MRRT (#1192)

* MRRT

* updated go sum

* updated go auth0 version

* fixed lint

Author: duedares-rvj

docs/auth0_apps_create.md

@@ -43,6 +43,7 @@ auth0 apps create [flags]
       --metadata stringToString   Arbitrary keys-value pairs (max 255 characters each), that  can be assigned to each application. More about application metadata: https://auth0.com/docs/get-started/applications/configure-application-metadata (default [])
   -n, --name string               Name of the application.
   -o, --origins strings           Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.
+  -z, --refresh-token string      Refresh Token Config for the application, formatted as JSON.
   -r, --reveal-secrets            Display the application secrets ('signing_keys', 'client_secret') as part of the command output.
   -t, --type string               Type of application:
                                   - native: mobile, desktop, CLI and smart device apps running natively.

docs/auth0_apps_update.md

@@ -43,6 +43,7 @@ auth0 apps update [flags]
       --metadata stringToString   Arbitrary keys-value pairs (max 255 characters each), that  can be assigned to each application. More about application metadata: https://auth0.com/docs/get-started/applications/configure-application-metadata (default [])
   -n, --name string               Name of the application.
   -o, --origins strings           Comma-separated list of URLs allowed to make requests from JavaScript to Auth0 API (typically used with CORS). By default, all your callback URLs will be allowed. This field allows you to enter other origins if necessary. You can also use wildcards at the subdomain level (e.g., https://*.contoso.com). Query strings and hash information are not taken into account when validating these URLs.
+  -z, --refresh-token string      Refresh Token Config for the application, formatted as JSON.
   -r, --reveal-secrets            Display the application secrets ('signing_keys', 'client_secret') as part of the command output.
   -t, --type string               Type of application:
                                   - native: mobile, desktop, CLI and smart device apps running natively.

go.mod

@@ -9,7 +9,7 @@ require (
 	github.com/AlecAivazis/survey/v2 v2.3.7
 	github.com/PuerkitoBio/rehttp v1.4.0
 	github.com/atotto/clipboard v0.1.4
-	github.com/auth0/go-auth0 v1.19.0
+	github.com/auth0/go-auth0 v1.20.0
 	github.com/briandowns/spinner v1.23.2
 	github.com/charmbracelet/glamour v0.10.0
 	github.com/fsnotify/fsnotify v1.9.0
@@ -78,9 +78,11 @@ require (
 	github.com/klauspost/pgzip v1.2.5 // indirect
 	github.com/kr/text v0.2.0 // indirect
 	github.com/lestrrat-go/backoff/v2 v2.0.8 // indirect
-	github.com/lestrrat-go/blackmagic v1.0.2 // indirect
+	github.com/lestrrat-go/blackmagic v1.0.3 // indirect
 	github.com/lestrrat-go/httpcc v1.0.1 // indirect
+	github.com/lestrrat-go/httprc v1.0.6 // indirect
 	github.com/lestrrat-go/iter v1.0.2 // indirect
+	github.com/lestrrat-go/jwx/v2 v2.1.6 // indirect
 	github.com/lestrrat-go/option v1.0.1 // indirect
 	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
@@ -94,6 +96,7 @@ require (
 	github.com/pierrec/lz4/v4 v4.1.3 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/segmentio/asm v1.2.0 // indirect
 	github.com/ulikunitz/xz v0.5.10 // indirect
 	github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect

go.sum

@@ -27,8 +27,8 @@ github.com/apparentlymart/go-textseg/v15 v15.0.0 h1:uYvfpb3DyLSCGWnctWKGj857c6ew
 github.com/apparentlymart/go-textseg/v15 v15.0.0/go.mod h1:K8XmNZdhEBkdlyDdvbmmsvpAG721bKi0joRfFdHIWJ4=
 github.com/atotto/clipboard v0.1.4 h1:EH0zSVneZPSuFR11BlR9YppQTVDbh5+16AmcJi4g1z4=
 github.com/atotto/clipboard v0.1.4/go.mod h1:ZY9tmq7sm5xIbd9bOK4onWV4S6X0u6GY7Vn0Yu86PYI=
-github.com/auth0/go-auth0 v1.19.0 h1:LZAVZCiZsENm0wX/PvRwN+mLbyCb4PPCfyKww8b7KR4=
-github.com/auth0/go-auth0 v1.19.0/go.mod h1:6g0NRYWA+rzTLG5AohwCJ0YCEqbzphKcdjt+PWrgcPk=
+github.com/auth0/go-auth0 v1.20.0 h1:qCp5e2Jyeo7Z6vSTAgZqT8kYI6fVFzvT7rUBOtgSrIM=
+github.com/auth0/go-auth0 v1.20.0/go.mod h1:inNY8nV/wANajcJ8B/93CLlmXgyMgyuyPXXI4kgd2qY=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/aymanbagabas/go-osc52/v2 v2.0.1 h1:HwpRHbFMcZLEVr42D4p7XBqjyuxQH5SMiErDT4WkJ2k=
@@ -159,14 +159,18 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/lestrrat-go/backoff/v2 v2.0.8 h1:oNb5E5isby2kiro9AgdHLv5N5tint1AnDVVf2E2un5A=
 github.com/lestrrat-go/backoff/v2 v2.0.8/go.mod h1:rHP/q/r9aT27n24JQLa7JhSQZCKBBOiM/uP402WwN8Y=
-github.com/lestrrat-go/blackmagic v1.0.2 h1:Cg2gVSc9h7sz9NOByczrbUvLopQmXrfFx//N+AkAr5k=
-github.com/lestrrat-go/blackmagic v1.0.2/go.mod h1:UrEqBzIR2U6CnzVyUtfM6oZNMt/7O7Vohk2J0OGSAtU=
+github.com/lestrrat-go/blackmagic v1.0.3 h1:94HXkVLxkZO9vJI/w2u1T0DAoprShFd13xtnSINtDWs=
+github.com/lestrrat-go/blackmagic v1.0.3/go.mod h1:6AWFyKNNj0zEXQYfTMPfZrAXUWUfTIZ5ECEUEJaijtw=
 github.com/lestrrat-go/httpcc v1.0.1 h1:ydWCStUeJLkpYyjLDHihupbn2tYmZ7m22BGkcvZZrIE=
 github.com/lestrrat-go/httpcc v1.0.1/go.mod h1:qiltp3Mt56+55GPVCbTdM9MlqhvzyuL6W/NMDA8vA5E=
+github.com/lestrrat-go/httprc v1.0.6 h1:qgmgIRhpvBqexMJjA/PmwSvhNk679oqD1RbovdCGW8k=
+github.com/lestrrat-go/httprc v1.0.6/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
 github.com/lestrrat-go/jwx v1.2.30 h1:VKIFrmjYn0z2J51iLPadqoHIVLzvWNa1kCsTqNDHYPA=
 github.com/lestrrat-go/jwx v1.2.30/go.mod h1:vMxrwFhunGZ3qddmfmEm2+uced8MSI6QFWGTKygjSzQ=
+github.com/lestrrat-go/jwx/v2 v2.1.6 h1:hxM1gfDILk/l5ylers6BX/Eq1m/pnxe9NBwW6lVfecA=
+github.com/lestrrat-go/jwx/v2 v2.1.6/go.mod h1:Y722kU5r/8mV7fYDifjug0r8FK8mZdw0K0GpJw/l8pU=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/lestrrat-go/option v1.0.1 h1:oAzP2fvZGQKWkvHa1/SAcFolBEca1oN+mQ7eooNBEYU=
 github.com/lestrrat-go/option v1.0.1/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
@@ -222,6 +226,8 @@ github.com/rogpeppe/go-internal v1.8.0/go.mod h1:WmiCO8CzOY8rg0OYDC4/i/2WRWAB6po
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/schollz/progressbar/v3 v3.17.1 h1:bI1MTaoQO+v5kzklBjYNRQLoVpe0zbyRZNK6DFkVC5U=
 github.com/schollz/progressbar/v3 v3.17.1/go.mod h1:RzqpnsPQNjUyIgdglUjRLgD7sVnxN1wpmBMV+UiEbL4=
+github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
+github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 h1:n661drycOFuPLCN3Uc8sB6B/s6Z4t2xvBgU1htSHuq8=
 github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3/go.mod h1:A0bzQcvG0E7Rwjx0REVgAGH58e96+X0MeOfepqsbeW4=
 github.com/skeema/knownhosts v1.3.0 h1:AM+y0rI04VksttfwjkSTNQorvGqmwATnvnAHpSgc0LY=

internal/cli/apps.go

@@ -2,6 +2,7 @@ package cli
 
 import (
 	"context"
+	"encoding/json"
 	"errors"
 	"fmt"
 	"slices"
@@ -134,6 +135,12 @@ var (
 		ShortForm: "n",
 		Help:      "Number of apps to retrieve. Minimum 1, maximum 1000.",
 	}
+	refreshToken = Flag{
+		Name:      "Refresh Token",
+		LongForm:  "refresh-token",
+		ShortForm: "z",
+		Help:      "Refresh Token Config for the application, formatted as JSON.",
+	}
 )
 
 func appsCmd(cli *cli) *cobra.Command {
@@ -384,6 +391,7 @@ func createAppCmd(cli *cli) *cobra.Command {
 		Grants            []string
 		RevealSecrets     bool
 		Metadata          map[string]string
+		RefreshToken      string
 	}
 	var oidcConformant = true
 	var algorithm = "RS256"
@@ -484,6 +492,12 @@ func createAppCmd(cli *cli) *cobra.Command {
 				ClientMetadata:    &clientMetadata,
 			}
 
