Merge branch 'master' into Remove-Semgrep-GHA-non-EMU

Author: tanya732

.github/actions/maven-publish/action.yml

@@ -36,7 +36,7 @@ runs:
 
     - name: Publish Android/Java Packages to Maven
       shell: bash
-      run: ./gradlew publishToSonatype closeAndReleaseSonatypeStagingRepository --stacktrace
+      run: ./gradlew publishToSonatype closeSonatypeStagingRepository -PisSnapshot=false --stacktrace
       env:
         JAVA_HOME: ${{ env.JAVA_HOME }}
         MAVEN_USERNAME: ${{ inputs.ossr-username }}

.version

@@ -1 +1 @@
-2.23.0
+2.24.0

CHANGELOG.md

@@ -1,12 +1,19 @@
 # Change Log
 
-## [2.23.0](https://github.com/auth0/auth0-java/tree/2.23.0) (2025-07-21)
+## [2.24.0](https://github.com/auth0/auth0-java/tree/2.24.0) (2025-08-22)
+[Full Changelog](https://github.com/auth0/auth0-java/compare/2.23.0...2.24.0)
+
+**Added**
+- Update Readme and Examples [\#752](https://github.com/auth0/auth0-java/pull/752) ([tanya732](https://github.com/tanya732))
+- Customize management api token provider [\#748](https://github.com/auth0/auth0-java/pull/748) ([tanya732](https://github.com/tanya732))
+- Joaosoumoreira/add method to enroll email mfa [\#744](https://github.com/auth0/auth0-java/pull/744) ([tanya732](https://github.com/tanya732))
+
+## [2.23.0](https://github.com/auth0/auth0-java/tree/2.23.0) (2025-08-05)
 [Full Changelog](https://github.com/auth0/auth0-java/compare/2.22.0...2.23.0)
 
 **Added**
+- Added support for Tenant ACL [\#723](https://github.com/auth0/auth0-java/pull/723) ([tanya732](https://github.com/tanya732))
 - Added organization support for Change Password [\#726](https://github.com/auth0/auth0-java/pull/726) ([tanya732](https://github.com/tanya732))
-
-**Fixed**
 - Fix: Resource Server Scopes [\#725](https://github.com/auth0/auth0-java/pull/725) ([tanya732](https://github.com/tanya732))
 
 ## [2.22.0](https://github.com/auth0/auth0-java/tree/2.22.0) (2025-06-20)

EXAMPLES.md

@@ -38,9 +38,22 @@ AuthAPI auth = AuthAPI.newBuilder("DOMAIN", "CLIENT-ID", "CLIENT-SECRET")
         .withHttpClient(client)
         .build();
 
+```
+
+```java
+
 ManagementAPI mgmt = ManagementAPI.newBuilder("DOMAIN", "API-TOKEN")
         .withHttpClient(client)
         .build();
+
+// OR
+
+TokenProvider tokenProvider = SimpleTokenProvider.create("API-TOKEN");
+
+ManagementAPI mgmt = ManagementAPI.newBuilder("DOMAIN", tokenProvider)
+        .withHttpClient(client)
+        .build();
+
 ```
 
 If the `DefaultHttpClient` does not support your required networking client configuration, you may choose to implement

README.md

@@ -34,14 +34,14 @@ Add the dependency via Maven:
 <dependency>
   <groupId>com.auth0</groupId>
   <artifactId>auth0</artifactId>
-  <version>2.23.0</version>
+  <version>2.24.0</version>
 </dependency>
 ```
 
 or Gradle:
 
 ```gradle
-implementation 'com.auth0:auth0:2.23.0'
+implementation 'com.auth0:auth0:2.24.0'
 ```
 
 ### Configure the SDK
@@ -66,6 +66,15 @@ Create a `ManagementAPI` instance by providing the domain from the [Application
 ManagementAPI mgmt = ManagementAPI.newBuilder("{YOUR_DOMAIN}", "{YOUR_API_TOKEN}").build();
 ```
 
+OR
+
+Create a `ManagementAPI` instance by providing the domain from the [Application dashboard](https://manage.auth0.com/#/applications) and Token Provider.
+
+```java
+TokenProvider tokenProvider = SimpleTokenProvider.create("{YOUR_API_TOKEN}");
+ManagementAPI mgmt = ManagementAPI.newBuilder("{YOUR_DOMAIN}", TokenProvider).build();
+```
+
 The Management API is organized by entities represented by the Auth0 Management API objects.
 
