workos 0.3.3 → 0.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 773cbb5edfa2433922650417a8b487513bc197fa72b758fd4423bea67bf87f49
-  data.tar.gz: 72f573248a97132d57117718e811242b6be36ad15025eeec9f311a3477186bf4
+  metadata.gz: f0fdd6aec096f0a3a3aa2f20c398515b1bf42d8e5b3d529e316bdce2327a0961
+  data.tar.gz: 269a70ac10a9aa6f7b49f7cefbde2b1af8e5bf559b429d202b5d5167bb8b83f2
 SHA512:
-  metadata.gz: 4fe620f43ec9b30ed8a885c08d157bfc5f0da091d820306fcba3e9dee9ba7b6d69d3f5b5cad8b74882a3080058ede66da47af228c2ccd761715ee4c8a7d82eac
-  data.tar.gz: 442b32e6bdc38579e21937c7da371d4b6f767027c021620f538d468d0e8ac9ca31cd226778c7b5f10f419f3d1c0d21cb402e846738abd871a67c95ac315130d4
+  metadata.gz: dd67a590cefd06ae6fc83e45cd0cfe9243d8849e865e0b7f7eb342d0bb9a29b10cbb6693802d54bb25c045a2f90505f17217358c36ef196a2066ffab0ca6f2bc
+  data.tar.gz: e528ade9f4a33fff0a25d24fcdb94f6232a3fc00c8ef27233735520a71a7b8c207c2fb853040c96ce34a5a8b91c842d4b9dc485699101bcc58159743f9471934

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (0.3.3)
+    workos (0.6.0)
       sorbet-runtime (~> 0.5)
 
 GEM
@@ -10,17 +10,16 @@ GEM
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     ast (2.4.0)
-    codecov (0.1.16)
+    codecov (0.2.8)
       json
       simplecov
-      url
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
     docile (1.3.2)
     hashdiff (1.0.0)
     jaro_winkler (1.5.4)
-    json (2.3.0)
+    json (2.3.1)
     parallel (1.19.1)
     parser (2.7.0.0)
       ast (~> 2.4.0)
@@ -49,17 +48,15 @@ GEM
       unicode-display_width (>= 1.4.0, < 1.7)
     ruby-progressbar (1.10.1)
     safe_yaml (1.0.5)
-    simplecov (0.17.1)
+    simplecov (0.19.0)
       docile (~> 1.1)
-      json (>= 1.8, < 3)
-      simplecov-html (~> 0.10.0)
-    simplecov-html (0.10.2)
+      simplecov-html (~> 0.11)
+    simplecov-html (0.12.2)
     sorbet (0.5.5560)
       sorbet-static (= 0.5.5560)
-    sorbet-runtime (0.5.5815)
+    sorbet-runtime (0.5.5909)
     sorbet-static (0.5.5560-universal-darwin-14)
     unicode-display_width (1.6.0)
-    url (0.3.2)
     vcr (5.0.0)
     webmock (3.7.6)
       addressable (>= 2.3.6)
@@ -72,7 +69,7 @@ PLATFORMS
 
 DEPENDENCIES
   bundler (>= 2.0.1)
-  codecov (~> 0.1.16)
+  codecov (~> 0.2.8)
   rake
   rspec (~> 3.9.0)
   rubocop (~> 0.77)

data/README.md

@@ -157,6 +157,13 @@ This method will return an instance of a `WorkOS::Profile` with the following at
   @connection_type="OktaSAML",
   @last_name="Demo",
   @idp_id="00u1klkowm8EGah2H357",
+  @raw_attributes={
+    :id=>"prof_01DRA1XNSJDZ19A31F183ECQW5",
+    :email=>"demo@workos-okta.com",
+    :first_name=>"WorkOS",
+    :last_name=>"Demo",
+    :idp_id=>"00u1klkowm8EGah2H357"
+  },
 >
 ```
 

data/lib/workos.rb

@@ -31,6 +31,8 @@ module WorkOS
   autoload :AuditTrail, 'workos/audit_trail'
   autoload :Connection, 'workos/connection'
   autoload :DirectorySync, 'workos/directory_sync'
+  autoload :Organization, 'workos/organization'
+  autoload :Portal, 'workos/portal'
   autoload :Profile, 'workos/profile'
   autoload :SSO, 'workos/sso'
 

data/lib/workos/audit_trail.rb

@@ -57,6 +57,54 @@ module WorkOS
 
         execute_request(request: request)
       end
+
+      # Retrieve Audit Trail events.
