Add AttackProtectionManager.js with 3 APIs (#705)

Add attack-protection.tests.js
auth0 · Feb 1, 2022 · 9986bad · 9986bad
1 parent 072dd4a
commit 9986bad
Show file tree

Hide file tree

Showing 3 changed files with 733 additions and 0 deletions.
diff --git a/src/management/AttackProtectionManager.js b/src/management/AttackProtectionManager.js
@@ -0,0 +1,199 @@
+const ArgumentError = require('rest-facade').ArgumentError;
+const Auth0RestClient = require('../Auth0RestClient');
+const RetryRestClient = require('../RetryRestClient');
+
+/**
+ * Simple facade for consuming a REST API endpoint.
+ * @external RestClient
+ * @see https://github.com/ngonzalvez/rest-facade
+ */
+
+class AttackProtectionManager {
+  /**
+   * @class
+   * Abstracts interaction with the attack-protection endpoints.
+   * @constructor
+   *
+   * @param {Object} options                 The client options.
+   * @param {String} options.baseUrl         The URL of the API.
+   * @param {Object} [options.headers]       Headers to be included in all requests.
+   * @param {Object} [options.retry]         Retry Policy Config
+   * @param {Object} [options.tokenProvider] Management API Token Provider
+   */
+  constructor(options) {
+    if (options === null || typeof options !== 'object') {
+      throw new ArgumentError('Must provide manager options');
+    }
+
+    if (options.baseUrl === null || options.baseUrl === undefined) {
+      throw new ArgumentError('Must provide a base URL for the API');
+    }
+
+    if ('string' !== typeof options.baseUrl || options.baseUrl.length === 0) {
+      throw new ArgumentError('The provided base URL is invalid');
+    }
+
+    const clientOptions = {
+      errorFormatter: { message: 'message', name: 'error' },
+      headers: options.headers,
+      query: { repeatParams: false },
+    };
+
+    const bruteForceProtection = new Auth0RestClient(
+      `${options.baseUrl}/attack-protection/brute-force-protection`,
+      clientOptions,
+      options.tokenProvider
+    );
+    this.bruteForceProtection = new RetryRestClient(bruteForceProtection, options.retry);
+
+    const suspiciousIpThrottling = new Auth0RestClient(
+      `${options.baseUrl}/attack-protection/suspicious-ip-throttling`,
+      clientOptions,
+      options.tokenProvider
+    );
+    this.suspiciousIpThrottling = new RetryRestClient(suspiciousIpThrottling, options.retry);
+
+    const breachedPasswordDetection = new Auth0RestClient(
+      `${options.baseUrl}/attack-protection/breached-password-detection`,
+      clientOptions,
+      options.tokenProvider
+    );
+    this.breachedPasswordDetection = new RetryRestClient(breachedPasswordDetection, options.retry);
+  }
+
+  /**
+   * Get the Brute Force Protection configuration.
+   *
+   * @example
+   * management.attackProtection.getBruteForceConfig(params, function (err, bruteForceConfig) {
+   *   if (err) {
+   *     // Handle error.
+   *   }
+   *
+   *   // Brute force config
+   *   console.log(bruteForceConfig);
+   * });
+   *
+   * @param   {Object}    params            Brute force parameters (leave empty).
+   * @param   {Function}  [cb]              Callback function.
+   *
+   * @return    {Promise|undefined}
+   */
+  getBruteForceConfig(...args) {
+    return this.bruteForceProtection.get(...args);
+  }
+
+  /**
+   * Update the Brute Force Protection configuration.
+   *
+   * @example
+   * management.attackProtection.updateBruteForceConfig(params, data, function (err, bruteForceConfig) {
+   *   if (err) {
+   *     // Handle error.
+   *   }
+   *
+   *   // Brute force config
+   *   console.log(bruteForceConfig);
+   * });
+   *
+   * @param   {Object}    params            Brute force parameters (leave empty).
+   * @param   {Object}    data              Updated brute force configuration.
+   * @param   {Function}  [cb]              Callback function.
+   *
+   * @return    {Promise|undefined}
+   */
+  updateBruteForceConfig(...args) {
+    return this.bruteForceProtection.patch(...args);
+  }
+
+  /**
