workos 0.11.1 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -23,6 +23,10 @@ module WorkOS
23
23
  # received from WorkOS will contain. The state parameter can be used to
24
24
  # encode arbitrary information to help restore application state between
25
25
  # redirects.
26
+ # @option options [String] connection Optional parameter for the ID of a
27
+ # specific connection. This can be used to create a Passwordless Session
28
+ # for a specific connection rather than using the domain from the email
29
+ # to determine the Organization and Connection.
26
30
  # @option options [String] type The type of Passwordless Session to
27
31
  # create. Currently, the only supported value is 'MagicLink'.
28
32
  # @option options [String] redirect_uri The URI where users are directed
data/lib/workos/portal.rb CHANGED
@@ -15,30 +15,6 @@ module WorkOS
15
15
  GENERATE_LINK_INTENTS = WorkOS::Types::Intent.values.map(&:serialize).
16
16
  freeze
17
17
 
18
- # Create an organization
19
- #
20
- # @param [Array<String>] domains List of domains that belong to the
21
- # organization
22
- # @param [String] name A unique, descriptive name for the organization
23
- sig do
24
- params(
25
- domains: T::Array[String],
26
- name: String,
27
- ).returns(WorkOS::Organization)
28
- end
29
- def create_organization(domains:, name:)
30
- request = post_request(
31
- auth: true,
32
- body: { domains: domains, name: name },
33
- path: '/organizations',
34
- )
35
-
36
- response = execute_request(request: request)
37
- check_and_raise_organization_error(response: response)
38
-
39
- WorkOS::Organization.new(response.body)
40
- end
41
-
42
18
  # Generate a link to grant access to an organization's Admin Portal
43
19
  #
44
20
  # @param [String] intent The access scope for the generated Admin Portal
@@ -73,64 +49,8 @@ module WorkOS
73
49
  JSON.parse(response.body)['link']
74
50
  end
75
51
 
76
- # Retrieve a list of organizations that have connections configured
77
- # within your WorkOS dashboard.
78
- #
79
- # @param [Array<String>] domains Filter organizations to only return those
80
- # that are associated with the provided domains.
81
- # @param [String] before A pagination argument used to request
82
- # organizations before the provided Organization ID.
83
- # @param [String] after A pagination argument used to request
84
- # organizations after the provided Organization ID.
85
- # @param [Integer] limit A pagination argument used to limit the number
86
- # of listed Organizations that are returned.
87
- sig do
88
- params(
89
- options: T::Hash[Symbol, String],
90
- ).returns(WorkOS::Types::ListStruct)
91
- end
92
- def list_organizations(options = {})
93
- response = execute_request(
94
- request: get_request(
95
- path: '/organizations',
96
- auth: true,
97
- params: options,
98
- ),
99
- )
100
-
101
- parsed_response = JSON.parse(response.body)
102
-
103
- organizations = parsed_response['data'].map do |organization|
104
- ::WorkOS::Organization.new(organization.to_json)
105
- end
106
-
107
- WorkOS::Types::ListStruct.new(
108
- data: organizations,
109
- list_metadata: parsed_response['listMetadata'],
110
- )
111
- end
112
-
113
52
  private
114
53
 
115
- sig { params(response: Net::HTTPResponse).void }
116
- def check_and_raise_organization_error(response:)
117
- begin
118
- body = JSON.parse(response.body)
119
- return unless body['message']
120
-
121
- message = body['message']
122
- request_id = response['x-request-id']
123
- rescue StandardError
124
- message = 'Something went wrong'
125
- end
126
-
127
- raise APIError.new(
128
- message: message,
129
- http_status: nil,
130
- request_id: request_id,
131
- )
132
- end
133
-
134
54
  sig { params(intent: String).void }
135
55
  def validate_intent(intent)
136
56
  return if GENERATE_LINK_INTENTS.include?(intent)
@@ -48,22 +48,20 @@ module WorkOS
48
48
 
49
49
  private
50
50
 
51
- # rubocop:disable Metrics/AbcSize
52
51
  sig { params(json_string: String).returns(WorkOS::Types::ProfileStruct) }
53
52
  def parse_json(json_string)
54
53
  hash = JSON.parse(json_string, symbolize_names: true)
55
54
 
