feat(Management): Add support for client credentials endpoints (#700)

Author: Evan Sims

src/API/Management/Clients.php

@@ -112,4 +112,86 @@ public function delete(
             withOptions($options)->
             call();
     }
+
+    public function createCredentials(
+        string $clientId,
+        array $body,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$clientId] = Toolkit::filter([$clientId])->string()->trim();
+        [$body] = Toolkit::filter([$body])->array()->trim();
+
+        Toolkit::assert([
+            [$clientId, \Auth0\SDK\Exception\ArgumentException::missing('clientId')],
+        ])->isString();
+
+        /** @var array<mixed> $body */
+
+        return $this->getHttpClient()->
+            method('post')->
+            addPath('clients', $clientId, 'credentials')->
+            withBody((object) $body)->
+            withOptions($options)->
+            call();
+    }
+
+    public function getCredentials(
+        string $clientId,
+        ?array $parameters = null,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$clientId] = Toolkit::filter([$clientId])->string()->trim();
+        [$parameters] = Toolkit::filter([$parameters])->array()->trim();
+
+        Toolkit::assert([
+            [$clientId, \Auth0\SDK\Exception\ArgumentException::missing('clientId')],
+        ])->isString();
+
+        /** @var array<int|string|null> $parameters */
+
+        return $this->getHttpClient()->
+            method('get')->
+            addPath('clients', $clientId, 'credentials')->
+            withParams($parameters)->
+            withOptions($options)->
+            call();
+    }
+
+    public function getCredential(
+        string $clientId,
+        string $credentialId,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$clientId, $credentialId] = Toolkit::filter([$clientId, $credentialId])->string()->trim();
+
+        Toolkit::assert([
+            [$clientId, \Auth0\SDK\Exception\ArgumentException::missing('clientId')],
+            [$credentialId, \Auth0\SDK\Exception\ArgumentException::missing('credentialId')],
+        ])->isString();
+
+        return $this->getHttpClient()->
+            method('get')->
+            addPath('clients', $clientId, 'credentials', $credentialId)->
+            withOptions($options)->
+            call();
+    }
+
+    public function deleteCredential(
+        string $clientId,
+        string $credentialId,
+        ?RequestOptions $options = null,
+    ): ResponseInterface {
+        [$clientId, $credentialId] = Toolkit::filter([$clientId, $credentialId])->string()->trim();
+
+        Toolkit::assert([
+            [$clientId, \Auth0\SDK\Exception\ArgumentException::missing('clientId')],
+            [$credentialId, \Auth0\SDK\Exception\ArgumentException::missing('credentialId')],
+        ])->isString();
+
+        return $this->getHttpClient()->
+            method('delete')->
+            addPath('clients', $clientId, 'credentials', $credentialId)->
+            withOptions($options)->
+            call();
+    }
 }

src/Contract/API/Management/ClientsInterface.php

@@ -105,4 +105,75 @@ public function delete(
         string $id,
         ?RequestOptions $options = null,
     ): ResponseInterface;
+
+    /**
+     * Add new credentials to the specified Client.
+     *
+     * @param  string  $clientId Client to add credentials to
+     * @param  array<mixed>  $body  Additional body content to pass with the API request. See @see for supported options.
+     * @param  RequestOptions|null  $options  Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\NetworkException when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Client_Credentials/post_client_credentials
+     */
+    public function createCredentials(
+        string $clientId,
+        array $body,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+
+    /**
+     * Get all credentials from the specified Client.
+     *
+     * @param  string  $clientId  Client to retrieve credentials for
+     * @param  array<int|string|null>|null  $parameters  Optional. Additional query parameters to pass with the API request. See @see for supported options.
+     * @param  RequestOptions|null  $options  Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `clientId` is provided
+     * @throws \Auth0\SDK\Exception\NetworkException when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Client_Credentials/get_client_credentials
+     */
+    public function getCredentials(
+        string $clientId,
+        ?array $parameters = null,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+
+    /**
+     * Get a specific credential from the specified Client.
+     *
+     * @param  string  $clientId  Client to retrieve credential for
+     * @param  string  $credentialId  credential to retrieve
+     * @param  RequestOptions|null  $options  Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `clientId` or `credentialId` are provided
+     * @throws \Auth0\SDK\Exception\NetworkException when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Client_Credentials/get_client_credentials_by_id
+     */
+    public function getCredential(
+        string $clientId,
+        string $credentialId,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
+
+    /**
+     * Delete a credential from the specified Client.
+     *
+     * @param  string  $clientId  client to delete credential for
+     * @param  string  $credentialId  credential to delete
+     * @param  RequestOptions|null  $options  Optional. Additional request options to use, such as a field filtering or pagination. (Not all endpoints support these. See @see for supported options.)
+     *
+     * @throws \Auth0\SDK\Exception\ArgumentException when an invalid `clientId` or `credentialId` are provided
+     * @throws \Auth0\SDK\Exception\NetworkException when the API request fails due to a network error
+     *
+     * @see https://auth0.com/docs/api/management/v2#!/Client_Credentials/delete_client_credentials_by_id
+     */
+    public function deleteCredential(
+        string $clientId,
+        string $credentialId,
+        ?RequestOptions $options = null,
+    ): ResponseInterface;
 }

