workos 0.11.1 → 1.2.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.rubocop.yml +2 -0
- data/.semaphore/semaphore.yml +2 -2
- data/Gemfile.lock +2 -2
- data/LICENSE +1 -1
- data/README.md +13 -230
- data/lib/workos.rb +2 -0
- data/lib/workos/client.rb +21 -3
- data/lib/workos/connection.rb +5 -1
- data/lib/workos/organizations.rb +171 -0
- data/lib/workos/passwordless.rb +4 -0
- data/lib/workos/portal.rb +0 -80
- data/lib/workos/profile.rb +8 -10
- data/lib/workos/profile_and_token.rb +28 -0
- data/lib/workos/sso.rb +25 -100
- data/lib/workos/types/connection_struct.rb +1 -0
- data/lib/workos/version.rb +1 -1
- data/spec/lib/workos/organizations_spec.rb +191 -0
- data/spec/lib/workos/portal_spec.rb +0 -113
- data/spec/lib/workos/sso_spec.rb +35 -115
- data/spec/support/fixtures/vcr_cassettes/organization/delete.yml +72 -0
- data/spec/support/fixtures/vcr_cassettes/organization/delete_invalid.yml +72 -0
- data/spec/support/fixtures/vcr_cassettes/organization/get.yml +73 -0
- data/spec/support/fixtures/vcr_cassettes/{sso/create_connection_with_invalid_source.yml → organization/get_invalid.yml} +26 -12
- data/spec/support/fixtures/vcr_cassettes/organization/update.yml +73 -0
- data/spec/support/fixtures/vcr_cassettes/organization/update_invalid.yml +73 -0
- data/spec/support/fixtures/vcr_cassettes/sso/profile.yml +74 -0
- data/workos.gemspec +1 -1
- metadata +23 -9
- data/spec/support/fixtures/vcr_cassettes/sso/create_connection_with_valid_source.yml +0 -63
@@ -2,39 +2,6 @@
|
|
2
2
|
# typed: false
|
3
3
|
|
4
4
|
describe WorkOS::Portal do
|
5
|
-
describe '.create_organization' do
|
6
|
-
context 'with valid payload' do
|
7
|
-
it 'creates an organization' do
|
8
|
-
VCR.use_cassette 'organization/create' do
|
9
|
-
organization = described_class.create_organization(
|
10
|
-
domains: ['example.com'],
|
11
|
-
name: 'Test Organization',
|
12
|
-
)
|
13
|
-
|
14
|
-
expect(organization.id).to eq('org_01EHT88Z8J8795GZNQ4ZP1J81T')
|
15
|
-
expect(organization.name).to eq('Test Organization')
|
16
|
-
expect(organization.domains.first[:domain]).to eq('example.com')
|
17
|
-
end
|
18
|
-
end
|
19
|
-
end
|
20
|
-
|
21
|
-
context 'with an invalid payload' do
|
22
|
-
it 'returns an error' do
|
23
|
-
VCR.use_cassette 'organization/create_invalid' do
|
24
|
-
expect do
|
25
|
-
described_class.create_organization(
|
26
|
-
domains: ['example.com'],
|
27
|
-
name: 'Test Organization 2',
|
28
|
-
)
|
29
|
-
end.to raise_error(
|
30
|
-
WorkOS::APIError,
|
31
|
-
/An Organization with the domain example.com already exists/,
|
32
|
-
)
|
33
|
-
end
|
34
|
-
end
|
35
|
-
end
|
36
|
-
end
|
37
|
-
|
38
5
|
describe '.generate_link' do
|
39
6
|
let(:organization) { 'org_01EHQMYV6MBK39QC5PZXHY59C3' }
|
40
7
|
|
@@ -100,84 +67,4 @@ describe WorkOS::Portal do
|
|
100
67
|
end
|
101
68
|
end
|
102
69
|
end
|
103
|
-
|
104
|
-
describe '.list_organizations' do
|
105
|
-
context 'with no options' do
|
106
|
-
it 'returns organizations and metadata' do
|
107
|
-
expected_metadata = {
|
108
|
-
'after' => nil,
|
109
|
-
'before' => 'before-id',
|
110
|
-
}
|
111
|
-
|
112
|
-
VCR.use_cassette 'organization/list' do
|
113
|
-
organizations = described_class.list_organizations
|
114
|
-
|
115
|
-
expect(organizations.data.size).to eq(7)
|
116
|
-
expect(organizations.list_metadata).to eq(expected_metadata)
|
117
|
-
end
|
118
|
-
end
|
119
|
-
end
|
120
|
-
|
121
|
-
context 'with the before option' do
|
122
|
-
it 'forms the proper request to the API' do
|
123
|
-
request_args = [
|
124
|
-
'/organizations?before=before-id',
|
125
|
-
'Content-Type' => 'application/json'
|
126
|
-
]
|
127
|
-
|
128
|
-
expected_request = Net::HTTP::Get.new(*request_args)
|
129
|
-
|
130
|
-
expect(Net::HTTP::Get).to receive(:new).with(*request_args).
