auth0 - npm Package Compare versions

Comparing version 0.8.0 to 2.0.0-alpha.3

package.json

 {
   "name": "auth0",
-  "version": "0.8.0",
-  "description": "Client library for the Auth0 platform",
-  "main": "lib/index.js",
+  "version": "2.0.0-alpha.3",
+  "description": "node.js SDK for Auth0 API v2",
+  "main": "index.js",
   "scripts": {
-    "test": "mocha test"
+    "test": "NODE_ENV=test mocha --timeout 5000 test/*.tests.js"
   },
   "repository": {
     "type": "git",
-    "url": "git://github.com/auth0/node-auth0.git"
+    "url": "https://github.com/auth0/node-auth0"
   },
+  "keywords": [
+    "auth0",
+    "api"
+  ],
   "author": "Auth0",
-  "contributors": [
-    {
-      "name": "Conrad Pankoff",
-      "email": "deoxxa@fknsrs.biz",
-      "url": "http://www.fknsrs.biz/"
-    }
-  ],
   "license": "MIT",
-  "devDependencies": {
-    "mocha": "~1.17.1",
-    "chai": "~1.9.0",
-    "nock": "~0.27.2"
+  "bugs": {
+    "url": "https://github.com/auth0/node-auth0/issues"
   },
+  "homepage": "https://github.com/auth0/node-auth0",
   "dependencies": {
-    "xtend": "~1.0.3",
-    "request": "~2.42.0",
-    "parse-links": "0.0.1"
+    "bluebird": "^2.9.24",
+    "mocha": "^2.2.4",
+    "superagent": "^1.1.0",
+    "url-join": "0.0.1"
+  },
+  "devDependencies": {
+    "mocha": "^2.2.1",
+    "chai": "^2.2.0",
+    "nock": "^1.5.0"
   }
 }

README.md

@@ -0,1 +1,3 @@
+# node-auth0 ![build status](https://travis-ci.org/auth0/node-auth0.svg?branch=v2)
+
 Node.js client library for the [Auth0](https://auth0.com) platform.
@@ -9,383 +11,121 @@
 
-Initialize your client class with the credentials in the [settings section](https://app.auth0.com/#/settings) of the dashboard.
+Initialize your client class with an API v2 token (you can generate one [here](https://auth0.com/docs/apiv2)).
 
 ~~~js
-var Auth0 = require('auth0');
-
-var api = new Auth0({
-  domain:       'yourdomain.auth0.com',
-  clientID:     'your-client-id',
-  clientSecret: 'your-client-secret'
+var token = '{YOUR_API_V2_TOKEN}';
+var auth0 = require('auth0')({
+  token: token
 });
 ~~~
 
-### api.getConnections(callback)
-
-Return a list of all the connections in your application:
-
+By default the code assumes your account is running in the US West region. If you are running in Europe you can specify:
 ~~~js
-api.getConnections(function (err, connections){
-  //.....
+var token = '{YOUR_API_V2_TOKEN}';
+var auth0 = require('auth0')({
+  token: token,
+  region: 'eu'
 });
 ~~~
 
-Additionally there is a ```getSocialConnections``` and ```getEnterpriseConnections```.
-
-### api.createConnection(callback)
-
-Let's say one of your customers wants to use its own directory to authenticate to your app. You will have to create a **connection** in Auth0 for this customer and if you want to automate that for N customers, you will want to use the API. Typically, you will ask the customer domain name and depending on the directory you are connecting to, some metadata. Together with other information, like the attributes your app needs, a set of credentials, etc. you can call the API.
-
+Alternatively you can just set the domain:
 ~~~js
-var myNewConnection =  {
-    //a friendly name to identify the connection
-    'name': 'thesuperstore-connection',
-
-    //this is the strategy: office365, google-apps, adfs
-    'strategy': 'office365', 
-    
-    'options': {
-      // depending on the strategy, you will need a set of credentials to authenticate 
-      // your app against the directory (office365 and google apps use this)
-      'tenant_domain': 'bigcompany.com or bicompany.onmicrosoft.com'
-    };
-
-api.createConnection(myNewConnection, function (err, connection) {
-  //.....
+var token = '{YOUR_API_V2_TOKEN}';
+var auth0 = require('auth0')({
+  token: token,
+  domain: 'login.eu.auth0.com'
 });
 ~~~
 
-Because this example uses Office 365, the returned connection object will have a ```provisioning_ticket_url``` field to which you have to redirect the client in order to complete the authorization process.
+### User's metadata
+You can store data about a user that does not come from the user's identity provider. This is known as "metadata". There are two types of metadata: `user_metadata` and `app_metadata`. You can find out more [here](https://auth0.com/docs/apiv2Changes#8).
 