 ```java

gradle/maven-publish.gradle

@@ -28,15 +28,15 @@ artifacts {
 publishing {
   publications {
     mavenJava(MavenPublication) {
+      from components.java
+
+      artifact sourcesJar
+      artifact javadocJar
 
       groupId = GROUP
       artifactId = POM_ARTIFACT_ID
       version = getVersionName()
 
-      artifact("$buildDir/libs/${project.name}-${version}.jar")
-      artifact sourcesJar
-      artifact javadocJar
-
       pom {
         name = POM_NAME
         packaging = POM_PACKAGING

src/main/java/com/auth0/client/auth/AuthAPI.java

@@ -251,7 +251,7 @@ public Request<BackChannelAuthorizeResponse> authorizeBackChannel(String scope,
             request.addParameter(KEY_AUDIENCE, audience);
         }
         if(Objects.nonNull(requestExpiry)){
-            request.addParameter("request_expiry", requestExpiry);
+            request.addParameter("requested_expiry", requestExpiry);
         }
 
         try {
@@ -1395,6 +1395,27 @@ public Request<CreatedOtpResponse> addOtpAuthenticator(String mfaToken) {
         return request;
     }
 
+
+    private BaseRequest<CreatedOobResponse> createBaseOobRequest(String mfaToken, List<String> oobChannels) {
+        String url = baseUrl
+            .newBuilder()
+            .addPathSegment("mfa")
+            .addPathSegment("associate")
+            .build()
+            .toString();
+
+        BaseRequest<CreatedOobResponse> request = new BaseRequest<>(client, null, url, HttpMethod.POST, new TypeReference<CreatedOobResponse>() {
+        });
+
+        request.addParameter("authenticator_types", Collections.singletonList("oob"));
+        request.addParameter("oob_channels", oobChannels);
+        request.addParameter(KEY_CLIENT_ID, clientId);
+        addClientAuthentication(request, false);
+        request.addHeader("Authorization", "Bearer " + mfaToken);
+
+        return request;
+    }
+
     /**
      * Associates or adds a new OOB authenticator for multi-factor authentication (MFA).
      * Confidential clients (Regular Web Apps) <strong>must</strong> have a client secret configured on this {@code AuthAPI} instance.
@@ -1415,32 +1436,67 @@ public Request<CreatedOtpResponse> addOtpAuthenticator(String mfaToken) {
      * @param phoneNumber The phone number for "sms" or "voice" channels. May be null if not using "sms" or "voice".
      * @return a Request to execute.
      * @see <a href="https://auth0.com/docs/api/authentication#add-an-authenticator">Add an Authenticator API documentation</a>
+     * @deprecated Use {@linkplain #addOobAuthenticator(String, List, String, String)} instead.
      */
+    @Deprecated
     public Request<CreatedOobResponse> addOobAuthenticator(String mfaToken, List<String> oobChannels, String phoneNumber) {
         Asserts.assertNotNull(mfaToken, "mfa token");
         Asserts.assertNotNull(oobChannels, "OOB channels");
+        if (oobChannels.contains("sms") || oobChannels.contains("voice")) {
+            Asserts.assertNotNull(phoneNumber, "phone number");
+        }
 
-        String url = baseUrl
-            .newBuilder()
-            .addPathSegment("mfa")
-            .addPathSegment("associate")
-            .build()
-            .toString();
-
-        BaseRequest<CreatedOobResponse> request = new BaseRequest<>(client, null, url, HttpMethod.POST, new TypeReference<CreatedOobResponse>() {
-        });
+        BaseRequest<CreatedOobResponse> request = createBaseOobRequest(mfaToken, oobChannels);
 
-        request.addParameter("authenticator_types", Collections.singletonList("oob"));
-        request.addParameter("oob_channels", oobChannels);
-        request.addParameter(KEY_CLIENT_ID, clientId);
         if (phoneNumber != null) {
             request.addParameter("phone_number", phoneNumber);
         }
-        addClientAuthentication(request, false);
-        request.addHeader("Authorization", "Bearer " + mfaToken);
+
         return request;
     }
 
