From 91e97ad9d6752f044d44ecba1242252e59c30ed1 Mon Sep 17 00:00:00 2001
From: Josh Cunningham <josh.cunningham@auth0.com>
Date: Tue, 30 Mar 2021 09:56:25 -0700
Subject: [PATCH] fix: header formatting for Incognia + release (#282)

* fix: header formatting for Incognia

* fix: header formatting for Incognia

* fix: header formatting for Incognia
---
 package-lock.json                    | 2 +-
 package.json                         | 2 +-
 rules.json                           | 4 ++--
 src/rules/incognia-authentication.js | 4 ++--
 src/rules/incognia-onboarding.js     | 4 ++--
 5 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 9bceb7b8..a5924b0f 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "rules-templates",
-  "version": "0.19.0",
+  "version": "0.19.1",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/package.json b/package.json
index e5345cc7..d11de26e 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "rules-templates",
-  "version": "0.19.0",
+  "version": "0.19.1",
   "description": "Auth0 Rules Repository",
   "main": "./rules",
   "scripts": {
diff --git a/rules.json b/rules.json
index 17d20f72..1310484b 100644
--- a/rules.json
+++ b/rules.json
@@ -518,7 +518,7 @@
         "categories": [
           "marketplace"
         ],
-        "description": "<p>Please see the <a href=\"https://marketplace.auth0.com/integrations/incognia-authentication\">Incognia Authentication integration</a> for more information and detailed installation instructions.</p>\n<p><strong>Required configuration</strong> (this Rule will be skipped if any of the below are not defined):</p>\n<ul>\n<li>INCOGNIA<em>CLIENT</em>ID: The client ID obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n<li>INCOGNIA<em>CLIENT</em>SECRET: The client secret obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n</ul>",
+        "description": "<p>Please see the <a href=\"https://marketplace.auth0.com/integrations/incognia-authentication\">Incognia Authentication integration</a> for more information and detailed installation instructions.</p>\n<p><strong>Required configuration</strong> (this Rule will be skipped if any of the below are not defined):</p>\n<ul>\n<li><code>INCOGNIA_CLIENT_ID</code>: The client ID obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n<li><code>INCOGNIA_CLIENT_SECRET</code>: The client secret obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n</ul>",
         "code": "async function incogniaAuthenticationRule(user, context, callback) {\n  const _ = require('lodash@4.17.19');\n\n  const { IncogniaAPI } = require('@incognia/api@1.0.0');\n\n  const { INCOGNIA_CLIENT_ID, INCOGNIA_CLIENT_SECRET } = configuration;\n\n  if (!INCOGNIA_CLIENT_ID || !INCOGNIA_CLIENT_SECRET) {\n    console.log('Missing required configuration. Skipping.');\n    return callback(null, user, context);\n  }\n\n  const installationId = _.get(\n    context,\n    'request.query.incognia_installation_id'\n  );\n  if (!installationId) {\n    console.log('Missing installation_id. Skipping.');\n    return callback(null, user, context);\n  }\n\n  const accountId = _.get(user, 'user_id');\n  if (!accountId) {\n    console.log('Missing user_id. Skipping.');\n    return callback(null, user, context);\n  }\n\n  let incogniaAPI;\n  if (global.incogniaAPI) {\n    incogniaAPI = global.incogniaAPI;\n  } else {\n    incogniaAPI = new IncogniaAPI({\n      clientId: INCOGNIA_CLIENT_ID,\n      clientSecret: INCOGNIA_CLIENT_SECRET\n    });\n    global.incogniaAPI = incogniaAPI;\n  }\n\n  try {\n    const loginAssessment = await incogniaAPI.registerLoginAssessment({\n      installationId: installationId,\n      accountId: accountId\n    });\n\n    // Incognia's risk assessment will be in a namespaced claim so it can be used in other rules\n    // for skipping/prompting MFA or in the mobile app itself to decide whether the user should be\n    // redirected to step-up auth for example.\n    context.idToken['https://www.incognia.com/assessment'] =\n      loginAssessment.riskAssessment;\n  } catch (error) {\n    console.log('Error calling Incognia API for a new login.');\n    return callback(error);\n  }\n\n  return callback(null, user, context);\n}"
