auth0 - npm Package Compare versions

Comparing version 2.33.0 to 2.34.0

CHANGELOG.md

 # Change Log
 
+## [v2.34.0](https://github.com/auth0/node-auth0/tree/v2.34.0) (2021-03-24)
+
+**Added**
+
+- feat(orgs): Support Organization feature [\#592](https://github.com/auth0/node-auth0/pull/592) ([mcastany](https://github.com/mcastany))
+- Org idtoken validation support [\#597](https://github.com/auth0/node-auth0/pull/597) ([davidpatrick](https://github.com/davidpatrick))
+- Allow passwordless SMS code verification to use token endpoint [\#591](https://github.com/auth0/node-auth0/pull/591) ([jimmyjames](https://github.com/jimmyjames))
+
+**Changed**
+
+- Doc Updates [\#599](https://github.com/auth0/node-auth0/pull/599) ([davidpatrick](https://github.com/davidpatrick))
+- Update get role users docs [\#587](https://github.com/auth0/node-auth0/pull/587) ([jhiner](https://github.com/jhiner))
+- revokeRefreshToken method is missing in docs [\#584](https://github.com/auth0/node-auth0/issues/584)
+
+**Security**
+
+- [Security] Bump elliptic from 6.5.3 to 6.5.4 [\#589](https://github.com/auth0/node-auth0/pull/589) ([dependabot-preview[bot]](https://github.com/apps/dependabot-preview))
+
+[Full Changelog](https://github.com/auth0/node-auth0/compare/v2.33.0...v2.34.0)
+
 ## [v2.33.0](https://github.com/auth0/node-auth0/tree/v2.33.0) (2021-02-05)
@@ -4,0 +24,0 @@

package.json

 {
   "name": "auth0",
-  "version": "2.33.0",
+  "version": "2.34.0",
   "description": "SDK for Auth0 API v2",
@@ -5,0 +5,0 @@ "main": "src/index.js",

src/auth/idToken.js

@@ -82,2 +82,15 @@ var urlDecodeB64 = function(data) {
 
+  // Organization
+  if (options.organization) {
+    if (!payload.org_id || typeof payload.org_id !== 'string') {
+      throw new Error('Organization Id (org_id) claim must be a string present in the ID token');
+    }
+
+    if (payload.org_id !== options.organization) {
+      throw new Error(
+        `Organization Id (org_id) claim value mismatch in the ID token; expected "${options.organization}", found "${payload.org_id}"'`
+      );
+    }
+  }
+
   // --Time validation (epoch)--
@@ -84,0 +97,0 @@ var now = Math.floor(Date.now() / 1000);

src/auth/index.js

@@ -241,8 +241,27 @@ /** @module auth **/
  * @example <caption>
- *   Given the user credentials (`phone_number` and `code`), it will do the
- *   authentication on the provider and return a JSON with the `access_token`
- *   and `id_token`.
+ *   Given the user credentials (`phone_number` and `otp`), authenticates
+ *   with the provider using the `/oauth/token` endpoint. Upon successful
+ *   authentication, returns a JSON object containing the `access_token` and
+ *   `id_token`.
  * </caption>
  *
  * var data = {
+ *   username: '{PHONE_NUMBER}'
+ *   otp: '{VERIFICATION_CODE}'
+ * };
+ *
+ * auth0.verifySMSCode(data, function (err) {
+ *   if (err) {
+ *     // Handle error.
+ *   }
+ * });
+ *
+ * @example <caption>
+ *   Given the user credentials (`phone_number` and `password`), authenticates
+ *   with the provider using the deprecated `/oauth/ro` endpoint. Upon successful
+ *   authentication, returns a JSON object containing the `access_token` and
+ *   `id_token`.
+ * </caption>
+ *
+ * var data = {
  *   username: '{PHONE_NUMBER}',
@@ -270,5 +289,4 @@ *   password: '{VERIFICATION_CODE}'
  * @param   {String}    data.username     Phone number.
- * @param   {String}    data.password     Verification code.
- * @param   {String}    data.target       Target client ID.
- * @param   {String}    data.grant_type   Grant type.
+ * @param   {String}    data.otp          Verification code. Use this instead of `password` to use the `/oauth/token` endpoint.
+ * @param   {String}    data.password     Verification code. Use this instead of `otp` to use the `/oauth/ro` endpoint.
  * @param   {Function}  [cb]              Method callback.
@@ -280,6 +298,11 @@ *
   var translatedData = {
-    username: data.phoneNumber || data.phone_number || data.username,
-    password: data.code || data.password
+    username: data.phoneNumber || data.phone_number || data.username
   };
 