-### api.getUser(userId, callback)
-
-This method returns a single user, referenced by its ID.
-
+#### app_metadata
+To update the value of a property or create it if it does not exist:
 ~~~js
-api.getUser("long-20-byte-id", function(err, user) {
-  // user is a user! error might be an error!
+var user_id = '...'
+auth0.users(user_id).appMetadata.update({
+  roles: ['reader']
+}).then(function(user){
+  // assert.equal(user.app_metadata.roles.length, 1);
+  // assert.equal(user.app_metadata.roles[0], 'reader');
+}).catch(function(err){
+  // handle error if any
 });
 ~~~
 
-### api.getUsers({[connection: connection], [per_page: 10]}, callback)
-
-This method returns a list of users.
-
-If ```connection``` name is passed on the options, it will search the users on the directory of the connection. Suppose it is a **Windows Azure Active Directory** connection it will fetch all the users from the directory. If the connection doesn't have a directory or it is a Social connection like **Google Auth 2** it will return all the users that have logged in to your application at least once.
-
-The amount of items per page is optional (defaults to 100) and it is not supported for all directories, eg: connections using **Google Apps** ignores this argument and uses 100.
-
+To delete a property:
 ~~~js
-api.getUsers({connection: 'a-waad-connection'}, function (err, result) {
-  //result is an array with the user objects
+var user_id = '...'
+auth0.users(user_id).appMetadata.update({
+  roles: null
+}, function(err, user){
+  // assert.equal(typeof user.app_metadata.roles, 'undefined');
 });
 ~~~
 
-The callback has the common signature for node.js method [err, result] where result is an array of users with an special hidden property called ```nextPageLink```. These links are safe to be shared since they will work for a short period of time and have an special signature that make them safe. 
+>Note that you can use either callbacks or promises.
 
-Although you can do a simple GET to that link to fetch the next page, you can use the library as well:
-
+#### user_metadata
+To update the value of a property or create it if it does not exist:
 ~~~js
-api.getUsers({connection: 'a-waad-connection'}, function (err, firstPageOfResults) {
-  api.getUsers({page: firstPageOfResults.nextPageLink}, function (err, secondPageOfResults) {
-  });
+var user_id = '...'
+auth0.users(user_id).userMetadata.update({
+  hobby: 'surf'
+}).then(function(user){
+  // assert.equal(user.user_metadata.hobby, 'surf');
+}).catch(function(err){
+  // handle error if any
 });
 ~~~
 
-
-### api.getSocialUsers({[per_page: 10]}, callback)
-
-The same than ```getUsers``` but this method returns users for all social connections, ie: not enterprise connections.
-
-
-### api.impersonateUser(userId, options, callback)
-
-Returns the impersonation link: 
-
+To delete a property:
 ~~~js
-api.impersonateUser('github|123', {
-  protocol: 'oauth2',
-  impersonator_id: 'gonto',
-  client_id: 'client',
-  additionalParameters: {
-    response_type: 'code'
-  }
-}, function (err, result){
-  //.....
+var user_id = '...'
+auth0.users(user_id).userMetadata.update({
+  hobby: null
+}, function(err, user){
+  // assert.equal(typeof user.user_metadata.hobby, 'undefined');
 });
 ~~~
 
-Check it on the [API Explorer](https://docs.auth0.com/auth-api#!#post--users--user_id--impersonate);
+>Note that you can use either callbacks or promises.
 
-### api.getAccessToken(callback)
+## Authentication
 
-Retrieves an Access Token to make direct HTTP calls to Auth0 API.
-```js
+This library can be used to access Auth0's [API v2](https://auth0.com/docs/apiv2). To authenticate users use the [passport strategy](https://github.com/auth0/passport-auth0).
 
