workos 0.11.1 → 0.11.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile.lock +2 -2
- data/README.md +13 -230
- data/lib/workos/client.rb +18 -1
- data/lib/workos/connection.rb +5 -1
- data/lib/workos/passwordless.rb +4 -0
- data/lib/workos/portal.rb +53 -0
- data/lib/workos/types/connection_struct.rb +1 -0
- data/lib/workos/version.rb +1 -1
- data/spec/lib/workos/portal_spec.rb +47 -0
- data/spec/lib/workos/sso_spec.rb +1 -0
- data/spec/support/fixtures/vcr_cassettes/organization/get.yml +73 -0
- data/spec/support/fixtures/vcr_cassettes/organization/get_invalid.yml +72 -0
- data/spec/support/fixtures/vcr_cassettes/organization/update.yml +73 -0
- data/spec/support/fixtures/vcr_cassettes/organization/update_invalid.yml +73 -0
- data/spec/support/fixtures/vcr_cassettes/sso/create_connection_with_valid_source.yml +1 -1
- metadata +11 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 64322be12c1dad447bc34d760225e99c47dc6611119ea74dd9a638bac6f23085
|
4
|
+
data.tar.gz: 99df76eeb89edac09cc58323049efeaad694bf3bd945d07c8d8fb492bb45052f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 56de86af09e8c79821cb1789b0ceb27db74ac8f11176ff6b43ee36ebe0b18c0bcc60fd459c35dcfa369bd86a70c0f78724861380689c1afcc21296d77d8a9baa
|
7
|
+
data.tar.gz: b77ac5436b1d5f7a150778c68e259897576689a032d7490835e6ebf7411ba8dc1b3268548648c60261b0273528901a2d63edc3eb4d1e765cf75de7d4448da83e
|
data/Gemfile.lock
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
workos (0.11.
|
4
|
+
workos (0.11.2)
|
5
5
|
sorbet-runtime (~> 0.5)
|
6
6
|
|
7
7
|
GEM
|
@@ -60,7 +60,7 @@ GEM
|
|
60
60
|
simplecov_json_formatter (0.1.2)
|
61
61
|
sorbet (0.5.6388)
|
62
62
|
sorbet-static (= 0.5.6388)
|
63
|
-
sorbet-runtime (0.5.
|
63
|
+
sorbet-runtime (0.5.6403)
|
64
64
|
sorbet-static (0.5.6388-universal-darwin-14)
|
65
65
|
sorbet-static (0.5.6388-universal-darwin-15)
|
66
66
|
sorbet-static (0.5.6388-universal-darwin-16)
|
data/README.md
CHANGED
@@ -1,22 +1,22 @@
|
|
1
|
-
#
|
1
|
+
# WorkOS Ruby Library
|
2
2
|
|
3
|
-
WorkOS
|
3
|
+
The WorkOS library for Ruby provides convenient access to the WorkOS API from applications written in Ruby.
|
4
4
|
|
5
5
|
## Documentation
|
6
6
|
|
7
|
-
|
7
|
+
See the [API Reference](https://workos.com/docs/reference/client-libraries) for Ruby usage examples.
|
8
8
|
|
9
9
|
## Installation
|
10
10
|
|
11
|
-
|
11
|
+
Install the package with:
|
12
12
|
|
13
|
-
```
|
13
|
+
```
|
14
14
|
gem install workos
|
15
15
|
```
|
16
16
|
|
17
17
|
If you're using Bundler to manage your application's gems, add the WorkOS gem to your Gemfile:
|
18
18
|
|
19
|
-
```
|
19
|
+
```
|
20
20
|
source 'https://rubygems.org'
|
21
21
|
|
22
22
|
gem 'workos'
|
@@ -24,17 +24,13 @@ gem 'workos'
|
|
24
24
|
|
25
25
|
## Configuration
|
26
26
|
|
27
|
-
To use the
|
28
|
-
|
29
|
-
You can do this through the `WORKOS_API_KEY` environment variable or by calling `WorkOS.key = [your API key]`.
|
30
|
-
|
31
|
-
The WorkOS Gem will read the environment variable `WORKOS_API_KEY`:
|
27
|
+
To use the library you must provide an API key, located in the WorkOS dashboard, as an environment variable `WORKOS_API_KEY`:
|
32
28
|
|
33
29
|
```sh
|
34
30
|
$ WORKOS_API_KEY=[your api key] ruby app.rb
|
35
31
|
```
|
36
32
|
|
37
|
-
|
33
|
+
Or, you may set the key yourself, such as in an initializer in your application load path:
|
38
34
|
|
39
35
|
```ruby
|
40
36
|
# /config/initializers/workos.rb
|
@@ -42,222 +38,9 @@ Alternatively, you may set the key yourself, such as in an initializer in your a
|
|
42
38
|
WorkOS.key = '[your api key]'
|
43
39
|
```
|
44
40
|
|
45
|
-
##
|
46
|
-
|
47
|
-
The SSO Module provides convenient methods for authenticating a Single Sign On (SSO) user via WorkOS. WorkOS SSO follows the OAuth 2.0 specification.
