From b542b225506cc06a370ac58f158ffa909117f395 Mon Sep 17 00:00:00 2001
From: Vanessa Burroughs <vanessa.burroughs@passage.id>
Date: Wed, 6 Dec 2023 11:11:41 -0600
Subject: [PATCH 1/4] Maintain use of signout function instead of
 revoke_user_token

---
 docs/custom/AuthApi.md      | 38 ++++++++++++++--------------
 docs/custom/UserApi.md      | 49 +++++++++++++++++++++++++++++++++++++
 lib/passageidentity/auth.rb | 14 -----------
 3 files changed, 68 insertions(+), 33 deletions(-)

diff --git a/docs/custom/AuthApi.md b/docs/custom/AuthApi.md
index a95789f..1259744 100644
--- a/docs/custom/AuthApi.md
+++ b/docs/custom/AuthApi.md
@@ -2,19 +2,22 @@
 
 All URIs are relative to *https://api.passage.id/v1*
 
-| Method | HTTP request | Description |
-| ------ | ------------ | ----------- |
-| [**revoke_user_refresh_tokens**](TokensApi.md#revoke_user_refresh_tokens) | **DELETE** /apps/{app_id}/users/{user_id}/tokens | **Deprecated:** Revokes refresh tokens |
-| [**validate_jwt**](TokensApi.md#validate_jwt) | n/a | Validates jwt token
+| Method | Description |
+| ------ | ----------- |
+| [**authenticate_request**](TokensApi.md#revoke_user_refresh_tokens) |  **Deprecated:** Revokes refresh tokens |
+| [**validate_jwt**](TokensApi.md#validate_jwt) |  Validates jwt token
 
 
-## revoke_user_refresh_tokens
 
-> revoke_user_refresh_tokens(user_id)
+---
+
+## authenticate_request (deprecated)
 
-Revokes refresh tokens
+> authenticate_request(request)
 
-Revokes all refresh tokens for a user
+Validates that request has the correct jwt token
+
+Validates that request has the correct jwt token
 
 ### Examples
 
@@ -24,40 +27,37 @@ require 'passageidentity'
 class ApplicationController < ActionController::Base
     PassageClient = Passage::Client.new(app_id: PASSAGE_APP_ID, api_key: PASSAGE_API_KEY)
 