tests/Unit/API/Management/ClientsTest.php

@@ -2,6 +2,8 @@
 
 declare(strict_types=1);
 
+use Auth0\Tests\Utilities\TokenGenerator;
+
 uses()->group('management', 'management.clients');
 
 beforeEach(function(): void {
@@ -65,3 +67,65 @@
     $this->assertArrayHasKey('name', $body);
     expect($body['name'])->toEqual('__test_new_name__');
 });
+
+test('getCredentials() issues an appropriate request', function(): void {
+    $mockClientId = uniqid();
+    $this->endpoint->getCredentials($mockClientId, ['client_id' => '__test_client_id__', 'app_type' => '__test_app_type__']);
+
+    expect($this->api->getRequestMethod())->toEqual('GET');
+    expect($this->api->getRequestUrl())->toStartWith('https://' . $this->api->mock()->getConfiguration()->getDomain() . '/api/v2/clients/' . $mockClientId . '/credentials');
+
+    $query = $this->api->getRequestQuery();
+    expect($query)->toContain('&client_id=__test_client_id__&app_type=__test_app_type__');
+});
+
+test('getCredential() issues an appropriate request', function(): void {
+    $mockClientId = uniqid();
+    $mockCredentialId = uniqid();
+    $this->endpoint->getCredential($mockClientId, $mockCredentialId);
+
+    expect($this->api->getRequestMethod())->toEqual('GET');
+    expect($this->api->getRequestUrl())->toStartWith('https://' . $this->api->mock()->getConfiguration()->getDomain() . '/api/v2/clients/' . $mockClientId . '/credentials/' . $mockCredentialId);
+});
+
+test('deleteCredential() issues an appropriate request', function(): void {
+    $mockClientId = uniqid();
+    $mockCredentialId = uniqid();
+    $this->endpoint->deleteCredential($mockClientId, $mockCredentialId);
+
+    expect($this->api->getRequestMethod())->toEqual('DELETE');
+    expect($this->api->getRequestUrl())->toEndWith('/api/v2/clients/' . $mockClientId . '/credentials/' . $mockCredentialId);
+});
+
+test('createCredentials() issues an appropriate request', function(): void {
+    $mockCertificate = TokenGenerator::generateRsaKeyPair();
+    $mockClientId = uniqid();
+    $mockRequestBody = [
+        [
+            'credential_type' => 'public_key',
+            'name' => 'my pub key',
+            'pem' => $mockCertificate['cert'],
+        ]
+    ];
+
+    $this->endpoint->createCredentials($mockClientId, $mockRequestBody);
+
+    expect($this->api->getRequestMethod())->toEqual('POST');
+    expect($this->api->getRequestUrl())->toEndWith('/api/v2/clients/' . $mockClientId . '/credentials');
+
+    $body = $this->api->getRequestBody();
+
+    expect($body)
+        ->toBeArray()
+        ->toHaveCount(1);
+
+    expect($body[0])
+        ->toBeArray()
+        ->toHaveKeys(['credential_type', 'name', 'pem'])
+        ->credential_type->toEqual('public_key')
+        ->name->toEqual('my pub key')
+        ->pem->toEqual($mockCertificate['cert']);
+
+    $body = $this->api->getRequestBodyAsString();
+    expect($body)->toEqual(json_encode((object) $mockRequestBody));
+});