+			if len(inputs.RefreshToken) != 0 {
+				if err := json.Unmarshal([]byte(inputs.RefreshToken), &a.RefreshToken); err != nil {
+					return fmt.Errorf("apps: %s refreshToken invalid JSON", err)
+				}
+			}
+
 			// Set token endpoint auth method.
 			if len(inputs.AuthMethod) == 0 {
 				a.TokenEndpointAuthMethod = apiDefaultAuthMethodFor(inputs.Type)
@@ -527,6 +541,7 @@ func createAppCmd(cli *cli) *cobra.Command {
 	appAuthMethod.RegisterString(cmd, &inputs.AuthMethod, "")
 	appGrants.RegisterStringSlice(cmd, &inputs.Grants, nil)
 	revealSecrets.RegisterBool(cmd, &inputs.RevealSecrets, false)
+	refreshToken.RegisterString(cmd, &inputs.RefreshToken, "")
 
 	return cmd
 }
@@ -545,6 +560,7 @@ func updateAppCmd(cli *cli) *cobra.Command {
 		Grants            []string
 		RevealSecrets     bool
 		Metadata          map[string]string
+		RefreshToken      string
 	}
 
 	cmd := &cobra.Command{
@@ -722,6 +738,14 @@ func updateAppCmd(cli *cli) *cobra.Command {
 				a.ClientMetadata = &clientMetadata
 			}
 
+			if len(inputs.RefreshToken) == 0 {
+				a.RefreshToken = current.RefreshToken
+			} else {
+				if err := json.Unmarshal([]byte(inputs.RefreshToken), &a.RefreshToken); err != nil {
+					return fmt.Errorf("apps: %s refreshToken invalid JSON", err)
+				}
+			}
+
 			if err := ansi.Waiting(func() error {
 				return cli.api.Client.Update(cmd.Context(), inputs.ID, a)
 			}); err != nil {
@@ -746,6 +770,7 @@ func updateAppCmd(cli *cli) *cobra.Command {
 	appAuthMethod.RegisterStringU(cmd, &inputs.AuthMethod, "")
 	appGrants.RegisterStringSliceU(cmd, &inputs.Grants, nil)
 	revealSecrets.RegisterBool(cmd, &inputs.RevealSecrets, false)
+	refreshToken.RegisterString(cmd, &inputs.RefreshToken, "")
 
 	return cmd
 }

internal/display/apps.go

@@ -1,6 +1,7 @@
 package display
 
 import (
+	"encoding/json"
 	"fmt"
 	"strings"
 
@@ -35,6 +36,7 @@ type applicationView struct {
 	AuthMethod        string
 	Grants            []string
 	Metadata          []string
+	RefreshToken      string
 	revealSecret      bool
 
 	raw interface{}
@@ -85,6 +87,7 @@ func (v *applicationView) KeyValues() [][]string {
 			{"TOKEN ENDPOINT AUTH", v.AuthMethod},
 			{"GRANTS", grants},
 			{"METADATA", metadata},
+			{"REFRESH TOKEN", v.RefreshToken},
 		}
 	}
 
@@ -100,6 +103,7 @@ func (v *applicationView) KeyValues() [][]string {
 		{"TOKEN ENDPOINT AUTH", v.AuthMethod},
 		{"GRANTS", grants},
 		{"METADATA", metadata},
+		{"REFRESH TOKEN", v.RefreshToken},
 	}
 }
 
@@ -167,6 +171,8 @@ func (r *Renderer) ApplicationUpdate(client *management.Client, revealSecrets bo
 }
 
 func makeApplicationView(client *management.Client, revealSecrets bool) *applicationView {
+	jsonRefreshToken, _ := json.Marshal(client.GetRefreshToken())
+
 	return &applicationView{
 		revealSecret:      revealSecrets,
 		Name:              client.GetName(),
@@ -182,6 +188,7 @@ func makeApplicationView(client *management.Client, revealSecrets bool) *applica
 		Grants:            client.GetGrantTypes(),
 		Metadata:          mapPointerToArray(client.ClientMetadata),
 		raw:               client,
+		RefreshToken:      string(jsonRefreshToken),
 	}
 }