workos 0.9.0 → 1.0.0

data/lib/workos/organizations.rb

@@ -0,0 +1,150 @@
+# frozen_string_literal: true
+# typed: true
+
+require 'net/http'
+
+module WorkOS
+  # The Organizations module provides resource methods for working with Organizations
+  module Organizations
+    class << self
+      extend T::Sig
+      include Base
+      include Client
+
+      # Retrieve a list of organizations that have connections configured
+      # within your WorkOS dashboard.
+      #
+      # @param [Array<String>] domains Filter organizations to only return those
+      #  that are associated with the provided domains.
+      # @param [String] before A pagination argument used to request
+      #  organizations before the provided Organization ID.
+      # @param [String] after A pagination argument used to request
+      #  organizations after the provided Organization ID.
+      # @param [Integer] limit A pagination argument used to limit the number
+      #  of listed Organizations that are returned.
+      sig do
+        params(
+          options: T::Hash[Symbol, String],
+        ).returns(WorkOS::Types::ListStruct)
+      end
+      def list_organizations(options = {})
+        response = execute_request(
+          request: get_request(
+            path: '/organizations',
+            auth: true,
+            params: options,
+          ),
+        )
+
+        parsed_response = JSON.parse(response.body)
+
+        organizations = parsed_response['data'].map do |organization|
+          ::WorkOS::Organization.new(organization.to_json)
+        end
+
+        WorkOS::Types::ListStruct.new(
+          data: organizations,
+          list_metadata: parsed_response['listMetadata'],
+        )
+      end
+
+      # Get an Organization
+      #
+      # @param [String] id Organization unique identifier
+      #
+      # @example
+      #   WorkOS::Portal.get_organization(id: 'org_02DRA1XNSJDZ19A31F183ECQW9')
+      #   => #<WorkOS::Organization:0x00007fb6e4193d20
+      #         @id="org_02DRA1XNSJDZ19A31F183ECQW9",
+      #         @name="Foo Corp",
+      #         @domains=
+      #          [{:object=>"organization_domain",
+      #            :id=>"org_domain_01E6PK9N3XMD8RHWF7S66380AR",
+      #            :domain=>"foo-corp.com"}]>
+      #
+      # @return [WorkOS::Connection]
+      sig { params(id: String).returns(WorkOS::Organization) }
+      def get_organization(id:)
+        request = get_request(
+          auth: true,
+          path: "/organizations/#{id}",
+        )
+
+        response = execute_request(request: request)
+
+        WorkOS::Organization.new(response.body)
+      end
+
+      # Create an organization
+      #
+      # @param [Array<String>] domains List of domains that belong to the
+      #  organization
+      # @param [String] name A unique, descriptive name for the organization
+      sig do
+        params(
+          domains: T::Array[String],
+          name: String,
+        ).returns(WorkOS::Organization)
+      end
+      def create_organization(domains:, name:)
+        request = post_request(
+          auth: true,
+          body: { domains: domains, name: name },
+          path: '/organizations',
+        )
+
+        response = execute_request(request: request)
+        check_and_raise_organization_error(response: response)
+
+        WorkOS::Organization.new(response.body)
+      end
+
+      # Update an organization
+      #
+      # @param [String] organization Organization unique identifier
+      # @param [Array<String>] domains List of domains that belong to the
+      #  organization
+      # @param [String] name A unique, descriptive name for the organization
+      sig do
+        params(
+          organization: String,
+          domains: T::Array[String],
+          name: String,
+        ).returns(WorkOS::Organization)
+      end
+      def update_organization(organization:, domains:, name:)
+        request = put_request(
+          auth: true,
+          body: { domains: domains, name: name },
+          path: "/organizations/#{organization}",
+        )
+
+        response = execute_request(request: request)
+        check_and_raise_organization_error(response: response)
+
+        WorkOS::Organization.new(response.body)
+      end
+
+      private
+
+      sig { params(response: Net::HTTPResponse).void }
+      def check_and_raise_organization_error(response:)
+        begin
+          body = JSON.parse(response.body)
+          return unless body['message']
+
+          message = body['message']
+          request_id = response['x-request-id']
+        rescue StandardError
+          message = 'Something went wrong'
+        end
+
+        raise APIError.new(
+          message: message,
+          http_status: nil,
+          request_id: request_id,
+        )
+      end
+    end
+  end
+end

