Adding Support For Session And Refresh Tokens (#786)

### Changes Support Added for following endpoints: - [api/management/v2/users/get-refresh-tokens-for-user](https://auth0.com/docs/api/management/v2/users/get-refresh-tokens-for-user) - [api/management/v2/users/delete-refresh-tokens-for-user](https://auth0.com/docs/api/management/v2/users/delete-refresh-tokens-for-user) - [api/management/v2/users/get-sessions-for-user](https://auth0.com/docs/api/management/v2/users/get-sessions-for-user) - [api/management/v2/users/delete-sessions-for-user](https://auth0.com/docs/api/management/v2/users/delete-sessions-for-user) - [api/management/v2/refresh-tokens/get-refresh-token](https://auth0.com/docs/api/management/v2/refresh-tokens/get-refresh-token) - [api/management/v2/refresh-tokens/delete-refresh-token](https://auth0.com/docs/api/management/v2/refresh-tokens/delete-refresh-token) - [api/management/v2/sessions/get-session](https://auth0.com/docs/api/management/v2/sessions/get-session) - [api/management/v2/sessions/delete-session](https://auth0.com/docs/api/management/v2/sessions/delete-session) ### References - [api/management/v2/users/get-refresh-tokens-for-user](https://auth0.com/docs/api/management/v2/users/get-refresh-tokens-for-user) - [api/management/v2/users/delete-refresh-tokens-for-user](https://auth0.com/docs/api/management/v2/users/delete-refresh-tokens-for-user) - [api/management/v2/users/get-sessions-for-user](https://auth0.com/docs/api/management/v2/users/get-sessions-for-user) - [api/management/v2/users/delete-sessions-for-user](https://auth0.com/docs/api/management/v2/users/delete-sessions-for-user) - [api/management/v2/refresh-tokens/get-refresh-token](https://auth0.com/docs/api/management/v2/refresh-tokens/get-refresh-token) - [api/management/v2/refresh-tokens/delete-refresh-token](https://auth0.com/docs/api/management/v2/refresh-tokens/delete-refresh-token) - [api/management/v2/sessions/get-session](https://auth0.com/docs/api/management/v2/sessions/get-session) - [api/management/v2/sessions/delete-session](https://auth0.com/docs/api/management/v2/sessions/delete-session) ### Testing - [x] This change adds test coverage - [x] This change has been tested on the latest version of the platform/language or why not ### Contributor Checklist - [x] I agree to adhere to the [Auth0 General Contribution Guidelines](https://github.com/auth0/open-source-template/blob/master/GENERAL-CONTRIBUTING.md). - [x] I agree to uphold the [Auth0 Code of Conduct](https://github.com/auth0/open-source-template/blob/master/CODE-OF-CONDUCT.md).
auth0 · Jan 13, 2025 · f54ca47 · f54ca47
1 parent 3acf0f4
commit f54ca47
Show file tree

Hide file tree

Showing 10 changed files with 436 additions and 2 deletions.
diff --git a/src/API/Management.php b/src/API/Management.php
@@ -4,9 +4,9 @@
 
 namespace Auth0\SDK\API;
 
-use Auth0\SDK\API\Management\{Actions, AttackProtection, Blacklists, ClientGrants, Clients, Connections, DeviceCredentials, EmailTemplates, Emails, Grants, Guardian, Jobs, Keys, LogStreams, Logs, Organizations, ResourceServers, Roles, Rules, Stats, Tenants, Tickets, UserBlocks, Users, UsersByEmail};
+use Auth0\SDK\API\Management\{Actions, AttackProtection, Blacklists, ClientGrants, Clients, Connections, DeviceCredentials, EmailTemplates, Emails, Grants, Guardian, Jobs, Keys, LogStreams, Logs, Organizations, RefreshTokens, ResourceServers, Roles, Rules, Sessions, Stats, Tenants, Tickets, UserBlocks, Users, UsersByEmail};
 use Auth0\SDK\Configuration\SdkConfiguration;
-use Auth0\SDK\Contract\API\Management\{ActionsInterface, AttackProtectionInterface, BlacklistsInterface, ClientGrantsInterface, ClientsInterface, ConnectionsInterface, DeviceCredentialsInterface, EmailTemplatesInterface, EmailsInterface, GrantsInterface, GuardianInterface, JobsInterface, KeysInterface, LogStreamsInterface, LogsInterface, OrganizationsInterface, ResourceServersInterface, RolesInterface, RulesInterface, StatsInterface, TenantsInterface, TicketsInterface, UserBlocksInterface, UsersByEmailInterface, UsersInterface};
+use Auth0\SDK\Contract\API\Management\{ActionsInterface, AttackProtectionInterface, BlacklistsInterface, ClientGrantsInterface, ClientsInterface, ConnectionsInterface, DeviceCredentialsInterface, EmailTemplatesInterface, EmailsInterface, GrantsInterface, GuardianInterface, JobsInterface, KeysInterface, LogStreamsInterface, LogsInterface, OrganizationsInterface, RefreshTokensInterface, ResourceServersInterface, RolesInterface, RulesInterface, SessionsInterface, StatsInterface, TenantsInterface, TicketsInterface, UserBlocksInterface, UsersByEmailInterface, UsersInterface};
 use Auth0\SDK\Contract\API\{AuthenticationInterface, ManagementInterface};
 use Auth0\SDK\Utility\{HttpClient, HttpResponse, HttpResponsePaginator};
 use Psr\Cache\CacheItemPoolInterface;
@@ -202,6 +202,11 @@ public function organizations(): OrganizationsInterface
         return Organizations::instance($this->getHttpClient());
     }
 