|
48
|
-
|
49
|
-
First, you'll direct your SSO users to an `authorization_url`. They will sign in to their SSO account with their Identity Provider, and be redirected to a
|
50
|
-
callback URL that you set in your WorkOS Dashboard. The user will be redirected with a `code` URL parameter, which you can then exchange for a WorkOS::Profile
|
51
|
-
using the `WorkOS::SSO.get_profile` method.
|
52
|
-
|
53
|
-
See our Ruby SSO example app for a [complete example](https://github.com/workos-inc/ruby-sso-example).
|
54
|
-
|
55
|
-
```ruby
|
56
|
-
WorkOS::SSO.authorization_url(domain:, client_id:, redirect_uri:, state: {})
|
57
|
-
```
|
58
|
-
|
59
|
-
> Generate an authorization URL to intitiate the WorkOS OAuth2 workflow.
|
60
|
-
|
61
|
-
`WorkOS::SSO.authorization_url` accepts four arguments:
|
62
|
-
|
63
|
-
- `domain` (string) — the authenticating user's company domain, without protocol (ex. `example.com`)
|
64
|
-
- `client_id` (string) — your application's WorkOS [Client ID](https://dashboard.workos.com/sso/configuration) (ex. `project_01JG3BCPTRTSTTWQR4VSHXGWCQ`)
|
65
|
-
- `state` (optional, hash) — an optional hash used to manage state across authorization transactions (ex. `{ next_page: '/docs'}`)
|
66
|
-
- `redirect_uri` (string) — a callback URL where your application redirects the user-agent after an authorization code is granted (ex. `workos.dev/callback`). This must match one of your configured callback URLs for the associated environment on your WorkOS dashboard.
|
67
|
-
|
68
|
-
This method will return an OAuth2 query string of the form:
|
69
|
-
|
70
|
-
`https://${domain}/sso/authorize?response_type=code&client_id=${clientID}&redirect_uri=${redirectURI}&state=${state}`
|
71
|
-
|
72
|
-
For example, when used in a [Sinatra app](http://sinatrarb.com/):
|
73
|
-
|
74
|
-
```ruby
|
75
|
-
DOMAIN = 'example.com'
|
76
|
-
CLIENT_ID = '{clientId}'
|
77
|
-
REDIRECT_URI = 'http://localhost:4567/callback'
|
78
|
-
|
79
|
-
get '/auth' do
|
80
|
-
authorization_url = WorkOS::SSO.authorization_url(
|
81
|
-
domain: DOMAIN,
|
82
|
-
client_id: CLIENT_ID,
|
83
|
-
redirect_uri: REDIRECT_URI,
|
84
|
-
)
|
85
|
-
|
86
|
-
redirect authorization_url
|
87
|
-
end
|
88
|
-
```
|
89
|
-
|
90
|
-
The user would be redirected to:
|
91
|
-
|
92
|
-
`https://api.workos.com/sso/authorize?response_type=code&client_id={clientID}&redirect_uri=http://localhost:4567/callback`
|
93
|
-
|
94
|
-
WorkOS takes over from here, sending the user to authenticate with their IDP, and on successful login, returns
|
95
|
-
the user to your callback URL with a `code` parameter. You'll use `WorkOS::SSO.profile` to exchange the
|
96
|
-
code for a `WorkOS::Profile`.
|
97
|
-
|
98
|
-
```ruby
|
99
|
-
WorkOS::SSO.profile(code:, client_id:)
|
100
|
-
```
|
101
|
-
|
102
|
-
> Fetch a WorkOS::Profile for an authorized user.