-api.getAccessToken(function (err, token) {
-  if (err) {
-    console.log('Error fetching token: ' + err);
-    return;
-  }
+## Examples
 
-  // Do something with token
-  ...
-});
+Check out the [examples](examples/) folder.
 
-```
+## Documentation
 
-### api.createUser(userData, callback)
-Creates a new user. `userData` is an object that must contain the following mandatory fields:
+For more information about [auth0](http://auth0.com) contact our [documentation page](http://docs.auth0.com/).
 
- * email: User's email
- * password: User's password
- * connection: The name of the connection where to create the user.
+## What is Auth0?
 
-Also, custom fields can be added with more information about the user.
+Auth0 helps you to:
 
-```js
-var newUser = {
-  email:          'john@doe.com',
-  password:       'somepass',
-  connection:     'mydb',
+* Add authentication with [multiple authentication sources](https://docs.auth0.com/identityproviders), either social like **Google, Facebook, Microsoft Account, LinkedIn, GitHub, Twitter, Box, Salesforce, amont others**, or enterprise identity systems like **Windows Azure AD, Google Apps, Active Directory, ADFS or any SAML Identity Provider**.
+* Add authentication through more traditional **[username/password databases](https://docs.auth0.com/mysql-connection-tutorial)**.
+* Add support for **[linking different user accounts](https://docs.auth0.com/link-accounts)** with the same user.
+* Support for generating signed [Json Web Tokens](https://docs.auth0.com/jwt) to call your APIs and **flow the user identity** securely.
+* Analytics of how, when and where users are logging in.
+* Pull data from other sources and add it to the user profile, through [JavaScript rules](https://docs.auth0.com/rules).
 
-  /* custom field */
-  favoriteColor:  'red'
-};
-api.createUser(newUser, function (err, userInfo) {
-  if (err) {
-    console.log('Error creating user: ' + err);
-    return;
-  }
+## Create a free Auth0 Account
 
-  console.log('User favorite color: ' + userInfo.favoriteColor);
-});
-```
+1. Go to [Auth0](https://auth0.com) and click Sign Up.
+2. Use Google, GitHub or Microsoft Account to login.
 
-### api.updateUserEmail(userId, newEmail, verify, callback)
+## Issue Reporting
 
-This method updates the email field of an user identified by `userId`. When `verify` boolean flag is on it sends an email to the affected user to confirm the change.
+If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.
 
-```js
-api.updateUserEmail("my-user-id", "john.new.email@foo.com", false, function (err, result) {
-  if (err) {
-    console.log('Error updating email: ', + err);
-    return;
-  }
-  console.log(result);
-});
-```
+## Author
 
-### api.updateUserPassword(userId, newPassword, verify, callback)
+[Auth0](auth0.com)
 