+   * Get the Suspicious IP Throttling configuration.
+   *
+   * @example
+   * management.attackProtection.getSuspiciousIpThrottlingConfig(params, function (err, suspiciousIpThrottlingConfig) {
+   *   if (err) {
+   *     // Handle error.
+   *   }
+   *
+   *   // Access suspicious IP throttling configuration
+   *   console.log(suspiciousIpThrottlingConfig);
+   * });
+   *
+   * @param   {Object}    params            Suspicious IP throttling parameters (leave empty).
+   * @param   {Function}  [cb]              Callback function.
+   *
+   * @return    {Promise|undefined}
+   */
+  getSuspiciousIpThrottlingConfig(...args) {
+    return this.suspiciousIpThrottling.get(...args);
+  }
+
+  /**
+   * Update the Suspicious IP Throttling configuration.
+   *
+   * @example
+   * management.attackProtection.updateSuspiciousIpThrottlingConfig(params, data, function (err, suspiciousIpThrottlingConfig) {
+   *   if (err) {
+   *     // Handle error.
+   *   }
+   *
+   *   // Access suspicious IP throttling configuration
+   *   console.log(suspiciousIpThrottlingConfig);
+   * });
+   *
+   * @param   {Object}    params            Suspicious IP throttling parameters (leave empty).
+   * @param   {Object}    data              Updated suspicious IP throttling configuration.
+   * @param   {Function}  [cb]              Callback function.
+   *
+   * @return    {Promise|undefined}
+   */
+  updateSuspiciousIpThrottlingConfig(...args) {
+    return this.suspiciousIpThrottling.patch(...args);
+  }
+
+  /**
+   * Get the Breached Password Detection configuration.
+   *
+   * @example
+   * management.attackProtection.getBreachedPasswordDetectionConfig(params, function (err, breachedPasswordDetectionConfig) {
+   *   if (err) {
+   *     // Handle error.
+   *   }
+   *
+   *   // Access breached password detection configuration
+   *   console.log(breachedPasswordDetectionConfig);
+   * });
+   *
+   * @param   {Object}    params            Breached password detection parameters (leave empty).
+   * @param   {Function}  [cb]              Callback function.
+   *
+   * @return    {Promise|undefined}
+   */
+  getBreachedPasswordDetectionConfig(...args) {
+    return this.breachedPasswordDetection.get(...args);
+  }
+
+  /**
+   * Update the breached password detection configuration.
+   *
+   * @example
+   * management.attackProtection.updateBreachedPasswordDetectionConfig(params, data, function (err, breachedPasswordDetectionConfig) {
+   *   if (err) {
+   *     // Handle error.
+   *   }
+   *
+   *   // Access breached password detection configuration
+   *   console.log(breachedPasswordDetectionConfig);
+   * });
+   *
+   * @param   {Object}    params            Breached password detection parameters (leave empty).
+   * @param   {Object}    data              Updated breached password detection configuration.
+   * @param   {Function}  [cb]              Callback function.
+   *
+   * @return    {Promise|undefined}
+   */
+  updateBreachedPasswordDetectionConfig(...args) {
+    return this.breachedPasswordDetection.patch(...args);
+  }
+}
+module.exports = AttackProtectionManager;
diff --git a/src/management/index.js b/src/management/index.js
@@ -10,6 +10,7 @@ const GrantsManager = require('./GrantsManager');
 const UsersManager = require('./UsersManager');
 const UserBlocksManager = require('./UserBlocksManager');
 const ConnectionsManager = require('./ConnectionsManager');
+const AttackProtectionManager = require('./AttackProtectionManager');
 const BlacklistedTokensManager = require('./BlacklistedTokensManager');
 const RulesManager = require('./RulesManager');
 const DeviceCredentialsManager = require('./DeviceCredentialsManager');
@@ -360,6 +361,13 @@ class ManagementClient {
      * @type {OrganizationsManager}
      */
     this.organizations = new OrganizationsManager(managerOptions);
+
+    /**
+     * Attack Protection Manager
+     *
+     * @type {AttackProtectionManager}
+     */
+    this.attackProtection = new AttackProtectionManager(managerOptions);
   }
 
   /**