workos 2.2.1 → 2.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 286a2f14af16bfc7b9c77e7938c2b8d7366f4a03f9fca4c7892f85f60562e433
-  data.tar.gz: 8970807084e7022beb9bb1523c270e645c340e42e452d7f0d7ea0d64958cf1ea
+  metadata.gz: 014f85386dcfba661f0a74ae427127257b953a2791b4667c72d9b1961237a93b
+  data.tar.gz: 7290ad0b22df3751f1183f5465d35f56828c4fd1b0e519c29c208138b67db3fe
 SHA512:
-  metadata.gz: e4d3af795ee51a5cb807fda2bdffc2217e0150ec2f4ffe51fb86daab6e376ecd240f03f1b204db2a72265ebc61d5a9c227a13924a262bb6cf7011ce9c87df177
-  data.tar.gz: a8977f9bff244978c9c1935e46a411e4e564a86ed51d7523780feab31212857771813190c523f64d5640f13b393ba5f5a3df3ced5729a7ad34df0cdfa3b6014e
+  metadata.gz: 766ef6dfba39dc072dab56a7fbfbcaa4484e39bbd444dc3c9148894e791b232689e7210a13f178442e595a67ac3c74aed64ee377ddad342f6105b2103513bbec
+  data.tar.gz: 759b73ee9afe91742acb8ee818d03bc397a6760d44f88dbfa3989439e4e396cacc2b71dd866ab90495bb7c1e2b430709987f09335a20b4a08b123aedfa1003d8

data/Gemfile.lock

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    workos (2.2.1)
+    workos (2.5.0)
       sorbet-runtime (~> 0.5)
 
 GEM
@@ -60,7 +60,7 @@ GEM
     simplecov_json_formatter (0.1.2)
     sorbet (0.5.6388)
       sorbet-static (= 0.5.6388)
-    sorbet-runtime (0.5.9944)
+    sorbet-runtime (0.5.10207)
     sorbet-static (0.5.6388-universal-darwin-14)
     sorbet-static (0.5.6388-universal-darwin-15)
     sorbet-static (0.5.6388-universal-darwin-16)

data/README.md

@@ -35,7 +35,10 @@ Or, you may set the key yourself, such as in an initializer in your application
 ```ruby
 # /config/initializers/workos.rb
 
-WorkOS.key = '[your api key]'
+WorkOS.configure do |config|
+  config.key = '[your api key]'
+  config.timeout = 120
+end
 ```
 
 ## SDK Versioning

data/lib/workos/audit_trail.rb

@@ -12,7 +12,6 @@ module WorkOS
   module AuditTrail
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Create an Audit Trail event.
@@ -65,6 +64,7 @@ module WorkOS
       # @option options [String] before Event ID to look before
       # @option options [String] after Event ID to look after
       # @option options [Integer] limit Number of Events to return
+      # @option options [String] order The order in which to paginate records
       # @option options [Array<String>] group List of Groups to filter for
       # @option options [Array<String>] action List of Actions to filter for
       # @option options [Array<String>] action_type List of Action Types to

data/lib/workos/challenge.rb

@@ -16,7 +16,7 @@ module WorkOS
       raw = parse_json(json)
       @id = T.let(raw.id, String)
       @object = T.let(raw.object, String)
-      @expires_at = raw.expires_at
+      @expires_at = T.let(raw.expires_at, String)
       @code = raw.code
       @authentication_factor_id = T.let(raw.authentication_factor_id, String)
       @created_at = T.let(raw.created_at, String)

data/lib/workos/client.rb

@@ -11,6 +11,9 @@ module WorkOS
     def client
       Net::HTTP.new(WorkOS::API_HOSTNAME, 443).tap do |http_client|
         http_client.use_ssl = true
+        http_client.open_timeout = WorkOS.config.timeout
+        http_client.read_timeout = WorkOS.config.timeout
+        http_client.write_timeout = WorkOS.config.timeout
       end
     end
 
@@ -20,7 +23,13 @@ module WorkOS
       ).returns(::T.untyped)
     end
     def execute_request(request:)
-      response = client.request(request)
+      begin
+        response = client.request(request)
+      rescue Net::OpenTimeout, Net::ReadTimeout, Net::WriteTimeout
+        raise TimeoutError.new(
+          message: 'API Timeout Error',
+        )
+      end
 
       http_status = response.code.to_i
       handle_error_response(response: response) if http_status >= 400
@@ -45,7 +54,7 @@ module WorkOS
         'Content-Type' => 'application/json',
       )
 