-This method updates the user password of an user identified by `userId`. When `verify` boolean flag is on it sends an email to the affected user to confirm the change.
-
-```js
-api.updateUserPassword("my-user-id", "johnthisisyournewpassword!shhh", false, function (err, result) {
-  if (err) {
-    console.log('Error updating password: ', + err);
-    return;
-  }
-  console.log(result);
-});
-```
-
-> Note: Result is not the password but a string with a success message.
-
-### api.getUserMetadata(userId, callback)
-
-This method retrieves the metadata for a user. `metadata` is an object that includes custom fields for the user referenced by `userId`.
-
-~~~js
-api.getUserMetadata("a-user-id", function(err, metadata) {
-  // returns error if there was a problem, otherwise the user's metadata
-});
-~~~
-
-### api.updateUserMetadata(userId, metadata, callback)
-
-This method updates the metadata for a user. `metadata` is an object, and the fields in that object will be set on the user referenced by `userId`. **Note:** the entire `metadata` object is replaced with this method. To update select fields, use the `patchUserMetadata` method.
-
-~~~js
-api.updateUserMetadata("a-user-id", {my_special_data: {a: "b", c: "d"}}, function(err) {
-  // if there was a problem, err will be non-null
-});
-~~~
-
-### api.patchUserMetadata(userId, metadata, callback)
-
-This method patches the metadata for a user. `metadata` is an object, and only the fields included in the patch will be updated for the user referenced by `userId`.
-
-~~~js
-api.patchUserMetadata("a-user-id", {my_special_data: {a: "e"}}, function(err) {
-  // if there was a problem, err will be non-null
-});
-~~~
-
-### api.deleteUser(userId, callback)
-
-This method removes a user by ID. Be careful!
-
-~~~js
-api.deleteUser("i-dont-like-this-guy", function(err) {
-  // yep, err will be truthy if there was a problem
-});
-~~~
-
-### api.getConnection(name, callback)
-
-~~~js
-api.getConnection('my-connection', function (err, connection) {
-  //.....
-});
-~~~
-
-### api.getStrategies(callback)
-
-~~~js
-api.getStrategies(function (err, strategies) {
-  //.....
-});
-~~~
-
-### api.deleteTenant
-
-~~~js
-api.deleteTenant(name, function (err) {
-  //.....
-});
-~~~
-
-### api.createClient
-
-~~~js
-api.createClient(client, function (err, newClient) {
-  //.....
-});
-~~~
-
-### api.updateClient
-
-~~~js
-api.updateClient(client, function (err) {
-  //.....
-});
-~~~
-
-### api.deleteClient
-
-~~~js
-api.deleteClient(clientID, function (err) {
-  //.....
-});
-~~~
-
-### api.getClients
-
-Returns a list of all the tenant's clients.
-
-~~~js
-api.getClients(function (err, clients) {
-  //.....
-});
-~~~
-
-### api.getClients
-
-Returns client by clientID.
-
-~~~js
-api.getClients(clientID, function (err, client) {
-  //.....
-});
-~~~
-
-### api.getClientsByUserId
-
-Returns a list of all the user's clients.
-
-~~~js
-api.getClientsByUserId(userId, function (err, clients) {
-  //.....
-});
-~~~
-
-### api.createRule
-
-Creates a new transformation Rule
-
-~~~js
-var rule = {
-  name: "A rule",
-  status: true,
-  script: "function(user, context, done) {}"
-};
-
-api.createRule(rule, function (err, rule) {
-  //.....
-});
-~~~
-
-### api.getRule
-
-Returns a specific transformaion rule
-
-~~~js
-api.getRule(ruleName, function (err, rule) {
-  //.....
-});
-~~~
-
-### api.deleteRule
-
-Returns a specific transformaion rule
-
-~~~js
-api.deleteRule(ruleName, function (err) {
-  //.....
-});
-~~~
-
-### api.updateRule
-
-Updates an existing rule
-
-~~~js
-api.updateRule(rule, function (err, rule) {
-  //.....
-});
-~~~
-
-## Auth0
-
-### Auth0.getUserInfo
-
-Gets a profile using an user Access Token. For instance, an user access token is returned  (together with the id token) by the `/ro` end point.
-
-```js
-
-var options = {domain: 'my-domain.auth0.com', userAccessToken: 'XXXXXX'};
-
-Auth0.getUserInfo(options, function (err, profile) {
-  if (err) { throw err; }
-
-  // Use user profile here
-});
-```
-
-
-## Authentication
-
-This library is useful to consume the rest api of auth0, in order to authenticate users you can use the [passport strategy](https://github.com/auth0/passport-auth0). 
-
-## Complete example
-
-A complete example of using this library [here](http://github.com/auth0/passport-auth0).
-
-
-## Documentation
-
-For more information about [auth0](http://auth0.com) contact our [documentation page](http://docs.auth0.com/).
-
 ## License
 
-This client library is MIT licensed.
+This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 6 instances in 1 package

No bug tracker

Maintenance

Package does not have a linked bug tracker in package.json.

Found 1 instance in 1 package

No website

Quality

Package does not have a website.

