workos 2.3.0 → 2.5.1

data/spec/lib/workos/mfa_spec.rb

@@ -4,8 +4,8 @@
 describe WorkOS::MFA do
   it_behaves_like 'client'
 
-  describe 'enroll_factor valid requests' do
-    context 'enroll factor using valid generic argument' do
+  describe '.enroll_factor' do
+    context 'with valid generic argument' do
       it 'returns a valid factor object' do
         VCR.use_cassette 'mfa/enroll_factor_generic_valid' do
           factor = described_class.enroll_factor(
@@ -16,7 +16,7 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'enroll factor using valid totp arguments' do
+    context 'with valid totp arguments' do
       it 'returns a valid factor object' do
         VCR.use_cassette 'mfa/enroll_factor_totp_valid' do
           factor = described_class.enroll_factor(
@@ -29,7 +29,7 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'enroll factor using valid sms arguments' do
+    context 'with valid sms arguments' do
       it 'returns a valid factor object' do
         VCR.use_cassette 'mfa/enroll_factor_sms_valid' do
           factor = described_class.enroll_factor(
@@ -40,10 +40,8 @@ describe WorkOS::MFA do
         end
       end
     end
-  end
 
-  describe 'enroll_factor invalid responses' do
-    context 'enroll factor throws error if type is not sms or totp' do
+    context 'when type is not sms or totp' do
       it 'returns an error' do
         expect do
           described_class.enroll_factor(
@@ -57,7 +55,7 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'enroll factor throws error if type is not sms or totp' do
+    context 'when type is totp but missing arguments' do
       it 'returns an error' do
         expect do
           described_class.enroll_factor(
@@ -70,7 +68,7 @@ describe WorkOS::MFA do
         )
       end
     end
-    context 'enroll factor throws error if type sms and phone number is nil' do
+    context 'when type is sms and phone number is nil' do
       it 'returns an error' do
         expect do
           described_class.enroll_factor(
@@ -84,7 +82,7 @@ describe WorkOS::MFA do
     end
   end
 
-  describe 'challenge factor with valid request arguments' do
+  describe '.challenge_factor' do
     context 'challenge with totp' do
       it 'returns challenge factor object for totp' do
         VCR.use_cassette 'mfa/challenge_factor_totp_valid' do
@@ -118,9 +116,7 @@ describe WorkOS::MFA do
         end
       end
     end
-  end
 
-  describe 'challenge factor with invalid arguments' do
     context 'challenge with totp mssing authentication_factor_id' do
       it 'returns argument error' do
         expect do
@@ -133,48 +129,58 @@ describe WorkOS::MFA do
     end
   end
 
-  describe 'challenge factor with valid requests' do
-    context 'verify generic otp' do
-      it 'returns a true boolean if the challenge has not been verifed yet' do
-        VCR.use_cassette 'mfa/verify_factor_generic_valid' do
-          verify_factor = described_class.verify_factor(
+  describe '.verify_factor' do
+    it 'throws a warning' do
+      expect do
+        VCR.use_cassette 'mfa/verify_challenge_generic_valid' do
+          described_class.verify_factor(
             authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
             code: '897792',
           )
-          expect(verify_factor.valid == 'true')
         end
-      end
+      end.to output("[DEPRECATION] `verify_factor` is deprecated. Please use `verify_challenge` instead.\n").to_stderr
     end
 
-    context 'verify generic otp invalid response' do
-      it 'returns a true boolean if the challenge has not been verifed yet' do
-        VCR.use_cassette 'mfa/verify_factor_generic_valid_is_false' do
-          verify_factor = described_class.verify_factor(
-            authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
-            code: '897792',
-          )
-          expect(verify_factor.valid == 'false')
-        end
+    it 'calls verify_challenge' do
+      VCR.use_cassette 'mfa/verify_challenge_generic_valid' do
+        verify_factor = described_class.verify_factor(
+          authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+          code: '897792',
+        )
+        expect(verify_factor.valid == 'true')
       end
     end
+  end
 
