diff --git a/examples/list-users.rb b/examples/list-users.rb index b02d58d..61c7446 100644 --- a/examples/list-users.rb +++ b/examples/list-users.rb @@ -10,6 +10,585 @@ # the sdk uses a cursor to keep requesting # chunks of users as you loop through -client.get_users.each do |user| - puts "#{user.id} - #{user.firstname} - #{user.email}" -end \ No newline at end of file +#puts client.get_users +#puts client.get_user(241015312) +#puts client.get_user_apps(241015312) +#puts client.get_user_roles(241015312) +#puts client.get_custom_attributes + +# user = client.create_user( +# firstname: "Mick61", +# lastname: "Fanning", +# email: "mick61@onelogin.com", +# username: "mick61" +# ) +# puts user + +# user = client.update_user(247555538, { +# "lastname":"Faming-Test", +# "state":3 +# }) + + +# puts user + +#puts client.delete_user(246747934) + +#puts client.get_custom_attribute(106461) + +# custom_attribute = client.create_custom_attribute(user_field: {"name":"Custom Field1","shortname":"customfield1"}) +# puts custom_attribute + +# custom_attribute = client.update_custom_attribute(106473,user_field: { +# "shortname":"test" +# }) + +# puts custom_attribute +#puts client.delete_custom_attribute(106474) + + +#Roles API Testing +#puts client.get_roles +#puts client.get_role(799770) +# role = client.create_role({"name": "testroleapicreatetwo"}) +# puts role + +# role_update = client.update_role(799770,{ +# "name":"test" +# }) + +# puts role_update +#puts client.delete_role(800416) + +#puts client.get_role_apps(749390) +# role_update = client.set_role_apps(799770,[3411502]) + +# puts role_update + #puts client.get_role_for_users(799770,"kmlkl") + #puts client.get_role_for_admins(799770,"dubey") + + # role_update = client.add_role_for_users(799770,[246747895]) + +# puts role_update + + # role_update = client.add_role_for_admins(800414,[241015312]) + + # puts role_update + +# puts client.remove_role_from_admins(800414,[241015312]) +#puts client.remove_role_from_admins(799770,[246747895]) + +# puts client.get_reports +# puts client.run_report(3) +# puts client.run_report_background(3) + +# saml_assertion = client.get_saml_assertion("anjani.dubey+mick@onelogin.com","password","3738336","anjani","123.45.678.9") +# #puts saml_assertion + +# state_token=saml_assertion['data'] +# p state_token +# saml_verify_factor = client.get_saml_assertion_verifying("3738336","20208361",state_token) +# puts saml_verify_factor + +# puts client.get_hooks + #puts client.get_hook("1bfc57ce-f35a-46f7-868a-01a7595505ef") +# puts client.get_hook_logs("3e9d9086-3e0f-4321-87c2-398000b5dece") + +# hook = client.create_hook({"type": "pre-authentication", +# "function": "", +# "disabled": false, +# "runtime": "nodejs12.x", +# "retries": 0, +# "timeout": 1, +# "options": { +# "risk_enabled": true, +# "location_enabled": false, +# "mfa_device_info_enabled": true +# }, +# "env_vars": [ +# "API_KEY" +# ], +# "packages": { +# "axios": "0.21.1" +# }, +# "conditions": [ +# { +# "source": "roles", +# "operator": "~", +# "value": "123456" +# } +# ]}) +# puts hook + + # puts client.delete_hook("3e9d9086-3e0f-4321-87c2-398000b5dece") +# env = client.create_env_var_hook({ +# "name": "API_KEY1", +# "value": "helloworld1" +# }) +# puts env + + +# hook_upd= client.update_hook("3e9d9086-3e0f-4321-87c2-398000b5dece",{ +# "type": "pre-authentication", +# "function": "", +# "disabled": false, +# "runtime": "nodejs18.x", +# "retries": 0, +# "timeout": 1, +# "options": { +# "risk_enabled": true, +# "location_enabled": false, +# "mfa_device_info_enabled": true +# }, +# "env_vars": [ +# "API_KEY" +# ], +# "packages": { +# "axios": "0.21.1" +# }, +# "conditions": [ +# { +# "source": "roles", +# "operator": "~", +# "value": "123456" +# } +# ] +# }) + +# puts hook_upd + +# puts client.get_env_var_hook("213387fe-188a-44ba-b17f-03331100a4a1") + +# puts client.list_env_var_hook + +# env_upd= client.update_env_var_hook("9ec07793-b84a-4e1e-9029-fb79952f64ac",{ +# "value":"helloworld" +# }) + +# puts env_upd + +# puts client.delete_env_var_hook("9ec07793-b84a-4e1e-9029-fb79952f64ac") + +# puts client.get_user_mappings + + +#puts client.get_user_mapping(716668) + +#puts client.delete_user_mapping(716668) +# user_mapping= client.create_user_mapping({ + +# "name": "My second Mapping", +# "match": "all", +# "enabled": true, + +# "conditions": [ +# { +# "source": "last_login", +# "operator": ">", +# "value": "90" +# } +# ], +# "actions": [ +# { +# "action": "set_status", +# "value": ["2"] +# } +# ] + +# }) + +# puts user_mapping + +# user_mapping_upd= client.update_user_mapping(716670,{ +# "name": "Suspend users after 120 days inactive", +# "match": "all", +# "enabled": true, +# "position": 1, +# "conditions": [ +# { +# "source": "last_login", +# "operator": ">", +# "value": "120" +# } +# ], +# "actions": [ +# { +# "action": "set_status", +# "value": ["2"] +# } +# ] +# }) + +# puts user_mapping_upd + +# dry_run= puts client.dry_run_user_mapping(716667,[246747895]) +# puts dry_run + +# puts client.get_user_mapping_conditions +# puts client.get_user_mapping_condition_operators("member_of") +# puts client.get_user_mapping_condition_values("has_role") +# puts client.get_user_mapping_condition_actions +# puts client.get_user_mapping_action_values("add_role") + +# bulk_sort= client.user_mapping_bulk_sort([716670,716667]) +# puts bulk_sort + +# risk_rules= client.create_risk_rules({ +# "name": "IP Blocklist for Guests test", +# "description": "Blocklist for guest account users test", +# "type": "blacklist", +# "target": "location.ip", +# "source": "guest-123", +# "filters": ["123.123.123.123"] +# }) + +# puts risk_rules + +# puts client.get_risk_rules + # puts client.get_risk_scores +# puts client.get_risk_rule(2865830758864389298) + #puts client.delete_risk_rule(2865830758864389298) + +# risk_rules_upd= client.update_risk_rules(2865830758864389298,{ +# "filters": ["123.123.123.123", "1.1.1.1"] +# }) + +# puts risk_rules_upd + + +# risk_events= client.track_risk_events( +# { +# "ip": "1.2.3.4", +# "verb": "log-in", +# "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3)...", +# "user": { +# "id": "US_112233", +# "name": "Eve Smith" +# }, +# "source": { +# "id": "1234", +# "name": "ABC Inc" +# }, +# "session": { +# "id": "xxxx-xxxxx-xxxxx-xxxxx" +# }, +# "device": { +# "id": "xxx-xxx-xxx" +# } +# }) + +# puts risk_events + + +# risk_verify= client.verify_risk_score( +# { +# "ip": "1.2.3.4", +# "verb": "log-in", +# "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3)...", +# "user": { +# "id": "US_112233", +# "name": "Eve Smith" +# }, +# "source": { +# "id": "1234", +# "name": "ABC Inc" +# }, +# "session": { +# "id": "xxxx-xxxxx-xxxxx-xxxxx" +# }, +# "device": { +# "id": "xxx-xxx-xxx" +# } +# }) + +# puts risk_verify + + +#App and app rule api testing + +# app= client.create_app( +# { +# "connector_id": 110016, +# "name": "SAML Custom Connector (Advanced)", +# "description": "", +# "visible": true, +# "configuration": { +# "signature_algorithm": "SHA-1", +# }, +# "parameters": { +# "saml_username": { +# "user_attribute_mappings": "email" +# } +# } +# }) + +# puts app + +#puts client.get_apps +#puts client.get_app(3411502) +#puts client.get_app_users(3411502) +# puts client.get_app_rules(3413059) +# puts client.get_app_rule(3413059, 689151) +# app_rules= client.create_apps_rules(3413059,{ +# "name": "My Second Rule", +# "match": "all", +# "enabled": true, + +# "conditions": [ +# { +# "source": "last_login", +# "operator": ">", +# "value": "90" +# } +# ], +# "actions": [ +# { +# "action": "set_nameidvalue", +# "value": ["member_of"] +# } +# ] +# }) + + # puts app_rules + + + # upd_app_rule= client.update_apps_rules(3413059, 722787, + # { + # "name": "Suspend users after 120 days inactive", + # "match": "all", + # "enabled": true, + # "position": 1, + # "conditions": [ + # { + # "source": "last_login", + # "operator": ">", + # "value": "120" + # } + # ], + # "actions": [ + # { + # "action": "set_nameidvalue", + # "value": ["member_of"] + # } + # ] + # }) + + # puts upd_app_rule + + # puts client.get_app_rule_conditions(3411502) + + # puts client.get_app_rule_condition_operators(3411502, "member_of") + # puts client.get_app_rule_condition_values(3411502, "has_role") + + + + #puts client.get_app_rule_actions(3411502) + + # puts client.get_app_rule_action_operators(3411502, "member_of") + # puts client.get_app_rule_action_values(3411502, "set_role") + +# bulk_sort_app_rule= client.app_rule_bulk_sort(3413059,[689151,689154]) +# puts bulk_sort_app_rule + + # puts client.delete_app_rule(3413059, 689151) + + # puts client.get_factors(246747885) + # puts client.get_enrolled_factors(246747885) + + #puts client.remove_factor(246747885,20208332) + +# activate_factor= client.activate_factor(246747885,{ +# "device_id": 20208361, +# "expires_in": 240 +# }) + +# puts activate_factor + +# puts client.generate_mfa_token(246747885) + +# enroll_factor= client.enroll_factor(241015312,115341,"Mick2","+919584165249") + +# puts enroll_factor + +# puts client.verify_enrollement_voice_factor(241015312, "ae553021-d83c-4999-b273-83ff68ba56b9") + + +# auth_server= client.create_authorization_server({ +# "name": "Contacts API New for test", +# "description": "This is a test api", +# "configuration": { +# "resource_identifier": "https://example.com/testcontacts", +# "audiences": ["https://example.com/testcontacts"], +# "access_token_expiration_minutes": 20, +# "refresh_token_expiration_minutes": 50 +# } +# }) + +# puts auth_server + + + # puts client.get_authorization_servers +# puts client.get_authorization_server(3767420) +# auth_server= puts client.update_authorization_server(3767420,{ +# "name": "Contacts API New for delete", +# "description": "This is a new api", +# "configuration": { +# "resource_identifier": "https://example.com/newcontacts", +# "audiences": ["https://example.com/newcontacts"], +# "access_token_expiration_minutes": 30, +# "refresh_token_expiration_minutes": 70 +# }}) +# puts auth_server +# puts client.delete_authorization_server(3767420) + +# access_token= puts client.add_access_token_claims(3767529,{ +# "name": "roles", +# "user_attribute_mappings": "roles", +# "attributes_transformations": "semicolon_separated_list" +# }) +# puts access_token + +# puts client.get_access_token_claims(3767529) + +# access_token= puts client.update_access_token_claims(3767529,788490,{ +# "name": "roles", +# "user_attribute_mappings": "roles", +# "attributes_transformations": "semicolon_separated_list" +# }) +# puts access_token + +# puts client.delete_access_token_claims(3767529,788502) + +# scope= puts client.add_scopes(3767529,{ +# "value": "updated:scope", +# "description": "A updated scope" +# }) +# puts scope + +# puts client.get_scopes(3767529) + +# scope= puts client.update_scopes(3767529,3187,{ +# "value": "updated:scope", +# "description": "A custom scope test" +# }) +# puts scope + +# puts client.delete_scope(3767529,3187) + +# clients= puts client.add_clients_apps(3767529, +# { +# "app_id": 3768827, +# "scopes": [3190] +# }) +# puts clients + + # puts client.get_clients_apps(3767529) + +# clients= puts client.update_clients_apps(3767529,3768827,{ +# "scopes": [3190, 3191] +# }) +# puts clients + +# puts client.delete_clients_apps(3767529,3768827) + + +# puts client.get_brands + +# brand = client.create_account_brand( +# { +# "enabled": true, +# "name": "Test Branding", +# "custom_support_enabled": false, +# "custom_color": "#1298b4", +# "custom_accent_color": "#b60012", +# "custom_masking_color": "#beefed", +# "custom_masking_opacity": 40, +# "enable_custom_label_for_login_screen": true, +# "custom_label_text_for_login_screen": "ACME Username or Email", +# "login_instruction_title": "ACME Login Instructions", +# "login_instruction": "To login, enter your ACME Username or Email. Reach out to help.desk@acme.org if you have trouble logging in.", +# "hide_onelogin_footer": true, +# "mfa_enrollment_message": "You must register with the OneLogin Protect app in order to login" +# } +# ) +# puts brand + +# puts client.get_brand(189323) + +# brand = client.update_brand(189323, { +# "enabled": false, +# "name": "Update Branding", +# "custom_support_enabled": false, +# "custom_color": "#1298b4" + +# }) + + +# puts brand + +# puts client.delete_brand(189323) + +# puts client.get_apps_assosiated_with_brand(189324) + +# puts client.get_message_templates(189324) + + +# mt = client.create_message_templates(189324, +# { +# "locale": "en", +# "type": "email_code_app_verification", +# "template": { +# "subject": "Email MFA App Verification Code for update", +# "html": "

Here is the code: {{otp_code}}

", +# "plain": "Here is the code to test: {{otp_code}}" +# } +# } +# ) +# puts mt + +# puts client.get_message_template(189324, 547842) + + +# mt = client.update_message_template(189324, 547842, +# { +# "locale": "en", +# "type": "email_code_app_verification", +# "template": { +# "subject": "Email MFA App Verification Code for updated one", +# "html": "

Here is the code: {{otp_code}}

", +# "plain": "Here is the code to update: {{otp_code}}" +# } +# } +# ) +# puts mt + +# puts client.delete_message_template(189324, 547842) + + +# puts client.get_message_template_by_type(189324, 'email_code_app_verification') + +# puts client.get_message_template_by_type_and_locale(189324, 'email_code_app_verification', 'en') + +# puts client.get_master_message_template_by_type('email_code_app_verification') + +# puts client.get_master_message_template_by_typeand_locale('email_code_app_verification', 'en') + + +# mtu = client.update_message_template_by_type_and_locale(189324, 'email_code_app_verification', 'en', +# { +# "template": { +# "subject": "Email MFA App Verification Code", +# "html": "

Here is the code: {{otp_code}}

", +# "plain": "Here is the code: {{otp_code}}" +# } +# } +# ) +# puts mtu + +# puts client.get_languages(189324) + +# puts client.get_languages(189324) + +# puts client.get_custom_messages(189324) + +# puts client.get_email_settings diff --git a/lib/onelogin/api/client.rb b/lib/onelogin/api/client.rb index 505e691..db169a5 100644 --- a/lib/onelogin/api/client.rb +++ b/lib/onelogin/api/client.rb @@ -331,7 +331,7 @@ def get_rate_limits # # @return [Array] list of User objects # - # @see {https://developers.onelogin.com/api-docs/1/users/get-users Get Users documentation} + # @see {https://developers.onelogin.com/api-docs/2/users/list-users Get Users documentation} def get_users(params = {}) clean_error prepare_token @@ -343,8 +343,12 @@ def get_users(params = {}) max_results: @max_results, params: params } - - return Cursor.new(self, url_for(GET_USERS_URL), options) + + return self.class.get( + url_for(GET_USERS_URL), + headers: authorized_headers, + query: params + ) rescue Exception => e @error = '500' @@ -360,7 +364,7 @@ def get_users(params = {}) # # @return [User] the user identified by the id # - # @see {https://developers.onelogin.com/api-docs/1/users/get-user-by-id Get User by ID documentation} + # @see {https://developers.onelogin.com/api-docs/2/users/get-user Get User by ID documentation} def get_user(user_id) clean_error prepare_token @@ -381,10 +385,7 @@ def get_user(user_id) ) if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return OneLogin::Api::Models::User.new(json_data['data'][0]) - end + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -403,7 +404,7 @@ def get_user(user_id) # # @return [Array] the apps of the user identified by the id # - # @see {https://developers.onelogin.com/api-docs/1/users/get-apps-for-user Get Apps for a User documentation} + # @see {https://developers.onelogin.com/api-docs/2/users/get-user-apps Get Apps for a User documentation} def get_user_apps(user_id) clean_error prepare_token @@ -422,7 +423,12 @@ def get_user_apps(user_id) max_results: @max_results } - return Cursor.new(self, url_for(GET_APPS_FOR_USER_URL, user_id), options) + #return Cursor.new(self, url_for(GET_APPS_FOR_USER_URL, user_id), options) + return self.class.get( + url_for(GET_APPS_FOR_USER_URL,user_id), + headers: authorized_headers, + max_results: @max_results + ) rescue Exception => e @error = '500' @@ -495,10 +501,7 @@ def get_custom_attributes custom_attributes = [] if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - custom_attributes = json_data['data'][0] - end + custom_attributes = response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -513,6 +516,166 @@ def get_custom_attributes nil end + # create Custom Attribute + # + # @param custom_attribute_params Custom Attribute data (name, shortname) + # + # @return [Custom Attribute] the created Custom Attribute + # + # @see {https://developers.onelogin.com/api-docs/2/users/create-custom-attribute create custom attribute documentation} + def create_custom_attribute(custom_attribute_params) + clean_error + prepare_token + + begin + url = url_for(CREATE_CUSTOM_ATTRIBUTE) + + response = self.class.post( + url, + headers: authorized_headers, + body: custom_attribute_params.to_json + ) + p 'custom attribute' + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Updates an custom attribute + # + # @param custom_attribute_id [Integer] Id + # @param custom_attribute_params Custom Attribute data (name, shortname) + # + # @return updated custom attribute + # + # @see {https://developers.onelogin.com/api-docs/2/users/update-custom-attribute update custom attribute documentation} + def update_custom_attribute(custom_attribute_id, custom_attribute_params) + clean_error + prepare_token + + begin + if custom_attribute_id.nil? || custom_attribute_id.to_s.empty? + @error = '400' + @error_description = "custom_attribute_id is required" + @error_attribute = "custom_attribute_id" + return + end + + url = url_for(UPDATE_CUSTOM_ATTRIBUTE, custom_attribute_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: custom_attribute_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # delete an custom attribute + # + # @param custom_attribute_id + # + # @return true or false for deleted custom attribute + # + # @see {https://developers.onelogin.com/api-docs/2/users/delete-custom-attribute delete custom attribute documentation} + def delete_custom_attribute(custom_attribute_id) + clean_error + prepare_token + + begin + if custom_attribute_id.nil? || custom_attribute_id.to_s.empty? + @error = '400' + @error_description = "custom_attribute_id is required" + @error_attribute = "custom_attribute_id" + return + end + + url = url_for(DELETE_CUSTOM_ATTRIBUTE, custom_attribute_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + # Gets Custom Attribute by ID. + # + # @param custom_attribute_id [Integer] Id of the user + # + # @return [custom_attribute] the custom_attribute identified by the id + # + # @see {https://developers.onelogin.com/api-docs/2/users/get-custom-attribute Get custom_attribute by ID documentation} + def get_custom_attribute(custom_attribute_id) + clean_error + prepare_token + + begin + if custom_attribute_id.nil? || custom_attribute_id.to_s.empty? + @error = '400' + @error_description = "custom_attribute_id is required" + @error_attribute = "custom_attribute_id" + return + end + + url = url_for(GET_CUSTOM_ATTRIBUTE, custom_attribute_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + # Creates an user # # @param user_params [Hash] User data (firstname, lastname, email, username, company, @@ -524,7 +687,7 @@ def get_custom_attributes # # @return [User] the created user # - # @see {https://developers.onelogin.com/api-docs/1/users/create-user Create User documentation} + # @see {https://developers.onelogin.com/api-docs/2/users/create-user Create User