|
131
|
-
and_return(expected_request)
|
132
|
-
|
133
|
-
VCR.use_cassette 'organization/list', match_requests_on: [:path] do
|
134
|
-
organizations = described_class.list_organizations(
|
135
|
-
before: 'before-id',
|
136
|
-
)
|
137
|
-
|
138
|
-
expect(organizations.data.size).to eq(7)
|
139
|
-
end
|
140
|
-
end
|
141
|
-
end
|
142
|
-
|
143
|
-
context 'with the after option' do
|
144
|
-
it 'forms the proper request to the API' do
|
145
|
-
request_args = [
|
146
|
-
'/organizations?after=after-id',
|
147
|
-
'Content-Type' => 'application/json'
|
148
|
-
]
|
149
|
-
|
150
|
-
expected_request = Net::HTTP::Get.new(*request_args)
|
151
|
-
|
152
|
-
expect(Net::HTTP::Get).to receive(:new).with(*request_args).
|
153
|
-
and_return(expected_request)
|
154
|
-
|
155
|
-
VCR.use_cassette 'organization/list', match_requests_on: [:path] do
|
156
|
-
organizations = described_class.list_organizations(after: 'after-id')
|
157
|
-
|
158
|
-
expect(organizations.data.size).to eq(7)
|
159
|
-
end
|
160
|
-
end
|
161
|
-
end
|
162
|
-
|
163
|
-
context 'with the limit option' do
|
164
|
-
it 'forms the proper request to the API' do
|
165
|
-
request_args = [
|
166
|
-
'/organizations?limit=10',
|
167
|
-
'Content-Type' => 'application/json'
|
168
|
-
]
|
169
|
-
|
170
|
-
expected_request = Net::HTTP::Get.new(*request_args)
|
171
|
-
|
172
|
-
expect(Net::HTTP::Get).to receive(:new).with(*request_args).
|
173
|
-
and_return(expected_request)
|
174
|
-
|
175
|
-
VCR.use_cassette 'organization/list', match_requests_on: [:path] do
|
176
|
-
organizations = described_class.list_organizations(limit: 10)
|
177
|
-
|
178
|
-
expect(organizations.data.size).to eq(7)
|
179
|
-
end
|
180
|
-
end
|
181
|
-
end
|
182
|
-
end
|
183
70
|
end
|
data/spec/lib/workos/sso_spec.rb
CHANGED
@@ -147,52 +147,40 @@ describe WorkOS::SSO do
|
|
147
147
|
)
|
148
148
|
end
|
149
149
|
end
|
150
|
+
end
|
150
151
|
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
project_id: 'workos-proj-123',
|
156
|
-
redirect_uri: 'foo.com/auth/callback',
|
157
|
-
state: {
|
158
|
-
next_page: '/dashboard/edit',
|
159
|
-
}.to_s,
|
160
|
-
}
|
161
|
-
end
|
162
|
-
it 'raises a deprecation warning' do
|
163
|
-
expect do
|
164
|
-
described_class.authorization_url(**args)
|
165
|
-
end.to output(
|
166
|
-
"[DEPRECATION] `project_id` is deprecated.
