workos 0.9.0 → 0.10.2

data/lib/workos/types/intent_enum.rb

@@ -8,6 +8,7 @@ module WorkOS
     class Intent < T::Enum
       enums do
         SSO = new('sso')
+        DSYNC = new('dsync')
       end
     end
   end

data/lib/workos/version.rb

@@ -2,5 +2,5 @@
 # typed: strong
 
 module WorkOS
-  VERSION = '0.9.0'
+  VERSION = '0.10.2'
 end

data/spec/lib/workos/passwordless_spec.rb

@@ -16,6 +16,7 @@ describe WorkOS::Passwordless do
         {
           email: 'demo@workos-okta.com',
           type: 'MagicLink',
+          redirect_uri: 'foo.com/auth/callback',
         }
       end
 

data/spec/lib/workos/portal_spec.rb

@@ -47,9 +47,9 @@ describe WorkOS::Portal do
     let(:organization) { 'org_01EHQMYV6MBK39QC5PZXHY59C3' }
 
     describe 'with a valid organization' do
-      describe 'with the minimal params' do
+      context 'with the sso intent' do
         it 'returns an Admin Portal link' do
-          VCR.use_cassette 'portal/generate_link' do
+          VCR.use_cassette 'portal/generate_link_sso' do
             portal_link = described_class.generate_link(
               intent: 'sso',
               organization: organization,
@@ -61,6 +61,21 @@ describe WorkOS::Portal do
           end
         end
       end
+
+      describe 'with the dsync intent' do
+        it 'returns an Admin Portal link' do
+          VCR.use_cassette 'portal/generate_link_dsync' do
+            portal_link = described_class.generate_link(
+              intent: 'dsync',
+              organization: organization,
+            )
+
+            expect(portal_link).to eq(
+              'https://id.workos.com/portal/launch?secret=secret',
+            )
+          end
+        end
+      end
     end
 
     describe 'with an invalid organization' do
@@ -88,7 +103,7 @@ describe WorkOS::Portal do
           )
         end.to raise_error(
           ArgumentError,
-          'bogus-intent is not a valid value. `intent` must be in ["sso"]',
+          /bogus-intent is not a valid value/,
         )
       end
     end

data/spec/lib/workos/sso_spec.rb

@@ -9,7 +9,7 @@ describe WorkOS::SSO do
       let(:args) do
         {
           domain: 'foo.com',
-          project_id: 'workos-proj-123',
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -43,7 +43,7 @@ describe WorkOS::SSO do
       let(:args) do
         {
           provider: 'GoogleOAuth',
-          project_id: 'workos-proj-123',
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -76,7 +76,7 @@ describe WorkOS::SSO do
     context 'with neither domain or provider' do
       let(:args) do
         {
-          project_id: 'workos-proj-123',
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -97,7 +97,7 @@ describe WorkOS::SSO do
       let(:args) do
         {
           provider: 'Okta',
-          project_id: 'workos-proj-123',
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -113,6 +113,49 @@ describe WorkOS::SSO do
         )
       end
     end
+
+    context 'passing the project_id' do
+      let(:args) do
+        {
+          domain: 'foo.com',
+          project_id: 'workos-proj-123',
+          redirect_uri: 'foo.com/auth/callback',
+          state: {
+            next_page: '/dashboard/edit',
+          }.to_s,
+        }
+      end
+      it 'raises a deprecation warning' do
+        expect do
+          described_class.authorization_url(**args)
+        end.to output(
+          "[DEPRECATION] `project_id` is deprecated.
+          Please use `client_id` instead.\n",
+        ).to_stderr
+      end
+
+      it 'returns a valid URL' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url)).to be_a URI
+      end
+
+      it 'returns the expected hostname' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).host).to eq(WorkOS::API_HOSTNAME)
+      end
+
+      it 'returns the expected query string' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).query).to eq(
+          'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
+          '&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2F' \
+          'edit%22%7D&domain=foo.com',
+        )
+      end
+    end
   end
 
   describe '.profile' do
@@ -123,13 +166,13 @@ describe WorkOS::SSO do
     let(:args) do
       {
         code: SecureRandom.hex(10),
-        project_id: 'workos-proj-123',
+        client_id: 'workos-proj-123',
       }
     end
 
     let(:request_body) do
       {
-        client_id: args[:project_id],
+        client_id: args[:client_id],
         client_secret: WorkOS.key,
         code: args[:code],
         grant_type: 'authorization_code',
@@ -278,7 +321,7 @@ describe WorkOS::SSO do
     end
 
     let(:token) { 'draft_conn_id' }
-    let(:project_id) { 'proj_0239u590h' }
+    let(:client_id) { 'proj_0239u590h' }
 
