Comments (4)
Am having problems to login via user/password due to the deprecated 'Connection' key, it's now realm
, so I have changed the login method to:
request_params = {
client_id: @client_id,
client_secret: @client_secret,
username: username,
password: password,
scope: options.fetch(:scope, 'openid'),
realm: connection_name,
grant_type: options.fetch(:grant_type, 'password'),
id_token: id_token,
device: options.fetch(:device, nil)
}
Replaced connection
key by realm
.
And then at my login request the grant-type
is supposed to be passed as:
grant_type: 'http://auth0.com/oauth/grant-type/password-realm'
Just inside the options
object. Would probably be a good idea to leave it as the default value when user/password login.
from ruby-auth0.
Apologies for the late reply here ... the auth endpoints module in this SDK is getting an overhaul for the next release. We'll be deprecating (not removing yet) a few methods, this one included, and replacing with ones that more closely match how the endpoints work currently. All of the concerns here will be addressed.
Thank you for the report!
from ruby-auth0.
We'll be deprecating (not removing yet) a few methods, this one included, and replacing with ones that more closely match how the endpoints work currently. All of the concerns here will be addressed.
Are the plans for this public? I'd love to help tackle this personally.
from ruby-auth0.
@j-collier - I appreciate the offer! The plans are not public but only because our tracking is done in the same system as our product. Happy to share what we have in mind remaining.
Much of this is complete, some of which has already been merged:
- #129 (merged) adds a formal client credentials grant
- #130 (merged) adds a
/userinfo
call that works (have to include an access token) - #131 (in review) will add a method to perform an authorization code exchange
- #133 (in review) will add a method that does a more complete resource owner grant
The remaining methods that have not been started:
- A method to replace
authorization_url
... current one works but could be structured better. It should also generate a state automatically. Replace with a method that does both and adds audience as a first-class parameter. - A method to use a refresh token to get a new access token (#111).
If you want to take on one of those, I would be happy to guide and review! At the moment, we don't have a contribution guide (on my list to put one of those together soon) but a few notes:
- Please add unit tests to
spec/lib/auth0/api/authentication_endpoints_spec.rb
. You can run those withbundle exec rake spec
- Where possible, please add integration tests to
spec/integration/lib/auth0/api/api_authentication_spec.rb
. You can run those withMODE=full bundle exec rake all
. Note that we recently added VCR HTTP recording to the suite (#132) so uncomment this line and leave VCR off when you're writing the tests, then add VCR, run twice, and add that comment back. We've got filtering in place to remove sensitive data but make sure to review the YML files created before pushing.
If you want to take one or the other or both (separate PRs please), just let me know and I'll hold off on my end. I'll work on the contribution guide instead 😄
Thank you in advance!!
from ruby-auth0.
Related Issues (20)
- Unable to fetch connections with multiple strategy with current implementation HOT 2
- delete_organizations_member_roles should use delete_with_body instead of delete
- IOError: closed stream - Retryable incompatible with users-import endpoint HOT 5
- client_id parameter of Retrieve device credentials API is optional, but client_id argument of device_credentials method is required HOT 4
- I want to generate clients without having to set up credentials in the source code. HOT 1
- RS256 JWKS cache thrashes when using multiple Auth0 clients/tenants in same application. HOT 1
- Auth0Client returns nil value HOT 5
- GET requests are mutating the shared headers causing parameters to leak into subsequent requests HOT 1
- Connections Endpoint is missing `include_totals` parameter HOT 2
- Duplicate Passwordless email HOT 2
- exponential backoff is not applied HOT 1
- validate_id_token fails to validate non-OIDC compliant access tokens due to azp HOT 3
- Update to latest jwt gem version 2.4.* HOT 2
- I want to pass a list of hash as a fields parameter in user exports HOT 1
- Support for exchanging OTP for Access Token HOT 2
- Issues with "Updates all authentication methods by replacing them with the given ones." HOT 1
- Auth0::Api::V2::Actions#actions has prohibited parameters HOT 2
- Move from `rest-client` to `faraday`? HOT 2
- Be able to retry on errors other than Auth0::RateLimitEncountered? HOT 1
- MFA API Bearer token issue HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ruby-auth0.