Found 1 instance in 1 package

Improved metrics

Number of low maintenance alerts

0

decreased by-100%

Number of low quality alerts

1

decreased by-50%

Number of low supply chain risk alerts

0

decreased by-100%

Number of medium supply chain risk alerts

1

decreased by-50%

Worsened metrics

Total package byte prevSize

18194

decreased by-78.58%

Dependency count

4

increased by33.33%

Number of package files

20

decreased by-44.44%

Lines of code

365

decreased by-76.3%

Number of lines in readme file

131

decreased by-66.5%

Dependency changes

• + Addedbluebird@^2.9.24

• + Addedmocha@^2.2.4

• + Addedsuperagent@^1.1.0

• + Addedurl-join@0.0.1

• + Addedasync@1.5.2(transitive)

• + Addedbluebird@2.11.0(transitive)

• + Addedcombined-stream@1.0.8(transitive)

• + Addedcommander@0.6.12.3.0(transitive)

• + Addedcomponent-emitter@1.2.1(transitive)

• + Addedcookiejar@2.0.6(transitive)

• + Addeddebug@2.2.0(transitive)

• + Addeddelayed-stream@1.0.0(transitive)

• + Addeddiff@1.4.0(transitive)

• + Addedescape-string-regexp@1.0.2(transitive)

• + Addedextend@3.0.0(transitive)

• + Addedform-data@1.0.0-rc3(transitive)

• + Addedformidable@1.0.17(transitive)

• + Addedglob@3.2.11(transitive)

• + Addedgrowl@1.9.2(transitive)

• + Addedjade@0.26.3(transitive)

• + Addedlru-cache@2.7.3(transitive)

• + Addedmethods@1.1.2(transitive)

• + Addedmime@1.3.4(transitive)

• + Addedmime-db@1.52.0(transitive)

• + Addedmime-types@2.1.35(transitive)

• + Addedminimatch@0.3.0(transitive)

• + Addedminimist@0.0.8(transitive)

• + Addedmkdirp@0.3.00.5.1(transitive)

• + Addedmocha@2.5.3(transitive)

• + Addedms@0.7.1(transitive)

• + Addedqs@2.3.3(transitive)

• + Addedreadable-stream@1.0.27-1(transitive)

• + Addedreduce-component@1.0.1(transitive)

• + Addedsigmund@1.0.1(transitive)

• + Addedsuperagent@1.8.5(transitive)

• + Addedsupports-color@1.2.0(transitive)

• + Addedto-iso-string@0.0.2(transitive)

• + Addedurl-join@0.0.1(transitive)

• - Removedparse-links@0.0.1

• - Removedrequest@~2.42.0

• - Removedxtend@~1.0.3

• - Removedasn1@0.1.11(transitive)

• - Removedassert-plus@0.1.5(transitive)

• - Removedasync@0.9.2(transitive)

• - Removedaws-sign2@0.5.0(transitive)

• - Removedbl@0.9.5(transitive)

• - Removedboom@0.4.2(transitive)

• - Removedcaseless@0.6.0(transitive)

• - Removedcombined-stream@0.0.7(transitive)

• - Removedcryptiles@0.2.2(transitive)

• - Removedctype@0.5.3(transitive)

• - Removeddelayed-stream@0.0.5(transitive)

• - Removedforever-agent@0.5.2(transitive)

• - Removedform-data@0.1.4(transitive)

• - Removedhawk@1.1.1(transitive)

• - Removedhoek@0.9.1(transitive)

• - Removedhttp-signature@0.10.1(transitive)

• - Removedjson-stringify-safe@5.0.1(transitive)

• - Removedmime@1.2.11(transitive)

• - Removedmime-types@1.0.2(transitive)

• - Removednode-uuid@1.4.8(transitive)

• - Removedoauth-sign@0.4.0(transitive)

• - Removedparse-links@0.0.1(transitive)

• - Removedqs@1.2.2(transitive)

• - Removedreadable-stream@1.0.34(transitive)

• - Removedrequest@2.42.0(transitive)

• - Removedsntp@0.2.4(transitive)

• - Removedstringstream@0.0.6(transitive)

• - Removedtldts@6.1.68(transitive)

• - Removedtldts-core@6.1.68(transitive)

• - Removedtough-cookie@5.0.0(transitive)

• - Removedtunnel-agent@0.4.3(transitive)

• - Removedxtend@1.0.3(transitive)