|
167
|
-
Please use `client_id` instead.\n",
|
168
|
-
).to_stderr
|
169
|
-
end
|
170
|
-
|
171
|
-
it 'returns a valid URL' do
|
172
|
-
authorization_url = described_class.authorization_url(**args)
|
173
|
-
|
174
|
-
expect(URI.parse(authorization_url)).to be_a URI
|
175
|
-
end
|
176
|
-
|
177
|
-
it 'returns the expected hostname' do
|
178
|
-
authorization_url = described_class.authorization_url(**args)
|
152
|
+
describe '.get_profile' do
|
153
|
+
it 'returns a profile' do
|
154
|
+
VCR.use_cassette 'sso/profile' do
|
155
|
+
profile = described_class.get_profile(access_token: 'access_token')
|
179
156
|
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
157
|
+
expectation = {
|
158
|
+
connection_id: 'conn_01E83FVYZHY7DM4S9503JHV0R5',
|
159
|
+
connection_type: 'GoogleOAuth',
|
160
|
+
email: 'bob.loblaw@workos.com',
|
161
|
+
first_name: 'Bob',
|
162
|
+
id: 'prof_01EEJTY9SZ1R350RB7B73SNBKF',
|
163
|
+
idp_id: '116485463307139932699',
|
164
|
+
last_name: 'Loblaw',
|
165
|
+
raw_attributes: {
|
166
|
+
email: 'bob.loblaw@workos.com',
|
167
|
+
family_name: 'Loblaw',
|
168
|
+
given_name: 'Bob',
|
169
|
+
hd: 'workos.com',
|
170
|
+
id: '116485463307139932699',
|
171
|
+
locale: 'en',
|
172
|
+
name: 'Bob Loblaw',
|
173
|
+
picture: 'https://lh3.googleusercontent.com/a-/AOh14GyO2hLlgZvteDQ3Ldi3_-RteZLya0hWH7247Cam=s96-c',
|
174
|
+
verified_email: true,
|
175
|
+
},
|
176
|
+
}
|
185
177
|
|
186
|
-
expect(
|
187
|
-
'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
|
188
|
-
'&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2F' \
|
189
|
-
'edit%22%7D&domain=foo.com',
|
190
|
-
)
|
178
|
+
expect(profile.to_json).to eq(expectation)
|
191
179
|
end
|
192
180
|
end
|
193
181
|
end
|
194
182
|
|
195
|
-
describe '.
|
183
|
+
describe '.profile_and_token' do
|
196
184
|
let(:args) do
|
197
185
|
{
|
198
186
|
code: SecureRandom.hex(10),
|
@@ -225,15 +213,15 @@ describe WorkOS::SSO do
|
|
225
213
|
end
|
226
214
|
|
227
215
|
it 'includes the SDK Version header' do
|
228
|
-
described_class.
|
216
|
+
described_class.profile_and_token(**args)
|
229
217
|
|
230
218
|
expect(a_request(:post, 'https://api.workos.com/sso/token').