|
103
|
-
|
104
|
-
`WorkOS::SSO.profile` accepts two arguments:
|
105
|
-
|
106
|
-
- `code` (string) — an opaque string provided by the authorization server; will be exchanged for an Access Token when the user's profile is sent
|
107
|
-
- `client_id` (string) — your application's WorkOS [Client ID](https://dashboard.workos.com/sso/configuration) (ex. `project_01JG3BCPTRTSTTWQR4VSHXGWCQ`)
|
108
|
-
|
109
|
-
This method will return an instance of a `WorkOS::Profile` with the following attributes:
|
110
|
-
|
111
|
-
```ruby
|
112
|
-
<WorkOS::Profile:0x00007fb6e4193d20
|
113
|
-
@id="prof_01DRA1XNSJDZ19A31F183ECQW5",
|
114
|
-
@email="demo@workos-okta.com",
|
115
|
-
@first_name="WorkOS",
|
116
|
-
@connection_id="conn_01EMH8WAK20T42N2NBMNBCYHAG",
|
117
|
-
@connection_type="OktaSAML",
|
118
|
-
@last_name="Demo",
|
119
|
-
@idp_id="00u1klkowm8EGah2H357",
|
120
|
-
@raw_attributes={
|
121
|
-
:id=>"prof_01DRA1XNSJDZ19A31F183ECQW5",
|
122
|
-
:email=>"demo@workos-okta.com",
|
123
|
-
:first_name=>"WorkOS",
|
124
|
-
:last_name=>"Demo",
|
125
|
-
:idp_id=>"00u1klkowm8EGah2H357"
|
126
|
-
},
|
127
|
-
>
|
128
|
-
```
|
129
|
-
|
130
|
-
Our Sinatra app can be extended to use this method:
|
131
|
-
|
132
|
-
```ruby
|
133
|
-
DOMAIN = 'example.com'
|
134
|
-
CLIENT_ID = '{clientId}'
|
135
|
-
REDIRECT_URI = 'http://localhost:4567/callback'
|
136
|
-
|
137
|
-
get '/auth' do
|
138
|
-
authorization_url = WorkOS::SSO.authorization_url(
|
139
|
-
domain: DOMAIN,
|
140
|
-
client_id: CLIENT_ID,
|
141
|
-
redirect_uri: REDIRECT_URI,
|
142
|
-
)
|
143
|
-
|
144
|
-
redirect authorization_url
|
145
|
-
end
|
146
|
-
|
147
|
-
get '/callback' do
|
148
|
-
profile = WorkOS::SSO.profile(
|
149
|
-
code: params['code'],
|
150
|
-
client_id: CLIENT_ID,
|
151
|
-
)
|
152
|
-
|
153
|
-
session[:user] = profile.to_json
|
154
|
-
|
155
|
-
redirect '/'
|
156
|
-
end
|
157
|
-
```
|
158
|
-
|
159
|
-
Given the `WorkOS::Profile`, you can now sign the user in according to your own authentication setup.
|
160
|
-
|
161
|
-
## The Magic Link Module
|
162
|
-
|
163
|
-
The Magic Link Module provides methods for authenticating a Passwordless user via WorkOS.
|
164
|
-
|
165
|
-
First, you'll create a Passwordless Session for a Magic Link connection.
|
166
|
-
Then, using the session ID, you'll email a user the Magic Link confirmation URL.
|
167
|
-
The user can then click on that link to be authenticated to your application.
|
168
|
-
|
169
|
-
> Create a Passwordless Session for a Magic Link Connection.
|
170
|
-
|
171
|
-
`WorkOS::Passwordless.create_session` accepts four arguments:
|
172
|
-
|
173
|
-
- `email` (string) - the email of the user to authenticate.
|
174
|
-
- `type` (string) - The type of Passwordless Session to create. Currently, the only supported value is `MagicLink`.
|
175
|
-
- `state` (optional, string) - Optional parameter that a Developer can choose to include in their authorization URL. If included, then the redirect URI received from WorkOS will contain the exact `state` that was passed in the authorization URL.
|
176
|
-
- `redirect_uri` (string) - a callback URL where your application redirects the user-agent after an authorization code is granted (ex. `workos.dev/callback`). This must match one of your configured callback URLs for the associated environment on your WorkOS dashboard.
|
177
|
-
|
178
|
-
This method will return a Passwordless Session object, containing the following attributes:
|
179
|
-
|
180
|
-
- `id` (string) - the unique ID of the session.
|
181
|
-
- `email` (string) - the email address of the user for the session.
|
182
|
-
- `expires_at` (date) - the ISO-8601 datetime at which the session expires.
|
183
|
-
- `link` (string) - the link for the user to authenticate with. You can use this link to send a custom email to the user, or send an email using the `WorkOS::Passwordless.send_session` method, described below.
|
184
|
-
|
185
|
-
> Email a user the Magic Link confirmation URL.
|
186
|
-
|
187
|
-
`WorkOS::Passwordless.send_session` accepts one argument:
|
188
|
-
|
189
|
-
- `id` (string) - the unique identifier of the Passwordless Session to send an email for.
|
190
|
-
|
191
|
-
This method will return a boolean confirming the Magic Link was sent.
