workos 0.6.0 → 0.9.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f0fdd6aec096f0a3a3aa2f20c398515b1bf42d8e5b3d529e316bdce2327a0961
-  data.tar.gz: 269a70ac10a9aa6f7b49f7cefbde2b1af8e5bf559b429d202b5d5167bb8b83f2
+  metadata.gz: aa4a3df1bd438866ffdd87bea0cc2b4c0155a1a72073f22265335845711e0b07
+  data.tar.gz: e0330ab1c70938e2092f76102aa62559574a20dce5e9b6d3443c1c80792c82b7
 SHA512:
-  metadata.gz: dd67a590cefd06ae6fc83e45cd0cfe9243d8849e865e0b7f7eb342d0bb9a29b10cbb6693802d54bb25c045a2f90505f17217358c36ef196a2066ffab0ca6f2bc
-  data.tar.gz: e528ade9f4a33fff0a25d24fcdb94f6232a3fc00c8ef27233735520a71a7b8c207c2fb853040c96ce34a5a8b91c842d4b9dc485699101bcc58159743f9471934
+  metadata.gz: c1e6953bd43faa02ba0f0a7e8e6fe192a05b68d6a5694f6a448a6da7d419a9adb409a7512b3a7a95caf8ba630cb56d9eb0a52cb5d32f7afc0205dcc4e7b80434
+  data.tar.gz: 3ff44f67cbe7f1fa8151d08579ee1e997d30d222b0c72d666a5d0cca21817a2201c97a1780aefe2965dcb20f42640cce71827e6092375eff87fbb114eed2cc0e

data/.github/CODEOWNERS

@@ -0,0 +1,5 @@
+# See GitHub's docs for more details:
+# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
+
+# Rubyist Team
+* @workos-inc/ruby

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (0.6.0)
+    workos (0.9.1)
       sorbet-runtime (~> 0.5)
 
 GEM
@@ -54,7 +54,7 @@ GEM
     simplecov-html (0.12.2)
     sorbet (0.5.5560)
       sorbet-static (= 0.5.5560)
-    sorbet-runtime (0.5.5909)
+    sorbet-runtime (0.5.5943)
     sorbet-static (0.5.5560-universal-darwin-14)
     unicode-display_width (1.6.0)
     vcr (5.0.0)

data/README.md

@@ -42,50 +42,9 @@ Alternatively, you may set the key yourself, such as in an initializer in your a
 WorkOS.key = '[your api key]'
 ```
 
-## The Audit Trail Module
-
-The Audit Trail Module provides methods for creating Audit Trail events on
-WorkOS.
-
-See our [Audit Trail
-Overview](https://docs.workos.com/audit-trail/overview) for
-more information.
-
-```ruby
-payload = {
-  group: 'Foo Corp',
-  location: '127.0.0.1',
-  action: 'user.created',
-  action_type: 'C',
-  actor_name: 'Foo',
-  actor_id: 'user_12345',
-  target_name: 'Bar',
-  target_id: 'user_67890',
-  occurred_at: '2020-01-10T15:30:00-05:00',
-  metadata: {
-    source: 'Email',
-  }
-}
-
-WorkOS::AuditTrail.create_event(event: payload)
-```
-
-### Idempotency
-
-To perform an idempotent request, provide an additional idempotency_key
-parameter to the `create_event` options.
-
-```ruby
-WorkOS::AuditTrail.create_event(event: payload, idempotency_key: 'key123456')
-```
-
-See our [API
-Reference](https://docs.workos.com/audit-trail/api-reference#idempotency)
-for more information on idempotency keys.
-
 ## The SSO Module
 
-The SSO Module provides convenience methods for authenticating a Single Sign On (SSO) user via WorkOS. WorkOS SSO follows the Oauth 2.0 specification.
+The SSO Module provides convenient methods for authenticating a Single Sign On (SSO) user via WorkOS. WorkOS SSO follows the OAuth 2.0 specification.
 
 First, you'll direct your SSO users to an `authorization_url`. They will sign in to their SSO account with their Identity Provider, and be redirected to a
 callback URL that you set in your WorkOS Dashboard. The user will be redirected with a `code` URL parameter, which you can then exchange for a WorkOS::Profile
@@ -137,7 +96,7 @@ the user to your callback URL with a `code` parameter. You'll use `WorkOS::SSO.p
 code for a `WorkOS::Profile`.
 