56
55
  WorkOS::Types::ProfileStruct.new(
57
- id: hash[:profile][:id],
58
- email: hash[:profile][:email],
59
- first_name: hash[:profile][:first_name],
60
- last_name: hash[:profile][:last_name],
61
- connection_id: hash[:profile][:connection_id],
62
- connection_type: hash[:profile][:connection_type],
63
- idp_id: hash[:profile][:idp_id],
64
- raw_attributes: hash[:profile][:raw_attributes],
56
+ id: hash[:id],
57
+ email: hash[:email],
58
+ first_name: hash[:first_name],
59
+ last_name: hash[:last_name],
60
+ connection_id: hash[:connection_id],
61
+ connection_type: hash[:connection_type],
62
+ idp_id: hash[:idp_id],
63
+ raw_attributes: hash[:raw_attributes],
65
64
  )
66
65
  end
67
- # rubocop:enable Metrics/AbcSize
68
66
  end
69
67
  end
@@ -0,0 +1,28 @@
1
+ # frozen_string_literal: true
2
+ # typed: true
3
+
4
+ module WorkOS
5
+ # The ProfileAndToken class represents a Profile and a corresponding
6
+ # Access Token. This class is not meant to be instantiated in user space, and
7
+ # is instantiated internally but exposed.
8
+ class ProfileAndToken
9
+ extend T::Sig
10
+
11
+ attr_accessor :access_token, :profile
12
+
13
+ sig { params(profile_and_token_json: String).void }
14
+ def initialize(profile_and_token_json)
15
+ json = JSON.parse(profile_and_token_json, symbolize_names: true)
16
+
17
+ @access_token = T.let(json[:access_token], String)
18
+ @profile = WorkOS::Profile.new(json[:profile].to_json)
19
+ end
20
+
21
+ def to_json(*)
22
+ {
23
+ access_token: access_token,
24
+ profile: profile.to_json,
25
+ }
26
+ end
27
+ end
28
+ end
data/lib/workos/sso.rb CHANGED
@@ -30,8 +30,6 @@ module WorkOS
30
30
  # WorkOS.
31
31
  # @param [String] client_id The WorkOS client ID for the environment
32
32
  # where you've configured your SSO connection.
33
- # @param [String] project_id The WorkOS project ID for the project.
34
- # The project_id is deprecated in Dashboard2.
35
33
  # @param [String] redirect_uri The URI where users are directed
36
34
  # after completing the authentication step. Must match a
37
35
  # configured redirect URI on your WorkOS dashboard.
@@ -56,7 +54,6 @@ module WorkOS
56
54
  sig do
57
55
  params(
58
56
  redirect_uri: String,
59
- project_id: T.nilable(String),
60
57
  client_id: T.nilable(String),
61
58
  domain: T.nilable(String),
62
59
  provider: T.nilable(String),
@@ -64,22 +61,14 @@ module WorkOS
64
61
  state: T.nilable(String),
65
62
  ).returns(String)
66
63
  end
67
- # rubocop:disable Metrics/MethodLength, Metrics/ParameterLists
68
64
  def authorization_url(
69
65
  redirect_uri:,
70
- project_id: nil,
71
66
  client_id: nil,
72
67
  domain: nil,
73
68
  provider: nil,
74
69
  connection: nil,
75
70
  state: ''
76
71
  )
77
- if project_id
78
- warn '[DEPRECATION] `project_id` is deprecated.
79
- Please use `client_id` instead.'
80
- client_id = project_id
81
- end
82
-
83
72
  validate_authorization_url_arguments(
84
73
  provider: provider,
85
74
  domain: domain,
@@ -98,46 +87,38 @@ module WorkOS
98
87
 