|
192
|
-
|
193
|
-
> Example with Sinatra application
|
194
|
-
|
195
|
-
Our Sinatra app can be altered to use Magic Link:
|
196
|
-
|
197
|
-
```ruby
|
198
|
-
CLIENT_ID = '{clientId}'
|
199
|
-
REDIRECT_URI = 'http://localhost:4567/callback'
|
200
|
-
|
201
|
-
post '/passwordless-auth' do
|
202
|
-
session = WorkOS::Passwordless.create_session(
|
203
|
-
email: params[:email],
|
204
|
-
type: 'MagicLink',
|
205
|
-
redirect_uri: REDIRECT_URI
|
206
|
-
)
|
207
|
-
WorkOS::Passwordless.send_session(session.id)
|
208
|
-
|
209
|
-
redirect '/check-email'
|
210
|
-
end
|
211
|
-
|
212
|
-
get '/callback' do
|
213
|
-
profile = WorkOS::SSO.profile(
|
214
|
-
code: params['code'],
|
215
|
-
client_id: CLIENT_ID,
|
216
|
-
)
|
217
|
-
|
218
|
-
session[:user] = profile.to_json
|
219
|
-
|
220
|
-
redirect '/'
|
221
|
-
end
|
222
|
-
```
|
223
|
-
|
224
|
-
## The Audit Trail Module
|
225
|
-
|
226
|
-
The Audit Trail Module provides methods for creating Audit Trail events on
|
227
|
-
WorkOS.
|
228
|
-
|
229
|
-
See our [Audit Trail
|
230
|
-
Overview](https://docs.workos.com/audit-trail/overview) for
|
231
|
-
more information.
|
232
|
-
|
233
|
-
```ruby
|
234
|
-
payload = {
|
235
|
-
group: 'Foo Corp',
|
236
|
-
location: '127.0.0.1',
|
237
|
-
action: 'user.created',
|
238
|
-
action_type: 'C',
|
239
|
-
actor_name: 'Foo',
|
240
|
-
actor_id: 'user_12345',
|
241
|
-
target_name: 'Bar',
|
242
|
-
target_id: 'user_67890',
|
243
|
-
occurred_at: '2020-01-10T15:30:00-05:00',
|
244
|
-
metadata: {
|
245
|
-
source: 'Email',
|
246
|
-
}
|
247
|
-
}
|
248
|
-
|
249
|
-
WorkOS::AuditTrail.create_event(event: payload)
|
250
|
-
```
|
251
|
-
|
252
|
-
### Idempotency
|
253
|
-
|
254
|
-
To perform an idempotent request, provide an additional idempotency_key
|
255
|
-
parameter to the `create_event` options.
|
256
|
-
|
257
|
-
```ruby
|
258
|
-
WorkOS::AuditTrail.create_event(event: payload, idempotency_key: 'key123456')
|
259
|
-
```
|
41
|
+
## More Information
|
260
42
|
|
261
|
-
|
262
|
-
|
263
|
-
|
43
|
+
* [Single Sign-On Guide](https://workos.com/docs/sso/guide)
|
44
|
+
* [Directory Sync Guide](https://workos.com/docs/directory-sync/guide)
|
45
|
+
* [Admin Portal Guide](https://workos.com/docs/admin-portal/guide)
|
46
|
+
* [Magic Link Guide](https://workos.com/docs/magic-link/guide)
|
data/lib/workos/client.rb
CHANGED
@@ -19,7 +19,7 @@ module WorkOS
|
|
19
19
|
|
20
20
|
sig do
|
21
21
|
params(
|
22
|
-
request: T.any(Net::HTTP::Get, Net::HTTP::Post, Net::HTTP::Delete),
|
22
|
+
request: T.any(Net::HTTP::Get, Net::HTTP::Post, Net::HTTP::Delete, Net::HTTP::Put),
|
23
23
|
).returns(::T.untyped)
|
24
24
|
end
|
25
25
|
def execute_request(request:)
|
@@ -90,6 +90,23 @@ module WorkOS
|
|
90
90
|
request
|
91
91
|
end
|
92
92
|
|
93
|
+
sig do
|
94
|
+
params(
|
95
|
+
path: String,
|
96
|
+
auth: T.nilable(T::Boolean),
|
97
|
+
idempotency_key: T.nilable(String),
|
98
|
+
body: T.nilable(Hash),
|
99
|
+
).returns(Net::HTTP::Put)
|
100
|
+
end
|
101
|
+
def put_request(path:, auth: false, idempotency_key: nil, body: nil)
|
102
|
+
request = Net::HTTP::Put.new(path, 'Content-Type' => 'application/json')
|
103
|
+
request.body = body.to_json if body
|
104
|
+
request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
|
105
|
+
request['Idempotency-Key'] = idempotency_key if idempotency_key
|
106
|
+
request['User-Agent'] = user_agent
|
107
|
+
request
|
108
|
+
end
|
109
|
+
|
93
110
|
sig { returns(String) }
|
94
111
|
def user_agent
|
95
112
|
engine = defined?(::RUBY_ENGINE) ? ::RUBY_ENGINE : 'Ruby'