       },
       {
@@ -528,7 +528,7 @@
         "categories": [
           "marketplace"
         ],
-        "description": "<p>Please see the <a href=\"https://marketplace.auth0.com/integrations/incognia-onboarding\">Incognia Onboarding integration</a> for more information and detailed installation instructions.</p>\n<p><strong>Required configuration</strong> (this Rule will be skipped if any of the below are not defined):</p>\n<ul>\n<li>INCOGNIA<em>CLIENT</em>ID: The client ID obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n<li>INCOGNIA<em>CLIENT</em>SECRET: The client secret obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n</ul>",
+        "description": "<p>Please see the <a href=\"https://marketplace.auth0.com/integrations/incognia-onboarding\">Incognia Onboarding integration</a> for more information and detailed installation instructions.</p>\n<p><strong>Required configuration</strong> (this Rule will be skipped if any of the below are not defined):</p>\n<ul>\n<li><code>INCOGNIA_CLIENT_ID</code>: The client ID obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n<li><code>INCOGNIA_CLIENT_SECRET</code>: The client secret obtained from Incognia's dashboard (My Apps &gt; API Credentials)</li>\n</ul>",
         "code": "async function incogniaOnboardingRule(user, context, callback) {\n  const _ = require('lodash@4.17.19');\n\n  const { IncogniaAPI } = require('@incognia/api@1.0.0');\n  const { Auth0UserUpdateUtilities } = require('@auth0/rule-utilities@0.2.0');\n\n  const {\n    INCOGNIA_CLIENT_ID,\n    INCOGNIA_CLIENT_SECRET,\n    INCOGNIA_HOME_ADDRESS_PROP\n  } = configuration;\n\n  if (!INCOGNIA_CLIENT_ID || !INCOGNIA_CLIENT_SECRET) {\n    console.log('Missing required configuration. Skipping.');\n    return callback(null, user, context);\n  }\n\n  const installationId = _.get(\n    context,\n    'request.query.incognia_installation_id'\n  );\n  if (!installationId) {\n    console.log('Missing installation_id. Skipping.');\n    return callback(null, user, context);\n  }\n\n  // User home address should be set using Auth0's Signup API for example. If the home address is\n  // not in 'user_metadata.home_address', please specify the path of the field inside the user\n  // object where the home address is through the INCOGNIA_HOME_ADDRESS_PROP configuration.\n  const homeAddressProp =\n    INCOGNIA_HOME_ADDRESS_PROP || 'user_metadata.home_address';\n  const homeAddress = _.get(user, homeAddressProp);\n  if (!homeAddress) {\n    console.log('Missing user home address. Skipping.');\n    return callback(null, user, context);\n  }\n\n  const userUtils = new Auth0UserUpdateUtilities(user, auth0, 'incognia');\n\n  const status = userUtils.getAppMeta('status');\n  // This rule was previously run and calculated the assessment successfully.\n  if (status && status !== 'pending') {\n    console.log(\n      'Assessment is already calculated or is unevaluable. Skipping.'\n    );\n    return callback(null, user, context);\n  }\n\n  let incogniaAPI;\n  if (global.incogniaAPI) {\n    incogniaAPI = global.incogniaAPI;\n  } else {\n    incogniaAPI = new IncogniaAPI({\n      clientId: INCOGNIA_CLIENT_ID,\n      clientSecret: INCOGNIA_CLIENT_SECRET\n    });\n    global.incogniaAPI = incogniaAPI;\n  }\n\n  let onboardingAssessment;\n  const signupId = userUtils.getAppMeta('signup_id');\n  // The rule was previously run, but Incognia could not assess the signup.