workos 2.1.1 → 2.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.semaphore/semaphore.yml +13 -39
- data/Gemfile.lock +2 -2
- data/README.md +4 -0
- data/lib/workos/challenge.rb +54 -0
- data/lib/workos/client.rb +2 -0
- data/lib/workos/directory_sync.rb +1 -0
- data/lib/workos/errors.rb +3 -1
- data/lib/workos/factor.rb +58 -0
- data/lib/workos/mfa.rb +165 -0
- data/lib/workos/types/challenge_struct.rb +18 -0
- data/lib/workos/types/factor_struct.rb +19 -0
- data/lib/workos/types/verify_factor_struct.rb +15 -0
- data/lib/workos/types.rb +3 -0
- data/lib/workos/verify_factor.rb +39 -0
- data/lib/workos/version.rb +1 -1
- data/lib/workos/webhooks.rb +1 -1
- data/lib/workos.rb +5 -0
- data/spec/lib/workos/mfa_spec.rb +232 -0
- data/spec/lib/workos/sso_spec.rb +0 -2
- data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_generic_valid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_sms_valid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_totp_valid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/delete_factor.yml +80 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_generic_valid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_sms_valid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/enroll_factor_totp_valid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/get_factor_invalid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/get_factor_valid.yml +82 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_expired.yml +84 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_invalid.yml +84 -0
- data/spec/support/fixtures/vcr_cassettes/mfa/verify_factor_generic_valid.yml +82 -0
- metadata +36 -3
@@ -0,0 +1,232 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
# typed: false
|
3
|
+
|
4
|
+
describe WorkOS::MFA do
|
5
|
+
it_behaves_like 'client'
|
6
|
+
describe 'enroll_factor valid requests' do
|
7
|
+
context 'enroll factor using valid generic argument' do
|
8
|
+
it 'returns a valid factor object' do
|
9
|
+
VCR.use_cassette 'mfa/enroll_factor_generic_valid' do
|
10
|
+
factor = described_class.enroll_factor(
|
11
|
+
type: 'generic_otp',
|
12
|
+
)
|
13
|
+
expect(factor.type == 'generic_otp')
|
14
|
+
end
|
15
|
+
end
|
16
|
+
end
|
17
|
+
context 'enroll factor using valid totp arguments' do
|
18
|
+
it 'returns a valid factor object' do
|
19
|
+
VCR.use_cassette 'mfa/enroll_factor_totp_valid' do
|
20
|
+
factor = described_class.enroll_factor(
|
21
|
+
type: 'totp',
|
22
|
+
totp_issuer: 'WorkOS',
|
23
|
+
totp_user: 'some_user',
|
24
|
+
)
|
25
|
+
expect(factor.totp.instance_of?(Hash))
|
26
|
+
end
|
27
|
+
end
|
28
|
+
end
|
29
|
+
context 'enroll factor using valid sms arguments' do
|
30
|
+
it 'returns a valid factor object' do
|
31
|
+
VCR.use_cassette 'mfa/enroll_factor_sms_valid' do
|
32
|
+
factor = described_class.enroll_factor(
|
33
|
+
type: 'sms',
|
34
|
+
phone_number: '55555555555',
|
35
|
+
)
|
36
|
+
expect(factor.sms.instance_of?(Hash))
|
37
|
+
end
|
38
|
+
end
|
39
|
+
end
|
40
|
+
end
|
41
|
+
describe 'enroll_factor invalid responses' do
|
42
|
+