-    context 'verify generic otp' do
-      it 'returns error that the challenge has already been verfied' do
-        VCR.use_cassette 'mfa/verify_factor_generic_invalid' do
-          expect do
-            described_class.verify_factor(
+  describe '.verify_challenge' do
+    context 'with generic otp' do
+      context 'and the challenge has not been verified' do
+        it 'returns true if the code is correct' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_valid' do
+            verify_challenge = described_class.verify_challenge(
               authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
               code: '897792',
             )
-          end.to raise_error(WorkOS::InvalidRequestError)
+            expect(verify_challenge.valid == 'true')
+          end
+        end
+
+        it 'returns false if the code is incorrect' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_valid_is_false' do
+            verify_challenge = described_class.verify_challenge(
+              authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+              code: '897792',
+            )
+            expect(verify_challenge.valid == 'false')
+          end
         end
       end
 
-      context 'verify generic otp' do
-        it 'returns error that the challenge has expired' do
-          VCR.use_cassette 'mfa/verify_factor_generic_expired' do
+      context 'and the challenge has already been verified' do
+        it 'returns an error' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_invalid' do
             expect do
-              described_class.verify_factor(
+              described_class.verify_challenge(
                 authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
                 code: '897792',
               )
@@ -182,51 +188,62 @@ describe WorkOS::MFA do
           end
         end
       end
-    end
-  end
 
-  describe 'verify_factor with invalid argument' do
-    context 'missing code argument' do
-      it 'returns argument error' do
-        expect do
-          described_class.verify_factor(
-            authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+      context 'and the challenge has expired' do
+        it 'returns an error' do
+          VCR.use_cassette 'mfa/verify_challenge_generic_expired' do
+            expect do
+              described_class.verify_challenge(
+                authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+                code: '897792',
+              )
+            end.to raise_error(WorkOS::InvalidRequestError)
+          end
+        end
+      end
+
+      context 'with missing code argument' do
+        it 'returns an argument error' do
+          expect do
+            described_class.verify_challenge(
+              authentication_challenge_id: 'auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J',
+            )
+          end.to raise_error(
+            ArgumentError,
+            "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
           )
-        end.to raise_error(
-          ArgumentError,
-          "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
-        )
+        end
       end
-    end
 
-    context 'missing authentication_challenge_id argument' do
-      it 'returns and error' do
-        expect do
-          described_class.verify_factor(
-            code: '897792',
+      context 'with missing authentication_challenge_id argument' do
+        it 'returns an error' do
+          expect do
+            described_class.verify_challenge(
+              code: '897792',
+            )
+          end.to raise_error(
+            ArgumentError,
+            "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
           )
-        end.to raise_error(
-          ArgumentError,
-          "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
-        )
+        end
       end
-    end
 
-    context 'missing code and authentication_challenge_id arguments' do
-      it 'returns argument error' do
-        expect do
-          described_class.verify_factor
-        end.to raise_error(
-          ArgumentError,
-          "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
-        )
+      context 'with missing code and authentication_challenge_id arguments' do
+        it 'returns an argument error' do
+          expect do
+            described_class.verify_challenge
+          end.to raise_error(
+            ArgumentError,
+            "Incomplete arguments: 'authentication_challenge_id' and 'code' are required arguments",
+          )
+        end
       end
     end
   end
 
-  describe 'tests returning and deleting a factor' do
-    context 'returns a factor' do
-      it 'uses get_factor to return  factor' do
+  describe '.get_factor' do
+    context 'with a valid id' do
+      it 'returns a factor' do
         VCR.use_cassette 'mfa/get_factor_valid' do
           factor = described_class.get_factor(
             id: 'auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M',
@@ -236,8 +253,8 @@ describe WorkOS::MFA do
       end
     end
 
-    context 'invalid factor request' do
-      it 'uses get_factor and throws error if id is wrong' do
+    context 'with an invalid id' do
+      it 'returns an error' do
         VCR.use_cassette 'mfa/get_factor_invalid' do
           expect do
             described_class.get_factor(
@@ -247,7 +264,9 @@ describe WorkOS::MFA do
         end
       end
     end
+  end
 