documentation} def create_user(user_params) clean_error prepare_token @@ -537,12 +700,9 @@ def create_user(user_params) headers: authorized_headers, body: user_params.to_json ) - + p response if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return OneLogin::Api::Models::User.new(json_data['data'][0]) - end + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -568,7 +728,7 @@ def create_user(user_params) # # @return [User] the modified user # - # @see {https://developers.onelogin.com/api-docs/1/users/update-user Update User by ID documentation} + # @see {https://developers.onelogin.com/api-docs/2/users/update-user Update User by ID documentation} def update_user(user_id, user_params) clean_error prepare_token @@ -590,10 +750,7 @@ def update_user(user_id, user_params) ) if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return OneLogin::Api::Models::User.new(json_data['data'][0]) - end + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -998,7 +1155,7 @@ def lock_user(user_id, minutes) # # @return [Boolean] if the action succeed # - # @see {https://developers.onelogin.com/api-docs/1/users/delete-user Delete User by ID documentation} + # @see {https://developers.onelogin.com/api-docs/2/users/delete-user Delete User by ID documentation} def delete_user(user_id) clean_error prepare_token @@ -1018,8 +1175,8 @@ def delete_user(user_id) headers: authorized_headers ) - if response.code == 200 - return handle_operation_response(response) + if response.code == 204 + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -1043,7 +1200,7 @@ def delete_user(user_id) # # @return [MFAToken] if the action succeed # - # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/generate-mfa-token Generate MFA Token documentation} + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/generate-mfa-token Generate MFA Token documentation} def generate_mfa_token(user_id, expires_in=259200, reusable=false) clean_error prepare_token @@ -1070,10 +1227,7 @@ def generate_mfa_token(user_id, expires_in=259200, reusable=false) ) if response.code == 201 - json_data = JSON.parse(response.body) - if !json_data.empty? - return OneLogin::Api::Models::MFAToken.new(json_data) - end + return response else @error = extract_status_code_from_response(response) @error_description = extract_error_message_from_response(response) @@ -1204,7 +1358,7 @@ def get_session_token_verified(device_id, state_token, otp_token=nil, allowed_or # # @return [Array] list of Connector objects # - # @see {https://developers.onelogin.com/api-docs/1/connectors/list-connectors List Connectors documentation} + # @see {https://developers.onelogin.com/api-docs/2/connectors/list-connectors List Connectors documentation} def get_connectors(params = {}) clean_error prepare_token @@ -1279,7 +1433,7 @@ def get_apps_v1(params = {}) # # @return [Array] list of OneLoginAppBasic objects # - # @see {https://developers.onelogin.com/api-docs/1/apps/list-apps Get Apps documentation} + # @see {https://developers.onelogin.com/api-docs/2/apps/list-apps Get Apps documentation} def get_apps(params = {}) clean_error prepare_token @@ -1322,7 +1476,7 @@ def get_apps(params = {}) # # @return [OneLoginApp] the created app # - # @see {https://developers.onelogin.com/api-docs/1/apps/create-app Create App documentation} + # @see {https://developers.onelogin.com/api-docs/2/apps/create-app Create App documentation} def create_app(app_params) clean_error prepare_token @@ -1363,9 +1517,11 @@ def create_app(app_params) # Gets a OneLoginApp resource. # + # @param app_id [Integer] Id of the app + # # @return [OneLoginApp] OneLoginApp object # - # @see {https://developers.onelogin.com/api-docs/1/apps/get-app Get App documentation} + # @see {https://developers.onelogin.com/api-docs/2/apps/get-app Get App documentation} def get_app(app_id) clean_error prepare_token @@ -1402,6 +1558,47 @@ def get_app(app_id) nil end + + # Gets a OneLoginApp users. + # + # @param app_id [Integer] Id of the app + # + # @return [OneLoginApp] OneLoginApp object + # + # @see {https://developers.onelogin.com/api-docs/2/apps/list-users Get App documentation} + def get_app_users(app_id) + clean_error + prepare_token + + begin + if app_id.nil? || app_id.to_s.empty? + @error = '400' + @error_description = "app_id is required" + @error_attribute = "app_id" + return + end + + url = url_for(LIST_APPS_USERS_URL, app_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + # Updates an app # # @param app_id [Integer] Id of the app @@ -1411,7 +1608,7 @@ def get_app(app_id) # # @return [User] the modified user # - # @see {https://developers.onelogin.com/api-docs/1/apps/update-app Update App by ID documentation} + # @see {https://developers.onelogin.com/api-docs/2/apps/update-app Update App by ID documentation} def update_app(app_id, app_params) clean_error prepare_token @@ -1456,7 +1653,7 @@ def update_app(app_id, app_params) # # @return [Boolean] if the action succeed # - # @see {https://developers.onelogin.com/api-docs/1/apps/delete-app Delete App by ID documentation} + # @see {https://developers.onelogin.com/api-docs/2/apps/delete-app Delete App by ID documentation} def delete_app(app_id) clean_error prepare_token @@ -1494,11 +1691,12 @@ def delete_app(app_id) # Deletes an App Parameter # # @param app_id [Integer] Id of the app + # # @param parameter_id [Integer] Id of the parameter to be removed # # @return [Boolean] if the action succeed # - # @see {https://developers.onelogin.com/api-docs/1/apps/delete-parameter Delete an App Parameter documentation} + # @see {https://developers.onelogin.com/api-docs/2/apps/delete-parameter Delete an App Parameter documentation} def delete_parameter_from_app(app_id, parameter_id) clean_error prepare_token @@ -1550,20 +1748,18 @@ def delete_parameter_from_app(app_id, parameter_id) # # @return [Array] list of Role objects # - # @see {https://developers.onelogin.com/api-docs/1/roles/get-roles Get Roles documentation} + # @see {https://developers.onelogin.com/api-docs/2/roles/list-roles Get Roles documentation} def get_roles(params = {}) clean_error prepare_token begin - options = { - model: OneLogin::Api::Models::Role, - headers: authorized_headers, - max_results: @max_results, - params: params - } - return Cursor.new(self, url_for(GET_ROLES_URL), options) + return self.class.get( + url_for(GET_ROLES_URL), + headers: authorized_headers, + query: params + ) rescue Exception => e @error = '500' @@ -1579,7 +1775,7 @@ def get_roles(params = {}) # # @return [Role] the role identified by the id # - # @see {https://developers.onelogin.com/api-docs/1/roles/get-role-by-id Get Role by ID documentation} + # @see {https://developers.onelogin.com/api-docs/2/roles/get-role Get Role by ID documentation} def get_role(role_id) clean_error prepare_token @@ -1600,10 +1796,7 @@ def get_role(role_id) ) if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return OneLogin::Api::Models::Role.new(json_data['data'][0]) - end + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -1616,57 +1809,78 @@ def get_role(role_id) nil end - ################# - # Event Methods # - ################# - # List of all OneLogin event types available to the Events API. + + # Create role # - # @return [Array] the list of event type + # params role_params [Hash] App data (name, apps, users, admins) # - # @see {https://developers.onelogin.com/api-docs/1/events/event-types Get Event Types documentation} - def get_event_types + # @return [Role] + # + # @see {https://developers.onelogin.com/api-docs/2/roles/create-role Create Role documentation} + def create_role(role_params) clean_error prepare_token begin - options = { - model: OneLogin::Api::Models::EventType, - headers: authorized_headers, - max_results: @max_results - } - - return Cursor.new(self, url_for(GET_EVENT_TYPES_URL), options) + url = url_for(CREATE_ROLE_URL) + response = self.class.post( + url, + headers: authorized_headers, + body: role_params.to_json + ) + puts response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end rescue Exception => e @error = '500' @error_description = e.message end - nil + false end - # Gets a list of Event resources. (if no limit provided, by default get 50 elements) + # Updates role # - # @param params [Hash] Parameters to filter the result of the list + # params role_id [Integer] + # params role_params [Hash] App data (name, apps, users, admins) # - # @return [Array] list of Event objects + # @return [Role] # - # @see {https://developers.onelogin.com/api-docs/1/events/get-events Get Events documentation} - def get_events(params={}) + # @see {https://developers.onelogin.com/api-docs/2/roles/update-role update Role documentation} + def update_role(role_id, role_params) clean_error prepare_token begin - options = { - model: OneLogin::Api::Models::Event, - headers: authorized_headers, - max_results: @max_results, - params: params - } - - return Cursor.new(self, url_for(GET_EVENTS_URL), options) + if role_id.nil? || role_id.to_s.empty? + @error = '400' + @error_description = "custom_attribute_id is required" + @error_attribute = "custom_attribute_id" + return + end + url = url_for(UPDATE_ROLES_URL, role_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: role_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end rescue Exception => e @error = '500' @error_description = e.message @@ -1675,112 +1889,104 @@ def get_events(params={}) nil end - # Gets Event by ID. + # delete role # - # @param event_id [Integer] Id of the Event + # params role_id [Integer] # - # @return [Event] the event identified by the id + # @return boolean # - # @see {https://developers.onelogin.com/api-docs/1/events/get-event-by-id Get Event by ID documentation} - def get_event(event_id) + # @see {https://developers.onelogin.com/api-docs/2/roles/delete-role delete Role documentation} + def delete_role(role_id) clean_error prepare_token begin - if event_id.nil? || event_id.to_s.empty? + if role_id.nil? || role_id.to_s.empty? @error = '400' - @error_description = "event_id is required" - @error_attribute = "event_id" + @error_description = "custom_attribute_id is required" + @error_attribute = "custom_attribute_id" return end - url = url_for(GET_EVENT_URL, event_id) + url = url_for(DELETE_ROLES_URL, role_id) - response = self.class.get( + response = self.class.delete( url, headers: authorized_headers ) - if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return OneLogin::Api::Models::Event.new(json_data['data'][0]) - end + if response.code == 204 + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e @error = '500' @error_description = e.message end - nil + false end - # Create an event in the OneLogin event log. + # get role apps # - # @param event_params [Hash] Event data (event_type_id, account_id, actor_system, - # actor_user_id, actor_user_name, app_id, - # assuming_acting_user_id, custom_message, - # directory_sync_run_id, group_id, group_name, - # ipaddr, otp_device_id, otp_device_name, - # policy_id, policy_name, role_id, role_name, - # user_id, user_name) + # params role_id [Integer] # - # @return [Boolean] the result of the operation + # @return role apps # - # @see {https://developers.onelogin.com/api-docs/1/events/create-event Create Event documentation} - def create_event(event_params) + # @see {https://developers.onelogin.com/api-docs/2/roles/get-role-apps Get Role Apps documentation} + def get_role_apps(role_id) clean_error prepare_token begin - url = url_for(CREATE_EVENT_URL) + if role_id.nil? || role_id.to_s.empty? + @error = '400' + @error_description = "role_id is required" + @error_attribute = "role_id" + return + end - response = self.class.post( - url, + return self.class.get( + url_for(GET_APPS_ROLE_URL,role_id), headers: authorized_headers, - body: event_params.to_json + max_results: @max_results ) - if response.code == 200 - return handle_operation_response(response) - else - @error = response.code.to_s - @error_description = extract_error_message_from_response(response) - @error_attribute = extract_error_attribute_from_response(response) - end rescue Exception => e @error = '500' @error_description = e.message end - false + nil end - ################# - # Group Methods # - ################# - - # Gets a list of Group resources (element of groups limited with the limit parameter). + # get role users # - # @return [Array] the list of groups + # params role_id [Integer], name # - # @see {https://developers.onelogin.com/api-docs/1/groups/get-groups Get Groups documentation} - def get_groups(params = {}) + # @return role apps + # + # @see {https://developers.onelogin.com/api-docs/2/roles/get-role-users Get Role Users documentation} + def get_role_for_users(role_id,name) clean_error prepare_token - begin - options = { - model: OneLogin::Api::Models::Group, - headers: authorized_headers, - max_results: @max_results, - params: params - } + if role_id.nil? || role_id.to_s.empty? + @error = '400' + @error_description = "role_id is required" + @error_attribute = "role_id" + return + end - return Cursor.new(self, url_for(GET_GROUPS_URL), options) + url=url_for(GET_ROLE_FOR_USERS_URL,role_id) + url= url+"?name=#{name}" + return self.class.get(url, + headers: authorized_headers, + max_results: @max_results + ) rescue Exception => e @error = '500' @@ -1790,41 +1996,34 @@ def get_groups(params = {}) nil end - # Gets Group by ID. + # get role for admins # - # @param group_id [Integer] Id of the Group + # params role_id [Integer], name # - # @return [Group] the group identified by the id + # @return role apps # - # @see {https://developers.onelogin.com/api-docs/1/groups/get-group-by-id Get Group by ID documentation} - def get_group(group_id) + # @see {https://developers.onelogin.com/api-docs/2/roles/get-role-admins Get Role Admins documentation} + def get_role_for_admins(role_id,name) clean_error prepare_token begin - if group_id.nil? || group_id.to_s.empty? + if role_id.nil? || role_id.to_s.empty? @error = '400' - @error_description = "group_id is required" - @error_attribute = "group_id" + @error_description = "role_id is required" + @error_attribute = "role_id" return end - url = url_for(GET_GROUP_URL, group_id) + url=url_for(GET_ROLE_FOR_ADMINS_URL,role_id) - response = self.class.get( - url, - headers: authorized_headers + url= url+"?name=#{name}" + + return self.class.get(url, + headers: authorized_headers, + max_results: @max_results ) - if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return OneLogin::Api::Models::Group.new(json_data['data'][0]) - end - else - @error = response.code.to_s - @error_description = extract_error_message_from_response(response) - end rescue Exception => e @error = '500' @error_description = e.message @@ -1833,50 +2032,39 @@ def get_group(group_id) nil end - ########################## - # SAML Assertion Methods # - ########################## - - # Generates a SAML Assertion. + # Set role App # - # @param username_or_email [String] username or email of the OneLogin user accessing the app - # @param password [String] Password of the OneLogin user accessing the app - # @param app_id [String] App ID of the app for which you want to generate a SAML token - # @param subdomain [String] subdomain of the OneLogin account related to the user/app - # @param ip_address [String] (Optional) whitelisted IP address that needs to be bypassed (some MFA scenarios) + # params role_id [Integer], apps # - # @return [SAMLEndpointResponse] object with an encoded SAMLResponse + # @return this will assign applications to a role # - # @see {https://developers.onelogin.com/api-docs/1/saml-assertions/generate-saml-assertion Generate SAML Assertion documentation} - def get_saml_assertion(username_or_email, password, app_id, subdomain, ip_address=nil) + # @see {https://developers.onelogin.com/api-docs/2/roles/set-role-apps set Apps for a Role documentation} + def set_role_apps(role_id, apps) clean_error prepare_token begin - url = url_for(GET_SAML_ASSERTION_URL) - - data = { - 'username_or_email'=> username_or_email, - 'password'=> password, - 'app_id'=> app_id, - 'subdomain'=> subdomain, - } - - unless ip_address.nil? || ip_address.empty? - data['ip_address'] = ip_address + if role_id.nil? || role_id.to_s.empty? + @error = '400' + @error_description = "role_id is required" + @error_attribute = "role_id" + return end - response = self.class.post( + url = url_for(SET_APPS_ROLE_URL, role_id) + + response = self.class.put( url, headers: authorized_headers, - body: data.to_json + body: apps.to_json ) - + p response if response.code == 200 - return handle_saml_endpoint_response(response) + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e @error = '500' @@ -1886,65 +2074,41 @@ def get_saml_assertion(username_or_email, password, app_id, subdomain, ip_addres nil end - # Verify a one-time password (OTP) value provided for a second factor when multi-factor authentication (MFA) is required for SAML authentication. + # Set role for users # - # @param app_id [String] App ID of the app for which you want to generate a SAML token - # @param devide_id [String] Provide the MFA device_id you are submitting for verification. - # @param state_token [String] Provide the state_token associated with the MFA device_id you are submitting for verification. - # @param otp_token [String] (Optional) Provide the OTP value for the MFA factor you are submitting for verification. - # @param url_endpoint [String] (Optional) Specify an url where return the response. - # @param do_not_notify [String] (Optional) When verifying MFA via Protect Push, set this to true to stop additional push notifications being sent to the OneLogin Protect device + # params role_id [Integer], users array # - # @return [SAMLEndpointResponse] object with an encoded SAMLResponse + # @return this will assign users to a role # - # @see {https://developers.onelogin.com/api-docs/1/saml-assertions/verify-factor Verify Factor documentation} - def get_saml_assertion_verifying(app_id, device_id, state_token, otp_token=nil, url_endpoint=nil, do_not_notify=false) + # @see {https://developers.onelogin.com/api-docs/2/roles/add-role-users set users for a Role documentation} + def add_role_for_users(role_id, user_array) clean_error prepare_token begin - if app_id.nil? || app_id.to_s.empty? - @error = '400' - @error_description = "app_id is required" - @error_attribute = "app_id" - return - end - - if device_id.nil? || device_id.to_s.empty? + if role_id.nil? || role_id.to_s.empty? @error = '400' - @error_description = "device_id is required" - @error_attribute = "device_id" + @error_description = "role_id is required" + @error_attribute = "role_id" return end - if url_endpoint.nil? || url_endpoint.empty? - url = url_for(GET_SAML_VERIFY_FACTOR) - else - url = url_endpoint - end - - data = { - 'app_id'=> app_id, - 'device_id'=> device_id.to_s, - 'state_token'=> state_token, - 'do_not_notify'=> do_not_notify - } - - unless otp_token.nil? || otp_token.empty? - data['otp_token'] = otp_token - end - + url = url_for(ADD_ROLE_FOR_USERS_URL, role_id) + p url response = self.class.post( url, headers: authorized_headers, - body: data.to_json + body: user_array.to_json ) + p response + if response.code == 200 - return handle_saml_endpoint_response(response) + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e @error = '500' @@ -1954,49 +2118,40 @@ def get_saml_assertion_verifying(app_id, device_id, state_token, otp_token=nil, nil end - ############################# - # Multi-factor Auth Methods # - ############################# - - # Returns a list of authentication factors that are available for user enrollment via API. + # Set role for admins # - # @param user_id [Integer] The id of the user. + # params role_id [Integer], admins array # - # @return [Array] AuthFactor list + # @return this will assign admins to a role # - # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/available-factors Get Available Authentication Factors documentation} - def get_factors(user_id) + # @see {https://developers.onelogin.com/api-docs/2/roles/add-role-admins set admins for a Role documentation} + def add_role_for_admins(role_id, admin_array) clean_error prepare_token - + p role_id begin - if user_id.nil? || user_id.to_s.empty? + if role_id.nil? || role_id.to_s.empty? @error = '400' - @error_description = "user_id is required" - @error_attribute = "user_id" + @error_description = "custom_attribute_id is required" + @error_attribute = "custom_attribute_id" return end - - url = url_for(GET_FACTORS_URL, user_id) - - response = self.class.get( + p admin_array + url = url_for(ADD_ROLE_FOR_ADMINS_URL, role_id) + p url + response = self.class.post( url, - :headers => authorized_headers + headers: authorized_headers, + body: admin_array.to_json ) - - factors = [] + p response if response.code == 200 - json_data = JSON.parse(response.body) - if json_data and json_data['data'] and json_data['data']['auth_factors'] - json_data['data']['auth_factors'].each do |factor_data| - factors << OneLogin::Api::Models::AuthFactor.new(factor_data) - end - end + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end - return factors rescue Exception => e @error = '500' @error_description = e.message @@ -2005,56 +2160,37 @@ def get_factors(user_id) nil end - # Enroll a user with a given authentication factor. + #Remove role for users # - # @param user_id [Integer] The id of the user. - # @param factor_id [Integer] The identifier of the factor to enroll the user with. - # @param display_name [String] A name for the users device. - # @param number [String] The phone number of the user in E.164 format. + # params role_id [Integer], users array # - # @return [OTPDevice] MFA device + # @return boolean # - # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/enroll-factor Enroll an Authentication Factor documentation} - def enroll_factor(user_id, factor_id, display_name, number) + # @see {https://developers.onelogin.com/api-docs/2/roles/remove-role-users remove users for a Role documentation} + + def remove_role_from_users(role_id, user_array) clean_error prepare_token begin - if user_id.nil? || user_id.to_s.empty? - @error = '400' - @error_description = "user_id is required" - @error_attribute = "user_id" - return - end - - if factor_id.nil? || factor_id.to_s.empty? + if role_id.nil? || role_id.to_s.empty? @error = '400' - @error_description = "factor_id is required" - @error_attribute = "factor_id" + @error_description = "role_id is required" + @error_attribute = "role_id" return end - url = url_for(ENROLL_FACTOR_URL, user_id) - - data = { - 'factor_id'=> factor_id.to_i, - 'display_name'=> display_name, - 'number'=> number - } + url = url_for(REMOVE_ROLE_FOR_USERS_URL, role_id) - response = self.class.post( + response = self.class.delete( url, - :headers => authorized_headers, - body: data.to_json + headers: authorized_headers, + body: admin_array.to_json ) - - if response.code == 200 - json_data = JSON.parse(response.body) - if json_data and json_data['data'] - return OneLogin::Api::Models::OTPDevice.new(json_data['data'][0]) - end + if response.code == 204 + return true else - @error = response.code.to_s + @error = extract_status_code_from_response(response) @error_description = extract_error_message_from_response(response) end rescue Exception => e @@ -2062,100 +2198,3973 @@ def enroll_factor(user_id, factor_id, display_name, number) @error_description = e.message end - nil + false end - # Return a list of authentication factors registered to a particular user for multifactor authentication (MFA) + + #Remove role for admin # - # @param user_id [Integer] The id of the user. + # params role_id [Integer], admin array # - # @return [Array] OTPDevice List + # @return boolean # - # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/enrolled-factors Get Enrolled Authentication Factors documentation} - def get_enrolled_factors(user_id) + # @see {https://developers.onelogin.com/api-docs/2/roles/remove-role-admins remove admins for a Role documentation} + def remove_role_from_admins(role_id, admin_array) clean_error prepare_token begin - if user_id.nil? || user_id.to_s.empty? + if role_id.nil? || role_id.to_s.empty? @error = '400' - @error_description = "user_id is required" - @error_attribute = "user_id" + @error_description = "role_id is required" + @error_attribute = "role_id" return end + url = url_for(REMOVE_ROLE_FOR_ADMINS_URL, role_id) - url = url_for(GET_ENROLLED_FACTORS_URL, user_id) - - response = self.class.get( + response = self.class.delete( url, - :headers => authorized_headers + headers: authorized_headers, + body: admin_array.to_json ) - otp_devices = [] - if response.code == 200 - json_data = JSON.parse(response.body) - if json_data and json_data['data'] and json_data['data']['otp_devices'] - json_data['data']['otp_devices'].each do |otp_device_data| - otp_devices << OneLogin::Api::Models::OTPDevice.new(otp_device_data) - end - end + if response.code == 204 + return true else - @error = response.code.to_s + @error = extract_status_code_from_response(response) @error_description = extract_error_message_from_response(response) end - return otp_devices rescue Exception => e @error = '500' @error_description = e.message end - nil + false end - # Triggers an SMS or Push notification containing a One-Time Password (OTP) - # that can be used to authenticate a user with the Verify Factor call. + ################# + # Event Methods # + ################# + + # List of all OneLogin event types available to the Events API. # - # @param user_id [Integer] The id of the user. + # @return [Array] the list of event type + # + # @see {https://developers.onelogin.com/api-docs/1/events/event-types Get Event Types documentation} + def get_event_types + clean_error + prepare_token + + begin + options = { + model: OneLogin::Api::Models::EventType, + headers: authorized_headers, + max_results: @max_results + } + + return Cursor.new(self, url_for(GET_EVENT_TYPES_URL), options) + + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Gets a list of Event resources. (if no limit provided, by default get 50 elements) + # + # @param params [Hash] Parameters to filter the result of the list + # + # @return [Array] list of Event objects + # + # @see {https://developers.onelogin.com/api-docs/1/events/get-events Get Events documentation} + def get_events(params={}) + clean_error + prepare_token + + begin + options = { + model: OneLogin::Api::Models::Event, + headers: authorized_headers, + max_results: @max_results, + params: params + } + + return Cursor.new(self, url_for(GET_EVENTS_URL), options) + + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Gets Event by ID. + # + # @param event_id [Integer] Id of the Event + # + # @return [Event] the event identified by the id + # + # @see {https://developers.onelogin.com/api-docs/1/events/get-event-by-id Get Event by ID documentation} + def get_event(event_id) + clean_error + prepare_token + + begin + if event_id.nil? || event_id.to_s.empty? + @error = '400' + @error_description = "event_id is required" + @error_attribute = "event_id" + return + end + + url = url_for(GET_EVENT_URL, event_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + json_data = JSON.parse(response.body) + if json_data && json_data['data'] + return OneLogin::Api::Models::Event.new(json_data['data'][0]) + end + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Create an event in the OneLogin event log. + # + # @param event_params [Hash] Event data (event_type_id, account_id, actor_system, + # actor_user_id, actor_user_name, app_id, + # assuming_acting_user_id, custom_message, + # directory_sync_run_id, group_id, group_name, + # ipaddr, otp_device_id, otp_device_name, + # policy_id, policy_name, role_id, role_name, + # user_id, user_name) + # + # @return [Boolean] the result of the operation + # + # @see {https://developers.onelogin.com/api-docs/1/events/create-event Create Event documentation} + def create_event(event_params) + clean_error + prepare_token + + begin + url = url_for(CREATE_EVENT_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: event_params.to_json + ) + + if response.code == 200 + return handle_operation_response(response) + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + ################# + # Group Methods # + ################# + + # Gets a list of Group resources (element of groups limited with the limit parameter). + # + # @return [Array] the list of groups + # + # @see {https://developers.onelogin.com/api-docs/1/groups/get-groups Get Groups documentation} + def get_groups(params = {}) + clean_error + prepare_token + + begin + options = { + model: OneLogin::Api::Models::Group, + headers: authorized_headers, + max_results: @max_results, + params: params + } + + return Cursor.new(self, url_for(GET_GROUPS_URL), options) + + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Gets Group by ID. + # + # @param group_id [Integer] Id of the Group + # + # @return [Group] the group identified by the id + # + # @see {https://developers.onelogin.com/api-docs/1/groups/get-group-by-id Get Group by ID documentation} + def get_group(group_id) + clean_error + prepare_token + + begin + if group_id.nil? || group_id.to_s.empty? + @error = '400' + @error_description = "group_id is required" + @error_attribute = "group_id" + return + end + + url = url_for(GET_GROUP_URL, group_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + json_data = JSON.parse(response.body) + if json_data && json_data['data'] + return OneLogin::Api::Models::Group.new(json_data['data'][0]) + end + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + ########################## + # SAML Assertion Methods # + ########################## + + # Generates a SAML Assertion. + # + # @param username_or_email [String] username or email of the OneLogin user accessing the app + # @param password [String] Password of the OneLogin user accessing the app + # @param app_id [String] App ID of the app for which you want to generate a SAML token + # @param subdomain [String] subdomain of the OneLogin account related to the user/app + # @param ip_address [String] (Optional) whitelisted IP address that needs to be bypassed (some MFA scenarios) + # + # @return [SAMLEndpointResponse] object with an encoded SAMLResponse + # + # @see {https://developers.onelogin.com/api-docs/2/saml-assertions/generate-saml-assertion Generate SAML Assertion documentation} + def get_saml_assertion(username_or_email, password, app_id, subdomain, ip_address=nil) + clean_error + prepare_token + + begin + url = url_for(GET_SAML_ASSERTION_URL) + + data = { + 'username_or_email'=> username_or_email, + 'password'=> password, + 'app_id'=> app_id, + 'subdomain'=> subdomain, + } + + unless ip_address.nil? || ip_address.empty? + data['ip_address'] = ip_address + end + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 200 + return response + #return handle_saml_endpoint_response(response) + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Verify a one-time password (OTP) value provided for a second factor when multi-factor authentication (MFA) is required for SAML authentication. + # + # @param app_id [String] App ID of the app for which you want to generate a SAML token + # @param devide_id [String] Provide the MFA device_id you are submitting for verification. + # @param state_token [String] Provide the state_token associated with the MFA device_id you are submitting for verification. + # @param otp_token [String] (Optional) Provide the OTP value for the MFA factor you are submitting for verification. + # @param url_endpoint [String] (Optional) Specify an url where return the response. + # @param do_not_notify [String] (Optional) When verifying MFA via Protect Push, set this to true to stop additional push notifications being sent to the OneLogin Protect device + # + # @return [SAMLEndpointResponse] object with an encoded SAMLResponse + # + # @see {https://developers.onelogin.com/api-docs/2/saml-assertions/verify-factor Verify Factor documentation} + def get_saml_assertion_verifying(app_id, device_id, state_token, otp_token=nil, url_endpoint=nil, do_not_notify=false) + clean_error + prepare_token + + begin + if app_id.nil? || app_id.to_s.empty? + @error = '400' + @error_description = "app_id is required" + @error_attribute = "app_id" + return + end + + if device_id.nil? || device_id.to_s.empty? + @error = '400' + @error_description = "device_id is required" + @error_attribute = "device_id" + return + end + + if url_endpoint.nil? || url_endpoint.empty? + url = url_for(GET_SAML_VERIFY_FACTOR) + else + url = url_endpoint + end + + data = { + 'app_id'=> app_id, + 'device_id'=> device_id.to_s, + 'state_token'=> state_token, + 'do_not_notify'=> do_not_notify + } + + unless otp_token.nil? || otp_token.empty? + data['otp_token'] = otp_token + end + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 200 + return response + #handle_saml_endpoint_response(response) + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + ############################# + # Multi-factor Auth Methods # adubey + ############################# + + # Returns a list of authentication factors that are available for user enrollment via API. + # + # @param user_id [Integer] The id of the user. + # + # @return [Array] AuthFactor list + # + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/available-factors Get Available Authentication Factors documentation} + def get_factors(user_id) + clean_error + prepare_token + + begin + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + + url = url_for(GET_FACTORS_URL, user_id) + + response = self.class.get( + url, + :headers => authorized_headers + ) + + if response.code == 200 + response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + return response + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + # Validate a users risk and send an MFA token via Email or SMS when the risk is above an + # + # @param user_identifier, phone,email and context + # + # @return an MFA token via Email or SMS + # + # @see {https://developers.onelogin.com/api-docs/2/smart-mfa/validate-user to validate a users risk and send an MFA token via Email or SMS documentation} + def get_smart_mfa(user_identifier,phone,email,context) + clean_error + prepare_token + + begin + url = url_for(GET_SMART_MFA_URL) + + data = { + 'user_identifier'=> user_identifier, + 'phone'=> phone, + 'email'=> email, + 'context'=> context, + } + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 200 + return response + #return handle_saml_endpoint_response(response) + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Gets Smart MFA Verify + # + # @param state_token and otp_token + # + # @return verify a MFA token + # + # @see {https://developers.onelogin.com/api-docs/2/smart-mfa/verify-token to verify a MFA token documentation} + def get_smart_mfa_veriffy(state_token,otp_token) + clean_error + prepare_token + + begin + url = url_for(GET_SMART_MFA_VERIFY) + + data = { + 'state_token'=> state_token, + 'otp_token'=> otp_token + } + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 200 + return response + #return handle_saml_endpoint_response(response) + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + # Enroll a user with a given authentication factor. + # + # @param user_id [Integer] The id of the user. + # @param factor_id [Integer] The identifier of the factor to enroll the user with. + # @param display_name [String] A name for the users device. + # @param number [String] The phone number of the user in E.164 format. + # + # @return [OTPDevice] MFA device + # + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/enroll-factor Enroll an Authentication Factor documentation} + def enroll_factor(user_id, factor_id, display_name, number) + clean_error + prepare_token + + begin + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + + if factor_id.nil? || factor_id.to_s.empty? + @error = '400' + @error_description = "factor_id is required" + @error_attribute = "factor_id" + return + end + + url = url_for(ENROLL_FACTOR_URL, user_id) + + data = { + 'factor_id'=> factor_id.to_i, + 'display_name'=> display_name, + 'number'=> number + } + + response = self.class.post( + url, + :headers => authorized_headers, + body: data.to_json + ) + + if response.success? + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Return a list of authentication factors registered to a particular user for multifactor authentication (MFA) + # + # @param user_id [Integer] The id of the user. + # + # @return [Array] OTPDevice List + # + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/enrolled-factors Get Enrolled Authentication Factors documentation} + def get_enrolled_factors(user_id) + clean_error + prepare_token + + begin + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + + url = url_for(GET_ENROLLED_FACTORS_URL, user_id) + + response = self.class.get( + url, + :headers => authorized_headers + ) + + if response.code == 200 + response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + return response + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Get verify enrollment for OneLogin Voice + # + # @param user_id [Integer] The id of the user, registration_id. + # + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/enroll-factor-verify-poll Get verify enrollment for OneLogin Voice documentation} + def verify_enrollement_voice_factor(user_id,registration_id) + clean_error + prepare_token + + begin + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + + url = url_for(VERIFY_ENROLLMENT_VOICE_FACTOR_URL, user_id, registration_id) + + response = self.class.get( + url, + :headers => authorized_headers + ) + + if response.code == 200 + response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + return response + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # This API endpoint must be used to confirm if a user has completed their Push or Voice verification or has clicked the emailed Magic Link + # + # @param user_id [Integer] The id of the user and verification_id. + # + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/verify-factor-pollGet verify completion of OneLogin Push or OneLogin Voice factors or email documentation} + def verify_auth_factor(user_id,verification_id) + clean_error + prepare_token + + begin + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + if verification_id.nil? || verification_id.to_s.empty? + @error = '400' + @error_description = "verification_id is required" + @error_attribute = "verification_id" + return + end + + url = url_for(VERIFY_AUTH_FACTOR_URL, user_id, verification_id) + + response = self.class.get( + url, + :headers => authorized_headers + ) + + if response.code == 200 + response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + return response + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Triggers an SMS or Push notification containing a One-Time Password (OTP) + # that can be used to authenticate a user with the Verify Factor call. + # + # @param user_id [Integer] The id of the user. + # @param device_id [Integer] The id of the MFA device. + # + # @return [FactorEnrollmentResponse] Info with User Id, Device Id, and OTP Device + # + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/activate-factor Activate an Authentication Factor documentation} + def activate_factor(user_id, device_id) + clean_error + prepare_token + + begin + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + p device_id + if device_id.nil? || device_id.to_s.empty? + @error = '400' + @error_description = "device_id is required" + @error_attribute = "device_id" + return + end + + url = url_for(ACTIVATE_FACTOR_URL, user_id) + + response = self.class.post( + url, + headers: authorized_headers, + body: device_id.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Authenticates a one-time password (OTP) code provided by a multifactor authentication (MFA) device. + # + # @param user_id [Integer] The id of the user. # @param device_id [Integer] The id of the MFA device. + # @param otp_token [String] OTP code provided by the device or SMS message sent to user. + # When a device like OneLogin Protect that supports Push has + # been used you do not need to provide the otp_token. + # @param state_token [String] The state_token is returned after a successful request + # to Enroll a Factor or Activate a Factor. + # MUST be provided if the needs_trigger attribute from + # the proceeding calls is set to true. + # + # @return [Boolean] True if Factor is verified + # + # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/verify-factor Verify an Authentication Factor documentation} + def verify_factor(user_id, device_id, otp_token=nil, state_token=nil) + clean_error + prepare_token + + begin + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + + if device_id.nil? || device_id.to_s.empty? + @error = '400' + @error_description = "device_id is required" + @error_attribute = "device_id" + return + end + + + url = url_for(VERIFY_FACTOR_URL, user_id, device_id) + + data = { + 'user_id'=> user_id, + 'device_id'=> device_id + } + + unless otp_token.nil? || otp_token.empty? + data['otp_token'] = otp_token + end + + unless state_token.nil? || state_token.empty? + data['state_token'] = state_token + end + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 200 + return handle_operation_response(response) + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + # Remove an enrolled factor from a user. + # + # @param user_id [Integer] The id of the user. + # @param device_id [Integer] The device_id of the MFA device. + # + # @return [Boolean] The result of the action + # + # @see {https://developers.onelogin.com/api-docs/2/multi-factor-authentication/remove-factor Remove a Factor documentation} + def remove_factor(user_id, device_id) + clean_error + prepare_token + + begin + + if user_id.nil? || user_id.to_s.empty? + @error = '400' + @error_description = "user_id is required" + @error_attribute = "user_id" + return + end + + if device_id.nil? || device_id.to_s.empty? + @error = '400' + @error_description = "device_id is required" + @error_attribute = "device_id" + return + end + + url = url_for(REMOVE_FACTOR_URL, user_id, device_id) + + response = self.class.delete( + url, + :headers => authorized_headers + ) + + if response.code == 200 + return true + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + return false + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + ######################## + # Invite Links Methods # + ######################## + + # Generates an invite link for a user that you have already created in your OneLogin account. + # + # @param email [String] Set to the email address of the user that you want to generate an invite link for. + # + # @return [String] the invitation link + # + # @see {https://developers.onelogin.com/api-docs/1/invite-links/generate-invite-link Generate Invite Link documentation} + def generate_invite_link(email) + clean_error + prepare_token + + begin + if email.nil? || email.to_s.empty? + @error = '400' + @error_description = "email is required" + @error_attribute = "email" + return + end + + url = url_for(GENERATE_INVITE_LINK_URL) + + data = { + 'email'=> email + } + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 200 + json_data = JSON.parse(response.body) + if json_data && json_data['data'] + return json_data['data'][0] + end + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Sends an invite link to a user that you have already created in your OneLogin account. + # + # @param email [String] Set to the email address of the user that you want to send an invite link for. + # @param personal_email [String] (Optional) If you want to send the invite email to an email other than the + # one provided in email, provide it here. The invite link will be + # sent to this address instead. + # + # @return [String] the result of the operation + # + # @see {https://developers.onelogin.com/api-docs/1/invite-links/send-invite-link Send Invite Link documentation} + def send_invite_link(email, personal_email=nil) + clean_error + prepare_token + + begin + url = url_for(SEND_INVITE_LINK_URL) + + data = { + 'email'=> email + } + + unless personal_email.nil? || personal_email.to_s.empty? + data['personal_email'] = personal_email + end + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 200 + return handle_operation_response(response) + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + # Lists apps accessible by a OneLogin user. + # + # @param token [String] Provide your embedding token. + # @param email [String] Provide the email of the user for which you want to return a list of embeddable apps. + # + # @return [Array] the embed apps + # + # @see {https://developers.onelogin.com/api-docs/1/embed-apps/get-apps-to-embed-for-a-user Get Apps to Embed for a User documentation} + def get_embed_apps(token, email) + clean_error + + begin + response = self.class.get( + EMBED_APP_URL, + headers: { + 'User-Agent' => @user_agent + }, + query: { + token: token, + email: email + } + ) + + if response.code == 200 && !(response.body.nil? || response.body.empty?) + return retrieve_apps_from_xml(response.body) + else + @error = response.code.to_s + unless response.body.nil? || response.body.empty? + @error_description = response.body + end + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + def retrieve_apps_from_xml(xml_content) + doc = Nokogiri::XML(xml_content) do |config| + config.options = NOKOGIRI_OPTIONS + end + + node_list = doc.xpath("/apps/app") + attributes = ['id', 'icon', 'name', 'provisioned', 'extension_required', 'personal', 'login_id'] + apps = [] + node_list.each do |node| + app_data = {} + node.children.each do |children| + if attributes.include? children.name + app_data[children.name] = children.content + end + end + apps << OneLogin::Api::Models::EmbedApp.new(app_data) + end + + apps + end + + ##################### + # Privilege Methods # + ##################### + + # Gets a list of the Privileges created in an account. + # + # @return [Array] list of privilege objects + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/list-privileges List Privileges documentation} + def get_privileges() + clean_error + prepare_token + + begin + + url = url_for(LIST_PRIVILEGES_URL) + + privileges = [] + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + json_data = JSON.parse(response.body) + if !json_data.empty? + json_data.each do |data| + privileges << OneLogin::Api::Models::Privilege.new(data) + end + end + return privileges + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Creates a Privilege + # + # @param name [string] The name of the privilege. + # @param version [string] The version for the privilege schema. Set to 2018-05-18. + # @param statements [Array] A list of statements. Statement object or a dict with the keys Effect, Action and Scope + # + # @return [Privilege] the created privilege + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/create-privilege Create Privilege documentation} + def create_privilege(name, version, statements) + clean_error + prepare_token + + begin + url = url_for(CREATE_PRIVILEGE_URL) + + statement_data = [] + for statement in statements + if statement.instance_of?(OneLogin::Api::Models::Statement) + statement_data << { + 'Effect' => statement.effect, + 'Action' => statement.actions, + 'Scope' => statement.scopes + } + elsif statement.instance_of?(Hash) && statement.has_key?('Effect') && statement.has_key?('Action') && statement.has_key?('Scope') + statement_data << statement + else + @error = 400.to_s + @error_description = "statements is invalid. Provide a list of statements. The statement should be an Statement object or dict with the keys Effect, Action and Scope" + return + end + end + + privilege_data = { + 'name' => name, + 'privilege' => { + 'Version'=> version, + 'Statement' => statement_data + } + } + + response = self.class.post( + url, + headers: authorized_headers, + body: privilege_data.to_json + ) + + if response.code == 201 + json_data = JSON.parse(response.body) + if json_data && json_data.has_key?('id') + return OneLogin::Api::Models::Privilege.new(json_data['id'], name, version, statements) + end + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Get a Privilege. + # + # @param privilege_id [string] Id of the privilege + # + # @return [Privilege] the privilege identified by the id + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/get-privilege Get Privilege documentation} + def get_privilege(privilege_id) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + url = url_for(GET_PRIVILEGE_URL, privilege_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + json_data = JSON.parse(response.body) + if json_data && json_data.has_key?('id') + return OneLogin::Api::Models::Privilege.new(json_data) + end + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Updates a Privilege + # + # @param privilege_id [string] The id of the privilege to be updated. + # @param name [string] The name of the privilege. + # @param version [string] The version for the privilege schema. Set to 2018-05-18. + # @param statements [Array] A list of statements. Statement object or a dict with the keys Effect, Action and Scope + # + # + # @return [Privilege] the modified privilege + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/update-privilege Update Privilege documentation} + def update_privilege(privilege_id, name, version, statements) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + url = url_for(UPDATE_PRIVILEGE_URL, privilege_id) + + statement_data = [] + for statement in statements + if statement.instance_of?(OneLogin::Api::Models::Statement) + statement_data << { + 'Effect' => statement.effect, + 'Action' => statement.actions, + 'Scope' => statement.scopes + } + elsif statement.instance_of?(Hash) && statement.has_key?('Effect') && statement.has_key?('Action') && statement.has_key?('Scope') + statement_data << statement + else + @error = 400.to_s + @error_description = "statements is invalid. Provide a list of statements. The statement should be an Statement object or dict with the keys Effect, Action and Scope" + return + end + end + + privilege_data = { + 'name' => name, + 'privilege' => { + 'Version'=> version, + 'Statement' => statement_data + } + } + + response = self.class.put( + url, + headers: authorized_headers, + body: privilege_data.to_json + ) + + if response.code == 200 + json_data = JSON.parse(response.body) + if json_data && json_data.has_key?('id') + return OneLogin::Api::Models::Privilege.new(json_data['id'], name, version, statements) + end + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Deletes a Privilege + # + # @param privilege_id [string] Id of the privilege to be removed. + # + # @return [Boolean] if the action succeed + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/delete-privilege Delete Privilege documentation} + def delete_privilege(privilege_id) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + url = url_for(DELETE_PRIVILEGE_URL, privilege_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return handle_operation_response(response) + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + # Gets a list of the roles assigned to a privilege. + # + # @param privilege_id [string] Id of the privilege. + # + # @return [Array] list of Role Id + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/get-roles Get Assigned Roles documentation} + def get_roles_assigned_to_privilege(privilege_id) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + options = { + headers: authorized_headers, + max_results: @max_results, + container: 'roles' + } + + return Cursor.new(self, url_for(GET_ROLES_ASSIGNED_TO_PRIVILEGE_URL, privilege_id), options) + + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Assign one or more roles to a privilege. + # + # @param privilege_id [string] Id of the privilege. + # @param role_ids [Array] Ids of the roles to be added. + # + # @return [Boolean] if the action succeed + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/assign-role Assign Roles documentation} + def assign_roles_to_privilege(privilege_id, role_ids) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + url = url_for(ASSIGN_ROLES_TO_PRIVILEGE_URL, privilege_id) + + data = { + 'roles' => role_ids + } + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 201 + return handle_operation_response(response) + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + # Removes one role from the privilege. + # + # @param privilege_id [string] Id of the privilege. + # @param role_id [Integer] Id of the role to be removed. + # + # @return [Boolean] if the action succeed + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/remove-role Remove Role documentation} + def remove_role_from_privilege(privilege_id, role_id) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + url = url_for(REMOVE_ROLE_FROM_PRIVILEGE_URL, privilege_id, role_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return true + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + # Gets a list of the users assigned to a privilege. + # + # @param privilege_id [string] Id of the privilege. + # + # @return [Array] list of User Id + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/get-users Get Assigned Users documentation} + def get_users_assigned_to_privilege(privilege_id) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + options = { + headers: authorized_headers, + max_results: @max_results, + container: 'users' + } + + return Cursor.new(self, url_for(GET_USERS_ASSIGNED_TO_PRIVILEGE_URL, privilege_id), options) + + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Assign one or more users to a privilege. + # + # @param privilege_id [string] Id of the privilege. + # @param user_ids [Array] Ids of the users to be added. + # + # @return [Boolean] if the action succeed + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/assign-users Assign Users documentation} + def assign_users_to_privilege(privilege_id, user_ids) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + url = url_for(ASSIGN_USERS_TO_PRIVILEGE_URL, privilege_id) + + data = { + 'users' => user_ids + } + + response = self.class.post( + url, + headers: authorized_headers, + body: data.to_json + ) + + if response.code == 201 + return handle_operation_response(response) + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + #run reports + # + # @param report_id [Integer] Id of the Report + # + # @return report results in JSON format + # + # @see {https://developers.onelogin.com/api-docs/2/reports/run-report run a given report on the spot and return its results in JSON format documentation} + def run_report(report_id) + clean_error + prepare_token + begin + if report_id.nil? || report_id.to_s.empty? + @error = '400' + @error_description = "report_id is required" + @error_attribute = "report_id" + return + end + + url=url_for(RUN_REPORTS_URL,report_id) + + url= url+"?id=#{report_id}" + return self.class.post(url, + headers: authorized_headers, + max_results: @max_results + ) + + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #run reports in background + # + # @param report_id [Integer] Id of the Report + # + # @return report results in CSV format to a specified email address + # + # @see {https://developers.onelogin.com/api-docs/2/reports/run-report run a given report in the background documentation} + def run_report_background(report_id) + clean_error + prepare_token + begin + if report_id.nil? || report_id.to_s.empty? + @error = '400' + @error_description = "report_id is required" + @error_attribute = "report_id" + return + end + p "url" + url=url_for(RUN_BACKGROUND_REPORTS_URL,report_id) + p "url1" + url= url+"?id=#{report_id}" + p url + return self.class.post(url, + headers: authorized_headers, + max_results: @max_results + ) + + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Removes one user from the privilege. + # + # @param privilege_id [string] Id of the privilege. + # @param user_id [Integer] Id of the user to be removed. + # + # @return [Boolean] if the action succeed + # + # @see {https://developers.onelogin.com/api-docs/1/privileges/remove-user Remove User documentation} + def remove_user_from_privilege(privilege_id, user_id) + clean_error + prepare_token + + begin + if privilege_id.nil? || privilege_id.to_s.empty? + @error = '400' + @error_description = "privilege_id is required" + @error_attribute = "privilege_id" + return + end + + url = url_for(REMOVE_USER_FROM_PRIVILEGE_URL, privilege_id, user_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return true + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + ##################### + # Hooks Methods # + ##################### + + # Gets a list of the Hooks. + # + # @return [Array] list of Hooks objects + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/list-hooks List Hooks documentation} + def get_hooks + clean_error + prepare_token + + begin + + url = url_for(LIST_SMART_HOOKS_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + hooks = [] + if response.code == 200 + hooks = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return hooks + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #get hook by ID + # + # @param hook_id [Integer] Id of the hook + # + # @return [hook] the hook identified by the id + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/get-hook Get hook by ID documentation} + def get_hook(hook_id) + clean_error + prepare_token + + begin + if hook_id.nil? || hook_id.to_s.empty? + @error = '400' + @error_description = "hook_id is required" + @error_attribute = "hook_id" + return + end + + url = url_for(GET_SMART_HOOK_URL, hook_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #get hook logs by ID + # + # @param hook_id [Integer] Id of the hook + # + # @return execution output logs for a given hook + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/get-hook-logs Get execution output logs for a given hook documentation} + def get_hook_logs(hook_id) + clean_error + prepare_token + + begin + if hook_id.nil? || hook_id.to_s.empty? + @error = '400' + @error_description = "hook_id is required" + @error_attribute = "hook_id" + return + end + url = url_for(GET_SMART_HOOK_LOGS_URL, hook_id) + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #create a new Hook Environment Variable + # + # @param env_hook_params + # + # @return Hook Environment Variable + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/create-environment-variable create a new Hook Environment Variable documentation} + def create_env_var_hook(env_hook_params) + clean_error + prepare_token + + begin + url = url_for(CREATE_ENV_VAR_HOOK_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: env_hook_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get Hook Environment Variable + # + # @param env_id + # + # @return Hook Environment