-      request['Authorization'] = "Bearer #{access_token || WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{access_token || WorkOS.config.key!}" if auth
       request['User-Agent'] = user_agent
       request
     end
@@ -61,7 +70,7 @@ module WorkOS
     def post_request(path:, auth: false, idempotency_key: nil, body: nil)
       request = Net::HTTP::Post.new(path, 'Content-Type' => 'application/json')
       request.body = body.to_json if body
-      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{WorkOS.config.key!}" if auth
       request['Idempotency-Key'] = idempotency_key if idempotency_key
       request['User-Agent'] = user_agent
       request
@@ -83,7 +92,7 @@ module WorkOS
         'Content-Type' => 'application/json',
       )
 
-      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{WorkOS.config.key!}" if auth
       request['User-Agent'] = user_agent
       request
     end
@@ -99,7 +108,7 @@ module WorkOS
     def put_request(path:, auth: false, idempotency_key: nil, body: nil)
       request = Net::HTTP::Put.new(path, 'Content-Type' => 'application/json')
       request.body = body.to_json if body
-      request['Authorization'] = "Bearer #{WorkOS.key!}" if auth
+      request['Authorization'] = "Bearer #{WorkOS.config.key!}" if auth
       request['Idempotency-Key'] = idempotency_key if idempotency_key
       request['User-Agent'] = user_agent
       request

data/lib/workos/configuration.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+# typed: true
+
+module WorkOS
+  # Configuration class sets config initializer
+  class Configuration
+    attr_accessor :timeout, :key
+
+    def initialize
+      @timeout = 60
+    end
+
+    def key!
+      key or raise '`WorkOS.config.key` not set'
+    end
+  end
+end

data/lib/workos/directory_group.rb

@@ -9,22 +9,37 @@ module WorkOS
     include HashProvider
     extend T::Sig
 
-    attr_accessor :id, :name, :custom_attributes, :raw_attributes
+    attr_accessor :id, :directory_id, :idp_id, :name, :created_at, :updated_at,
+                  :raw_attributes, :organization_id
 
+    # rubocop:disable Metrics/AbcSize
     sig { params(json: String).void }
     def initialize(json)
       raw = parse_json(json)
 
       @id = T.let(raw.id, String)
+      @directory_id = T.let(raw.directory_id, String)
+      @organization_id = raw.organization_id
+      @idp_id = T.let(raw.idp_id, String)
       @name = T.let(raw.name, String)
+      @created_at = T.let(raw.created_at, String)
+      @updated_at = T.let(raw.updated_at, String)
+      @raw_attributes = raw.raw_attributes
 
       replace_without_warning(to_json)
     end
+    # rubocop:enable Metrics/AbcSize
 
     def to_json(*)
       {
         id: id,
+        directory_id: directory_id,
+        organization_id: organization_id,
+        idp_id: idp_id,
         name: name,
+        created_at: created_at,
+        updated_at: updated_at,
+        raw_attributes: raw_attributes,
       }
     end
 
@@ -40,7 +55,13 @@ module WorkOS
 
       WorkOS::Types::DirectoryGroupStruct.new(
         id: hash[:id],
+        directory_id: hash[:directory_id],
+        organization_id: hash[:organization_id],
+        idp_id: hash[:idp_id],
         name: hash[:name],
+        created_at: hash[:created_at],
+        updated_at: hash[:updated_at],
+        raw_attributes: hash[:raw_attributes],
       )
     end
   end

data/lib/workos/directory_sync.rb

@@ -12,7 +12,6 @@ module WorkOS
   module DirectorySync
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Retrieve directories.
@@ -22,6 +21,7 @@ module WorkOS
       #  retrieved.
       # @option options [String] search A search term for direcory names.
       # @option options [String] limit Maximum number of records to return.
+      # @option options [String] order The order in which to paginate records
       # @option options [String] before Pagination cursor to receive records
       #  before a provided Directory ID.
       # @option options [String] after Pagination cursor to receive records
@@ -91,6 +91,7 @@ module WorkOS
       # @option options [String] user The ID of the directory user whose
       #  directory groups will be retrieved.
       # @option options [String] limit Maximum number of records to return.
+      # @option options [String] order The order in which to paginate records
       # @option options [String] before Pagination cursor to receive records
       #  before a provided Directory Group ID.
       # @option options [String] after Pagination cursor to receive records
@@ -130,6 +131,7 @@ module WorkOS
       # @option options [String] user The ID of the directory group whose
       #  directory users will be retrieved.
       # @option options [String] limit Maximum number of records to return.
+      # @option options [String] order The order in which to paginate records
       # @option options [String] before Pagination cursor to receive records
       #  before a provided Directory User ID.
       # @option options [String] after Pagination cursor to receive records

data/lib/workos/directory_user.rb

@@ -10,7 +10,7 @@ module WorkOS
     extend T::Sig
 
     attr_accessor :id, :idp_id, :emails, :first_name, :last_name, :username, :state,
-                  :groups, :custom_attributes, :raw_attributes
+                  :groups, :custom_attributes, :raw_attributes, :directory_id, :organization_id
 