 ```ruby
-WorkOS::SSO.profile(code:, project_id:)</h4>
+WorkOS::SSO.profile(code:, project_id:)
 ```
 
 > Fetch a WorkOS::Profile for an authorized user.
@@ -154,6 +113,7 @@ This method will return an instance of a `WorkOS::Profile` with the following at
   @id="prof_01DRA1XNSJDZ19A31F183ECQW5",
   @email="demo@workos-okta.com",
   @first_name="WorkOS",
+  @connection_id="conn_01EMH8WAK20T42N2NBMNBCYHAG",
   @connection_type="OktaSAML",
   @last_name="Demo",
   @idp_id="00u1klkowm8EGah2H357",
@@ -167,7 +127,7 @@ This method will return an instance of a `WorkOS::Profile` with the following at
 >
 ```
 
-Our Sintatra app can be extended to use this method:
+Our Sinatra app can be extended to use this method:
 
 ```ruby
 DOMAIN = 'example.com'
@@ -197,3 +157,107 @@ end
 ```
 
 Given the `WorkOS::Profile`, you can now sign the user in according to your own authentication setup.
+
+## The Magic Link Module
+
+The Magic Link Module provides methods for authenticating a Passwordless user via WorkOS.
+
+First, you'll create a Passwordless Session for a Magic Link connection.
+Then, using the session ID, you'll email a user the Magic Link confirmation URL.
+The user can then click on that link to be authenticated to your application.
+
+> Create a Passwordless Session for a Magic Link Connection.
+
+`WorkOS::Passwordless.create_session` accepts four arguments:
+
+- `email` (string) - the email of the user to authenticate.
+- `type` (string) - The type of Passwordless Session to create. Currently, the only supported value is `MagicLink`.
+- `state` (optional, string) - Optional parameter that a Developer can choose to include in their authorization URL. If included, then the redirect URI received from WorkOS will contain the exact `state` that was passed in the authorization URL.
+- `redirect_uri` (string) - a callback URL where your application redirects the user-agent after an authorization code is granted (ex. `workos.dev/callback`). This must match one of your configured callback URLs for the associated project on your WorkOS dashboard.
+
+This method will return a Passwordless Session object, containing the following attributes:
+
+- `id` (string) - the unique ID of the session.
+- `email` (string) - the email address of the user for the session.
+- `expires_at` (date) - the ISO-8601 datetime at which the session expires.
+- `link` (string) - the link for the user to authenticate with. You can use this link to send a custom email to the user, or send an email using the `WorkOS::Passwordless.send_session` method, described below.
+
+> Email a user the Magic Link confirmation URL.
+
+`WorkOS::Passwordless.send_session` accepts one argument:
+
+- `id` (string) - the unique identifier of the Passwordless Session to send an email for.
+
+This method will return a boolean confirming the Magic Link was sent.
+
+> Example with Sinatra application
+
+Our Sinatra app can be altered to use Magic Link:
+
+```ruby
+PROJECT_ID = '{projectId}'
+REDIRECT_URI = 'http://localhost:4567/callback'
+
+post '/passwordless-auth' do
+  session = WorkOS::Passwordless.create_session(
+    email: params[:email],
+    type: 'MagicLink',
+    redirect_uri: REDIRECT_URI
+  )
+  WorkOS::Passwordless.send_session(session.id)
+
+  redirect '/check-email'
+end
+
+get '/callback' do
+  profile = WorkOS::SSO.profile(
+    code: params['code'],
+    project_id: PROJECT_ID,
+  )
+
+  session[:user] = profile.to_json
+
+  redirect '/'
+end
+```
+
+## The Audit Trail Module
+
+The Audit Trail Module provides methods for creating Audit Trail events on
+WorkOS.
+
+See our [Audit Trail
+Overview](https://docs.workos.com/audit-trail/overview) for
+more information.
+
+```ruby
+payload = {
+  group: 'Foo Corp',
+  location: '127.0.0.1',
+  action: 'user.created',
+  action_type: 'C',
+  actor_name: 'Foo',
+  actor_id: 'user_12345',
+  target_name: 'Bar',
+  target_id: 'user_67890',
+  occurred_at: '2020-01-10T15:30:00-05:00',
+  metadata: {
+    source: 'Email',
+  }
+}
+
+WorkOS::AuditTrail.create_event(event: payload)
+```
+
+### Idempotency
+
+To perform an idempotent request, provide an additional idempotency_key
+parameter to the `create_event` options.
+
+```ruby
+WorkOS::AuditTrail.create_event(event: payload, idempotency_key: 'key123456')
+```
+
+See our [API
+Reference](https://docs.workos.com/audit-trail/api-reference#idempotency)
+for more information on idempotency keys.