+  describe '.delete_factor' do
     context 'deletes facotr' do
       it 'uses delete_factor to delete factor' do
         VCR.use_cassette 'mfa/delete_factor' do

data/spec/lib/workos/sso_spec.rb

@@ -330,7 +330,7 @@ describe WorkOS::SSO do
     let(:request_body) do
       {
         client_id: args[:client_id],
-        client_secret: WorkOS.key,
+        client_secret: WorkOS.config.key,
         code: args[:code],
         grant_type: 'authorization_code',
       }

data/spec/spec_helper.rb

@@ -25,7 +25,7 @@ SPEC_ROOT = File.dirname __FILE__
 
 VCR.configure do |config|
   config.cassette_library_dir = 'spec/support/fixtures/vcr_cassettes'
-  config.filter_sensitive_data('<API_KEY>') { WorkOS.key }
+  config.filter_sensitive_data('<API_KEY>') { WorkOS.config.key }
   config.hook_into :webmock
 end
 
@@ -51,6 +51,6 @@ RSpec.configure do |config|
     end
   end)
 
-  config.before(:all) { WorkOS.key ||= '' }
+  config.before(:all) { WorkOS.config.key ||= '' }
   config.before(:each) { VCR.turn_on! }
 end

data/spec/support/fixtures/vcr_cassettes/directory_sync/get_group.yml

@@ -14,7 +14,7 @@ http_interactions:
       Accept:
       - "*/*"
       User-Agent:
-      - WorkOS; ruby/3.0.2; x86_64-darwin19; v2.1.1
+      - WorkOS; ruby/2.7.2; arm64-darwin21; v2.3.0
       Authorization:
       - Bearer <API_KEY>
   response:
@@ -23,7 +23,7 @@ http_interactions:
       message: OK
     headers:
       Date:
-      - Tue, 07 Jun 2022 22:28:37 GMT
+      - Thu, 14 Jul 2022 16:49:09 GMT
       Content-Type:
       - application/json; charset=utf-8
       Transfer-Encoding:
@@ -37,7 +37,7 @@ http_interactions:
         https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
         ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
       Etag:
-      - W/"244-4TugYfq6OLpdb2GYu9NN0Z83S0g"
+      - W/"277-8j8DgAIILf/mCF7LCmvrqcqdwK4"
       Expect-Ct:
       - max-age=0
       Referrer-Policy:
@@ -47,7 +47,7 @@ http_interactions:
       Vary:
       - Origin, Accept-Encoding
       Via:
-      - 1.1 spaces-router (664a92218d61)
+      - 1.1 spaces-router (b642bf20b975)
       X-Content-Type-Options:
       - nosniff
       X-Dns-Prefetch-Control:
@@ -59,24 +59,22 @@ http_interactions:
       X-Permitted-Cross-Domain-Policies:
       - none
       X-Request-Id:
-      - 4a7bfd77-da6c-b1ae-bc39-35a1c175ecf2
+      - 0f21c2f3-e24a-e3a2-85d3-41ee9e45b3e2
       X-Xss-Protection:
       - '0'
       Cf-Cache-Status:
       - DYNAMIC
       Report-To:
-      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nQ%2FpfKZE%2BT1W4WrbQGusRS%2FxZHEG7sB0Ps3PUXt4lmPSmC%2FZHLV6KW90D74Y9VQ0QT7q3OIF47yVIwX5fwPKOHMwcOYQv0eyKUrFYxKkNf6QALpJE7%2BVNSUBiEmv3cZ1zOXUFCiuMl2MYygsw%3D%3D"}],"group":"cf-nel","max_age":604800}'
+      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hnm%2BEiBTG2ROFxqX2mdwcp0HvQ173SgQlQDCmTmBQEbLv9w2dkcl2qMqYh44OSHRABBCkRfuJ2MtnHuqb6sQ5RjHRMKSCfRqklsOrgd%2FHo0PEE6mW0u%2BlZqBMIlN1BEp"}],"group":"cf-nel","max_age":604800}'
       Nel:
       - '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
       Server:
       - cloudflare
       Cf-Ray:
-      - 717cd26458fd671d-DFW
-      Alt-Svc:
-      - h3=":443"; ma=86400, h3-29=":443"; ma=86400
+      - 72abc002fbd9f039-EWR
     body:
       encoding: ASCII-8BIT
-      string: '{"object":"directory_group","id":"directory_group_01G2Z8D4ZR8RJ03Y1W7P9K8NMG","idp_id":"01jlao4614two3d","directory_id":"directory_01G2Z8ADK5NPMVTWF48MVVE4HT","name":"Sales","created_at":"2022-05-13T17:45:31.732Z","updated_at":"2022-06-07T17:45:35.739Z","raw_attributes":{"id":"01jlao4614two3d","etag":"\"DaDAXuEwpvygu_Ul-89tlT4iVJBEvO3LZpQ0lrbYRrc/uLYJ0Hrx1gXXVg9z-zGLBZET2Wo\"","kind":"admin#directory#group","name":"Sales","email":"sales@foo-corp.com","description":"","adminCreated":true,"directMembersCount":"1","nonEditableAliases":["sales@foo-corp.com.test-google-a.com"]}}'
-    http_version:
-  recorded_at: Tue, 07 Jun 2022 22:28:37 GMT
+      string: '{"object":"directory_group","id":"directory_group_01G2Z8D4ZR8RJ03Y1W7P9K8NMG","idp_id":"01jlao4614two3d","directory_id":"directory_01G2Z8ADK5NPMVTWF48MVVE4HT","organization_id":"org_01EGS4P7QR31EZ4YWD1Z1XA176","name":"Sales","created_at":"2022-05-13T17:45:31.732Z","updated_at":"2022-07-13T17:45:42.618Z","raw_attributes":{"id":"01jlao4614two3d","etag":"\"SEQQBYC70u6XQ2UUjmjNYw6b0a5EzY0mTMShjiZga8A/uLYJ0Hrx1gXXVg9z-zGLBZET2Wo\"","kind":"admin#directory#group","name":"Sales","email":"sales@foo-corp.com","description":"","adminCreated":true,"directMembersCount":"1","nonEditableAliases":["sales@foo-corp.com.test-google-a.com"]}}'
+    http_version: 
+  recorded_at: Thu, 14 Jul 2022 16:49:09 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/directory_sync/get_user.yml

