workos 2.1.0 → 2.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0500b789496692e53bc6d47d80a21a0b8b802325e1e0f876fe0b94a775aa4f05
-  data.tar.gz: a7e8e350e7fb1336496e9a09ee7543a120e1b6ed62cc60dffbe1b4ccd2dd4712
+  metadata.gz: 286a2f14af16bfc7b9c77e7938c2b8d7366f4a03f9fca4c7892f85f60562e433
+  data.tar.gz: 8970807084e7022beb9bb1523c270e645c340e42e452d7f0d7ea0d64958cf1ea
 SHA512:
-  metadata.gz: 549c9210c2d765b2d6f264e62f285f7b96c9225e53724798216eb08167be5451825a729f36273fbda7fb713b9a1db49025b3cc6a308a98b969ca0a3631c8ffd9
-  data.tar.gz: 4a3fdf8d50681db812a0de37c56d93b03c6bb194a892280cfc9d287612ba7494a1bd777f92b28538b12d978b0a1dc354ca7c82e12fd1707c440643c7215685cb
+  metadata.gz: e4d3af795ee51a5cb807fda2bdffc2217e0150ec2f4ffe51fb86daab6e376ecd240f03f1b204db2a72265ebc61d5a9c227a13924a262bb6cf7011ce9c87df177
+  data.tar.gz: a8977f9bff244978c9c1935e46a411e4e564a86ed51d7523780feab31212857771813190c523f64d5640f13b393ba5f5a3df3ced5729a7ad34df0cdfa3b6014e

data/.semaphore/semaphore.yml

@@ -31,45 +31,19 @@ blocks:
         - name: codecov-workos-ruby
       jobs:
         - name: Ruby 1.9.3
-          commands:
-            - checkout
-            - sem-version ruby 1.9.3-p551
-            - bundle install
-            - bundle exec rspec
-        - name: Ruby 2.0.0
-          commands:
-            - checkout
-            - sem-version ruby 2.0.0-p648
-            - bundle install
-            - bundle exec rspec
-        - name: Ruby 2.3.4
-          commands:
-            - checkout
-            - sem-version ruby 2.3.4
-            - bundle install
-            - bundle exec rspec
-        - name: Ruby 2.5.7
-          commands:
-            - checkout
-            - sem-version ruby 2.5.7
-            - bundle install
-            - bundle exec rspec
-        - name: Ruby 2.6.5
-          commands:
-            - checkout
-            - sem-version ruby 2.6.5
-            - bundle install
-            - bundle exec rspec
-        - name: Ruby 2.7.3
-          commands:
-            - checkout
-            - sem-version ruby 2.7.3
-            - bundle install
-            - bundle exec rspec
-        - name: Ruby 3.0.2
-          commands:
-            - checkout
-            - sem-version ruby 3.0.2
+          matrix:
+            - env_var: RUBY_VERSION
+              values:
+                - 1.9.3-p551
+                - 2.0.0-p648
+                - 2.3.4
+                - 2.5.7
+                - 2.6.5
+                - 2.7.3
+                - 3.0.2
+          commands:
+            - checkout
+            - sem-version ruby $RUBY_VERSION
             - bundle install
             - bundle exec rspec
 promotions:

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (2.1.0)
+    workos (2.2.1)
       sorbet-runtime (~> 0.5)
 
 GEM
@@ -60,7 +60,7 @@ GEM
     simplecov_json_formatter (0.1.2)
     sorbet (0.5.6388)
       sorbet-static (= 0.5.6388)
-    sorbet-runtime (0.5.9300)
+    sorbet-runtime (0.5.9944)
     sorbet-static (0.5.6388-universal-darwin-14)
     sorbet-static (0.5.6388-universal-darwin-15)
     sorbet-static (0.5.6388-universal-darwin-16)

data/README.md

@@ -38,6 +38,10 @@ Or, you may set the key yourself, such as in an initializer in your application
 WorkOS.key = '[your api key]'
 ```
 
+## SDK Versioning
+
+For our SDKs WorkOS follows a Semantic Versioning ([SemVer](https://semver.org/)) process where all releases will have a version X.Y.Z (like 1.0.0) pattern wherein Z would be a bug fix (e.g., 1.0.1), Y would be a minor release (1.1.0) and X would be a major release (2.0.0). We permit any breaking changes to only be released in major versions and strongly recommend reading changelogs before making any major version upgrades.
+
 ## More Information
 
 * [Single Sign-On Guide](https://workos.com/docs/sso/guide)

data/lib/workos/challenge.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+# typed: false
+
+module WorkOS
+  # The Challnge class provides a lightweight wrapper around
+  # a WorkOS DirectoryUser resource. This class is not meant to be instantiated
+  # in DirectoryUser space, and is instantiated internally but exposed.
