-
Notifications
You must be signed in to change notification settings - Fork 137
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[SDK-3118] Add attack protection endpoints (#316)
* Initial setup of attack protection spec + class * Test 'get breached-password-detection' endpoint * Test 'patch breached-password-detection' endpoint * Add brute-force-protection endpoint * Add suspicious-ip-throttling endpoint * Add method docs
- Loading branch information
1 parent
ed6722e
commit 14575fe
Showing
3 changed files
with
213 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,79 @@ | ||
| module Auth0 | ||
| module Api | ||
| module V2 | ||
| # Methods to use the attack-protection endpoints | ||
| module AttackProtection | ||
| attr_reader :attack_protection_path | ||
|
|
||
| # Get breached password detection settings | ||
| # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_breached_password_detection | ||
| # @return [json] The configuration for breached password detection | ||
| def breached_password_detection | ||
| get(breached_password_settings_path) | ||
| end | ||
| alias get_breached_password_detection_settings breached_password_detection | ||
|
|
||
| # Update breached password detection settings | ||
| # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_breached_password_detection | ||
| # @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_breached_password_detection for available options | ||
| # @return [json] The configuration for breached password detection | ||
| def patch_breached_password_detection(body) | ||
| patch(breached_password_settings_path, body) | ||
| end | ||
|
|
||
| # Get brute force protection settings. | ||
| # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_brute_force_protection | ||
| # @return [json] The configuration for brute force protection | ||
| def brute_force_protection | ||
| get(brute_force_protection_settings_path) | ||
| end | ||
| alias get_brute_force_protection_settings brute_force_protection | ||
|
|
||
| # Update brute force protection settings. | ||
| # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_brute_force_protection | ||
| # @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_brute_force_protection for available options | ||
| # @return [json] The configuration for brute force protection | ||
| def patch_brute_force_protection(body) | ||
| patch(brute_force_protection_settings_path, body) | ||
| end | ||
| alias update_brute_force_protection_settings patch_brute_force_protection | ||
|
|
||
| # Get suspicious IP throttling settings | ||
| # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/get_suspicious_ip_throttling | ||
| # @return The configuration for suspicious IP throttling | ||
| def suspicious_ip_throttling | ||
| get(suspicious_ip_throttling_settings_path) | ||
| end | ||
| alias get_suspicious_ip_throttling_settings suspicious_ip_throttling | ||
|
|
||
| # Update suspicious IP throttling settings | ||
| # @see https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_suspicious_ip_throttling | ||
| # @param body [hash] See https://auth0.com/docs/api/management/v2#!/Attack_Protection/patch_suspicious_ip_throttling for available options | ||
| # @return The configuration for suspicious IP throttling | ||
| def patch_suspicious_ip_throttling(body) | ||
| patch(suspicious_ip_throttling_settings_path, body) | ||
| end | ||
| alias update_suspicious_ip_throttling_settings patch_suspicious_ip_throttling | ||
|
|
||
| private | ||
|
|
||
| def attack_protection_path | ||
| @attack_protection_path ||= '/api/v2/attack-protection' | ||
| end | ||
| alias update_breached_password_detection_settings patch_breached_password_detection | ||
|
|
||
| def breached_password_settings_path | ||
| "#{attack_protection_path}/breached-password-detection" | ||
| end | ||
|
|
||
| def brute_force_protection_settings_path | ||
| "#{attack_protection_path}/brute-force-protection" | ||
| end | ||
|
|
||
| def suspicious_ip_throttling_settings_path | ||
| "#{attack_protection_path}/suspicious-ip-throttling" | ||
| end | ||
| end | ||
| end | ||
| end | ||
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,132 @@ | ||
| require 'spec_helper' | ||
|
|
||
| describe Auth0::Api::V2::AttackProtection do | ||
| before :all do | ||
| dummy_instance = DummyClass.new | ||
