Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Management API Anomaly endpoints #179

Merged
merged 5 commits into from
Jul 15, 2019
Merged

Add Management API Anomaly endpoints #179

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
aec6534
add anomaly endpoints
makoto-matsumoto Jul 6, 2019
cd2a94e
Update spec/integration/lib/auth0/api/v2/api_anomaly_spec.rb
makoto-matsumoto Jul 13, 2019
a36a7f9
Update lib/auth0/api/v2/anomaly.rb
makoto-matsumoto Jul 13, 2019
d259a8a
PR review feedback
makoto-matsumoto Jul 13, 2019
5208519
PR review feedback
makoto-matsumoto Jul 13, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions lib/auth0/api/v2.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
require 'auth0/api/v2/anomaly'
require 'auth0/api/v2/blacklists'
require 'auth0/api/v2/clients'
require 'auth0/api/v2/client_grants'
Expand All @@ -20,6 +21,7 @@ module Auth0
module Api
# https://auth0.com/docs/apiv2
module V2
include Auth0::Api::V2::Anomaly
include Auth0::Api::V2::Blacklists
include Auth0::Api::V2::Clients
include Auth0::Api::V2::ClientGrants
Expand Down
36 changes: 36 additions & 0 deletions lib/auth0/api/v2/anomaly.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
module Auth0
module Api
module V2
# Methods to use the anomaly endpoints
module Anomaly
# Use this route to determine if a given ip is currently blocked
# by the failed login to multiple user accounts trigger.
# @see https://auth0.com/docs/api/management/v2#!/Anomaly/get_ips_by_id
# @param ip [string] The IP to check.
def check_if_ip_is_blocked(ip)
raise Auth0::InvalidParameter, 'Must specify an IP' if ip.to_s.empty?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What do you think about IP address validation here?

https://stackoverflow.com/a/15157862/728480

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that it is better to return the original response of Auth0 as much as possible.
If the format is incorrect, Auth0 will return:

RESPONSE CODE : 400
RESPONSE BODY
{
  "statusCode": 400,
  "error": "Bad Request",
  "message": "Path validation error: 'Object didn't pass validation for format ipv4: 9919191' on property id (The ip to check).",
  "errorCode": "invalid_uri"
}

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The main thing I was thinking here is that we could save an HTTP call if we can catch the error (like we do in other cases). I'll check with the team to see what they think.


path = "#{anomaly_path}/#{ip}"
get(path)
end

# Resets an IP that is currently blocked by the failed login to multiple user accounts trigger.
# @see https://auth0.com/docs/api/management/v2#!/Anomaly/delete_ips_by_id
# @param ip [string] The IP to remove block.
def remove_ip_block(ip)
raise Auth0::InvalidParameter, 'Must specify an IP' if ip.to_s.empty?

path = "#{anomaly_path}/#{ip}"
delete(path)
end

private

# Anomaly API path
def anomaly_path
@anomaly_path ||= '/api/v2/anomaly/blocks/ips'
end
end
end
end
end
65 changes: 65 additions & 0 deletions ...assettes/Auth0_Api_V2_Anomaly/_check_if_ip_is_blocked/should_rerurn_200_response_code.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

60 changes: 60 additions & 0 deletions .../vcr_cassettes/Auth0_Api_V2_Anomaly/_remove_ip_block/should_remove_an_IP_successfully.yml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

17 changes: 17 additions & 0 deletions spec/integration/lib/auth0/api/v2/api_anomaly_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
require 'spec_helper'
describe Auth0::Api::V2::Anomaly do
let(:client) { Auth0Client.new(v2_creds) }
let(:ip) { '192.0.2.0' }

describe '.check_if_ip_is_blocked', vcr: true do
it 'should rerurn 200 response code' do
expect { client.check_if_ip_is_blocked(ip) }.to_not raise_error
end
end

describe '.remove_ip_block', vcr: true do
it 'should remove an IP successfully' do
expect { client.remove_ip_block(ip) }.to_not raise_error
end
end
end
26 changes: 26 additions & 0 deletions spec/lib/auth0/api/v2/anomaly_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
require 'spec_helper'
describe Auth0::Api::V2::Anomaly do
before :all do
dummy_instance = DummyClass.new
dummy_instance.extend(Auth0::Api::V2::Anomaly)
@instance = dummy_instance
end

context '.check_if_ip_is_blocked' do
it { expect(@instance).to respond_to(:check_if_ip_is_blocked) }
it 'expect client to send get to /api/v2/anomaly/blocks/ips/192.0.2.0' do
expect(@instance).to receive(:get).with('/api/v2/anomaly/blocks/ips/192.0.2.0')
expect { @instance.check_if_ip_is_blocked('192.0.2.0') }.not_to raise_error
end
it { expect { @instance.check_if_ip_is_blocked('') }.to raise_error('Must specify an IP') }
end

context '.remove_ip_block' do
it { expect(@instance).to respond_to(:remove_ip_block) }
it 'expect client to send delete to /api/v2/anomaly/blocks/ips/192.0.2.0' do
expect(@instance).to receive(:delete).with('/api/v2/anomaly/blocks/ips/192.0.2.0')
expect { @instance.remove_ip_block('192.0.2.0') }.not_to raise_error
end
it { expect { @instance.remove_ip_block('') }.to raise_error('Must specify an IP') }
end
end