data/lib/workos/passwordless.rb

@@ -23,8 +23,15 @@ module WorkOS
       #  received from WorkOS will contain. The state parameter can be used to
       #  encode arbitrary information to help restore application state between
       #  redirects.
+      # @option options [String] connection Optional parameter for the ID of a
+      #  specific connection. This can be used to create a Passwordless Session
+      #  for a specific connection rather than using the domain from the email
+      #  to determine the Organization and Connection.
       # @option options [String] type The type of Passwordless Session to
       #  create. Currently, the only supported value is 'MagicLink'.
+      # @option options [String] redirect_uri The URI where users are directed
+      #  after completing the authentication step. Must match a
+      #  configured redirect URI on your WorkOS dashboard.
       #
       # @return Hash
       sig do
@@ -33,7 +40,6 @@ module WorkOS
         ).returns(WorkOS::Types::PasswordlessSessionStruct)
       end
 
-      # rubocop:disable Metrics/MethodLength
       def create_session(options)
         response = execute_request(
           request: post_request(
@@ -52,7 +58,6 @@ module WorkOS
           link: hash['link'],
         )
       end
-      # rubocop:enable Metrics/MethodLength
 
       # Send a Passwordless Session via email.
       #

data/lib/workos/portal.rb

@@ -15,34 +15,10 @@ module WorkOS
       GENERATE_LINK_INTENTS = WorkOS::Types::Intent.values.map(&:serialize).
                               freeze
 
-      # Create an organization
-      #
-      # @param [Array<String>] domains List of domains that belong to the
-      #  organization
-      # @param [String] name A unique, descriptive name for the organization
-      sig do
-        params(
-          domains: T::Array[String],
-          name: String,
-        ).returns(WorkOS::Organization)
-      end
-      def create_organization(domains:, name:)
-        request = post_request(
-          auth: true,
-          body: { domains: domains, name: name },
-          path: '/organizations',
-        )
-
-        response = execute_request(request: request)
-        check_and_raise_organization_error(response: response)
-
-        WorkOS::Organization.new(response.body)
-      end
-
       # Generate a link to grant access to an organization's Admin Portal
       #
       # @param [String] intent The access scope for the generated Admin Portal
-      #  link. Valid values are: ["sso"]
+      #  link. Valid values are: ["sso", "dsync"]
       # @param [String] organization The ID of the organization the Admin
       #  Portal link will be generated for.
       # @param [String] The URL that the end user will be redirected to upon
@@ -55,7 +31,6 @@ module WorkOS
           return_url: T.nilable(String),
         ).returns(String)
       end
-      # rubocop:disable Metrics/MethodLength
       def generate_link(intent:, organization:, return_url: nil)
         validate_intent(intent)
 
@@ -73,70 +48,9 @@ module WorkOS
 
         JSON.parse(response.body)['link']
       end
-      # rubocop:enable Metrics/MethodLength
-
-      # Retrieve a list of organizations that have connections configured
-      # within your WorkOS dashboard.
-      #
-      # @param [Array<String>] domains Filter organizations to only return those
-      #  that are associated with the provided domains.
-      # @param [String] before A pagination argument used to request
-      #  organizations before the provided Organization ID.
-      # @param [String] after A pagination argument used to request
-      #  organizations after the provided Organization ID.
-      # @param [Integer] limit A pagination argument used to limit the number
-      #  of listed Organizations that are returned.
-      sig do
-        params(
-          options: T::Hash[Symbol, String],
-        ).returns(WorkOS::Types::ListStruct)
-      end
-      # rubocop:disable Metrics/MethodLength
-      def list_organizations(options = {})
-        response = execute_request(
-          request: get_request(
-            path: '/organizations',
-            auth: true,
-            params: options,
-          ),
-        )
-
-        parsed_response = JSON.parse(response.body)
-
-        organizations = parsed_response['data'].map do |organization|
-          ::WorkOS::Organization.new(organization.to_json)
-        end
-
-        WorkOS::Types::ListStruct.new(
-          data: organizations,
-          list_metadata: parsed_response['listMetadata'],
-        )
-      end
-      # rubocop:enable Metrics/MethodLength
 