99
88
  "https://#{WorkOS::API_HOSTNAME}/sso/authorize?#{query}"
100
89
  end
101
- # rubocop:enable Metrics/MethodLength, Metrics/ParameterLists
90
+
91
+ sig do
92
+ params(
93
+ access_token: String,
94
+ ).returns(WorkOS::Profile)
95
+ end
96
+ def get_profile(access_token:)
97
+ response = execute_request(
98
+ request: get_request(
99
+ path: '/sso/profile',
100
+ auth: true,
101
+ access_token: access_token,
102
+ ),
103
+ )
104
+
105
+ WorkOS::Profile.new(response.body)
106
+ end
102
107
 
103
108
  # Fetch the profile details for the authenticated SSO user.
104
109
  #
105
110
  # @param [String] code The authorization code provided in the callback URL
106
111
  # @param [String] client_id The WorkOS client ID for the environment
107
- # where you've configured your SSO connection
108
- # @param [String] project_id The WorkOS project ID for the project.
109
- # The project_id is deprecated in Dashboard2.
112
+ # where you've configured your SSO connection
110
113
  #
111
- # @example
112
- # WorkOS::SSO.profile(
113
- # code: 'acme.com',
114
- # client_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ'
115
- # )
116
- # => #<WorkOS::Profile:0x00007fb6e4193d20
117
- # @id="prof_01DRA1XNSJDZ19A31F183ECQW5",
118
- # @email="demo@workos-okta.com",
119
- # @first_name="WorkOS",
120
- # @connection_type="OktaSAML",
121
- # @last_name="Demo",
122
- # @idp_id="00u1klkowm8EGah2H357",
123
- # @access_token="01DVX6QBS3EG6FHY2ESAA5Q65X"
124
- # >
125
- #
126
- # @return [WorkOS::Profile]
114
+ # @return [WorkOS::ProfileAndToken]
127
115
  sig do
128
116
  params(
129
117
  code: String,
130
- project_id: T.nilable(String),
131
118
  client_id: T.nilable(String),
132
- ).returns(WorkOS::Profile)
119
+ ).returns(WorkOS::ProfileAndToken)
133
120
  end
134
- def profile(code:, project_id: nil, client_id: nil)
135
- if project_id
136
- warn '[DEPRECATION] `project_id` is deprecated.
137
- Please use `client_id` instead.'
138
- client_id = project_id
139
- end
140
-
121
+ def profile_and_token(code:, client_id: nil)
141
122
  body = {
142
123
  client_id: client_id,
143
124
  client_secret: WorkOS.key!,
@@ -146,65 +127,9 @@ module WorkOS
146
127
  }
147
128
 
148
129
  response = client.request(post_request(path: '/sso/token', body: body))
149
- check_and_raise_profile_error(response: response)
130
+ check_and_raise_profile_and_token_error(response: response)
150
131
 
151
- WorkOS::Profile.new(response.body)
152
- end
153
-
154
- # Promote a DraftConnection created via the WorkOS.js embed such that the
155
- # Enterprise users can begin signing into your application.
156
- #
157
- # @param [String] token The Draft Connection token that's been provided to
158
- # you by the WorkOS.js
159
- #
160
- # @example
161
- # WorkOS::SSO.promote_draft_connection(
162
- # token: 'draft_conn_429u59js',
163
- # )
164
- # => true
165
- #
166
- # @return [Bool] - returns `true` if successful, `false` otherwise.
167
- # @see https://github.com/workos-inc/ruby-idp-link-example
168
- sig { params(token: String).returns(T::Boolean) }
169
- def promote_draft_connection(token:)
170
- request = post_request(
171
- auth: true,
172
- path: "/draft_connections/#{token}/activate",
173
- )
174
-
175
- response = client.request(request)
176
-
177
- response.is_a? Net::HTTPSuccess
178
- end
179
-
180
- # Create a Connection
181
- #
182
- # @param [String] source The Draft Connection token that's been provided
183
- # to you by WorkOS.js
184
- #
185
- # @example
186
- # WorkOS::SSO.create_connection(source: 'draft_conn_429u59js')
187
- # => #<WorkOS::Connection:0x00007fb6e4193d20
188
- # @id="conn_02DRA1XNSJDZ19A31F183ECQW9",
189
- # @name="Foo Corp",
190
- # @connection_type="OktaSAML",
191
- # @domains=
192
- # [{:object=>"connection_domain",
193
- # :id=>"domain_01E6PK9N3XMD8RHWF7S66380AR",
194
- # :domain=>"example.com"}]>
195
- #
196
- # @return [WorkOS::Connection]
197
- sig { params(source: String).returns(WorkOS::Connection) }
198
- def create_connection(source:)
199
- request = post_request(
200
- auth: true,
201
- path: '/connections',
202
- body: { source: source },
203
- )
204
-
205
- response = execute_request(request: request)
206
-
207
- WorkOS::Connection.new(response.body)
132
+ WorkOS::ProfileAndToken.new(response.body)
208
133
  end
209
134
 