|
data/lib/workos/connection.rb
CHANGED
@@ -5,11 +5,12 @@ module WorkOS
|
|
5
5
|
# The Connection class provides a lightweight wrapper around
|
6
6
|
# a WorkOS Connection resource. This class is not meant to be instantiated
|
7
7
|
# in user space, and is instantiated internally but exposed.
|
8
|
+
# Note: status is deprecated - use state instead
|
8
9
|
class Connection
|
9
10
|
extend T::Sig
|
10
11
|
|
11
12
|
attr_accessor :id, :name, :connection_type, :domains, :organization_id,
|
12
|
-
:status
|
13
|
+
:state, :status
|
13
14
|
|
14
15
|
sig { params(json: String).void }
|
15
16
|
def initialize(json)
|
@@ -20,6 +21,7 @@ module WorkOS
|
|
20
21
|
@connection_type = T.let(raw.connection_type, String)
|
21
22
|
@domains = T.let(raw.domains, Array)
|
22
23
|
@organization_id = T.let(raw.organization_id, String)
|
24
|
+
@state = T.let(raw.state, String)
|
23
25
|
@status = T.let(raw.status, String)
|
24
26
|
end
|
25
27
|
|
@@ -30,6 +32,7 @@ module WorkOS
|
|
30
32
|
connection_type: connection_type,
|
31
33
|
domains: domains,
|
32
34
|
organization_id: organization_id,
|
35
|
+
state: state,
|
33
36
|
status: status,
|
34
37
|
}
|
35
38
|
end
|
@@ -46,6 +49,7 @@ module WorkOS
|
|
46
49
|
connection_type: hash[:connection_type],
|
47
50
|
domains: hash[:domains],
|
48
51
|
organization_id: hash[:organization_id],
|
52
|
+
state: hash[:state],
|
49
53
|
status: hash[:status],
|
50
54
|
)
|
51
55
|
end
|
data/lib/workos/passwordless.rb
CHANGED
@@ -23,6 +23,10 @@ module WorkOS
|
|
23
23
|
# received from WorkOS will contain. The state parameter can be used to
|
24
24
|
# encode arbitrary information to help restore application state between
|
25
25
|
# redirects.
|
26
|
+
# @option options [String] connection Optional parameter for the ID of a
|
27
|
+
# specific connection. This can be used to create a Passwordless Session
|
28
|
+
# for a specific connection rather than using the domain from the email
|
29
|
+
# to determine the Organization and Connection.
|
26
30
|
# @option options [String] type The type of Passwordless Session to
|
27
31
|
# create. Currently, the only supported value is 'MagicLink'.
|
28
32
|
# @option options [String] redirect_uri The URI where users are directed
|
data/lib/workos/portal.rb
CHANGED
@@ -110,6 +110,59 @@ module WorkOS
|
|
110
110
|
)
|
111
111
|
end
|
112
112
|
|
113
|
+
# Get an Organization
|
114
|
+
#
|
115
|
+
# @param [String] id Organization unique identifier
|
116
|
+
#
|
117
|
+
# @example
|
118
|
+
# WorkOS::Portal.get_organization(id: 'org_02DRA1XNSJDZ19A31F183ECQW9')
|
119
|
+
# => #<WorkOS::Organization:0x00007fb6e4193d20
|
120
|
+
# @id="org_02DRA1XNSJDZ19A31F183ECQW9",
|
121
|
+
# @name="Foo Corp",
|
122
|
+
# @domains=
|
123
|
+
# [{:object=>"organization_domain",
|
124
|
+
# :id=>"org_domain_01E6PK9N3XMD8RHWF7S66380AR",
|
125
|
+
# :domain=>"foo-corp.com"}]>
|
126
|
+
#
|
127
|
+
# @return [WorkOS::Connection]
|
128
|
+
sig { params(id: String).returns(WorkOS::Organization) }
|
129
|
+
def get_organization(id:)
|
130
|
+
request = get_request(
|
131
|
+
auth: true,
|
132
|
+
path: "/organizations/#{id}",
|
133
|
+
)
|
134
|
+
|
135
|
+
response = execute_request(request: request)
|
136
|
+
|
137
|
+
WorkOS::Organization.new(response.body)
|
138
|
+
end
|
139
|
+
|
140
|
+
# Update an organization
|
141
|
+
#
|
142
|
+
# @param [String] organization Organization unique identifier
|
143
|
+
# @param [Array<String>] domains List of domains that belong to the
|
144
|
+
# organization
|
145
|
+
# @param [String] name A unique, descriptive name for the organization
|
146
|
+
sig do
|
147
|
+
params(
|
148
|
+
organization: String,
|
149
|
+
domains: T::Array[String],
|
150
|
+
name: String,
|
151
|
+
).returns(WorkOS::Organization)
|
152
|
+
end
|
153
|
+