data/lib/workos.rb

@@ -32,6 +32,7 @@ module WorkOS
   autoload :Connection, 'workos/connection'
   autoload :DirectorySync, 'workos/directory_sync'
   autoload :Organization, 'workos/organization'
+  autoload :Passwordless, 'workos/passwordless'
   autoload :Portal, 'workos/portal'
   autoload :Profile, 'workos/profile'
   autoload :SSO, 'workos/sso'

data/lib/workos/audit_trail.rb

@@ -83,8 +83,8 @@ module WorkOS
       #  event occurred at or after
       # @option options [String] occurred_at_lt ISO-8601 datetime of when an
       #  event occurred before
-      # @option options [String] ISO-8601 datetime of when an event occured at
-      #  or before
+      # @option options [String] occurred_at_lte ISO-8601 datetime of when an
+      #  event occured at or before
       # @option options [String] search Keyword search
       #
       # @return [Array<Hash>]

data/lib/workos/client.rb

@@ -81,8 +81,7 @@ module WorkOS
       ].join('; ')
     end
 
-
-    # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
+    # rubocop:disable Metrics/MethodLength, Metrics/AbcSize, Metrics/CyclomaticComplexity
     sig { params(response: ::T.untyped).void }
     def handle_error_response(response:)
       http_status = response.code.to_i
@@ -108,11 +107,10 @@ module WorkOS
           request_id: response['x-request-id'],
         )
       when 422
-        errors = json['errors'].map do |error|
-          "#{error['field']}: #{error['code']}"
-        end.join('; ')
+        message = json['message']
+        errors = extract_error(json['errors']) if json['errors']
+        message += " (#{errors})" if errors
 
-        message = "#{json['message']} (#{errors})"
         raise InvalidRequestError.new(
           message: message,
           http_status: http_status,
@@ -120,6 +118,14 @@ module WorkOS
         )
       end
     end
-    # rubocop:enable Metrics/MethodLength, Metrics/AbcSize
+    # rubocop:enable Metrics/MethodLength, Metrics/AbcSize, Metrics/CyclomaticComplexity
+
+    private
+
+    def extract_error(errors)
+      errors.map do |error|
+        "#{error['field']}: #{error['code']}"
+      end.join('; ')
+    end
   end
 end

