workos 0.9.0 → 1.0.0

data/spec/lib/workos/portal_spec.rb

@@ -2,56 +2,30 @@
 # typed: false
 
 describe WorkOS::Portal do
-  before :all do
-    WorkOS.key = 'test'
-  end
-
-  after :all do
-    WorkOS.key = nil
-  end
-
-  describe '.create_organization' do
-    context 'with valid payload' do
-      it 'creates an organization' do
-        VCR.use_cassette 'organization/create' do
-          organization = described_class.create_organization(
-            domains: ['example.com'],
-            name: 'Test Organization',
-          )
+  describe '.generate_link' do
+    let(:organization) { 'org_01EHQMYV6MBK39QC5PZXHY59C3' }
 
-          expect(organization.id).to eq('org_01EHT88Z8J8795GZNQ4ZP1J81T')
-          expect(organization.name).to eq('Test Organization')
-          expect(organization.domains.first[:domain]).to eq('example.com')
-        end
-      end
-    end
+    describe 'with a valid organization' do
+      context 'with the sso intent' do
+        it 'returns an Admin Portal link' do
+          VCR.use_cassette 'portal/generate_link_sso' do
+            portal_link = described_class.generate_link(
+              intent: 'sso',
+              organization: organization,
+            )
 
-    context 'with an invalid payload' do
-      it 'returns an error' do
-        VCR.use_cassette 'organization/create_invalid' do
-          expect do
-            described_class.create_organization(
-              domains: ['example.com'],
-              name: 'Test Organization 2',
+            expect(portal_link).to eq(
+              'https://id.workos.com/portal/launch?secret=secret',
             )
-          end.to raise_error(
-            WorkOS::APIError,
-            /An Organization with the domain example.com already exists/,
-          )
+          end
         end
       end
-    end
-  end
 
-  describe '.generate_link' do
-    let(:organization) { 'org_01EHQMYV6MBK39QC5PZXHY59C3' }
-
-    describe 'with a valid organization' do
-      describe 'with the minimal params' do
+      describe 'with the dsync intent' do
         it 'returns an Admin Portal link' do
-          VCR.use_cassette 'portal/generate_link' do
+          VCR.use_cassette 'portal/generate_link_dsync' do
             portal_link = described_class.generate_link(
-              intent: 'sso',
+              intent: 'dsync',
               organization: organization,
             )
 
@@ -88,89 +62,9 @@ describe WorkOS::Portal do
           )
         end.to raise_error(
           ArgumentError,
-          'bogus-intent is not a valid value. `intent` must be in ["sso"]',
+          /bogus-intent is not a valid value/,
         )
       end
     end
   end
-
-  describe '.list_organizations' do
-    context 'with no options' do
-      it 'returns organizations and metadata' do
-        expected_metadata = {
-          'after' => nil,
-          'before' => 'before-id',
-        }
-
-        VCR.use_cassette 'organization/list' do
-          organizations = described_class.list_organizations
-
-          expect(organizations.data.size).to eq(7)
-          expect(organizations.list_metadata).to eq(expected_metadata)
-        end
-      end
-    end
-
-    context 'with the before option' do
-      it 'forms the proper request to the API' do
-        request_args = [
-          '/organizations?before=before-id',
-          'Content-Type' => 'application/json'
-        ]
-
-        expected_request = Net::HTTP::Get.new(*request_args)
-
-        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
-          and_return(expected_request)
-
-        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
-          organizations = described_class.list_organizations(
-            before: 'before-id',
-          )
-
-          expect(organizations.data.size).to eq(7)
-        end
-      end
-    end
-
-    context 'with the after option' do
-      it 'forms the proper request to the API' do
-        request_args = [
-          '/organizations?after=after-id',
-          'Content-Type' => 'application/json'
-        ]
-
-        expected_request = Net::HTTP::Get.new(*request_args)
-
-        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
-          and_return(expected_request)
-
-        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
-          organizations = described_class.list_organizations(after: 'after-id')
-
-          expect(organizations.data.size).to eq(7)
-        end
-      end
-    end
-
-    context 'with the limit option' do
-      it 'forms the proper request to the API' do
-        request_args = [
-          '/organizations?limit=10',
-          'Content-Type' => 'application/json'
-        ]
-
-        expected_request = Net::HTTP::Get.new(*request_args)
-
-        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
-          and_return(expected_request)
-
-        VCR.use_cassette 'organization/list', match_requests_on: [:path] do
-          organizations = described_class.list_organizations(limit: 10)
-
-          expect(organizations.data.size).to eq(7)
-        end
-      end
-    end
-  end
 end

