workos 0.11.1 → 1.2.1

data/lib/workos/passwordless.rb

@@ -23,6 +23,10 @@ module WorkOS
       #  received from WorkOS will contain. The state parameter can be used to
       #  encode arbitrary information to help restore application state between
       #  redirects.
+      # @option options [String] connection Optional parameter for the ID of a
+      #  specific connection. This can be used to create a Passwordless Session
+      #  for a specific connection rather than using the domain from the email
+      #  to determine the Organization and Connection.
       # @option options [String] type The type of Passwordless Session to
       #  create. Currently, the only supported value is 'MagicLink'.
       # @option options [String] redirect_uri The URI where users are directed

data/lib/workos/portal.rb

@@ -15,30 +15,6 @@ module WorkOS
       GENERATE_LINK_INTENTS = WorkOS::Types::Intent.values.map(&:serialize).
                               freeze
 
-      # Create an organization
-      #
-      # @param [Array<String>] domains List of domains that belong to the
-      #  organization
-      # @param [String] name A unique, descriptive name for the organization
-      sig do
-        params(
-          domains: T::Array[String],
-          name: String,
-        ).returns(WorkOS::Organization)
-      end
-      def create_organization(domains:, name:)
-        request = post_request(
-          auth: true,
-          body: { domains: domains, name: name },
-          path: '/organizations',
-        )
-
-        response = execute_request(request: request)
-        check_and_raise_organization_error(response: response)
-
-        WorkOS::Organization.new(response.body)
-      end
-
       # Generate a link to grant access to an organization's Admin Portal
       #
       # @param [String] intent The access scope for the generated Admin Portal
@@ -73,64 +49,8 @@ module WorkOS
         JSON.parse(response.body)['link']
       end
 
-      # Retrieve a list of organizations that have connections configured
-      # within your WorkOS dashboard.
-      #
-      # @param [Array<String>] domains Filter organizations to only return those
-      #  that are associated with the provided domains.
-      # @param [String] before A pagination argument used to request
-      #  organizations before the provided Organization ID.
-      # @param [String] after A pagination argument used to request
-      #  organizations after the provided Organization ID.
-      # @param [Integer] limit A pagination argument used to limit the number
-      #  of listed Organizations that are returned.
-      sig do
-        params(
-          options: T::Hash[Symbol, String],
-        ).returns(WorkOS::Types::ListStruct)
-      end
-      def list_organizations(options = {})
-        response = execute_request(
-          request: get_request(
-            path: '/organizations',
-            auth: true,
-            params: options,
-          ),
-        )
-
-        parsed_response = JSON.parse(response.body)
-
-        organizations = parsed_response['data'].map do |organization|
-          ::WorkOS::Organization.new(organization.to_json)
-        end
-
-        WorkOS::Types::ListStruct.new(
-          data: organizations,
-          list_metadata: parsed_response['listMetadata'],
-        )
-      end
-
       private
 
-      sig { params(response: Net::HTTPResponse).void }
-      def check_and_raise_organization_error(response:)
-        begin
-          body = JSON.parse(response.body)
-          return unless body['message']
-
-          message = body['message']
-          request_id = response['x-request-id']
-        rescue StandardError
-          message = 'Something went wrong'
-        end
-
-        raise APIError.new(
-          message: message,
-          http_status: nil,
-          request_id: request_id,
-        )
-      end
-
       sig { params(intent: String).void }
       def validate_intent(intent)
         return if GENERATE_LINK_INTENTS.include?(intent)

data/lib/workos/profile.rb

@@ -48,22 +48,20 @@ module WorkOS
 
     private
 
-    # rubocop:disable Metrics/AbcSize
     sig { params(json_string: String).returns(WorkOS::Types::ProfileStruct) }
     def parse_json(json_string)
       hash = JSON.parse(json_string, symbolize_names: true)
 