data/lib/workos/passwordless.rb

@@ -0,0 +1,84 @@
+# frozen_string_literal: true
+# typed: true
+
+require 'net/http'
+
+module WorkOS
+  # The Passwordless module provides convenience methods for working with
+  # passwordless sessions including the WorkOS Magic Link. You'll need a valid
+  # API key.
+  #
+  # @see https://workos.com/docs/sso/configuring-magic-link
+  module Passwordless
+    class << self
+      extend T::Sig
+      include Base
+      include Client
+
+      # Create a Passwordless Session.
+      #
+      # @param [Hash] options A hash with options for the session
+      # @option options [String] email The email of the user to authenticate.
+      # @option options [String] state Optional parameter that the redirect URI
+      #  received from WorkOS will contain. The state parameter can be used to
+      #  encode arbitrary information to help restore application state between
+      #  redirects.
+      # @option options [String] type The type of Passwordless Session to
+      #  create. Currently, the only supported value is 'MagicLink'.
+      # @option options [String] redirect_uri The URI where users are directed
+      #  after completing the authentication step. Must match a
+      #  configured redirect URI on your WorkOS dashboard.
+      #
+      # @return Hash
+      sig do
+        params(
+          options: Hash,
+        ).returns(WorkOS::Types::PasswordlessSessionStruct)
+      end
+
+      # rubocop:disable Metrics/MethodLength
+      def create_session(options)
+        response = execute_request(
+          request: post_request(
+            path: '/passwordless/sessions',
+            auth: true,
+            body: options,
+          ),
+        )
+
+        hash = JSON.parse(response.body)
+
+        WorkOS::Types::PasswordlessSessionStruct.new(
+          id: hash['id'],
+          email: hash['email'],
+          expires_at: Date.parse(hash['expires_at']),
+          link: hash['link'],
+        )
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      # Send a Passwordless Session via email.
+      #
+      # @param [String] session_id The unique identifier of the Passwordless
+      #  Session to send an email for.
+      #
+      # @return Hash
+      sig do
+        params(
+          session_id: String,
+        ).returns(T::Hash[String, T::Boolean])
+      end
+
+      def send_session(session_id)
+        response = execute_request(
+          request: post_request(
+            path: "/passwordless/sessions/#{session_id}/send",
+            auth: true,
+          ),
+        )
+
+        JSON.parse(response.body)
+      end
+    end
+  end
+end

data/lib/workos/portal.rb

@@ -103,8 +103,12 @@ module WorkOS
 
         parsed_response = JSON.parse(response.body)
 
+        organizations = parsed_response['data'].map do |organization|
+          ::WorkOS::Organization.new(organization.to_json)
+        end
+
         WorkOS::Types::ListStruct.new(
-          data: parsed_response['data'],
+          data: organizations,
           list_metadata: parsed_response['listMetadata'],
         )
       end

data/lib/workos/profile.rb

@@ -13,9 +13,9 @@ module WorkOS
     extend T::Sig
 
     sig { returns(String) }
-    attr_accessor :id, :email, :first_name, :last_name,
+    attr_accessor :id, :email, :first_name, :last_name, :connection_id,
                   :connection_type, :idp_id, :raw_attributes
-
+    # rubocop:disable Metrics/AbcSize
     sig { params(profile_json: String).void }
     def initialize(profile_json)
       raw = parse_json(profile_json)
@@ -24,10 +24,12 @@ module WorkOS
       @email = T.let(raw.email, String)
       @first_name = raw.first_name
       @last_name = raw.last_name
+      @connection_id = T.let(raw.connection_id, String)
       @connection_type = T.let(raw.connection_type, String)
       @idp_id = raw.idp_id
       @raw_attributes = raw.raw_attributes
     end
+    # rubocop:enable Metrics/AbcSize
 
     sig { returns(String) }
     def full_name
@@ -40,6 +42,7 @@ module WorkOS
         email: email,
         first_name: first_name,
         last_name: last_name,
+        connection_id: connection_id,
         connection_type: connection_type,
         idp_id: idp_id,
         raw_attributes: raw_attributes,
@@ -48,7 +51,7 @@ module WorkOS
 
     private
 
-    # rubocop:disable Metrics/AbcSize
+    # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
     sig { params(json_string: String).returns(WorkOS::Types::ProfileStruct) }
     def parse_json(json_string)
       hash = JSON.parse(json_string, symbolize_names: true)
@@ -58,11 +61,12 @@ module WorkOS
         email: hash[:profile][:email],
         first_name: hash[:profile][:first_name],
         last_name: hash[:profile][:last_name],
+        connection_id: hash[:profile][:connection_id],
         connection_type: hash[:profile][:connection_type],
         idp_id: hash[:profile][:idp_id],
         raw_attributes: hash[:profile][:raw_attributes],
       )
     end
-    # rubocop:enable Metrics/AbcSize
+    # rubocop:enable Metrics/AbcSize, Metrics/MethodLength
   end
 end