       private
 
-      sig { params(response: Net::HTTPResponse).void }
-      # rubocop:disable Metrics/MethodLength
-      def check_and_raise_organization_error(response:)
-        begin
-          body = JSON.parse(response.body)
-          return unless body['message']
-
-          message = body['message']
-          request_id = response['x-request-id']
-        rescue StandardError
-          message = 'Something went wrong'
-        end
-
-        raise APIError.new(
-          message: message,
-          http_status: nil,
-          request_id: request_id,
-        )
-      end
-      # rubocop:enable Metrics/MethodLength
-
       sig { params(intent: String).void }
       def validate_intent(intent)
         return if GENERATE_LINK_INTENTS.include?(intent)

data/lib/workos/profile.rb

@@ -1,8 +1,6 @@
 # frozen_string_literal: true
 # typed: true
 
-require 'json'
-
 module WorkOS
   # The Profile class provides a lighweight wrapper around
   # a normalized response from the various IDPs WorkOS
@@ -15,7 +13,7 @@ module WorkOS
     sig { returns(String) }
     attr_accessor :id, :email, :first_name, :last_name, :connection_id,
                   :connection_type, :idp_id, :raw_attributes
-    # rubocop:disable Metrics/AbcSize
+
     sig { params(profile_json: String).void }
     def initialize(profile_json)
       raw = parse_json(profile_json)
@@ -29,7 +27,6 @@ module WorkOS
       @idp_id = raw.idp_id
       @raw_attributes = raw.raw_attributes
     end
-    # rubocop:enable Metrics/AbcSize
 
     sig { returns(String) }
     def full_name
@@ -51,7 +48,7 @@ module WorkOS
 
     private
 
-    # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
+    # rubocop:disable Metrics/AbcSize
     sig { params(json_string: String).returns(WorkOS::Types::ProfileStruct) }
     def parse_json(json_string)
       hash = JSON.parse(json_string, symbolize_names: true)
@@ -67,6 +64,6 @@ module WorkOS
         raw_attributes: hash[:profile][:raw_attributes],
       )
     end
-    # rubocop:enable Metrics/AbcSize, Metrics/MethodLength
+    # rubocop:enable Metrics/AbcSize
   end
 end

data/lib/workos/profile_and_token.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+# typed: true
+
+module WorkOS
+  # The ProfileAndToken class represents a Profile and a corresponding
+  # Access Token. This class is not meant to be instantiated in user space, and
+  # is instantiated internally but exposed.
+  class ProfileAndToken
+    extend T::Sig
+
+    attr_accessor :access_token, :profile
+
+    sig { params(profile_and_token_json: String).void }
+    def initialize(profile_and_token_json)
+      json = JSON.parse(profile_and_token_json, symbolize_names: true)
+
+      @access_token = T.let(json[:access_token], String)
+      @profile = WorkOS::Profile.new(profile_and_token_json)
+    end
+
+    def to_json(*)
+      {
+        access_token: access_token,
+        profile: profile.to_json,
+      }
+    end
+  end
+end

data/lib/workos/sso.rb

@@ -6,7 +6,7 @@ require 'uri'
 
 module WorkOS
   # The SSO module provides convenience methods for working with the WorkOS
-  # SSO platform. You'll need a valid API key, a project ID, and to have
+  # SSO platform. You'll need a valid API key, a client ID, and to have
   # created an SSO connection on your WorkOS dashboard.
   #
   # @see https://docs.workos.com/sso/overview
@@ -26,7 +26,9 @@ module WorkOS
       #  required
       # @param [String] provider A provider name for an Identity Provider
       #  configured on your WorkOS dashboard. Only 'Google' is supported.
-      # @param [String] project_id The WorkOS project ID for the project
+      # @param [String] connection The ID for a Connection configured on
+      #  WorkOS.
+      # @param [String] client_id The WorkOS client ID for the environment
       #  where you've configured your SSO connection.
       # @param [String] redirect_uri The URI where users are directed
       #  after completing the authentication step. Must match a
@@ -36,7 +38,7 @@ module WorkOS
       # @example
       #   WorkOS::SSO.authorization_url(
       #     domain: 'acme.com',
-      #     project_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ',
+      #     client_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ',
       #     redirect_uri: 'https://workos.com/callback',
       #     state: {
       #       next_page: '/docs'
@@ -51,25 +53,36 @@ module WorkOS
       # @return [String]
       sig do
         params(
-          project_id: String,
           redirect_uri: String,
+          client_id: T.nilable(String),
           domain: T.nilable(String),
           provider: T.nilable(String),
+          connection: T.nilable(String),
           state: T.nilable(String),
         ).returns(String)
       end
       def authorization_url(
-        project_id:, redirect_uri:, domain: nil, provider: nil, state: ''
+        redirect_uri:,
+        client_id: nil,
+        domain: nil,
+        provider: nil,
+        connection: nil,
+        state: ''
       )
-        validate_domain_and_provider(provider: provider, domain: domain)
+        validate_authorization_url_arguments(
+          provider: provider,
+          domain: domain,
+          connection: connection,
+        )
 
         query = URI.encode_www_form({
-          client_id: project_id,
+          client_id: client_id,
           redirect_uri: redirect_uri,
           response_type: 'code',
           state: state,
           domain: domain,
           provider: provider,
+          connection: connection,
         }.compact)
 