+      #
+      # @param [Hash] options An options hash
+      # @option options [String] before Event ID to look before
+      # @option options [String] after Event ID to look after
+      # @option options [Integer] limit Number of Events to return
+      # @option options [Array<String>] group List of Groups to filter for
+      # @option options [Array<String>] action List of Actions to filter for
+      # @option options [Array<String>] action_type List of Action Types to
+      #  filter for
+      # @option options [Array<String>] actor_name List of Actor Name to filter
+      #  for
+      # @option options [Array<String>] actor_id List of Actor IDs to filter for
+      # @option options [Array<String>] target_name List of Target Names to
+      #  filter for
+      # @option options [Array<String>] target_id List of Target IDs to filter
+      #  for
+      # @option options [String] occurred_at ISO-8601 datetime of when an event
+      #  occurred
+      # @option options [String] occurred_at_gt ISO-8601 datetime of when an
+      #  event occurred after
+      # @option options [String] occurred_at_gte ISO-8601 datetime of when an
+      #  event occurred at or after
+      # @option options [String] occurred_at_lt ISO-8601 datetime of when an
+      #  event occurred before
+      # @option options [String] ISO-8601 datetime of when an event occured at
+      #  or before
+      # @option options [String] search Keyword search
+      #
+      # @return [Array<Hash>]
+      sig do
+        params(
+          options: T::Hash[Symbol, String],
+        ).returns(T::Array[T::Hash[String, T.nilable(String)]])
+      end
+
+      def get_events(options = {})
+        response = execute_request(
+          request: get_request(
+            path: '/events',
+            auth: true,
+            params: options,
+          ),
+        )
+
+        JSON.parse(response.body)['data']
+      end
     end
   end
 end

data/lib/workos/directory_sync.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 # typed: true
 
+require 'net/http'
+
 module WorkOS
   # The Directory Sync module provides convenience methods for working with the
   # WorkOS Directory Sync platform. You'll need a valid API key and to have

data/lib/workos/organization.rb

@@ -0,0 +1,49 @@
+# frozen_string_literal: true
+# typed: true
+
+require 'json'
+
+module WorkOS
+  # The Organization class provides a lightweight wrapper around
+  # a WorkOS Organization resource. This class is not meant to be instantiated
+  # in user space, and is instantiated internally but exposed.
+  class Organization
+    extend T::Sig
+
+    attr_accessor :id, :domains, :name
+
+    sig { params(json: String).void }
+    def initialize(json)
+      raw = parse_json(json)
+
+      @id = T.let(raw.id, String)
+      @name = T.let(raw.name, String)
+      @domains = T.let(raw.domains, Array)
+    end
+
+    def to_json(*)
+      {
+        id: id,
+        name: name,
+        domains: domains,
+      }
+    end
+
+    private
+
+    sig do
+      params(
+        json_string: String,
+      ).returns(WorkOS::Types::OrganizationStruct)
+    end
+    def parse_json(json_string)
+      hash = JSON.parse(json_string, symbolize_names: true)
+
+      WorkOS::Types::OrganizationStruct.new(
+        id: hash[:id],
+        name: hash[:name],
+        domains: hash[:domains],
+      )
+    end
+  end
+end

data/lib/workos/portal.rb

@@ -0,0 +1,145 @@
+# frozen_string_literal: true
+# typed: true
+
+require 'net/http'
+
+module WorkOS
+  # The Portal module provides resource methods for working with the Admin
+  # Portal product
+  module Portal
+    class << self
+      extend T::Sig
+      include Base
+      include Client
+
+      GENERATE_LINK_INTENTS = WorkOS::Types::Intent.values.map(&:serialize).
