workos 0.9.1 → 0.10.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. checksums.yaml +4 -4
  2. data/.rubocop.yml +5 -1
  3. data/Gemfile.lock +2 -2
  4. data/README.md +15 -15
  5. data/docs/WorkOS/SSO.html +235 -235
  6. data/docs/file.README.html +20 -20
  7. data/lib/workos.rb +1 -0
  8. data/lib/workos/audit_trail.rb +1 -0
  9. data/lib/workos/client.rb +22 -1
  10. data/lib/workos/connection.rb +0 -2
  11. data/lib/workos/organization.rb +0 -2
  12. data/lib/workos/passwordless.rb +0 -2
  13. data/lib/workos/portal.rb +1 -7
  14. data/lib/workos/profile.rb +2 -4
  15. data/lib/workos/sso.rb +142 -17
  16. data/lib/workos/types/intent_enum.rb +1 -0
  17. data/lib/workos/version.rb +1 -1
  18. data/spec/lib/workos/audit_trail_spec.rb +0 -8
  19. data/spec/lib/workos/directory_sync_spec.rb +0 -8
  20. data/spec/lib/workos/passwordless_spec.rb +0 -8
  21. data/spec/lib/workos/portal_spec.rb +18 -11
  22. data/spec/lib/workos/sso_spec.rb +224 -29
  23. data/spec/spec_helper.rb +1 -0
  24. data/spec/support/fixtures/vcr_cassettes/audit_trail/get_events.yml +2 -2
  25. data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories.yml +1 -1
  26. data/spec/support/fixtures/vcr_cassettes/directory_sync/list_directories_with_domain_param.yml +1 -1
  27. data/spec/support/fixtures/vcr_cassettes/portal/generate_link_dsync.yml +72 -0
  28. data/spec/support/fixtures/vcr_cassettes/portal/{generate_link.yml → generate_link_sso.yml} +1 -1
  29. data/spec/support/fixtures/vcr_cassettes/sso/delete_connection_with_invalid_id.yml +72 -0
  30. data/spec/support/fixtures/vcr_cassettes/sso/delete_connection_with_valid_id.yml +70 -0
  31. data/spec/support/fixtures/vcr_cassettes/sso/get_connection_with_invalid_id.yml +72 -0
  32. data/spec/support/fixtures/vcr_cassettes/sso/get_connection_with_valid_id.yml +74 -0
  33. data/spec/support/fixtures/vcr_cassettes/sso/list_connections.yml +72 -0
  34. data/spec/support/fixtures/vcr_cassettes/sso/list_connections_with_after_param.yml +72 -0
  35. data/spec/support/fixtures/vcr_cassettes/sso/list_connections_with_before_param.yml +73 -0
  36. data/spec/support/fixtures/vcr_cassettes/sso/list_connections_with_connection_type_param.yml +72 -0
  37. data/spec/support/fixtures/vcr_cassettes/sso/list_connections_with_domain_param.yml +72 -0
  38. data/spec/support/fixtures/vcr_cassettes/sso/list_connections_with_limit_param.yml +72 -0
  39. data/spec/support/fixtures/vcr_cassettes/sso/list_connections_with_organization_id_param.yml +72 -0
  40. metadata +29 -5
@@ -5,9 +5,9 @@
5
5
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
6
6
  <title>
7
7
  File: README
8
-
8
+
9
9
  &mdash; Documentation by YARD 0.9.22
10
-
10
+
11
11
  </title>
12
12
 
13
13
  <link rel="stylesheet" href="css/style.css" type="text/css" />
@@ -35,14 +35,14 @@
35
35
  <div id="main" tabindex="-1">
36
36
  <div id="header">
37
37
  <div id="menu">
38
-
39
- <a href="_index.html">Index</a> &raquo;
38
+
39
+ <a href="_index.html">Index</a> &raquo;
40
40
  <span class="title">File: README</span>
41
-
41
+
42
42
  </div>
43
43
 
44
44
  <div id="search">
45
-
45
+
46
46
  <a class="full_list_link" id="class_list_link"
47
47
  href="class_list.html">
48
48
 
@@ -52,7 +52,7 @@
52
52
  <rect x="0" y="20" width="24" height="4" rx="1" ry="1"></rect>
53
53
  </svg>
54
54
  </a>
55
-
55
+
56
56
  </div>
57
57
  <div class="clear"></div>
58
58
  </div>
@@ -139,7 +139,7 @@
139
139
 
140
140
  <p>See our Ruby SSO example app for a <a href="https://github.com/workos-inc/ruby-sso-example">complete example</a>.</p>
141
141
 
142
- <pre class="code ruby"><code class="ruby">WorkOS::SSO.authorization_url(domain:, project_id:, redirect_uri:, state: {})
142
+ <pre class="code ruby"><code class="ruby">WorkOS::SSO.authorization_url(domain:, client_id:, redirect_uri:, state: {})
143
143
  </code></pre>
144
144
 
145
145
  <blockquote>
@@ -150,27 +150,27 @@
150
150
  <ul><li>
151
151
  <p><code>domain</code> (string) — the authenticating user&#39;s company domain, without protocol (ex. <code>example.com</code>)</p>
152
152
  </li><li>
153
- <p><code>project_id</code> (string) — your application&#39;s WorkOS <a href="https://dashboard.workos.com/sso/configuration">Project ID</a> (ex. <code>project_01JG3BCPTRTSTTWQR4VSHXGWCQ</code>)</p>
153
+ <p><code>client_id</code> (string) — your application&#39;s WorkOS <a href="https://dashboard.workos.com/sso/configuration">Client ID</a> (ex. <code>project_01JG3BCPTRTSTTWQR4VSHXGWCQ</code>)</p>
154
154
  </li><li>
155
155
  <p><code>state</code> (optional, hash) — an optional hash used to manage state across authorization transactions (ex. <code>{ next_page: &#39;/docs&#39;}</code>)</p>
156
156
  </li><li>
157
- <p><code>redirect_uri</code> (string) — a callback URL where your application redirects the user-agent after an authorization code is granted (ex. <code>workos.dev/callback</code>). This must match one of your configured callback URLs for the associated project on your WorkOS dashboard.</p>
157
+ <p><code>redirect_uri</code> (string) — a callback URL where your application redirects the user-agent after an authorization code is granted (ex. <code>workos.dev/callback</code>). This must match one of your configured callback URLs for the associated environment on your WorkOS dashboard.</p>
158
158
  </li></ul>
159
159
 
160
160
  <p>This method will return an OAuth2 query string of the form:</p>
161
161
 
162
- <p><code>https://${domain}/sso/authorize?response_type=code&client_id=${projectID}&redirect_uri=${redirectURI}&state=${state}</code></p>
162
+ <p><code>https://${domain}/sso/authorize?response_type=code&client_id=${clientID}&redirect_uri=${redirectURI}&state=${state}</code></p>
163
163
 
164
164
  <p>For example, when used in a <a href="http://sinatrarb.com/">Sinatra app</a>:</p>
165
165
 
166
166
  <pre class="code ruby"><code class="ruby"><span class='const'>DOMAIN</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>example.com</span><span class='tstring_end'>&#39;</span></span>
167
- <span class='const'>PROJECT_ID</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>{projectId}</span><span class='tstring_end'>&#39;</span></span>
167
+ <span class='const'>CLIENT_ID</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>{clientId}</span><span class='tstring_end'>&#39;</span></span>
168
168
  <span class='const'>REDIRECT_URI</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>http://localhost:4567/callback</span><span class='tstring_end'>&#39;</span></span>
169
169
 