|
231
219
|
with(headers: headers, body: request_body)).to have_been_made
|
232
220
|
end
|
233
221
|
|
234
|
-
it 'returns a WorkOS::
|
235
|
-
|
236
|
-
expect(
|
222
|
+
it 'returns a WorkOS::ProfileAndToken' do
|
223
|
+
profile_and_token = described_class.profile_and_token(**args)
|
224
|
+
expect(profile_and_token).to be_a(WorkOS::ProfileAndToken)
|
237
225
|
|
238
226
|
expectation = {
|
239
227
|
connection_id: 'conn_01EMH8WAK20T42N2NBMNBCYHAG',
|
@@ -252,7 +240,8 @@ describe WorkOS::SSO do
|
|
252
240
|
},
|
253
241
|
}
|
254
242
|
|
255
|
-
expect(
|
243
|
+
expect(profile_and_token.access_token).to eq('01DVX6QBS3EG6FHY2ESAA5Q65X')
|
244
|
+
expect(profile_and_token.profile.to_json).to eq(expectation)
|
256
245
|
end
|
257
246
|
end
|
258
247
|
|
@@ -269,7 +258,7 @@ describe WorkOS::SSO do
|
|
269
258
|
|
270
259
|
it 'raises an exception with request ID' do
|
271
260
|
expect do
|
272
|
-
described_class.
|
261
|
+
described_class.profile_and_token(**args)
|
273
262
|
end.to raise_error(
|
274
263
|
WorkOS::APIError,
|
275
264
|
'some error message - request ID: request-id',
|
@@ -293,7 +282,7 @@ describe WorkOS::SSO do
|
|
293
282
|
|
294
283
|
it 'raises an exception' do
|
295
284
|
expect do
|
296
|
-
described_class.
|
285
|
+
described_class.profile_and_token(**args)
|
297
286
|
end.to raise_error(
|
298
287
|
WorkOS::APIError,
|
299
288
|
"The code '01DVX3C5Z367SFHR8QNDMK7V24'" \
|
@@ -303,75 +292,6 @@ describe WorkOS::SSO do
|
|
303
292
|
end
|
304
293
|
end
|
305
294
|
|
306
|
-
describe '.create_connection' do
|
307
|
-
context 'with a valid source' do
|
308
|
-
it 'creates a connection' do
|
309
|
-
VCR.use_cassette('sso/create_connection_with_valid_source') do
|
310
|
-
connection = WorkOS::SSO.create_connection(
|
311
|
-
source: 'draft_conn_01E6PK87QP6NQ29RRX0G100YGV',
|
312
|
-
)
|
313
|
-
|
314
|
-
expect(connection.id).to eq('conn_01E4F9T2YWZFD218DN04KVFDSY')
|
315
|
-
expect(connection.connection_type).to eq('GoogleOAuth')
|
316
|
-
expect(connection.name).to eq('Foo Corp')
|
317
|
-
expect(connection.domains.first[:domain]).to eq('example.com')
|
318
|
-
expect(connection.organization_id).to eq('12345')
|
319
|
-
expect(connection.status).to eq('linked')
|
320
|
-
end
|
321
|
-
end
|
322
|
-
end
|
323
|
-
|
324
|
-
context 'with an invalid source' do
|
325
|
-
it 'raises an error' do
|
326
|
-
VCR.use_cassette('sso/create_connection_with_invalid_source') do
|
327
|
-
expect do
|
328
|
-
WorkOS::SSO.create_connection(source: 'invalid')
|
329
|
-
end.to raise_error(
|
330
|
-
WorkOS::APIError,
|
331
|
-
'Status 404, Not Found - request ID: ',
|
332
|
-
)
|
333
|
-
end
|
334
|
-
end
|
335
|
-
end
|
336
|
-
end
|
337
|
-
|
338
|
-
describe '.promote_draft_connection' do
|
339
|
-
let(:token) { 'draft_conn_id' }
|
340
|
-
let(:client_id) { 'proj_0239u590h' }
|
341
|
-
|
342
|
-
context 'with a valid request' do
|
343
|
-
before do
|
344
|
-
stub_request(
|
345
|
-
:post,
|
346
|
-
"https://api.workos.com/draft_connections/#{token}/activate",
|
347
|
-
).to_return(status: 200)
|
