workos 0.2.2 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 85c5142c818be2437ddf9782fa43d686f43a36cdae410a8c76c585b815614673
-  data.tar.gz: 18a225e552fa8482536f3b7b390f57e1b1491e9927f0a09a7b80f44b4910120c
+  metadata.gz: 773cbb5edfa2433922650417a8b487513bc197fa72b758fd4423bea67bf87f49
+  data.tar.gz: 72f573248a97132d57117718e811242b6be36ad15025eeec9f311a3477186bf4
 SHA512:
-  metadata.gz: 1d6624e4e04f3657be82f13feb304f25c2d4cd102ceb7bb25e1755c6abdd3271ef63cbb1ca66a0005182f08efcb68e896743fc8100d2a7ea9deebc466c8d52a9
-  data.tar.gz: acf638e6e5479c76bbb0bc258277a07db00f975aa30ea196c17f0f5c2a30b8c95ea33451a976dfc51fff22f00d9820beb1b820bb81d88b93830529055fe51234
+  metadata.gz: 4fe620f43ec9b30ed8a885c08d157bfc5f0da091d820306fcba3e9dee9ba7b6d69d3f5b5cad8b74882a3080058ede66da47af228c2ccd761715ee4c8a7d82eac
+  data.tar.gz: 442b32e6bdc38579e21937c7da371d4b6f767027c021620f538d468d0e8ac9ca31cd226778c7b5f10f419f3d1c0d21cb402e846738abd871a67c95ac315130d4

data/.rubocop.yml

@@ -10,6 +10,8 @@ Layout/LineLength:
     - '(\A|\s)/.*?/'
 Metrics/BlockLength:
   ExcludedMethods: ['describe', 'context']
+Metrics/ModuleLength:
+  Max: 150
 Style/TrailingCommaInArguments:
   EnforcedStyleForMultiline: 'consistent_comma'
 Style/TrailingCommaInHashLiteral:

data/.ruby-version

@@ -1 +1 @@
-2.6.5
+2.7.1

data/.semaphore/semaphore.yml

@@ -1,9 +1,11 @@
 version: v1.0
 name: Ruby
+
 agent:
   machine:
     type: e1-standard-2
     os_image: ubuntu1804
+
 blocks:
   - name: Run Sorbet 🍦
     task:
@@ -11,19 +13,18 @@ blocks:
         - name: srb tc
           commands:
             - checkout
-            - sem-version ruby 2.6.5
-            - gem install bundler
             - bundle install
             - bundle exec srb tc
+
   - name: Run Rubocop 🚔
     task:
       jobs:
         - name: rubocop
           commands:
             - checkout
-            - sem-version ruby 2.6.5
             - bundle install
             - bundle exec rubocop
+
   - name: Run Tests 👩🏽‍🔬
     task:
       secrets:
@@ -40,7 +41,7 @@ blocks:
             - checkout
             - sem-version ruby 2.0.0
             - bundle install
-            - bundle exec rspec    
+            - bundle exec rspec
         - name: Ruby 2.3.4
           commands:
             - checkout
@@ -58,7 +59,13 @@ blocks:
             - checkout
             - sem-version ruby 2.6.5
             - bundle install
-            - bundle exec rspec    
+            - bundle exec rspec
+        - name: Ruby 2.7.1
+          commands:
+            - checkout
+            - sem-version ruby 2.7.1
+            - bundle install
+            - bundle exec rspec
 promotions:
   - name: Deploy workos-rb to rubygems
-    pipeline_file: rubygems.yml            
+    pipeline_file: rubygems.yml

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (0.2.2)
+    workos (0.3.3)
       sorbet-runtime (~> 0.5)
 
 GEM
@@ -54,10 +54,10 @@ GEM
       json (>= 1.8, < 3)
       simplecov-html (~> 0.10.0)
     simplecov-html (0.10.2)
-    sorbet (0.5.5181)
-      sorbet-static (= 0.5.5181)
-    sorbet-runtime (0.5.5501)
-    sorbet-static (0.5.5181-universal-darwin-14)
+    sorbet (0.5.5560)
+      sorbet-static (= 0.5.5560)
+    sorbet-runtime (0.5.5815)
+    sorbet-static (0.5.5560-universal-darwin-14)
     unicode-display_width (1.6.0)
     url (0.3.2)
     vcr (5.0.0)
@@ -83,4 +83,4 @@ DEPENDENCIES
   yard
 