Variable + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/get-environment-variable Get Hook Environment Variable documentation} + def get_env_var_hook(env_id) + clean_error + prepare_token + + begin + if env_id.nil? || env_id.to_s.empty? + @error = '400' + @error_description = "env_id is required" + @error_attribute = "env_id" + return + end + + url = url_for(GET_ENV_VAR_HOOK_URL, env_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Get Hook Environment Variable List + # + # @return Hook Environment Variable List + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/list-environment-variables Get Hook Environment Variable List documentation} + def list_env_var_hook + clean_error + prepare_token + + begin + + url = url_for(LIST_ENV_VAR_HOOKS_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Delete Hook Environment Variable + # + # @param env_id + # + # @return boolean + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/delete-environment-variable delete a Hook Environment Variable documentation} + def delete_env_var_hook(env_id) + clean_error + prepare_token + + begin + if env_id.nil? || env_id.to_s.empty? + @error = '400' + @error_description = "env_id is required" + @error_attribute = "env_id" + return + end + + url = url_for(DELETE_ENV_VAR_HOOK_URL, env_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + #Update Hook Environment Variable + # + # @param env_id, env_params + # + # @return boolean + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/update-environment-variable update Hook Environment Variable documentation} + def update_env_var_hook(env_id, env_params) + clean_error + prepare_token + + begin + if env_id.nil? || env_id.to_s.empty? + @error = '400' + @error_description = "env_id is required" + @error_attribute = "env_id" + return + end + + url = url_for(UPDATE_ENV_VAR_HOOK_URL, env_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: env_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #create hook + # + # @param hook_params + # + # @return a Hook + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/create-hook create a Hook documentation} + def create_hook(hook_params) + clean_error + prepare_token + + begin + url = url_for(CREATE_SMART_HOOK_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: hook_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #update hook + # + # @param hook_id, hook_params + # + # @return updated Hook + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/update-hook update a Hook documentation} + def update_hook(hook_id, hook_params) + clean_error + prepare_token + + begin + if hook_id.nil? || hook_id.to_s.empty? + @error = '400' + @error_description = "hook_id is required" + @error_attribute = "hook_id" + return + end + + url = url_for(UPDATE_SMART_HOOK_URL, hook_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: hook_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #delete hook + # + # @param hook_id + # + # @return boolean + # + # @see {https://developers.onelogin.com/api-docs/2/smart-hooks/delete-hook delete a Hook documentation} + def delete_hook(hook_id) + clean_error + prepare_token + + begin + if hook_id.nil? || hook_id.to_s.empty? + @error = '400' + @error_description = "hook_id is required" + @error_attribute = "hook_id" + return + end + + url = url_for(DELETE_SMART_HOOK_URL, hook_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + #get list of reports + # + # @return list fo reports + # + # @see {https://developers.onelogin.com/api-docs/2/reports/list-reports list of reports documentation} + def get_reports + clean_error + prepare_token + begin + + + url=url_for(LIST_REPORTS_URL) + + return self.class.get(url, + headers: authorized_headers, + max_results: @max_results + ) + + rescue Exception => e + p e.message + @error = '500' + @error_description = e.message + end + + nil + end + + + #User Mapping api + #Get User Mapping list + # + # @return list of user mapping + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/list-mappings list user mapping documentation} + def get_user_mappings + clean_error + prepare_token + + begin + + url = url_for(LIST_USER_MAPPING_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + user_mappings = [] + if response.code == 200 + user_mappings = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return user_mappings + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get user mapping by mapping id + # + # @param mapping_id + # + # @return user mapping by id + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/get-mapping a single User Mapping configuration documentation} + def get_user_mapping(mapping_id) + clean_error + prepare_token + + begin + if mapping_id.nil? || mapping_id.to_s.empty? + @error = '400' + @error_description = "mapping_id is required" + @error_attribute = "mapping_id" + return + end + + url = url_for(GET_USER_MAPPING_URL, mapping_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Create user mapping + # + # @param mapping_params + # + # @return a new user mapping configuration + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/create-mapping Create User Mapping configuration documentation} + def create_user_mapping(mapping_params) + clean_error + prepare_token + + begin + url = url_for(CREATE_USER_MAPPING_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: mapping_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Delete user mapping by mapping id + # + # @param mapping_id + # + # @return user mapping by id + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/delete-mapping Delete User Mapping configuration documentation} + def delete_user_mapping(mapping_id) + clean_error + prepare_token + + begin + if mapping_id.nil? || mapping_id.to_s.empty? + @error = '400' + @error_description = "mapping_id is required" + @error_attribute = "mapping_id" + return + end + + url = url_for(DELETE_USER_MAPPING_URL, mapping_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + #Update user mapping + # + # @param mapping_id, mapping_params + # + # @return updated user mapping configuration + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/update-mapping Update User Mapping configuration documentation} + def update_user_mapping(mapping_id, mapping_params) + clean_error + prepare_token + + begin + if mapping_id.nil? || mapping_id.to_s.empty? + @error = '400' + @error_description = "mapping_id is required" + @error_attribute = "mapping_id" + return + end + + url = url_for(UPDATE_USER_MAPPING_URL, mapping_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: mapping_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Dry Run user mapping + # + # @param maping_id, user_ids list + # + # @return perform a User Mappings dry run + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/dry-run-mapping perform a User Mappings dry run documentation} + def dry_run_user_mapping(mapping_id, user_ids) + clean_error + prepare_token + + begin + + url = url_for(DRY_RUN_USER_MAPPING_URL, mapping_id) + + response = self.class.post( + url, + headers: authorized_headers, + body: user_ids.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + p e.message + @error = '500' + @error_description = e.message + end + + nil + end + + #Get a list of user mapping condition + # + # @return list of the condition types + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/list-conditions list of the condition types that can be used to match users when mappings are run documentation} + def get_user_mapping_conditions + clean_error + prepare_token + + begin + + url = url_for(LIST_USER_MAPPING_CONDITION_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + user_mappings_condit = [] + if response.code == 200 + user_mappings_condit = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return user_mappings_condit + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get a list of possible operators for a given condition value + # + # @param condition_val + # + # @return list of possible operators for a given condition value + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/list-condition-operators list of possible operators for a given condition value documentation} + def get_user_mapping_condition_operators(condition_val) + clean_error + prepare_token + + begin + if condition_val.nil? || condition_val.to_s.empty? + @error = '400' + @error_description = "condition_val is required" + @error_attribute = "condition_val" + return + end + + url = url_for(LIST_USER_MAPPING_CONDITION_OPTS_URL, condition_val) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get a list of possible values to compare to a condition type + # + # @param condition_val + # + # @return a list of possible values to compare to a condition type + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/list-condition-values a list of possible values to compare to a condition type documentation} + def get_user_mapping_condition_values(condition_val) + clean_error + prepare_token + + begin + if condition_val.nil? || condition_val.to_s.empty? + @error = '400' + @error_description = "condition_val is required" + @error_attribute = "condition_val" + return + end + + url = url_for(LIST_USER_MAPPING_CONDITION_VALS_URL, condition_val) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Get a list of the actions that can be applied when a mapping runs + # + # @param condition_val + # + # @return list of the actions that can be applied when a mapping runs + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/list-actions list of the actions that can be applied when a mapping runs documentation} + def get_user_mapping_condition_actions + clean_error + prepare_token + + begin + + url = url_for(LIST_USER_MAPPING_ACTIONS_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + user_mappings_condit_actions = [] + if response.code == 200 + user_mappings_condit_actions = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return user_mappings_condit_actions + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get a list of possible values to set using a given action + # + # @param action_val + # + # @return list of possible values to set using a given action + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/list-action-values list of possible values to set using a given action documentation} + def get_user_mapping_action_values(action_val) + clean_error + prepare_token + + begin + if action_val.nil? || action_val.to_s.empty? + @error = '400' + @error_description = "action_val is required" + @error_attribute = "action_val" + return + end + + url = url_for(LIST_USER_MAPPING_ACTIONS_VAL_URL, action_val) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Sorted User Mapping + # + # @param mapping_ids + # + # @return Sorted List + # + # @see {https://developers.onelogin.com/api-docs/2/user-mappings/bulk-sort Mappings can be reordered individually by setting the position attribute documentation} + def user_mapping_bulk_sort(mapping_ids) + clean_error + prepare_token + + begin + if mapping_ids.nil? || mapping_ids.to_s.empty? + @error = '400' + @error_description = "action_val is required" + @error_attribute = "action_val" + return + end + + url = url_for(BULK_SORT_USER_MAPPING_URL) + + response = self.class.put( + url, + headers: authorized_headers, + body: mapping_ids.to_json + ) + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Create a custom rule to gain more control over the risk scoring of events + # + # @param risk_rules_params + # + # @return Creates a custom rule + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/create-rule Create a custom rule to gain more control over the risk scoring of events documentation} + def create_risk_rules(risk_rules_params) + clean_error + prepare_token + + begin + url = url_for(CREATE_RISK_RULES_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: risk_rules_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Get a list of Risk Service rule + # + # @return all of the rules that have been created in the Risk Sevice + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/get-rules all of the rules that have been created in the Risk Sevice documentation} + def get_risk_rules + clean_error + prepare_token + + begin + + url = url_for(LIST_RISK_RULES_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + risk = [] + if response.code == 200 + + risk = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return risk + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #This API to get a count of log-in events grouped by their risk score bucket + # + # @return a count of log-in events grouped by their risk score bucket + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/get-scores This API to get a count of log-in events grouped by their risk score bucket documentation} + def get_risk_scores + clean_error + prepare_token + + begin + + url = url_for(GET_RISK_SCORE_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + risk_score = [] + if response.code == 200 + risk_score = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return risk_score + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Get a single rule that has been created in the Risk Sevice + # + # @param risk_rule_id + # + # @return a single rule that has been created in the Risk Sevice + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/get-rule a single rule that has been created in the Risk Sevice documentation} + def get_risk_rule(risk_rule_id) + clean_error + prepare_token + + begin + if risk_rule_id.nil? || risk_rule_id.to_s.empty? + @error = '400' + @error_description = "risk_rule_id is required" + @error_attribute = "risk_rule_id" + return + end + + url = url_for(GET_RISK_RULES_URL, risk_rule_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #This Api perform a full or partial update on a rule that has been created in the Risk Sevice + # + # @param risk_rule_id, risk_rules_params + # + # @return a single rule that has been created in the Risk Sevice + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/update-rule a full or partial update on a rule that has been created in the Risk Sevice documentation} + def update_risk_rules(risk_rule_id, risk_rule_params) + clean_error + prepare_token + + begin + if risk_rule_id.nil? || risk_rule_id.to_s.empty? + @error = '400' + @error_description = "risk_rule_id is required" + @error_attribute = "risk_rule_id" + return + end + + url = url_for(UPDATE_RISK_RULESURL, risk_rule_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: risk_rule_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Delete rule that has been created in the Risk Sevice + # + # @param risk_rule_id + # + # @return Boolean + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/delete-rule Delete rule that has been created in the Risk Sevice documentation} + def delete_risk_rule(risk_rule_id) + clean_error + prepare_token + + begin + if risk_rule_id.nil? || risk_rule_id.to_s.empty? + @error = '400' + @error_description = "risk_rule_id is required" + @error_attribute = "risk_rule_id" + return + end + + url = url_for(DELETE_RISK_RULES_URL, risk_rule_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + #Train Vigilance AI and help it improve the accuracy of contextual risk scores + # + # @param risk_events_params + # + # @return to train Vigilance AI and help it improve the accuracy of contextual risk scores + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/train To train Vigilance AI and help it improve the accuracy of contextual risk scores documentation} + def track_risk_events(risk_events_params) + clean_error + prepare_token + + begin + url = url_for(TRACK_RISK_EVENTS_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: risk_events_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get a real-time risk score for a user before completing a critical task or action + # + # @return Risk Score + # + # @see {https://developers.onelogin.com/api-docs/2/vigilance/verify Get a real-time risk score for a user before completing a critical task or actiondocumentation} + def verify_risk_score(risk_score_verify_params) + clean_error + prepare_token + + begin + url = url_for(GET_RISK_VERIFY_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: risk_score_verify_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Create a App rule + # + # @param app_id, apps_rules_params + # + # @return Created App rule + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/create-rule Create an a new App Rule documentation} + def create_apps_rules(app_id, apps_rules_params) + clean_error + prepare_token + + begin + url = url_for(CREATE_APP_RULE_URL, app_id) + + response = self.class.post( + url, + headers: authorized_headers, + body: apps_rules_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Update App rule + # + # @param app_id, rule_id, apps_rules_params + # + # @return Updated App rule + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/update-rule Updated App Rule documentation} + def update_apps_rules(app_id,rule_id, apps_rules_params) + clean_error + prepare_token + + begin + url = url_for(UPDATE_APP_RULE_URL, app_id,rule_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: apps_rules_params.to_json + ) + p response + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + # Gets an app rule that been defined for an application. + # + # @param app_id, rule_id + # + # @return OneLogin App Rule objects + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/get-rule Get App Rule documentation} + def get_app_rule(app_id, rule_id) + clean_error + prepare_token + + begin + url = url_for(GET_APPS_RULE_URL, app_id, rule_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Gets a list of app rules that been defined for an application. + # + # @param app_id + # + # @return [Array] list of OneLoginAppRuleBasic objects + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/list-rules Get App Rules List documentation} + def get_app_rules(app_id) + clean_error + prepare_token + + begin + url = url_for(LIST_APPS_RULES_URL, app_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = extract_status_code_from_response(response) + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Gets a list of the condition types that can be used to match users when app rules are run. + # + # @param app_id + # + # @return a list of the condition types that can be used to match users when app rules are run + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/list-conditions Get a list of the condition types that can be used to match users when app rules are run documentation} + def get_app_rule_conditions(app_id) + clean_error + prepare_token + + begin + + url = url_for(LIST_APPS_RULES_CONDITION_URL,app_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + app_rule = [] + if response.code == 200 + app_rule = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return app_rule + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + # Gets a list of possible operators for a given condition value + # + # @param app_id,condition_val + # + # @return a list of possible operators for a given condition value + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/list-condition-operators Get a list of possible operators for a given condition value documentation} + def get_app_rule_condition_operators(app_id, condition_val) + clean_error + prepare_token + + begin + if condition_val.nil? || condition_val.to_s.empty? + @error = '400' + @error_description = "condition_val is required" + @error_attribute = "condition_val" + return + end + + url = url_for(LIST_APPS_RULES_CONDITION_OPTS_URL,app_id, condition_val) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + # Gets a list of possible values to compare to a condition type + # + # @param app_id,condition_val + # + # @return a list of possible values to compare to a condition type + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/list-condition-values Get a list of possible values to compare to a condition type documentation} + def get_app_rule_condition_values(app_id, condition_val) + clean_error + prepare_token + + begin + if condition_val.nil? || condition_val.to_s.empty? + @error = '400' + @error_description = "condition_val is required" + @error_attribute = "condition_val" + return + end + + url = url_for(LIST_APPS_RULES_CONDITION_VALS_URL,app_id, condition_val) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + # Gets a list of the actions that can be applied when an App Rule runs + # + # @param app_id + # + # @return a list of the actions that can be applied when an App Rule runs + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/list-actions Get a list of the actions that can be applied when an App Rule runs documentation} + def get_app_rule_actions(app_id) + clean_error + prepare_token + + begin + + url = url_for(LIST_APPS_RULES_ACTIONS_URL,app_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + app_rule_actions = [] + if response.code == 200 + app_rule_actions = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return app_rule_actions + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + # Gets a list of possible values to set using a given action + # + # @param app_id,action_val + # + # @return a list of possible values to set using a given action + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/list-action-values Get a list of possible values to set using a given action documentation} + def get_app_rule_action_values(app_id, action_val) + clean_error + prepare_token + + begin + if action_val.nil? || action_val.to_s.empty? + @error = '400' + @error_description = "action_val is required" + @error_attribute = "action_val" + return + end + + url = url_for(LIST_APPS_RULES_ACTIONS_VAL_URL,app_id, action_val) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Sorted App Rule + # + # @param app_id, rule_ids + # + # @return Sorted List + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/bulk-sort App Rule can be reordered individually by setting the position attribute documentation} + def app_rule_bulk_sort(app_id, rule_ids) + clean_error + prepare_token + + begin + if app_id.nil? || app_id.to_s.empty? + @error = '400' + @error_description = "aapp_idction_val is required" + @error_attribute = "app_id" + return + end + + url = url_for(BULK_SORT_APPS_RULES_URL, app_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: rule_ids.