     # rubocop:disable Metrics/AbcSize
     sig { params(json: String).void }
@@ -18,6 +18,8 @@ module WorkOS
       raw = parse_json(json)
 
       @id = T.let(raw.id, String)
+      @directory_id = T.let(raw.directory_id, String)
+      @organization_id = raw.organization_id
       @idp_id = T.let(raw.idp_id, String)
       @emails = T.let(raw.emails, Array)
       @first_name = raw.first_name
@@ -35,6 +37,8 @@ module WorkOS
     def to_json(*)
       {
         id: id,
+        directory_id: directory_id,
+        organization_id: organization_id,
         idp_id: idp_id,
         emails: emails,
         first_name: first_name,
@@ -47,6 +51,11 @@ module WorkOS
       }
     end
 
+    def primary_email
+      primary_email = (emails || []).find { |email| email[:primary] }
+      return primary_email[:value] if primary_email
+    end
+
     private
 
     sig do
@@ -59,6 +68,8 @@ module WorkOS
 
       WorkOS::Types::DirectoryUserStruct.new(
         id: hash[:id],
+        directory_id: hash[:directory_id],
+        organization_id: hash[:organization_id],
         idp_id: hash[:idp_id],
         emails: hash[:emails],
         first_name: hash[:first_name],

data/lib/workos/errors.rb

@@ -61,4 +61,7 @@ module WorkOS
   # SignatureVerificationError is raised when the signature verification for a
   # webhook fails
   class SignatureVerificationError < WorkOSError; end
+
+  # TimeoutError is raised when the HTTP request to the API times out
+  class TimeoutError < WorkOSError; end
 end

data/lib/workos/factor.rb

@@ -7,15 +7,13 @@ module WorkOS
   # in DirectoryUser space, and is instantiated internally but exposed.
   class Factor
     include HashProvider
-    # rubocop:disable Metrics/AbcSize
     extend T::Sig
-    attr_accessor :id, :environment_id, :object, :type, :sms, :totp, :updated_at, :created_at
+    attr_accessor :id, :object, :type, :sms, :totp, :updated_at, :created_at
 
     sig { params(json: String).void }
     def initialize(json)
       raw = parse_json(json)
       @id = T.let(raw.id, String)
-      @environment_id = T.let(raw.environment_id, String)
       @object = T.let(raw.object, String)
       @type = T.let(raw.type, String)
       @created_at = T.let(raw.created_at, String)
@@ -27,7 +25,6 @@ module WorkOS
     def to_json(*)
       {
         id: id,
-        environment_id: environment_id,
         object: object,
         type: type,
         totp: totp,
@@ -45,7 +42,6 @@ module WorkOS
 
       WorkOS::Types::FactorStruct.new(
         id: hash[:id],
-        environment_id: hash[:environment_id],
         object: hash[:object],
         type: hash[:type],
         totp: hash[:totp],
@@ -54,6 +50,5 @@ module WorkOS
         updated_at: hash[:updated_at],
       )
     end
-    # rubocop:enable Metrics/AbcSize
   end
 end

data/lib/workos/mfa.rb

@@ -11,7 +11,6 @@ module WorkOS
   module MFA
     class << self
       extend T::Sig
-      include Base
       include Client
       sig { params(id: String).returns(T::Boolean) }
       def delete_factor(id:)
@@ -122,9 +121,8 @@ module WorkOS
           auth: true,
           body: {
             sms_template: sms_template,
-            authentication_factor_id: authentication_factor_id,
           },
-          path: '/auth/factors/challenge',
+          path: "/auth/factors/#{authentication_factor_id}/challenge",
         )
 