170
170
  <span class='id identifier rubyid_get'>get</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/auth</span><span class='tstring_end'>&#39;</span></span> <span class='kw'>do</span>
171
171
  <span class='id identifier rubyid_authorization_url'>authorization_url</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="WorkOS.html" title="WorkOS (module)">WorkOS</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="WorkOS/SSO.html" title="WorkOS::SSO (module)">SSO</a></span></span><span class='period'>.</span><span class='id identifier rubyid_authorization_url'><span class='object_link'><a href="WorkOS/SSO.html#authorization_url-class_method" title="WorkOS::SSO.authorization_url (method)">authorization_url</a></span></span><span class='lparen'>(</span>
172
172
  <span class='label'>domain:</span> <span class='const'>DOMAIN</span><span class='comma'>,</span>
173
- <span class='label'>project_id:</span> <span class='const'>PROJECT_ID</span><span class='comma'>,</span>
173
+ <span class='label'>client_id:</span> <span class='const'>CLIENT_ID</span><span class='comma'>,</span>
174
174
  <span class='label'>redirect_uri:</span> <span class='const'>REDIRECT_URI</span><span class='comma'>,</span>
175
175
  <span class='rparen'>)</span>
176
176
 
@@ -180,11 +180,11 @@
180
180
 
181
181
  <p>The user would be redirected to:</p>
182
182
 
183
- <p><code>https://api.workos.com/sso/authorize?response_type=code&client_id={projectID}&redirect_uri=http://localhost:4567/callback</code></p>
183
+ <p><code>https://api.workos.com/sso/authorize?response_type=code&client_id={clientID}&redirect_uri=http://localhost:4567/callback</code></p>
184
184
 
185
185
  <p>WorkOS takes over from here, sending the user to authenticate with their IDP, and on successful login, returns the user to your callback URL with a <code>code</code> parameter. You&#39;ll use <code>WorkOS::SSO.profile</code> to exchange the code for a <code>WorkOS::Profile</code>.</p>
186
186
 
187
- <pre class="code ruby"><code class="ruby">WorkOS::SSO.profile(code:, project_id:)&lt;/h4&gt;
187
+ <pre class="code ruby"><code class="ruby">WorkOS::SSO.profile(code:, client_id:)&lt;/h4&gt;
188
188
  </code></pre>
189
189
 
190
190
  <blockquote>
@@ -195,7 +195,7 @@
195
195
  <ul><li>
196
196
  <p><code>code</code> (string) — an opaque string provided by the authorization server; will be exchanged for an Access Token when the user&#39;s profile is sent</p>
197
197
  </li><li>
198
- <p><code>project_id</code> (string) — your application&#39;s WorkOS <a href="https://dashboard.workos.com/sso/configuration">Project ID</a> (ex. <code>project_01JG3BCPTRTSTTWQR4VSHXGWCQ</code>)</p>
198
+ <p><code>client_id</code> (string) — your application&#39;s WorkOS <a href="https://dashboard.workos.com/sso/configuration">Client ID</a> (ex. <code>project_01JG3BCPTRTSTTWQR4VSHXGWCQ</code>)</p>
199
199
  </li></ul>
200
200
 
201
201
  <p>This method will return an instance of a <code>WorkOS::Profile</code> with the following attributes:</p>
@@ -213,13 +213,13 @@
213
213
  <p>Our Sintatra app can be extended to use this method:</p>
214
214
 
215
215
  <pre class="code ruby"><code class="ruby"><span class='const'>DOMAIN</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>example.com</span><span class='tstring_end'>&#39;</span></span>
216
- <span class='const'>PROJECT_ID</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>{projectId}</span><span class='tstring_end'>&#39;</span></span>
216
+ <span class='const'>CLIENT_ID</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>{clientId}</span><span class='tstring_end'>&#39;</span></span>
217
217
  <span class='const'>REDIRECT_URI</span> <span class='op'>=</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>http://localhost:4567/callback</span><span class='tstring_end'>&#39;</span></span>
218
218
 
