Merge branch 'main' into SDK-4868-ACUL-support-on-go-auth0

auth0 · Nov 25, 2024 · a7cbcd7 · a7cbcd7
2 parents 75001a6 + aeec572
commit a7cbcd7
Show file tree

Hide file tree

Showing 20 changed files with 1,324 additions and 124 deletions.
diff --git a/go.mod b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/PuerkitoBio/rehttp v1.4.0
 	github.com/google/uuid v1.6.0
 	github.com/joho/godotenv v1.5.1
-	github.com/lestrrat-go/jwx/v2 v2.1.1
+	github.com/lestrrat-go/jwx/v2 v2.1.2
 	github.com/stretchr/testify v1.9.0
 	go.devnw.com/structs v1.0.0
 	golang.org/x/oauth2 v0.23.0
@@ -25,8 +25,8 @@ require (
 	github.com/lestrrat-go/option v1.0.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/segmentio/asm v1.2.0 // indirect
-	golang.org/x/crypto v0.25.0 // indirect
+	golang.org/x/crypto v0.28.0 // indirect
 	golang.org/x/net v0.23.0 // indirect
-	golang.org/x/sys v0.22.0 // indirect
+	golang.org/x/sys v0.26.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -26,8 +26,8 @@ github.com/lestrrat-go/httprc v1.0.6 h1:qgmgIRhpvBqexMJjA/PmwSvhNk679oqD1RbovdCG
 github.com/lestrrat-go/httprc v1.0.6/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
-github.com/lestrrat-go/jwx/v2 v2.1.1 h1:Y2ltVl8J6izLYFs54BVcpXLv5msSW4o8eXwnzZLI32E=
-github.com/lestrrat-go/jwx/v2 v2.1.1/go.mod h1:4LvZg7oxu6Q5VJwn7Mk/UwooNRnTHUpXBj2C4j3HNx0=
+github.com/lestrrat-go/jwx/v2 v2.1.2 h1:6poete4MPsO8+LAEVhpdrNI4Xp2xdiafgl2RD89moBc=
+github.com/lestrrat-go/jwx/v2 v2.1.2/go.mod h1:pO+Gz9whn7MPdbsqSJzG8TlEpMZCwQDXnFJ+zsUVh8Y=
 github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU=
 github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -42,17 +42,17 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT
 github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 go.devnw.com/structs v1.0.0 h1:FFkBoBOkapCdxFEIkpOZRmMOMr9b9hxjKTD3bJYl9lk=
 go.devnw.com/structs v1.0.0/go.mod h1:wHBkdQpNeazdQHszJ2sxwVEpd8zGTEsKkeywDLGbrmg=
-golang.org/x/crypto v0.25.0 h1:ypSNr+bnYL2YhwoMt2zPxHFmbAN1KZs/njMG3hxUp30=
-golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M=
+golang.org/x/crypto v0.28.0 h1:GBDwsMXVQi34v5CCYUm2jkJvu4cbtru2U4TN2PSyQnw=
+golang.org/x/crypto v0.28.0/go.mod h1:rmgy+3RHxRZMyY0jjAJShp2zgEdOqj2AO7U0pYmeQ7U=
 golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
 golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs=
 golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.22.0 h1:RI27ohtqKCnwULzJLqkv897zojh5/DwS/ENaMzUOaWI=
-golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo=
+golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

diff --git a/internal/client/client.go b/internal/client/client.go
@@ -161,9 +161,9 @@ func backoffDelay() rehttp.DelayFn {
 
 	return func(attempt rehttp.Attempt) time.Duration {
 		wait := baseDelay * math.Pow(2, float64(attempt.Index))
-		min := wait + 1
-		max := wait + baseDelay
-		wait = PRNG.Float64()*(max-min) + min
+		minValue := wait + 1
+		maxValue := wait + baseDelay
+		wait = PRNG.Float64()*(maxValue-minValue) + minValue
 
 		wait = math.Min(wait, maxDelay)
 		wait = math.Max(wait, minDelay)