+                              freeze
+
+      # Create an organization
+      #
+      # @param [Array<String>] domains List of domains that belong to the
+      #  organization
+      # @param [String] name A unique, descriptive name for the organization
+      sig do
+        params(
+          domains: T::Array[String],
+          name: String,
+        ).returns(WorkOS::Organization)
+      end
+      def create_organization(domains:, name:)
+        request = post_request(
+          auth: true,
+          body: { domains: domains, name: name },
+          path: '/organizations',
+        )
+
+        response = execute_request(request: request)
+        check_and_raise_organization_error(response: response)
+
+        WorkOS::Organization.new(response.body)
+      end
+
+      # Generate a link to grant access to an organization's Admin Portal
+      #
+      # @param [String] intent The access scope for the generated Admin Portal
+      #  link. Valid values are: ["sso"]
+      # @param [String] organization The ID of the organization the Admin
+      #  Portal link will be generated for.
+      # @param [String] The URL that the end user will be redirected to upon
+      #  exiting the generated Admin Portal. If none is provided, the default
+      #  redirect link set in your WorkOS Dashboard will be used.
+      sig do
+        params(
+          intent: String,
+          organization: String,
+          return_url: T.nilable(String),
+        ).returns(String)
+      end
+      # rubocop:disable Metrics/MethodLength
+      def generate_link(intent:, organization:, return_url: nil)
+        validate_intent(intent)
+
+        request = post_request(
+          auth: true,
+          body: {
+            intent: intent,
+            organization: organization,
+            return_url: return_url,
+          },
+          path: '/portal/generate_link',
+        )
+
+        response = execute_request(request: request)
+
+        JSON.parse(response.body)['link']
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      # Retrieve a list of organizations that have connections configured
+      # within your WorkOS dashboard.
+      #
+      # @param [Array<String>] domains Filter organizations to only return those
+      #  that are associated with the provided domains.
+      # @param [String] before A pagination argument used to request
+      #  organizations before the provided Organization ID.
+      # @param [String] after A pagination argument used to request
+      #  organizations after the provided Organization ID.
+      # @param [Integer] limit A pagination argument used to limit the number
+      #  of listed Organizations that are returned.
+      sig do
+        params(
+          options: T::Hash[Symbol, String],
+        ).returns(WorkOS::Types::ListStruct)
+      end
+      # rubocop:disable Metrics/MethodLength
+      def list_organizations(options = {})
+        response = execute_request(
+          request: get_request(
+            path: '/organizations',
+            auth: true,
+            params: options,
+          ),
+        )
+
+        parsed_response = JSON.parse(response.body)
+
+        WorkOS::Types::ListStruct.new(
+          data: parsed_response['data'],
+          list_metadata: parsed_response['listMetadata'],
+        )
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      private
+
+      sig { params(response: Net::HTTPResponse).void }
+      # rubocop:disable Metrics/MethodLength
+      def check_and_raise_organization_error(response:)
+        begin
+          body = JSON.parse(response.body)
+          return unless body['message']
+
+          message = body['message']
+          request_id = response['x-request-id']
+        rescue StandardError
+          message = 'Something went wrong'
+        end
+
+        raise APIError.new(
+          message: message,
+          http_status: nil,
+          request_id: request_id,
+        )
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      sig { params(intent: String).void }
+      def validate_intent(intent)
+        return if GENERATE_LINK_INTENTS.include?(intent)
+
+        raise ArgumentError, "#{intent} is not a valid value." \
+        " `intent` must be in #{GENERATE_LINK_INTENTS}"
+      end
+    end
+  end
+end

data/lib/workos/profile.rb

@@ -14,7 +14,7 @@ module WorkOS
 
     sig { returns(String) }
     attr_accessor :id, :email, :first_name, :last_name,
-                  :connection_type, :idp_id
+                  :connection_type, :idp_id, :raw_attributes
 
     sig { params(profile_json: String).void }
     def initialize(profile_json)
@@ -25,7 +25,8 @@ module WorkOS
       @first_name = raw.first_name
       @last_name = raw.last_name
       @connection_type = T.let(raw.connection_type, String)
-      @idp_id = T.let(raw.idp_id, String)
+      @idp_id = raw.idp_id
+      @raw_attributes = raw.raw_attributes
     end
 
     sig { returns(String) }
@@ -41,11 +42,13 @@ module WorkOS
         last_name: last_name,
         connection_type: connection_type,
         idp_id: idp_id,
+        raw_attributes: raw_attributes,
       }
     end
 
     private
 
+    # rubocop:disable Metrics/AbcSize
     sig { params(json_string: String).returns(WorkOS::Types::ProfileStruct) }
     def parse_json(json_string)
       hash = JSON.parse(json_string, symbolize_names: true)
@@ -57,7 +60,9 @@ module WorkOS
         last_name: hash[:profile][:last_name],
         connection_type: hash[:profile][:connection_type],
         idp_id: hash[:profile][:idp_id],
+        raw_attributes: hash[:profile][:raw_attributes],
       )
     end
+    # rubocop:enable Metrics/AbcSize
   end
 end

data/lib/workos/types.rb

