diff --git a/management/resource_server.go b/management/resource_server.go index 19a17e6a..f3b767fa 100644 --- a/management/resource_server.go +++ b/management/resource_server.go @@ -48,7 +48,16 @@ type ResourceServer struct { // Enables the enforcement of the authorization policies. EnforcePolicies *bool `json:"enforce_policies,omitempty"` - // The dialect for the access token ["access_token" or "access_token_authz"]. + // TokenDialect specifies the dialect of access tokens that should be issued for this resource server. + // + // Available options: + // - "access_token": A JWT containing standard Auth0 claims. + // - "rfc9068_profile": A JWT conforming to the IETF JWT Access Token Profile. + // - "access_token_authz": A JWT containing standard Auth0 claims, including RBAC permissions claims. + // - "rfc9068_profile_authz": A JWT conforming to the IETF JWT Access Token Profile, including RBAC permissions claims. + // + // Note: RBAC permissions claims are available if RBAC (enforce_policies) is enabled for this API." + // For more details, see the Access Token Profiles documentation : https://auth0.com/docs/secure/tokens/access-tokens/access-token-profiles. TokenDialect *string `json:"token_dialect,omitempty"` } diff --git a/management/resource_server_test.go b/management/resource_server_test.go index 1c0320b5..40435a71 100644 --- a/management/resource_server_test.go +++ b/management/resource_server_test.go @@ -27,6 +27,8 @@ func TestResourceServer_Create(t *testing.T) { Description: auth0.String("Create Resource"), }, }, + EnforcePolicies: auth0.Bool(true), + TokenDialect: auth0.String("rfc9068_profile_authz"), } err := api.ResourceServer.Create(context.Background(), expectedResourceServer) @@ -70,6 +72,8 @@ func TestResourceServer_Update(t *testing.T) { Description: auth0.String("Update Resource"), }) expectedResourceServer.Scopes = &scopes + expectedResourceServer.EnforcePolicies = auth0.Bool(true) + expectedResourceServer.TokenDialect = auth0.String("access_token_authz") err := api.ResourceServer.Update(context.Background(), resourceServerID, expectedResourceServer) @@ -80,6 +84,86 @@ func TestResourceServer_Update(t *testing.T) { assert.Equal(t, expectedResourceServer.GetTokenLifetime(), 7200) assert.Equal(t, expectedResourceServer.GetTokenLifetimeForWeb(), 5400) assert.Equal(t, len(expectedResourceServer.GetScopes()), 2) + assert.Equal(t, expectedResourceServer.GetTokenDialect(), "access_token_authz") + assert.Equal(t, expectedResourceServer.GetEnforcePolicies(), true) +} + +func TestResourceServer_TokenDialect(t *testing.T) { + t.Run("When_TokenDialect_is_rfc9068_profile_should_succeed", func(t *testing.T) { + configureHTTPTestRecordings(t) + expectedResourceServer := givenAResourceServer(t) + + resourceServerID := expectedResourceServer.GetID() + + expectedResourceServer.ID = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.Identifier = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.SigningSecret = nil + + expectedResourceServer.TokenDialect = auth0.String("rfc9068_profile") + expectedResourceServer.EnforcePolicies = auth0.Bool(false) + + err := api.ResourceServer.Update(context.Background(), resourceServerID, expectedResourceServer) + assert.NoError(t, err) + assert.Equal(t, expectedResourceServer.GetTokenDialect(), "rfc9068_profile") + assert.Equal(t, expectedResourceServer.GetEnforcePolicies(), false) + }) + + t.Run("When_TokenDialect_is_access_token_authz_and_RBAC_enabled_should_succeed", func(t *testing.T) { + configureHTTPTestRecordings(t) + expectedResourceServer := givenAResourceServer(t) + + resourceServerID := expectedResourceServer.GetID() + + expectedResourceServer.ID = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.Identifier = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.SigningSecret = nil + + expectedResourceServer.TokenDialect = auth0.String("access_token_authz") + expectedResourceServer.EnforcePolicies = auth0.Bool(true) + + err := api.ResourceServer.Update(context.Background(), resourceServerID, expectedResourceServer) + assert.NoError(t, err) + assert.Equal(t, expectedResourceServer.GetTokenDialect(), "access_token_authz") + assert.Equal(t, expectedResourceServer.GetEnforcePolicies(), true) + }) + + t.Run("When_TokenDialect_is_rfc9068_profile_authz_and_RBAC_enabled_should_succeed", func(t *testing.T) { + configureHTTPTestRecordings(t) + expectedResourceServer := givenAResourceServer(t) + + resourceServerID := expectedResourceServer.GetID() + + expectedResourceServer.ID = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.Identifier = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.SigningSecret = nil + + expectedResourceServer.TokenDialect = auth0.String("rfc9068_profile_authz") + expectedResourceServer.EnforcePolicies = auth0.Bool(true) + + err := api.ResourceServer.Update(context.Background(), resourceServerID, expectedResourceServer) + assert.NoError(t, err) + assert.Equal(t, expectedResourceServer.GetTokenDialect(), "rfc9068_profile_authz") + assert.Equal(t, expectedResourceServer.GetEnforcePolicies(), true) + }) + + t.Run("When_TokenDialect_is_access_token_should_succeed", func(t *testing.T) { + configureHTTPTestRecordings(t) + expectedResourceServer := givenAResourceServer(t) + + resourceServerID := expectedResourceServer.GetID() + + expectedResourceServer.ID = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.Identifier = nil // Read-Only: Additional properties not allowed. + expectedResourceServer.SigningSecret = nil + + expectedResourceServer.TokenDialect = auth0.String("access_token") + expectedResourceServer.EnforcePolicies = auth0.Bool(false) + + err := api.ResourceServer.Update(context.Background(), resourceServerID, expectedResourceServer) + assert.NoError(t, err) + assert.Equal(t, expectedResourceServer.GetTokenDialect(), "access_token") + assert.Equal(t, expectedResourceServer.GetEnforcePolicies(), false) + }) } func TestResourceServer_Delete(t *testing.T) { @@ -117,6 +201,8 @@ func givenAResourceServer(t *testing.T) *ResourceServer { SigningAlgorithm: auth0.String("HS256"), TokenLifetime: auth0.Int(7200), TokenLifetimeForWeb: auth0.Int(3600), + TokenDialect: auth0.String("access_token"), + EnforcePolicies: auth0.Bool(false), Scopes: &[]ResourceServerScope{ { Value: auth0.String("create:resource"), diff --git a/test/data/recordings/TestResourceServer_Create.yaml b/test/data/recordings/TestResourceServer_Create.yaml index 49fa6667..af134b70 100644 --- a/test/data/recordings/TestResourceServer_Create.yaml +++ b/test/data/recordings/TestResourceServer_Create.yaml @@ -6,20 +6,20 @@ interactions: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 239 + content_length: 303 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Test Resource Server (Jan 25 18:49:46.683)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600} + {"name":"Test Resource Server (Jun 11 18:23:31.182)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz"} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest + - Go-Auth0/1.6.0 url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers method: POST response: @@ -28,15 +28,15 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 407 + content_length: 471 uncompressed: false - body: '{"id":"63d16bba207a38efeafd7ad8","name":"Test Resource Server (Jan 25 18:49:46.683)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false}' + body: '{"id":"666848cb019f67554fa3c298","name":"Test Resource Server (Jun 11 18:23:31.182)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz"}' headers: Content-Type: - application/json; charset=utf-8 status: 201 Created code: 201 - duration: 122.111125ms + duration: 675.655583ms - id: 1 request: proto: HTTP/1.1 @@ -54,8 +54,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bba207a38efeafd7ad8 + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848cb019f67554fa3c298 method: DELETE response: proto: HTTP/2.0 @@ -71,4 +71,4 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 177.992ms + duration: 377.692875ms diff --git a/test/data/recordings/TestResourceServer_Delete.yaml b/test/data/recordings/TestResourceServer_Delete.yaml index fdc4e86b..4273611b 100644 --- a/test/data/recordings/TestResourceServer_Delete.yaml +++ b/test/data/recordings/TestResourceServer_Delete.yaml @@ -6,20 +6,20 @@ interactions: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 239 + content_length: 295 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Test Resource Server (Jan 25 18:49:47.811)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600} + {"name":"Test Resource Server (Jun 11 18:23:34.193)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest + - Go-Auth0/1.6.0 url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers method: POST response: @@ -28,15 +28,15 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 407 + content_length: 463 uncompressed: false - body: '{"id":"63d16bbca3bf4713e249e733","name":"Test Resource Server (Jan 25 18:49:47.811)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false}' + body: '{"id":"666848ce019f67554fa3c2a1","name":"Test Resource Server (Jun 11 18:23:34.193)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' headers: Content-Type: - application/json; charset=utf-8 status: 201 Created code: 201 - duration: 178.781875ms + duration: 299.760792ms - id: 1 request: proto: HTTP/1.1 @@ -54,8 +54,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bbca3bf4713e249e733 + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848ce019f67554fa3c2a1 method: DELETE response: proto: HTTP/2.0 @@ -71,27 +71,26 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 152.950333ms + duration: 377.525834ms - id: 2 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 5 + content_length: 0 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" - body: | - null + body: "" form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bbca3bf4713e249e733 + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848ce019f67554fa3c2a1 method: GET response: proto: HTTP/2.0 @@ -107,7 +106,7 @@ interactions: - application/json; charset=utf-8 status: 404 Not Found code: 404 - duration: 97.4345ms + duration: 276.600375ms - id: 3 request: proto: HTTP/1.1 @@ -125,8 +124,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bbca3bf4713e249e733 + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848ce019f67554fa3c2a1 method: DELETE response: proto: HTTP/2.0 @@ -142,4 +141,4 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 111.92575ms + duration: 303.999208ms diff --git a/test/data/recordings/TestResourceServer_List.yaml b/test/data/recordings/TestResourceServer_List.yaml index ce3de553..181dfa98 100644 --- a/test/data/recordings/TestResourceServer_List.yaml +++ b/test/data/recordings/TestResourceServer_List.yaml @@ -6,20 +6,20 @@ interactions: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 239 + content_length: 295 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Test Resource Server (Jan 25 19:14:28.600)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600} + {"name":"Test Resource Server (Jun 11 18:23:35.454)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest + - Go-Auth0/1.6.0 url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers method: POST response: @@ -28,34 +28,33 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 407 + content_length: 463 uncompressed: false - body: '{"id":"63d17185e1348ba5970e698f","name":"Test Resource Server (Jan 25 19:14:28.600)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false}' + body: '{"id":"666848cf684d1a66674afe63","name":"Test Resource Server (Jun 11 18:23:35.454)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' headers: Content-Type: - application/json; charset=utf-8 status: 201 Created code: 201 - duration: 380.216375ms + duration: 334.320334ms - id: 1 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 5 + content_length: 0 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" - body: | - null + body: "" form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest + - Go-Auth0/1.6.0 url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers?fields=id&include_fields=true&include_totals=true&per_page=50 method: GET response: @@ -66,13 +65,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"total":7,"start":0,"limit":50,"resource_servers":[{"id":"63d17185e1348ba5970e698f"}]}' + body: '{"total":7,"start":0,"limit":50,"resource_servers":[{"id":"660bf8bc2cd7cc0b5b37194c"},{"id":"663239ff1471431febe3405b"},{"id":"66323a001417972c4a002dae"},{"id":"664f1ad673f9ef17a7933a35"},{"id":"664f1ad61f3095fe8063e6d0"},{"id":"6650614512e3459425c972ff"},{"id":"666848cf684d1a66674afe63"}]}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 124.458416ms + duration: 379.520334ms - id: 2 request: proto: HTTP/1.1 @@ -90,8 +89,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d17185e1348ba5970e698f + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848cf684d1a66674afe63 method: DELETE response: proto: HTTP/2.0 @@ -107,4 +106,4 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 201.977292ms + duration: 320.687542ms diff --git a/test/data/recordings/TestResourceServer_Read.yaml b/test/data/recordings/TestResourceServer_Read.yaml index e5259f0a..0d3d1a38 100644 --- a/test/data/recordings/TestResourceServer_Read.yaml +++ b/test/data/recordings/TestResourceServer_Read.yaml @@ -6,20 +6,20 @@ interactions: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 239 + content_length: 295 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Test Resource Server (Jan 25 18:49:46.986)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600} + {"name":"Test Resource Server (Jun 11 18:23:32.237)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest + - Go-Auth0/1.6.0 url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers method: POST response: @@ -28,35 +28,34 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 407 + content_length: 463 uncompressed: false - body: '{"id":"63d16bbbf2a5bdbc63644a1b","name":"Test Resource Server (Jan 25 18:49:46.986)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false}' + body: '{"id":"666848cced00b27f8985623f","name":"Test Resource Server (Jun 11 18:23:32.237)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' headers: Content-Type: - application/json; charset=utf-8 status: 201 Created code: 201 - duration: 109.424042ms + duration: 339.716ms - id: 1 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 5 + content_length: 0 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" - body: | - null + body: "" form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bbbf2a5bdbc63644a1b + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848cced00b27f8985623f method: GET response: proto: HTTP/2.0 @@ -66,13 +65,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"id":"63d16bbbf2a5bdbc63644a1b","name":"Test Resource Server (Jan 25 18:49:46.986)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false}' + body: '{"id":"666848cced00b27f8985623f","name":"Test Resource Server (Jun 11 18:23:32.237)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 169.0945ms + duration: 282.446458ms - id: 2 request: proto: HTTP/1.1 @@ -90,8 +89,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bbbf2a5bdbc63644a1b + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848cced00b27f8985623f method: DELETE response: proto: HTTP/2.0 @@ -107,4 +106,4 