data/spec/lib/workos/sso_spec.rb

@@ -9,7 +9,7 @@ describe WorkOS::SSO do
       let(:args) do
         {
           domain: 'foo.com',
-          project_id: 'workos-proj-123',
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -43,7 +43,7 @@ describe WorkOS::SSO do
       let(:args) do
         {
           provider: 'GoogleOAuth',
-          project_id: 'workos-proj-123',
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -73,10 +73,44 @@ describe WorkOS::SSO do
       end
     end
 
-    context 'with neither domain or provider' do
+    context 'with a connection' do
       let(:args) do
         {
-          project_id: 'workos-proj-123',
+          connection: 'connection_123',
+          client_id: 'workos-proj-123',
+          redirect_uri: 'foo.com/auth/callback',
+          state: {
+            next_page: '/dashboard/edit',
+          }.to_s,
+        }
+      end
+      it 'returns a valid URL' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url)).to be_a URI
+      end
+
+      it 'returns the expected hostname' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).host).to eq(WorkOS::API_HOSTNAME)
+      end
+
+      it 'returns the expected query string' do
+        authorization_url = described_class.authorization_url(**args)
+
+        expect(URI.parse(authorization_url).query).to eq(
+          'client_id=workos-proj-123&redirect_uri=foo.com%2Fauth%2Fcallback' \
+          '&response_type=code&state=%7B%3Anext_page%3D%3E%22%2Fdashboard%2F' \
+          'edit%22%7D&connection=connection_123',
+        )
+      end
+    end
+
+    context 'with neither connection, domain, or provider' do
+      let(:args) do
+        {
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -88,7 +122,7 @@ describe WorkOS::SSO do
           described_class.authorization_url(**args)
         end.to raise_error(
           ArgumentError,
-          'Either domain or provider is required.',
+          'Either connection, domain, or provider is required.',
         )
       end
     end
@@ -97,7 +131,7 @@ describe WorkOS::SSO do
       let(:args) do
         {
           provider: 'Okta',
-          project_id: 'workos-proj-123',
+          client_id: 'workos-proj-123',
           redirect_uri: 'foo.com/auth/callback',
           state: {
             next_page: '/dashboard/edit',
@@ -115,21 +149,17 @@ describe WorkOS::SSO do
     end
   end
 
-  describe '.profile' do
-    before do
-      WorkOS.key = 'api-key'
-    end
-
+  describe '.profile_and_token' do
     let(:args) do
       {
         code: SecureRandom.hex(10),
-        project_id: 'workos-proj-123',
+        client_id: 'workos-proj-123',
       }
     end
 
     let(:request_body) do
       {
-        client_id: args[:project_id],
+        client_id: args[:client_id],
         client_secret: WorkOS.key,
         code: args[:code],
         grant_type: 'authorization_code',
@@ -152,15 +182,15 @@ describe WorkOS::SSO do
       end
 
       it 'includes the SDK Version header' do
-        described_class.profile(**args)
+        described_class.profile_and_token(**args)
 
         expect(a_request(:post, 'https://api.workos.com/sso/token').
           with(headers: headers, body: request_body)).to have_been_made
       end
 
-      it 'returns a WorkOS::Profile' do
-        profile = described_class.profile(**args)
-        expect(profile).to be_a(WorkOS::Profile)
+      it 'returns a WorkOS::ProfileAndToken' do
+        profile_and_token = described_class.profile_and_token(**args)
+        expect(profile_and_token).to be_a(WorkOS::ProfileAndToken)
 
         expectation = {
           connection_id: 'conn_01EMH8WAK20T42N2NBMNBCYHAG',
@@ -179,7 +209,8 @@ describe WorkOS::SSO do
           },
         }
 