 BUNDLED WITH
-   2.1.2
+   2.1.4

data/README.md

@@ -80,7 +80,7 @@ WorkOS::AuditTrail.create_event(event: payload, idempotency_key: 'key123456')
 ```
 
 See our [API
-Reference](https://docs.workos.com/api-reference#idempotency)
+Reference](https://docs.workos.com/audit-trail/api-reference#idempotency)
 for more information on idempotency keys.
 
 ## The SSO Module

data/lib/workos.rb

@@ -29,6 +29,8 @@ module WorkOS
   autoload :Base, 'workos/base'
   autoload :Client, 'workos/client'
   autoload :AuditTrail, 'workos/audit_trail'
+  autoload :Connection, 'workos/connection'
+  autoload :DirectorySync, 'workos/directory_sync'
   autoload :Profile, 'workos/profile'
   autoload :SSO, 'workos/sso'
 

data/lib/workos/audit_trail.rb

@@ -57,22 +57,6 @@ module WorkOS
 
         execute_request(request: request)
       end
-
-      private
-
-      sig do
-        params(
-          path: String,
-          idempotency_key: T.nilable(String),
-          body: T.nilable(Hash),
-        ).returns(Net::HTTP::Post)
-      end
-      def post_request(path:, idempotency_key: nil, body: nil)
-        request = super(path: path, body: body)
-        request['Authorization'] = "Bearer #{WorkOS.key}"
-        request['Idempotency-Key'] = idempotency_key if idempotency_key
-        request
-      end
     end
   end
 end

data/lib/workos/client.rb

@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 # typed: true
 
-
 module WorkOS
   # A Net::HTTP based API client for interacting with the WorkOS API
   module Client
@@ -18,7 +17,11 @@ module WorkOS
       @client
     end
 
-    sig { params(request: Net::HTTP::Post).returns(::T.untyped) }
+    sig do
+      params(
+        request: T.any(Net::HTTP::Get, Net::HTTP::Post),
+      ).returns(::T.untyped)
+    end
     def execute_request(request:)
       response = client.request(request)
 
@@ -28,10 +31,40 @@ module WorkOS
       response
     end
 
-    sig { params(path: String, body: T.nilable(Hash)).returns(Net::HTTP::Post) }
-    def post_request(path:, body: nil)
+    sig do
+      params(
+        path: String,
+        auth: T.nilable(T::Boolean),
+        params: T.nilable(Hash),
+      ).returns(Net::HTTP::Get)
+    end
+    def get_request(path:, auth: false, params: {})
+      uri = URI(path)
+      uri.query = URI.encode_www_form(params) if params
+
+      request = Net::HTTP::Get.new(
+        uri.to_s,
+        'Content-Type' => 'application/json',
+      )
+
+      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['User-Agent'] = user_agent
+      request
+    end
+
+    sig do
+      params(
+        path: String,
+        auth: T.nilable(T::Boolean),
+        idempotency_key: T.nilable(String),
+        body: T.nilable(Hash),
+      ).returns(Net::HTTP::Post)
+    end
+    def post_request(path:, auth: false, idempotency_key: nil, body: nil)
       request = Net::HTTP::Post.new(path, 'Content-Type' => 'application/json')
       request.body = body.to_json if body
+      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['Idempotency-Key'] = idempotency_key if idempotency_key
       request['User-Agent'] = user_agent
       request
     end
@@ -68,6 +101,12 @@ module WorkOS
           http_status: http_status,
           request_id: response['x-request-id'],
         )
+      when 404
+        raise APIError.new(
+          message: json['message'],
+          http_status: http_status,
+          request_id: response['x-request-id'],
+        )
       when 422
         errors = json['errors'].map do |error|
           "#{error['field']}: #{error['code']}"

data/lib/workos/connection.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+# typed: true
+
+require 'json'
+
+module WorkOS
+  # The Connection class provides a lightweight wrapper around
+  # a WorkOS Connection resource. This class is not meant to be instantiated
+  # in user space, and is instantiated internally but exposed.
+  class Connection
+    extend T::Sig
+
+    attr_accessor :id, :name, :connection_type, :domains
+
+    sig { params(json: String).void }
+    def initialize(json)
+      raw = parse_json(json)
+
+      @id = T.let(raw.id, String)
+      @name = T.let(raw.name, String)
+      @connection_type = T.let(raw.connection_type, String)
+      @domains = T.let(raw.domains, Array)
+    end
+
+    def to_json(*)
+      {
+        id: id,
+        name: name,
+        connection_type: connection_type,
+        domains: domains,
+      }
+    end
+
+    private
+
+    sig { params(json_string: String).returns(WorkOS::Types::ConnectionStruct) }
+    def parse_json(json_string)
+      hash = JSON.parse(json_string, symbolize_names: true)
+
+      WorkOS::Types::ConnectionStruct.new(
+        id: hash[:id],
+        name: hash[:name],
+        connection_type: hash[:connection_type],
+        domains: hash[:domains],
+      )
+    end
+  end
+end

data/lib/workos/directory_sync.rb

@@ -0,0 +1,128 @@
+# frozen_string_literal: true
+# typed: true
+
+module WorkOS