219
219
  <span class='id identifier rubyid_get'>get</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/auth</span><span class='tstring_end'>&#39;</span></span> <span class='kw'>do</span>
220
220
  <span class='id identifier rubyid_authorization_url'>authorization_url</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="WorkOS.html" title="WorkOS (module)">WorkOS</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="WorkOS/SSO.html" title="WorkOS::SSO (module)">SSO</a></span></span><span class='period'>.</span><span class='id identifier rubyid_authorization_url'><span class='object_link'><a href="WorkOS/SSO.html#authorization_url-class_method" title="WorkOS::SSO.authorization_url (method)">authorization_url</a></span></span><span class='lparen'>(</span>
221
221
  <span class='label'>domain:</span> <span class='const'>DOMAIN</span><span class='comma'>,</span>
222
- <span class='label'>project_id:</span> <span class='const'>PROJECT_ID</span><span class='comma'>,</span>
222
+ <span class='label'>client_id:</span> <span class='const'>CLIENT_ID</span><span class='comma'>,</span>
223
223
  <span class='label'>redirect_uri:</span> <span class='const'>REDIRECT_URI</span><span class='comma'>,</span>
224
224
  <span class='rparen'>)</span>
225
225
 
@@ -229,7 +229,7 @@
229
229
  <span class='id identifier rubyid_get'>get</span> <span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>/callback</span><span class='tstring_end'>&#39;</span></span> <span class='kw'>do</span>
230
230
  <span class='id identifier rubyid_profile'>profile</span> <span class='op'>=</span> <span class='const'><span class='object_link'><a href="WorkOS.html" title="WorkOS (module)">WorkOS</a></span></span><span class='op'>::</span><span class='const'><span class='object_link'><a href="WorkOS/SSO.html" title="WorkOS::SSO (module)">SSO</a></span></span><span class='period'>.</span><span class='id identifier rubyid_profile'><span class='object_link'><a href="WorkOS/SSO.html#profile-class_method" title="WorkOS::SSO.profile (method)">profile</a></span></span><span class='lparen'>(</span>
231
231
  <span class='label'>code:</span> <span class='id identifier rubyid_params'>params</span><span class='lbracket'>[</span><span class='tstring'><span class='tstring_beg'>&#39;</span><span class='tstring_content'>code</span><span class='tstring_end'>&#39;</span></span><span class='rbracket'>]</span><span class='comma'>,</span>
232
- <span class='label'>project_id:</span> <span class='const'>PROJECT_ID</span><span class='comma'>,</span>
232
+ <span class='label'>client_id:</span> <span class='const'>CLIENT_ID</span><span class='comma'>,</span>
233
233
  <span class='rparen'>)</span>
234
234
 
235
235
  <span class='id identifier rubyid_session'>session</span><span class='lbracket'>[</span><span class='symbol'>:user</span><span class='rbracket'>]</span> <span class='op'>=</span> <span class='id identifier rubyid_profile'>profile</span><span class='period'>.</span><span class='id identifier rubyid_to_json'>to_json</span>
@@ -249,4 +249,4 @@
249
249
 
250
250
  </div>
251
251
  </body>
252
- </html>
252
+ </html>
data/lib/workos.rb CHANGED
@@ -3,6 +3,7 @@
3
3
 
4
4
  require 'workos/version'
5
5
  require 'sorbet-runtime'
6
+ require 'json'
6
7
 
7
8
  # Use the WorkOS module to authenticate your
8
9
  # requests to the WorkOS API. The gem will read
@@ -51,6 +51,7 @@ module WorkOS
51
51
  def create_event(event:, idempotency_key: nil)
52
52
  request = post_request(
53
53
  path: '/events',
54
+ auth: true,
54
55
  idempotency_key: idempotency_key,
55
56
  body: event,
56
57
  )
data/lib/workos/client.rb CHANGED
@@ -19,7 +19,7 @@ module WorkOS
19
19
 