context 'enroll factor throws error if type is not sms or totp' do
|
43
|
+
it 'returns an error' do
|
44
|
+
expect do
|
45
|
+
described_class.enroll_factor(
|
46
|
+
type: 'invalid',
|
47
|
+
phone_number: '+15005550006',
|
48
|
+
)
|
49
|
+
end.to raise_error(
|
50
|
+
ArgumentError,
|
51
|
+
"Type argument must be either 'sms' or 'totp'",
|
52
|
+
)
|
53
|
+
end
|
54
|
+
end
|
55
|
+
context 'enroll factor throws error if type is not sms or totp' do
|
56
|
+
it 'returns an error' do
|
57
|
+
expect do
|
58
|
+
described_class.enroll_factor(
|
59
|
+
type: 'totp',
|
60
|
+
totp_issuer: 'WorkOS',
|
61
|
+
)
|
62
|
+
end.to raise_error(
|
63
|
+
ArgumentError,
|
64
|
+
'Incomplete arguments. Need to specify both totp_issuer and totp_user when type is totp',
|
65
|
+
)
|
66
|
+
end
|
67
|
+
end
|
68
|
+
context 'enroll factor throws error if type sms and phone number is nil' do
|
69
|
+
it 'returns an error' do
|
70
|
+
expect do
|
71
|
+
described_class.enroll_factor(
|
72
|
+
type: 'sms',
|
73
|
+
)
|
74
|
+
end.to raise_error(
|
75
|
+
ArgumentError,
|
76
|
+
'Incomplete arguments. Need to specify phone_number when type is sms',
|
77
|
+
)
|
78
|
+
end
|
79
|
+
end
|
80
|
+
end
|
81
|
+
describe 'challenge factor with valid request arguments' do
|
82
|
+
context 'challenge with totp' do
|
83
|
+
it 'returns challenge factor object for totp' do
|
84
|
+
VCR.use_cassette 'mfa/challenge_factor_totp_valid' do
|
85
|
+
challenge_factor = described_class.challenge_factor(
|
86
|
+
authentication_factor_id: 'auth_factor_01FZ4TS0MWPZR7GATS7KCXANQZ',
|
87
|
+
)
|
88
|
+
expect(challenge_factor.authentication_factor_id.class.instance_of?(String))
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|
92
|
+
context 'challenge with sms' do
|
93
|
+
it 'returns a challenge factor object for sms' do
|
94
|
+
VCR.use_cassette 'mfa/challenge_factor_sms_valid' do
|
95
|
+
challenge_factor = described_class.challenge_factor(
|
96
|
+
authentication_factor_id: 'auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F',
|
97
|
+
sms_template: 'Your code is {{code}}',
|
98
|
+
)
|
99
|
+
expect(challenge_factor.authentication_factor_id.instance_of?(String))
|
100
|
+
end
|
101
|
+
end
|
102
|
+
end
|
103
|
+
context 'challenge with generic' do
|
104
|
+
it 'returns a valid challenge factor object for generic otp' do
|
105
|
+
VCR.use_cassette 'mfa/challenge_factor_generic_valid' do
|
106
|
+
challenge_factor = described_class.challenge_factor(
|
107
|
+
authentication_factor_id: 'auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M',
|
108
|
+
)
|
109
|
+
expect(challenge_factor.code.instance_of?(String))
|
110
|
+
end
|
111
|
+
end
|
112
|
+
end
|
113
|
+
end
|
114
|
+
describe 'challenge factor with invalid arguments' do
|
115
|
+
context 'challenge with totp mssing authentication_factor_id' do
|
116
|
+
it 'returns argument error' do
|
117
|
+
expect do
|
118
|
+
described_class.challenge_factor
|
119
|
+
end.to raise_error(
|
120
|
+
ArgumentError,
|
121
|
+
"Incomplete arguments: 'authentication_factor_id' is a required argument",
|
122
|
+
)
|
123
|
+