-        expect(profile.to_json).to eq(expectation)
+        expect(profile_and_token.access_token).to eq('01DVX6QBS3EG6FHY2ESAA5Q65X')
+        expect(profile_and_token.profile.to_json).to eq(expectation)
       end
     end
 
@@ -196,7 +227,7 @@ describe WorkOS::SSO do
 
       it 'raises an exception with request ID' do
         expect do
-          described_class.profile(**args)
+          described_class.profile_and_token(**args)
         end.to raise_error(
           WorkOS::APIError,
           'some error message - request ID: request-id',
@@ -220,7 +251,7 @@ describe WorkOS::SSO do
 
       it 'raises an exception' do
         expect do
-          described_class.profile(**args)
+          described_class.profile_and_token(**args)
         end.to raise_error(
           WorkOS::APIError,
           "The code '01DVX3C5Z367SFHR8QNDMK7V24'" \
@@ -230,85 +261,213 @@ describe WorkOS::SSO do
     end
   end
 
-  describe '.create_connection' do
-    before(:all) do
-      WorkOS.key = 'key'
+  describe '.list_connections' do
+    context 'with no options' do
+      it 'returns connections and metadata' do
+        expected_metadata = {
+          'after' => nil,
+          'before' => 'before_id',
+        }
+
+        VCR.use_cassette 'sso/list_connections/with_no_options' do
+          connections = described_class.list_connections
+
+          expect(connections.data.size).to eq(3)
+          expect(connections.list_metadata).to eq(expected_metadata)
+        end
+      end
     end
 
-    after(:all) do
-      WorkOS.key = nil
+    context 'with connection_type option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/connections?connection_type=OktaSAML',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'sso/list_connections/with_connection_type' do
+          connections = described_class.list_connections(
+            connection_type: 'OktaSAML',
+          )
+
+          expect(connections.data.size).to eq(3)
+          expect(connections.data.first.connection_type).to eq('OktaSAML')
+        end
+      end
     end
 
-    context 'with a valid source' do
-      it 'creates a connection' do
-        VCR.use_cassette('sso/create_connection_with_valid_source') do
-          connection = WorkOS::SSO.create_connection(
-            source: 'draft_conn_01E6PK87QP6NQ29RRX0G100YGV',
+    context 'with domain option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/connections?domain=foo-corp.com',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'sso/list_connections/with_domain' do
+          connections = described_class.list_connections(
+            domain: 'foo-corp.com',
           )
 
-          expect(connection.id).to eq('conn_01E4F9T2YWZFD218DN04KVFDSY')
-          expect(connection.connection_type).to eq('GoogleOAuth')
-          expect(connection.name).to eq('Foo Corp')
-          expect(connection.domains.first[:domain]).to eq('example.com')
+          expect(connections.data.size).to eq(1)
         end
       end
     end
 
-    context 'with an invalid source' do
-      it 'raises an error' do
-        VCR.use_cassette('sso/create_connection_with_invalid_source') do
-          expect do
-            WorkOS::SSO.create_connection(source: 'invalid')
-          end.to raise_error(
-            WorkOS::APIError,
-            'Status 404, Not Found - request ID: ',
+    context 'with organization_id option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/connections?organization_id=org_01EGS4P7QR31EZ4YWD1Z1XA176',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'sso/list_connections/with_organization_id' do
+          connections = described_class.list_connections(
+            organization_id: 'org_01EGS4P7QR31EZ4YWD1Z1XA176',
+          )
+
+          expect(connections.data.size).to eq(1)
+          expect(connections.data.first.organization_id).to eq(
+            'org_01EGS4P7QR31EZ4YWD1Z1XA176',
           )
         end
       end
     end
-  end
 
-  describe '.promote_draft_connection' do
-    before(:all) do
-      WorkOS.key = 'key'
+    context 'with limit option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/connections?limit=2',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'sso/list_connections/with_limit' do
+          connections = described_class.list_connections(
+            limit: 2,
+          )
+
+          expect(connections.data.size).to eq(2)
+        end
+      end
     end
 