+  class Challenge
+    include HashProvider
+    extend T::Sig
+
+    attr_accessor :id, :object, :expires_at, :code, :authentication_factor_id, :updated_at, :created_at
+
+    sig { params(json: String).void }
+    def initialize(json)
+      raw = parse_json(json)
+      @id = T.let(raw.id, String)
+      @object = T.let(raw.object, String)
+      @expires_at = raw.expires_at
+      @code = raw.code
+      @authentication_factor_id = T.let(raw.authentication_factor_id, String)
+      @created_at = T.let(raw.created_at, String)
+      @updated_at = T.let(raw.updated_at, String)
+    end
+
+    def to_json(*)
+      {
+        id: id,
+        object: object,
+        expires_at: expires_at,
+        code: code,
+        authentication_factor_id: authentication_factor_id,
+        created_at: created_at,
+        updated_at: updated_at,
+      }
+    end
+
+    private
+
+    sig { params(json_string: String).returns(WorkOS::Types::ChallengeStruct) }
+    def parse_json(json_string)
+      hash = JSON.parse(json_string, symbolize_names: true)
+
+      WorkOS::Types::ChallengeStruct.new(
+        id: hash[:id],
+        object: hash[:object],
+        expires_at: hash[:expires_at],
+        code: hash[:code],
+        authentication_factor_id: hash[:authentication_factor_id],
+        created_at: hash[:created_at],
+        updated_at: hash[:updated_at],
+      )
+    end
+  end
+end

data/lib/workos/client.rb

@@ -144,6 +144,7 @@ module WorkOS
         )
       when 422
         message = json['message']
+        code = json['code']
         errors = extract_error(json['errors']) if json['errors']
         message += " (#{errors})" if errors
 
@@ -151,6 +152,7 @@ module WorkOS
           message: message,
           http_status: http_status,
           request_id: response['x-request-id'],
+          code: code,
         )
       end
     end

data/lib/workos/connection.rb

@@ -7,6 +7,7 @@ module WorkOS
   # in user space, and is instantiated internally but exposed.
   # Note: status is deprecated - use state instead
   class Connection
+    include HashProvider
     extend T::Sig
 
     attr_accessor :id, :name, :connection_type, :domains, :organization_id,

data/lib/workos/deprecated_hash_wrapper.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+module WorkOS
+  # A Temporary wrapper class for a Hash, currently the base class for
+  # WorOS::DirectoryGroup and WorkOS::DirectoryUser. Makes all the Hash
+  # methods available to those classes, but will also emit a deprecation
+  # warning whenever any of them are used.
+  #
+  # Once we deprecate Hash compatibility, this model can be deleted.
+  class DeprecatedHashWrapper < Hash
+    (public_instance_methods - Object.methods).each do |method_name|
+      define_method method_name do |*args, &block|
+        print_deprecation_warning(method_name)
+        super(*args, &block)
+      end
+    end
+
+    # call the original implementation of :replace in Hash,
+    # so we don't show the deprecation warning
+    def replace_without_warning(new_hash)
+      method(:replace).super_method&.call(new_hash)
+    end
+
+    def [](attribute_name)
+      usage = "#{object_name}.#{attribute_name}"
+      warning_message = "WARNING: The Hash style access for #{class_name} attributes is deprecated
+and will be removed in a future version. Please use `#{usage}` or equivalent accessor.\n"
+
+      print_deprecation_warning('[]', warning_message)
+
+      super(attribute_name.to_sym)
+    end
+
+    private
+
+    def deprecation_warning(method_name)
+      usage = "#{object_name}.to_h.#{method_name}"
+
+      "WARNING: Hash compatibility for #{class_name} is deprecated and will be removed
+in a future version. Please use `#{usage}` to access methods on the attribute Hash object.\n"
+    end
+
+    def print_deprecation_warning(method_name, warning_message = deprecation_warning(method_name))
+      if RUBY_VERSION > '3'
+        warn warning_message, category: :deprecated
+      else
+        warn warning_message
+      end
+    end
+
+    def class_name
+      self.class.name
+    end
+
+    # We want to do class_name.demodulize.underscore here, but that's not available in Ruby 1.9, so
+    # implementing the demodulize and underscore methods here.