diff --git a/management/device_credentials.go b/management/device_credentials.go
@@ -0,0 +1,61 @@
+package management
+
+import "context"
+
+// DeviceCredential is a device credential.
+type DeviceCredential struct {
+	// ID of this device credential
+	ID *string `json:"id,omitempty"`
+
+	// The id of the client.
+	ClientID *string `json:"client_id,omitempty"`
+
+	// The id of the user.
+	UserID *string `json:"user_id,omitempty"`
+
+	// User agent for this device
+	DeviceName *string `json:"device_name,omitempty"`
+
+	// Unique identifier for the device. NOTE: This field is generally not populated for refresh_tokens and rotating_refresh_tokens
+	DeviceID *string `json:"device_id,omitempty"`
+
+	// Type of credential. Can be public_key, refresh_token, or rotating_refresh_token
+	Type *string `json:"type,omitempty"`
+
+	// Base64 encoded string containing the credential
+	Value *string `json:"value,omitempty"`
+}
+
+// DeviceCredentialList is a list of DeviceCredentials.
+type DeviceCredentialList struct {
+	List
+	DeviceCredentials []*DeviceCredential `json:"device_credentials"`
+}
+
+// DeviceCredentialsManager manages Auth0 device-credentials resources.
+type DeviceCredentialsManager manager
+
+// Create a device credential public key to manage refresh token rotation for a given user_id
+// Type of credential must be "public_key".
+//
+// See: https://auth0.com/docs/api/management/v2/device-credentials/post-device-credentials
+func (m *DeviceCredentialsManager) Create(ctx context.Context, d *DeviceCredential, opts ...RequestOption) error {
+	return m.management.Request(ctx, "POST", m.management.URI("device-credentials"), d, opts...)
+}
+
+// List device credential information (public_key, refresh_token, or rotating_refresh_token) associated with a specific user.
+//
+// For information on how to paginate using this function see https://pkg.go.dev/github.com/auth0/go-auth0/management#hdr-Page_Based_Pagination
+//
+// See: https://auth0.com/docs/api/management/v2/device-credentials/get-device-credentials
+func (m *DeviceCredentialsManager) List(ctx context.Context, opts ...RequestOption) (d *DeviceCredentialList, err error) {
+	err = m.management.Request(ctx, "GET", m.management.URI("device-credentials"), &d, applyListDefaults(opts))
+	return
+}
+
+// Delete a device credential (such as a refresh token or public key) with the given ID.
+//
+// See: https://auth0.com/docs/api/management/v2/device-credentials/delete-device-credentials-by-id
+func (m *DeviceCredentialsManager) Delete(ctx context.Context, id string, opts ...RequestOption) error {
+	return m.management.Request(ctx, "DELETE", m.management.URI("device-credentials", id), nil, opts...)
+}
diff --git a/management/device_credentials_test.go b/management/device_credentials_test.go
@@ -0,0 +1,82 @@
+package management
+
+import (
+	"context"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
+
+	"github.com/auth0/go-auth0"
+)
+
+func TestDeviceCredentials_Create(t *testing.T) {
+	configureHTTPTestRecordings(t)
+
+	expectedDeviceCredential := &DeviceCredential{
+		DeviceName: auth0.String("TestDevice"),
+		Type:       auth0.String("public_key"),
+		Value:      auth0.String("ABCD"),
+		DeviceID:   auth0.String("test_device"),
+		ClientID:   auth0.String("test_client"),
+	}
+
+	err := api.DeviceCredentials.Create(context.Background(), expectedDeviceCredential)
+	assert.NoError(t, err)
+	assert.NotEmpty(t, expectedDeviceCredential.GetID())
+
+	t.Cleanup(func() {
+		cleanupDeviceCredential(t, expectedDeviceCredential.GetID())
+	})
+}
+
+func TestDeviceCredentials_List(t *testing.T) {
+	configureHTTPTestRecordings(t)
+
+	expectedDeviceCredential := givenADeviceCredential(t)
+
+	deviceCredentialList, err := api.DeviceCredentials.List(context.Background(), IncludeFields("id"))
+
+	assert.NoError(t, err)
+	assert.Contains(t, deviceCredentialList.DeviceCredentials, &DeviceCredential{ID: expectedDeviceCredential.ID})
+}
+
+func TestDeviceCredentials_Delete(t *testing.T) {
+	configureHTTPTestRecordings(t)
+
+	expectedDeviceCredential := givenADeviceCredential(t)
+
+	err := api.DeviceCredentials.Delete(context.Background(), expectedDeviceCredential.GetID())
+	assert.NoError(t, err)
+
+	actualDeviceCredentials, err := api.DeviceCredentials.List(context.Background())
+	assert.NoError(t, err)
+	assert.Empty(t, actualDeviceCredentials.DeviceCredentials)
+}
+
+func givenADeviceCredential(t *testing.T) *DeviceCredential {
+	t.Helper()
+
+	deviceCredential := &DeviceCredential{
+		DeviceName: auth0.String("TestDevice"),
+		Type:       auth0.String("refresh_token"),
+		Value:      auth0.String("ABCD"),
+		DeviceID:   auth0.String("test_device"),
+		ClientID:   auth0.String("test_client"),
+	}
+	err := api.DeviceCredentials.Create(context.Background(), deviceCredential)
+	require.NoError(t, err)
+
+	t.Cleanup(func() {
+		cleanupDeviceCredential(t, deviceCredential.GetID())
+	})
+
+	return deviceCredential
+}
+
+func cleanupDeviceCredential(t *testing.T, id string) {
+	t.Helper()
+
+	err := api.DeviceCredentials.Delete(context.Background(), id)
+	require.NoError(t, err)
+}