     context 'with a valid request' do
       before do
@@ -312,4 +355,166 @@ describe WorkOS::SSO do
       end
     end
   end
+
+  describe '.list_connections' do
+    before(:all) do
+      WorkOS.key = 'key'
+    end
+
+    after(:all) do
+      WorkOS.key = nil
+    end
+
+    context 'with no options' do
+      it 'returns connections' do
+        VCR.use_cassette('sso/list_connections') do
+          connections = WorkOS::SSO.list_connections
+          expect(connections.size).to eq(1)
+        end
+      end
+    end
+
+    context 'with connection_type option' do
+      it 'returns connections' do
+        VCR.use_cassette('sso/list_connections_with_connection_type_param') do
+          connections = WorkOS::SSO.list_connections(
+            connection_type: 'OktaSAML',
+          )
+          expect(connections.first['connection_type']).to eq('OktaSAML')
+        end
+      end
+    end
+
+    context 'with domain option' do
+      it 'returns connections' do
+        VCR.use_cassette('sso/list_connections_with_domain_param') do
+          connections = WorkOS::SSO.list_connections(
+            domain: 'foo-corp.com',
+          )
+          domains = connections.first['domains']
+          expect(domains.first['domain']).to eq('foo-corp.com')
+        end
+      end
+    end
+
+    context 'with organization_id option' do
+      it 'returns connections' do
+        VCR.use_cassette('sso/list_connections_with_organization_id_param') do
+          connections = WorkOS::SSO.list_connections(
+            organization_id: 'org_01EGS4P7QR31EZ4YWD1Z1XA176',
+          )
+          expect(connections.size).to eq(1)
+          expect(connections.first['organization_id']).to eq(
+            'org_01EGS4P7QR31EZ4YWD1Z1XA176',
+          )
+        end
+      end
+    end
+
+    context 'with limit option' do
+      it 'returns connections' do
+        VCR.use_cassette('sso/list_connections_with_limit_param') do
+          connections = WorkOS::SSO.list_connections(
+            limit: 1,
+          )
+          expect(connections.size).to eq(1)
+        end
+      end
+    end
+
+    context 'with before option' do
+      it 'returns connections' do
+        VCR.use_cassette('sso/list_connections_with_before_param') do
+          connections = WorkOS::SSO.list_connections(
+            before: 'conn_01EQKPMQAPV02H270HKVNS4CTA',
+          )
+          expect(connections.size).to eq(1)
+        end
+      end
+    end
+
+    context 'with after option' do
+      it 'returns connections' do
+        VCR.use_cassette('sso/list_connections_with_after_param') do
+          connections = WorkOS::SSO.list_connections(
+            after: 'conn_01EQKPMQAPV02H270HKVNS4CTA',
+          )
+          expect(connections.size).to eq(1)
+        end
+      end
+    end
+  end
+
+  describe '.get_connection' do
+    before(:all) do
+      WorkOS.key = 'key'
+    end
+
+    after(:all) do
+      WorkOS.key = nil
+    end
+
+    context 'with a valid id' do
+      it 'gets the connection details' do
+        VCR.use_cassette('sso/get_connection_with_valid_id') do
+          connection = WorkOS::SSO.get_connection(
+            id: 'conn_01EX00NB050H354WKGC7990AR2',
+          )
+
+          expect(connection.id).to eq('conn_01EX00NB050H354WKGC7990AR2')
+          expect(connection.connection_type).to eq('OktaSAML')
+          expect(connection.name).to eq('Foo Corp')
+          expect(connection.domains.first[:domain]).to eq('foo-corp.com')
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'raises an error' do
+        VCR.use_cassette('sso/get_connection_with_invalid_id') do
+          expect do
+            WorkOS::SSO.get_connection(id: 'invalid')
+          end.to raise_error(
+            WorkOS::APIError,
+            'Status 404, Not Found - request ID: ',
+          )
+        end
+      end
+    end
+  end
+
+  describe '.delete_connection' do
+    before(:all) do
+      WorkOS.key = 'key'
+    end
+
+    after(:all) do
+      WorkOS.key = nil
+    end
+
+    context 'with a valid id' do
+      it 'returns true' do
+        VCR.use_cassette('sso/delete_connection_with_valid_id') do
+          response = WorkOS::SSO.delete_connection(
+            id: 'conn_01EX55FRVN1V2PCA9YWTMZQMMQ',
+          )
+
+          expect(response).to be(true)
+        end
+      end
+    end
+
+    context 'with an invalid id' do
+      it 'returns false' do
+        VCR.use_cassette('sso/delete_connection_with_invalid_id') do
+          expect do
+            WorkOS::SSO.delete_connection(id: 'invalid')
+          end.to raise_error(
+            WorkOS::APIError,
+            'Status 404, Not Found - request ID: ',
+          )
+        end
+      end
+    end
+  end
 end