348
|
-
end
|
349
|
-
it 'returns true' do
|
350
|
-
response = described_class.promote_draft_connection(
|
351
|
-
token: token,
|
352
|
-
)
|
353
|
-
|
354
|
-
expect(response).to be(true)
|
355
|
-
end
|
356
|
-
end
|
357
|
-
|
358
|
-
context 'with an invalid request' do
|
359
|
-
before do
|
360
|
-
stub_request(
|
361
|
-
:post,
|
362
|
-
"https://api.workos.com/draft_connections/#{token}/activate",
|
363
|
-
).to_return(status: 403)
|
364
|
-
end
|
365
|
-
it 'returns true' do
|
366
|
-
response = described_class.promote_draft_connection(
|
367
|
-
token: token,
|
368
|
-
)
|
369
|
-
|
370
|
-
expect(response).to be(false)
|
371
|
-
end
|
372
|
-
end
|
373
|
-
end
|
374
|
-
|
375
295
|
describe '.list_connections' do
|
376
296
|
context 'with no options' do
|
377
297
|
it 'returns connections and metadata' do
|
@@ -0,0 +1,72 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: delete
|
5
|
+
uri: https://api.workos.com/organizations/org_01F4A8TD0B4N1Y9SJ8SH635HDB
|
6
|
+
body:
|
7
|
+
encoding: US-ASCII
|
8
|
+
string: ''
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.1; x86_64-darwin19; v1.1.0
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 202
|
23
|
+
message: Accepted
|
24
|
+
headers:
|
25
|
+
Server:
|
26
|
+
- Cowboy
|
27
|
+
Connection:
|
28
|
+
- keep-alive
|
29
|
+
Vary:
|
30
|
+
- Origin, Accept-Encoding
|
31
|
+
Access-Control-Allow-Credentials:
|
32
|
+
- 'true'
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
X-Request-Id:
|
56
|
+
-
|
57
|
+
Content-Type:
|
58
|
+
- text/plain; charset=utf-8
|
59
|
+
Content-Length:
|
60
|
+
- '8'
|
61
|
+
Etag:
|
62
|
+
- W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
|
63
|
+
Date:
|
64
|
+
- Mon, 24 May 2021 21:07:34 GMT
|
65
|
+
Via:
|
66
|
+
- 1.1 vegur
|
67
|
+
body:
|
68
|
+
encoding: UTF-8
|
69
|
+
string: Accepted
|
70
|
+
http_version:
|
71
|
+
recorded_at: Mon, 24 May 2021 21:07:34 GMT
|
72
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,72 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: delete
|
5
|
+
uri: https://api.workos.com/organizations/invalid
|
6
|
+
body:
|
7
|
+
encoding: US-ASCII
|
8
|
+
string: ''
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.1; x86_64-darwin19; v1.1.0
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 404
|
23
|
+
message: Not Found
|
24
|
+
headers:
|
25
|
+
Server:
|
26
|
+
- Cowboy
|
27
|
+
Connection:
|
28
|
+
- keep-alive
|
29
|
+
Vary:
|
30
|
+
- Origin, Accept-Encoding
|
31
|
+
Access-Control-Allow-Credentials:
|
32
|
+
- 'true'
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
X-Request-Id:
|
56
|
+
-
|
57
|
+
Content-Type:
|
58
|
+
- application/json; charset=utf-8
|
59
|
+
Content-Length:
|
60
|
+
- '23'
|
61
|
+
Etag:
|
62
|
+
- W/"17-SuRA/yvUWUo8rK6x7dKURLeBo+0"
|
63
|
+
Date:
|
64
|
+
- Mon, 24 May 2021 21:07:34 GMT
|
65
|
+
Via:
|
66
|
+
- 1.1 vegur
|
67
|
+
body:
|
68
|
+
encoding: UTF-8
|
69
|
+
string: '{"message":"Not Found"}'
|
70
|
+
http_version:
|
71
|
+
recorded_at: Mon, 24 May 2021 21:07:34 GMT
|
72
|
+
recorded_with: VCR 5.0.0
|