         response = execute_request(request: request)
@@ -135,30 +133,47 @@ module WorkOS
         params(
           authentication_challenge_id: T.nilable(String),
           code: T.nilable(String),
-        ).returns(WorkOS::VerifyFactor)
+        ).returns(WorkOS::VerifyChallenge)
       end
       def verify_factor(
         authentication_challenge_id: nil,
         code: nil
       )
+        warn '[DEPRECATION] `verify_factor` is deprecated. Please use `verify_challenge` instead.'
+
+        verify_challenge(
+          authentication_challenge_id: authentication_challenge_id,
+          code: code,
+        )
+      end
+
+      sig do
+        params(
+          authentication_challenge_id: T.nilable(String),
+          code: T.nilable(String),
+        ).returns(WorkOS::VerifyChallenge)
+      end
+      def verify_challenge(
+        authentication_challenge_id: nil,
+        code: nil
+      )
 
         if authentication_challenge_id.nil? || code.nil?
           raise ArgumentError, "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments"
         end
 
         options = {
-          "authentication_challenge_id": authentication_challenge_id,
           "code": code,
         }
 
         response = execute_request(
           request: post_request(
-            path: '/auth/factors/verify',
+            path: "/auth/challenges/#{authentication_challenge_id}/verify",
             auth: true,
             body: options,
           ),
         )
-        WorkOS::VerifyFactor.new(response.body)
+        WorkOS::VerifyChallenge.new(response.body)
       end
     end
   end

data/lib/workos/organizations.rb

@@ -8,7 +8,6 @@ module WorkOS
   module Organizations
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Retrieve a list of organizations that have connections configured
@@ -21,6 +20,7 @@ module WorkOS
       # @param [String] after A pagination argument used to request
       #  organizations after the provided Organization ID.
       # @param [Integer] limit A pagination argument used to limit the number
+      # @param [String] order The order in which to paginate records
       #  of listed Organizations that are returned.
       sig do
         params(

data/lib/workos/passwordless.rb

@@ -12,7 +12,6 @@ module WorkOS
   module Passwordless
     class << self
       extend T::Sig
-      include Base
       include Client
 
       # Create a Passwordless Session.

data/lib/workos/portal.rb

@@ -9,7 +9,6 @@ module WorkOS
   module Portal
     class << self
       extend T::Sig
-      include Base
       include Client
 
       GENERATE_LINK_INTENTS = WorkOS::Types::Intent.values.map(&:serialize).

data/lib/workos/sso.rb

@@ -13,7 +13,6 @@ module WorkOS
   module SSO
     class << self
       extend T::Sig
-      include Base
       include Client
 
       PROVIDERS = WorkOS::Types::Provider.values.map(&:serialize).freeze
@@ -142,7 +141,7 @@ module WorkOS
       def profile_and_token(code:, client_id: nil)
         body = {
           client_id: client_id,
-          client_secret: WorkOS.key!,
+          client_secret: WorkOS.config.key!,
           grant_type: 'authorization_code',
           code: code,
         }
@@ -163,6 +162,7 @@ module WorkOS
       # @option options [String] organization_id The id of the organization
       #  of the connections to be retrieved.
       # @option options [String] limit Maximum number of records to return.
+      # @option options [String] order The order in which to paginate records
       # @option options [String] before Pagination cursor to receive records
       #  before a provided Connection ID.
       # @option options [String] after Pagination cursor to receive records

data/lib/workos/types/challenge_struct.rb

@@ -8,7 +8,7 @@ module WorkOS
     class ChallengeStruct < T::Struct
       const :id, String
       const :object, String
-      const :expires_at, T.nilable(String)
+      const :expires_at, String
       const :code, T.nilable(String)
       const :authentication_factor_id, String
       const :created_at, String

data/lib/workos/types/directory_group_struct.rb

@@ -7,7 +7,13 @@ module WorkOS
     # for the DirectoryGroup class
     class DirectoryGroupStruct < T::Struct
       const :id, String
+      const :directory_id, String
+      const :organization_id, T.nilable(String)
+      const :idp_id, String
       const :name, String
+      const :created_at, String
+      const :updated_at, String
+      const :raw_attributes, T::Hash[Symbol, Object]
     end
   end
 end

data/lib/workos/types/directory_user_struct.rb

@@ -7,6 +7,8 @@ module WorkOS
     # for the DirectoryUser class
     class DirectoryUserStruct < T::Struct
       const :id, String
+      const :directory_id, String
+      const :organization_id, T.nilable(String)
       const :idp_id, String
       const :emails, T::Array[T.untyped]
       const :first_name, T.nilable(String)

data/lib/workos/types/factor_struct.rb

@@ -7,7 +7,6 @@ module WorkOS
     # for the Factor class
     class FactorStruct < T::Struct
       const :id, String
-      const :environment_id, String
       const :object, String
       const :type, String
       const :totp, T.nilable(T::Hash[Symbol, Object])