+    public function refreshTokens(): RefreshTokensInterface
+    {
+        return RefreshTokens::instance($this->getHttpClient());
+    }
+
     public function resourceServers(): ResourceServersInterface
     {
         return ResourceServers::instance($this->getHttpClient());
@@ -217,6 +222,11 @@ public function rules(): RulesInterface
         return Rules::instance($this->getHttpClient());
     }
 
+    public function sessions(): SessionsInterface
+    {
+        return Sessions::instance($this->getHttpClient());
+    }
+
     public function stats(): StatsInterface
     {
         return Stats::instance($this->getHttpClient());

diff --git a/src/API/Management/RefreshTokens.php b/src/API/Management/RefreshTokens.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\API\Management;
+
+use Auth0\SDK\Contract\API\Management\RefreshTokensInterface;
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Auth0\SDK\Utility\Toolkit;
+use Psr\Http\Message\ResponseInterface;
+
+/**
+ * Handles requests to the Refresh Tokens endpoint of the v2 Management API.
+ *
+ * @see https://auth0.com/docs/api/management/v2#!/Refresh_Tokens
+ */
+final class RefreshTokens extends ManagementEndpoint implements RefreshTokensInterface
+{
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['refresh-tokens', $id])
+            ->withOptions($options)
+            ->call();
+    }
+
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['refresh-tokens', $id])
+            ->withOptions($options)
+            ->call();
+    }
+}
diff --git a/src/API/Management/Sessions.php b/src/API/Management/Sessions.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\API\Management;
+
+use Auth0\SDK\Contract\API\Management\SessionsInterface;
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Auth0\SDK\Utility\Toolkit;
+use Psr\Http\Message\ResponseInterface;
+
+/**
+ * Handles requests to the Sessions endpoint of the v2 Management API.
+ *
+ * @see https://auth0.com/docs/api/management/v2/Sessions
+ */
+final class Sessions extends ManagementEndpoint implements SessionsInterface
+{
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['sessions', $id])
+            ->withOptions($options)
+            ->call();
+    }
+
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['sessions', $id])
+            ->withOptions($options)
+            ->call();
+    }
+}
diff --git a/src/API/Management/Users.php b/src/API/Management/Users.php
@@ -221,6 +221,38 @@ public function deleteMultifactorProvider(
             ->call();
     }
 
+    public function deleteRefreshTokens(
+        string $user,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$user] = Toolkit::filter([$user])->string()->trim();
+
+        Toolkit::assert([
+            [$user, \Auth0\SDK\Exception\ArgumentException::missing('user')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['users', $user, 'refresh-tokens'])
+            ->withOptions($options)
+            ->call();
+    }
+
+    public function deleteSessions(
+        string $user,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$user] = Toolkit::filter([$user])->string()->trim();
+
+        Toolkit::assert([
+            [$user, \Auth0\SDK\Exception\ArgumentException::missing('user')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('delete')->addPath(['users', $user, 'sessions'])
+            ->withOptions($options)
+            ->call();
+    }
+
     public function get(
         string $id,
         ?RequestOptions $options = null,
@@ -351,6 +383,22 @@ public function getPermissions(
             ->call();
     }
 
+    public function getRefreshTokens(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['users', $id, 'refresh-tokens'])
+            ->withOptions($options)
+            ->call();
+    }
+
     public function getRoles(
         string $id,
         ?RequestOptions $options = null,
@@ -367,6 +415,22 @@ public function getRoles(
             ->call();
     }
 
+    public function getSessions(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$id] = Toolkit::filter([$id])->string()->trim();
+
+        Toolkit::assert([
+            [$id, \Auth0\SDK\Exception\ArgumentException::missing('id')],
+        ])->isString();
+
+        return $this->getHttpClient()
+            ->method('get')->addPath(['users', $id, 'sessions'])
+            ->withOptions($options)
+            ->call();
+    }
+
     public function invalidateBrowsers(
         string $id,
         ?RequestOptions $options = null,

diff --git a/src/Contract/API/Management/RefreshTokensInterface.php b/src/Contract/API/Management/RefreshTokensInterface.php
@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\Contract\API\Management;
+
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Psr\Http\Message\ResponseInterface;
+
+interface RefreshTokensInterface
+{
+    /**
+     * Delete a Refresh Token by ID.
+     * Required scope: `delete:refresh_tokens`.
+     *
+     * @param string              $id      ID of the refresh token to delete.
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Refresh_Tokens/delete_refresh_token
+     */
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+
+    /**
+     * Retrieve Refresh Token information
+     * Required scopes:
+     * - `read:refresh_tokens` for any call to this endpoint.
+     *
+     * @param string              $id      ID of refresh token to retrieve
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Refresh_Tokens/get_refresh_token
+     */
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+}
diff --git a/src/Contract/API/Management/SessionsInterface.php b/src/Contract/API/Management/SessionsInterface.php
@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+namespace Auth0\SDK\Contract\API\Management;
+
+use Auth0\SDK\Utility\Request\RequestOptions;
+use Psr\Http\Message\ResponseInterface;
+
+interface SessionsInterface
+{
+    /**
+     * Delete a Session by ID.
+     * Required scope: `delete:sessions`.
+     *
+     * @param string              $id      ID of the session to delete.
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Sessions/delete_session
+     */
+    public function delete(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+
+    /**
+     * Retrieve Session information
+     * Required scopes:
+     * - `read:sessions` for any call to this endpoint.
+     *
+     * @param string              $id      ID of session to retrieve
+     * @param null|RequestOptions $options Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `id` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException  when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Sessions/get_session
+     */
+    public function get(
+        string $id,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+}