diff --git a/src/main/python/fusionauth/fusionauth_client.py b/src/main/python/fusionauth/fusionauth_client.py index fcadf20..9ed1e7f 100644 --- a/src/main/python/fusionauth/fusionauth_client.py +++ b/src/main/python/fusionauth/fusionauth_client.py @@ -194,6 +194,24 @@ def check_change_password_using_id(self, change_password_id): .get() \ .go() + def check_change_password_using_id_and_ip_address(self, change_password_id, ip_address=None): + """ + Check to see if the user must obtain a Trust Token Id in order to complete a change password request. + When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication. + + An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + + Attributes: + change_password_id: The change password Id used to find the user. This value is generated by FusionAuth once the change password workflow has been initiated. + ip_address: (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + """ + return self.start_anonymous().uri('/api/user/change-password') \ + .url_segment(change_password_id) \ + .url_parameter('ipAddress', self.convert_true_false(ip_address)) \ + .get() \ + .go() + def check_change_password_using_jwt(self, encoded_jwt): """ Check to see if the user must obtain a Trust Token Id in order to complete a change password request. @@ -210,6 +228,24 @@ def check_change_password_using_jwt(self, encoded_jwt): .get() \ .go() + def check_change_password_using_jwt_and_ip_address(self, encoded_jwt, ip_address=None): + """ + Check to see if the user must obtain a Trust Token Id in order to complete a change password request. + When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + your password, you must obtain a Trust Token by completing a Two-Factor Step-Up authentication. + + An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + + Attributes: + encoded_jwt: The encoded JWT (access token). + ip_address: (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + """ + return self.start_anonymous().uri('/api/user/change-password') \ + .authorization("Bearer " + encoded_jwt) \ + .url_parameter('ipAddress', self.convert_true_false(ip_address)) \ + .get() \ + .go() + def check_change_password_using_login_id(self, login_id): """ Check to see if the user must obtain a Trust Request Id in order to complete a change password request. @@ -226,6 +262,24 @@ def check_change_password_using_login_id(self, login_id): .get() \ .go() + def check_change_password_using_login_id_and_ip_address(self, login_id, ip_address=None): + """ + Check to see if the user must obtain a Trust Request Id in order to complete a change password request. + When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication. + + An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + + Attributes: + login_id: The loginId (email or username) of the User that you intend to change the password for. + ip_address: (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + """ + return self.start().uri('/api/user/change-password') \ + .url_parameter('loginId', self.convert_true_false(login_id)) \ + .url_parameter('ipAddress', self.convert_true_false(ip_address)) \ + .get() \ + .go() + def check_change_password_using_login_id_and_login_id_types(self, login_id, login_id_types): """ Check to see if the user must obtain a Trust Request Id in order to complete a change password request. @@ -244,6 +298,26 @@ def check_change_password_using_login_id_and_login_id_types(self, login_id, logi .get() \ .go() + def check_change_password_using_login_id_and_login_id_types_and_ip_address(self, login_id, login_id_types, ip_address=None): + """ + Check to see if the user must obtain a Trust Request Id in order to complete a change password request. + When a user has enabled Two-Factor authentication, before you are allowed to use the Change Password API to change + your password, you must obtain a Trust Request Id by completing a Two-Factor Step-Up authentication. + + An HTTP status code of 400 with a general error code of [TrustTokenRequired] indicates that a Trust Token is required to make a POST request to this API. + + Attributes: + login_id: The loginId of the User that you intend to change the password for. + login_id_types: The identity types that FusionAuth will compare the loginId to. + ip_address: (Optional) IP address of the user changing their password. This is used for MFA risk assessment. + """ + return self.start().uri('/api/user/change-password') \ + .url_parameter('loginId', self.convert_true_false(login_id)) \ + .url_parameter('loginIdTypes', self.convert_true_false(login_id_types)) \ + .url_parameter('ipAddress', self.convert_true_false(ip_address)) \ + .get() \ + .go() + def client_credentials_grant(self, client_id=None, client_secret=None, scope=None): """ Make a Client Credentials grant request to obtain an access token. @@ -3347,6 +3421,22 @@ def retrieve_two_factor_status(self, user_id, application_id, two_factor_trust_i .get() \ .go() + def retrieve_two_factor_status_with_request(self, request): + """ + Retrieve a user's two-factor status. + + This can be used to see if a user will need to complete a two-factor challenge to complete a login, + and optionally identify the state of the two-factor trust across various applications. This operation + provides more payload options than retrieveTwoFactorStatus. + + Attributes: + request: The request object that contains all the information used to check the status. + """ + return self.start().uri('/api/two-factor/status') \ + .body_handler(JSONBodyHandler(request)) \ + .post() \ + .go() + def retrieve_user(self, user_id): """ Retrieves the user for the given Id.