         "https://#{WorkOS::API_HOSTNAME}/sso/authorize?#{query}"
@@ -78,73 +91,77 @@ module WorkOS
       # Fetch the profile details for the authenticated SSO user.
       #
       # @param [String] code The authorization code provided in the callback URL
-      # @param [String] project_id The WorkOS project ID for the project
-      #  where you've  configured your SSO connection
+      # @param [String] client_id The WorkOS client ID for the environment
+      #  where you've configured your SSO connection
       #
-      # @example
-      #   WorkOS::SSO.profile(
-      #     code: 'acme.com',
-      #     project_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ'
-      #   )
-      #   => #<WorkOS::Profile:0x00007fb6e4193d20
-      #         @id="prof_01DRA1XNSJDZ19A31F183ECQW5",
-      #         @email="demo@workos-okta.com",
-      #         @first_name="WorkOS",
-      #         @connection_type="OktaSAML",
-      #         @last_name="Demo",
-      #         @idp_id="00u1klkowm8EGah2H357",
-      #         @access_token="01DVX6QBS3EG6FHY2ESAA5Q65X"
-      #        >
-      #
-      # @return [WorkOS::Profile]
-      sig { params(code: String, project_id: String).returns(WorkOS::Profile) }
-      def profile(code:, project_id:)
+      # @return [WorkOS::ProfileAndToken]
+      sig do
+        params(
+          code: String,
+          client_id: T.nilable(String),
+        ).returns(WorkOS::ProfileAndToken)
+      end
+      def profile_and_token(code:, client_id: nil)
         body = {
-          client_id: project_id,
+          client_id: client_id,
           client_secret: WorkOS.key!,
           grant_type: 'authorization_code',
           code: code,
         }
 
         response = client.request(post_request(path: '/sso/token', body: body))
-        check_and_raise_profile_error(response: response)
+        check_and_raise_profile_and_token_error(response: response)
 
-        WorkOS::Profile.new(response.body)
+        WorkOS::ProfileAndToken.new(response.body)
       end
 
-      # Promote a DraftConnection created via the WorkOS.js embed such that the
-      # Enterprise users can begin signing into your application.
-      #
-      # @param [String] token The Draft Connection token that's been provided to
-      # you by the WorkOS.js
+      # Retrieve connections.
       #
-      # @example
-      #   WorkOS::SSO.promote_draft_connection(
-      #     token: 'draft_conn_429u59js',
-      #   )
-      #   => true
+      # @param [Hash] options An options hash
+      # @option options [String] connection_type Authentication service
+      #  provider descriptor.
+      # @option options [String] domain The domain of the connection to be
+      #  retrieved.
+      # @option options [String] organization_id The id of the organization
+      #  of the connections to be retrieved.
+      # @option options [String] limit Maximum number of records to return.
+      # @option options [String] before Pagination cursor to receive records
+      #  before a provided Connection ID.
+      # @option options [String] after Pagination cursor to receive records
+      #  before a provided Connection ID.
       #
-      # @return [Bool] - returns `true` if successful, `false` otherwise.
-      # @see https://github.com/workos-inc/ruby-idp-link-example
-      sig { params(token: String).returns(T::Boolean) }
-      def promote_draft_connection(token:)
-        request = post_request(
-          auth: true,
-          path: "/draft_connections/#{token}/activate",
+      # @return [Hash]
+      sig do
+        params(
+          options: T::Hash[Symbol, String],
+        ).returns(WorkOS::Types::ListStruct)
+      end
+      def list_connections(options = {})
+        response = execute_request(
+          request: get_request(
+            path: '/connections',
+            auth: true,
+            params: options,
+          ),
         )
 
-        response = client.request(request)
+        parsed_response = JSON.parse(response.body)
+        connections = parsed_response['data'].map do |connection|
+          ::WorkOS::Connection.new(connection.to_json)
+        end
 