+  # The Directory Sync module provides convenience methods for working with the
+  # WorkOS Directory Sync platform. You'll need a valid API key and to have
+  # created a Directory Sync connection on your WorkOS dashboard.
+  #
+  # @see https://docs.workos.com/directory-sync/overview
+  module DirectorySync
+    class << self
+      extend T::Sig
+      include Base
+      include Client
+
+      # Retrieve directories.
+      #
+      # @param [Hash] options An options hash
+      # @option options [String] domain The domain of the directory to be
+      #  retrieved.
+      # @option options [String] search A search term for direcory names.
+      #
+      # @return [Hash]
+      sig do
+        params(
+          options: T::Hash[Symbol, String],
+        ).returns(T::Array[T::Hash[String, T.nilable(String)]])
+      end
+      def list_directories(options = {})
+        response = execute_request(
+          request: get_request(
+            path: '/directories',
+            auth: true,
+            params: options,
+          ),
+        )
+
+        JSON.parse(response.body)['data']
+      end
+
+      # Retrieve directory groups.
+      #
+      # @param [Hash] options An options hash
+      # @option options [String] directory The ID of the directory whose
+      #  directory groups will be retrieved.
+      # @option options [String] user The ID of the directory user whose
+      #  directory groups will be retrieved.
+      #
+      # @return [Hash]
+      sig do
+        params(
+          options: T::Hash[Symbol, String],
+        ).returns(T::Array[T::Hash[String, T.nilable(String)]])
+      end
+      def list_groups(options = {})
+        response = execute_request(
+          request: get_request(
+            path: '/directory_groups',
+            auth: true,
+            params: options,
+          ),
+        )
+
+        JSON.parse(response.body)['data']
+      end
+
+      # Retrieve directory users.
+      #
+      # @param [Hash] options An options hash
+      # @option options [String] directory The ID of the directory whose
+      #  directory users will be retrieved.
+      # @option options [String] user The ID of the directory group whose
+      #  directory users will be retrieved.
+      #
+      # @return [Hash]
+      sig do
+        params(
+          options: T::Hash[Symbol, String],
+        ).returns(T::Array[T::Hash[String, T.untyped]])
+      end
+      def list_users(options = {})
+        response = execute_request(
+          request: get_request(
+            path: '/directory_users',
+            auth: true,
+            params: options,
+          ),
+        )
+
+        JSON.parse(response.body)['data']
+      end
+
+      # Retrieve the directory group with the given ID.
+      #
+      # @param [String] id The ID of the directory group.
+      #
+      # @return Hash
+      sig { params(id: String).returns(T::Hash[String, T.untyped]) }
+      def get_group(id)
+        response = execute_request(
+          request: get_request(
+            path: "/directory_groups/#{id}",
+            auth: true,
+          ),
+        )
+
+        JSON.parse(response.body)
+      end
+
+      # Retrieve the directory user with the given ID.
+      #
+      # @param [String] id The ID of the directory user.
+      #
+      # @return Hash
+      sig { params(id: String).returns(T::Hash[String, T.untyped]) }
+      def get_user(id)
+        response = execute_request(
+          request: get_request(
+            path: "/directory_users/#{id}",
+            auth: true,
+          ),
+        )
+
+        JSON.parse(response.body)
+      end
+    end
+  end
+end

data/lib/workos/profile.rb

@@ -1,14 +1,13 @@
 # frozen_string_literal: true
 # typed: true
 
-
 require 'json'
 
 module WorkOS
   # The Profile class provides a lighweight wrapper around
   # a normalized response from the various IDPs WorkOS
   # supports as part of the SSO integration. This class
-  # is not meant ot be instantiated in user space, and
+  # is not meant to be instantiated in user space, and
   # is instantiated internally but exposed.
   class Profile
     extend T::Sig
@@ -21,12 +20,12 @@ module WorkOS
     def initialize(profile_json)
       raw = parse_json(profile_json)
 
-      @id              = T.let(raw.id, String)
-      @email           = T.let(raw.email, String)
-      @first_name      = T.let(raw.first_name, String)
-      @last_name       = T.let(raw.last_name, String)
+      @id = T.let(raw.id, String)
+      @email = T.let(raw.email, String)
+      @first_name = raw.first_name
+      @last_name = raw.last_name
       @connection_type = T.let(raw.connection_type, String)
-      @idp_id          = T.let(raw.idp_id, String)
+      @idp_id = T.let(raw.idp_id, String)
     end
 
     sig { returns(String) }

data/lib/workos/sso.rb

@@ -18,16 +18,6 @@ module WorkOS
 
       PROVIDERS = WorkOS::Types::Provider.values.map(&:serialize).freeze
 
-      sig do
-        params(
-          project_id: String,