data/spec/support/fixtures/vcr_cassettes/audit_trail/get_events.yml

@@ -54,8 +54,8 @@ http_interactions:
         encoding: ASCII-8BIT
         string:
           '{"data":[{"object":"event","id":"evt_01EEJM9Q9SMC3W2SZDKA5VJ8XQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPHAYX46BBZKGK3BGQXJ","metadata":{"description":"User
-          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.384Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","project_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}},{"object":"event","id":"evt_01EEJM9Q7GMR1VGT6VXN2N2JJQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPGM8KFT9VBQHJMV8YZB","metadata":{"description":"User
-          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.360Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","project_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}}],"listMetadata":{"before":"evt_01EEJKZDAR6G4JHFQT4R3KSZDQ","after":null}}'
+          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.384Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","client_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}},{"object":"event","id":"evt_01EEJM9Q7GMR1VGT6VXN2N2JJQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPGM8KFT9VBQHJMV8YZB","metadata":{"description":"User
+          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.360Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","client_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}}],"listMetadata":{"before":"evt_01EEJKZDAR6G4JHFQT4R3KSZDQ","after":null}}'
       http_version:
     recorded_at: Fri, 31 Jul 2020 14:41:12 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories.yml

@@ -56,7 +56,7 @@ http_interactions:
       - 1.1 vegur
     body:
       encoding: ASCII-8BIT
-      string: '{"object":"list","listMetadata":{"before":"directory_edp_01E44H95QPBGZ6A4D89VYZ0WX1","after":null},"data":[{"object":"directory","id":"directory_edp_01E64QQVQTCB0DECJ9CFNXEWDW","external_key":"lA3gS1kCZMCkk82E","state":"linked","type":"gsuite directory","name":"Foo Corp","bearer_token":null,"project_id":"project_01DFYCG8RCB1DB6DKFTGXF4Q9F","domain":"foo-corp.com"}]}'
+      string: '{"object":"list","listMetadata":{"before":"directory_edp_01E44H95QPBGZ6A4D89VYZ0WX1","after":null},"data":[{"object":"directory","id":"directory_edp_01E64QQVQTCB0DECJ9CFNXEWDW","external_key":"lA3gS1kCZMCkk82E","state":"linked","type":"gsuite directory","name":"Foo Corp","bearer_token":null,"client_id":"project_01DFYCG8RCB1DB6DKFTGXF4Q9F","domain":"foo-corp.com"}]}'
     http_version:
   recorded_at: Thu, 30 Apr 2020 03:11:45 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories_with_domain_param.yml

@@ -57,7 +57,7 @@ http_interactions:
     body:
       encoding: UTF-8
       string: '{"object":"list","listMetadata":{"before":null,"after":null},"data":[{"object":"directory","id":"directory_edp_01E64QQVQTCB0DECJ9CFNXEWDW","external_key":"lA3gS1kCZMCkk82E","state":"linked","type":"gsuite
-        directory","name":"Foo Corp","bearer_token":null,"project_id":"project_01DFYCG8RCB1DB6DKFTGXF4Q9F","domain":"foo-corp.com"}]}'
+        directory","name":"Foo Corp","bearer_token":null,"client_id":"project_01DFYCG8RCB1DB6DKFTGXF4Q9F","domain":"foo-corp.com"}]}'
     http_version:
   recorded_at: Thu, 30 Apr 2020 03:42:20 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/portal/generate_link_dsync.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: post
+    uri: https://api.workos.com/portal/generate_link
+    body:
+      encoding: UTF-8
+      string: '{"intent":"dsync","organization":"org_01EHQMYV6MBK39QC5PZXHY59C3","return_url":null}'
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin19; v0.10.1
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 201
+      message: Created
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - 5cf84612-cd60-4d91-9c7e-e1e11bb6b074
+      Content-Type:
+      - application/json; charset=utf-8
+      Content-Length:
+      - '319'
+      Etag:
+      - W/"13f-riW7JK+w7gdYvKYPzZmuQc+wFXk"
+      Date:
+      - Wed, 03 Mar 2021 22:08:00 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: '{"link":"https://id.workos.com/portal/launch?secret=secret"}'
+    http_version:
+  recorded_at: Wed, 03 Mar 2021 22:08:00 GMT
+recorded_with: VCR 5.0.0