210
135
  # Retrieve connections.
@@ -323,10 +248,10 @@ module WorkOS
323
248
  end
324
249
 
325
250
  sig { params(response: Net::HTTPResponse).void }
326
- def check_and_raise_profile_error(response:)
251
+ def check_and_raise_profile_and_token_error(response:)
327
252
  begin
328
253
  body = JSON.parse(response.body)
329
- return if body['profile']
254
+ return if body['access_token'] && body['profile']
330
255
 
331
256
  message = body['message']
332
257
  request_id = response['x-request-id']
@@ -11,6 +11,7 @@ module WorkOS
11
11
  const :connection_type, String
12
12
  const :domains, T::Array[T.untyped]
13
13
  const :organization_id, String
14
+ const :state, String
14
15
  const :status, String
15
16
  end
16
17
  end
@@ -2,5 +2,5 @@
2
2
  # typed: strong
3
3
 
4
4
  module WorkOS
5
- VERSION = '0.11.1'
5
+ VERSION = '1.2.1'
6
6
  end
@@ -0,0 +1,191 @@
1
+ # frozen_string_literal: true
2
+ # typed: false
3
+
4
+ describe WorkOS::Organizations do
5
+ describe '.create_organization' do
6
+ context 'with valid payload' do
7
+ it 'creates an organization' do
8
+ VCR.use_cassette 'organization/create' do
9
+ organization = described_class.create_organization(
10
+ domains: ['example.com'],
11
+ name: 'Test Organization',
12
+ )
13
+
14
+ expect(organization.id).to eq('org_01EHT88Z8J8795GZNQ4ZP1J81T')
15
+ expect(organization.name).to eq('Test Organization')
16
+ expect(organization.domains.first[:domain]).to eq('example.com')
17
+ end
18
+ end
19
+ end
20
+
21
+ context 'with an invalid payload' do
22
+ it 'returns an error' do
23
+ VCR.use_cassette 'organization/create_invalid' do
24
+ expect do
25
+ described_class.create_organization(
26
+ domains: ['example.com'],
27
+ name: 'Test Organization 2',
28
+ )
29
+ end.to raise_error(
30
+ WorkOS::APIError,
31
+ /An Organization with the domain example.com already exists/,
32
+ )
33
+ end
34
+ end
35
+ end
36
+ end
37
+
38
+ describe '.list_organizations' do
39
+ context 'with no options' do
40
+ it 'returns organizations and metadata' do
41
+ expected_metadata = {
42
+ 'after' => nil,
43
+ 'before' => 'before-id',
44
+ }
45
+
46
+ VCR.use_cassette 'organization/list' do
47
+ organizations = described_class.list_organizations
48
+
49
+ expect(organizations.data.size).to eq(7)
50
+ expect(organizations.list_metadata).to eq(expected_metadata)
51
+ end
52
+ end
53
+ end
54
+
55
+ context 'with the before option' do
56
+ it 'forms the proper request to the API' do
57
+ request_args = [
58
+ '/organizations?before=before-id',
59
+ 'Content-Type' => 'application/json'
60
+ ]
61
+
62
+ expected_request = Net::HTTP::Get.new(*request_args)
63
+
64
+ expect(Net::HTTP::Get).to receive(:new).with(*request_args).
65
+ and_return(expected_request)
66
+
67
+ VCR.use_cassette 'organization/list', match_requests_on: [:path] do
68
+ organizations = described_class.list_organizations(
69
+ before: 'before-id',
70
+ )
71
+
72
+ expect(organizations.data.size).to eq(7)
73
+ end
74
+ end
75
+ end
76
+
77
+ context 'with the after option' do
78
+ it 'forms the proper request to the API' do
79
+ request_args = [
80
+ '/organizations?after=after-id',
81
+ 'Content-Type' => 'application/json'
