Add auth0-forwarded-for header to passwordless sms authentication for… #530
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes
Please describe both what is changing and why this is important. Include:
This change is to add auth0-forwarded-for header for passwordless sms authentication for rate limit purposes as per
(https://auth0.com/docs/connections/passwordless/best-practices#link-accounts)
See section at the bottom
References
Please include relevant links supporting this change such as a:
(https://auth0.com/docs/connections/passwordless/best-practices#link-accounts)
Testing
Please describe how this can be tested by reviewers. Be specific about anything not tested and reasons why. If this library has unit and/or integration testing, tests should be added for new functionality and existing tests should complete without errors.
I have not included any additional tests as the existing method
public async Task<AccessTokenResponse> GetTokenAsync(ResourceOwnerTokenRequest request, CancellationToken cancellationToken = default)
already makes use of this but I could not find any specific tests for the
ForwardedForIp
field.Further since this change is simply adding an additional header it shouldn't change the behaviour unless users start setting it.
Checklist
I have read the Auth0 general contribution guidelines
I have read the Auth0 Code of Conduct
All existing and new tests complete without errors