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Delete App Rule by ID + # + # @param app_id,rule_id + # + # @return boolean + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/delete-rule Delete App Rule runs documentation} + def delete_app_rule(app_id,rule_id) + clean_error + prepare_token + + begin + if app_id.nil? || app_id.to_s.empty? + @error = '400' + @error_description = "app id is required" + @error_attribute = "app_id" + return + end + + url = url_for(DELETE_APP_RULE_URL, app_id, rule_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + #API Authorization Server + #Create a authorization server params + # + # @param authorization_server_params + # + # @return Created authorization server + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/create Create Authorization Server documentation} + def create_authorization_server(authorization_server_params) + clean_error + prepare_token + + begin + + url = url_for(CREATE_AUTHORIZATION_SERVER_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: authorization_server_params.to_json + ) + + if response.success? + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get list of authorization servers + # + # @return list of authorization servers + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/list list of authorization servers documentation} + def get_authorization_servers + clean_error + prepare_token + + begin + + url = url_for(LIST_AUTHORIZATION_SERVER_URL) + + response = self.class.get( + url, + headers: authorized_headers + ) + + auth_server = [] + if response.code == 200 + auth_server = response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + + return auth_server + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Get a single Authorization Server Configuration + # + # @param authorization_server_id + # + # @return API authorization configuration + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/get Get API authorization configuration documentation} + def get_authorization_server(authorization_server_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(GET_AUTHORIZATION_SERVER_URL, authorization_server_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Update an Authorization Server + # + # @param authorization_server_id,authorization_server_params + # + # @return Updated Authorization Server + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/update Update an Authorization Server documentation} + def update_authorization_server(authorization_server_id, authorization_server_params) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(UPDATE_AUTHORIZATION_SERVER_URL, authorization_server_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: authorization_server_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Delete Authorization Server + # + # @param authorization_server_id + # + # @return Boolean + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/delete Delete Authorization Server documentation} + def delete_authorization_server(authorization_server_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(DELETE_AUTHORIZATION_SERVER_URL, authorization_server_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + false + end + + #Add a custom claim to the Access Tokens that get generated by the Authorization Server + # + # @param authorization_server_id,access_token_params + # + # @return added access token claims + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/add-claim Add a custom claim to the Access Tokens that get generated by the Authorization Server documentation} + def add_access_token_claims(authorization_server_id, access_token_params) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(ADD_ACCESS_TOKEN_CLAIMS_URL, authorization_server_id) + + response = self.class.post( + url, + headers: authorized_headers, + body: access_token_params.to_json + ) + + if response.success? + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get list of access token claims + # + # @return list of access token claims + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/list-claims list of access token claims documentation} + def get_access_token_claims(authorization_server_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(LIST_ACCESS_TOKEN_CLAIMS_URL, authorization_server_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + + #Update an Access Token + # + # @param authorization_server_id,access_token_claim_params + # + # @return Updated access_token_claim_params + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/update-claim Update an access_token_claim_params documentation} + def update_access_token_claims(authorization_server_id,claim_id, access_token_claim_params) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(UPDATE_ACCESS_TOKEN_CLAIMS_URL, authorization_server_id, claim_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: access_token_claim_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + p e.message + @error = '500' + @error_description = e.message + end + + nil + end + + #Delete an Access Token + # + # @param authorization_server_id,claim_id + # + # @return boolean + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/delete-claim Delete an access_token_claim_params documentation} + def delete_access_token_claims(authorization_server_id,claim_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(DELETE_ACCESS_TOKEN_CLAIMS_URL, authorization_server_id, claim_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + + @error = '500' + @error_description = e.message + end + + nil + end + + #Add a scope to the Authorization Server + # + # @param authorization_server_id,scope_params + # + # @return scope + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/add-scope Add a scope to the Authorization Server documentation} + def add_scopes(authorization_server_id, access_token_params) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(ADD_SCOPE_URL, authorization_server_id) + + response = self.class.post( + url, + headers: authorized_headers, + body: access_token_params.to_json + ) + + if response.success? + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get list of scopes + # + # @return list of scopes + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/list-scopes list of scopes documentation} + def get_scopes(authorization_server_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(LIST_SCOPE_URL, authorization_server_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Update Scope + # + # @param authorization_server_id,scope_id,scope_params + # + # @return Updated scope_params + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/update-scope Update Scope documentation} + def update_scopes(authorization_server_id,scope_id, scope_params) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(UPDATE_SCOPE_URL, authorization_server_id, scope_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: scope_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + p e.message + @error = '500' + @error_description = e.message + end + + nil + end + + #Delete Scope + # + # @param authorization_server_id,scope_id + # + # @return boolean + # + # @see {hhttps://developers.onelogin.com/api-docs/2/api-authorization/delete-scope Delete Scope documentation} + def delete_scope(authorization_server_id,scope_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(DELETE_SCOPE_URL, authorization_server_id, scope_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + + @error = '500' + @error_description = e.message + end + + nil + end + + #Add clients apps + # + # @param authorization_server_id,clients_params + # + # @return clients apps + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/add-client-app Add clients apps documentation} + def add_clients_apps(authorization_server_id, clients_params) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(ADD_CLIENTS_APPS_URL, authorization_server_id) + + response = self.class.post( + url, + headers: authorized_headers, + body: clients_params.to_json + ) + + if response.success? + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + p e.message + @error = '500' + @error_description = e.message + end + + nil + end + + + #Get list of clients apps # - # @return [FactorEnrollmentResponse] Info with User Id, Device Id, and OTP Device + #@param authorization_server_id # - # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/activate-factor Activate an Authentication Factor documentation} - def activate_factor(user_id, device_id) + # @return list of client apps + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/list-client-apps list of clients apps documentation} + def get_clients_apps(authorization_server_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? + @error = '400' + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" + return + end + + url = url_for(LIST_CLIENTS_APPS_URL, authorization_server_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Update Clients Apps + # + # @param authorization_server_id, client_app_id, client_app_params + # + # @return Updated access_token_claim_params + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/update-client-app Update an clients apps documentation} + def update_clients_apps(authorization_server_id,client_app_id, client_app_params) clean_error prepare_token begin - if user_id.nil? || user_id.to_s.empty? + if authorization_server_id.nil? || authorization_server_id.to_s.empty? @error = '400' - @error_description = "user_id is required" - @error_attribute = "user_id" + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" return end - if device_id.nil? || device_id.to_s.empty? + url = url_for(UPDATE_CLIENTS_APPS_URL, authorization_server_id, client_app_id) + + response = self.class.put( + url, + headers: authorized_headers, + body: client_app_params.to_json + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + p e.message + @error = '500' + @error_description = e.message + end + + nil + end + + #Delete Clients Apps + # + # @param authorization_server_id,client_app_id + # + # @return boolean + # + # @see {https://developers.onelogin.com/api-docs/2/api-authorization/delete-client-app Delete Clients Apps documentation} + def delete_clients_apps(authorization_server_id,client_app_id) + clean_error + prepare_token + + begin + if authorization_server_id.nil? || authorization_server_id.to_s.empty? @error = '400' - @error_description = "device_id is required" - @error_attribute = "device_id" + @error_description = "authorization_server_id is required" + @error_attribute = "authorization_server_id" return end - url = url_for(ACTIVATE_FACTOR_URL, user_id, device_id) + url = url_for(DELETE_CLIENTS_APPS_URL, authorization_server_id, client_app_id) - response = self.class.post( + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + + @error = '500' + @error_description = e.message + end + + nil + end + + ##################### + # Brands Methods # + ##################### + + # Gets a list of the Brands. + # + # @return [Array] list of Brands objects + # + # @see {https://developers.onelogin.com/api-docs/2/branding/list-account-brands List Brands documentation} + def get_brands + clean_error + prepare_token + + begin + + url = url_for(LIST_ACCOUNT_BRANDS_URL) + + response = self.class.get( url, headers: authorized_headers ) + brands = [] if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return OneLogin::Api::Models::FactorEnrollmentResponse.new(json_data['data'][0]) - end + brands = response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) end + + return brands rescue Exception => e @error = '500' @error_description = e.message @@ -2164,64 +6173,194 @@ def activate_factor(user_id, device_id) nil end - # Authenticates a one-time password (OTP) code provided by a multifactor authentication (MFA) device. + #Create a Brand # - # @param user_id [Integer] The id of the user. - # @param device_id [Integer] The id of the MFA device. - # @param otp_token [String] OTP code provided by the device or SMS message sent to user. - # When a device like OneLogin Protect that supports Push has - # been used you do not need to provide the otp_token. - # @param state_token [String] The state_token is returned after a successful request - # to Enroll a Factor or Activate a Factor. - # MUST be provided if the needs_trigger attribute from - # the proceeding calls is set to true. + # @param brand_params # - # @return [Boolean] True if Factor is verified + # @return Created Brand # - # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/verify-factor Verify an Authentication Factor documentation} - def verify_factor(user_id, device_id, otp_token=nil, state_token=nil) + # @see {https://developers.onelogin.com/api-docs/2/branding/create-account-brand Create Account Brand documentation} + def create_account_brand(brand_params) clean_error prepare_token begin - if user_id.nil? || user_id.to_s.empty? + + url = url_for(CREATE_ACCOUNT_BRANDS_URL) + + response = self.class.post( + url, + headers: authorized_headers, + body: brand_params.to_json + ) + + if response.success? + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Get Brand + # + #@param brand_id + # + # @return brand + # + # @see {https://developers.onelogin.com/api-docs/2/branding/get-account-brand Get Brand documentation} + def get_brand(brand_id) + clean_error + prepare_token + + begin + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "user_id is required" - @error_attribute = "user_id" + @error_description = "brand_id is required" + @error_attribute = "authorization_server_id" return end - if device_id.nil? || device_id.to_s.empty? + url = url_for(GET_ACCOUNT_BRANDS_URL, brand_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end + + #Update Brand + # + # @param brand_id, brand_params + # + # @return Updated Brand + # + # @see {https://developers.onelogin.com/api-docs/2/branding/update-account-brand Update brand documentation} + def update_brand(brand_id, brand_params) + clean_error + prepare_token + + begin + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "device_id is required" - @error_attribute = "device_id" + @error_description = "brand_id is required" + @error_attribute = "brand_id" return end + url = url_for(UPDATE_ACCOUNT_BRANDS_URL, brand_id) - url = url_for(VERIFY_FACTOR_URL, user_id, device_id) + response = self.class.put( + url, + headers: authorized_headers, + body: brand_params.to_json + ) - data = { - 'user_id'=> user_id, - 'device_id'=> device_id - } + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + p e.message + @error = '500' + @error_description = e.message + end - unless otp_token.nil? || otp_token.empty? - data['otp_token'] = otp_token + nil + end + + #Delete Brand + # + # @param brand_id + # + # @return boolean + # + # @see {https://developers.onelogin.com/api-docs/2/branding/delete-account-brand Delete Brand documentation} + def delete_brand(brand_id) + clean_error + prepare_token + + begin + if brand_id.nil? || brand_id.to_s.empty? + @error = '400' + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return end - unless state_token.nil? || state_token.empty? - data['state_token'] = state_token + url = url_for(DELETE_ACCOUNT_BRANDS_URL, brand_id) + + response = self.class.delete( + url, + headers: authorized_headers + ) + + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end + rescue Exception => e + + @error = '500' + @error_description = e.message + end + + nil + end + + #Get Apps assosiated with Account Brand + # + #@param brand_id + # + # @return apps assosiated with Account Brand + # + # @see {https://developers.onelogin.com/api-docs/2/branding/get-apps-associated-with-account-brand Get apps assosiated with Account Brand documentation} + def get_apps_assosiated_with_brand(brand_id) + clean_error + prepare_token + + begin + if brand_id.nil? || brand_id.to_s.empty? + @error = '400' + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return end - response = self.class.post( + url = url_for(GET_APPS_ASSOSIATED_WITH_ACCOUNT_BRANDS_URL, brand_id) + + response = self.class.get( url, - headers: authorized_headers, - body: data.to_json + headers: authorized_headers ) - if response.code == 200 - return handle_operation_response(response) + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -2230,53 +6369,78 @@ def verify_factor(user_id, device_id, otp_token=nil, state_token=nil) @error = '500' @error_description = e.message end - - false + + nil end - # Remove an enrolled factor from a user. + #Get List of message template # - # @param user_id [Integer] The id of the user. - # @param device_id [Integer] The device_id of the MFA device. + #@param brand_id # - # @return [Boolean] The result of the action + # @return List of message template # - # @see {https://developers.onelogin.com/api-docs/1/multi-factor-authentication/remove-factor Remove a Factor documentation} - def remove_factor(user_id, device_id) + # @see {https://developers.onelogin.com/api-docs/2/branding/list-templates