Update module github.com/descope/go-sdk to v1.6.2

[descope]

This PR contains the following updates:

Package	Type	Update	Change
github.com/descope/go-sdk	require	minor	v1.5.7 -> v1.6.2

---

Release Notes

descope/go-sdk (github.com/descope/go-sdk)

v1.6.2

Compare Source

Breaking changes

• Import/export project function rename: We removed the 'Raw' naming from project import/export functions:
  • Management.Project().ExportRaw(...) >> Management.Project().Export(...)
  • Management.Project().ImportRaw(...) >> Management.Project().Import(...)
    Notice that this update does break compilation.
• Set an active password for a user: You can set a new active password for a user, with the SetActivePassword function , which they can then use to sign in. It will be applied with the project's password expiration settings, after which the user will have to update it to their own.
  Notice that we deprecated the SetPassword function, and now offer a SetTemporaryPassword function instead. The functionality is the same as before (automatically expires the password, making the user reset it upon first authentication) - we just wanted to make sure it's clearer!
• Sign Up Or In with OAuth: We deprecated the Start OAuth function and now offer a SignUpOrIn function instead. The functionality is the same as before (initiation of an OAuth authentication), but we wanted it to align with the rest of our product and documentation.

Enhancements

• Associate an access key with a specific user: We've added the userId parameter to the access key Create function, so that upon creation that key will be associated with the user. This means that if the user's status is change (for example - the user is disabled) - then the access key's status changes accordingly (gets deactivated).
• Tenant-level roles: Tenants can require having their own set of roles on top of the default roles provided in your application. For that, we enhanced existing roles function (Create, Update, Delete) to support association with a specific tenantId.
• User impersonation: Using the Impersonate function, you can decide which user you would want to temporarily sign in on behalf of. Please make sure to read our SDK's README on impersonation, as well as our KB article on the topic to fully understand this feature and how to securely use it.
• User session history: With the new History function (available both for an authenticated user as well as through management functions) - you can fetch information about the user's authentication history. Read our example of retrieving an authenticated user's history in the SDK's README.
• Disable JIT provisioning: In case you have an external method for provisioning and mapping of user information, and you're not interested in using Descope as that source of truth - you can choose to disable the JIT built-in functionality that is offered OOTB when configuring a tenant's SSO using the JITDisabled parameter.
• Configurable default request timeout: We've increased our default request timeout from 10 to 60 seconds, and have also made it configurable using the Timeout parameter in the Client object.

v1.6.1

Compare Source

Breaking changes

• Support multiple domains for tenant: There's an option to automatically associated a user to a tenant based on the user's email domain. Sometimes the same tenant can 'accept' multiple domains - so that's supported now!
  Please notice that this breaks compilation - considering this value is now an array and not a string.
• CloneProject response removed: We understood that the project information that currently returned in the CloneProject function is redundant, and that it should be removed (and if it's needed - the ExportProject function will do).
  This change breaks compilation - since there's no response from the function now.
• Support PBKDF2 encoding: Some systems encode passwords with the PBKDF2 hashing mechanism, so we added support for importing those hashes into Descope using the InviteBatch function. See the example in the SDK's README.
  Notice that this update does break compilation.
• Use external information in email/text message templates: Just like custom flow inputs, you can now provide custom template inputs that can be added to the email/text message template upon runtime. For example, you can choose to pass the user's IP into the template, to present upon verification.
  Considering the various functions involved (such as SignUp) include another parameter - compilation will break.

Enhancements

• 😮 Tenant SSO - supporting SAML and OIDC: We've recently expanded our tenant SSO support to both SAML and OIDC configurations, so we created a set of generic SSO commands that replace the existing SAML ones.
  Using the dedicated SSOSAMLSettings, SSOSAMLSettingsByMetadata and SSOOIDCSettings objects, along with their matching functions, you can define a tenant's SSO configuration settings.
  This also means that dedicated SAML authentication commands are now deprecated, and we encourage you to update your code to use the new commands:
  • SAML.ExchangeToken >> SSO.ExchangeToken
  • SAML.Start >> SSO.Start
  • GetSettings >> LoadSettings
  • ConfigureSettings >> ConfigureSAMLSettings
  • ConfigureMetadata >> ConfigureSAMLSettingsByMetadata
• Applications management: Applications, also known as SSO Applications, are used to integrate with an application using SAML or OIDC. Under the SSOApplication object, you can find an option to create, load, update and delete applications in a specific project. Find out more about applications in our documentation.
• Associate an application to a user: You can decide to associate one or more application to a user, thus controlling which of your users has access to those apps. If the user doesn't have access - no JWT will be generated and the authentication to that application will fail.
• Tenant level settings: We've exposed some session management configurations, as well as password policy configurations, to be set on the tenant's level. Just like the console support - we also configuration of those tenant level settings via the SDK.
• Delete a flow: Using the DeleteFlows function, you can delete one or more flows.
• Free search and sorting in users: Two new parameters were added to the SearchAll users function: text will allow searching any text value in all user attributes; sort will allow sorting the returned values alphabetically by attribute name.
• Get recent changes in Authz schema definition: We added the GetModified authz function, to be able to understand which new targets and resources were created or updated since a certain time.

Bug fixes

• Expose missing functionalities when testing users: The MethodEmbedded parameter and the loginOptions function were not exposed for usage when using test users, so we fixed it.
• README fixes: Some updates to the README were made to clarify some of the explanations there.

v1.6.0

Compare Source

Breaking changes

• Certificate verification configuration: We've externalized the certificate verification configuration, so that the Descoper can decide whether to verify the server certificate or not. The CertificateVerify parameter has 3 modes: CertificateVerifyAutomatic (default - skip only when base URL is overridden, like when setting to localhost or using a port), CertificateVerifyAlways and CertificateVerifyNever.
  Please notice that this will break your application in case it uses a non-valid TLS certificate, and so migration should be tested carefully.
• Support context: Added the ability to work with context, in all authentication methods and management functions.
  Please notice that this breaks compilation of all the related functions.
• Appending user login IDs: We've added the option to assign multiple login IDs to a user, using the AdditionalLoginIDs attribute, upon creation and/or invitation of the user.
  Please notice that this breaks compilation of the following user functions: Create, CreateTestUser, Invite.

Enhancements

• First, middle and last names of a user: We added system attributes for first (GivenName), middle (MiddleName) and last (FamilyName) of a user.
• Delete a project: Added the Delete function for projects.
• Check roles or permissions of a user: Check if the user has at least one of the roles in a provided list, using the GetMatchedRoles function. This also applies for checking permissions (GetMatchedPermissions), and also for checking the existence on a project level and a specific tenant level (GetMatchedTenantRoles , GetMatchedTenantPermissions).
• Set the user's roles: We now support the option to set an existing user's roles. Instead of fetching existing roles, removing all of them and adding new ones 'from scratch' - use the SetRoles user function.
• Delete a user by its userId: Support to delete a user by its userId property, using the new DeleteByUserID function.
• Remove a user's passkey login IDs: Using the userRemoveAllPasskeys management function, the Descoper can decide to remove all passkeys associated with a specific user.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.