@@ -14,7 +14,7 @@ http_interactions:
       Accept:
       - "*/*"
       User-Agent:
-      - WorkOS; ruby/3.0.1; x86_64-darwin19; v1.4.0
+      - WorkOS; ruby/2.7.2; arm64-darwin21; v2.3.0
       Authorization:
       - Bearer <API_KEY>
   response:
@@ -23,64 +23,61 @@ http_interactions:
       message: OK
     headers:
       Date:
-      - Mon, 09 Aug 2021 17:36:13 GMT
+      - Thu, 14 Jul 2022 16:46:23 GMT
       Content-Type:
       - application/json; charset=utf-8
-      Transfer-Encoding:
-      - chunked
+      Content-Length:
+      - '616'
       Connection:
       - keep-alive
-      Vary:
-      - Origin, Accept-Encoding
       Access-Control-Allow-Credentials:
       - 'true'
       Content-Security-Policy:
       - 'default-src ''self'';base-uri ''self'';block-all-mixed-content;font-src ''self''
         https: data:;frame-ancestors ''self'';img-src ''self'' data:;object-src ''none'';script-src
         ''self'';script-src-attr ''none'';style-src ''self'' https: ''unsafe-inline'';upgrade-insecure-requests'
-      X-Dns-Prefetch-Control:
-      - 'off'
+      Etag:
+      - W/"680-NPvBik348v8xg6EE7iZMYwD5UXw"
       Expect-Ct:
       - max-age=0
-      X-Frame-Options:
-      - SAMEORIGIN
+      Referrer-Policy:
+      - no-referrer
       Strict-Transport-Security:
       - max-age=15552000; includeSubDomains
-      X-Download-Options:
-      - noopen
+      Vary:
+      - Origin, Accept-Encoding
+      Via:
+      - 1.1 spaces-router (b642bf20b975)
       X-Content-Type-Options:
       - nosniff
+      X-Dns-Prefetch-Control:
+      - 'off'
+      X-Download-Options:
+      - noopen
+      X-Frame-Options:
+      - SAMEORIGIN
       X-Permitted-Cross-Domain-Policies:
       - none
-      Referrer-Policy:
-      - no-referrer
+      X-Request-Id:
+      - 51a82273-b413-cead-b968-c07ba4d6fd08
       X-Xss-Protection:
       - '0'
-      X-Request-Id:
-      - 59862449-73e5-4dfd-93ab-3764b1917801
-      Etag:
-      - W/"4c3-Ikxt2N0fUuSxCjv+RdYvW8W9Xwo"
-      Via:
-      - 1.1 vegur
       Cf-Cache-Status:
       - DYNAMIC
       Report-To:
-      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6%2FJ3BJ75VMwSOtfDQXjt%2FoL29FI%2Bv5VswhZzg6LVkOQi7nyI19Sks%2FkDGCDrSQ%2FMtyU6DI4OFWR9RB1I04IGdhehsY2oPGugIj%2BhHMiJdQEcE6vPAsuaF1HyVnXGvMgRYdurEW1Jr7rSYBWeA%3D%3D"}],"group":"cf-nel","max_age":604800}'
+      - '{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS7ELJ3A8tkzMafvaIThD%2B5JlYmul1puZlAXTxEKYBLlq%2B6DCtqDqAi4dtr4yRP3khNmg6MwPiuLqtdOXRmPOtag9Ti%2FGK8ra%2BJOlpwkFjD965CNBfzao4EJtExDkbS3"}],"group":"cf-nel","max_age":604800}'
       Nel:
       - '{"success_fraction":0,"report_to":"cf-nel","max_age":604800}'
       Server:
       - cloudflare
       Cf-Ray:
-      - 67c2bed0ebe6c7e6-DFW
-      Alt-Svc:
-      - h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443";
-        ma=86400
+      - 72abbbf2b93e8ca5-EWR
     body:
       encoding: ASCII-8BIT