List Message Template documentation} + def get_message_templates(brand_id) clean_error prepare_token - + begin - - if user_id.nil? || user_id.to_s.empty? + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "user_id is required" - @error_attribute = "user_id" + @error_description = "brand_id is required" + @error_attribute = "brand_id" return end - if device_id.nil? || device_id.to_s.empty? - @error = '400' - @error_description = "device_id is required" - @error_attribute = "device_id" - return + url = url_for(LIST_MESSAGE_TEMPLATE_URL, brand_id) + + response = self.class.get( + url, + headers: authorized_headers + ) + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) end + rescue Exception => e + @error = '500' + @error_description = e.message + end + + nil + end - url = url_for(REMOVE_FACTOR_URL, user_id, device_id) + #Create a message templates + # + # @param app_id, message_templates_params + # + # @return Created message_templates + # + # @see {https://developers.onelogin.com/api-docs/2/app-rules/create-rule Create message templates documentation} + def create_message_templates(brand_id, message_templates_params) + clean_error + prepare_token - response = self.class.delete( + begin + url = url_for(CREATE_MESSAGE_TEMPLATE_URL, brand_id) + + response = self.class.post( url, - :headers => authorized_headers + headers: authorized_headers, + body: message_templates_params.to_json ) - - if response.code == 200 - return true + + if response.success? + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) - return false + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end @@ -2284,46 +6448,39 @@ def remove_factor(user_id, device_id) nil end - ######################## - # Invite Links Methods # - ######################## - - # Generates an invite link for a user that you have already created in your OneLogin account. + #Get single message template # - # @param email [String] Set to the email address of the user that you want to generate an invite link for. + #@param brand_id, template_id # - # @return [String] the invitation link + # @return message template # - # @see {https://developers.onelogin.com/api-docs/1/invite-links/generate-invite-link Generate Invite Link documentation} - def generate_invite_link(email) + # @see {https://developers.onelogin.com/api-docs/2/branding/get-template Get Message Template documentation} + def get_message_template(brand_id, template_id) clean_error prepare_token - + begin - if email.nil? || email.to_s.empty? + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "email is required" - @error_attribute = "email" + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return + end + if template_id.nil? || template_id.to_s.empty? + @error = '400' + @error_description = "template_id is required" + @error_attribute = "template_id" return end - url = url_for(GENERATE_INVITE_LINK_URL) - - data = { - 'email'=> email - } + url = url_for(GET_MESSAGE_TEMPLATE_URL, brand_id, template_id) - response = self.class.post( + response = self.class.get( url, - headers: authorized_headers, - body: data.to_json + headers: authorized_headers ) - if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data['data'] - return json_data['data'][0] - end + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) @@ -2332,87 +6489,100 @@ def generate_invite_link(email) @error = '500' @error_description = e.message end - + nil end - # Sends an invite link to a user that you have already created in your OneLogin account. + #Update Message Template # - # @param email [String] Set to the email address of the user that you want to send an invite link for. - # @param personal_email [String] (Optional) If you want to send the invite email to an email other than the - # one provided in email, provide it here. The invite link will be - # sent to this address instead. + # @param brand_id, template_id, message_template_params # - # @return [String] the result of the operation + # @return Updated Message Template # - # @see {https://developers.onelogin.com/api-docs/1/invite-links/send-invite-link Send Invite Link documentation} - def send_invite_link(email, personal_email=nil) + # @see {https://developers.onelogin.com/api-docs/2/branding/update-template Update Message Template documentation} + def update_message_template(brand_id, template_id, message_template_params) clean_error prepare_token begin - url = url_for(SEND_INVITE_LINK_URL) - - data = { - 'email'=> email - } - - unless personal_email.nil? || personal_email.to_s.empty? - data['personal_email'] = personal_email + if brand_id.nil? || brand_id.to_s.empty? + @error = '400' + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return + end + if template_id.nil? || template_id.to_s.empty? + @error = '400' + @error_description = "template_id is required" + @error_attribute = "template_id" + return end - response = self.class.post( + url = url_for(UPDATE_MESSAGE_TEMPLATE_URL, brand_id, template_id) + + response = self.class.put( url, headers: authorized_headers, - body: data.to_json + body: message_template_params.to_json ) if response.code == 200 - return handle_operation_response(response) + return response else @error = response.code.to_s @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end - false + nil end - # Lists apps accessible by a OneLogin user. + #Delete message template # - # @param token [String] Provide your embedding token. - # @param email [String] Provide the email of the user for which you want to return a list of embeddable apps. + # @param message_template # - # @return [Array] the embed apps + # @return boolean # - # @see {https://developers.onelogin.com/api-docs/1/embed-apps/get-apps-to-embed-for-a-user Get Apps to Embed for a User documentation} - def get_embed_apps(token, email) + # @see {https://developers.onelogin.com/api-docs/2/branding/delete-account-brand Delete message template documentation} + def delete_message_template(brand_id, template_id) clean_error + prepare_token begin - response = self.class.get( - EMBED_APP_URL, - headers: { - 'User-Agent' => @user_agent - }, - query: { - token: token, - email: email - } + if brand_id.nil? || brand_id.to_s.empty? + @error = '400' + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return + end + if template_id.nil? || template_id.to_s.empty? + @error = '400' + @error_description = "template_id is required" + @error_attribute = "template_id" + return + end + + url = url_for(DELETE_MESSAGE_TEMPLATE_URL, brand_id, template_id) + + response = self.class.delete( + url, + headers: authorized_headers ) - if response.code == 200 && !(response.body.nil? || response.body.empty?) - return retrieve_apps_from_xml(response.body) + if response.code == 204 + return response else @error = response.code.to_s - unless response.body.nil? || response.body.empty? - @error_description = response.body - end + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e + @error = '500' @error_description = e.message end @@ -2420,154 +6590,121 @@ def get_embed_apps(token, email) nil end - def retrieve_apps_from_xml(xml_content) - doc = Nokogiri::XML(xml_content) do |config| - config.options = NOKOGIRI_OPTIONS - end - - node_list = doc.xpath("/apps/app") - attributes = ['id', 'icon', 'name', 'provisioned', 'extension_required', 'personal', 'login_id'] - apps = [] - node_list.each do |node| - app_data = {} - node.children.each do |children| - if attributes.include? children.name - app_data[children.name] = children.content - end - end - apps << OneLogin::Api::Models::EmbedApp.new(app_data) - end - - apps - end - - ##################### - # Privilege Methods # - ##################### - - # Gets a list of the Privileges created in an account. + #Get message template of brand by type # - # @return [Array] list of privilege objects + #@param brand_id, template_type # - # @see {https://developers.onelogin.com/api-docs/1/privileges/list-privileges List Privileges documentation} - def get_privileges() + # @return message template + # + # @see {https://developers.onelogin.com/api-docs/2/branding/get-template-by-type Get Message Template By Type documentation} + def get_message_template_by_type(brand_id, template_type) clean_error prepare_token - + begin + if brand_id.nil? || brand_id.to_s.empty? + @error = '400' + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return + end + if template_type.nil? || template_type.to_s.empty? + @error = '400' + @error_description = "template_type is required" + @error_attribute = "template_type" + return + end - url = url_for(LIST_PRIVILEGES_URL) + url = url_for(GET_MESSAGE_TEMPLATE_BY_TYPE_URL, brand_id, template_type) - privileges = [] response = self.class.get( url, headers: authorized_headers ) if response.code == 200 - json_data = JSON.parse(response.body) - if !json_data.empty? - json_data.each do |data| - privileges << OneLogin::Api::Models::Privilege.new(data) - end - end - return privileges + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end - + nil end - # Creates a Privilege + #Get message template of brand by type and locale # - # @param name [string] The name of the privilege. - # @param version [string] The version for the privilege schema. Set to 2018-05-18. - # @param statements [Array] A list of statements. Statement object or a dict with the keys Effect, Action and Scope + #@param brand_id, template_type, locale # - # @return [Privilege] the created privilege + # @return message template # - # @see {https://developers.onelogin.com/api-docs/1/privileges/create-privilege Create Privilege documentation} - def create_privilege(name, version, statements) + # @see {https://developers.onelogin.com/api-docs/2/branding/get-template-by-type-locale Get Message Template By Type and locale documentation} + def get_message_template_by_type_and_locale(brand_id, template_type, locale) clean_error prepare_token - + begin - url = url_for(CREATE_PRIVILEGE_URL) - - statement_data = [] - for statement in statements - if statement.instance_of?(OneLogin::Api::Models::Statement) - statement_data << { - 'Effect' => statement.effect, - 'Action' => statement.actions, - 'Scope' => statement.scopes - } - elsif statement.instance_of?(Hash) && statement.has_key?('Effect') && statement.has_key?('Action') && statement.has_key?('Scope') - statement_data << statement - else - @error = 400.to_s - @error_description = "statements is invalid. Provide a list of statements. The statement should be an Statement object or dict with the keys Effect, Action and Scope" - return - end + if brand_id.nil? || brand_id.to_s.empty? + @error = '400' + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return + end + if template_type.nil? || template_type.to_s.empty? + @error = '400' + @error_description = "template_type is required" + @error_attribute = "template_type" + return end - privilege_data = { - 'name' => name, - 'privilege' => { - 'Version'=> version, - 'Statement' => statement_data - } - } + url = url_for(GET_MESSAGE_TEMPLATE_BY_TYPE_LOCALE_URL, brand_id, template_type) + url= url+"/#{locale}" - response = self.class.post( + response = self.class.get( url, - headers: authorized_headers, - body: privilege_data.to_json + headers: authorized_headers ) - if response.code == 201 - json_data = JSON.parse(response.body) - if json_data && json_data.has_key?('id') - return OneLogin::Api::Models::Privilege.new(json_data['id'], name, version, statements) - end + if response.code == 200 + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end - + nil end - # Get a Privilege. + #Get master message template by type # - # @param privilege_id [string] Id of the privilege + #@param template_type # - # @return [Privilege] the privilege identified by the id + # @return master message template # - # @see {https://developers.onelogin.com/api-docs/1/privileges/get-privilege Get Privilege documentation} - def get_privilege(privilege_id) + # @see {https://developers.onelogin.com/api-docs/2/branding/get-master-template-by-type Get Master Message Template By Type documentation} + def get_master_message_template_by_type(template_type) clean_error prepare_token - + begin - if privilege_id.nil? || privilege_id.to_s.empty? + if template_type.nil? || template_type.to_s.empty? @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" + @error_description = "template_type is required" + @error_attribute = "template_type" return end - url = url_for(GET_PRIVILEGE_URL, privilege_id) + url = url_for(GET_MASTER_MESSAGE_TEMPLATE_BY_TYPE_URL, template_type) response = self.class.get( url, @@ -2575,286 +6712,274 @@ def get_privilege(privilege_id) ) if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data.has_key?('id') - return OneLogin::Api::Models::Privilege.new(json_data) - end + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end - + nil end - # Updates a Privilege - # - # @param privilege_id [string] The id of the privilege to be updated. - # @param name [string] The name of the privilege. - # @param version [string] The version for the privilege schema. Set to 2018-05-18. - # @param statements [Array] A list of statements. Statement object or a dict with the keys Effect, Action and Scope + #Get master message template by template type and locale # + #@param template_type, locale # - # @return [Privilege] the modified privilege + # @return master message template # - # @see {https://developers.onelogin.com/api-docs/1/privileges/update-privilege Update Privilege documentation} - def update_privilege(privilege_id, name, version, statements) + # @see {https://developers.onelogin.com/api-docs/2/branding/get-master-template-by-type-locale Get Master Message Template By Type and locale documentation} + def get_master_message_template_by_typeand_locale(template_type, locale) clean_error prepare_token - + begin - if privilege_id.nil? || privilege_id.to_s.empty? + if locale.nil? || locale.to_s.empty? @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" + @error_description = "locale is required" + @error_attribute = "locale" return end - - url = url_for(UPDATE_PRIVILEGE_URL, privilege_id) - - statement_data = [] - for statement in statements - if statement.instance_of?(OneLogin::Api::Models::Statement) - statement_data << { - 'Effect' => statement.effect, - 'Action' => statement.actions, - 'Scope' => statement.scopes - } - elsif statement.instance_of?(Hash) && statement.has_key?('Effect') && statement.has_key?('Action') && statement.has_key?('Scope') - statement_data << statement - else - @error = 400.to_s - @error_description = "statements is invalid. Provide a list of statements. The statement should be an Statement object or dict with the keys Effect, Action and Scope" - return - end + if template_type.nil? || template_type.to_s.empty? + @error = '400' + @error_description = "template_type is required" + @error_attribute = "template_type" + return end - privilege_data = { - 'name' => name, - 'privilege' => { - 'Version'=> version, - 'Statement' => statement_data - } - } + url = url_for(GET_MASTER_MESSAGE_TEMPLATE_BY_TYPE_LOCALE_URL, template_type, locale) - response = self.class.put( + response = self.class.get( url, - headers: authorized_headers, - body: privilege_data.to_json + headers: authorized_headers ) if response.code == 200 - json_data = JSON.parse(response.body) - if json_data && json_data.has_key?('id') - return OneLogin::Api::Models::Privilege.new(json_data['id'], name, version, statements) - end + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end - + nil end - # Deletes a Privilege + #Update Message Template by type and locale # - # @param privilege_id [string] Id of the privilege to be removed. + # @param brand_id, template_type, locale, message_template_params # - # @return [Boolean] if the action succeed + # @return Updated Message Template # - # @see {https://developers.onelogin.com/api-docs/1/privileges/delete-privilege Delete Privilege documentation} - def delete_privilege(privilege_id) + # @see {https://developers.onelogin.com/api-docs/2/branding/update-template Update Message Template by type and locale documentation} + def update_message_template_by_type_and_locale(brand_id, template_type,locale, message_template_params) clean_error prepare_token begin - if privilege_id.nil? || privilege_id.to_s.empty? + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" + @error_description = "brand_id is required" + @error_attribute = "brand_id" + return + end + if template_type.nil? || template_type.to_s.empty? + @error = '400' + @error_description = "template_type is required" + @error_attribute = "template_type" return end - url = url_for(DELETE_PRIVILEGE_URL, privilege_id) + url = url_for(UPDATE_MESSAGE_TEMPLATE_BY_TYPE_LOCALE_URL, brand_id, template_type) + url= url+"/#{locale}" - response = self.class.delete( + response = self.class.put( url, - headers: authorized_headers + headers: authorized_headers, + body: message_template_params.to_json ) - if response.code == 204 - return handle_operation_response(response) + if response.code == 200 + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end - false + nil end - # Gets a list of the roles assigned to a privilege. + #Get List of languages # - # @param privilege_id [string] Id of the privilege. + #@param brand_id # - # @return [Array] list of Role Id + # @return List of language # - # @see {https://developers.onelogin.com/api-docs/1/privileges/get-roles Get Assigned Roles documentation} - def get_roles_assigned_to_privilege(privilege_id) + # @see {https://developers.onelogin.com/api-docs/2/branding/list-languages List languages documentation} + def get_languages(brand_id) clean_error prepare_token - + begin - if privilege_id.nil? || privilege_id.to_s.empty? + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" + @error_description = "brand_id is required" + @error_attribute = "brand_id" return end - options = { - headers: authorized_headers, - max_results: @max_results, - container: 'roles' - } - - return Cursor.new(self, url_for(GET_ROLES_ASSIGNED_TO_PRIVILEGE_URL, privilege_id), options) + url = url_for(LIST_LANGUAGE_URL, brand_id) + response = self.class.get( + url, + headers: authorized_headers + ) + if response.code == 200 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + end rescue Exception => e @error = '500' @error_description = e.message end - + nil end - # Assign one or more roles to a privilege. + #Get List of Custom Message # - # @param privilege_id [string] Id of the privilege. - # @param role_ids [Array] Ids of the roles to be added. + #@param brand_id # - # @return [Boolean] if the action succeed + # @return List of Custom Message # - # @see {https://developers.onelogin.com/api-docs/1/privileges/assign-role Assign Roles documentation} - def assign_roles_to_privilege(privilege_id, role_ids) + # @see {https://developers.onelogin.com/api-docs/2/branding/list-custom-messages List custom message documentation} + def get_custom_messages(brand_id) clean_error prepare_token - + begin - if privilege_id.nil? || privilege_id.to_s.empty? + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" + @error_description = "brand_id is required" + @error_attribute = "brand_id" return end - url = url_for(ASSIGN_ROLES_TO_PRIVILEGE_URL, privilege_id) - - data = { - 'roles' => role_ids - } + url = url_for(LIST_CUSTOM_MESSAGE_URL, brand_id) - response = self.class.post( + response = self.class.get( url, - headers: authorized_headers, - body: data.to_json + headers: authorized_headers ) - - if response.code == 201 - return handle_operation_response(response) + p response + if response.code == 200 + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) - end