@@ -6,6 +6,9 @@ module WorkOS
   # so we're using Sorbet throughout this Ruby gem.
   module Types
     require_relative 'types/connection_struct'
+    require_relative 'types/intent_enum'
+    require_relative 'types/list_struct'
+    require_relative 'types/organization_struct'
     require_relative 'types/profile_struct'
     require_relative 'types/provider_enum'
   end

data/lib/workos/types/intent_enum.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+# typed: strict
+
+module WorkOS
+  module Types
+    # The IntentEnum is type-safe declarations of a fixed set of values for
+    # intents while generating an Admin Portal link.
+    class Intent < T::Enum
+      enums do
+        SSO = new('sso')
+      end
+    end
+  end
+end

data/lib/workos/types/list_struct.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+# typed: strict
+
+module WorkOS
+  module Types
+    # ListStruct acts as a typed interface to expose lists of data and related
+    # metadata
+    class ListStruct < T::Struct
+      const :data, T::Array[T.untyped]
+      const :list_metadata, T::Hash[String, T.nilable(String)]
+    end
+  end
+end

data/lib/workos/types/organization_struct.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+# typed: strict
+
+module WorkOS
+  module Types
+    # This OrganizationStruct acts as a typed interface
+    # for the Organization class
+    class OrganizationStruct < T::Struct
+      const :id, String
+      const :name, String
+      const :domains, T::Array[T.untyped]
+    end
+  end
+end

data/lib/workos/types/profile_struct.rb

@@ -11,7 +11,8 @@ module WorkOS
       const :first_name, T.nilable(String)
       const :last_name, T.nilable(String)
       const :connection_type, String
-      const :idp_id, String
+      const :idp_id, T.nilable(String)
+      const :raw_attributes, T::Hash[Symbol, Object]
     end
   end
 end

data/lib/workos/version.rb

@@ -2,5 +2,5 @@
 # typed: strong
 
 module WorkOS
-  VERSION = '0.3.3'
+  VERSION = '0.6.0'
 end

data/spec/lib/workos/audit_trail_spec.rb

@@ -137,4 +137,16 @@ describe WorkOS::AuditTrail do
       end
     end
   end
+
+  describe '.get_events' do
+    context 'with no options' do
+      it 'returns events' do
+        VCR.use_cassette('audit_trail/get_events') do
+          events = described_class.get_events
+
+          expect(events.size).to eq(2)
+        end
+      end
+    end
+  end
 end

data/spec/lib/workos/portal_spec.rb

@@ -0,0 +1,176 @@
+# frozen_string_literal: true
+# typed: false
+
+describe WorkOS::Portal do
+  before :all do
+    WorkOS.key = 'test'
+  end
+
+  after :all do
+    WorkOS.key = nil
+  end
+
+  describe '.create_organization' do
+    context 'with valid payload' do
+      it 'creates an organization' do
+        VCR.use_cassette 'organization/create' do
+          organization = described_class.create_organization(
+            domains: ['example.com'],
+            name: 'Test Organization',
+          )
+
+          expect(organization.id).to eq('org_01EHT88Z8J8795GZNQ4ZP1J81T')
+          expect(organization.name).to eq('Test Organization')
+          expect(organization.domains.first[:domain]).to eq('example.com')
+        end
+      end
+    end
+
+    context 'with an invalid payload' do
+      it 'returns an error' do
+        VCR.use_cassette 'organization/create_invalid' do
+          expect do
+            described_class.create_organization(
+              domains: ['example.com'],
+              name: 'Test Organization 2',
+            )
+          end.to raise_error(
+            WorkOS::APIError,
+            /An Organization with the domain example.com already exists/,
+          )
+        end
+      end
+    end
+  end
+
+  describe '.generate_link' do
+    let(:organization) { 'org_01EHQMYV6MBK39QC5PZXHY59C3' }
+
+    describe 'with a valid organization' do
+      describe 'with the minimal params' do
+        it 'returns an Admin Portal link' do
+          VCR.use_cassette 'portal/generate_link' do
+            portal_link = described_class.generate_link(
+              intent: 'sso',
+              organization: organization,
+            )
+
+            expect(portal_link).to eq(