data/lib/workos/types.rb

@@ -9,6 +9,7 @@ module WorkOS
     require_relative 'types/intent_enum'
     require_relative 'types/list_struct'
     require_relative 'types/organization_struct'
+    require_relative 'types/passwordless_session_struct'
     require_relative 'types/profile_struct'
     require_relative 'types/provider_enum'
   end

data/lib/workos/types/passwordless_session_struct.rb

@@ -0,0 +1,15 @@
+# frozen_string_literal: true
+# typed: strict
+
+module WorkOS
+  module Types
+    # This PasswordlessSessionStruct acts as a typed interface
+    # for the Passwordless class
+    class PasswordlessSessionStruct < T::Struct
+      const :id, String
+      const :email, String
+      const :expires_at, Date
+      const :link, String
+    end
+  end
+end

data/lib/workos/types/profile_struct.rb

@@ -10,6 +10,7 @@ module WorkOS
       const :email, String
       const :first_name, T.nilable(String)
       const :last_name, T.nilable(String)
+      const :connection_id, String
       const :connection_type, String
       const :idp_id, T.nilable(String)
       const :raw_attributes, T::Hash[Symbol, Object]

data/lib/workos/version.rb

@@ -2,5 +2,5 @@
 # typed: strong
 
 module WorkOS
-  VERSION = '0.6.0'
+  VERSION = '0.9.1'
 end

data/spec/lib/workos/passwordless_spec.rb

@@ -0,0 +1,83 @@
+# frozen_string_literal: true
+# typed: false
+
+describe WorkOS::Passwordless do
+  before(:all) do
+    WorkOS.key = 'key'
+  end
+
+  after(:all) do
+    WorkOS.key = nil
+  end
+
+  describe '.create_session' do
+    context 'with valid options payload' do
+      let(:valid_options) do
+        {
+          email: 'demo@workos-okta.com',
+          type: 'MagicLink',
+          redirect_uri: 'foo.com/auth/callback',
+        }
+      end
+
+      it 'creates a session' do
+        VCR.use_cassette('passwordless/create_session') do
+          response = described_class.create_session(valid_options)
+
+          expect(response.email).to eq 'demo@workos-okta.com'
+        end
+      end
+    end
+
+    context 'with invalid event payload' do
+      let(:invalid_options) do
+        {}
+      end
+
+      it 'raises an error' do
+        VCR.use_cassette('passwordless/create_session_invalid') do
+          expect do
+            described_class.create_session(invalid_options)
+          end.to raise_error(
+            WorkOS::InvalidRequestError,
+            /Status 422, Validation failed \(email: email must be a string; type: type must be a valid enum value\)/,
+          )
+        end
+      end
+    end
+  end
+
+  describe '.send_session' do
+    context 'with valid session id' do
+      let(:valid_options) do
+        {
+          email: 'demo@workos-okta.com',
+          type: 'MagicLink',
+        }
+      end
+
+      it 'send a session' do
+        VCR.use_cassette('passwordless/send_session') do
+          response = described_class.send_session(
+            'passwordless_session_01EJC0F4KH42T11Y2DHPEB09BM',
+          )
+
+          expect(response['success']).to eq true
+        end
+      end
+    end
+
+    context 'with invalid session id' do
+      it 'raises an error' do
+        VCR.use_cassette('passwordless/send_session_invalid') do
+          expect do
+            described_class.send_session('session_123')
+          end.to raise_error(
+            WorkOS::InvalidRequestError,
+            /Status 422, The passwordless session 'session_123' has expired or is invalid./,
+          )
+        end
+      end
+    end
+  end
+end

data/spec/lib/workos/sso_spec.rb

@@ -163,6 +163,7 @@ describe WorkOS::SSO do
         expect(profile).to be_a(WorkOS::Profile)
 