\n  if (signupId) {\n    try {\n      onboardingAssessment = await incogniaAPI.getOnboardingAssessment(\n        signupId\n      );\n    } catch (error) {\n      console.log('Error calling Incognia API for signup previously submitted');\n      return callback(error);\n    }\n    // This is the first time the rule is being run with all necessary arguments.\n  } else {\n    try {\n      onboardingAssessment = await incogniaAPI.registerOnboardingAssessment({\n        installationId: installationId,\n        addressLine: homeAddress\n      });\n    } catch (error) {\n      console.log('Error calling Incognia API for new signup submission');\n      return callback(error);\n    }\n  }\n\n  /*\n   * Updates the status in the metadata now that the assessment was calculated. If the new\n   * assessment is valid, the status will go to evaluated and this rule won't be executed again.\n   * If Incognia still doesn't know how to assess the signup, it will try to calculate it again up\n   * to 48 hours after the first try.\n   */\n  const firstAssessmentAt = userUtils.getAppMeta('first_assessment_at');\n  let newStatus;\n  if (onboardingAssessment.riskAssessment !== 'unknown_risk') {\n    newStatus = 'evaluated';\n  } else if (!firstAssessmentAt) {\n    newStatus = 'pending';\n  } else {\n    const firstAssessmentAge =\n      Math.round(Date.now() / 1000) - firstAssessmentAt;\n    // 48 hours limit.\n    if (firstAssessmentAge > 172800) {\n      newStatus = 'unevaluable';\n    } else {\n      newStatus = 'pending';\n    }\n  }\n\n  const updatedMetadata = {\n    status: newStatus,\n    first_assessment_at: firstAssessmentAt || Math.round(Date.now() / 1000),\n    signup_id: onboardingAssessment.id,\n    assessment: onboardingAssessment\n  };\n\n  try {\n    userUtils.setAppMeta('incognia', updatedMetadata);\n    await userUtils.updateAppMeta();\n  } catch (error) {\n    console.log('Error calling Auth0 management API');\n    return callback(error);\n  }\n\n  return callback(null, user, context);\n}"
       },
       {
diff --git a/src/rules/incognia-authentication.js b/src/rules/incognia-authentication.js
index ca713016..a25597a7 100644
--- a/src/rules/incognia-authentication.js
+++ b/src/rules/incognia-authentication.js
@@ -8,8 +8,8 @@
  *
  * **Required configuration** (this Rule will be skipped if any of the below are not defined):
  *
- *    - INCOGNIA_CLIENT_ID: The client ID obtained from Incognia's dashboard (My Apps > API Credentials)
- *    - INCOGNIA_CLIENT_SECRET: The client secret obtained from Incognia's dashboard (My Apps > API Credentials)
+ *    - `INCOGNIA_CLIENT_ID`: The client ID obtained from Incognia's dashboard (My Apps > API Credentials)
+ *    - `INCOGNIA_CLIENT_SECRET`: The client secret obtained from Incognia's dashboard (My Apps > API Credentials)
  */
 
 async function incogniaAuthenticationRule(user, context, callback) {
diff --git a/src/rules/incognia-onboarding.js b/src/rules/incognia-onboarding.js
index f2d50dde..4aa7e822 100644
--- a/src/rules/incognia-onboarding.js
+++ b/src/rules/incognia-onboarding.js
@@ -8,8 +8,8 @@
  *
  * **Required configuration** (this Rule will be skipped if any of the below are not defined):
  *
- *    - INCOGNIA_CLIENT_ID: The client ID obtained from Incognia's dashboard (My Apps > API Credentials)
- *    - INCOGNIA_CLIENT_SECRET: The client secret obtained from Incognia's dashboard (My Apps > API Credentials)
+ *    - `INCOGNIA_CLIENT_ID`: The client ID obtained from Incognia's dashboard (My Apps > API Credentials)
+ *    - `INCOGNIA_CLIENT_SECRET`: The client secret obtained from Incognia's dashboard (My Apps > API Credentials)
  */
 
 async function incogniaOnboardingRule(user, context, callback) {