+  if (data.otp) {
+    translatedData.otp = data.otp;
+  } else {
+    translatedData.password = data.code || data.password;
+  }
+
   return this.passwordless.signIn(translatedData, cb);
@@ -286,0 +309,0 @@ };

src/auth/OAuthAuthenticator.js

@@ -357,3 +357,3 @@ var extend = require('util')._extend;
  *
- * var data = {
+ * var options = {
  *   code: '{CODE}',
@@ -363,5 +363,6 @@ *   redirect_uri: '{REDIRECT_URI}',
  *   client_secret: '{CLIENT_SECRET}',  // Optional field.
+ *   organization: '{ORGANIZATION_ID}' // Optiional field.
  * };
  *
- * auth0.oauth.authorizationCodeGrant(data, function (err, userData) {
+ * auth0.oauth.authorizationCodeGrant(options, function (err, userData) {
  *   if (err) {
@@ -374,5 +375,6 @@ *     // Handle error.
  *
- * @param   {Object}    data                  Authorization code payload
- * @param   {String}    userData.code         Code in URL returned after authentication
- * @param   {String}    userData.redirect_uri The URL to which Auth0 will redirect the browser after authorization has been granted by the user.
+ * @param   {Object}    options                  Authorization code payload
+ * @param   {String}    options.organization     Organization ID
+ * @param   {String}    options.code             Code in URL returned after authentication
+ * @param   {String}    options.redirect_uri     The URL to which Auth0 will redirect the browser after authorization has been granted by the user.
  *
@@ -379,0 +381,0 @@ * @return  {Promise|undefined}

src/auth/OAUthWithIDTokenValidation.js

@@ -89,2 +89,6 @@ var jwt = require('jsonwebtoken');
 
+        if (data.organization) {
+          options.organization = data.organization;
+        }
+
         if (data.nonce) {
@@ -91,0 +95,0 @@ options.nonce = data.nonce;

src/auth/PasswordlessAuthenticator.js

@@ -63,10 +63,12 @@ var extend = require('util')._extend;
  * @example <caption>
- *   Given the user credentials (`phone_number` and `code`), it will do the
- *   authentication on the provider and return a JSON with the `access_token`
- *   and `id_token` using `/oauth/ro` endpoint.
+ * Once you have a verification code, use this endpoint to login
+ * the user with their phone number/email and verification code.
+ *
+ * https://auth0.com/docs/api/authentication#authenticate-user
  * </caption>
  *
  * var data = {
- *   username: '{PHONE_NUMBER}',
- *   password: '{VERIFICATION_CODE}'
+ *   username: '{PHONE_NUMBER OR EMAIL}',
+ *   otp: '{VERIFICATION_CODE}',
+ *   realm: '{sms or email}' // OPTIONAL DEFAULTS TO SMS
  * };
@@ -81,8 +83,23 @@ *
  * @example <caption>
- * To use `/oauth/token` endpoint, use `otp` and `realm` instead
+ *   The user data object has the following structure.
  * </caption>
  *
+ * {
+ *   id_token: String,
+ *   access_token: String,
+ *   token_type: String
+ * }
+ *
+ * @example <caption>
+ *  LEGACY signIn using the `/oauth/ro` endpoint. When otp is not specified
+ *  password is required. Given the user credentials (`phone_number` and `code`),
+ *  it will do the authentication on the provider and return a JSON with
+ *  the `access_token` and `id_token`.
+ *
+ * https://auth0.com/docs/api/authentication#resource-owner
+ * </caption>
+ *
  * var data = {
  *   username: '{PHONE_NUMBER}',
- *   otp: '{VERIFICATION_CODE}'
+ *   password: '{VERIFICATION_CODE}'
  * };
@@ -96,17 +113,7 @@ *
  *
- * @example <caption>
- *   The user data object has the following structure.
- * </caption>
- *
- * {
- *   id_token: String,
- *   access_token: String,
- *   token_type: String
- * }
- *
  * @param   {Object}    userData              User credentials object.
- * @param   {String}    userData.otp          The user's verification code.
+ * @param   {String}    userData.username     The user's phone number if realm=sms, or the user's email if realm=email
+ * @param   {String}    userData.otp        The user's verification code. Required
  * @param   {String}    [userData.realm=sms]  Realm string: "sms" or "email".
- * @param   {String}    userData.username     The user's phone number if realm=sms, or the user's email if realm=email
- * @param   {String}    userData.password     [DEPRECATED] Password.
+ * @param   {String}    [userData.password]     [DEPRECATED] Password required if using legacy /oauth/ro endpoint
  * @param   {String}    [userData.connection=sms] [DEPRECATED] Connection string: "sms" or "email".
@@ -113,0 +120,0 @@ * @param   {Object}    [options]              Additional options.