def update_organization(organization:, domains:, name:)
|
154
|
+
request = put_request(
|
155
|
+
auth: true,
|
156
|
+
body: { domains: domains, name: name },
|
157
|
+
path: "/organizations/#{organization}",
|
158
|
+
)
|
159
|
+
|
160
|
+
response = execute_request(request: request)
|
161
|
+
check_and_raise_organization_error(response: response)
|
162
|
+
|
163
|
+
WorkOS::Organization.new(response.body)
|
164
|
+
end
|
165
|
+
|
113
166
|
private
|
114
167
|
|
115
168
|
sig { params(response: Net::HTTPResponse).void }
|
data/lib/workos/version.rb
CHANGED
@@ -180,4 +180,51 @@ describe WorkOS::Portal do
|
|
180
180
|
end
|
181
181
|
end
|
182
182
|
end
|
183
|
+
|
184
|
+
describe '.get_organization' do
|
185
|
+
context 'with a valid id' do
|
186
|
+
it 'gets the organization details' do
|
187
|
+
VCR.use_cassette('organization/get') do
|
188
|
+
organization = described_class.get_organization(
|
189
|
+
id: 'org_01EZDF20TZEJXKPSX2BJRN6TV6',
|
190
|
+
)
|
191
|
+
|
192
|
+
expect(organization.id).to eq('org_01EZDF20TZEJXKPSX2BJRN6TV6')
|
193
|
+
expect(organization.name).to eq('Foo Corp')
|
194
|
+
expect(organization.domains.first[:domain]).to eq('foo-corp.com')
|
195
|
+
end
|
196
|
+
end
|
197
|
+
end
|
198
|
+
|
199
|
+
context 'with an invalid id' do
|
200
|
+
it 'raises an error' do
|
201
|
+
VCR.use_cassette('organization/get_invalid') do
|
202
|
+
expect do
|
203
|
+
described_class.get_organization(id: 'invalid')
|
204
|
+
end.to raise_error(
|
205
|
+
WorkOS::APIError,
|
206
|
+
'Status 404, Not Found - request ID: ',
|
207
|
+
)
|
208
|
+
end
|
209
|
+
end
|
210
|
+
end
|
211
|
+
end
|
212
|
+
|
213
|
+
describe '.update_organization' do
|
214
|
+
context 'with valid payload' do
|
215
|
+
it 'creates an organization' do
|
216
|
+
VCR.use_cassette 'organization/update' do
|
217
|
+
organization = described_class.update_organization(
|
218
|
+
organization: 'org_01F29YJ068E52HGEB8ZQGC9MJG',
|
219
|
+
domains: ['example.me'],
|
220
|
+
name: 'Test Organization',
|
221
|
+
)
|
222
|
+
|
223
|
+
expect(organization.id).to eq('org_01F29YJ068E52HGEB8ZQGC9MJG')
|
224
|
+
expect(organization.name).to eq('Test Organization')
|
225
|
+
expect(organization.domains.first[:domain]).to eq('example.me')
|
226
|
+
end
|
227
|
+
end
|
228
|
+
end
|
229
|
+
end
|
183
230
|
end
|
data/spec/lib/workos/sso_spec.rb
CHANGED
@@ -316,6 +316,7 @@ describe WorkOS::SSO do
|
|
316
316
|
expect(connection.name).to eq('Foo Corp')
|
317
317
|
expect(connection.domains.first[:domain]).to eq('example.com')
|
318
318
|
expect(connection.organization_id).to eq('12345')
|
319
|
+
expect(connection.state).to eq('active')
|
319
320
|
expect(connection.status).to eq('linked')
|
320
321
|
end
|
321
322
|
end
|
@@ -0,0 +1,73 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: get
|
5
|
+
uri: https://api.workos.com/organizations/org_01EZDF20TZEJXKPSX2BJRN6TV6
|
6
|
+
body:
|
7
|
+
encoding: US-ASCII
|
8
|
+
string: ''
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.1; x86_64-darwin19; v0.11.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 200
|
23
|
+
message: OK
|
24
|
+
headers:
|
25
|
+
Server:
|
26
|
+
- Cowboy
|
27
|
+
Connection:
|
28
|
+
- keep-alive
|
29
|
+
Vary:
|
30
|
+
- Origin, Accept-Encoding
|
31
|
+
Access-Control-Allow-Credentials:
|
32
|
+
- 'true'
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
X-Request-Id:
|
56
|
+
- 06e7c714-c492-4f4e-8fbf-41b0367531ff
|
57
|
+
Content-Type:
|
58
|
+
- application/json; charset=utf-8
|
59
|
+
Content-Length:
|
60
|
+
- '312'
|
61
|
+
Etag:
|
62
|
+
- W/"138-g/hQHq1azVQbQRpF7ECy/AbaJ8E"
|
63
|
+
Date:
|
64
|
+
- Mon, 10 May 2021 17:21:42 GMT
|
65
|
+
Via:
|
66
|
+
- 1.1 vegur
|
67
|
+
body:
|
68
|
+
encoding: UTF-8
|
69
|
+
string: '{"object":"organization","id":"org_01EZDF20TZEJXKPSX2BJRN6TV6","name":"Foo
|
70
|
+