end
|
124
|
+
end
|
125
|
+
end
|
126
|
+
describe 'challenge factor with valid requests' do
|
127
|
+
context 'verify generic otp' do
|
128
|
+
it 'returns a true boolean if the challenge has not been verifed yet' do
|
129
|
+
VCR.use_cassette 'mfa/verify_factor_generic_valid' do
|
130
|
+
verify_factor = described_class.verify_factor(
|
131
|
+
authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
|
132
|
+
code: '897792',
|
133
|
+
)
|
134
|
+
expect(verify_factor.valid == 'true')
|
135
|
+
end
|
136
|
+
end
|
137
|
+
end
|
138
|
+
context 'verify generic otp' do
|
139
|
+
it 'returns error that the challenge has already been verfied' do
|
140
|
+
VCR.use_cassette 'mfa/verify_factor_generic_invalid' do
|
141
|
+
expect do
|
142
|
+
described_class.verify_factor(
|
143
|
+
authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
|
144
|
+
code: '897792',
|
145
|
+
)
|
146
|
+
end.to raise_error(WorkOS::InvalidRequestError)
|
147
|
+
end
|
148
|
+
end
|
149
|
+
context 'verify generic otp' do
|
150
|
+
it 'returns error that the challenge has expired' do
|
151
|
+
VCR.use_cassette 'mfa/verify_factor_generic_expired' do
|
152
|
+
expect do
|
153
|
+
described_class.verify_factor(
|
154
|
+
authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
|
155
|
+
code: '897792',
|
156
|
+
)
|
157
|
+
end.to raise_error(WorkOS::InvalidRequestError)
|
158
|
+
end
|
159
|
+
end
|
160
|
+
end
|
161
|
+
end
|
162
|
+
end
|
163
|
+
describe 'verify_factor with invalid argument' do
|
164
|
+
context 'missing code argument' do
|
165
|
+
it 'returns argument error' do
|
166
|
+
expect do
|
167
|
+
described_class.verify_factor(
|
168
|
+
authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
|
169
|
+
)
|
170
|
+
end.to raise_error(
|
171
|
+
ArgumentError,
|
172
|
+
"Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
|
173
|
+
)
|
174
|
+
end
|
175
|
+
end
|
176
|
+
context 'missing authentication_challenge_id argument' do
|
177
|
+
it '' do
|
178
|
+
expect do
|
179
|
+
described_class.verify_factor(
|
180
|
+
code: '897792',
|
181
|
+
)
|
182
|
+
end.to raise_error(
|
183
|
+
ArgumentError,
|
184
|
+
"Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
|
185
|
+
)
|
186
|
+
end
|
187
|
+
end
|
188
|
+
context 'missing code and authentication_challenge_id arguments' do
|
189
|
+
it 'returns argument error' do
|
190
|
+
expect do
|
191
|
+
described_class.verify_factor
|
192
|
+
end.to raise_error(
|
193
|
+
ArgumentError,
|
194
|
+
"Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
|
195
|
+
)
|
196
|
+
end
|
197
|
+
end
|
198
|
+
end
|
199
|
+
describe 'tests returning and deleting a factor' do
|
200
|
+
context 'returns a factor' do
|
201
|
+
it 'uses get_factor to return factor' do
|
202
|
+
VCR.use_cassette 'mfa/get_factor_valid' do
|
203
|
+
factor = described_class.get_factor(
|
204
|
+
id: 'auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M',
|
205
|
+
)
|
206
|
+
expect(factor.id.instance_of?(String))
|
207
|
+
end
|
208
|
+
end
|
209
|
+
end
|
210
|
+
context 'invalid factor request' do
|
211
|
+