         expectation = {
+          connection_id: 'conn_01EMH8WAK20T42N2NBMNBCYHAG',
           connection_type: 'OktaSAML',
           email: 'demo@workos-okta.com',
           first_name: 'WorkOS',

data/spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/passwordless/sessions
+    body:
+      encoding: UTF-8
+      string: '{"email":"demo@workos-okta.com","type":"MagicLink"}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.7.0
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - 611c2a85-84e1-4bad-a2ec-43cf8371f134
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '238'
+      Etag:
+      - W/"ee-6KkIusxSXraxKqTLP+31C0PeHDU"
+      Date:
+      - Wed, 16 Sep 2020 15:39:08 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"object":"passwordless_session","id":"passwordless_session_01EJBS3JSXFE2DP6JC6ZVBZ095","email":"demo@workos-okta.com","expires_at":"2020-09-16T15:44:08.475Z","link":"https://api.workos.com/passwordless/ZBxkn2ZTUYqa82ky6QEYecemI/confirm"}'
+    http_version:
+  recorded_at: Wed, 16 Sep 2020 15:39:08 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/passwordless/create_session_invalid.yml

@@ -0,0 +1,73 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/passwordless/sessions
+    body:
+      encoding: UTF-8
+      string: "{}"
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.7.0
+      Authorization:
+      - Bearer sk_4q5ka3d9bx0XJiZhkKmUIOG87
+  response:
+    status:
+      code: 422
+      message: Unprocessable Entity
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - e3ca7215-2b2d-45cf-a04f-90279225f27e
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '150'
+      Etag:
+      - W/"96-O5ltHaJ3rEQ8+dqFwhN+Lhmgdb0"
+      Date:
+      - Wed, 16 Sep 2020 17:34:07 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"message":"Validation failed","errors":[{"field":"email","code":"email
+        must be a string"},{"field":"type","code":"type must be a valid enum value"}]}'
+    http_version: 
+  recorded_at: Wed, 16 Sep 2020 17:34:07 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/passwordless/send_session.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/passwordless/sessions/passwordless_session_01EJC0F4KH42T11Y2DHPEB09BM/send
+    body:
+      encoding: UTF-8
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.7.0
+      Authorization:
+      - Bearer sk_4q5ka3d9bx0XJiZhkKmUIOG87
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - d7d72520-9223-4145-b34e-df5e80a776d6
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '16'
+      Etag:
+      - W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
+      Date:
+      - Wed, 16 Sep 2020 17:47:47 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"success":true}'
+    http_version:
+  recorded_at: Wed, 16 Sep 2020 17:47:47 GMT
+recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/passwordless/send_session_invalid.yml

@@ -0,0 +1,73 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/passwordless/sessions/session_123/send
+    body:
+      encoding: UTF-8
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.7.0
+      Authorization:
+      - Bearer sk_4q5ka3d9bx0XJiZhkKmUIOG87
+  response:
+    status:
+      code: 422
+      message: Unprocessable Entity
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - 6c22578f-9d49-4118-a7bd-18014d447aad
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '79'
+      Etag:
+      - W/"4f-NjqaLicbRDM9SfS5gYKHlSgozt0"
+      Date:
+      - Wed, 16 Sep 2020 17:52:24 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"message":"The passwordless session ''session_123'' has expired or
+        is invalid."}'
+    http_version: 
+  recorded_at: Wed, 16 Sep 2020 17:52:24 GMT
+recorded_with: VCR 5.0.0

