Update login ID (#242)

* Update login ID
+ tests
related to descope/etc#2985
Leave new id as empty to remove ID
last login ID cannot be removed

* remove settings string

Author: aviadl

README.md

@@ -515,6 +515,10 @@ descope_client.mgmt.user.update(
 )
 
 # Update explicit data for a user rather than overriding all fields
+descope_client.mgmt.user.update_login_id(
+    login_id="[email protected]",
+    new_login_id="[email protected]"
+)
 descope_client.mgmt.user.update_phone(
     login_id="[email protected]",
     phone="+18005551234",

descope/management/common.py

@@ -17,6 +17,7 @@ class MgmtV1:
     users_search_path = "/v1/mgmt/user/search"
     user_get_provider_token = "/v1/mgmt/user/provider/token"
     user_update_status_path = "/v1/mgmt/user/update/status"
+    user_update_login_id_path = "/v1/mgmt/user/update/loginid"
     user_update_email_path = "/v1/mgmt/user/update/email"
     user_update_phone_path = "/v1/mgmt/user/update/phone"
     user_update_name_path = "/v1/mgmt/user/update/name"

descope/management/user.py

@@ -438,6 +438,34 @@ def deactivate(
         )
         return response.json()
 
+    def update_login_id(
+        self,
+        login_id: str,
+        new_login_id: str = None,
+    ) -> dict:
+        """
+        Update login id of user, leave new login empty to remove the ID.
+        A user must have at least one login ID. Trying to remove the last one will fail.
+
+        Args:
+        login_id (str): The login ID of the user to update.
+        new_login_id (str): New login ID to set for the user.
+
+        Return value (dict):
+        Return dict in the format
+             {"user": {}}
+        Containing the updated user information.
+
+        Raise:
+        AuthException: raised if the update operation fails
+        """
+        response = self._auth.do_post(
+            MgmtV1.user_update_login_id_path,
+            {"loginId": login_id, "newLoginId": new_login_id},
+            pswd=self._auth.management_key,
+        )
+        return response.json()
+
     def update_email(
         self,
         login_id: str,

tests/management/test_user.py

@@ -559,6 +559,42 @@ def test_deactivate(self):
                 timeout=DEFAULT_TIMEOUT_SECONDS,
             )
 
+    def test_update_login_id(self):
+        # Test failed flows
+        with patch("requests.post") as mock_post:
+            mock_post.return_value.ok = False
+            self.assertRaises(
+                AuthException,
+                self.client.mgmt.user.update_login_id,
+                "valid-id",
+                "[email protected]",
+            )
+
+        # Test success flow
+        with patch("requests.post") as mock_post:
+            network_resp = mock.Mock()
+            network_resp.ok = True
+            network_resp.json.return_value = json.loads("""{"user": {"id": "[email protected]"}}""")
+            mock_post.return_value = network_resp
+            resp = self.client.mgmt.user.update_login_id("valid-id", "[email protected]")
+            user = resp["user"]
+            self.assertEqual(user["id"], "[email protected]")
+            mock_post.assert_called_with(
+                f"{common.DEFAULT_BASE_URL}{MgmtV1.user_update_login_id_path}",
+                headers={
+                    **common.default_headers,
+                    "Authorization": f"Bearer {self.dummy_project_id}:{self.dummy_management_key}",
+                },
+                params=None,
+                json={
+                    "loginId": "valid-id",
+                    "newLoginId": "[email protected]",
+                },
+                allow_redirects=False,
+                verify=True,
+                timeout=DEFAULT_TIMEOUT_SECONDS,
+            )
+
     def test_update_email(self):
         # Test failed flows
         with patch("requests.post") as mock_post: