || options[:token]
+        # default expiry to an hour if a token was given but no expires_at
+        @token_expires_at = @token ? options[:token_expires_at] || Time.now.to_i + 3600 : nil
+
+        @audience = options[:api_identifier] || "https://#{@domain}/api/v2/"
+        get_token() if @token.nil?
+      end
     end
   end
-end
+end

lib/auth0/mixins/token_management.rb

@@ -823,10 +823,6 @@
   end
 
   context '.user_sessions' do
-    it 'is expected to respond to user_sessions' do
-      expect(@instance).to respond_to :user_authentication_method
-    end
-
     it 'is expected to respond to user_sessions' do
       expect(@instance).to respond_to :user_sessions
     end

spec/lib/auth0/api/v2/users_spec.rb

@@ -15,7 +15,7 @@
     organization: nil
   } }
 
-  let(:params) { { 
+  let(:params) { {
     domain: domain,
     client_id: client_id,
     client_secret: client_secret,
@@ -43,15 +43,15 @@
         )))
 
         expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
-      
-        StubResponse.new({ 
-          "access_token" => "test", 
-          "expires_in" => 86400}, 
-          true, 
+
+        StubResponse.new({
+          "access_token" => "test",
+          "expires_in" => 86400},
+          true,
           200)
       end
 
-      instance.send(:get_token)
+      instance.get_token
 
       expect(instance.instance_variable_get('@token')).to eq('test')
       expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
@@ -66,7 +66,7 @@
         url: 'https://samples.auth0.com/oauth/token',
       ))
 
-      instance.send(:get_token)
+      instance.get_token
 
       expect(instance.instance_variable_get('@token')).to eq('test-token')
       expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
@@ -84,15 +84,15 @@
         )))
 
         expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
-      
-        StubResponse.new({ 
-          "access_token" => "renewed_token", 
-          "expires_in" => 86400}, 
-          true, 
+
+        StubResponse.new({
+          "access_token" => "renewed_token",
+          "expires_in" => 86400},
+          true,
           200)
       end
 
-      instance.send(:get_token)
+      instance.get_token
 
       expect(instance.instance_variable_get('@token')).to eq('renewed_token')
       expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
@@ -110,15 +110,15 @@
         )))
 
         expect(JSON.parse(arg[:payload], { symbolize_names: true })).to eq(payload)
-      
-        StubResponse.new({ 
-          "access_token" => "renewed_token", 
-          "expires_in" => 86400}, 
-          true, 
+
+        StubResponse.new({
+          "access_token" => "renewed_token",
+          "expires_in" => 86400},
+          true,
           200)
       end
 
-      instance.send(:get_token)
+      instance.get_token
 
       expect(instance.instance_variable_get('@token')).to eq('renewed_token')
       expect(instance.instance_variable_get('@token_expires_at')).to eq(time_now.to_i + 86400)
@@ -130,7 +130,7 @@
 
       expect(RestClient::Request).not_to receive(:execute)
 
-      instance.send(:get_token)
+      expect(instance.get_token).to eq('test-token')
     end
   end
-end
+end