data/spec/support/profile.txt

@@ -1 +1 @@
-{"profile":{"object":"profile","id":"prof_01DRA1XNSJDZ19A31F183ECQW5","email":"demo@workos-okta.com","first_name":"WorkOS","connection_type":"OktaSAML","last_name":"Demo","idp_id":"00u1klkowm8EGah2H357","raw_attributes":{"id":"prof_01DRA1XNSJDZ19A31F183ECQW5","email":"demo@workos-okta.com","first_name":"WorkOS","last_name":"Demo","idp_id":"00u1klkowm8EGah2H357"}},"access_token":"01DVX6QBS3EG6FHY2ESAA5Q65X"}
+{"profile":{"object":"profile","id":"prof_01DRA1XNSJDZ19A31F183ECQW5","email":"demo@workos-okta.com","first_name":"WorkOS","connection_id":"conn_01EMH8WAK20T42N2NBMNBCYHAG","connection_type":"OktaSAML","last_name":"Demo","idp_id":"00u1klkowm8EGah2H357","raw_attributes":{"id":"prof_01DRA1XNSJDZ19A31F183ECQW5","email":"demo@workos-okta.com","first_name":"WorkOS","last_name":"Demo","idp_id":"00u1klkowm8EGah2H357"}},"access_token":"01DVX6QBS3EG6FHY2ESAA5Q65X"}

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: workos
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.9.1
 platform: ruby
 authors:
 - WorkOS
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-09-14 00:00:00.000000000 Z
+date: 2020-12-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sorbet-runtime
@@ -161,6 +161,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/CODEOWNERS"
 - ".github/renovate.json"
 - ".gitignore"
 - ".rspec"
@@ -168,7 +169,6 @@ files:
 - ".ruby-version"
 - ".semaphore/rubygems.yml"
 - ".semaphore/semaphore.yml"
-- CODEOWNERS
 - Gemfile
 - Gemfile.lock
 - LICENSE
@@ -214,6 +214,7 @@ files:
 - lib/workos/directory_sync.rb
 - lib/workos/errors.rb
 - lib/workos/organization.rb
+- lib/workos/passwordless.rb
 - lib/workos/portal.rb
 - lib/workos/profile.rb
 - lib/workos/sso.rb
@@ -222,6 +223,7 @@ files:
 - lib/workos/types/intent_enum.rb
 - lib/workos/types/list_struct.rb
 - lib/workos/types/organization_struct.rb
+- lib/workos/types/passwordless_session_struct.rb
 - lib/workos/types/profile_struct.rb
 - lib/workos/types/provider_enum.rb
 - lib/workos/version.rb
@@ -237,6 +239,7 @@ files:
 - spec/lib/workos/audit_trail_spec.rb
 - spec/lib/workos/base_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
+- spec/lib/workos/passwordless_spec.rb
 - spec/lib/workos/portal_spec.rb
 - spec/lib/workos/sso_spec.rb
 - spec/spec_helper.rb
@@ -260,6 +263,10 @@ files:
 - spec/support/fixtures/vcr_cassettes/organization/create.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
 - spec/support/fixtures/vcr_cassettes/organization/list.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/create_session_invalid.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/send_session.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/send_session_invalid.yml
 - spec/support/fixtures/vcr_cassettes/portal/generate_link.yml
 - spec/support/fixtures/vcr_cassettes/portal/generate_link_invalid.yml
 - spec/support/fixtures/vcr_cassettes/sso/create_connection_with_invalid_source.yml
@@ -294,6 +301,7 @@ test_files:
 - spec/lib/workos/audit_trail_spec.rb
 - spec/lib/workos/base_spec.rb
 - spec/lib/workos/directory_sync_spec.rb
+- spec/lib/workos/passwordless_spec.rb
 - spec/lib/workos/portal_spec.rb
 - spec/lib/workos/sso_spec.rb
 - spec/spec_helper.rb
@@ -317,6 +325,10 @@ test_files:
 - spec/support/fixtures/vcr_cassettes/organization/create.yml
 - spec/support/fixtures/vcr_cassettes/organization/create_invalid.yml
 - spec/support/fixtures/vcr_cassettes/organization/list.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/create_session.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/create_session_invalid.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/send_session.yml
+- spec/support/fixtures/vcr_cassettes/passwordless/send_session_invalid.yml
 - spec/support/fixtures/vcr_cassettes/portal/generate_link.yml
 - spec/support/fixtures/vcr_cassettes/portal/generate_link_invalid.yml
 - spec/support/fixtures/vcr_cassettes/sso/create_connection_with_invalid_source.yml

data/CODEOWNERS

@@ -1 +0,0 @@
-@marktran