it 'uses get_factor and throws error if id is wrong' do
|
212
|
+
VCR.use_cassette 'mfa/get_factor_invalid' do
|
213
|
+
expect do
|
214
|
+
described_class.get_factor(
|
215
|
+
id: 'auth_factor_invalid',
|
216
|
+
)
|
217
|
+
end.to raise_error(WorkOS::APIError)
|
218
|
+
end
|
219
|
+
end
|
220
|
+
end
|
221
|
+
context 'deletes facotr' do
|
222
|
+
it 'uses delete_factor to delete factor' do
|
223
|
+
VCR.use_cassette 'mfa/delete_factor' do
|
224
|
+
response = described_class.delete_factor(
|
225
|
+
id: 'auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M',
|
226
|
+
)
|
227
|
+
expect(response).to be(true)
|
228
|
+
end
|
229
|
+
end
|
230
|
+
end
|
231
|
+
end
|
232
|
+
end
|
data/spec/lib/workos/sso_spec.rb
CHANGED
@@ -20,7 +20,6 @@ describe WorkOS::SSO do
|
|
20
20
|
end
|
21
21
|
it 'returns a valid URL' do
|
22
22
|
authorization_url = described_class.authorization_url(**args)
|
23
|
-
|
24
23
|
expect(URI.parse(authorization_url)).to be_a URI
|
25
24
|
end
|
26
25
|
|
@@ -315,7 +314,6 @@ describe WorkOS::SSO do
|
|
315
314
|
verified_email: true,
|
316
315
|
},
|
317
316
|
}
|
318
|
-
|
319
317
|
expect(profile.to_json).to eq(expectation)
|
320
318
|
end
|
321
319
|
end
|
@@ -0,0 +1,82 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: post
|
5
|
+
uri: https://api.workos.com/auth/factors/challenge
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"sms_template":null,"authentication_factor_id":"auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M"}'
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.2; arm64-darwin21; v2.1.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 201
|
23
|
+
message: Created
|
24
|
+
headers:
|
25
|
+
Date:
|
26
|
+
- Sun, 27 Mar 2022 05:15:26 GMT
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
|
+
Content-Length:
|
30
|
+
- '290'
|
31
|
+
Connection:
|
32
|
+
- keep-alive
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
Vary:
|
56
|
+
- Origin, Accept-Encoding
|
57
|
+
Access-Control-Allow-Credentials:
|
58
|
+
- 'true'
|
59
|
+
X-Request-Id:
|
60
|
+
- 6f320a1f-92d8-496c-9c30-69355787d21e
|
61
|
+
Etag:
|
62
|
+
- W/"122-QtSiaXex7UKEyydEC3oPpuHzGNw"
|
63
|
+
Via:
|
64
|
+
- 1.1 vegur
|
65
|
+
Cf-Cache-Status:
|
66
|
+
- DYNAMIC
|
67
|
+
Report-To:
|
68
|
+
- '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2kePZ4Q7kGQ1by5iXZxRevmSkQq4vTbW1vXTqFev99eLBrrfEHOLK2%2FE0ItWB2GAKoQvhPBk3rhS%2FKg0rtK3ZH4DGTf%2FEQKGFPT6BxtCqQE2L%2ByfEv1AgU152ZwIBPVYjQ%3D%3D"}],"group":"cf-nel","max_age":604800}'
|
69
|
+
Nel:
|
70
|
+
- '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
|
71
|
+
Server:
|
72
|
+
- cloudflare
|
73
|
+
Cf-Ray:
|
74
|
+
- 6f25a5f0dddf088d-SEA
|
75
|
+
Alt-Svc:
|
76
|
+
- h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
77
|
+
body:
|
78
|
+
encoding: UTF-8
|
79
|
+
string: '{"object":"authentication_challenge","id":"auth_challenge_01FZ4WSWV2SCEDX3GKY1NA9YTN","created_at":"2022-03-27T05:15:26.432Z","updated_at":"2022-03-27T05:15:26.432Z","expires_at":"2022-03-27T05:25:26.434Z","code":"541295","authentication_factor_id":"auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M"}'