-    after(:all) do
-      WorkOS.key = nil
+    context 'with before option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/connections?before=conn_01EQKPMQAPV02H270HKVNS4CTA',
+          'Content-Type' => 'application/json'
+        ]
+
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'sso/list_connections/with_before' do
+          connections = described_class.list_connections(
+            before: 'conn_01EQKPMQAPV02H270HKVNS4CTA',
+          )
+
+          expect(connections.data.size).to eq(3)
+        end
+      end
     end
 
-    let(:token) { 'draft_conn_id' }
-    let(:project_id) { 'proj_0239u590h' }
+    context 'with after option' do
+      it 'forms the proper request to the API' do
+        request_args = [
+          '/connections?after=conn_01EQKPMQAPV02H270HKVNS4CTA',
+          'Content-Type' => 'application/json'
+        ]
 
-    context 'with a valid request' do
-      before do
-        stub_request(
-          :post,
-          "https://api.workos.com/draft_connections/#{token}/activate",
-        ).to_return(status: 200)
+        expected_request = Net::HTTP::Get.new(*request_args)
+
+        expect(Net::HTTP::Get).to receive(:new).with(*request_args).
+          and_return(expected_request)
+
+        VCR.use_cassette 'sso/list_connections/with_after' do
+          connections = described_class.list_connections(
+            after: 'conn_01EQKPMQAPV02H270HKVNS4CTA',
+          )
+
+          expect(connections.data.size).to eq(3)
+        end
       end
-      it 'returns true' do
-        response = described_class.promote_draft_connection(
-          token: token,
-        )
+    end
+  end
 
-        expect(response).to be(true)
+  describe '.get_connection' do
+    context 'with a valid id' do
+      it 'gets the connection details' do
+        VCR.use_cassette('sso/get_connection_with_valid_id') do
+          connection = WorkOS::SSO.get_connection(
+            id: 'conn_01EX00NB050H354WKGC7990AR2',
+          )
+
+          expect(connection.id).to eq('conn_01EX00NB050H354WKGC7990AR2')
+          expect(connection.connection_type).to eq('OktaSAML')
+          expect(connection.name).to eq('Foo Corp')
+          expect(connection.domains.first[:domain]).to eq('foo-corp.com')
+        end
       end
     end
 
-    context 'with an invalid request' do
-      before do
-        stub_request(
-          :post,
-          "https://api.workos.com/draft_connections/#{token}/activate",
-        ).to_return(status: 403)
+    context 'with an invalid id' do
+      it 'raises an error' do
+        VCR.use_cassette('sso/get_connection_with_invalid_id') do
+          expect do
+            WorkOS::SSO.get_connection(id: 'invalid')
+          end.to raise_error(
+            WorkOS::APIError,
+            'Status 404, Not Found - request ID: ',
+          )
+        end
       end
+    end
+  end
+
+  describe '.delete_connection' do
+    context 'with a valid id' do
       it 'returns true' do
-        response = described_class.promote_draft_connection(
-          token: token,
-        )
+        VCR.use_cassette('sso/delete_connection_with_valid_id') do
+          response = WorkOS::SSO.delete_connection(
+            id: 'conn_01EX55FRVN1V2PCA9YWTMZQMMQ',
+          )
+
+          expect(response).to be(true)
+        end
+      end
+    end
 
-        expect(response).to be(false)
+    context 'with an invalid id' do
+      it 'returns false' do
+        VCR.use_cassette('sso/delete_connection_with_invalid_id') do
+          expect do
+            WorkOS::SSO.delete_connection(id: 'invalid')
+          end.to raise_error(
+            WorkOS::APIError,
+            'Status 404, Not Found - request ID: ',
+          )
+        end
       end
     end
   end

data/spec/spec_helper.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
-# typed: true
+# typed: false
 
 require 'simplecov'
 SimpleCov.start
@@ -48,5 +48,6 @@ RSpec.configure do |config|
     end
   end)
 