+    /**
+     * Associates or adds a new OOB authenticator for multi-factor authentication (MFA).
+     * Confidential clients (Regular Web Apps) <strong>must</strong> have a client secret configured on this {@code AuthAPI} instance.
+     * <pre>
+     * {@code
+     * try {
+     *      CreatedOobResponse result = authAPI.addOobAuthenticator("the-mfa-token", Arrays.asList("sms", "email"), "phone-number", "email-address")
+     *          .execute()
+     *          .getBody();
+     * } catch (Auth0Exception e) {
+     *      //Something happened
+     * }
+     * }
+     * </pre>
+     *
+     * @param mfaToken The token received from mfa_required error. Must not be null.
+     * @param oobChannels The type of OOB channels supported by the client. Must not be null.
+     * @param phoneNumber The phone number for "sms" or "voice" channels. May be null if not using "sms" or "voice".
+     * @param emailAddress The  email address for "email" channel. May be null if not using "email".
+     * @return a Request to execute.
+     * @see <a href="https://auth0.com/docs/secure/multi-factor-authentication/authenticate-using-ropg-flow-with-mfa/enroll-challenge-sms-voice-authenticators#enroll-with-sms-or-voice">Enroll with SMS or voice</a>
+     */
+    public Request<CreatedOobResponse> addOobAuthenticator(String mfaToken, List<String> oobChannels, String phoneNumber, String emailAddress) {
+        Asserts.assertNotNull(mfaToken, "mfa token");
+        Asserts.assertNotNull(oobChannels, "OOB channels");
+        if (oobChannels.contains("sms") || oobChannels.contains("voice")) {
+            Asserts.assertNotNull(phoneNumber, "phone number");
+        }
+        if (oobChannels.contains("email")) {
+            Asserts.assertNotNull(emailAddress, "email address");
+        }
+
+        BaseRequest<CreatedOobResponse> request = createBaseOobRequest(mfaToken, oobChannels);
+        if (phoneNumber != null) {
+            request.addParameter("phone_number", phoneNumber);
+        }
+        if (emailAddress != null) {
+            request.addParameter("email", emailAddress);
+        }
+
+        return request;
+    }
 
     /**
      * Returns a list of authenticators associated with your application.

src/main/java/com/auth0/client/mgmt/ManagementAPI.java

@@ -67,6 +67,17 @@ public static ManagementAPI.Builder newBuilder(String domain, String apiToken) {
         return new ManagementAPI.Builder(domain, apiToken);
     }
 
+    /**
+     * Instantiate a new {@link Builder} to configure and build a new ManagementAPI client.
+     *
+     * @param domain the tenant's domain. Must be a non-null valid HTTPS domain.
+     * @param tokenProvider the API Token provider to use when making requests.
+     * @return a Builder for further configuration.
+     */
+    public static ManagementAPI.Builder newBuilder(String domain, TokenProvider tokenProvider) {
+        return new ManagementAPI.Builder(domain, tokenProvider);
+    }
+
     private ManagementAPI(String domain, TokenProvider tokenProvider, Auth0HttpClient httpClient) {
         Asserts.assertNotNull(domain, "domain");
         Asserts.assertNotNull(tokenProvider, "token provider");
@@ -396,12 +407,20 @@ public SelfServiceProfilesEntity selfServiceProfiles() {
         return new SelfServiceProfilesEntity(client, baseUrl, tokenProvider);
     }
 
+    /**
+     * Getter for the Network Acls Entity
+     * @return the Network Acls Entity
+     */
+    public NetworkAclsEntity networkAcls() {
+        return new NetworkAclsEntity(client, baseUrl, tokenProvider);
+    }
+
     /**
      * Builder for {@link ManagementAPI} API client instances.
      */
     public static class Builder {
         private final String domain;
-        private final String apiToken;
+        private final TokenProvider tokenProvider;
         private Auth0HttpClient httpClient = DefaultHttpClient.newBuilder().build();
 
         /**
@@ -410,8 +429,17 @@ public static class Builder {
          * @param apiToken the API token used to make requests to the Auth0 Management API.
          */
         public Builder(String domain, String apiToken) {
+            this(domain, SimpleTokenProvider.create(apiToken));
+        }
+
+        /**
+         * Create a new Builder
+         * @param domain the domain of the tenant.
+         * @param tokenProvider the API Token provider to use when making requests.
+         */
+        public Builder(String domain, TokenProvider tokenProvider) {
             this.domain = domain;
-            this.apiToken = apiToken;
+            this.tokenProvider = tokenProvider;
         }
 
         /**
@@ -430,7 +458,7 @@ public Builder withHttpClient(Auth0HttpClient httpClient) {
          * @return the configured {@code ManagementAPI} instance.
          */
         public ManagementAPI build() {
-            return new ManagementAPI(domain, SimpleTokenProvider.create(apiToken), httpClient);
+            return new ManagementAPI(domain, tokenProvider, httpClient);
         }
     }
 }