+              'https://id.workos.com/portal/launch?secret=secret',
+            )
+          end
+        end
+      end
+    end
+
+    describe 'with an invalid organization' do
+      it 'raises an error' do
+        VCR.use_cassette 'portal/generate_link_invalid' do
+          expect do
+            described_class.generate_link(
+              intent: 'sso',
+              organization: 'bogus-id',
+            )
+          end.to raise_error(
+            WorkOS::InvalidRequestError,
+            /Could not find an organization with the id, bogus-id/,
+          )
+        end
+      end
+    end
+
+    describe 'with an invalid intent' do
+      it 'raises an error' do
+        expect do
+          described_class.generate_link(
+            intent: 'bogus-intent',
+            organization: organization,
+          )
+        end.to raise_error(
+          ArgumentError,
+          'bogus-intent is not a valid value. `intent` must be in ["sso"]',
+        )
+      end
+    end
+  end
+
+  describe '.list_organizations' do
+    context 'with no options' do
+      it 'returns organizations and metadata' do
+        expected_metadata = {
+          'after' => nil,
+          'before' => 'before-id',
+        }
+
+        VCR.use_cassette 'organization/list' do
+          organizations = described_class.list_organizations
+
+          expect(organizations.data.size).to eq(7)
+          expect(organizations.list_metadata).to eq(expected_metadata)
+        end
+      end
+    end
+
+    context 'with the before option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations?before=before-id',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
+          organizations = described_class.list_organizations(
+            before: 'before-id',
+          )
+
+          expect(organizations.data.size).to eq(7)
+        end
+      end
+    end
+
+    context 'with the after option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations?after=after-id',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
+          organizations = described_class.list_organizations(after: 'after-id')
+
+          expect(organizations.data.size).to eq(7)
+        end
+      end
+    end
+
+    context 'with the limit option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/organizations?limit=10',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
+          organizations = described_class.list_organizations(limit: 10)
+
+          expect(organizations.data.size).to eq(7)
+        end
+      end
+    end
+  end
+end

data/spec/lib/workos/sso_spec.rb

@@ -161,6 +161,24 @@ describe WorkOS::SSO do
       it 'returns a WorkOS::Profile' do
         profile = described_class.profile(**args)
         expect(profile).to be_a(WorkOS::Profile)
+
+        expectation = {
+          connection_type: 'OktaSAML',
+          email: 'demo@workos-okta.com',
+          first_name: 'WorkOS',
+          id: 'prof_01DRA1XNSJDZ19A31F183ECQW5',
+          idp_id: '00u1klkowm8EGah2H357',
+          last_name: 'Demo',
+          raw_attributes: {
+            email: 'demo@workos-okta.com',
+            first_name: 'WorkOS',
+            id: 'prof_01DRA1XNSJDZ19A31F183ECQW5',
+            idp_id: '00u1klkowm8EGah2H357',
+            last_name: 'Demo',
+          },
+        }
+
+        expect(profile.to_json).to eq(expectation)
       end
     end
 

data/spec/support/fixtures/vcr_cassettes/audit_trail/get_events.yml

@@ -0,0 +1,61 @@
+---
+http_interactions:
+  - request:
+      method: get
+      uri: https://api.workos.com/events
+      body:
+        encoding: US-ASCII
+        string: ""
+      headers:
+        Content-Type:
+          - application/json
+        Accept-Encoding:
+          - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+        Accept:
+          - "*/*"
+        User-Agent:
+          - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.4.0
+        Authorization:
+          - Bearer <API_KEY>
+    response:
+      status:
+        code: 200
+        message: OK
+      headers:
+        Vary:
+          - Origin, Accept-Encoding
+        Access-Control-Allow-Credentials:
+          - "true"
+        X-Dns-Prefetch-Control:
+          - "off"
+        X-Frame-Options:
+          - SAMEORIGIN
+        Strict-Transport-Security:
+          - max-age=15552000; includeSubDomains
+        X-Download-Options:
+          - noopen
+        X-Content-Type-Options:
+          - nosniff
+        X-Xss-Protection:
+          - 1; mode=block
+        X-Request-Id:
+          - ""
+        Content-Type:
+          - application/json; charset=utf-8
+        Etag:
+          - W/"1784-HtVN7X+AT30Dlt9nZrirP0nnyV8"
+        Date:
+          - Fri, 31 Jul 2020 14:41:12 GMT
+        Connection:
+          - keep-alive
+        Transfer-Encoding:
+          - chunked
+      body:
+        encoding: ASCII-8BIT
+        string:
+          '{"data":[{"object":"event","id":"evt_01EEJM9Q9SMC3W2SZDKA5VJ8XQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPHAYX46BBZKGK3BGQXJ","metadata":{"description":"User
+          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.384Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","project_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}},{"object":"event","id":"evt_01EEJM9Q7GMR1VGT6VXN2N2JJQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPGM8KFT9VBQHJMV8YZB","metadata":{"description":"User
+          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.360Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","project_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}}],"listMetadata":{"before":"evt_01EEJKZDAR6G4JHFQT4R3KSZDQ","after":null}}'
+      http_version:
+    recorded_at: Fri, 31 Jul 2020 14:41:12 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/organization/create.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/organizations
+    body:
+      encoding: UTF-8
+      string: '{"domains":["example.com"],"name":"Test Organization"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.5.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - bcddfa8b-3a12-4d48-b265-6094a26225a4
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '203'
+      Etag:
+      - W/"cb-T4+GTGrJeuAmC0PAjcaSX5ZXL18"
+      Date:
+      - Wed, 09 Sep 2020 20:17:53 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"name":"Test Organization","object":"organization","id":"org_01EHT88Z8J8795GZNQ4ZP1J81T","domains":[{"domain":"example.com","object":"organization_domain","id":"org_domain_01EHT88Z8WZEFWYPM6EC9BX2R8"}]}'
+    http_version: 
+  recorded_at: Wed, 09 Sep 2020 20:17:54 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/organizations
+    body:
+      encoding: UTF-8
+      string: '{"domains":["example.com"],"name":"Test Organization 2"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.5.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 409
+      message: Conflict
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - 929940d6-33dd-404c-9856-eca6cc606d28
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '73'
+      Etag:
+      - W/"49-8i1S2EtfSciiA8rvGWbYFNlSlhw"
+      Date:
+      - Wed, 09 Sep 2020 21:26:03 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"message":"An Organization with the domain example.com already exists."}'
+    http_version: 
+  recorded_at: Wed, 09 Sep 2020 21:26:03 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/organization/list.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: get
+    uri: https://api.workos.com/organizations
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.5.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 200
+      message: OK
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - bac447a8-ba37-40d0-bd2e-c6b0d9e55cb4
+      Content-Type:
+      - application/json; charset=utf-8
+      Etag:
+      - W/"5e0-jXwzOfsEklDxV9I2vJyDWqYBnmU"
+      Date:
+      - Tue, 08 Sep 2020 23:05:22 GMT
+      Transfer-Encoding:
+      - chunked
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: ASCII-8BIT