-        response.is_a? Net::HTTPSuccess
+        WorkOS::Types::ListStruct.new(
+          data: connections,
+          list_metadata: parsed_response['listMetadata'],
+        )
       end
 
-      # Create a Connection
+      # Get a Connection
       #
-      # @param [String] source The Draft Connection token that's been provided
-      # to you by WorkOS.js
+      # @param [String] id Connection unique identifier
       #
       # @example
-      #   WorkOS::SSO.create_connection(source: 'draft_conn_429u59js')
+      #   WorkOS::SSO.get_connection(id: 'conn_02DRA1XNSJDZ19A31F183ECQW9')
       #   => #<WorkOS::Connection:0x00007fb6e4193d20
       #         @id="conn_02DRA1XNSJDZ19A31F183ECQW9",
       #         @name="Foo Corp",
@@ -155,12 +172,11 @@ module WorkOS
       #            :domain=>"example.com"}]>
       #
       # @return [WorkOS::Connection]
-      sig { params(source: String).returns(WorkOS::Connection) }
-      def create_connection(source:)
-        request = post_request(
+      sig { params(id: String).returns(WorkOS::Connection) }
+      def get_connection(id:)
+        request = get_request(
           auth: true,
-          path: '/connections',
-          body: { source: source },
+          path: "/connections/#{id}",
         )
 
         response = execute_request(request: request)
@@ -168,17 +184,44 @@ module WorkOS
         WorkOS::Connection.new(response.body)
       end
 
+      # Delete a Connection
+      #
+      # @param [String] id Connection unique identifier
+      #
+      # @example
+      #   WorkOS::SSO.delete_connection(id: 'conn_02DRA1XNSJDZ19A31F183ECQW9')
+      #   => true
+      #
+      # @return [Bool] - returns `true` if successful
+      sig { params(id: String).returns(T::Boolean) }
+      def delete_connection(id:)
+        request = delete_request(
+          auth: true,
+          path: "/connections/#{id}",
+        )
+
+        response = execute_request(request: request)
+
+        response.is_a? Net::HTTPSuccess
+      end
+
       private
 
       sig do
         params(
           domain: T.nilable(String),
           provider: T.nilable(String),
+          connection: T.nilable(String),
         ).void
       end
-      def validate_domain_and_provider(domain:, provider:)
-        if [domain, provider].all?(&:nil?)
-          raise ArgumentError, 'Either domain or provider is required.'
+      def validate_authorization_url_arguments(
+        domain:,
+        provider:,
+        connection:
+      )
+        if [domain, provider, connection].all?(&:nil?)
+          raise ArgumentError, 'Either connection, domain, or ' \
+            'provider is required.'
         end
 
         return unless provider && !PROVIDERS.include?(provider)
@@ -187,12 +230,11 @@ module WorkOS
           " `provider` must be in #{PROVIDERS}"
       end
 
-      # rubocop:disable Metrics/MethodLength
       sig { params(response: Net::HTTPResponse).void }
-      def check_and_raise_profile_error(response:)
+      def check_and_raise_profile_and_token_error(response:)
         begin
           body = JSON.parse(response.body)
-          return if body['profile']
+          return if body['access_token'] && body['profile']
 
           message = body['message']
           request_id = response['x-request-id']
@@ -206,7 +248,6 @@ module WorkOS
           request_id: request_id,
         )
       end
-      # rubocop:enable Metrics/MethodLength
     end
   end
 end

data/lib/workos/types/connection_struct.rb

@@ -10,6 +10,9 @@ module WorkOS
       const :name, String
       const :connection_type, String
       const :domains, T::Array[T.untyped]
+      const :organization_id, String
+      const :state, String
+      const :status, String
     end
   end
 end

data/lib/workos/types/directory_group_struct.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+# typed: strict
+
+module WorkOS
+  module Types
+    # This DirectoryGroupStruct acts as a typed interface
+    # for the DirectoryGroup class
+    class DirectoryGroupStruct < T::Struct
+      const :id, String
+      const :name, String
+    end
+  end
+end

data/lib/workos/types/directory_struct.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+# typed: strict
+
+module WorkOS
+  module Types
+    # This DirectoryStruct acts as a typed interface
+    # for the Directory class
+    class DirectoryStruct < T::Struct
+      const :id, String
+      const :name, String
+      const :domain, String
+      const :type, String
+      const :state, String
+    end
+  end
+end