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 188.163875ms + duration: 358.337375ms diff --git a/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_access_token_authz_and_RBAC_enabled_should_succeed.yaml b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_access_token_authz_and_RBAC_enabled_should_succeed.yaml new file mode 100644 index 00000000..077eacdc --- /dev/null +++ b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_access_token_authz_and_RBAC_enabled_should_succeed.yaml @@ -0,0 +1,110 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 295 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:32.008)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 463 + uncompressed: false + body: '{"id":"66686b04684d1a66674bdf37","name":"Test Resource Server (Jun 11 20:49:32.008)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 274.029959ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 345 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:32.008)","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":true,"token_dialect":"access_token_authz"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b04684d1a66674bdf37 + method: PATCH + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"id":"66686b04684d1a66674bdf37","name":"Test Resource Server (Jun 11 20:49:32.008)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":true,"token_dialect":"access_token_authz"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 306.1795ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b04684d1a66674bdf37 + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 323.31375ms diff --git a/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_access_token_should_succeed.yaml b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_access_token_should_succeed.yaml new file mode 100644 index 00000000..f29a7b46 --- /dev/null +++ b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_access_token_should_succeed.yaml @@ -0,0 +1,110 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 295 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:33.912)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 463 + uncompressed: false + body: '{"id":"66686b06da03304fd7e6e749","name":"Test Resource Server (Jun 11 20:49:33.912)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 416.140458ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 340 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:33.912)","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b06da03304fd7e6e749 + method: PATCH + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"id":"66686b06da03304fd7e6e749","name":"Test Resource Server (Jun 11 20:49:33.912)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 295.688708ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b06da03304fd7e6e749 + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 1.7608485s diff --git a/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_rfc9068_profile_authz_and_RBAC_enabled_should_succeed.yaml b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_rfc9068_profile_authz_and_RBAC_enabled_should_succeed.yaml new file mode 100644 index 00000000..fe6372a7 --- /dev/null +++ b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_rfc9068_profile_authz_and_RBAC_enabled_should_succeed.yaml @@ -0,0 +1,110 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 295 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:32.913)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 463 + uncompressed: false + body: '{"id":"66686b0546c13758a7d42d8e","name":"Test Resource Server (Jun 11 20:49:32.913)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 389.130333ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 348 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:32.913)","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b0546c13758a7d42d8e + method: PATCH + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"id":"66686b0546c13758a7d42d8e","name":"Test Resource Server (Jun 11 20:49:32.913)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":true,"token_dialect":"rfc9068_profile_authz"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 269.860166ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b0546c13758a7d42d8e + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 338.611875ms diff --git a/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_rfc9068_profile_should_succeed.yaml b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_rfc9068_profile_should_succeed.yaml new file mode 100644 index 00000000..18bad015 --- /dev/null +++ b/test/data/recordings/TestResourceServer_TokenDialect/When_TokenDialect_is_rfc9068_profile_should_succeed.yaml @@ -0,0 +1,110 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 295 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:30.720)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 463 + uncompressed: false + body: '{"id":"66686b030cb11c99904dd184","name":"Test Resource Server (Jun 11 20:49:30.720)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 680.76975ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 343 