+      string: '{"object":"list","data":[{"object":"organization","id":"org_01EHQMYV6MBK39QC5PZXHY59C3","name":"example.com","domains":[{"object":"organization_domain","id":"org_domain_01EHQMYV71XT8H31WE5HF8YK4A","domain":"example.com"}]},{"object":"organization","id":"org_01EHQMVDTC2GRAHFCCRNTSKH46","name":"example2.com","domains":[{"object":"organization_domain","id":"org_domain_01EHQMVDTZVA27PK614ME4YK7V","domain":"example2.com"}]},{"object":"organization","id":"org_01EGS4P7QR31EZ4YWD1Z1XA176","name":"foo-corp.com","domains":[{"object":"organization_domain","id":"org_domain_01EGS4P7RNQPFQAQ7SKCC40KNE","domain":"foo-corp.com"}]},{"object":"organization","id":"org_01EGPYFYM0Y66AHNYQG9Z63DTN","name":"example3.com","domains":[{"object":"organization_domain","id":"org_domain_01EGPYFYMGTRR38Z109MCJ3HHA","domain":"example3.com"}]},{"object":"organization","id":"org_01EGPJWMT2EQMK7FMPR3TBC861","name":"workos.com","domains":[{"object":"organization_domain","id":"org_domain_01EGPJWMTHRB5FP6MKE14RZ9BQ","domain":"workos.com"}]},{"object":"organization","id":"org_01EGPJ5YY5P897573GJFGGY7ZF","name":"example4.com","domains":[{"object":"organization_domain","id":"org_domain_01EGPJ5YYE7V931BWYS1AJHHHC","domain":"example4.com"}]},{"object":"organization","id":"org_01EGP9Z6RY2J6YE0ZV57CGEXV2","name":"example5.com","domains":[{"object":"organization_domain","id":"org_domain_01EGP9Z6S6HVQ5CPD152GJBEA5","domain":"example5.com"}]}],"listMetadata":{"before":"before-id","after":null}}'
+    http_version: 
+  recorded_at: Tue, 08 Sep 2020 23:05:22 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/portal/generate_link.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/portal/generate_link
+    body:
+      encoding: UTF-8
+      string: '{"intent":"sso","organization":"org_01EHQMYV6MBK39QC5PZXHY59C3","return_url":null}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.5.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - cb9ad5cf-243a-4084-a4f6-2d7d2b097b8b
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '79'
+      Etag:
+      - W/"4f-NN86NUZRu/GQgPAYTexTS6/9DnM"
+      Date:
+      - Wed, 09 Sep 2020 23:43:07 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"link":"https://id.workos.com/portal/launch?secret=secret"}'
+    http_version: 
+  recorded_at: Wed, 09 Sep 2020 23:43:07 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/portal/generate_link_invalid.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/portal/generate_link
+    body:
+      encoding: UTF-8
+      string: '{"intent":"sso","organization":"bogus-id","return_url":null}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.5.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 400
+      message: Bad Request
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - f1c46aa5-0d87-4d9a-b2ce-dc0505eb8f75
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '67'
+      Etag:
+      - W/"43-kRRkij6uWMfZoSUJpiGbSXw7SNc"
+      Date:
+      - Thu, 10 Sep 2020 16:14:41 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"message":"Could not find an organization with the id, bogus-id."}'
+    http_version: 
+  recorded_at: Thu, 10 Sep 2020 16:14:41 GMT
+recorded_with: VCR 5.0.0

data/spec/support/profile.txt

@@ -1 +1 @@
-{"profile":{"object":"profile","id":"prof_01DRA1XNSJDZ19A31F183ECQW5","email":"demo@workos-okta.com","first_name":"WorkOS","connection_type":"OktaSAML","last_name":"Demo","idp_id":"00u1klkowm8EGah2H357"},"access_token":"01DVX6QBS3EG6FHY2ESAA5Q65X"}
+{"profile":{"object":"profile","id":"prof_01DRA1XNSJDZ19A31F183ECQW5","email":"demo@workos-okta.com","first_name":"WorkOS","connection_type":"OktaSAML","last_name":"Demo","idp_id":"00u1klkowm8EGah2H357","raw_attributes":{"id":"prof_01DRA1XNSJDZ19A31F183ECQW5","email":"demo@workos-okta.com","first_name":"WorkOS","last_name":"Demo","idp_id":"00u1klkowm8EGah2H357"}},"access_token":"01DVX6QBS3EG6FHY2ESAA5Q65X"}

data/workos.gemspec

@@ -25,7 +25,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'sorbet-runtime', '~> 0.5'
 
   spec.add_development_dependency 'bundler', '>= 2.0.1'
-  spec.add_development_dependency 'codecov', '~> 0.1.16'
+  spec.add_development_dependency 'codecov', '~> 0.2.8'
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec', '~> 3.9.0'
   spec.add_development_dependency 'rubocop', '~> 0.77'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 0.3.3
+  version: 0.6.0
 platform: ruby
 authors:
 - WorkOS
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-07-14 00:00:00.000000000 Z