       WorkOS::Types::ProfileStruct.new(
-        id: hash[:profile][:id],
-        email: hash[:profile][:email],
-        first_name: hash[:profile][:first_name],
-        last_name: hash[:profile][:last_name],
-        connection_id: hash[:profile][:connection_id],
-        connection_type: hash[:profile][:connection_type],
-        idp_id: hash[:profile][:idp_id],
-        raw_attributes: hash[:profile][:raw_attributes],
+        id: hash[:id],
+        email: hash[:email],
+        first_name: hash[:first_name],
+        last_name: hash[:last_name],
+        connection_id: hash[:connection_id],
+        connection_type: hash[:connection_type],
+        idp_id: hash[:idp_id],
+        raw_attributes: hash[:raw_attributes],
       )
     end
-    # rubocop:enable Metrics/AbcSize
   end
 end

data/lib/workos/profile_and_token.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+# typed: true
+
+module WorkOS
+  # The ProfileAndToken class represents a Profile and a corresponding
+  # Access Token. This class is not meant to be instantiated in user space, and
+  # is instantiated internally but exposed.
+  class ProfileAndToken
+    extend T::Sig
+
+    attr_accessor :access_token, :profile
+
+    sig { params(profile_and_token_json: String).void }
+    def initialize(profile_and_token_json)
+      json = JSON.parse(profile_and_token_json, symbolize_names: true)
+
+      @access_token = T.let(json[:access_token], String)
+      @profile = WorkOS::Profile.new(json[:profile].to_json)
+    end
+
+    def to_json(*)
+      {
+        access_token: access_token,
+        profile: profile.to_json,
+      }
+    end
+  end
+end

data/lib/workos/sso.rb

@@ -30,8 +30,6 @@ module WorkOS
       #  WorkOS.
       # @param [String] client_id The WorkOS client ID for the environment
       #  where you've configured your SSO connection.
-      # @param [String] project_id The WorkOS project ID for the project.
-      # The project_id is deprecated in Dashboard2.
       # @param [String] redirect_uri The URI where users are directed
       #  after completing the authentication step. Must match a
       #  configured redirect URI on your WorkOS dashboard.
@@ -56,7 +54,6 @@ module WorkOS
       sig do
         params(
           redirect_uri: String,
-          project_id: T.nilable(String),
           client_id: T.nilable(String),
           domain: T.nilable(String),
           provider: T.nilable(String),
@@ -64,22 +61,14 @@ module WorkOS
           state: T.nilable(String),
         ).returns(String)
       end
-      # rubocop:disable Metrics/MethodLength, Metrics/ParameterLists
       def authorization_url(
         redirect_uri:,
-        project_id: nil,
         client_id: nil,
         domain: nil,
         provider: nil,
         connection: nil,
         state: ''
       )
-        if project_id
-          warn '[DEPRECATION] `project_id` is deprecated.
-          Please use `client_id` instead.'
-          client_id = project_id
-        end
-
         validate_authorization_url_arguments(
           provider: provider,
           domain: domain,
@@ -98,46 +87,38 @@ module WorkOS
 
         "https://#{WorkOS::API_HOSTNAME}/sso/authorize?#{query}"
       end
-      # rubocop:enable Metrics/MethodLength, Metrics/ParameterLists
+
+      sig do
+        params(
+          access_token: String,
+        ).returns(WorkOS::Profile)
+      end
+      def get_profile(access_token:)
+        response = execute_request(
+          request: get_request(
+            path: '/sso/profile',
+            auth: true,
+            access_token: access_token,
+          ),
+        )
+
+        WorkOS::Profile.new(response.body)
+      end
 