20
20
  sig do
21
21
  params(
22
- request: T.any(Net::HTTP::Get, Net::HTTP::Post),
22
+ request: T.any(Net::HTTP::Get, Net::HTTP::Post, Net::HTTP::Delete),
23
23
  ).returns(::T.untyped)
24
24
  end
25
25
  def execute_request(request:)
@@ -69,6 +69,27 @@ module WorkOS
69
69
  request
70
70
  end
71
71
 
72
+ sig do
73
+ params(
74
+ path: String,
75
+ auth: T.nilable(T::Boolean),
76
+ params: T.nilable(Hash),
77
+ ).returns(Net::HTTP::Delete)
78
+ end
79
+ def delete_request(path:, auth: false, params: {})
80
+ uri = URI(path)
81
+ uri.query = URI.encode_www_form(params) if params
82
+
83
+ request = Net::HTTP::Delete.new(
84
+ uri.to_s,
85
+ 'Content-Type' => 'application/json',
86
+ )
87
+
88
+ request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
89
+ request['User-Agent'] = user_agent
90
+ request
91
+ end
92
+
72
93
  sig { returns(String) }
73
94
  def user_agent
74
95
  engine = defined?(::RUBY_ENGINE) ? ::RUBY_ENGINE : 'Ruby'
@@ -1,8 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  # typed: true
3
3
 
4
- require 'json'
5
-
6
4
  module WorkOS
7
5
  # The Connection class provides a lightweight wrapper around
8
6
  # a WorkOS Connection resource. This class is not meant to be instantiated
@@ -1,8 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  # typed: true
3
3
 
4
- require 'json'
5
-
6
4
  module WorkOS
7
5
  # The Organization class provides a lightweight wrapper around
8
6
  # a WorkOS Organization resource. This class is not meant to be instantiated
@@ -36,7 +36,6 @@ module WorkOS
36
36
  ).returns(WorkOS::Types::PasswordlessSessionStruct)
37
37
  end
38
38
 
39
- # rubocop:disable Metrics/MethodLength
40
39
  def create_session(options)
41
40
  response = execute_request(
42
41
  request: post_request(
@@ -55,7 +54,6 @@ module WorkOS
55
54
  link: hash['link'],
56
55
  )
57
56
  end
58
- # rubocop:enable Metrics/MethodLength
59
57
 
60
58
  # Send a Passwordless Session via email.
61
59
  #
data/lib/workos/portal.rb CHANGED
@@ -42,7 +42,7 @@ module WorkOS
42
42
  # Generate a link to grant access to an organization's Admin Portal
43
43
  #
44
44
  # @param [String] intent The access scope for the generated Admin Portal
45
- # link. Valid values are: ["sso"]
45
+ # link. Valid values are: ["sso", "dsync"]
46
46
  # @param [String] organization The ID of the organization the Admin
47
47
  # Portal link will be generated for.
48
48
  # @param [String] The URL that the end user will be redirected to upon
@@ -55,7 +55,6 @@ module WorkOS
55
55
  return_url: T.nilable(String),
56
56
  ).returns(String)
57
57
  end
58
- # rubocop:disable Metrics/MethodLength
59
58
  def generate_link(intent:, organization:, return_url: nil)
60
59
  validate_intent(intent)
61
60
 
@@ -73,7 +72,6 @@ module WorkOS
73
72
 
74
73
  JSON.parse(response.body)['link']
75
74
  end
76
- # rubocop:enable Metrics/MethodLength
77
75
 
78
76
  # Retrieve a list of organizations that have connections configured
79
77
  # within your WorkOS dashboard.
@@ -91,7 +89,6 @@ module WorkOS
91
89
  options: T::Hash[Symbol, String],
92
90
  ).returns(WorkOS::Types::ListStruct)
93
91
  end
94
- # rubocop:disable Metrics/MethodLength
95
92
  def list_organizations(options = {})
96
93
  response = execute_request(
97
94
  request: get_request(
@@ -112,12 +109,10 @@ module WorkOS
112
109
  list_metadata: parsed_response['listMetadata'],
113
110
  )
114
111
  end
115
- # rubocop:enable Metrics/MethodLength
116
112
 