src/auth/TokensManager.js

@@ -7,3 +7,3 @@ var extend = require('util')._extend;
 /**
- * @class
+ * @class TokensManager
  * Provides methods for getting token data and exchanging tokens.
@@ -37,3 +37,3 @@ * @constructor
  *
- * @method
+ * @method   getInfo
  * @memberOf module:auth.TokensManager.prototype
@@ -93,3 +93,3 @@ *
  *
- * @method
+ * @method   getDelegationToken
  * @memberOf module:auth.TokensManager.prototype
@@ -183,3 +183,3 @@ *
  *
- * @method
+ * @method   revokeRefreshToken
  * @memberOf module:auth.TokensManager.prototype
@@ -186,0 +186,0 @@ *

src/auth/UsersManager.js

@@ -7,3 +7,3 @@ var extend = require('util')._extend;
 /**
- * @class
+ * @class UsersManager
  * Provides methods for getting user information and impersonating users.
@@ -10,0 +10,0 @@ * @constructor

src/management/JobsManager.js

@@ -367,2 +367,3 @@ var axios = require('axios');
  * @param   {String}    data.user_id  ID of the user to be verified.
+ * @param   {String}    [data.organization_id] Organization ID
  * @param   {String}    [data.client_id] client_id of the client (application). If no value provided, the global Client ID will be used.
@@ -369,0 +370,0 @@ * @param   {Object}    [data.identity] Used to verify secondary, federated, and passwordless-email identities.

src/management/RolesManager.js

@@ -338,3 +338,3 @@ var ArgumentError = require('rest-facade').ArgumentError;
  * var params = {
- *   roleId: 'ROLE_ID'
+ *   roleId: 'ROLE_ID',
  *   per_page: 50,
@@ -345,3 +345,3 @@ *   page: 0
  * @example <caption>
- *   This method takes a roleId and returns all users within that role
+ *   This method takes a roleId and returns all users within that role. Supports offset (page, per_page) and checkpoint pagination (from, take). You must use checkpoint pagination to retrieve beyond the first 1000 records.
  * </caption>
@@ -353,5 +353,7 @@ *
  *
- * @param   {String}    [roleId]           Id of the role
+ * @param   {String}    [roleId]          Id of the role
  * @param   {Number}    [params.per_page] Number of results per page.
  * @param   {Number}    [params.page]     Page number, zero indexed.
+ * @param   {String}    [params.from]     Optional id from which to start selection.
+ * @param   {Number}    [params.take]     The total amount of entries to retrieve when using the from parameter. Defaults to 50.
  * @param   {Function}  [cb]              Callback function.
@@ -358,0 +360,0 @@ *

src/management/TicketsManager.js

@@ -69,2 +69,12 @@ var ArgumentError = require('rest-facade').ArgumentError;
  *
+ * @param   {Object}  data
+ * @param   {String}  [data.result_url] URL the user will be redirected to once ticket is used.
+ * @param   {String}  [data.user_id] user_id for whom the ticket should be created. (Conflicts with: connection_id, email)
+ * @param   {String}  [data.client_id] ID of the client.
+ * @param   {String}  [data.organization_id] ID of the organization.
+ * @param   {String}  [data.connection_id] ID of the connection.
+ * @param   {Integer} [data.ttl_sec] Number of seconds for which the ticket is valid before expiration.
+ * @param   {String}  [data.email] Email of the user. (Requires: connection_id)
+ * @param   {Boolean} [data.mark_email_as_verified] Whether to set the email_verified attribute to true (true) or whether it should not be updated (false).
+ * @param   {Boolean} [data.includeEmailInRedirect] Whether to include the email address as part of the returnUrl in the reset_email (true), or not (false).
  * @param   {Function}  [cb]  Callback function.
@@ -110,2 +120,4 @@ * @return  {Promise}
  * @param   {String}  data.identity.provider provider of the identity.
+ * @param   {String}  [data.client_id] client ID.
+ * @param   {String}  [data.organization_id] organization ID.
  * @param   {Function}  [cb]  Callback function.
@@ -112,0 +124,0 @@ * @return  {Promise}

src/management/UsersManager.js

@@ -164,2 +164,9 @@ var ArgumentError = require('rest-facade').ArgumentError;
   this.permissions = new RetryRestClient(userPermissionsClient, options.retry);
+
+  var organizationsClient = new Auth0RestClient(
+    options.baseUrl + '/users/:id/organizations',
+    clientOptions,
+    options.tokenProvider
+  );
+  this.organizations = new RetryRestClient(organizationsClient, options.retry);
 };
@@ -933,2 +940,23 @@
 
+/**
+ * Get a list of organizations for a user.
+ *
+ * @method    getUserOrganizations
+ * @memberOf  module:management.UsersManager.prototype
+ *
+ * @example
+ * management.users.getUserOrganizations({ id: USER_ID }, function (err, orgs) {
+ *   console.log(orgs);
+ * });
+ *
+ * @param   {Object}    data      The user data object.
+ * @param   {String}    data.id   The user id.
+ * @param   {Function}  [cb]      Callback function.
+ *
+ * @return  {Promise|undefined}
+ */
+UsersManager.prototype.getUserOrganizations = function() {
+  return this.organizations.getAll.apply(this.organizations, arguments);
+};
+
 module.exports = UsersManager;

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

424640

increased by8.23%

Number of package files

46

increased by2.22%

Lines of code

12406

increased by7.5%

No dependency changes