-      string: '{"object":"directory_user","id":"directory_user_01FAZYNPC8M0HRYTKFP2GNX852","directory_id":"directory_01FAZYMST676QMTFN1DDJZZX87","idp_id":"6092c280a3f1e19ef6d8cef8","username":"logan@workos.com","emails":[{"primary":true,"value":"logan@workos.com"}],"first_name":"Logan","last_name":"Gingerich","state":"active","raw_attributes":{"id":"6092c280a3f1e19ef6d8cef8","name":"Logan
-        Paul Gingerich","teams":["5f696c8e9a63a60e965aaca8"],"spokeId":null,"lastName":"Gingerich","createdAt":"2021-05-05T16:06:24+0000","firstName":"Logan","updatedAt":"2021-07-19T19:17:52+0000","workEmail":"logan@workos.com","department":"Infra","departmentId":"5f27ada9a5e9bc0001a0ae4a"},"custom_attributes":{"department":"Infra"},"groups":[{"object":"directory_group","id":"directory_group_01FAZYNN1NZWMBRAXXDSTB5NFH","directory_id":"directory_01FAZYMST676QMTFN1DDJZZX87","name":"Department
-        - Infra","raw_attributes":{"id":"5f27ada9a5e9bc0001a0ae4a","name":"Infra","parent":"5f27ada9a5e9bc0001a0ae48"}},{"object":"directory_group","id":"directory_group_01FAZYNNQ4HQ6EBF29MPTH7VKB","directory_id":"directory_01FAZYMST676QMTFN1DDJZZX87","name":"Team
-        - Platform","raw_attributes":{"id":"5f696c8e9a63a60e965aaca8","name":"Platform","parent":null}}]}'
-    http_version:
-  recorded_at: Mon, 09 Aug 2021 17:36:13 GMT
+      string: '{"object":"directory_user","id":"directory_user_01FAZYNPC8M0HRYTKFP2GNX852","directory_id":"directory_01FAZYMST676QMTFN1DDJZZX87","organization_id":"org_01FAZWCWR03DVWA83NCJYKKD54","idp_id":"6092c280a3f1e19ef6d8cef8","username":"logan@workos.com","emails":[{"primary":true,"value":"logan@workos.com"}],"first_name":"Logan","last_name":"Gingerich","state":"active","raw_attributes":{"id":"6092c280a3f1e19ef6d8cef8","name":"Logan
+        Paul Gingerich","teams":["5f696c8e9a63a60e965aaca8"],"spokeId":null,"lastName":"Gingerich","createdAt":"2021-05-05T16:06:24+0000","firstName":"Logan","updatedAt":"2021-11-11T05:08:14+0000","workEmail":"logan@workos.com","department":"Infra","departmentId":"5f27ada9a5e9bc0001a0ae4a"},"custom_attributes":{},"created_at":"2021-07-19T17:57:57.268Z","updated_at":"2022-01-24T11:23:01.614Z","groups":[{"object":"directory_group","id":"directory_group_01FAZYNNQ4HQ6EBF29MPTH7VKB","idp_id":"5f696c8e9a63a60e965aaca8","directory_id":"directory_01FAZYMST676QMTFN1DDJZZX87","organization_id":"org_01FAZWCWR03DVWA83NCJYKKD54","name":"Team
+        - Platform","created_at":"2021-07-19T17:57:56.580Z","updated_at":"2022-01-24T11:23:01.333Z","raw_attributes":{"id":"5f696c8e9a63a60e965aaca8","name":"Platform","parent":null}},{"object":"directory_group","id":"directory_group_01FAZYNN1NZWMBRAXXDSTB5NFH","idp_id":"5f27ada9a5e9bc0001a0ae4a","directory_id":"directory_01FAZYMST676QMTFN1DDJZZX87","organization_id":"org_01FAZWCWR03DVWA83NCJYKKD54","name":"Department
+        - Infra","created_at":"2021-07-19T17:57:55.893Z","updated_at":"2022-01-24T11:23:01.333Z","raw_attributes":{"id":"5f27ada9a5e9bc0001a0ae4a","name":"Infra","parent":"5f27ada9a5e9bc0001a0ae48"}}]}'
+    http_version: 
+  recorded_at: Thu, 14 Jul 2022 16:46:23 GMT
 recorded_with: VCR 5.0.0