Corp","domains":[{"object":"organization_domain","id":"org_domain_01EZDF20V4VAME34TF0B3DPK49","domain":"foo-corp.com"},{"object":"organization_domain","id":"org_domain_01F2PYX1XMS5ZQW1E8FZ57GPQN","domain":"blairworkos.onmicrosoft.com"}]}'
|
71
|
+
http_version:
|
72
|
+
recorded_at: Mon, 10 May 2021 17:21:42 GMT
|
73
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,72 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: get
|
5
|
+
uri: https://api.workos.com/organizations/invalid
|
6
|
+
body:
|
7
|
+
encoding: US-ASCII
|
8
|
+
string: ''
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.1; x86_64-darwin19; v0.11.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 404
|
23
|
+
message: Not Found
|
24
|
+
headers:
|
25
|
+
Server:
|
26
|
+
- Cowboy
|
27
|
+
Connection:
|
28
|
+
- keep-alive
|
29
|
+
Vary:
|
30
|
+
- Origin, Accept-Encoding
|
31
|
+
Access-Control-Allow-Credentials:
|
32
|
+
- 'true'
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
X-Request-Id:
|
56
|
+
-
|
57
|
+
Content-Type:
|
58
|
+
- application/json; charset=utf-8
|
59
|
+
Content-Length:
|
60
|
+
- '23'
|
61
|
+
Etag:
|
62
|
+
- W/"17-SuRA/yvUWUo8rK6x7dKURLeBo+0"
|
63
|
+
Date:
|
64
|
+
- Mon, 10 May 2021 17:21:43 GMT
|
65
|
+
Via:
|
66
|
+
- 1.1 vegur
|
67
|
+
body:
|
68
|
+
encoding: UTF-8
|
69
|
+
string: '{"message":"Not Found"}'
|
70
|
+
http_version:
|
71
|
+
recorded_at: Mon, 10 May 2021 17:21:43 GMT
|
72
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,73 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: put
|
5
|
+
uri: https://api.workos.com/organizations/org_01F29YJ068E52HGEB8ZQGC9MJG
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"domains":["example.me"],"name":"Test Organization"}'
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.1; x86_64-darwin19; v0.11.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 200
|
23
|
+
message: OK
|
24
|
+
headers:
|
25
|
+
Server:
|
26
|
+
- Cowboy
|
27
|
+
Connection:
|
28
|
+
- keep-alive
|
29
|
+
Vary:
|
30
|
+
- Origin, Accept-Encoding
|
31
|
+
Access-Control-Allow-Credentials:
|
32
|
+
- 'true'
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
X-Request-Id:
|
56
|
+
- 9acc2cae-063a-485f-8a36-df21816b66bf
|
57
|
+
Content-Type:
|
58
|
+
- application/json; charset=utf-8
|
59
|
+
Content-Length:
|
60
|
+
- '202'
|
61
|
+
Etag:
|
62
|
+
- W/"ca-cUBZaGl5MJlERA8SKJ9+GrSHPM0"
|
63
|
+
Date:
|
64
|
+
- Wed, 05 May 2021 22:14:09 GMT
|
65
|
+
Via:
|
66
|
+
- 1.1 vegur
|
67
|
+
body:
|
68
|
+
encoding: UTF-8
|
69
|
+
string: '{"object":"organization","id":"org_01F29YJ068E52HGEB8ZQGC9MJG","name":"Test
|
70
|
+
Organization","domains":[{"object":"organization_domain","id":"org_domain_01F4Z9GXPP2BEH019613C72E4Y","domain":"example.me"}]}'
|
71
|
+
http_version:
|
72
|
+
recorded_at: Wed, 05 May 2021 22:14:09 GMT
|
73
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,73 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: put
|
5
|
+
uri: https://api.workos.com/organizations/org_01F29YJ068E52HGEB8ZQGC9MJG
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"domains":["example.com"],"name":"Test Organization 2"}'
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.1; x86_64-darwin19; v0.11.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 200
|
23
|
+
message: OK
|
24
|
+
headers:
|
25
|
+
Server:
|
26
|
+
- Cowboy
|
27
|
+
Connection:
|
28
|
+
- keep-alive
|
29
|
+
Vary:
|
30
|
+
- Origin, Accept-Encoding
|
31
|
+
Access-Control-Allow-Credentials:
|
32
|
+
- 'true'
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
X-Request-Id:
|
56
|
+
- 6ba2cbf9-76e3-4a6a-8ebe-d25edb366ed0
|
57
|
+
Content-Type:
|
58
|
+
- application/json; charset=utf-8
|
59
|
+
Content-Length:
|
60
|
+
- '205'
|
61
|
+
Etag:
|
62
|
+
- W/"cd-mlRMlyyz/LtzInRhAghs1B+BT4s"
|
63
|
+
Date:
|
64
|
+