-  def revoke_passage_user_tokens!
+  def authorize!
     begin
-        # tokens are revoked
-        revoke = PassageClient.auth.revoke_user_refresh_tokens(USER_ID)
+      request.to_hash()
+      @user_id = Passage.auth.authenticate_request(request)
+      session[:psg_user_id] = @user_id
     rescue Exception => e
-        # handle exception (user is not authorized)
+      # unauthorized
+      redirect_to "/unauthorized"
     end
   end
 end
 ```
 
-
 ### Parameters
 
 | Name | Type | Description | Notes |
 | ---- | ---- | ----------- | ----- |
-| **user_id** | **String** | User ID |  |
+| **request** | **RequestObject** | request |  |
 
 ### Return type
 
-bool
+[**UserInfo**](UserInfo.md)
 
 ### Authorization
 
 [bearerAuth](../README.md#bearerAuth)
 
-### HTTP request headers
 
-- **Content-Type**: Not defined
-- **Accept**: application/json
 
 ---
 
-
 ## validate_jwt
 
 > validate_jwt(token)
diff --git a/docs/custom/UserApi.md b/docs/custom/UserApi.md
index 046182f..33e58e6 100644
--- a/docs/custom/UserApi.md
+++ b/docs/custom/UserApi.md
@@ -12,6 +12,7 @@ All URIs are relative to *https://api.passage.id/v1*
 | [**update**](UsersApi.md#update) | **PATCH** /apps/{app_id}/users/{user_id} | Update User |
 | [**delete_device**](UsersApi.md#delete_device) | **DELETE** /apps/{app_id}/users/{user_id}/devices/{device_id} | Delete a device for a user |
 | [**list_devices**](UsersApi.md#list_devices) | **GET** /apps/{app_id}/users/{user_id}/devices | List User Devices |
+| [**signout**](UsersApi.md#signout) | DELETE /apps/{app_id}/users/{user_id}/tokens | Signout of user |
 
 
 ## activate
@@ -368,3 +369,51 @@ end
 - **Content-Type**: Not defined
 - **Accept**: application/json
 
+---
+
+## signout
+
+> signout(user_id)
+
+Revokes refresh tokens
+
+Revokes all refresh tokens for a user
+
+### Examples
+
+```ruby
+require 'passageidentity'
+
+class ApplicationController < ActionController::Base
+    PassageClient = Passage::Client.new(app_id: PASSAGE_APP_ID, api_key: PASSAGE_API_KEY)
+
+  def revoke_passage_user_tokens!
+    begin
+        # tokens are revoked
+        revoke = PassageClient.auth.signout(USER_ID)
+    rescue Exception => e
+        # handle exception (user is not authorized)
+    end
+  end
+end
+```
+
+
+### Parameters
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **user_id** | **String** | User ID |  |
+
+### Return type
+
+bool
+
+### Authorization
+
+[bearerAuth](../README.md#bearerAuth)
+
+### HTTP request headers
+
+- **Content-Type**: Not defined
+- **Accept**: application/json
diff --git a/lib/passageidentity/auth.rb b/lib/passageidentity/auth.rb
index c4e4e5c..20afa11 100644
--- a/lib/passageidentity/auth.rb
+++ b/lib/passageidentity/auth.rb
@@ -128,18 +128,4 @@ def authenticate_token(token)
       end
     end
   end
-
-  def revoke_user_refresh_tokens(user_id)
-    begin
-      client = OpenapiClient::TokensApi.new
-      response = client.revoke_user_refresh_tokens(@app_id, user_id)
-      return true
-    rescue Faraday::Error => e
-      raise PassageError.new(
-              message: "failed to revoke user's refresh tokens",
-              status_code: e.response[:status],
-              body: e.response[:body]
-            )
-    end
-  end
 end

From e25e569ef9c845f2eb5c37169b49ea5b42c5083d Mon Sep 17 00:00:00 2001
From: Vanessa Burroughs <vanessa.burroughs@passage.id>
Date: Wed, 6 Dec 2023 12:24:07 -0600
Subject: [PATCH 2/4] Deprecate signout

---
 docs/custom/AuthApi.md          | 48 ++++++++++++++++++++++++++++++---
 docs/custom/UserApi.md          |  2 +-
 lib/passageidentity/auth.rb     |  2 +-
 lib/passageidentity/user_api.rb |  1 +
 4 files changed, 47 insertions(+), 6 deletions(-)

diff --git a/docs/custom/AuthApi.md b/docs/custom/AuthApi.md
index 1259744..1b49c7f 100644
--- a/docs/custom/AuthApi.md
+++ b/docs/custom/AuthApi.md
@@ -5,10 +5,10 @@ All URIs are relative to *https://api.passage.id/v1*
 | Method | Description |
 | ------ | ----------- |
 | [**authenticate_request**](TokensApi.md#revoke_user_refresh_tokens) |  **Deprecated:** Revokes refresh tokens |
+| [**revoke_user_refresh_tokens**](TokensApi.md#revoke_user_refresh_tokens) | Revokes user tokens |
 | [**validate_jwt**](TokensApi.md#validate_jwt) |  Validates jwt token
 
 
-
 ---
 
 ## authenticate_request (deprecated)
@@ -17,7 +17,6 @@ All URIs are relative to *https://api.passage.id/v1*
 
 Validates that request has the correct jwt token
 
-Validates that request has the correct jwt token
 
 ### Examples
 
@@ -55,6 +54,49 @@ end
 [bearerAuth](../README.md#bearerAuth)
 
 
+---
+
+## revoke_user_refresh_tokens()
+
+> revoke_user_refresh_tokens(user_id)
+
+Revokes user tokens
+
+### Examples
+
+```ruby
+require 'passageidentity'
+
+class ApplicationController < ActionController::Base
+    PassageClient = Passage::Client.new(app_id: PASSAGE_APP_ID, api_key: PASSAGE_API_KEY)
+
+  def authorize!
+    begin
+      revoke = PassageClient.auth.revoke_user_refresh_tokens(USER_ID)
+    rescue Exception => e
+      # handle exception (user is not authorized)
+      # unauthorized
+      redirect_to "/unauthorized"
+    end
+  end
+end
+```
+
+### Parameters
+
+| Name | Type | Description | Notes |
+| ---- | ---- | ----------- | ----- |
+| **user_id** | **string** | user id |  |
+
+### Return type
+
+boolean
+
+### Authorization
+
+[bearerAuth](../README.md#bearerAuth)
+
+
 
 ---
 
@@ -62,8 +104,6 @@ end
 
 > validate_jwt(token)
 
-Validates jwt token
-
 Validates jwt token for a user
 
 ### Examples
diff --git a/docs/custom/UserApi.md b/docs/custom/UserApi.md
index 33e58e6..f48f4dd 100644
--- a/docs/custom/UserApi.md
+++ b/docs/custom/UserApi.md
@@ -12,7 +12,7 @@ All URIs are relative to *https://api.passage.id/v1*
 | [**update**](UsersApi.md#update) | **PATCH** /apps/{app_id}/users/{user_id} | Update User |
 | [**delete_device**](UsersApi.md#delete_device) | **DELETE** /apps/{app_id}/users/{user_id}/devices/{device_id} | Delete a device for a user |
 | [**list_devices**](UsersApi.md#list_devices) | **GET** /apps/{app_id}/users/{user_id}/devices | List User Devices |
-| [**signout**](UsersApi.md#signout) | DELETE /apps/{app_id}/users/{user_id}/tokens | Signout of user |
+| [**signout**](UsersApi.md#signout) | DELETE /apps/{app_id}/users/{user_id}/tokens | **Deprecated:** Signout a user |
 
 
 ## activate
diff --git a/lib/passageidentity/auth.rb b/lib/passageidentity/auth.rb
index 20afa11..5685afd 100644
--- a/lib/passageidentity/auth.rb
+++ b/lib/passageidentity/auth.rb
@@ -55,7 +55,7 @@ def fetch_jwks()
     end
 
     def authenticate_request(request)
-      warn "[DEPRECATION] `authenticate_request` is deprecated.  Please use `validate_jwt(token)` instead."
+      warn "[DEPRECATION] `auth.authenticate_request()` is deprecated.  Please use `auth.validate_jwt()` instead."
 
       # Get the token based on the strategy
       if @auth_strategy === Passage::COOKIE_STRATEGY
diff --git a/lib/passageidentity/user_api.rb b/lib/passageidentity/user_api.rb
index e28293a..688f9cd 100644
--- a/lib/passageidentity/user_api.rb
+++ b/lib/passageidentity/user_api.rb
@@ -189,6 +189,7 @@ def list_devices(user_id:)
     end
 
     def signout(user_id:)
+      warn "[DEPRECATION] `user.signout()` is deprecated.  Please use `auth.revoke_user_refresh_tokens()` instead."
       user_exists?(user_id)
       begin
         tokens_client = OpenapiClient::TokensApi.new

From 9566f72d77c92c7efc5b3f0eca035a5e7fb596e6 Mon Sep 17 00:00:00 2001
From: Vanessa Burroughs <vanessa.burroughs@passage.id>
Date: Wed, 6 Dec 2023 12:26:54 -0600
Subject: [PATCH 3/4] Add revoke_user_refresh_tokens function

---
 lib/passageidentity/auth.rb | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/lib/passageidentity/auth.rb b/lib/passageidentity/auth.rb
index 5685afd..d3571ee 100644
--- a/lib/passageidentity/auth.rb
+++ b/lib/passageidentity/auth.rb
@@ -127,5 +127,19 @@ def authenticate_token(token)
         raise PassageError.new(message: e.message)
       end
     end
+
+    def revoke_user_refresh_tokens(user_id)
+      begin
+        client = OpenapiClient::TokensApi.new
+        response = client.revoke_user_refresh_tokens(@app_id, user_id)
+        return true
+      rescue Faraday::Error => e
+        raise PassageError.new(
+                message: "failed to revoke user's refresh tokens",
+                status_code: e.response[:status],
+                body: e.response[:body]
+              )
+      end
+    end
   end
 end

From e9d7bce65f796e3b96c95e78f29c148a969cdcf8 Mon Sep 17 00:00:00 2001
From: Vanessa Burroughs <vanessa.burroughs@passage.id>
Date: Wed, 6 Dec 2023 12:30:00 -0600
Subject: [PATCH 4/4] Update hyperlink

---
 docs/custom/AuthApi.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/docs/custom/AuthApi.md b/docs/custom/AuthApi.md
index 1b49c7f..a65d9c5 100644
--- a/docs/custom/AuthApi.md
+++ b/docs/custom/AuthApi.md
@@ -4,9 +4,9 @@ All URIs are relative to *https://api.passage.id/v1*
 
 | Method | Description |
 | ------ | ----------- |
-| [**authenticate_request**](TokensApi.md#revoke_user_refresh_tokens) |  **Deprecated:** Revokes refresh tokens |
-| [**revoke_user_refresh_tokens**](TokensApi.md#revoke_user_refresh_tokens) | Revokes user tokens |
-| [**validate_jwt**](TokensApi.md#validate_jwt) |  Validates jwt token
+| [**authenticate_request**](AuthApi.md#authenticate_request) |  **Deprecated:** Revokes refresh tokens |
+| [**revoke_user_refresh_tokens**](AuthApi.md#revoke_user_refresh_tokens) | Revokes user tokens |
+| [**validate_jwt**](AuthApi.md#validate_jwt) |  Validates jwt token
 
 
 ---