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test Resource Server (Jun 11 20:49:30.720)","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"rfc9068_profile"} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b030cb11c99904dd184 + method: PATCH + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"id":"66686b030cb11c99904dd184","name":"Test Resource Server (Jun 11 20:49:30.720)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"rfc9068_profile"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 307.241458ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/66686b030cb11c99904dd184 + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 293.764875ms diff --git a/test/data/recordings/TestResourceServer_Update.yaml b/test/data/recordings/TestResourceServer_Update.yaml index 234d39f7..581491fb 100644 --- a/test/data/recordings/TestResourceServer_Update.yaml +++ b/test/data/recordings/TestResourceServer_Update.yaml @@ -6,20 +6,20 @@ interactions: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 239 + content_length: 295 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Test Resource Server (Jan 25 18:49:47.456)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600} + {"name":"Test Resource Server (Jun 11 18:23:33.220)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","token_lifetime":7200,"token_lifetime_for_web":3600,"enforce_policies":false,"token_dialect":"access_token"} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest + - Go-Auth0/1.6.0 url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers method: POST response: @@ -28,35 +28,35 @@ interactions: proto_minor: 0 transfer_encoding: [] trailer: {} - content_length: 407 + content_length: 463 uncompressed: false - body: '{"id":"63d16bbba28a2652d689903c","name":"Test Resource Server (Jan 25 18:49:47.456)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false}' + body: '{"id":"666848cd684d1a66674afe59","name":"Test Resource Server (Jun 11 18:23:33.220)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"}],"signing_alg":"HS256","allow_offline_access":false,"token_lifetime":7200,"token_lifetime_for_web":3600,"skip_consent_for_verifiable_first_party_clients":false,"enforce_policies":false,"token_dialect":"access_token"}' headers: Content-Type: - application/json; charset=utf-8 status: 201 Created code: 201 - duration: 120.959542ms + duration: 324.690959ms - id: 1 request: proto: HTTP/1.1 proto_major: 1 proto_minor: 1 - content_length: 342 + content_length: 403 transfer_encoding: [] trailer: {} host: go-auth0-dev.eu.auth0.com remote_addr: "" request_uri: "" body: | - {"name":"Test Resource Server (Jan 25 18:49:47.456)","scopes":[{"value":"create:resource","description":"Create Resource"},{"value":"update:resource","description":"Update Resource"}],"signing_alg":"RS256","allow_offline_access":true,"token_lifetime":7200,"token_lifetime_for_web":5400,"skip_consent_for_verifiable_first_party_clients":true} + {"name":"Test Resource Server (Jun 11 18:23:33.220)","scopes":[{"value":"create:resource","description":"Create Resource"},{"value":"update:resource","description":"Update Resource"}],"signing_alg":"RS256","allow_offline_access":true,"token_lifetime":7200,"token_lifetime_for_web":5400,"skip_consent_for_verifiable_first_party_clients":true,"enforce_policies":true,"token_dialect":"access_token_authz"} form: {} headers: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bbba28a2652d689903c + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848cd684d1a66674afe59 method: PATCH response: proto: HTTP/2.0 @@ -66,13 +66,13 @@ interactions: trailer: {} content_length: -1 uncompressed: true - body: '{"id":"63d16bbba28a2652d689903c","name":"Test Resource Server (Jan 25 18:49:47.456)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"},{"value":"update:resource","description":"Update Resource"}],"signing_alg":"RS256","allow_offline_access":true,"token_lifetime":7200,"token_lifetime_for_web":5400,"skip_consent_for_verifiable_first_party_clients":true}' + body: '{"id":"666848cd684d1a66674afe59","name":"Test Resource Server (Jun 11 18:23:33.220)","identifier":"https://api.example.com/","scopes":[{"value":"create:resource","description":"Create Resource"},{"value":"update:resource","description":"Update Resource"}],"signing_alg":"RS256","allow_offline_access":true,"token_lifetime":7200,"token_lifetime_for_web":5400,"skip_consent_for_verifiable_first_party_clients":true,"enforce_policies":true,"token_dialect":"access_token_authz"}' headers: Content-Type: - application/json; charset=utf-8 status: 200 OK code: 200 - duration: 88.902625ms + duration: 329.648334ms - id: 2 request: proto: HTTP/1.1 @@ -90,8 +90,8 @@ interactions: Content-Type: - application/json User-Agent: - - Go-Auth0-SDK/latest - url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/63d16bbba28a2652d689903c + - Go-Auth0/1.6.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/resource-servers/666848cd684d1a66674afe59 method: DELETE response: proto: HTTP/2.0 @@ -107,4 +107,4 @@ interactions: - application/json; charset=utf-8 status: 204 No Content code: 204 - duration: 142.643208ms + duration: 315.163208ms