data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_generic_valid.yml

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/challenge
+    uri: https://api.workos.com/auth/factors/auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M/challenge
     body:
       encoding: UTF-8
-      string: '{"sms_template":null,"authentication_factor_id":"auth_factor_01FZ4WMXXA09XF6NK1XMKNWB3M"}'
+      string: '{"sms_template":null}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_sms_valid.yml

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/challenge
+    uri: https://api.workos.com/auth/factors/auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F/challenge
     body:
       encoding: UTF-8
-      string: '{"sms_template":"Your code is {{code}}","authentication_factor_id":"auth_factor_01FZ4TS14D1PHFNZ9GF6YD8M1F"}'
+      string: '{"sms_template":"Your code is {{code}}"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/challenge_factor_totp_valid.yml

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/challenge
+    uri: https://api.workos.com/auth/factors/auth_factor_01FZ4TS0MWPZR7GATS7KCXANQZ/challenge
     body:
       encoding: UTF-8
-      string: '{"sms_template":null,"authentication_factor_id":"auth_factor_01FZ4TS0MWPZR7GATS7KCXANQZ"}'
+      string: '{"sms_template":null}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_expired.yml → verify_challenge_generic_expired.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_invalid.yml → verify_challenge_generic_invalid.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_valid.yml → verify_challenge_generic_valid.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/fixtures/vcr_cassettes/mfa/{verify_factor_generic_valid_is_false.yml → verify_challenge_generic_valid_is_false.yml}

@@ -2,10 +2,10 @@
 http_interactions:
 - request:
     method: post
-    uri: https://api.workos.com/auth/factors/verify
+    uri: https://api.workos.com/auth/challenges/auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J/verify
     body:
       encoding: UTF-8
-      string: '{"authentication_challenge_id":"auth_challenge_01FZ4YVRBMXP5ZM0A7BP4AJ12J","code":"897792"}'
+      string: '{"code":"897792"}'
     headers:
       Content-Type:
       - application/json

data/spec/support/shared_examples/client_spec.rb

@@ -13,4 +13,18 @@ RSpec.shared_examples 'client' do
   it 'returns new instance' do
     expect(described_class.client.object_id).to_not eq described_class.client.object_id
   end
+
+  if RUBY_VERSION >= '2.6.0'
+    it 'sets the timeouts, including the write timeout' do
+      expect(described_class.client.open_timeout).to_not be_nil
+      expect(described_class.client.read_timeout).to_not be_nil
+      expect(described_class.client.write_timeout).to_not be_nil
+    end
+  else
+    it 'sets the open and read timeouts, but not the write timeout' do
+      expect(described_class.client.open_timeout).to_not be_nil
+      expect(described_class.client.read_timeout).to_not be_nil
+      expect(described_class.client.write_timeout).to be_nil
+    end
+  end
 end