- Wed, 05 May 2021 22:14:10 GMT
|
65
|
+
Via:
|
66
|
+
- 1.1 vegur
|
67
|
+
body:
|
68
|
+
encoding: UTF-8
|
69
|
+
string: '{"object":"organization","id":"org_01F29YJ068E52HGEB8ZQGC9MJG","name":"Test
|
70
|
+
Organization 2","domains":[{"object":"organization_domain","id":"org_domain_01F4Z9GY3089GV4SENXWZ9RBX1","domain":"example.com"}]}'
|
71
|
+
http_version:
|
72
|
+
recorded_at: Wed, 05 May 2021 22:14:10 GMT
|
73
|
+
recorded_with: VCR 5.0.0
|
@@ -56,7 +56,7 @@ http_interactions:
|
|
56
56
|
- 1.1 vegur
|
57
57
|
body:
|
58
58
|
encoding: ASCII-8BIT
|
59
|
-
string: '{"object":"connection","id":"conn_01E4F9T2YWZFD218DN04KVFDSY","status":"linked","name":"Foo Corp","connection_type":"GoogleOAuth","oauth_uid":"demo
|
59
|
+
string: '{"object":"connection","id":"conn_01E4F9T2YWZFD218DN04KVFDSY","state":"active","status":"linked","name":"Foo Corp","connection_type":"GoogleOAuth","oauth_uid":"demo
|
60
60
|
client id","oauth_secret":"demo client secret","oauth_redirect_uri":"https://auth.workos.com/sso/oauth/google/gcrSPYSytyQeZKkwKs6Ye4ogM/callback","saml_entity_id":null,"saml_idp_url":null,"saml_relying_party_trust_cert":null,"saml_x509_certs":null,"organization_id":"12345","domains":[{"object":"connection_domain","id":"domain_01E6PK9N3XMD8RHWF7S66380AR","domain":"example.com"}]}'
|
61
61
|
http_version:
|
62
62
|
recorded_at: Fri, 24 Apr 2020 17:20:52 GMT
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: workos
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.11.
|
4
|
+
version: 0.11.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- WorkOS
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-05-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: sorbet-runtime
|
@@ -306,7 +306,11 @@ files:
|
|
306
306
|
- spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_no_options.yml
|
307
307
|
- spec/support/fixtures/vcr_cassettes/organization/create.yml
|
308
308
|
- spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
|
309
|
+
- spec/support/fixtures/vcr_cassettes/organization/get.yml
|
310
|
+
- spec/support/fixtures/vcr_cassettes/organization/get_invalid.yml
|
309
311
|
- spec/support/fixtures/vcr_cassettes/organization/list.yml
|
312
|
+
- spec/support/fixtures/vcr_cassettes/organization/update.yml
|
313
|
+
- spec/support/fixtures/vcr_cassettes/organization/update_invalid.yml
|
310
314
|
- spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml
|
311
315
|
- spec/support/fixtures/vcr_cassettes/passwordless/create_session_invalid.yml
|
312
316
|
- spec/support/fixtures/vcr_cassettes/passwordless/send_session.yml
|
@@ -349,7 +353,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
349
353
|
- !ruby/object:Gem::Version
|
350
354
|
version: '0'
|
351
355
|
requirements: []
|
352
|
-
rubygems_version: 3.2.
|
356
|
+
rubygems_version: 3.2.17
|
353
357
|
signing_key:
|
354
358
|
specification_version: 4
|
355
359
|
summary: API client for WorkOS
|
@@ -393,7 +397,11 @@ test_files:
|
|
393
397
|
- spec/support/fixtures/vcr_cassettes/directory_sync/list_users/with_no_options.yml
|
394
398
|
- spec/support/fixtures/vcr_cassettes/organization/create.yml
|
395
399
|
- spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
|
400
|
+
- spec/support/fixtures/vcr_cassettes/organization/get.yml
|
401
|
+
- spec/support/fixtures/vcr_cassettes/organization/get_invalid.yml
|
396
402
|
- spec/support/fixtures/vcr_cassettes/organization/list.yml
|
403
|
+
- spec/support/fixtures/vcr_cassettes/organization/update.yml
|
404
|
+
- spec/support/fixtures/vcr_cassettes/organization/update_invalid.yml
|
397
405
|
- spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml
|
398
406
|
- spec/support/fixtures/vcr_cassettes/passwordless/create_session_invalid.yml
|
399
407
|
- spec/support/fixtures/vcr_cassettes/passwordless/send_session.yml
|