117
113
  private
118
114
 
119
115
  sig { params(response: Net::HTTPResponse).void }
120
- # rubocop:disable Metrics/MethodLength
121
116
  def check_and_raise_organization_error(response:)
122
117
  begin
123
118
  body = JSON.parse(response.body)
@@ -135,7 +130,6 @@ module WorkOS
135
130
  request_id: request_id,
136
131
  )
137
132
  end
138
- # rubocop:enable Metrics/MethodLength
139
133
 
140
134
  sig { params(intent: String).void }
141
135
  def validate_intent(intent)
@@ -1,8 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  # typed: true
3
3
 
4
- require 'json'
5
-
6
4
  module WorkOS
7
5
  # The Profile class provides a lighweight wrapper around
8
6
  # a normalized response from the various IDPs WorkOS
@@ -51,7 +49,7 @@ module WorkOS
51
49
 
52
50
  private
53
51
 
54
- # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
52
+ # rubocop:disable Metrics/AbcSize
55
53
  sig { params(json_string: String).returns(WorkOS::Types::ProfileStruct) }
56
54
  def parse_json(json_string)
57
55
  hash = JSON.parse(json_string, symbolize_names: true)
@@ -67,6 +65,6 @@ module WorkOS
67
65
  raw_attributes: hash[:profile][:raw_attributes],
68
66
  )
69
67
  end
70
- # rubocop:enable Metrics/AbcSize, Metrics/MethodLength
68
+ # rubocop:enable Metrics/AbcSize
71
69
  end
72
70
  end
data/lib/workos/sso.rb CHANGED
@@ -6,7 +6,7 @@ require 'uri'
6
6
 
7
7
  module WorkOS
8
8
  # The SSO module provides convenience methods for working with the WorkOS
9
- # SSO platform. You'll need a valid API key, a project ID, and to have
9
+ # SSO platform. You'll need a valid API key, a client ID, and to have
10
10
  # created an SSO connection on your WorkOS dashboard.
11
11
  #
12
12
  # @see https://docs.workos.com/sso/overview
@@ -26,8 +26,12 @@ module WorkOS
26
26
  # required
27
27
  # @param [String] provider A provider name for an Identity Provider
28
28
  # configured on your WorkOS dashboard. Only 'Google' is supported.
29
- # @param [String] project_id The WorkOS project ID for the project
29
+ # @param [String] connection The ID for a Connection configured on
30
+ # WorkOS.
31
+ # @param [String] client_id The WorkOS client ID for the environment
30
32
  # where you've configured your SSO connection.
33
+ # @param [String] project_id The WorkOS project ID for the project.
34
+ # The project_id is deprecated in Dashboard2.
31
35
  # @param [String] redirect_uri The URI where users are directed
32
36
  # after completing the authentication step. Must match a
33
37
  # configured redirect URI on your WorkOS dashboard.
@@ -36,7 +40,7 @@ module WorkOS
36
40
  # @example
37
41
  # WorkOS::SSO.authorization_url(
38
42
  # domain: 'acme.com',
39
- # project_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ',
43
+ # client_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ',
40
44
  # redirect_uri: 'https://workos.com/callback',
41
45
  # state: {
42
46
  # next_page: '/docs'
@@ -51,40 +55,63 @@ module WorkOS
51
55
  # @return [String]
52
56
  sig do
53
57
  params(
54
- project_id: String,
55
58
  redirect_uri: String,
59
+ project_id: T.nilable(String),
60
+ client_id: T.nilable(String),
56
61
  domain: T.nilable(String),
57
62
  provider: T.nilable(String),
63
+ connection: T.nilable(String),
58
64
  state: T.nilable(String),
59
65
  ).returns(String)
60
66
  end
67
+ # rubocop:disable Metrics/MethodLength, Metrics/ParameterLists
61
68
  def authorization_url(
62
- project_id:, redirect_uri:, domain: nil, provider: nil, state: ''
69
+ redirect_uri:,
70
+ project_id: nil,
71
+ client_id: nil,
72
+ domain: nil,
73
+ provider: nil,
74
+ connection: nil,
75
+ state: ''
63
76
  )
64
- validate_domain_and_provider(provider: provider, domain: domain)
77
+ if project_id
78
+ warn '[DEPRECATION] `project_id` is deprecated.
79
+ Please use `client_id` instead.'
80
+ client_id = project_id
81
+ end
82
+
83
+ validate_authorization_url_arguments(
84
+ provider: provider,
85
+ domain: domain,
86
+ connection: connection,
87
+ )
65
88
 