|
80
|
+
http_version:
|
81
|
+
recorded_at: Sun, 27 Mar 2022 05:15:26 GMT
|
82
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,82 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: post
|
5
|
+
uri: https://api.workos.com/auth/factors/challenge
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"sms_template":"Your code is {{code}}","authentication_factor_id":"auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F"}'
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.2; arm64-darwin21; v2.1.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 201
|
23
|
+
message: Created
|
24
|
+
headers:
|
25
|
+
Date:
|
26
|
+
- Sun, 27 Mar 2022 05:03:26 GMT
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
|
+
Content-Length:
|
30
|
+
- '274'
|
31
|
+
Connection:
|
32
|
+
- keep-alive
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
Vary:
|
56
|
+
- Origin, Accept-Encoding
|
57
|
+
Access-Control-Allow-Credentials:
|
58
|
+
- 'true'
|
59
|
+
X-Request-Id:
|
60
|
+
- b9c66c87-adf4-4a9a-854f-d838f966ea5c
|
61
|
+
Etag:
|
62
|
+
- W/"112-VpD9nscbxE6VOcsJlK2RHEzlq3s"
|
63
|
+
Via:
|
64
|
+
- 1.1 vegur
|
65
|
+
Cf-Cache-Status:
|
66
|
+
- DYNAMIC
|
67
|
+
Report-To:
|
68
|
+
- '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNaSbl1oXtixmxb7lJOn7tDKzD0mN8jSFHJmTsZfD6YTlSGeMrdBgfi3LUFeDv1ldKcdNe5eZ%2BkRrVM986RUizGOhL2xzdl2AkJEdudIRaaJCMdWbjQDmGLbC4OPFajMIA%3D%3D"}],"group":"cf-nel","max_age":604800}'
|
69
|
+
Nel:
|
70
|
+
- '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
|
71
|
+
Server:
|
72
|
+
- cloudflare
|
73
|
+
Cf-Ray:
|
74
|
+
- 6f25945b9ee639b4-SEA
|
75
|
+
Alt-Svc:
|
76
|
+
- h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
77
|
+
body:
|
78
|
+
encoding: UTF-8
|
79
|
+
string: '{"object":"authentication_challenge","id":"auth_challenge_01FZ4W3XG1VD8ZD5TXSYQMFMSR","created_at":"2022-03-27T05:03:26.203Z","updated_at":"2022-03-27T05:03:26.203Z","expires_at":"2022-03-27T05:13:26.204Z","authentication_factor_id":"auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F"}'
|
80
|
+
http_version:
|
81
|
+
recorded_at: Sun, 27 Mar 2022 05:03:26 GMT
|
82
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,82 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: post
|
5
|
+
uri: https://api.workos.com/auth/factors/challenge
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"sms_template":null,"authentication_factor_id":"auth_factor_01FZ4TS0MWPZR7GATS7KCXANQZ"}'
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.2; arm64-darwin21; v2.1.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 201
|
23
|
+
message: Created
|
24
|
+
headers:
|
25
|
+
Date:
|
26
|
+
- Sun, 27 Mar 2022 05:03:25 GMT
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
|
+
Content-Length:
|
30
|
+
- '234'
|
31
|
+
Connection:
|
32
|
+
- keep-alive
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
Vary:
|
56
|
+
- Origin, Accept-Encoding
|
57
|
+
Access-Control-Allow-Credentials:
|
58
|
+
- 'true'
|
59
|
+
X-Request-Id:
|
60
|
+
- f04282d0-e78a-42f8-9403-23cebbb4bb66
|
61
|
+
Etag:
|
62
|
+