| dummy_instance.extend(Auth0::Api::V2::AttackProtection) | ||
| @instance = dummy_instance | ||
| end | ||
|
|
||
| context '.get breached-password-detection' do | ||
| it 'responds to a breached_password_detection method' do | ||
| expect(@instance).to respond_to(:breached_password_detection) | ||
| end | ||
|
|
||
| it 'responds to get_breached_password_detection_settings' do | ||
| expect(@instance).to respond_to(:get_breached_password_detection_settings) | ||
| end | ||
|
|
||
| it 'is expected to get /api/v2/attack-protection/breached-password' do | ||
| expect(@instance).to receive(:get).with( | ||
| '/api/v2/attack-protection/breached-password-detection' | ||
| ) | ||
|
|
||
| expect { @instance.breached_password_detection }.not_to raise_error | ||
| end | ||
| end | ||
|
|
||
| context '.patch breached-password-detection' do | ||
| it 'responds to a patch_breached_password_detection method' do | ||
| expect(@instance).to respond_to(:patch_breached_password_detection) | ||
| end | ||
|
|
||
| it 'responds to a update_breached_password_detection_settings method' do | ||
| expect(@instance).to respond_to(:update_breached_password_detection_settings) | ||
| end | ||
|
|
||
| it 'is expected to patch /api/v2/attack-protection/breached-password-detection' do | ||
| expect(@instance).to receive(:patch).with( | ||
| '/api/v2/attack-protection/breached-password-detection', | ||
| { | ||
| enabled: true | ||
| } | ||
| ) | ||
|
|
||
| @instance.patch_breached_password_detection({ | ||
| enabled: true | ||
| }) | ||
| end | ||
| end | ||
|
|
||
| context '.get brute_force_protection' do | ||
| it 'responds to brute_force_protection' do | ||
| expect(@instance).to respond_to(:brute_force_protection) | ||
| end | ||
|
|
||
| it 'responds to get_brute_force_protection_settings' do | ||
| expect(@instance).to respond_to(:get_brute_force_protection_settings) | ||
| end | ||
|
|
||
| it 'is expected to get /api/v2/attack-protection/brute-force-protection' do | ||
| expect(@instance).to receive(:get).with( | ||
| '/api/v2/attack-protection/brute-force-protection' | ||
| ) | ||
|
|
||
| expect { @instance.brute_force_protection }.not_to raise_error | ||
| end | ||
| end | ||
|
|
||
| context '.patch brute-force-protection' do | ||
| it 'responds to patch_brute-force-protection' do | ||
| expect(@instance).to respond_to(:patch_brute_force_protection) | ||
| end | ||
|
|
||
| it 'responds to update_brute_force_protection_settings' do | ||
| expect(@instance).to respond_to(:update_brute_force_protection_settings) | ||
| end | ||
|
|
||
| it 'is expected to respond to patch /api/v2/attack-protection/brute-force-protection' do | ||
| expect(@instance).to receive(:patch).with( | ||
| '/api/v2/attack-protection/brute-force-protection', | ||
| { | ||
| enabled: true | ||
| } | ||
| ) | ||
|
|
||
| @instance.patch_brute_force_protection({ | ||
| enabled: true | ||
| }) | ||
| end | ||
| end | ||
|
|
||
| context '.get suspicious-ip-throttling' do | ||
| it 'responds to suspicious_ip_throttling' do | ||
| expect(@instance).to respond_to(:suspicious_ip_throttling) | ||
| end | ||
|
|
||
| it 'responds to get_suspicious_ip_throttling_settings' do | ||
| expect(@instance).to respond_to(:get_suspicious_ip_throttling_settings) | ||
| end | ||
|
|
||
| it 'is expected to get /api/v2/attack-protection/suspicious-ip-throttling' do | ||
| expect(@instance).to receive(:get).with( | ||
| '/api/v2/attack-protection/suspicious-ip-throttling' | ||
| ) | ||
|
|
||
| expect { @instance.suspicious_ip_throttling }.not_to raise_error | ||
| end | ||
| end | ||
|
|
||
| context '.patch suspicious-ip-throttling' do | ||
| it 'responds to patch_suspicious_ip_throttling' do | ||
| expect(@instance).to respond_to(:patch_suspicious_ip_throttling) | ||
| end | ||
|
|
||
| it 'responds to update_suspicious_ip_throttling_settings' do | ||
| expect(@instance).to respond_to(:update_suspicious_ip_throttling_settings) | ||
| end | ||
|
|
||
| it 'is expected to patch /api/v2/attack-protection/suspicious-ip-throttling' do | ||
| expect(@instance).to receive(:patch).with( | ||
| '/api/v2/attack-protection/suspicious-ip-throttling', | ||
| { | ||
| enabled: true | ||
| } | ||
| ) | ||
|
|
||
| @instance.patch_suspicious_ip_throttling({ | ||
| enabled: true | ||
| }) | ||
| end | ||
| end | ||
| end |