+    def object_name
+      i = class_name.rindex('::')
+      object_name = i ? class_name[(i + 2)..-1] : class_name
+      underscore(object_name)
+    end
+
+    def underscore(camel_cased_word)
+      return camel_cased_word.to_s unless /[A-Z-]|::/.match?(camel_cased_word)
+
+      word = camel_cased_word.to_s.gsub('::', '/')
+      word.gsub!(/(?:(?<=([A-Za-z\d]))|\b)((?=a)b)(?=\b|[^a-z])/) do
+        "#{Regexp.last_match(1) && '_'}#{Regexp.last_match(2).downcase}"
+      end
+      word.gsub!(/([A-Z]+)(?=[A-Z][a-z])|([a-z\d])(?=[A-Z])/) { (Regexp.last_match(1) || Regexp.last_match(2)) << '_' }
+      word.tr!('-', '_')
+      word.downcase!
+      word
+    end
+  end
+end

data/lib/workos/directory.rb

@@ -6,6 +6,7 @@ module WorkOS
   # a WorkOS Directory resource. This class is not meant to be instantiated
   # in user space, and is instantiated internally but exposed.
   class Directory
+    include HashProvider
     extend T::Sig
 
     attr_accessor :id, :domain, :name, :type, :state, :organization_id, :created_at, :updated_at

data/lib/workos/directory_group.rb

@@ -5,10 +5,11 @@ module WorkOS
   # The DirectoryGroup class provides a lightweight wrapper around
   # a WorkOS DirectoryGroup resource. This class is not meant to be instantiated
   # in user space, and is instantiated internally but exposed.
-  class DirectoryGroup
+  class DirectoryGroup < DeprecatedHashWrapper
+    include HashProvider
     extend T::Sig
 
-    attr_accessor :id, :name
+    attr_accessor :id, :name, :custom_attributes, :raw_attributes
 
     sig { params(json: String).void }
     def initialize(json)
@@ -16,6 +17,8 @@ module WorkOS
 
       @id = T.let(raw.id, String)
       @name = T.let(raw.name, String)
+
+      replace_without_warning(to_json)
     end
 
     def to_json(*)

data/lib/workos/directory_sync.rb

@@ -26,6 +26,7 @@ module WorkOS
       #  before a provided Directory ID.
       # @option options [String] after Pagination cursor to receive records
       #  before a provided Directory ID.
+      # @option options [String] organization_id The ID for an Organization configured on WorkOS.
       #
       # @return [Hash]
       sig do
@@ -95,7 +96,7 @@ module WorkOS
       # @option options [String] after Pagination cursor to receive records
       #  before a provided Directory Group ID.
       #
-      # @return [Hash]
+      # @return [WorkOS::DirectoryGroup]
       sig do
         params(
           options: T::Hash[Symbol, String],
@@ -134,7 +135,7 @@ module WorkOS
       # @option options [String] after Pagination cursor to receive records
       #  before a provided Directory User ID.
       #
-      # @return [Hash]
+      # @return [WorkOS::DirectoryUser]
       sig do
         params(
           options: T::Hash[Symbol, String],
@@ -164,8 +165,8 @@ module WorkOS
       #
       # @param [String] id The ID of the directory group.
       #
-      # @return Hash
-      sig { params(id: String).returns(T::Hash[String, T.untyped]) }
+      # @return WorkOS::DirectoryGroup
+      sig { params(id: String).returns(WorkOS::DirectoryGroup) }
       def get_group(id)
         response = execute_request(
           request: get_request(
@@ -174,15 +175,15 @@ module WorkOS
           ),
         )
 
-        JSON.parse(response.body)
+        ::WorkOS::DirectoryGroup.new(response.body)
       end
 
       # Retrieve the directory user with the given ID.
       #
       # @param [String] id The ID of the directory user.
       #
-      # @return Hash
-      sig { params(id: String).returns(T::Hash[String, T.untyped]) }
+      # @return WorkOS::DirectoryUser
+      sig { params(id: String).returns(WorkOS::DirectoryUser) }
       def get_user(id)
         response = execute_request(
           request: get_request(
@@ -191,7 +192,7 @@ module WorkOS
           ),
         )
 
-        JSON.parse(response.body)
+        ::WorkOS::DirectoryUser.new(response.body)
       end
 
       # Delete the directory with the given ID.

data/lib/workos/directory_user.rb