- W/"ea-SVZUKXJpb27hGw8Q2jIf8W5kZA8"
|
63
|
+
Via:
|
64
|
+
- 1.1 vegur
|
65
|
+
Cf-Cache-Status:
|
66
|
+
- DYNAMIC
|
67
|
+
Report-To:
|
68
|
+
- '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yZfS4xxk1lbY3jrk5QxKFnwdRyRdSajEVp0nlEAoJsESmp40wQP7kosvTWU4dHccBOuEaTIEvPHXVd5buOQbKDmOhuHmVNM89nsd3ukSicS%2BhcutdMpwnTNO5xgqErdEzA%3D%3D"}],"group":"cf-nel","max_age":604800}'
|
69
|
+
Nel:
|
70
|
+
- '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
|
71
|
+
Server:
|
72
|
+
- cloudflare
|
73
|
+
Cf-Ray:
|
74
|
+
- 6f2594595b62e46e-SEA
|
75
|
+
Alt-Svc:
|
76
|
+
- h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
77
|
+
body:
|
78
|
+
encoding: UTF-8
|
79
|
+
string: '{"object":"authentication_challenge","id":"auth_challenge_01FZ4W3X566NPKJRNB85KHF74F","created_at":"2022-03-27T05:03:25.859Z","updated_at":"2022-03-27T05:03:25.859Z","authentication_factor_id":"auth_factor_01FZ4TS0MWPZR7GATS7KCXANQZ"}'
|
80
|
+
http_version:
|
81
|
+
recorded_at: Sun, 27 Mar 2022 05:03:25 GMT
|
82
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,80 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: delete
|
5
|
+
uri: https://api.workos.com/auth/factors/auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M
|
6
|
+
body:
|
7
|
+
encoding: US-ASCII
|
8
|
+
string: ''
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.2; arm64-darwin21; v2.1.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 204
|
23
|
+
message: No Content
|
24
|
+
headers:
|
25
|
+
Date:
|
26
|
+
- Sun, 27 Mar 2022 19:18:03 GMT
|
27
|
+
Content-Length:
|
28
|
+
- '0'
|
29
|
+
Connection:
|
30
|
+
- keep-alive
|
31
|
+
Content-Security-Policy:
|
32
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
33
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
34
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
35
|
+
X-Dns-Prefetch-Control:
|
36
|
+
- 'off'
|
37
|
+
Expect-Ct:
|
38
|
+
- max-age=0
|
39
|
+
X-Frame-Options:
|
40
|
+
- SAMEORIGIN
|
41
|
+
Strict-Transport-Security:
|
42
|
+
- max-age=15552000; includeSubDomains
|
43
|
+
X-Download-Options:
|
44
|
+
- noopen
|
45
|
+
X-Content-Type-Options:
|
46
|
+
- nosniff
|
47
|
+
X-Permitted-Cross-Domain-Policies:
|
48
|
+
- none
|
49
|
+
Referrer-Policy:
|
50
|
+
- no-referrer
|
51
|
+
X-Xss-Protection:
|
52
|
+
- '0'
|
53
|
+
Vary:
|
54
|
+
- Origin
|
55
|
+
Access-Control-Allow-Credentials:
|
56
|
+
- 'true'
|
57
|
+
X-Request-Id:
|
58
|
+
- 80c43068-a8f1-4132-9cb8-43375017ed5d
|
59
|
+
Etag:
|
60
|
+
- W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
|
61
|
+
Via:
|
62
|
+
- 1.1 vegur
|
63
|
+
Cf-Cache-Status:
|
64
|
+
- DYNAMIC
|
65
|
+
Report-To:
|
66
|
+
- '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQ3mj7g%2Bn7W16dxobD%2FNQjo7xvTl1Huh7T%2BF0Jgnk6p%2FFLlz%2BB3monRxzeVDU8oG2%2Ff81D40WjwV2e1YNqLivRnaSIB9u19O2gLXlatMVa9tjYA6XsvSIipvvmbUDPvYjQ%3D%3D"}],"group":"cf-nel","max_age":604800}'
|
67
|
+
Nel:
|
68
|
+
- '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
|
69
|
+
Server:
|
70
|
+
- cloudflare
|
71
|
+
Cf-Ray:
|
72
|
+
- 6f2a78410ca0609b-SEA
|
73
|
+
Alt-Svc:
|
74
|
+