-          redirect_uri: String,
-          domain: T.nilable(String),
-          provider: T.nilable(String),
-          state: Hash,
-        ).returns(String)
-      end
-
       # Generate an Oauth2 authorization URL where your users will
       # authenticate using the configured SSO Identity Provider.
       #
@@ -41,7 +31,7 @@ module WorkOS
       # @param [String] redirect_uri The URI where users are directed
       #  after completing the authentication step. Must match a
       #  configured redirect URI on your WorkOS dashboard.
-      # @param [Hash] state An aribtrary state object
+      # @param [String] state An aribtrary state object
       #  that is preserved and available to the client in the response.
       # @example
       #   WorkOS::SSO.authorization_url(
@@ -50,7 +40,7 @@ module WorkOS
       #     redirect_uri: 'https://workos.com/callback',
       #     state: {
       #       next_page: '/docs'
-      #     }
+      #     }.to_s
       #   )
       #
       #   => "https://api.workos.com/sso/authorize?domain=acme.com" \
@@ -59,8 +49,17 @@ module WorkOS
       #      "response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdocs%22%7D"
       #
       # @return [String]
+      sig do
+        params(
+          project_id: String,
+          redirect_uri: String,
+          domain: T.nilable(String),
+          provider: T.nilable(String),
+          state: T.nilable(String),
+        ).returns(String)
+      end
       def authorization_url(
-        project_id:, redirect_uri:, domain: nil, provider: nil, state: {}
+        project_id:, redirect_uri:, domain: nil, provider: nil, state: ''
       )
         validate_domain_and_provider(provider: provider, domain: domain)
 
@@ -76,13 +75,6 @@ module WorkOS
         "https://#{WorkOS::API_HOSTNAME}/sso/authorize?#{query}"
       end
 
-      sig do
-        params(
-          code: String,
-          project_id: String,
-        ).returns(WorkOS::Profile)
-      end
-
       # Fetch the profile details for the authenticated SSO user.
       #
       # @param [String] code The authorization code provided in the callback URL
@@ -105,6 +97,7 @@ module WorkOS
       #        >
       #
       # @return [WorkOS::Profile]
+      sig { params(code: String, project_id: String).returns(WorkOS::Profile) }
       def profile(code:, project_id:)
         body = {
           client_id: project_id,
@@ -119,17 +112,11 @@ module WorkOS
         WorkOS::Profile.new(response.body)
       end
 
-      sig do
-        params(
-          token: String,
-        ).returns(T::Boolean)
-      end
-
       # Promote a DraftConnection created via the WorkOS.js embed such that the
       # Enterprise users can begin signing into your application.
       #
-      # @param [String] token The draft connection token that's been provided to
-      # you by the WorkOS.js embed
+      # @param [String] token The Draft Connection token that's been provided to
+      # you by the WorkOS.js
       #
       # @example
       #   WorkOS::SSO.promote_draft_connection(
@@ -139,8 +126,10 @@ module WorkOS
       #
       # @return [Bool] - returns `true` if successful, `false` otherwise.
       # @see https://github.com/workos-inc/ruby-idp-link-example
+      sig { params(token: String).returns(T::Boolean) }
       def promote_draft_connection(token:)
-        request = bearer_post_request(
+        request = post_request(
+          auth: true,
           path: "/draft_connections/#{token}/activate",
         )
 
@@ -149,6 +138,36 @@ module WorkOS
         response.is_a? Net::HTTPSuccess
       end
 
+      # Create a Connection
+      #
+      # @param [String] source The Draft Connection token that's been provided
+      # to you by WorkOS.js
+      #
+      # @example
+      #   WorkOS::SSO.create_connection(source: 'draft_conn_429u59js')
+      #   => #<WorkOS::Connection:0x00007fb6e4193d20
+      #         @id="conn_02DRA1XNSJDZ19A31F183ECQW9",
+      #         @name="Foo Corp",
+      #         @connection_type="OktaSAML",
+      #         @domains=
+      #          [{:object=>"connection_domain",
+      #            :id=>"domain_01E6PK9N3XMD8RHWF7S66380AR",
+      #            :domain=>"example.com"}]>
+      #
+      # @return [WorkOS::Connection]
+      sig { params(source: String).returns(WorkOS::Connection) }
+      def create_connection(source:)
+        request = post_request(
+          auth: true,
+          path: '/connections',
+          body: { source: source },
+        )
+
+        response = execute_request(request: request)
+
+        WorkOS::Connection.new(response.body)
+      end
+
       private
 
       sig do
@@ -188,12 +207,6 @@ module WorkOS
         )
       end
       # rubocop:enable Metrics/MethodLength
-
-      def bearer_post_request(path:, body: nil)
-        request = post_request(path: path, body: body)
-        request['Authorization'] = "Bearer #{WorkOS.key!}"
-        request
-      end
     end
   end
 end