@@ -5,7 +5,8 @@ module WorkOS
   # The DirectoryUser class provides a lightweight wrapper around
   # a WorkOS DirectoryUser resource. This class is not meant to be instantiated
   # in DirectoryUser space, and is instantiated internally but exposed.
-  class DirectoryUser
+  class DirectoryUser < DeprecatedHashWrapper
+    include HashProvider
     extend T::Sig
 
     attr_accessor :id, :idp_id, :emails, :first_name, :last_name, :username, :state,
@@ -26,6 +27,8 @@ module WorkOS
       @groups = T.let(raw.groups, Array)
       @custom_attributes = raw.custom_attributes
       @raw_attributes = raw.raw_attributes
+
+      replace_without_warning(to_json)
     end
     # rubocop:enable Metrics/AbcSize
 

data/lib/workos/errors.rb

@@ -17,14 +17,16 @@ module WorkOS
         error_description: T.nilable(String),
         http_status: T.nilable(Integer),
         request_id: T.nilable(String),
+        code: T.nilable(String),
       ).void
     end
-    def initialize(message: nil, error: nil, error_description: nil, http_status: nil, request_id: nil)
+    def initialize(message: nil, error: nil, error_description: nil, http_status: nil, request_id: nil, code: nil)
       @message = message
       @error = error
       @error_description = error_description
       @http_status = http_status
       @request_id = request_id
+      @code = code
     end
 
     sig { returns(String) }

data/lib/workos/factor.rb

@@ -0,0 +1,59 @@
+# frozen_string_literal: true
+# typed: false
+
+module WorkOS
+  # The Factor class provides a lightweight wrapper around
+  # a WorkOS DirectoryUser resource. This class is not meant to be instantiated
+  # in DirectoryUser space, and is instantiated internally but exposed.
+  class Factor
+    include HashProvider
+    # rubocop:disable Metrics/AbcSize
+    extend T::Sig
+    attr_accessor :id, :environment_id, :object, :type, :sms, :totp, :updated_at, :created_at
+
+    sig { params(json: String).void }
+    def initialize(json)
+      raw = parse_json(json)
+      @id = T.let(raw.id, String)
+      @environment_id = T.let(raw.environment_id, String)
+      @object = T.let(raw.object, String)
+      @type = T.let(raw.type, String)
+      @created_at = T.let(raw.created_at, String)
+      @updated_at = T.let(raw.updated_at, String)
+      @totp = raw.totp
+      @sms = raw.sms
+    end
+
+    def to_json(*)
+      {
+        id: id,
+        environment_id: environment_id,
+        object: object,
+        type: type,
+        totp: totp,
+        sms: sms,
+        created_at: created_at,
+        updated_at: updated_at,
+      }
+    end
+
+    private
+
+    sig { params(json_string: String).returns(WorkOS::Types::FactorStruct) }
+    def parse_json(json_string)
+      hash = JSON.parse(json_string, symbolize_names: true)
+
+      WorkOS::Types::FactorStruct.new(
+        id: hash[:id],
+        environment_id: hash[:environment_id],
+        object: hash[:object],
+        type: hash[:type],
+        totp: hash[:totp],
+        sms: hash[:sms],
+        created_at: hash[:created_at],
+        updated_at: hash[:updated_at],
+      )
+    end
+    # rubocop:enable Metrics/AbcSize
+  end
+end

data/lib/workos/hash_provider.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+# typed: true
+
+module WorkOS
+  # Module to include an explicit method for converting a model into a Hash containing
+  # its attributes. Default implementation will simply call to_json. Individual classes
+  # may override.
+  module HashProvider
+    include Kernel
+
+    def to_json(*)
+      raise 'Must be implemented by including class.'
+    end
+
+    def to_h
+      to_json
+    end
+  end
+end

data/lib/workos/mfa.rb

@@ -0,0 +1,165 @@
+# frozen_string_literal: true
+# typed: true
+
+
+require 'net/http'
+require 'uri'
+
+module WorkOS
+  # The MFA module provides convenience methods for working with the WorkOS
+  # MFA platform. You'll need a valid API key
+  module MFA
+    class << self
+      extend T::Sig
+      include Base
+      include Client
+      sig { params(id: String).returns(T::Boolean) }
+      def delete_factor(id:)
+        response = execute_request(
+          request: delete_request(
+            path: "/auth/factors/#{id}",
+            auth: true,
+          ),
+        )
+        response.is_a? Net::HTTPSuccess
+      end
+
+      sig do
+        params(id: String).returns(WorkOS::Factor)
+      end
+      def get_factor(
+        id:
+      )
+        response = execute_request(
+          request: get_request(
+            path: "/auth/factors/#{id}",
+            auth: true,
+          ),
+        )
+        WorkOS::Factor.new(response.body)
+      end
+
+      sig do
+        params(
+          type: String,
+          totp_issuer: T.nilable(String),
+          totp_user: T.nilable(String),
+          phone_number: T.nilable(String),
+        ).void
+      end
+      # rubocop:disable Metrics/CyclomaticComplexity
+      # rubocop:disable Metrics/PerceivedComplexity
+
+      def validate_args(
+        type:,
+        totp_issuer: nil,
+        totp_user: nil,
+        phone_number: nil
+      )
+        if type != 'sms' && type != 'totp' && type != 'generic_otp'
+          raise ArgumentError, "Type argument must be either 'sms' or 'totp'"
+        end
+        if (type == 'totp' && totp_issuer.nil?) || (type == 'totp' && totp_user.nil?)