- h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
75
|
+
body:
|
76
|
+
encoding: UTF-8
|
77
|
+
string: ''
|
78
|
+
http_version:
|
79
|
+
recorded_at: Sun, 27 Mar 2022 19:18:03 GMT
|
80
|
+
recorded_with: VCR 5.0.0
|
@@ -0,0 +1,82 @@
|
|
1
|
+
---
|
2
|
+
http_interactions:
|
3
|
+
- request:
|
4
|
+
method: post
|
5
|
+
uri: https://api.workos.com/auth/factors/enroll
|
6
|
+
body:
|
7
|
+
encoding: UTF-8
|
8
|
+
string: '{"type":"generic_otp","totp_issuer":null,"totp_user":null,"phone_number":null}'
|
9
|
+
headers:
|
10
|
+
Content-Type:
|
11
|
+
- application/json
|
12
|
+
Accept-Encoding:
|
13
|
+
- gzip;q=1.0,deflate;q=0.6,identity;q=0.3
|
14
|
+
Accept:
|
15
|
+
- "*/*"
|
16
|
+
User-Agent:
|
17
|
+
- WorkOS; ruby/3.0.2; arm64-darwin21; v2.1.1
|
18
|
+
Authorization:
|
19
|
+
- Bearer <API_KEY>
|
20
|
+
response:
|
21
|
+
status:
|
22
|
+
code: 201
|
23
|
+
message: Created
|
24
|
+
headers:
|
25
|
+
Date:
|
26
|
+
- Sun, 27 Mar 2022 05:12:43 GMT
|
27
|
+
Content-Type:
|
28
|
+
- application/json; charset=utf-8
|
29
|
+
Content-Length:
|
30
|
+
- '239'
|
31
|
+
Connection:
|
32
|
+
- keep-alive
|
33
|
+
Content-Security-Policy:
|
34
|
+
- 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
|
35
|
+
https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
|
36
|
+
''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
|
37
|
+
X-Dns-Prefetch-Control:
|
38
|
+
- 'off'
|
39
|
+
Expect-Ct:
|
40
|
+
- max-age=0
|
41
|
+
X-Frame-Options:
|
42
|
+
- SAMEORIGIN
|
43
|
+
Strict-Transport-Security:
|
44
|
+
- max-age=15552000; includeSubDomains
|
45
|
+
X-Download-Options:
|
46
|
+
- noopen
|
47
|
+
X-Content-Type-Options:
|
48
|
+
- nosniff
|
49
|
+
X-Permitted-Cross-Domain-Policies:
|
50
|
+
- none
|
51
|
+
Referrer-Policy:
|
52
|
+
- no-referrer
|
53
|
+
X-Xss-Protection:
|
54
|
+
- '0'
|
55
|
+
Vary:
|
56
|
+
- Origin, Accept-Encoding
|
57
|
+
Access-Control-Allow-Credentials:
|
58
|
+
- 'true'
|
59
|
+
X-Request-Id:
|
60
|
+
- bd24abb9-3aa1-4106-8d6a-df425ff1d209
|
61
|
+
Etag:
|
62
|
+
- W/"ef-wqcMjWChK4ut5ZQqtU8qO89bfTU"
|
63
|
+
Via:
|
64
|
+
- 1.1 vegur
|
65
|
+
Cf-Cache-Status:
|
66
|
+
- DYNAMIC
|
67
|
+
Report-To:
|
68
|
+
- '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQMKZkYKfEuWDKP6gbTQAS9tfzZ9%2F%2Bre2CD6Fy1rRsuFC8Jz0dioXUQ8G95%2Bmrhlz4R6Tji1nCsXfNLiDCwFFmowX%2B%2BOf1HfeVgk10CkJcOUbBcTZ5%2BxoR6RnWaYwQrCBA%3D%3D"}],"group":"cf-nel","max_age":604800}'
|
69
|
+
Nel:
|
70
|
+
- '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
|
71
|
+
Server:
|
72
|
+
- cloudflare
|
73
|
+
Cf-Ray:
|
74
|
+
- 6f25a1f8b80430d4-SEA
|
75
|
+
Alt-Svc:
|
76
|
+
- h3=":443"; ma=86400, h3-29=":443"; ma=86400
|
77
|
+
body:
|
78
|
+
encoding: UTF-8
|
79
|
+
string: '{"object":"authentication_factor","id":"auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M","created_at":"2022-03-27T05:12:43.689Z","updated_at":"2022-03-27T05:12:43.689Z","type":"generic_otp","environment_id":"environment_01EQ1FTYTAZCVYSV4SYSRWRR3A"}'
|
80
|
+
http_version:
|
81
|
+
recorded_at: Sun, 27 Mar 2022 05:12:43 GMT
|
82
|
+
recorded_with: VCR 5.0.0
|