+date: 2020-09-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sorbet-runtime
@@ -44,14 +44,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.16
+        version: 0.2.8
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.1.16
+        version: 0.2.8
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -213,10 +213,15 @@ files:
 - lib/workos/connection.rb
 - lib/workos/directory_sync.rb
 - lib/workos/errors.rb
+- lib/workos/organization.rb
+- lib/workos/portal.rb
 - lib/workos/profile.rb
 - lib/workos/sso.rb
 - lib/workos/types.rb
 - lib/workos/types/connection_struct.rb
+- lib/workos/types/intent_enum.rb
+- lib/workos/types/list_struct.rb
+- lib/workos/types/organization_struct.rb
 - lib/workos/types/profile_struct.rb
 - lib/workos/types/provider_enum.rb
 - lib/workos/version.rb
@@ -232,6 +237,7 @@ files:
 - spec/lib/workos/audit_trail_spec.rb
 - spec/lib/workos/base_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
+- spec/lib/workos/portal_spec.rb
 - spec/lib/workos/sso_spec.rb
 - spec/spec_helper.rb
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_event.yml
@@ -239,6 +245,7 @@ files:
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_event_invalid.yml
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_events_duplicate_idempotency_key_and_payload.yml
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_events_duplicate_idempotency_key_different_payload.yml
+- spec/support/fixtures/vcr_cassettes/audit_trail/get_events.yml
 - spec/support/fixtures/vcr_cassettes/base/execute_request_unauthenticated.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/get_group.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/get_group_with_invalid_id.yml
@@ -250,6 +257,11 @@ files:
 - spec/support/fixtures/vcr_cassettes/directory_sync/list_groups_with_directory_param.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/list_users.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/list_users_with_directory_param.yml
+- spec/support/fixtures/vcr_cassettes/organization/create.yml
+- spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
+- spec/support/fixtures/vcr_cassettes/organization/list.yml
+- spec/support/fixtures/vcr_cassettes/portal/generate_link.yml
+- spec/support/fixtures/vcr_cassettes/portal/generate_link_invalid.yml
 - spec/support/fixtures/vcr_cassettes/sso/create_connection_with_invalid_source.yml
 - spec/support/fixtures/vcr_cassettes/sso/create_connection_with_valid_source.yml
 - spec/support/profile.txt
@@ -282,6 +294,7 @@ test_files:
 - spec/lib/workos/audit_trail_spec.rb
 - spec/lib/workos/base_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
+- spec/lib/workos/portal_spec.rb
 - spec/lib/workos/sso_spec.rb
 - spec/spec_helper.rb
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_event.yml
@@ -289,6 +302,7 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_event_invalid.yml
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_events_duplicate_idempotency_key_and_payload.yml
 - spec/support/fixtures/vcr_cassettes/audit_trail/create_events_duplicate_idempotency_key_different_payload.yml
+- spec/support/fixtures/vcr_cassettes/audit_trail/get_events.yml
 - spec/support/fixtures/vcr_cassettes/base/execute_request_unauthenticated.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/get_group.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/get_group_with_invalid_id.yml
@@ -300,6 +314,11 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/directory_sync/list_groups_with_directory_param.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/list_users.yml
 - spec/support/fixtures/vcr_cassettes/directory_sync/list_users_with_directory_param.yml
+- spec/support/fixtures/vcr_cassettes/organization/create.yml
+- spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
+- spec/support/fixtures/vcr_cassettes/organization/list.yml
+- spec/support/fixtures/vcr_cassettes/portal/generate_link.yml
+- spec/support/fixtures/vcr_cassettes/portal/generate_link_invalid.yml
 - spec/support/fixtures/vcr_cassettes/sso/create_connection_with_invalid_source.yml
 - spec/support/fixtures/vcr_cassettes/sso/create_connection_with_valid_source.yml
 - spec/support/profile.txt