66
89
  query = URI.encode_www_form({
67
- client_id: project_id,
90
+ client_id: client_id,
68
91
  redirect_uri: redirect_uri,
69
92
  response_type: 'code',
70
93
  state: state,
71
94
  domain: domain,
72
95
  provider: provider,
96
+ connection: connection,
73
97
  }.compact)
74
98
 
75
99
  "https://#{WorkOS::API_HOSTNAME}/sso/authorize?#{query}"
76
100
  end
101
+ # rubocop:enable Metrics/MethodLength, Metrics/ParameterLists
77
102
 
78
103
  # Fetch the profile details for the authenticated SSO user.
79
104
  #
80
105
  # @param [String] code The authorization code provided in the callback URL
81
- # @param [String] project_id The WorkOS project ID for the project
106
+ # @param [String] client_id The WorkOS client ID for the environment
82
107
  # where you've configured your SSO connection
108
+ # @param [String] project_id The WorkOS project ID for the project.
109
+ # The project_id is deprecated in Dashboard2.
83
110
  #
84
111
  # @example
85
112
  # WorkOS::SSO.profile(
86
113
  # code: 'acme.com',
87
- # project_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ'
114
+ # client_id: 'project_01DG5TGK363GRVXP3ZS40WNGEZ'
88
115
  # )
89
116
  # => #<WorkOS::Profile:0x00007fb6e4193d20
90
117
  # @id="prof_01DRA1XNSJDZ19A31F183ECQW5",
@@ -97,10 +124,22 @@ module WorkOS
97
124
  # >
98
125
  #
99
126
  # @return [WorkOS::Profile]
100
- sig { params(code: String, project_id: String).returns(WorkOS::Profile) }
101
- def profile(code:, project_id:)
127
+ sig do
128
+ params(
129
+ code: String,
130
+ project_id: T.nilable(String),
131
+ client_id: T.nilable(String),
132
+ ).returns(WorkOS::Profile)
133
+ end
134
+ def profile(code:, project_id: nil, client_id: nil)
135
+ if project_id
136
+ warn '[DEPRECATION] `project_id` is deprecated.
137
+ Please use `client_id` instead.'
138
+ client_id = project_id
139
+ end
140
+
102
141
  body = {
103
- client_id: project_id,
142
+ client_id: client_id,
104
143
  client_secret: WorkOS.key!,
105
144
  grant_type: 'authorization_code',
106
145
  code: code,
@@ -168,17 +207,105 @@ module WorkOS
168
207
  WorkOS::Connection.new(response.body)
169
208
  end
170
209
 