rescue Exception => e @error = '500' @error_description = e.message end - - false + + nil end - # Removes one role from the privilege. + #Update custom message # - # @param privilege_id [string] Id of the privilege. - # @param role_id [Integer] Id of the role to be removed. + # @param brand_id, custom_message_params # - # @return [Boolean] if the action succeed + # @return Updated Custom Message # - # @see {https://developers.onelogin.com/api-docs/1/privileges/remove-role Remove Role documentation} - def remove_role_from_privilege(privilege_id, role_id) + # @see {https://developers.onelogin.com/api-docs/2/branding/update-custom-message Update Custom Message documentation} + def update_custom_message(brand_id, custom_message_params) clean_error prepare_token begin - if privilege_id.nil? || privilege_id.to_s.empty? + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" + @error_description = "brand_id is required" + @error_attribute = "brand_id" return end - url = url_for(REMOVE_ROLE_FROM_PRIVILEGE_URL, privilege_id, role_id) + url = url_for(UPDATE_MESSAGE_TEMPLATE_URL, brand_id, ) - response = self.class.delete( + response = self.class.put( url, - headers: authorized_headers + headers: authorized_headers, + body: custom_message_params.to_json ) - if response.code == 204 - return true + if response.code == 200 + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) end rescue Exception => e + p e.message @error = '500' @error_description = e.message end - false + nil end - # Gets a list of the users assigned to a privilege. + #Delete custom message # - # @param privilege_id [string] Id of the privilege. + # @param brand_id, message_id # - # @return [Array] list of User Id + # @return boolean # - # @see {https://developers.onelogin.com/api-docs/1/privileges/get-users Get Assigned Users documentation} - def get_users_assigned_to_privilege(privilege_id) + # @see {https://developers.onelogin.com/api-docs/2/branding/delete-custom-message Delete custom message documentation} + def delete_custom_message(brand_id,message_id) clean_error prepare_token begin - if privilege_id.nil? || privilege_id.to_s.empty? + if brand_id.nil? || brand_id.to_s.empty? @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" + @error_description = "brand_id is required" + @error_attribute = "brand_id" return end - options = { - headers: authorized_headers, - max_results: @max_results, - container: 'users' - } + url = url_for(DELETE_CUSTOM_MESSAGE_URL, brand_id,message_id) - return Cursor.new(self, url_for(GET_USERS_ASSIGNED_TO_PRIVILEGE_URL, privilege_id), options) + response = self.class.delete( + url, + headers: authorized_headers + ) + if response.code == 204 + return response + else + @error = response.code.to_s + @error_description = extract_error_message_from_response(response) + @error_attribute = extract_error_attribute_from_response(response) + end rescue Exception => e + @error = '500' @error_description = e.message end @@ -2862,93 +6987,71 @@ def get_users_assigned_to_privilege(privilege_id) nil end - # Assign one or more users to a privilege. - # - # @param privilege_id [string] Id of the privilege. - # @param user_ids [Array] Ids of the users to be added. + #Lookup Custom Message # - # @return [Boolean] if the action succeed + # @return lookup the custom error message # - # @see {https://developers.onelogin.com/api-docs/1/privileges/assign-users Assign Users documentation} - def assign_users_to_privilege(privilege_id, user_ids) + # @see {https://developers.onelogin.com/api-docs/2/branding/lookup-custom-message To lookup the custom error message documentation} + def lookup_custom_messages clean_error prepare_token - + begin - if privilege_id.nil? || privilege_id.to_s.empty? - @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" - return - end - - url = url_for(ASSIGN_USERS_TO_PRIVILEGE_URL, privilege_id) - data = { - 'users' => user_ids - } + url = url_for(LOOKUP_CUSTOM_MESSAGE_URL) - response = self.class.post( + response = self.class.get( url, - headers: authorized_headers, - body: data.to_json + headers: authorized_headers ) - - if response.code == 201 - return handle_operation_response(response) + + if response.code == 200 + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) end rescue Exception => e @error = '500' @error_description = e.message end - - false + + nil end - # Removes one user from the privilege. - # - # @param privilege_id [string] Id of the privilege. - # @param user_id [Integer] Id of the user to be removed. + #Get Email Settings # - # @return [Boolean] if the action succeed + # @return Email Settings # - # @see {https://developers.onelogin.com/api-docs/1/privileges/remove-user Remove User documentation} - def remove_user_from_privilege(privilege_id, user_id) + # @see {https://developers.onelogin.com/api-docs/2/branding/get-email-settings Get Email Settings documentation} + def get_email_settings clean_error prepare_token - + begin - if privilege_id.nil? || privilege_id.to_s.empty? - @error = '400' - @error_description = "privilege_id is required" - @error_attribute = "privilege_id" - return - end - url = url_for(REMOVE_USER_FROM_PRIVILEGE_URL, privilege_id, user_id) + url = url_for(GET_EMAIL_SETTINGS_URL) - response = self.class.delete( + response = self.class.get( url, headers: authorized_headers ) - - if response.code == 204 - return true + + if response.code == 200 + return response else - @error = extract_status_code_from_response(response) + @error = response.code.to_s @error_description = extract_error_message_from_response(response) end rescue Exception => e @error = '500' @error_description = e.message end - - false + + nil end + end end end diff --git a/lib/onelogin/api/util/constants.rb b/lib/onelogin/api/util/constants.rb index 5c804bc..7205da4 100644 --- a/lib/onelogin/api/util/constants.rb +++ b/lib/onelogin/api/util/constants.rb @@ -14,16 +14,15 @@ module Constants GET_RATE_URL = "https://api.%s.onelogin.com/auth/rate_limit" # User URLs - GET_USERS_URL = "https://api.%s.onelogin.com/api/1/users" - GET_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s" - GET_APPS_FOR_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s/apps" + GET_USERS_URL = "https://api.%s.onelogin.com/api/2/users" + GET_USER_URL = "https://api.%s.onelogin.com/api/2/users/%s" + GET_APPS_FOR_USER_URL = "https://api.%s.onelogin.com/api/2/users/%s/apps" GET_ROLES_FOR_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s/roles" - GET_CUSTOM_ATTRIBUTES_URL = "https://api.%s.onelogin.com/api/1/users/custom_attributes" - CREATE_USER_URL = "https://api.%s.onelogin.com/api/1/users" + CREATE_USER_URL = "https://api.%s.onelogin.com/api/2/users" SESSION_LOGIN_TOKEN_URL = "https://api.%s.onelogin.com/api/1/login/auth" GET_TOKEN_VERIFY_FACTOR = "https://api.%s.onelogin.com/api/1/login/verify_factor" - UPDATE_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s" - DELETE_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s" + UPDATE_USER_URL = "https://api.%s.onelogin.com/api/2/users/%s" + DELETE_USER_URL = "https://api.%s.onelogin.com/api/2/users/%s" ADD_ROLE_TO_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s/add_roles" DELETE_ROLE_TO_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s/remove_roles" SET_PW_CLEARTEXT = "https://api.%s.onelogin.com/api/1/users/set_password_clear_text/%s" @@ -32,7 +31,13 @@ module Constants SET_USER_STATE_URL = "https://api.%s.onelogin.com/api/1/users/%s/set_state" LOG_USER_OUT_URL = "https://api.%s.onelogin.com/api/1/users/%s/logout" LOCK_USER_URL = "https://api.%s.onelogin.com/api/1/users/%s/lock_user" - GENERATE_MFA_TOKEN_URL = "https://api.%s.onelogin.com/api/1/users/%s/mfa_token" + + #Custom Attribute URLS + GET_CUSTOM_ATTRIBUTES_URL = "https://api.%s.onelogin.com/api/2/users/custom_attributes" + GET_CUSTOM_ATTRIBUTE = "https://api.%s.onelogin.com/api/2/users/custom_attributes/%s" + CREATE_CUSTOM_ATTRIBUTE = "https://api.%s.onelogin.com/api/2/users/custom_attributes" + UPDATE_CUSTOM_ATTRIBUTE = "https://api.%s.onelogin.com/api/2/users/custom_attributes/%s" + DELETE_CUSTOM_ATTRIBUTE = "https://api.%s.onelogin.com/api/2/users/custom_attributes/%s" # Connectors URL GET_CONNECTORS_URL = "https://api.%s.onelogin.com/api/2/connectors" @@ -52,9 +57,25 @@ module Constants DELETE_APP_PARAMETER_URL = "https://api.%s.onelogin.com/api/2/apps/%s/parameters/%s" # Role URLs - GET_ROLES_URL = "https://api.%s.onelogin.com/api/1/roles" - CREATE_ROLE_URL = "https://api.%s.onelogin.com/api/1/roles" - GET_ROLE_URL = "https://api.%s.onelogin.com/api/1/roles/%s" + GET_ROLES_URL = "https://api.%s.onelogin.com/api/2/roles" + CREATE_ROLE_URL = "https://api.%s.onelogin.com/api/2/roles" + GET_ROLE_URL = "https://api.%s.onelogin.com/api/2/roles/%s" + UPDATE_ROLES_URL = "https://api.%s.onelogin.com/api/2/roles/%s" + DELETE_ROLES_URL = "https://api.%s.onelogin.com/api/2/roles/%s" + GET_APPS_ROLE_URL = "https://api.%s.onelogin.com/api/2/roles/%s/apps" + SET_APPS_ROLE_URL = "https://api.%s.onelogin.com/api/2/roles/%s/apps" + GET_ROLE_FOR_USERS_URL = "https://api.%s.onelogin.com/api/2/roles/%s/users" + ADD_ROLE_FOR_USERS_URL = "https://api.%s.onelogin.com/api/2/roles/%s/users" + REMOVE_ROLE_FOR_USERS_URL = "https://api.%s.onelogin.com/api/2/roles/%s/users" + GET_ROLE_FOR_ADMINS_URL = "https://api.%s.onelogin.com/api/2/roles/%s/admins" + ADD_ROLE_FOR_ADMINS_URL = "https://api.%s.onelogin.com/api/2/roles/%s/admins" + REMOVE_ROLE_FOR_ADMINS_URL = "https://api.%s.onelogin.com/api/2/roles/%s/admins" + + + #Reports URLs + LIST_REPORTS_URL = "https://api.%s.onelogin.com/api/2/reports" + RUN_REPORTS_URL = "https://api.%s.onelogin.com/api/2/reports/%s/run" + RUN_BACKGROUND_REPORTS_URL = "https://api.%s.onelogin.com/api/2/reports/%s/run_background" # Event URLS GET_EVENT_TYPES_URL = "https://api.%s.onelogin.com/api/1/events/types" @@ -68,21 +89,144 @@ module Constants GET_GROUP_URL = "https://api.%s.onelogin.com/api/1/groups/%s" # SAML Assertion URLs - GET_SAML_ASSERTION_URL = "https://api.%s.onelogin.com/api/1/saml_assertion" - GET_SAML_VERIFY_FACTOR = "https://api.%s.onelogin.com/api/1/saml_assertion/verify_factor" + GET_SAML_ASSERTION_URL = "https://api.%s.onelogin.com/api/2/saml_assertion" + GET_SAML_VERIFY_FACTOR = "https://api.%s.onelogin.com/api/2/saml_assertion/verify_factor" + + # SMART MFA URLs + GET_SMART_MFA_URL = "https://api.%s.onelogin.com/api/2/smart-mfa" + GET_SMART_MFA_VERIFY = "https://api.%s.onelogin.com/api/2/smart-mfa/verify" + + + #API Authorization URL V2 + CREATE_AUTHORIZATION_SERVER_URL = "https://api.%s.onelogin.com/api/2/api_authorizations" + LIST_AUTHORIZATION_SERVER_URL = "https://api.%s.onelogin.com/api/2/api_authorizations" + GET_AUTHORIZATION_SERVER_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s" + UPDATE_AUTHORIZATION_SERVER_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s" + DELETE_AUTHORIZATION_SERVER_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s" + + ADD_ACCESS_TOKEN_CLAIMS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/claims" + LIST_ACCESS_TOKEN_CLAIMS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/claims" + UPDATE_ACCESS_TOKEN_CLAIMS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/claims/%s" + DELETE_ACCESS_TOKEN_CLAIMS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/claims/%s" + + ADD_SCOPE_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/scopes" + LIST_SCOPE_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/scopes" + UPDATE_SCOPE_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/scopes/%s" + DELETE_SCOPE_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/scopes/%s" + + ADD_CLIENTS_APPS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/clients" + LIST_CLIENTS_APPS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/clients" + UPDATE_CLIENTS_APPS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/clients/%s" + DELETE_CLIENTS_APPS_URL = "https://api.%s.onelogin.com/api/2/api_authorizations/%s/clients/%s" + + + #Branding APIs + LIST_ACCOUNT_BRANDS_URL = "https://api.%s.onelogin.com/api/2/branding/brands" + CREATE_ACCOUNT_BRANDS_URL = "https://api.%s.onelogin.com/api/2/branding/brands" + GET_ACCOUNT_BRANDS_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s" + UPDATE_ACCOUNT_BRANDS_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s" + DELETE_ACCOUNT_BRANDS_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s" + + GET_APPS_ASSOSIATED_WITH_ACCOUNT_BRANDS_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/apps" + + LIST_MESSAGE_TEMPLATE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates" + CREATE_MESSAGE_TEMPLATE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates" + UPDATE_MESSAGE_TEMPLATE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates/%s" + GET_MESSAGE_TEMPLATE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates/%s" + DELETE_MESSAGE_TEMPLATE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates/%s" + GET_MESSAGE_TEMPLATE_BY_TYPE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates/%s" + GET_MESSAGE_TEMPLATE_BY_TYPE_LOCALE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates/%s" + GET_MASTER_MESSAGE_TEMPLATE_BY_TYPE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/master/templates/%s" + GET_MASTER_MESSAGE_TEMPLATE_BY_TYPE_LOCALE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/master/templates/%s" + UPDATE_MESSAGE_TEMPLATE_BY_TYPE_LOCALE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/templates/%s" + LIST_LANGUAGE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/custom_error_messages/languages" + LIST_CUSTOM_MESSAGE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/custom_error_messages" + UPDATE_CUSTOM_MESSAGE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/custom_error_messages" + DELETE_CUSTOM_MESSAGE_URL = "https://api.%s.onelogin.com/api/2/branding/brands/%s/custom_error_messages/%s" + LOOKUP_CUSTOM_MESSAGE_URL = "https://api.%s.onelogin.com/api/2/branding/custom_error_messages" + GET_EMAIL_SETTINGS_URL = "https://api.%s.onelogin.com/api/2/branding/email_settings" + + + # SMART Hooks URLs + GET_SMART_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks/%s" + LIST_SMART_HOOKS_URL = "https://api.%s.onelogin.com/api/2/hooks" + GET_SMART_HOOK_LOGS_URL = "https://api.%s.onelogin.com/api/2/hooks/%s/logs" + CREATE_SMART_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks" + UPDATE_SMART_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks/%s" + DELETE_SMART_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks/%s" + CREATE_ENV_VAR_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks/envs" + GET_ENV_VAR_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks/envs/%s" + UPDATE_ENV_VAR_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks/envs/%s" + DELETE_ENV_VAR_HOOK_URL = "https://api.%s.onelogin.com/api/2/hooks/envs/%s" + LIST_ENV_VAR_HOOKS_URL = "https://api.%s.onelogin.com/api/2/hooks/envs" + + + #User Mapping URL V2 + GET_USER_MAPPING_URL = "https://api.%s.onelogin.com/api/2/mappings/%s" + LIST_USER_MAPPING_URL = "https://api.%s.onelogin.com/api/2/mappings" + CREATE_USER_MAPPING_URL = "https://api.%s.onelogin.com/api/2/mappings" + UPDATE_USER_MAPPING_URL = "https://api.%s.onelogin.com/api/2/mappings/%s" + DELETE_USER_MAPPING_URL = "https://api.%s.onelogin.com/api/2/mappings/%s" + DRY_RUN_USER_MAPPING_URL = "https://api.%s.onelogin.com/api/2/mappings/%s/dryrun" + + LIST_USER_MAPPING_CONDITION_URL = "https://api.%s.onelogin.com/api/2/mappings/conditions" + LIST_USER_MAPPING_CONDITION_OPTS_URL = "https://api.%s.onelogin.com/api/2/mappings/conditions/%s/operators" + LIST_USER_MAPPING_CONDITION_VALS_URL = "https://api.%s.onelogin.com/api/2/mappings/conditions/%s/values" + LIST_USER_MAPPING_ACTIONS_URL = "https://api.%s.onelogin.com/api/2/mappings/actions" + LIST_USER_MAPPING_ACTIONS_VAL_URL = "https://api.%s.onelogin.com/api/2/mappings/actions/%s/values" + BULK_SORT_USER_MAPPING_URL = "https://api.%s.onelogin.com/api/2/mappings/sort" + + + #VIGILANCE AI URLs + GET_RISK_RULES_URL = "https://api.%s.onelogin.com/api/2/risk/rules/%s" + LIST_RISK_RULES_URL = "https://api.%s.onelogin.com/api/2/risk/rules" + CREATE_RISK_RULES_URL = "https://api.%s.onelogin.com/api/2/risk/rules" + UPDATE_RISK_RULESURL = "https://api.%s.onelogin.com/api/2/risk/rules/%s" + DELETE_RISK_RULES_URL = "https://api.%s.onelogin.com/api/2/risk/rules/%s" + GET_RISK_SCORE_URL = "https://api.%s.onelogin.com/api/2/risk/scores" + GET_RISK_VERIFY_URL = "https://api.%s.onelogin.com/api/2/risk/verify" + TRACK_RISK_EVENTS_URL = "https://api.%s.onelogin.com/api/2/risk/events" + + #APPS RULES URLs + GET_APPS_RULE_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/%s" + LIST_APPS_RULES_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules" + CREATE_APP_RULE_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules" + UPDATE_APP_RULE_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/%s" + DELETE_APP_RULE_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/%s" + + LIST_APPS_RULES_CONDITION_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/conditions" + LIST_APPS_RULES_CONDITION_OPTS_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/conditions/%s/operators" + LIST_APPS_RULES_CONDITION_VALS_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/conditions/%s/values" + LIST_APPS_RULES_ACTIONS_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/actions" + LIST_APPS_RULES_ACTIONS_VAL_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/actions/%s/values" + BULK_SORT_APPS_RULES_URL = "https://api.%s.onelogin.com/api/2/apps/%s/rules/sort" + + #APP user URLs + LIST_APPS_USERS_URL = "https://api.%s.onelogin.com/api/2/apps/%s/users" # Multi-Factor Authentication URLs - GET_FACTORS_URL = "https://api.%s.onelogin.com/api/1/users/%s/auth_factors" - ENROLL_FACTOR_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices" - GET_ENROLLED_FACTORS_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices" - ACTIVATE_FACTOR_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices/%s/trigger" + #GET_FACTORS_URL = "https://api.%s.onelogin.com/api/1/users/%s/auth_factors" + #ENROLL_FACTOR_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices" + #GET_ENROLLED_FACTORS_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices" + #ACTIVATE_FACTOR_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices/%s/trigger" VERIFY_FACTOR_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices/%s/verify" - REMOVE_FACTOR_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices/%s" + #REMOVE_FACTOR_URL = "https://api.%s.onelogin.com/api/1/users/%s/otp_devices/%s" # Invite Link URLS GENERATE_INVITE_LINK_URL = "https://api.%s.onelogin.com/api/1/invites/get_invite_link" SEND_INVITE_LINK_URL = "https://api.%s.onelogin.com/api/1/invites/send_invite_link" + + # Multi-Factor Authentication URL + GET_FACTORS_URL = "https://api.%s.onelogin.com/api/2/mfa/users/%s/factors" + ENROLL_FACTOR_URL = "https://api.%s.onelogin.com/api/2/mfa/users/%s/registrations" + GET_ENROLLED_FACTORS_URL = "https://api.%s.onelogin.com/api/2/mfa/users/%s/devices" + ACTIVATE_FACTOR_URL = "https://api.%s.onelogin.com/api/2/mfa/users/%s/verifications" + # VERIFY_FACTOR_URL = "https://api.%s.onelogin.com/api/2/users/%s/otp_devices/%s/verify" + REMOVE_FACTOR_URL = "https://api.%s.onelogin.com/api/2/mfa/users/%s/devices/%s" + GENERATE_MFA_TOKEN_URL = "https://api.%s.onelogin.com/api/2/mfa/users/%s/mfa_token" + VERIFY_ENROLLMENT_VOICE_FACTOR_URL = "https://api.%s.onelogin.com/api/2/mfa/users/%s/registrations/%s" + # Embed Apps URL EMBED_APP_URL = "https://api.onelogin.com/client/apps/embed2"