data/lib/workos/types/{verify_factor_struct.rb → verify_challenge_struct.rb}

@@ -3,9 +3,9 @@
 
 module WorkOS
   module Types
-    # This VerifyFactorStruct acts as a typed interface
-    # for the Factor class
-    class VerifyFactorStruct < T::Struct
+    # This VerifyChallengeStruct acts as a typed interface
+    # for the VerifyChallenge class
+    class VerifyChallengeStruct < T::Struct
       const :challenge, T.nilable(T::Hash[Symbol, Object])
       const :valid, T::Boolean
     end

data/lib/workos/types.rb

@@ -18,6 +18,6 @@ module WorkOS
     require_relative 'types/webhook_struct'
     require_relative 'types/factor_struct'
     require_relative 'types/challenge_struct'
-    require_relative 'types/verify_factor_struct'
+    require_relative 'types/verify_challenge_struct'
   end
 end

data/lib/workos/{verify_factor.rb → verify_challenge.rb}

@@ -2,10 +2,9 @@
 # typed: false
 
 module WorkOS
-  # The VerifyFactor class provides a lightweight wrapper around
-  # a WorkOS DirectoryUser resource. This class is not meant to be instantiated
-  # in DirectoryUser space, and is instantiated internally but exposed.
-  class VerifyFactor
+  # The VerifyChallenge class provides a lightweight wrapper around
+  # a WorkOS Authentication Challenge resource.
+  class VerifyChallenge
     include HashProvider
     extend T::Sig
 
@@ -27,11 +26,11 @@ module WorkOS
 
     private
 
-    sig { params(json_string: String).returns(WorkOS::Types::VerifyFactorStruct) }
+    sig { params(json_string: String).returns(WorkOS::Types::VerifyChallengeStruct) }
     def parse_json(json_string)
       hash = JSON.parse(json_string, symbolize_names: true)
 
-      WorkOS::Types::VerifyFactorStruct.new(
+      WorkOS::Types::VerifyChallengeStruct.new(
         challenge: hash[:challenge],
         valid: hash[:valid],
       )

data/lib/workos/version.rb

@@ -2,5 +2,5 @@
 # typed: strong
 
 module WorkOS
-  VERSION = '2.2.1'
+  VERSION = '2.5.0'
 end

data/lib/workos.rb

@@ -5,6 +5,7 @@ require 'workos/version'
 require 'sorbet-runtime'
 require 'json'
 require 'workos/hash_provider'
+require 'workos/configuration'
 
 # Use the WorkOS module to authenticate your
 # requests to the WorkOS API. The gem will read
@@ -16,20 +17,28 @@ module WorkOS
   API_HOSTNAME = ENV['WORKOS_API_HOSTNAME'] || 'api.workos.com'
 
   def self.key=(value)
-    Base.key = value
+    warn '`WorkOS.key=` is deprecated. Use `WorkOS.configure` instead.'
+
+    config.key = value
   end
 
   def self.key
-    Base.key
+    warn '`WorkOS.key` is deprecated. Use `WorkOS.configure` instead.'
+
+    config.key
+  end
+
+  def self.config
+    @config ||= Configuration.new
   end
 
-  def self.key!
-    key || raise('WorkOS.key not set')
+  def self.configure
+    yield(config)
   end
 
   autoload :Types, 'workos/types'
-  autoload :Base, 'workos/base'
   autoload :Client, 'workos/client'
+  autoload :Configuration, 'workos/configuration'
   autoload :AuditTrail, 'workos/audit_trail'
   autoload :Connection, 'workos/connection'
   autoload :DirectorySync, 'workos/directory_sync'
@@ -48,7 +57,7 @@ module WorkOS
   autoload :MFA, 'workos/mfa'
   autoload :Factor, 'workos/factor'
   autoload :Challenge, 'workos/challenge'
-  autoload :VerifyFactor, 'workos/verify_factor'
+  autoload :VerifyChallenge, 'workos/verify_challenge'
   autoload :DeprecatedHashWrapper, 'workos/deprecated_hash_wrapper'
 
 
@@ -57,9 +66,10 @@ module WorkOS
   autoload :AuthenticationError, 'workos/errors'
   autoload :InvalidRequestError, 'workos/errors'
   autoload :SignatureVerificationError, 'workos/errors'
+  autoload :TimeoutError, 'workos/errors'
 
   # Remove WORKOS_KEY at some point in the future. Keeping it here now for
   # backwards compatibility.
   key = ENV['WORKOS_API_KEY'] || ENV['WORKOS_KEY']
-  WorkOS.key = key unless key.nil?
+  config.key = key unless key.nil?
 end