       # Fetch the profile details for the authenticated SSO user.
       #
       # @param [String] code The authorization code provided in the callback URL
       # @param [String] client_id The WorkOS client ID for the environment
-      #  where you've  configured your SSO connection
-      # @param [String] project_id The WorkOS project ID for the project.
-      # The project_id is deprecated in Dashboard2.
+      #  where you've configured your SSO connection
       #
-      # @example
-      #   WorkOS::SSO.profile(
-      #     code: 'acme.com',
-      #     client_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ'
-      #   )
-      #   => #<WorkOS::Profile:0x00007fb6e4193d20
-      #         @id="prof_01DRA1XNSJDZ19A31F183ECQW5",
-      #         @email="demo@workos-okta.com",
-      #         @first_name="WorkOS",
-      #         @connection_type="OktaSAML",
-      #         @last_name="Demo",
-      #         @idp_id="00u1klkowm8EGah2H357",
-      #         @access_token="01DVX6QBS3EG6FHY2ESAA5Q65X"
-      #        >
-      #
-      # @return [WorkOS::Profile]
+      # @return [WorkOS::ProfileAndToken]
       sig do
         params(
           code: String,
-          project_id: T.nilable(String),
           client_id: T.nilable(String),
-        ).returns(WorkOS::Profile)
+        ).returns(WorkOS::ProfileAndToken)
       end
-      def profile(code:, project_id: nil, client_id: nil)
-        if project_id
-          warn '[DEPRECATION] `project_id` is deprecated.
-          Please use `client_id` instead.'
-          client_id = project_id
-        end
-
+      def profile_and_token(code:, client_id: nil)
         body = {
           client_id: client_id,
           client_secret: WorkOS.key!,
@@ -146,65 +127,9 @@ module WorkOS
         }
 
         response = client.request(post_request(path: '/sso/token', body: body))
-        check_and_raise_profile_error(response: response)
+        check_and_raise_profile_and_token_error(response: response)
 
-        WorkOS::Profile.new(response.body)
-      end
-
-      # Promote a DraftConnection created via the WorkOS.js embed such that the
-      # Enterprise users can begin signing into your application.
-      #
-      # @param [String] token The Draft Connection token that's been provided to
-      # you by the WorkOS.js
-      #
-      # @example
-      #   WorkOS::SSO.promote_draft_connection(
-      #     token: 'draft_conn_429u59js',
-      #   )
-      #   => true
-      #
-      # @return [Bool] - returns `true` if successful, `false` otherwise.
-      # @see https://github.com/workos-inc/ruby-idp-link-example
-      sig { params(token: String).returns(T::Boolean) }
-      def promote_draft_connection(token:)
-        request = post_request(
-          auth: true,
-          path: "/draft_connections/#{token}/activate",
-        )
-
-        response = client.request(request)
-
-        response.is_a? Net::HTTPSuccess
-      end
-
-      # Create a Connection
-      #
-      # @param [String] source The Draft Connection token that's been provided
-      # to you by WorkOS.js
-      #
-      # @example
-      #   WorkOS::SSO.create_connection(source: 'draft_conn_429u59js')
-      #   => #<WorkOS::Connection:0x00007fb6e4193d20
-      #         @id="conn_02DRA1XNSJDZ19A31F183ECQW9",
-      #         @name="Foo Corp",
-      #         @connection_type="OktaSAML",
-      #         @domains=
-      #          [{:object=>"connection_domain",
-      #            :id=>"domain_01E6PK9N3XMD8RHWF7S66380AR",
-      #            :domain=>"example.com"}]>
-      #
-      # @return [WorkOS::Connection]
-      sig { params(source: String).returns(WorkOS::Connection) }
-      def create_connection(source:)
-        request = post_request(
-          auth: true,
-          path: '/connections',
-          body: { source: source },
-        )
-
-        response = execute_request(request: request)
-
-        WorkOS::Connection.new(response.body)
+        WorkOS::ProfileAndToken.new(response.body)
       end
 
       # Retrieve connections.
@@ -323,10 +248,10 @@ module WorkOS
       end
 
       sig { params(response: Net::HTTPResponse).void }
-      def check_and_raise_profile_error(response:)
+      def check_and_raise_profile_and_token_error(response:)
         begin
           body = JSON.parse(response.body)
-          return if body['profile']
+          return if body['access_token'] && body['profile']
 
           message = body['message']
           request_id = response['x-request-id']

data/lib/workos/types/connection_struct.rb

@@ -11,6 +11,7 @@ module WorkOS
       const :connection_type, String
       const :domains, T::Array[T.untyped]
       const :organization_id, String
+      const :state, String
       const :status, String
     end
   end

data/lib/workos/version.rb

@@ -2,5 +2,5 @@
 # typed: strong
 
 module WorkOS
-  VERSION = '0.11.1'
+  VERSION = '1.2.1'
 end

data/spec/lib/workos/organizations_spec.rb

@@ -0,0 +1,191 @@
+# frozen_string_literal: true
+# typed: false
+
+describe WorkOS::Organizations do
+  describe '.create_organization' do
+    context 'with valid payload' do
+      it 'creates an organization' do
+        VCR.use_cassette 'organization/create' do
+          organization = described_class.create_organization(
+            domains: ['example.com'],
+            name: 'Test Organization',
+          )
+
+          expect(organization.id).to eq('org_01EHT88Z8J8795GZNQ4ZP1J81T')
+          expect(organization.name).to eq('Test Organization')
+          expect(organization.domains.first[:domain]).to eq('example.com')
+        end
+      end
+    end
+
+    context 'with an invalid payload' do
+      it 'returns an error' do
+        VCR.use_cassette 'organization/create_invalid' do
+          expect do
+            described_class.create_organization(
+              domains: ['example.com'],
+              name: 'Test Organization 2',
+            )
+          end.to raise_error(
+            WorkOS::APIError,
+            /An Organization with the domain example.com already exists/,
+          )
+        end
+      end
+    end
+  end
+
+  describe '.list_organizations' do
+    context 'with no options' do
+      it 'returns organizations and metadata' do
+        expected_metadata = {
+          'after' => nil,
+          'before' => 'before-id',
+        }
+
+        VCR.use_cassette 'organization/list' do
+          organizations = described_class.list_organizations
+
+          expect(organizations.data.size).to eq(7)
+          expect(organizations.list_metadata).to eq(expected_metadata)
+        end
+      end
+    end
+
+    context 'with the before option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations?before=before-id',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
+          organizations = described_class.list_organizations(
+            before: 'before-id',
+          )
+
+          expect(organizations.data.size).to eq(7)
+        end
+      end
+    end
+
+    context 'with the after option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations?after=after-id',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
+          organizations = described_class.list_organizations(after: 'after-id')
+
+          expect(organizations.data.size).to eq(7)
+        end
+      end
+    end
+
+    context 'with the limit option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations?limit=10',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
+          organizations = described_class.list_organizations(limit: 10)
+
+          expect(organizations.data.size).to eq(7)
+        end
+      end
+    end
+  end
+
+  describe '.get_organization' do
+    context 'with a valid id' do
+      it 'gets the organization details' do
+        VCR.use_cassette('organization/get') do
+          organization = described_class.get_organization(
+            id: 'org_01EZDF20TZEJXKPSX2BJRN6TV6',
+          )
+
+          expect(organization.id).to eq('org_01EZDF20TZEJXKPSX2BJRN6TV6')
+          expect(organization.name).to eq('Foo Corp')
+          expect(organization.domains.first[:domain]).to eq('foo-corp.com')
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'raises an error' do
+        VCR.use_cassette('organization/get_invalid') do
+          expect do
+            described_class.get_organization(id: 'invalid')
+          end.to raise_error(
+            WorkOS::APIError,
+            'Status 404, Not Found - request ID: ',
+          )
+        end
+      end
+    end
+  end
+
+  describe '.update_organization' do
+    context 'with valid payload' do
+      it 'creates an organization' do
+        VCR.use_cassette 'organization/update' do
+          organization = described_class.update_organization(
+            organization: 'org_01F29YJ068E52HGEB8ZQGC9MJG',
+            domains: ['example.me'],
+            name: 'Test Organization',
+          )
+
+          expect(organization.id).to eq('org_01F29YJ068E52HGEB8ZQGC9MJG')
+          expect(organization.name).to eq('Test Organization')
+          expect(organization.domains.first[:domain]).to eq('example.me')
+        end
+      end
+    end
+  end
+
+  describe '.delete_organization' do
+    context 'with a valid id' do
+      it 'returns true' do
+        VCR.use_cassette('organization/delete') do
+          response = described_class.delete_organization(
+            id: 'org_01F4A8TD0B4N1Y9SJ8SH635HDB',
+          )
+
+          expect(response).to be(true)
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'returns false' do
+        VCR.use_cassette('organization/delete_invalid') do
+          expect do
+            described_class.delete_organization(id: 'invalid')
+          end.to raise_error(
+            WorkOS::APIError,
+            'Status 404, Not Found - request ID: ',
+          )
+        end
+      end
+    end
+  end
+end