82
+ ]
83
+
84
+ expected_request = Net::HTTP::Get.new(*request_args)
85
+
86
+ expect(Net::HTTP::Get).to receive(:new).with(*request_args).
87
+ and_return(expected_request)
88
+
89
+ VCR.use_cassette 'organization/list', match_requests_on: [:path] do
90
+ organizations = described_class.list_organizations(after: 'after-id')
91
+
92
+ expect(organizations.data.size).to eq(7)
93
+ end
94
+ end
95
+ end
96
+
97
+ context 'with the limit option' do
98
+ it 'forms the proper request to the API' do
99
+ request_args = [
100
+ '/organizations?limit=10',
101
+ 'Content-Type' => 'application/json'
102
+ ]
103
+
104
+ expected_request = Net::HTTP::Get.new(*request_args)
105
+
106
+ expect(Net::HTTP::Get).to receive(:new).with(*request_args).
107
+ and_return(expected_request)
108
+
109
+ VCR.use_cassette 'organization/list', match_requests_on: [:path] do
110
+ organizations = described_class.list_organizations(limit: 10)
111
+
112
+ expect(organizations.data.size).to eq(7)
113
+ end
114
+ end
115
+ end
116
+ end
117
+
118
+ describe '.get_organization' do
119
+ context 'with a valid id' do
120
+ it 'gets the organization details' do
121
+ VCR.use_cassette('organization/get') do
122
+ organization = described_class.get_organization(
123
+ id: 'org_01EZDF20TZEJXKPSX2BJRN6TV6',
124
+ )
125
+
126
+ expect(organization.id).to eq('org_01EZDF20TZEJXKPSX2BJRN6TV6')
127
+ expect(organization.name).to eq('Foo Corp')
128
+ expect(organization.domains.first[:domain]).to eq('foo-corp.com')
129
+ end
130
+ end
131
+ end
132
+
133
+ context 'with an invalid id' do
134
+ it 'raises an error' do
135
+ VCR.use_cassette('organization/get_invalid') do
136
+ expect do
137
+ described_class.get_organization(id: 'invalid')
138
+ end.to raise_error(
139
+ WorkOS::APIError,
140
+ 'Status 404, Not Found - request ID: ',
141
+ )
142
+ end
143
+ end
144
+ end
145
+ end
146
+
147
+ describe '.update_organization' do
148
+ context 'with valid payload' do
149
+ it 'creates an organization' do
150
+ VCR.use_cassette 'organization/update' do
151
+ organization = described_class.update_organization(
152
+ organization: 'org_01F29YJ068E52HGEB8ZQGC9MJG',
153
+ domains: ['example.me'],
154
+ name: 'Test Organization',
155
+ )
156
+
157
+ expect(organization.id).to eq('org_01F29YJ068E52HGEB8ZQGC9MJG')
158
+ expect(organization.name).to eq('Test Organization')
159
+ expect(organization.domains.first[:domain]).to eq('example.me')
160
+ end
161
+ end
162
+ end
163
+ end
164
+
165
+ describe '.delete_organization' do
166
+ context 'with a valid id' do
167
+ it 'returns true' do
168
+ VCR.use_cassette('organization/delete') do
169
+ response = described_class.delete_organization(
170
+ id: 'org_01F4A8TD0B4N1Y9SJ8SH635HDB',
171
+ )
172
+
173
+ expect(response).to be(true)
174
+ end
175
+ end
176
+ end
177
+
178
+ context 'with an invalid id' do
179
+ it 'returns false' do
180
+ VCR.use_cassette('organization/delete_invalid') do
181
+ expect do
182
+ described_class.delete_organization(id: 'invalid')
183
+ end.to raise_error(
184
+ WorkOS::APIError,
185
+ 'Status 404, Not Found - request ID: ',
186
+ )
187
+ end
188
+ end
189
+ end
190
+ end
191
+ end