210
+ # Retrieve connections.
211
+ #
212
+ # @param [Hash] options An options hash
213
+ # @option options [String] connection_type Authentication service
214
+ # provider descriptor.
215
+ # @option options [String] domain The domain of the connection to be
216
+ # retrieved.
217
+ # @option options [String] organization_id The id of the organization
218
+ # of the connections to be retrieved.
219
+ # @option options [String] limit Maximum number of records to return.
220
+ # @option options [String] before Pagination cursor to receive records
221
+ # before a provided Connection ID.
222
+ # @option options [String] after Pagination cursor to receive records
223
+ # before a provided Connection ID.
224
+ #
225
+ # @return [Hash]
226
+ sig do
227
+ params(
228
+ options: T::Hash[Symbol, String],
229
+ ).returns(T::Array[T::Hash[String, T.nilable(String)]])
230
+ end
231
+ def list_connections(options = {})
232
+ response = execute_request(
233
+ request: get_request(
234
+ path: '/connections',
235
+ auth: true,
236
+ params: options,
237
+ ),
238
+ )
239
+
240
+ JSON.parse(response.body)['data']
241
+ end
242
+
243
+ # Get a Connection
244
+ #
245
+ # @param [String] id Connection unique identifier
246
+ #
247
+ # @example
248
+ # WorkOS::SSO.get_connection(id: 'conn_02DRA1XNSJDZ19A31F183ECQW9')
249
+ # => #<WorkOS::Connection:0x00007fb6e4193d20
250
+ # @id="conn_02DRA1XNSJDZ19A31F183ECQW9",
251
+ # @name="Foo Corp",
252
+ # @connection_type="OktaSAML",
253
+ # @domains=
254
+ # [{:object=>"connection_domain",
255
+ # :id=>"domain_01E6PK9N3XMD8RHWF7S66380AR",
256
+ # :domain=>"example.com"}]>
257
+ #
258
+ # @return [WorkOS::Connection]
259
+ sig { params(id: String).returns(WorkOS::Connection) }
260
+ def get_connection(id:)
261
+ request = get_request(
262
+ auth: true,
263
+ path: "/connections/#{id}",
264
+ )
265
+
266
+ response = execute_request(request: request)
267
+
268
+ WorkOS::Connection.new(response.body)
269
+ end
270
+
271
+ # Delete a Connection
272
+ #
273
+ # @param [String] id Connection unique identifier
274
+ #
275
+ # @example
276
+ # WorkOS::SSO.delete_connection(id: 'conn_02DRA1XNSJDZ19A31F183ECQW9')
277
+ # => true
278
+ #
279
+ # @return [Bool] - returns `true` if successful
280
+ sig { params(id: String).returns(T::Boolean) }
281
+ def delete_connection(id:)
282
+ request = delete_request(
283
+ auth: true,
284
+ path: "/connections/#{id}",
285
+ )
286
+
287
+ response = execute_request(request: request)
288
+
289
+ response.is_a? Net::HTTPSuccess
290
+ end
291
+
171
292
  private
172
293
 
173
294
  sig do
174
295
  params(
175
296
  domain: T.nilable(String),
176
297
  provider: T.nilable(String),
298
+ connection: T.nilable(String),
177
299
  ).void
178
300
  end
179
- def validate_domain_and_provider(domain:, provider:)
180
- if [domain, provider].all?(&:nil?)
181
- raise ArgumentError, 'Either domain or provider is required.'
301
+ def validate_authorization_url_arguments(
302
+ domain:,
303
+ provider:,
304
+ connection:
305
+ )
306
+ if [domain, provider, connection].all?(&:nil?)
307
+ raise ArgumentError, 'Either connection, domain, or ' \
308
+ 'provider is required.'
182
309
  end
183
310
 
184
311
  return unless provider && !PROVIDERS.include?(provider)
@@ -187,7 +314,6 @@ module WorkOS
187
314
  " `provider` must be in #{PROVIDERS}"
188
315
  end
189
316
 
190
- # rubocop:disable Metrics/MethodLength
191
317
  sig { params(response: Net::HTTPResponse).void }
192
318
  def check_and_raise_profile_error(response:)
193
319
  begin
@@ -206,7 +332,6 @@ module WorkOS
206
332
  request_id: request_id,
207
333
  )
208
334
  end
209
- # rubocop:enable Metrics/MethodLength
210
335
  end
211
336
  end
212
337
  end