+          raise ArgumentError, 'Incomplete arguments. Need to specify both totp_issuer and totp_user when type is totp'
+        end
+        return unless type == 'sms' && phone_number.nil?
+
+        raise ArgumentError, 'Incomplete arguments. Need to specify phone_number when type is sms'
+      end
+      # rubocop:enable Metrics/CyclomaticComplexity
+      # rubocop:enable Metrics/PerceivedComplexity
+
+      sig do
+        params(
+          type: String,
+          totp_issuer: T.nilable(String),
+          totp_user: T.nilable(String),
+          phone_number: T.nilable(String),
+        ).returns(WorkOS::Factor)
+      end
+      # rubocop:disable Metrics/MethodLength
+      def enroll_factor(
+        type:,
+        totp_issuer: nil,
+        totp_user: nil,
+        phone_number: nil
+      )
+        validate_args(
+          type: type,
+          totp_issuer: totp_issuer,
+          totp_user: totp_user,
+          phone_number: phone_number,
+        )
+        response = execute_request(request: post_request(
+          auth: true,
+          body: {
+            type: type,
+            totp_issuer: totp_issuer,
+            totp_user: totp_user,
+            phone_number: phone_number,
+          },
+          path: '/auth/factors/enroll',
+        ))
+        WorkOS::Factor.new(response.body)
+      end
+      # rubocop:enable Metrics/MethodLength
+
+      sig do
+        params(
+          authentication_factor_id: T.nilable(String),
+          sms_template: T.nilable(String),
+        ).returns(WorkOS::Challenge)
+      end
+      def challenge_factor(
+        authentication_factor_id: nil,
+        sms_template: nil
+      )
+        if authentication_factor_id.nil?
+          raise ArgumentError, "Incomplete arguments: 'authentication_factor_id' is a required argument"
+        end
+
+        request = post_request(
+          auth: true,
+          body: {
+            sms_template: sms_template,
+            authentication_factor_id: authentication_factor_id,
+          },
+          path: '/auth/factors/challenge',
+        )
+
+        response = execute_request(request: request)
+        WorkOS::Challenge.new(response.body)
+      end
+
+      sig do
+        params(
+          authentication_challenge_id: T.nilable(String),
+          code: T.nilable(String),
+        ).returns(WorkOS::VerifyFactor)
+      end
+      def verify_factor(
+        authentication_challenge_id: nil,
+        code: nil
+      )
+
+        if authentication_challenge_id.nil? || code.nil?
+          raise ArgumentError, "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments"
+        end
+
+        options = {
+          "authentication_challenge_id": authentication_challenge_id,
+          "code": code,
+        }
+
+        response = execute_request(
+          request: post_request(
+            path: '/auth/factors/verify',
+            auth: true,
+            body: options,
+          ),
+        )
+        WorkOS::VerifyFactor.new(response.body)
+      end
+    end
+  end
+end

data/lib/workos/organization.rb

@@ -6,6 +6,7 @@ module WorkOS
   # a WorkOS Organization resource. This class is not meant to be instantiated
   # in user space, and is instantiated internally but exposed.
   class Organization
+    include HashProvider
     extend T::Sig
 
     attr_accessor :id, :domains, :name, :allow_profiles_outside_organization, :created_at, :updated_at

data/lib/workos/profile.rb

@@ -8,6 +8,7 @@ module WorkOS
   # is not meant to be instantiated in user space, and
   # is instantiated internally but exposed.
   class Profile
+    include HashProvider
     extend T::Sig
 
     sig { returns(String) }

data/lib/workos/profile_and_token.rb

@@ -6,6 +6,7 @@ module WorkOS
   # Access Token. This class is not meant to be instantiated in user space, and
   # is instantiated internally but exposed.
   class ProfileAndToken
+    include HashProvider
     extend T::Sig
 
     attr_accessor :access_token, :profile

data/lib/workos/types/challenge_struct.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+# typed: strict
+
+module WorkOS
+  module Types
+    # This ChallgengeStruct acts as a typed interface
+    # for the Factor class
+    class ChallengeStruct < T::Struct
+      const :id, String
+      const :object, String
+      const :expires_at, T.nilable(String)
+      const :code, T.nilable(String)
+      const :authentication_factor_id, String
+      const :created_at, String
+      const :updated_at, String
+    end
+  end
+end