+  config.before(:all) { WorkOS.key ||= '' }
   config.before(:each) { VCR.turn_on! }
 end

data/spec/support/fixtures/vcr_cassettes/audit_trail/get_events.yml

@@ -54,8 +54,8 @@ http_interactions:
         encoding: ASCII-8BIT
         string:
           '{"data":[{"object":"event","id":"evt_01EEJM9Q9SMC3W2SZDKA5VJ8XQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPHAYX46BBZKGK3BGQXJ","metadata":{"description":"User
-          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.384Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","project_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}},{"object":"event","id":"evt_01EEJM9Q7GMR1VGT6VXN2N2JJQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPGM8KFT9VBQHJMV8YZB","metadata":{"description":"User
-          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.360Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","project_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}}],"listMetadata":{"before":"evt_01EEJKZDAR6G4JHFQT4R3KSZDQ","after":null}}'
+          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.384Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","client_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}},{"object":"event","id":"evt_01EEJM9Q7GMR1VGT6VXN2N2JJQ","group":"workos.com","location":"::1","latitude":null,"longitude":null,"type":"r","actor_name":"foo@example.com","actor_id":"user_01EEG9P7A1DA9VY9CX7GT47RPF","target_name":"api_key_query","target_id":"key_01EEG9MPGM8KFT9VBQHJMV8YZB","metadata":{"description":"User
+          viewed API key.","x_request_id":""},"occurred_at":"2020-07-31T14:27:00.360Z","action":{"object":"event_action","id":"evt_action_01EEGQXWAHB065P5JD0QDAAGDC","name":"user.viewed_api_key","client_id":"project_01DZB0E7HQMA6G85PQNHQJMZD0"}}],"listMetadata":{"before":"evt_01EEJKZDAR6G4JHFQT4R3KSZDQ","after":null}}'
       http_version:
     recorded_at: Fri, 31 Jul 2020 14:41:12 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/directory_sync/delete_directory.yml

@@ -0,0 +1,72 @@
+---
+http_interactions:
+- request:
+    method: delete
+    uri: https://api.workos.com/directories/directory_01F2T098SKN5PCTVSJ7CWP70N5
+    body:
+      encoding: US-ASCII
+      string: ''
+    headers:
+      Content-Type:
+      - application/json
+      Accept-Encoding:
+      - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
+      Accept:
+      - "*/*"
+      User-Agent:
+      - WorkOS; ruby/2.7.1; x86_64-darwin20; v0.10.3
+      Authorization:
+      - Bearer <API_KEY>
+  response:
+    status:
+      code: 202
+      message: Accepted
+    headers:
+      Server:
+      - Cowboy
+      Connection:
+      - keep-alive
+      Vary:
+      - Origin, Accept-Encoding
+      Access-Control-Allow-Credentials:
+      - 'true'
+      Content-Security-Policy:
+      - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
+        https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
+        ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
+      X-Dns-Prefetch-Control:
+      - 'off'
+      Expect-Ct:
+      - max-age=0
+      X-Frame-Options:
+      - SAMEORIGIN
+      Strict-Transport-Security:
+      - max-age=15552000; includeSubDomains
+      X-Download-Options:
+      - noopen
+      X-Content-Type-Options:
+      - nosniff
+      X-Permitted-Cross-Domain-Policies:
+      - none
+      Referrer-Policy:
+      - no-referrer
+      X-Xss-Protection:
+      - '0'
+      X-Request-Id:
+      - 834c3434-80dd-4e5e-bda7-95cd1412ad29
+      Content-Type:
+      - text/plain; charset=utf-8
+      Content-Length:
+      - '8'
+      Etag:
+      - W/"8-YaBXLEiT7zQxEyDYTILfiL6oPhE"
+      Date:
+      - Wed, 21 Apr 2021 22:26:51 GMT
+      Via:
+      - 1.1 vegur
+    body:
+      encoding: UTF-8
+      string: Accepted
+    http_version:
+  recorded_at: Wed, 21 Apr 2021 22:26:51 GMT
+recorded_with: VCR 5.0.0